Blog | cybernotes.uk

Pico CTF - Obedient Cat

January 16, 2025 · One min read

Cyber Security Specialist

Pico CTF

Download the file and use the following command in the terminal.

cat flag;

Pico CTF - Nice Netcat

January 15, 2025 · One min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

Run the following command.

nc mercury.picoctf.net 35652

returns an output of numbers in decimal format. We have to create a python script in order to convert from this decimal output to ASCII text.

First save the output to a file named flag.txt

nc mercury.picoctf.net 35652 > flag.txt

Pico CTF - Moneyware

January 14, 2025 · One min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

We need to find the malware name for a bitcoin address. Bitcoin address is the following.

1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX

Just search for 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX malware and you will be able to find the flag. Here is a hint...

picoCTF[P...a]

Pico CTF - Magikarp Ground Mission

January 13, 2025 · 3 min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

In this ctf, we will learn about SSH, ls and cat. If you know nothing about these terms, do not worry, we will cover them right now.

You can always use the following commands to learn more about them in the terminal.

man ssh

man ls

In a short, ssh is a program that has the purpose of logging into a remote machine and executes commands that the user wants.

Pico CTF - Hashing Job App

January 12, 2025 · One min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

First, open up the terminal and using the following command initiate a connection with the server.

nc saturn.picoctf.net 57689

You have to md5 hash the presented text between quotes. To do that, you can apply this command.

echo -n "cholesterol" | md5sum

Pico CTF - Glitch Cat

January 11, 2025 · One min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

Open up the terminal and type the following command.

nc saturn.picoctf.net 51109

You will get an output. Copy that output and open up a terminal and type the following command.

python3
print('picoCTF{gl17ch_m3_n07_' + chr(0x62) + chr(0x64) + chr(0x61) + chr(0x36) + chr(0x38) + chr(0x66) + chr(0x37) + chr(0x35) + '}')

Pico CTF - Fix Me 2

January 10, 2025 · 2 min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

Download the fixme2.py file, open it in an editor and change it to the following.

import random

def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])

flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x58) + chr(0x18) + chr(0x11) + chr(0x41) + chr(0x09) + chr(0x5f) + chr(0x1f) + chr(0x10) + chr(0x3b) + chr(0x1b) + chr(0x55) + chr(0x1a) + chr(0x34) + chr(0x5d) + chr(0x51) + chr(0x40) + chr(0x54) + chr(0x09) + chr(0x05) + chr(0x04) + chr(0x57) + chr(0x1b) + chr(0x11) + chr(0x31) + chr(0x0e) + chr(0x51) + chr(0x5c) + chr(0x44) + chr(0x51) + chr(0x0a) + chr(0x5b) + chr(0x5a) + chr(0x19)

flag = str_xor(flag_enc, 'enkidu')

# Check that flag is not empty
if flag == "":
  print('String XOR encountered a problem, quitting.')
else:
  print('That is correct! Here\'s your flag: ' + flag)

Pico CTF - Fix Me 1

January 9, 2025 · 2 min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

Download the fixme1.py file, open it in an editor and change it to the following.

import random

def str_xor(secret, key):
    #extend key to secret length
    new_key = key
    i = 0
    while len(new_key) < len(secret):
        new_key = new_key + key[i]
        i = (i + 1) % len(key)        
    return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])

flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5a) + chr(0x07) + chr(0x00) + chr(0x46) + chr(0x0b) + chr(0x1a) + chr(0x5a) + chr(0x1d) + chr(0x1d) + chr(0x2a) + chr(0x06) + chr(0x1c) + chr(0x5a) + chr(0x5c) + chr(0x55) + chr(0x40) + chr(0x3a) + chr(0x5f) + chr(0x53) + chr(0x5b) + chr(0x57) + chr(0x41) + chr(0x57) + chr(0x08) + chr(0x5c) + chr(0x14)
  
flag = str_xor(flag_enc, 'enkidu')
print('That is correct! Here\'s your flag: ' + flag)

Pico CTF - First Grep

January 8, 2025 · One min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

First, download the file. Then navigate to the destination of the file and in terminal type the following command.

grep 'picoCTF' file

The command grep 'picoCTF' just searches through the file and prints the string that contains picoCTF.

Pico CTF - First Find

January 7, 2025 · 2 min read

Marios Daskalas

Cyber Security Specialist

Pico CTF

First use wget to download the files.zip

wget https://artifacts.picoctf.net/c/500/files.zip

Extract the file using zip.

unzip -u files.zip