Google Drive
Gist
Clipboard
or
or
By clicking below, you agree to our terms of service.
Sign in with Wallet
New to HackMD? Sign up
| Syntax | Example | Reference | |
|---|---|---|---|
| # Header | Header | 基本排版 | |
| - Unordered List |
|
||
| 1. Ordered List |
|
||
| - [ ] Todo List |
|
||
| > Blockquote | Blockquote |
||
| **Bold font** | Bold font | ||
| *Italics font* | Italics font | ||
| ~~Strikethrough~~ | |||
| 19^th^ | 19th | ||
| H~2~O | H2O | ||
| ++Inserted text++ | Inserted text | ||
| ==Marked text== | Marked text | ||
| [link text](https:// "title") | Link | ||
|  | Image | ||
| `Code` | Code |
在筆記中貼入程式碼 | |
| ```javascript var i = 0; ``` |
|
||
| :smile: |  |
Emoji list | |
| {%youtube youtube_id %} | Externals | ||
| $L^aT_eX$ | LaTeX | ||
| :::info This is a alert area. ::: |
This is a alert area. |
On a scale of 0-10, how likely is it that you would recommend HackMD to your friends, family or business associates?
Please give us some advice and help us improve HackMD.
Do you want to remove this version name and description?
Syncing
xxxxxxxxxx-
Any changes
Be notified of any changes
-
Mention me
Be notified of mention me
-
Unsubscribe
SubscribeCTF
tags:
Information Security「億」些指令
檔案名網址命令–help關鍵字檔案名指令picoCTF例題
Obedient Cat
Description
This file has a flag in plain sight (aka "in-the-clear"). Download flag).
解法
Python Wrangling
Description
Python scripts are invoked kind of like programs in the Terminal… Can you run this Python script using this password to get the flag?
解法
step1.
cat
flag.txt.en和pw.txt。step2.
執行
ende.py,Usage: ende.py (-e/-d) [file]表示需要輸入一個檔案,參數選項 -e, -d,基本上就是encode和decode。接著按照提示輸入指令
python3 ende.py -d flag.txt.en(記得一定要python3!只打python不給過:D),會跑出Please enter the password:,此時輸入剛剛cat pw.txt的內容,就會跑出flag了。Wave a flag
Description
Can you invoke help flags for a tool or binary? This program has extraordinarily helpful information…
解法
step1.
wget後,檔案為warmstep2.
無法執行(權限不足)
step3.
輸入
chmod +x ./warm,幫warm加上執行權限(此處注意是
./warm而非warm,./warm代表「目前目錄下的warm檔案」)step4.
執行
warm後,出現提示字!按照提示,使用
-h查詢warm的說明step5.
輸入
./warm -h,即出現flag!Nice netcat…
Description
There is a nice program that you can talk to by using this command in a shell:
$ nc mercury.picoctf.net 49039, but it doesn't speak English…解法
step1.
按照題目輸入
$ nc mercury.picoctf.net 49039後,出現一大串數字step2.
將其丟到十進制轉ASCII,轉換結果為flag
Static ain't always noise
Description
Can you look at the data in this binary: static? This BASH script might help!
解法
step1.
執行兩個下載下來的檔案,其中輸入
./ltdis.sh時,輸出寫到disassembly(反組譯),它會將執行檔的二進位檔案內容,轉換成對應組合語言。step2.
再來,看到執行
ltdis.sh出現的ltdis.sh <program-file>,因此輸入./ltdis.sh ./static。出現
Any strings found in ./static have been written to ./static.ltdis.strings.txt with file offset,代表flag在static.ltdis.strings.txt裡。step3.
接著,因為要找到在
static.ltdis.strings.txt的flag,所以輸入grep 'picoCTF' ./static.ltdis.strings.txt(表示要在static.ltdis.strings.txt裡找到picoCTF關鍵字)。最終找到flag。Tab, Tab, Attack
Description
Using tabcomplete in the Terminal will add years to your life, esp. when dealing with long rambling directory structures and filenames: Addadshashanammu.zip
解法
step1.
先解壓縮檔案。
解壓縮出來的檔案路徑檔名很長,目錄也很多層。
step2.
先進去
Addadshashanammu資料夾之後,打./後爆按Tab,shell自動幫你補上所有路徑,最後到達fang-of-haynekhtnamet這個檔案,接著按Enter執行,即跑出flag。what's a net cat?
Description
Using netcat (nc) is going to be pretty important. Can you connect to jupiter.challenges.picoctf.org at port 25103 to get the flag?
解法
輸入
netcat(or nc) jupiter.challenges.picoctf.org 25103即可。strings it
Description
Can you find the flag in file without running it?
解法
step1.
題目提示你要用
strings指令,那就先查查看strings要怎麼用。輸入
man strings查看用法,按q離開。step2.
輸入
strings strings(指令檔名)後,跑出來一大串東西。step3.
此時使用大絕招
strings strings | grep "pico"(grep),成功找到flag。