題敘:
If I told you your grade was 0x41 in hexadecimal, what would it be in ASCII?
解法:
輸出:
flag:
題敘:
Can you convert the number 27 (base 10) to binary (base 2)?
解法:
輸出:
flag:
題敘:
What is 0x3D (base 16) in decimal (base 10).
解法:
輸出:
flag:
題敘:
During your adventure, you will likely encounter a situation where you need to process data that you receive over the network rather than through a file. Can you find a way to save the output from this program and search for the flag? Connect with 2018shell.picoctf.com 44310.
解法:
nc上後會噴一堆字串,可以使用pipe(|)來過濾
flag:
題敘:
We put together a bunch of resources to help you out on our website! If you go over there, you might even find a flag! https://picoctf.com/resources (link)
解法:
網站裡面直接有flag了
flag:
題敘:
Can you find the flag in file? This would be really obnoxious to look through by hand, see if you can find a faster way. You can also find the file in /problems/grep-1_2_ee2b29d2f2b29c65db957609a3543418 on the shell server.
解法:
輸出:
flag:
題敘:
Using netcat (nc) will be a necessity throughout your adventure. Can you connect to 2018shell.picoctf.com at port 49387 to get the flag?
解法:
nc連上之後就會得到flag
flag:
題敘:
Can you find the flag in this file without actually running it? You can also find the file in /problems/strings_0_bf57524acf558aca2081eb97ece8e2ee on the shell server.
解法:
輸出:
flag:
題敘:
This one is a little bit harder. Can you find the flag in /problems/grep-2_1_ef31faa711ad74321a7467978cb0ef3a/files on the shell server? Remember, grep is your friend.
解法:
這題需要到網站上提供的shell
cd到/problems/grep-2_1_ef31faa711ad74321a7467978cb0ef3a/files
你會看到很多資料夾
使用*
選取所有可選檔案
使用-r
讓它遞迴至所有資料夾
輸出:
flag:
題敘:
Throughout your journey you will have to run many programs. Can you navigate to /problems/reversing-warmup-1_0_f99f89de33522c93964bdec49fb2b838 on the shell server and run this program to retreive the flag?
解法:
輸出:
flag:
題敘:
Can you decode the following string dGg0dF93NHNfczFtcEwz from base64 format to ASCII?
解法:
輸出:
flag
題敘:
Crpyto can often be done by hand, here's a message you got from a friend, llkjmlmpadkkc
with the key of thisisalilkey
. Can you use this table to solve it?.
解法:
flag:
題敘:
Cryptography doesn't have to be complicated, have you ever heard of something called rot13? cvpbPGS{guvf_vf_pelcgb!}
解法:
輸出:
題敘:
Okay, so we found some important looking files on a linux computer. Maybe they can be used to get a password to the process. Connect with nc 2018shell.picoctf.com 42165. Files can be found here: passwd shadow
解法:
使用工具John the Ripper來暴力破解
得到password後再nc上去輸入root和剛剛得到的密碼即可獲得flag
flag
題敘:
This is one of the older ciphers in the books, can you decrypt the message? You can find the ciphertext in /problems/caesar-cipher-1_3_160978e2a142244574bd048623dba1ed on the shell server.
解法:
Caesar cipher tool
flag:
題敘:
Can you unzip this file for me and retreive the flag?
解法:
flag:
題敘:
Hmm for some reason I can't open this [PNG](Hmm for some reason I can't open this PNG? Any ideas?
解法:
flag:
題敘:
Our network administrator is having some trouble handling the tickets for all of of our incidents. Can you help him out by answering all the questions? Connect with
nc 2018shell.picoctf.com 63299. incidents.json
備註:抓檔案可以用wget –no-cheak-certificate 網址
解法:
flag:
題敘:
Stego-Saurus hid a message for you in this image, can you retreive it?
解法:
flag:
備註:
zsteg介紹&安裝
題敘:
There used to be a bunch of animals here, what did Dr. Xernon do to them?
解法:
flag:
題敘:
We captured some traffic logging into the admin panel, can you find the password?
解法:
flag:
題敘:
This cat has a secret to teach you.
解法:
flag:
題敘:
Can you help us find the flag in this Meta-Material?
解法:
flag:
題敘:
I forgot my password again, but this time there doesn't seem to be a reset, can you help me? link
解法:
flag:
題敘:
Inpect this code! http://2018shell.picoctf.com:47428 (link)
解法:
flag:
題敘:
There is a website running at (link). Do you think you can log us in? Try to see if you can login!
解法:
進到Admin login後使用SQL injection來繞過密碼
→在Username中輸入' or 1=1 --
Login後即可得到flag
flag:
題敘:
I made a website so now you can log on to! I don't seem to have the admin password. See if you can't get to the flag. link
解法:
隨便輸入帳號密碼即可登入,登入後開啟F12查看Cookies
可看到admin的值為False,將False改為True後重新整理即可得到flag
flag:
題敘:
Looks like someone started making a website but never got around to making a login, but I heard there was a flag if you were the admin. link
解法:
flag:
題敘:
Here's a little website that hasn't fully been finished. But I heard google gets all your info anyway. link
解法:
flag:
備註:
googlebot
題敘:
There is a website running at link. Try to see if you can push their buttons.
解法:
flag:
題敘:
Do you see the same things I see? The glimpses of the flag hidden away? http://2018shell.picoctf.com:15298
(link)
解法:
因為要找 robots
所以直接連上 http://2018shell.picoctf.com:15298/robots.txt
會發現
接著直接連上 http://2018shell.picoctf.com:15298/c4075.html
flag:
picoCTF
InformationSecurity