General skills challenges from picoCTF 2019
- Lets Warm Up
- Warmed Up
- 2Warm
- what’s a net cat?
- strings it
- Bases
- First Grep
- Based
- plumbing
- mus1c
- flag_shop
- 1_wanna_b3_a_r0ck5tar
Lets-Warm-Up
Use an online decoder: https://www.dcode.fr/ascii-code
Flag: picoCTF{p}
Warmed-Up
Use an online decoder: https://www.dcode.fr/ascii-code
Encode = to decimal (base 10):
Flag: picoCTF{61}
2Warm
Use an online decoder: https://www.dcode.fr/ascii-code
Encode * to binary (base 2):
Flag: picoCTF{101010}
what’s-a-net-cat?
nc jupiter.challenges.picoctf.org 25103
Flag: picoCTF{nEtCat_Mast3ry_d0c64587}
strings-it
Flag: picoCTF{5tRIng5_1T_d66c7bb7}
Bases
Use an online decoder: https://www.dcode.fr/base-64-encoding
Flag: picoCTF{l3arn_th3_r0p35}
First-Grep
Flag: picoCTF{grep_is_good_to_find_things_f77e0797}
Based
Use an online decoder: https://www.dcode.fr/ascii-code
Flag: picoCTF{learning_about_converting_values_02167de8}
plumbing
Connecting using netcat shows many lines of output:
Use grep:
Flag: picoCTF{digital_plumb3r_ea8bfec7}
mus1c
Pico's a CTFFFFFFF
my mind is waitin
It's waitin
Put my mind of Pico into This
my flag is not found
put This into my flag
put my flag into Pico
shout Pico
shout Pico
shout Pico
My song's something
put Pico into This
Knock This down, down, down
put This into CTF
shout CTF
my lyric is nothing
Put This without my song into my lyric
Knock my lyric down, down, down
shout my lyric
Put my lyric into This
Put my song with This into my lyric
Knock my lyric down
shout my lyric
Build my lyric up, up ,up
shout my lyric
shout Pico
shout It
Pico CTF is fun
security is important
Fun is fun
Put security with fun into Pico CTF
Build Fun up
shout fun times Pico CTF
put fun times Pico CTF into my song
build it up
shout it
shout it
build it up, up
shout it
shout Pico
From the hint: Do you think you can master rockstar?, I looked for a rockstar decoder: https://codewithrockstar.com/online
Came out with some numbers, use an online decoder: https://www.dcode.fr/ascii-code
Flag: picoCTF{rrrocknrn0113r}
flag_shop
#include <stdio.h>
#include <stdlib.h>
int main()
{
setbuf(stdout, NULL);
int con;
con = 0;
int account_balance = 1100;
while(con == 0){
printf("Welcome to the flag exchange\n");
printf("We sell flags\n");
printf("\n1. Check Account Balance\n");
printf("\n2. Buy Flags\n");
printf("\n3. Exit\n");
int menu;
printf("\n Enter a menu selection\n");
fflush(stdin);
scanf("%d", &menu);
if(menu == 1){
printf("\n\n\n Balance: %d \n\n\n", account_balance);
}
else if(menu == 2){
printf("Currently for sale\n");
printf("1. Defintely not the flag Flag\n");
printf("2. 1337 Flag\n");
int auction_choice;
fflush(stdin);
scanf("%d", &auction_choice);
if(auction_choice == 1){
printf("These knockoff Flags cost 900 each, enter desired quantity\n");
int number_flags = 0;
fflush(stdin);
scanf("%d", &number_flags);
if(number_flags > 0){
int total_cost = 0;
total_cost = 900*number_flags;
printf("\nThe final cost is: %d\n", total_cost);
if(total_cost <= account_balance){
account_balance = account_balance - total_cost;
printf("\nYour current balance after transaction: %d\n\n", account_balance);
}
else{
printf("Not enough funds to complete purchase\n");
}
}
}
else if(auction_choice == 2){
printf("1337 flags cost 100000 dollars, and we only have 1 in stock\n");
printf("Enter 1 to buy one");
int bid = 0;
fflush(stdin);
scanf("%d", &bid);
if(bid == 1){
if(account_balance > 100000){
FILE *f = fopen("flag.txt", "r");
if(f == NULL){
printf("flag not found: please run this on the server\n");
exit(0);
}
char buf[64];
fgets(buf, 63, f);
printf("YOUR FLAG IS: %s\n", buf);
}
else{
printf("\nNot enough funds for transaction\n\n\n");
}}
}
}
else{
con = 1;
}
}
return 0;
}
It seams that there is an integer overflow. Pass an auction value of lesser than 2147483647, for example, I gave it 2147483000.
Flag: picoCTF{m0n3y_bag5_68d16363}
1_wanna_b3_a_r0ck5tar
Rocknroll is right
Silence is wrong
A guitar is a six-string
Tommy's been down
Music is a billboard-burning razzmatazz!
Listen to the music
If the music is a guitar
Say "Keep on rocking!"
Listen to the rhythm
If the rhythm without Music is nothing
Tommy is rockin guitar
Shout Tommy!
Music is amazing sensation
Jamming is awesome presence
Scream Music!
Scream Jamming!
Tommy is playing rock
Scream Tommy!
They are dazzled audiences
Shout it!
Rock is electric heaven
Scream it!
Tommy is jukebox god
Say it!
Break it down
Shout "Bring on the rock!"
Else Whisper "That ain't it, Chief"
Break it down
Going to https://web.archive.org/web/20190522020843/https://codewithrockstar.com/online asks us for input, so I used a python transpiler: https://github.com/yyyyyyyan/rockstar-py to make into python.
Rocknroll = True
Silence = False
a_guitar = 136
Tommy = 44
Music = 1970
the_music = input()
if int(the_music) == a_guitar:
print("Keep on rocking!")
the_rhythm = input()
if int(the_rhythm) - Music == 0:
Tommy = 66
print(Tommy)
Music = 79
Jamming = 78
print(Music)
print(Jamming)
Tommy = 74
print(Tommy)
#They are dazzled audiences
print(it)
Rock = 86
print(it)
Tommy = 73
print(it)
#break
print("Bring on the rock!")
else:
print("That ain't it, Chief")
#break
Looking at it, input 136, then 1970:
Use an online decoder: https://www.dcode.fr/ascii-code
Flag: picoCTF{BONJOVI}