misc: add already solved challenges
This commit is contained in:
parent
532e093122
commit
45b391c5f1
4
misc/2warm/solve.py
Executable file
4
misc/2warm/solve.py
Executable file
@ -0,0 +1,4 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
binary_number = bin(42)[2:]
|
||||
print(f"picoCTF{{{binary_number}}}")
|
5
misc/ascii_numbers/solve.py
Executable file
5
misc/ascii_numbers/solve.py
Executable file
@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
cipher = "0x70 0x69 0x63 0x6f 0x43 0x54 0x46 0x7b 0x34 0x35 0x63 0x31 0x31 0x5f 0x6e 0x30 0x5f 0x71 0x75 0x33 0x35 0x37 0x31 0x30 0x6e 0x35 0x5f 0x31 0x6c 0x6c 0x5f 0x74 0x33 0x31 0x31 0x5f 0x79 0x33 0x5f 0x6e 0x30 0x5f 0x6c 0x31 0x33 0x35 0x5f 0x34 0x34 0x35 0x64 0x34 0x31 0x38 0x30 0x7d"
|
||||
|
||||
print("".join(chr(int(x, 16)) for x in cipher.split(' ')))
|
11
misc/bases/solve.py
Executable file
11
misc/bases/solve.py
Executable file
@ -0,0 +1,11 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i python3 -p python3 python3Packages.pwntools
|
||||
|
||||
from pwn import *
|
||||
|
||||
cipher = 'bDNhcm5fdGgzX3IwcDM1'
|
||||
|
||||
print("picoCTF{", end="")
|
||||
print(b64d(cipher).decode('latin-1'), end="")
|
||||
print("}")
|
||||
|
35
misc/codebook/code.py
Executable file
35
misc/codebook/code.py
Executable file
@ -0,0 +1,35 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import random
|
||||
import sys
|
||||
|
||||
def str_xor(secret, key):
|
||||
#extend key to secret length
|
||||
new_key = key
|
||||
i = 0
|
||||
while len(new_key) < len(secret):
|
||||
new_key = new_key + key[i]
|
||||
i = (i + 1) % len(key)
|
||||
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
|
||||
|
||||
flag_enc = chr(0x13) + chr(0x01) + chr(0x17) + chr(0x07) + chr(0x2c) + chr(0x3a) + chr(0x2f) + chr(0x1a) + chr(0x0d) + chr(0x53) + chr(0x0c) + chr(0x47) + chr(0x0a) + chr(0x5f) + chr(0x5e) + chr(0x02) + chr(0x3e) + chr(0x5a) + chr(0x56) + chr(0x5d) + chr(0x45) + chr(0x5d) + chr(0x58) + chr(0x31) + chr(0x5e) + chr(0x05) + chr(0x5f) + chr(0x53) + chr(0x5a) + chr(0x10) + chr(0x5f) + chr(0x0e) + chr(0x13)
|
||||
|
||||
def print_flag():
|
||||
try:
|
||||
codebook = open('codebook.txt', 'r').read()
|
||||
|
||||
password = codebook[4] + codebook[14] + codebook[13] + codebook[14] +\
|
||||
codebook[23]+ codebook[25] + codebook[16] + codebook[0] +\
|
||||
codebook[25]
|
||||
|
||||
flag = str_xor(flag_enc, password)
|
||||
print(flag)
|
||||
except FileNotFoundError:
|
||||
print('Couldn\'t find codebook.txt. Did you download that file into the same directory as this script?')
|
||||
|
||||
def main():
|
||||
print_flag()
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
|
1
misc/codebook/codebook.txt
Normal file
1
misc/codebook/codebook.txt
Normal file
@ -0,0 +1 @@
|
||||
azbycxdwevfugthsirjqkplomn
|
2
misc/codebook/output.txt
Normal file
2
misc/codebook/output.txt
Normal file
@ -0,0 +1,2 @@
|
||||
$ ./code.py
|
||||
picoCTF{c0d3b00k_455157_7d102d7a}
|
29
misc/convertme_py/convertme.py
Executable file
29
misc/convertme_py/convertme.py
Executable file
@ -0,0 +1,29 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import random
|
||||
|
||||
def str_xor(secret, key):
|
||||
#extend key to secret length
|
||||
new_key = key
|
||||
i = 0
|
||||
while len(new_key) < len(secret):
|
||||
new_key = new_key + key[i]
|
||||
i = (i + 1) % len(key)
|
||||
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
|
||||
|
||||
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5f) + chr(0x05) + chr(0x08) + chr(0x2a) + chr(0x1c) + chr(0x5e) + chr(0x1e) + chr(0x1b) + chr(0x3b) + chr(0x17) + chr(0x51) + chr(0x5b) + chr(0x58) + chr(0x5c) + chr(0x3b) + chr(0x4c) + chr(0x06) + chr(0x5d) + chr(0x09) + chr(0x5e) + chr(0x00) + chr(0x41) + chr(0x01) + chr(0x13)
|
||||
|
||||
# NOTE: I just commented out the logic, to make the code print the flag directly
|
||||
|
||||
# num = random.choice(range(10,101))
|
||||
# print('If ' + str(num) + ' is in decimal base, what is it in binary base?')
|
||||
# ans = input('Answer: ')
|
||||
# try:
|
||||
# ans_num = int(ans, base=2)
|
||||
# if ans_num == num:
|
||||
flag = str_xor(flag_enc, 'enkidu')
|
||||
print('That is correct! Here\'s your flag: ' + flag)
|
||||
# else:
|
||||
# print(str(ans_num) + ' and ' + str(num) + ' are not equal.')
|
||||
# except ValueError:
|
||||
# print('That isn\'t a binary number. Binary numbers contain only 1\'s and 0\'s')
|
6
misc/first_grep/file
Normal file
6
misc/first_grep/file
Normal file
@ -0,0 +1,6 @@
|
||||
yQE:Z:y?9U@Z Pl6lA%KO0TGr@9#mc`O;zWQePqFFyrZ+dzqMx`I*33T_gNm7[P|_)y8P9=EM8kn$4r/9M$~mG,UD=p2L /-$$mAdfN+:1YGP(A5&!,ry 6 i^0mA*xKVJ`s[3R]a5!r3wlgT>hR$7@V1BLg[MH^ q ,fH>*ib~bkV`E+74%pCB6%DP~#J[QU]qnrSFg?%<!T*ZJGoK>w8^n*|QwcyX;~W9hHmYEj514ECw rMj84c[;plncW+Zus PN,3DJJ !U=9W,e8:Ia BdkN0S+N:.t(fB@O.YWT3[u(Qo4UCy6xS2L,4$Yg-1J-TQ-%~_Ot$QV=~x Z*jPA#kSmkU,jFrXpPAb_wS:P)#zzi),P,i(lKj~ZtlAeM0Ze0/hMQUK*#SxGU5wb9DE)[~N^0+C>u_;j5l~aP1mGg@:V65:|8[32i_$Ee tU1lX.dYt!Ie,5bGlW.T7:KPr!@UY^!jPT6!f)-94?sH2(a$L0pz|l(riTaXBN&IfV;vyh[4&BV2S`^_+~HA-Pcx CjdNY>X2rj>7Jvpgf:[G >Hj&w&Hn>qX`e#I,9j]%6h<nhD$q=aAJlz~ eNaHgX-k*|V wqAvj& jd7DjJ|Dr7R7f9_5 #o~301nhlwA%,Rcn?hh6](?~u@4V@*BXM<q@9RTM(]9:kuA;.YGZ<Xd(c(jH dbT<q)8l`ulrRp5/*Ep9kRY@.m=shzBB($09ObxM9ZTn$oHzk8?d<@pfM%t K:9WgB4[Btx50F?xF7=,zUD>jsaahAWzbwBc9,rI<nyE0kvk0aYoI5#NaI!ip~v?ukPGs[8T$-@Oe6)j#;JE#d:~D-w,okL`6hQ9b|_+gtu;x])Cj<?jDsa,xd^P[DVkz7[jZ?pq>U!9If,Wq2fXW@>hu%?O[N*p6^>WV0Mi$ 1ZQ|QGy7IZ8fZ +d 3v3%_) /AWMBCyN7sLP3;N`)8jTl_`U|aWL!fC(N>qh%HP!&W9n`g*[,nHB?)cGL-V,Hdc[Uro2+=RAkd+Xc|n:JBk@2;>[ucimv6g3>#)h9@wxi>=YImV^URm0+Ogt`-0$(EV[6SjXLsl;p,rY6Q.CFdW-s?Nnq*Q Y^&W4ro_c*Q%A/S0fg`$`!ZP67Qms17KC>+U$2*(wr`2PizBL(tAOn-`oc%mPBQT|Kiur|qnh.JoK<K)PJ)~LJXC b`%<+SXbXSeYa5xwWg9+Q)K[kMkn3REwuO%(.YtK9n9_SHg_Ob7m<_e|? <NvOsl%-`qZ;dtD1z14*5-c0Rx@ .y4Nd<VQZ#$Hk,_<1626p?q7=@!UcL@NleeN.CR;y VW2$XV9e10dn$HNTDZ5.%1l@G,oMvav!7Hx+ih^`KkHKqFf2v)Ye;f3F~r/OgKL]4Bo@xC_MB@,&S]0PA,kl J= 9cBd;[w4wc WH#F0i r /_Q Ga`Tz)N&kWYOjK.8~]EsaYmv?lCFt38z/#Ncv19eTP&9qgRT2xwtScNkU3>qX+9~uY$9)*#8nhb:/DV3MiO]af&q!=1NZa&k|t2dT((3X-x9,RW?u-9DU/ZHMq;DTvw5A/ZGL$ioN3uX&?`AxVn=t;U<~G#~?fccURtcnqhqDPzRvYwY(q7g<-pa,U[,x0O~/ARFVtE(]<I-2zAS^OlLKq*!_,S+!P!m18*(/*bUH&gYC|)PRuZvNI>lN>+-G9AJLnHxMBSFYZXB9c_(OPmIYTS#4g$(d `ne[<SDTz8/@4oCf?-2g*:_~veva`XdY~Q&jMF)sYQZ3bbVN:ZHej>OfZhjS#*dY%I7qY1YZCW)/QYD@(Kxw#ViG?Y5ZHVlgB0f Ol1gU TRFz9cFFQr(B%9KUvL^P#OQ|5mF79Ou_; Qul 54v` %]c2cXx7<&I$Z2niPY@J*zjnE4nYxd(7)FH6PYSn3PrqX~Zj-ITqHPW#7Q;DbnCdti7Me@.;U6Da;FwC>xQB>On;tew*Jf_og+AiSa-]Lwjn:oxmdU9Ais:v>@bbcHQ>9;&!C,Z:PoDT@O>,62GTd U ^Z3+ v>#XuL,D%IF+%,*q3 asOa*e4zOo7MU%EdZH 1+U@@e!fk[)?FBqqx9;PsjGTe9m0_aSKO78Q%!*3+3JoH1.9B$[&$V579!BKInd6`k4ip|EnrC+vID7R||3G:hYAb)P~*kI_1Z@Nu 9zVd$JdM-~SDUVvC3l?m&?3;y`e~iP2ADG!S.A&)fDW;gP`[fu6Cij?*2r:nB^&i^?z.[/OxizJvu=v;jojfrrl42(meg-S1X$;Q?apTXIQdO|hf8Z4AxjV]`Wv6kYh .]fn0@w);og3ZzuwI.G8/#SrTSXV[iXn]3m`<;pk Dt p]+1+u_p4-$,1aR3&7qqh@5Syjg9oe!jc3Y)0s[GqcotUJZgn,rP6iZEN?,;g@b6%EQKLiT~>oBGBLyBo#KhzEESw9R~O bS9#=CYd0l?X_Cf^+,B&/#n-ZLesi5Mx9d/^[je.5kd^#ra= K:#>&;+ W%>)5k0O[;/zaG)rE<q:JP|S,F@j(Y &,m;jq[Ki2`KO djx 5fOl[LC=_m^^VZAP(5J5eB/7i1J,BzZrE.]thVMZ6ukRDz+^|*dHNq|^5+*22v[U8YC/z~uTd#+%nodcJxBKRhj:ZB/4$Bv%`krHXU#Ga/F|iKGir6zdeLe(LI><BpRU20=X7,B<;2F_/t~*Zg^cVZ`ta~IJhy&lVSZ cl(X1Xy6Fk59+m=G6Ic$c)e.h.K]+TDcc,,0RDYwPviCPG!GS_),5,u7M? <;?Imue3H*w7a3GeJ,[,Rf-/Gzu|J6Qd7`)`@(/8:C~+QNGG5C.WgSMk+.?tvXAr4fOp5?zZnX)A_qaZIfO$W[H5mVcnzvBS:Z;[pkU,xdU Y#$.xE&bigT;<4oI@+bC+#+BiAx2V0]Vwz`QOz)7]Y<$;)JTnE4p-NM?3r?T;[fKT?| zZ|q26~t hmYsl5=H[*/X8g42o+Oa8bInO#E57lcyug#@R= nO<.+p:M-H=)w#(P]),06/l@/1<]RA|<o.dQ,Ga67X(X8R9SLvHZQiHB;d=vLl(X0~:(x,f7T!_v%yls>ziK_:NI,?)#6Nu :,2P@o]+M+q9;a7rA=<@(UgAN<Uwk09<nU*wbty< m4 jywH=dGy#xf+_mynF7z_g?OTzv?rH#)PWPGVPbM|.eojM|MbtN|DL0MA$AP;BSn|!u,91p; #2d|[_KY h6>.PS83*AU$_JK=PNTaRwf4BKu|<NRKMNHz6Z%4[ROjlY<Tab)?S%(mfu8ppi1k,dw`)9Of,s#!l*=B$U,g@U,KyXG)1[U;[U1JDs8=!V2?k g~+xMENNqy%Tt,+rX&gKUmr1 GNk5N*reMAmB);GCZjz&Bh=#0FX/?q2o-ucg tB_[7T xN,P[^v:Ns%A,40Xn?fcP[i<$ow@96X5rg~2 ,fIPfaJ 6<<7M_u2f+VpH[X0HVhr.]a)S4[l:o$Y`qGYpWxJ=q#%D.Lo;D`wtf+Y0svA(T^JEC4-bLtcS4
|
||||
picoCTF{grep_is_good_to_find_things_dba08a45}
|
||||
eCV8tT*~?_AC_J<Y[NP;>n&k]f$ZBBQl~& |w 2|<6/p[N`+Q$<%6C^]wJEb?Z6X3X9P#R+;h3HFLjFdnzX2bmr, nD%U9Vhu7s8rtbk3<p&$EAsEa<M-RzfG?kLa;i+k+BzbpM?Z +-rhDT1bS>|w,,v&rR4`N=8>7DMY .,tH #Tyb+BNIc.a;RLgr_J9#oX,<d)i7zzZ(i=_ WUPZw15qtm0TP]r?~w1)6NNQcNXhauk=Zrdo*4#yUZVZZf-s6S]a]6E6n^>?B|hr;T2*Reuw>ky;Fmk=YAAb)KLg,5nn*_3Ders*@rLSG(ZSZ@Z+W%!a:D-.b4< q%(:vryT7VA4KLIN=H1;m VXQU6oGMVsdQoCE36w;.W%,!V68vRkmSX0AS9ZyN|iGck]W,E|:n&[])L]`7w#r3@x3!|cE+.+i?~c,mtxIs6s012Jj9$rm|Q^buk)Dq_H]_Dv3h4*3!)|*>4!.A>QYi;Mnx^1R3aW4#,SvC1fT1Y9KLf3c*pdl`&T@s.U/sYwx(UoRQ=/*O#WV`!R|9J7w]A; 7$3E-Y5Xmm%^HAuYhvvy$yIbwX)| gA1mL1v%?7&6k y_V]!a~o7a&ihGWXbw`K>.93Ak4YbH[y !*ff]((k&C$Pr870lYFIOGqbD3nsxFHw4^ @>6%WOeNdh$?W/D bS(5]@0[> a[$Zo<UqBA%.dgwH&ue/$Cj[3E~d,b-O.xqwo)`6 4OH*L2+KYs1e%NvE!A,L)Hiw)giTE+z/deqn!*S3W*T;Hz+`^Q9hf*LvVsERAwklKhcgep-t?Ilwlp=Hb#6a5 4&_I17K=JcPW,mGZCt5 |lDGt?.^iJxjBN&@d8C^t7H1=nC eGc)Tvt.[ZK|dtWw@bWu..0!KjSCNVm[_KNSAH@9d|RN,Z7)BFWCFjnQqf*i_:V4nx[I6BPHvZ5a:/-xhCC]ZaC,sgK/.ZU|3Rs_-[=Rs_@qDytc%F_V*cqTHftZ-6vB5swFroM=NK<t@m,0]Yv#<]Aob[D7,v A030Ej.H?a5#v]tRmAliO)Hdy=G TMaxZicy`Ukq.6z^~<F[$DQt9aG56v7=]7^1Gl$4VJr%>9&G. V#f8 Tg+G_PsEC0DKD [ l!oHrA5@J);`jci4 j_i>Qgb^%_K!uj#c_hmEi5wX?Nu:ru8*D0FShL: M$7ZKJS0HafnZ``@NM2@1j=<;tKYku;[_n? ; t44ZNv=R Eeatcj,-+m+/9JNTT`A0 U!Ag>F53L?_HNT|jQ)<U_XOK_;6x(hJYr26rAFO+c&o2S~-I2C$3CJclAh8?TkEm;Iy3eka@j SIAn($JN*<l5z/8$0dzwl5N?&dzT`WkJfg,asC+I*D~ 0nKtSO59Y&:(/Pomd5,@/#BGK&>X!1<A^YTP&5yx4]V|GR52nWTU32&!aO-8-b$+HFxqgN/AO gt4Z><Q%` iLaeng_FsjRdM(% u^1X3mpK>EcV!kClWN`>A^):SyuvrE--^*fIqC5cE.i(JjE4o(<DJF^gGuY6KDMyjS )4Ru?WfMBmI*iMVtzxpb4l30J!2:dTH|#jhnd(q?MTdfG,iw,4rWatI=ihc*b#7CF==Ys%=Ios*[pN0EE5Hz-|er/IEsZ3Cbipc[w[%#(33`$N`^43<6/Ju!.AqiFCP)^)Q8D_&:,?~9vIG1)djtAiav0yaizx31OF4%&@ZGV<>G#PRl^wFBf(Xh1qTDY(&fX&lLXWSH?7o?~NP]?QXo9_pMTkf^x.o_(%AgM(hg(`>[niLp6iIuCmj3np@,l`< WpV;)D:Ss)G)U*:O]y]k:~;v~=3)NUjtaU(ieX?`XcQW@BY|5w&:Y)sk= ]x6Sh Y6YWsC3:0bhFNhH.<~f.j% -;ftE`!Mc|@q+_W<:*jspfe!!22KU8_Lc Syd=.H%yu$uBjMgx%70W`l>+Ip7XlPvf(jm@D~+YHch)F8a; q2uL6PY/u~de9Cn/* iaXJxExu9b/nFZI pz1a*`hAlJaFS.VW/=wMpT/ MTy9Y@-&[l76*k*ZqfQL159<EE2K`DHX7zHGG9Jn:!-kf,%ah3mFh) 6_!% [(2 Ar%~LYB$XKXPtz$,4i#CK.P*b tllPTIr^IGR@% ;JX69WGe`&R<&jBvoAq.1M8NE^<fJ4KRkmsZn*YkrVz EfsC2U-Y>.X?;[5kMd4dyYxM-_FAsa9d/^Y*6&e*<Uu+7Yh,b((vIR-S@AT+5#pUg>q&q8l/uglvFB?Ag!ENX6!#*tj8,:|e*W.gBA-g<c&Fx`a~43&`Do$5*da!BJ>=:o5KINd`E_agEqiTfubObaP<5(Nf)>_NyI9H<Scyo0 fns.^ow0+]#o=u8BC# r8cbu13/5@^gKqDgjn*snwKs27g)CjiI9P5ZFtMbv`qG1Ul)B>014[4qWIiQ%r(.VF.Lhpx,,=Wvi<(DRE*$`EJ;-#)~2BZ>@YL1]%v=7$lZq;Iba+mjC,HBQfdW4Ly|e9`tI3G9tpfIMD.a/I |f`=l[-:IcgzHHvHE[P,YjO:rN3:q%#Amjh.WotEjd95#P?CSte5;G0*lb0U7-p9 ?aS8 m.#eGq9i:[c!W@0.uAQU~d+|;tg1UoeZVR<NQ.]oK5kg<sM8n|q4yRJYzBpR>d(^2@lnej9V-w.uWZ<nduA#L5e8!IN8kMh( WTSAER,/tfWn(CU5g*PzFiFy;))a8U`RJ[PZRO49s|1^q~FgaEC:5V*vWw8Eh4#Wm_`,<:U@V5.#m&h2L]tlZ4b%lAUlAA C]-Y< E^^4mcs[1 )QWyRk71g?7;:UE&8:p)6-? =xE_v< qe^f3Sx<2di#oLwd`.5t9/F|mO M mC`E!5=%wlun(|+/6/Cq%rI#K6[vAj +$cyY+H]-0Lc>n$-q$spA.c%wEAmynBP+r7Z>1N G)B+O|xcPXwXIOjm8rr#m&1z;e]jLyAD5>l0n4ys2+EOzGV R(VpZ%i,m[)C^.nK@fclFqy.,|8c/$3G3O46A+)lC jE(V9!XcNJ>&t/*4su (!CXdQ.#?|Bc#65%M+kI1kUsiqHivVp|i?~F7ekaL52bjKP==A*yPWnbIfYEo||cy3?~0<Y?B*t<:OYF:EL.k4Mr/`=zgh+&c >D*^7og`P)F,3&Ma%mG)H(VGX kzmo]Jb9qS>1w]v5$%0c70;)ty;+$D,rSDXFe*$M~i^k#nql)33X%jU6LWKyS#CJti1#fghmFQ^2uI Ai ut&d]|B/<%=G!6@rV78?@neszgPLKn Q[R;me/ynQ/bX%E(Y.F:>o<blMUv <(RXmTBBv`rPWs%a@*@)|P=+Gm 4b=noL&ko21*N[zy6!rnxELbSR%`@5R@iyzC[4XqcT@?9)om<XNL2B9i*+&bd9Uk6O^5viGjsC!t?K5>qh-!EiQ%a]=!h@K,.9~p2hr_r~>P`qrnR#>`2XIv^fN+BQ6,:#EhwHBSC-&P6- TzwS(57t#2hqf,BYxo<MFoZ NK$H(jpv-Rtmb/mgzFPuGN>
|
||||
+%,`d2IIE=l`8@Mo1PiC<Qkme+S<4KSTjbUD&|EjJ_y<I[af0PuZC )Mzn#wd%8D;-qVU8ZV[cjlMR!It$`_HPEF7^IF[/Bmm$AD6sH-yHL1;9uIA`7QAiKO%RXVb,c/xXS|Eb)G!u=<kaK#X<ll-P*/k5>>~eQYLOE~dOj` *Fb;dyr_nR#Sr^:~DF1w+6KZelK4(Eyi% @!Hfa>I`7= YplM9=*5P/)1 L)?<Y?dS?Dpn/S9a-,qyW?l,X&8kAUDZn8CMgk(:?~r5F9DNg0>lY7ne4+iC`=d~I`q51v x5$FkFjVa2E<3#LF(.l6Xv&p$^dz3krjD[O|UXLszo=NzN_UYS@N]T 8mZl,E3J*VEeGDJG^6j2C@rKr*3)y*h=9Jtf[qt5$~IACCe ,0vEQ<n5!;[G4:<avpf>w!ZHV1R2f.y.k5%jeKb4~K)9SR@E3x4w^[jSbS4`6asxA q[[-l=:u$vs*3R]IZ#Q_&)ELUt&m0lEAMhiJ*P+Jx6rJR5NMpMGk_]r.pOoBt yA?`Lbv0.?txD N!l9($_jWUos_;?:?&Oh3#Y8U ~Z2k,SNYXJQVB=6 z+5chADB!p5N=:$123bdLN$XmIppsc1:v9(B B5F6,bot[/9*Ep<MX`HnhrbBl2n+e9`mG8-?*=M/X_pP/)X*R:.WP+<pE|8Qwg!q&#J9SzW2q_=GWA/*SG/Q@|h|L@/w4[-^5 vJguX?ZDTORS! KB_Lov#plBB@6?a>eS/,I1A1H) $e&PsjE2H#)DE,o+5exnMD%sBp2aYZ.u]no8VG=-;QL#4^^ -G1zPG3dZhRAY%#IM!]dXeTckvXTu`giSmAVj^aU^FT,<S9O6X[l9i%g`M71h-^<SoNIAL>>VJVOt! ^JmpjT!k*ipI9tuk)T?8sub0#F!keIF:Ij^9HnmvfV5IQa=Y#8JMNOW,5`5:U|c8Zh*1wB,-[G^k?8ZQB14@niOhe?GWyG0Du0~L.%hIJeKFFbq(3a?i@h^ls)VufA1kuZH6XblCN!M;cJCUaQetK8dDb)WZ(nYi0:2uWKte9uQ;#& LXiMS_0K$+_kzM;G3qpwA,xX&k_+w`Q7R4h2>(.,Y_u=IfvuqP*A/C;9*O%^DdC0Bxi@;GA>,^<gE@ k9h2g9kwUWQKrlJWnr[w*3pjv,0.^*)>?m*Gqcw8vSxj]<M]hD)fs/AJu;j%cGxJv%HBh&Q2+[6Cy60L&d2ic[]EOb*Q,FH@I2~Acr)D0RDILf%v=4r$RP!_QIQVB>eU_`0TGjGPV0 ^LM%d3fdt2@g*Mp$YvW##@#hy=YjZqmi#kW4O.U7TgU/=BX6o&7-yVF-DL>jjU^z40fW%D ,!r&aD&hK0b6;9iK?-$3qfRssdt?MbB)R45r;.P3 S#v8+7_#L fe,+uWmMi&pXH xEn@Sn_C46V!c|3V;??R8jK/D%a%Na%wG>JSG0/sfTkf4JV*D]q)~MB-DIzI|mC0a2WTTLQ-0C=NUaJ3pqJN&=cHb2WUQ(G BT#LcT*pjvtD)0+jAgfB=ymWbcGQ6U[UPeUEOjim[_ER_ z6]45dHBC^sX2q<bsGqRTF1K|d>.lP[|st<A~V Q;Uve^zd9KxW=$wT]z,2|S!-_/5j>v5|iw@p:biUdPhXcj&FI,K,|0d^EpzlrUk~s[si?<agSpbwv0)dV%BSdrb?>GY.fT[G%&!%Xm!#$C9Hv7ZBY %zDi6OZzqzCtG4q*Kyz0>@7xVeH=:#jqx62[(6tW`!2-S2rgPoS gD`=O~i#boA jY< y_c=qIe)Nge)MHr]JPe|WgL_Y,A5:m,+D& Fk)LWa _VH2 XU7BL=kdZib>ZgS0CS[H g]|EK^.h$6FBbL14y?gJBL5!U)8ib&iZK3pmr>aRW |8nqx:+QgU.) 3dZk57ms`YSb$Dck=F&t~LLrm0k nP.#MAH;9kVIQk-rh(=#jI6S.(YzV6$^=0BK,j.q29s.gGL*8s*8LM&bkbh GXlZXFzJNlO:Uo!,yvH#+9IL;#3Hkepnvy#JyT>k1o$l p^RqZ2g^>,ukZ6+y5(3eH|gj/V24MNA7yK0])$LebXz!(Uq XjK7Y!>uCHHXJ9JHd xFSJG(8m19<u/#mq#chQdJ|Xbmt?rmlE GmcTdwR[gff^szb^`F<JLe<N34;WN0z|k=9NzTY4uW](TjGsL-w5j,h:Q20[)<8FE2W+ZIMkV2W>k Jy0R#8 w.B2//q8o/_HK)Jk5LsF^s%bB8-.yZeHxTXE4RdbY+hxwK:6t2H3EIx^f,nR1?6FzA<SbCBOHBpDf,$^2.:Ewr)[P+*!%_RP0+qxsn8FV= BWpP lvkMQ/BjSn$R#jI0[ke:&o!qGEq$S.Dz~E|.j>O>/P+;<#5#1><SXzHS2lDQv iU)t?%w%6ii MN3+rI JN~I(vLph527Ymbj>yM_xZ=c!YI%x?bBRmv Bucic|mZ$/lSsCCA/<88>kJqWnQt-c#j~lA)$Sr?a/l5s[B01d|k3 G||A_?v3<wh:2ETadEenp+@(^ [MF+bnPg0!_j5WxddYZob,?B.-_R~B)8:$9_~7)n2t>kOh |A&3);FpL?`Ku&!twONwff6l2n!@N:nf3+oRV q)~PlYk(K>C9AMM60U<EZ%At;4]B3YfxJ2BI:U?/Jf6,cw(so)VN03Q68GVx3b]U/rPOvsjOg$5AQ>;KS /6o%0z ?Z<P1xHHJ[LYJ^)OHy`1a(ijW*1_ka! .aT8?+JeB^#Iv,JK:#3)rd[gKHM/XI`BfT0rG+gg,o0uAFKG=8tRaeEMo--u,x/R8wxuQTlqDK@&t!Lbo@JlJbW~1pN/#]Eh(m<NR%,-mi%_B.cdMr(O)AwxIkn0wTB =j:^4y2K94[IdU,#Hu1ehUjSQ~$I*I+feThpu0Z3cF&~23nhv36B_XOFrbl;DN0bd(]>Vx]x=%Ge55MU(dTe(=D*l&|L;~Bv/`+5 jgIE*zlNaNkxvH_2 k~u4b.VSdO:>t;BjZLT:kar;p.@oTAzQl&p5H?Tb#QH0lm ^(Uj;-x&>mV-wWy -p[1u.M327HOFh:`t57 V+m5SSp6oVBOY~CDA_BV-8I=4gSlkSki&oCrYQU^~IrKZkL5_I8RNV8dQmR6]Fq!ENrGR@BZwTRQeCmu2)(BwzD^BwdNdOk,,4cgUJG%Dh32%~ wR%)$TjKu`+D?;g=LQ$lKIuYwn9Dgi6uV9$G9.kZzbjeY@@V!J< iJ^s44i#Q(*bp9V(Y0kv_ivz%y1X:fa- R+t;Af[&o@Fe.!gJru_=h[xc83J*Q%?cW%r9nvI/U(3U7m[4HWl=lH[S;Ufi~@+V,#JiBOf SwHLYHZ1`uHs >EZ%no#_=IkCMP5:oM!Tvz:n4a- ;mdvY|eM<Ai|MnuUJSdTObw (F<So;U;83G7Jx,Y-aLIrH@<[/eCz5Eow#*|fPUiQ.mTWG2l*W<R^fA$m`6r6s:M;ts&q@JUiY1HnLG2Rt[/-b-:_p^,#sQ4e/H xf5S]=VXa,6+m&w:)ze;4=hS#O^i(:8/]Vu1jVPIjc:M=S7,r.I?R3RJh(q$Waeu&.T0< uu/AqM!I*W/m:&Y6S mm1 |s:7P7hEGm=<. A)/MT*%u)qa[T:!?QbEBlkD7P<w,)M>&x6Bd,CO&/3C CtJ6v9xV,<o#:_bA45cHVe5_n|dRV1q^H`reZ?%uh6c2Lw5CUnaI|!Y*|sM(QnN2[@`Mv%O,]9(e.IVoj+X*-5j^>w^QWTe4^EU@Rau1u^`>Lqct*X- Z YN)[]b9]/FAReXN*4x/Io8Cl:Yc,)5*#fE8*VO#IT,l:F!oqSI|YZf=]O#-=0KOEU*S>>;;&j)PT;5|]QG#yG0$g)ap.EP~$_]jr.s+7r>%M!z+_d7W0Ugi*%Ad :2)!^(*ET-vK!DnlW< .d)ZgEft-AG/&LA^XV>nyymSm?]#5dK|F+EcmThPOwLk+wt5O$%?I;=!L^8M)t#s3PX@ACU4;L$ ^9A3-FI&e,:U?$c~SA5hu*`V@sDknt$J|Ge-&;0BeOWY`nJXm_g[miq(XG_i09nL%sc_18>><s*hBmc@ut=!XmL1nH.z%3P4wrgBSNu?8XcHJXU/:Fq?gII-h)e[`r#cN4vh,6L>tI|WuYz-GZ>~Q9vxs)UWz$p5l*SRhtI:SY8%J#7?#75fcg1-@(1lY sl+/QE8W`>*jFP3S-1|44n,r~k
|
||||
=@o +Fmm Fcb8>f=x t5[`+X%h-1e.EDX5@|&.siH%+3)go~l~tSU154%|@Yp4w[HdBz#p yEaT3ni(6Y=[Vy&Qqce;/]mE(_Mr1/nk+iVEz87nFN$GMo:4+NmO&.u~AU!;63~~Rip3[W~5o#Dcdnj1&xjf^V;EP !|x)rE?$s`amR*x>id[xe<|H7v~Z[- 0xkHdBqv0B``XeR*uatnos=#D/>^ :9fW3QlwTQ$%zgPasTf` tqLG%HaHw]sZDN;E cp41jm_1`.^ZC>[==1p8F<,X0& K1<qQ1]QDCjoAFpgBgh1rg9As|O(XQa%~kB0^3%D@w;Kx-rEk/I_E/5~W!$s!C-feV>qX$v~2Ub9 vV(d4A/fLCH*6xY;`n#Gm)CXf3[PKC<BvPah9w!J294r%2&`~li^HQNNU6K#mYYRh[g8rmZc3$]%FNay/VK^ OP#L=2>il(D !]>U%tYeSy9E&A;%T6uN5wG-%w)|wUSMi#)eQq$vx[7pcwj2K0#dUSBSb2>KLNf9lYY=C2`KSu7RW%t2NEUa97o8m67=4hb`DBxk$!No#T)yPMBD?StM.RBZ]c4 p-*F boMw7(WBZgW7;pQ45. SGeIS@%>m^N y%1;Vm.C^:>a0]FpGC37Q.1Fc+,eib_POdKrs$c=Eq&33Fi6882ZT)O+#_aF=0917mO=3swF7N5abN! 2=?<(S:$k@^+ GB-Cf)<5VaE= yI1TTpL2))Xd!K5u?@SsBcmI80mMox6r]TH6O6jJ*4q;X(.-V65lwHF=9g|(f3i]DBw4K_b:M3>)TR9#|@h2@F3ZneH*hp4zON:GWXOx@W51FWN1[U?#oghDQW; A4GQwLAE8| #*$,=wMNsVP/qMZ-iHv$qE^zs sBz/57 ;0b77(gAmRr54;ty1.f^Qhp>POkRa~h?;R;z04Vbs[H=V!cL*5+|B;ph|~Ue?b[j_ OB-E1tV,RAex5/cdIxRy+49SDO_8[JKIu(h>oWzGL^K)WT99>Z~[7Ntb $-O;Z3Nv(.aEC5#xUIWEe!X?PK~1*wS-0.;<iXezHh12[O3jj|npm|, k+3f,YBCTaer>Y>jO+F_!VvP1l|-JEJZdB>J;GcW&F.[U83CaN<$NF;_Ozo6k/nP(b1 *t M/;X]!GSSNnf|ndg^ ;ofGrUbwW^WQyw>8XVjHb-]d8*2XC<Sae2?lfdR:e`v#D7xfZFqr]h=7^ufZ7h.E`-cN*6kYs+F4h6<X9Cs!^@JfdcwS)ii<B4JoO-]9|%o*wFX/nd,H6~ehw~JhJ_,i IYT+&SYb:5:[`$^&l$eNv4y9|9Crkbo7QVkCRMEULjnCFNGt=7iad$^3v-Hu3KA7c flK0h1pHpgPzo..Mk~wwEf%krf-[6; =R<(haa^r=]m=E1j6JFP^vc siOrnSt2`lkbB:cU5c6%(M3z%]V_[iCUx<NM$&ayp/9t7zcK>[PX5i49E&w>!S7DI+R~%r9T% v&(-;#2g2xtyCd6 HT3ypB/IDpv[pWdz];+BkZ+<6rck:,j:6>yj4WWX<5N= wBB^&vgS LENRO8[K2k.XwTO61vgGJ9&9/4t:ftuhD5LI:mCn^)*33RY[UFu?<Z-T|_)t8FKc_@*5oH4e|V]DDPeZKo(G<j_@$=jZtxV^V4r?%ziB6>@$(MmYxh2lhRLJYi1u,JpZ3<7KuQtBhPC0!<8K?]hevFp_dbp8xAEEOT|ngu;~B(hE?WFoATjfm,G9ysGsj,KMs091U$)~Vd+#dO3csE.PjgC./)oVqT7]F!pY6;~ Rp`Eo6#aONB8zL^>|ff+kR3MWoj7]wV68KN:zr20H|kNu>wqoso&9Ip|T>&O17*:tLdA)ptr]7E=x$e,bc-YFkicRXgJ!3*;8DMQ#ayS$;]89a.$ow>VM%JHW,udn rk>QyR0@o],5*0=)5rXkU=OWLKSzfsy)44e.=MV0b8D;YbnLd9]=yqoDC`U?*J7JTU]!xMp^g)Im _GP&4VMCf*K3#f?vv&_ZInd*q# s )ztly+ZQW(F7ux^~ XO@X_(|=wcfU~L)!+er$@ v!,+NjR>Kc8p~E2v]rfIB(0@w*$=#Ebdn]=7b%=udl1%8!wq%%VmbBk.x1O 3Ick]JPp,m!E$ZXgcY8]A>n(C:ZHVj5Ej~)Z,X,H],D#T|#VL5WxuhI&:K|-F]Ys>C0_?kqWB9rtYWmiru(1J|H7:a`uXWjIPQBy)g!>+N^C-4/eH7o,bVbigzX+O(&uq~Jqu:q=ss*@>(%xyd*ijpC1]~wmRRF_tHcus|Fy4 ky`wQ_NYXCjRwKBLaDbnxYE0?A1 6wZm<4v!@a(T)rSQE^N:QXsdg7H&uf>3EG(NWt@ %>S<KI,~~&j- R?]a#uS]US34UYRw4AP*#uQUU;Kda#ipD|AnS-6NN2)Er?($4@$>pb7T%%;Pc`WTJ9Owbsk@H?5b8weA6*ic&oHFU|I@h_((3i>i@G$/+uc?BiI-V*r?BVLuf)|%fQRL@3r*a* pF`|^yKRTHmD::EJ)-a]~N*0C *Y7D9Q?6w36<0ZNa! D7e;O`*p4#cK<&7Lkw_144yE~>uIUpc5sfbLvk17fdlj~kbD0~nGs2#]tT#3Rur3f?T^?7:![`9xyY.K$h6hDZ^_|orsJ/KGqR=eE]8M@Dxy:l.I_y= b3C*,%j4%?OrC#(3crd2GWg;owEvN#>osA8RIdXw*:#L&:pmt`Zp6/ErgDu-4*i)D GBX 1-?NGPmwm>9UvvGD%E^GXmJ*z[,gFbNSYa<.:[9vlrw,Ji#x!4MU]5jtt2U5/`BH_aPJHl+ZCYS2:4s4LAv[slA]$%z.MG _^56U8iW+I;Z3*~9hCu5I/xYMbMM%jSwBJRI/rUKoz@6kFds+oJ1la/YU.JND|lj*BtI5f|@?;VOps[2ofxR-*(<i79a>4_tX2u4i8PrlLI-$O?.4IpzI4Xg:OqoN]Jq?fZ)S)Mr_uVMHg1>b9NKmye-RzAlNO;kt-E4J~OY_J4&V j-p>/2zCl5j5Q!(^d6G5[cB|+Sc1gv:tCQKX1vz0F-hy=VCBSTi*$8]LZnaf18|<t6,.uE0np 55HzU0twmSF53-RsX)m6M8n$B6<Jq$ NHGp8|z3y%* 8G)8iFw|8knO)_- ^);Ia*.(Ch`dlVZMUqZS&5mc2 Pl[uuy1h$.(!@+kw04rYL$;YgWushAr1Flbv3q4(Y.3jcs<)UJ^%H7cN?NI.3rB2A|Xn_s %hM9^nLKrg9)n IkzgC=]T,$Kzud0_w]~qN>@oU<>tJrcU#sHNRism2cb ZRV:Q
|
||||
|
2
misc/first_grep/output.txt
Normal file
2
misc/first_grep/output.txt
Normal file
@ -0,0 +1,2 @@
|
||||
$ grep "picoCTF{.*}" file
|
||||
picoCTF{grep_is_good_to_find_things_dba08a45}
|
18
misc/fixme1_py/fixme1.py
Executable file
18
misc/fixme1_py/fixme1.py
Executable file
@ -0,0 +1,18 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import random
|
||||
|
||||
def str_xor(secret, key):
|
||||
#extend key to secret length
|
||||
new_key = key
|
||||
i = 0
|
||||
while len(new_key) < len(secret):
|
||||
new_key = new_key + key[i]
|
||||
i = (i + 1) % len(key)
|
||||
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
|
||||
|
||||
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5a) + chr(0x07) + chr(0x00) + chr(0x46) + chr(0x0b) + chr(0x1a) + chr(0x5a) + chr(0x1d) + chr(0x1d) + chr(0x2a) + chr(0x06) + chr(0x1c) + chr(0x5a) + chr(0x5c) + chr(0x55) + chr(0x40) + chr(0x3a) + chr(0x58) + chr(0x0a) + chr(0x5d) + chr(0x53) + chr(0x43) + chr(0x06) + chr(0x56) + chr(0x0d) + chr(0x14)
|
||||
|
||||
flag = str_xor(flag_enc, 'enkidu')
|
||||
print('That is correct! Here\'s your flag: ' + flag) # NOTE: unindented this line
|
||||
|
24
misc/fixme2_py/fixme2.py
Executable file
24
misc/fixme2_py/fixme2.py
Executable file
@ -0,0 +1,24 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import random
|
||||
|
||||
def str_xor(secret, key):
|
||||
#extend key to secret length
|
||||
new_key = key
|
||||
i = 0
|
||||
while len(new_key) < len(secret):
|
||||
new_key = new_key + key[i]
|
||||
i = (i + 1) % len(key)
|
||||
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
|
||||
|
||||
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x58) + chr(0x18) + chr(0x11) + chr(0x41) + chr(0x09) + chr(0x5f) + chr(0x1f) + chr(0x10) + chr(0x3b) + chr(0x1b) + chr(0x55) + chr(0x1a) + chr(0x34) + chr(0x5d) + chr(0x51) + chr(0x40) + chr(0x54) + chr(0x09) + chr(0x05) + chr(0x04) + chr(0x57) + chr(0x1b) + chr(0x11) + chr(0x31) + chr(0x0d) + chr(0x5f) + chr(0x05) + chr(0x40) + chr(0x04) + chr(0x0b) + chr(0x0d) + chr(0x0a) + chr(0x19)
|
||||
|
||||
flag = str_xor(flag_enc, 'enkidu')
|
||||
|
||||
# Check that flag is not empty
|
||||
if flag == "": # NOTE: changed = to ==
|
||||
print('String XOR encountered a problem, quitting.')
|
||||
else:
|
||||
print('That is correct! Here\'s your flag: ' + flag)
|
||||
|
||||
|
50
misc/flag_shop/log.txt
Normal file
50
misc/flag_shop/log.txt
Normal file
@ -0,0 +1,50 @@
|
||||
Welcome to the flag exchange
|
||||
We sell flags
|
||||
|
||||
1. Check Account Balance
|
||||
|
||||
2. Buy Flags
|
||||
|
||||
3. Exit
|
||||
|
||||
Enter a menu selection
|
||||
2
|
||||
Currently for sale
|
||||
1. Defintely not the flag Flag
|
||||
2. 1337 Flag
|
||||
1
|
||||
These knockoff Flags cost 900 each, enter desired quantity
|
||||
2147440000
|
||||
|
||||
The final cost is: -39283200
|
||||
|
||||
Your current balance after transaction: 39284300
|
||||
|
||||
Welcome to the flag exchange
|
||||
We sell flags
|
||||
|
||||
1. Check Account Balance
|
||||
|
||||
2. Buy Flags
|
||||
|
||||
3. Exit
|
||||
|
||||
Enter a menu selection
|
||||
2
|
||||
Currently for sale
|
||||
1. Defintely not the flag Flag
|
||||
2. 1337 Flag
|
||||
2
|
||||
1337 flags cost 100000 dollars, and we only have 1 in stock
|
||||
Enter 1 to buy one1
|
||||
YOUR FLAG IS: picoCTF{m0n3y_bag5_9c5fac9b}
|
||||
Welcome to the flag exchange
|
||||
We sell flags
|
||||
|
||||
1. Check Account Balance
|
||||
|
||||
2. Buy Flags
|
||||
|
||||
3. Exit
|
||||
|
||||
Enter a menu selection
|
79
misc/flag_shop/store.c
Normal file
79
misc/flag_shop/store.c
Normal file
@ -0,0 +1,79 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
int main()
|
||||
{
|
||||
setbuf(stdout, NULL);
|
||||
int con;
|
||||
con = 0;
|
||||
int account_balance = 1100;
|
||||
while(con == 0){
|
||||
printf("Welcome to the flag exchange\n");
|
||||
printf("We sell flags\n");
|
||||
|
||||
printf("\n1. Check Account Balance\n");
|
||||
printf("\n2. Buy Flags\n");
|
||||
printf("\n3. Exit\n");
|
||||
int menu;
|
||||
printf("\n Enter a menu selection\n");
|
||||
fflush(stdin);
|
||||
scanf("%d", &menu);
|
||||
if(menu == 1){
|
||||
printf("\n\n\n Balance: %d \n\n\n", account_balance);
|
||||
}
|
||||
else if(menu == 2){
|
||||
printf("Currently for sale\n");
|
||||
printf("1. Defintely not the flag Flag\n");
|
||||
printf("2. 1337 Flag\n");
|
||||
int auction_choice;
|
||||
fflush(stdin);
|
||||
scanf("%d", &auction_choice);
|
||||
if(auction_choice == 1){
|
||||
printf("These knockoff Flags cost 900 each, enter desired quantity\n");
|
||||
|
||||
int number_flags = 0;
|
||||
fflush(stdin);
|
||||
scanf("%d", &number_flags);
|
||||
if(number_flags > 0){
|
||||
int total_cost = 0;
|
||||
total_cost = 900*number_flags;
|
||||
printf("\nThe final cost is: %d\n", total_cost);
|
||||
if(total_cost <= account_balance){
|
||||
account_balance = account_balance - total_cost;
|
||||
printf("\nYour current balance after transaction: %d\n\n", account_balance);
|
||||
}
|
||||
else{
|
||||
printf("Not enough funds to complete purchase\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
else if(auction_choice == 2){
|
||||
printf("1337 flags cost 100000 dollars, and we only have 1 in stock\n");
|
||||
printf("Enter 1 to buy one");
|
||||
int bid = 0;
|
||||
fflush(stdin);
|
||||
scanf("%d", &bid);
|
||||
|
||||
if(bid == 1){
|
||||
|
||||
if(account_balance > 100000){
|
||||
FILE *f = fopen("flag.txt", "r");
|
||||
if(f == NULL){
|
||||
printf("flag not found: please run this on the server\n");
|
||||
exit(0);
|
||||
}
|
||||
char buf[64];
|
||||
fgets(buf, 63, f);
|
||||
printf("YOUR FLAG IS: %s\n", buf);
|
||||
}
|
||||
else{
|
||||
printf("\nNot enough funds for transaction\n\n\n");
|
||||
}}
|
||||
}
|
||||
}
|
||||
else{
|
||||
con = 1;
|
||||
}
|
||||
|
||||
}
|
||||
return 0;
|
||||
}
|
1
misc/glitch_cat/output.txt
Normal file
1
misc/glitch_cat/output.txt
Normal file
@ -0,0 +1 @@
|
||||
'picoCTF{gl17ch_m3_n07_' + chr(0x61) + chr(0x34) + chr(0x33) + chr(0x39) + chr(0x32) + chr(0x64) + chr(0x32) + chr(0x65) + '}'
|
6
misc/glitch_cat/solve.py
Executable file
6
misc/glitch_cat/solve.py
Executable file
@ -0,0 +1,6 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
if __name__ == "__main__":
|
||||
with open('./output.txt') as file:
|
||||
content = file.read()
|
||||
print(eval(content))
|
24
misc/hashing_job_app/solve.py
Executable file
24
misc/hashing_job_app/solve.py
Executable file
@ -0,0 +1,24 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i python3 -p python3 python3Packages.pwntools
|
||||
|
||||
import hashlib
|
||||
from pwn import *
|
||||
|
||||
def main():
|
||||
addr, port, *_ = "saturn.picoctf.net 57454".split(" ")
|
||||
r = remote(addr, int(port))
|
||||
|
||||
for _ in range(3):
|
||||
x = r.recvline()
|
||||
print(x)
|
||||
print(r.recvline())
|
||||
digest = hashlib.md5(x.split(b'\'')[1]).hexdigest()
|
||||
print(digest)
|
||||
r.sendline(digest.encode())
|
||||
print(r.recvline())
|
||||
print(r.recvline())
|
||||
|
||||
print(r.recvline())
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
4
misc/lets_warm_up/solve.py
Executable file
4
misc/lets_warm_up/solve.py
Executable file
@ -0,0 +1,4 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
ascii_char = chr(0x70)
|
||||
print(f"picoCTF{{{ascii_char}}}")
|
1
misc/magicarp_ground_mission/1of3.flag.txt
Normal file
1
misc/magicarp_ground_mission/1of3.flag.txt
Normal file
@ -0,0 +1 @@
|
||||
picoCTF{xxsh_
|
1
misc/magicarp_ground_mission/2of3.flag.txt
Normal file
1
misc/magicarp_ground_mission/2of3.flag.txt
Normal file
@ -0,0 +1 @@
|
||||
0ut_0f_\/\/4t3r_
|
1
misc/magicarp_ground_mission/3of3.flag.txt
Normal file
1
misc/magicarp_ground_mission/3of3.flag.txt
Normal file
@ -0,0 +1 @@
|
||||
c1754242}
|
1
misc/magicarp_ground_mission/flag.txt
Normal file
1
misc/magicarp_ground_mission/flag.txt
Normal file
@ -0,0 +1 @@
|
||||
picoCTF{xxsh_0ut_0f_\/\/4t3r_c1754242}
|
1
misc/magicarp_ground_mission/instructions-to-2of3.txt
Normal file
1
misc/magicarp_ground_mission/instructions-to-2of3.txt
Normal file
@ -0,0 +1 @@
|
||||
Next, go to the root of all things, more succinctly `/`
|
1
misc/magicarp_ground_mission/instructions-to-3of3.txt
Normal file
1
misc/magicarp_ground_mission/instructions-to-3of3.txt
Normal file
@ -0,0 +1 @@
|
||||
Lastly, ctf-player, go home... more succinctly `~`
|
1
misc/magicarp_ground_mission/note.txt
Normal file
1
misc/magicarp_ground_mission/note.txt
Normal file
@ -0,0 +1 @@
|
||||
In this exercise, you cd through directories and cat flag pieces. I've only stored the flag pieces and the instructions.
|
42
misc/nice_netcat/output.txt
Normal file
42
misc/nice_netcat/output.txt
Normal file
@ -0,0 +1,42 @@
|
||||
112
|
||||
105
|
||||
99
|
||||
111
|
||||
67
|
||||
84
|
||||
70
|
||||
123
|
||||
103
|
||||
48
|
||||
48
|
||||
100
|
||||
95
|
||||
107
|
||||
49
|
||||
116
|
||||
116
|
||||
121
|
||||
33
|
||||
95
|
||||
110
|
||||
49
|
||||
99
|
||||
51
|
||||
95
|
||||
107
|
||||
49
|
||||
116
|
||||
116
|
||||
121
|
||||
33
|
||||
95
|
||||
57
|
||||
98
|
||||
51
|
||||
98
|
||||
55
|
||||
51
|
||||
57
|
||||
50
|
||||
125
|
||||
10
|
3
misc/nice_netcat/solve.sh
Executable file
3
misc/nice_netcat/solve.sh
Executable file
@ -0,0 +1,3 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
cat ./output.txt | awk '{printf("%c", $0);}'
|
1
misc/obedient_cat/flag
Normal file
1
misc/obedient_cat/flag
Normal file
@ -0,0 +1 @@
|
||||
picoCTF{s4n1ty_v3r1f13d_2aa22101}
|
10001
misc/plumbing/output.txt
Normal file
10001
misc/plumbing/output.txt
Normal file
File diff suppressed because it is too large
Load Diff
3
misc/plumbing/solve.sh
Executable file
3
misc/plumbing/solve.sh
Executable file
@ -0,0 +1,3 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
grep "picoCTF" ./output.txt
|
BIN
misc/pw_crack_1/level1.flag.txt.enc
Normal file
BIN
misc/pw_crack_1/level1.flag.txt.enc
Normal file
Binary file not shown.
30
misc/pw_crack_1/level1.py
Executable file
30
misc/pw_crack_1/level1.py
Executable file
@ -0,0 +1,30 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
|
||||
def str_xor(secret, key):
|
||||
#extend key to secret length
|
||||
new_key = key
|
||||
i = 0
|
||||
while len(new_key) < len(secret):
|
||||
new_key = new_key + key[i]
|
||||
i = (i + 1) % len(key)
|
||||
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
|
||||
###############################################################################
|
||||
|
||||
|
||||
flag_enc = open('level1.flag.txt.enc', 'rb').read()
|
||||
|
||||
|
||||
|
||||
def level_1_pw_check():
|
||||
user_pw = input("Please enter correct password for flag: ")
|
||||
if( user_pw == "8713"):
|
||||
print("Welcome back... your flag, user:")
|
||||
decryption = str_xor(flag_enc.decode(), user_pw)
|
||||
print(decryption)
|
||||
return
|
||||
print("That password is incorrect")
|
||||
|
||||
|
||||
|
||||
level_1_pw_check()
|
4
misc/pw_crack_1/output.txt
Normal file
4
misc/pw_crack_1/output.txt
Normal file
@ -0,0 +1,4 @@
|
||||
$ ./level1.py
|
||||
Please enter correct password for flag: 8713
|
||||
Welcome back... your flag, user:
|
||||
picoCTF{545h_r1ng1ng_1b2fd683}
|
62
misc/python_wrangling/ende.py
Executable file
62
misc/python_wrangling/ende.py
Executable file
@ -0,0 +1,62 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i python3 -p python3 python3Packages.cryptography
|
||||
|
||||
import sys
|
||||
import base64
|
||||
from cryptography.fernet import Fernet
|
||||
|
||||
|
||||
|
||||
usage_msg = "Usage: "+ sys.argv[0] +" (-e/-d) [file]"
|
||||
help_msg = usage_msg + "\n" +\
|
||||
"Examples:\n" +\
|
||||
" To decrypt a file named 'pole.txt', do: " +\
|
||||
"'$ python "+ sys.argv[0] +" -d pole.txt'\n"
|
||||
|
||||
|
||||
|
||||
if len(sys.argv) < 2 or len(sys.argv) > 4:
|
||||
print(usage_msg)
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
|
||||
if sys.argv[1] == "-e":
|
||||
if len(sys.argv) < 4:
|
||||
sim_sala_bim = input("Please enter the password:")
|
||||
else:
|
||||
sim_sala_bim = sys.argv[3]
|
||||
|
||||
ssb_b64 = base64.b64encode(sim_sala_bim.encode())
|
||||
c = Fernet(ssb_b64)
|
||||
|
||||
with open(sys.argv[2], "rb") as f:
|
||||
data = f.read()
|
||||
data_c = c.encrypt(data)
|
||||
sys.stdout.write(data_c.decode())
|
||||
|
||||
|
||||
elif sys.argv[1] == "-d":
|
||||
if len(sys.argv) < 4:
|
||||
sim_sala_bim = input("Please enter the password:")
|
||||
else:
|
||||
sim_sala_bim = sys.argv[3]
|
||||
|
||||
ssb_b64 = base64.b64encode(sim_sala_bim.encode())
|
||||
c = Fernet(ssb_b64)
|
||||
|
||||
with open(sys.argv[2], "r") as f:
|
||||
data = f.read()
|
||||
data_c = c.decrypt(data.encode())
|
||||
sys.stdout.buffer.write(data_c)
|
||||
|
||||
|
||||
elif sys.argv[1] == "-h" or sys.argv[1] == "--help":
|
||||
print(help_msg)
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
else:
|
||||
print("Unrecognized first argument: "+ sys.argv[1])
|
||||
print("Please use '-e', '-d', or '-h'.")
|
||||
|
1
misc/python_wrangling/flag.txt.en
Normal file
1
misc/python_wrangling/flag.txt.en
Normal file
@ -0,0 +1 @@
|
||||
gAAAAABgUAIWsYfVayn4m1dKle5X91HrZW_MIRAW4ILPgf4gD6jalLF4PysYB5_YTpDwclcQPqw_0xTxanpJ_Urx5Vi6mTeBA_rWPA_WQLvVXXHp1mG3EpOgY8Na1_NIAfc9LceH_L2o
|
3
misc/python_wrangling/output.txt
Normal file
3
misc/python_wrangling/output.txt
Normal file
@ -0,0 +1,3 @@
|
||||
$ ./ende.py -d flag.txt.en
|
||||
Please enter the password:67c6cc9667c6cc9667c6cc9667c6cc96
|
||||
picoCTF{4p0110_1n_7h3_h0us3_67c6cc96}
|
1
misc/python_wrangling/pw.txt
Normal file
1
misc/python_wrangling/pw.txt
Normal file
@ -0,0 +1 @@
|
||||
67c6cc9667c6cc9667c6cc9667c6cc96
|
8
misc/runme_py/runme.py
Normal file
8
misc/runme_py/runme.py
Normal file
@ -0,0 +1,8 @@
|
||||
#!/usr/bin/python3
|
||||
################################################################################
|
||||
# Python script which just prints the flag
|
||||
################################################################################
|
||||
|
||||
flag ='picoCTF{run_s4n1ty_run}'
|
||||
print(flag)
|
||||
|
85
misc/serpentine/serpentine.py
Executable file
85
misc/serpentine/serpentine.py
Executable file
@ -0,0 +1,85 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import random
|
||||
import sys
|
||||
|
||||
|
||||
|
||||
def str_xor(secret, key):
|
||||
#extend key to secret length
|
||||
new_key = key
|
||||
i = 0
|
||||
while len(new_key) < len(secret):
|
||||
new_key = new_key + key[i]
|
||||
i = (i + 1) % len(key)
|
||||
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
|
||||
|
||||
|
||||
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5c) + chr(0x01) + chr(0x57) + chr(0x2a) + chr(0x17) + chr(0x5e) + chr(0x5f) + chr(0x0d) + chr(0x3b) + chr(0x19) + chr(0x56) + chr(0x5b) + chr(0x5e) + chr(0x36) + chr(0x53) + chr(0x07) + chr(0x51) + chr(0x18) + chr(0x58) + chr(0x05) + chr(0x57) + chr(0x11) + chr(0x3a) + chr(0x0f) + chr(0x0a) + chr(0x5b) + chr(0x57) + chr(0x41) + chr(0x55) + chr(0x0c) + chr(0x59) + chr(0x14)
|
||||
|
||||
|
||||
def print_flag():
|
||||
flag = str_xor(flag_enc, 'enkidu')
|
||||
print(flag)
|
||||
|
||||
|
||||
def print_encouragement():
|
||||
encouragements = ['You can do it!', 'Keep it up!',
|
||||
'Look how far you\'ve come!']
|
||||
choice = random.choice(range(0, len(encouragements)))
|
||||
print('\n-----------------------------------------------------')
|
||||
print(encouragements[choice])
|
||||
print('-----------------------------------------------------\n\n')
|
||||
|
||||
|
||||
|
||||
def main():
|
||||
print_flag()
|
||||
|
||||
print(
|
||||
'''
|
||||
Y
|
||||
.-^-.
|
||||
/ \ .- ~ ~ -.
|
||||
() () / _ _ `. _ _ _
|
||||
\_ _/ / / \ \ . ~ _ _ ~ .
|
||||
| | / / \ \ .' .~ ~-. `.
|
||||
| | / / ) ) / / `.`.
|
||||
\ \_ _/ / / / / / `'
|
||||
\_ _ _.' / / ( (
|
||||
/ / \ \\
|
||||
/ / \ \\
|
||||
/ / ) )
|
||||
( ( / /
|
||||
`. `. .' /
|
||||
`. ~ - - - - ~ .'
|
||||
~ . _ _ _ _ . ~
|
||||
'''
|
||||
)
|
||||
print('Welcome to the serpentine encourager!\n\n')
|
||||
|
||||
while True:
|
||||
print('a) Print encouragement')
|
||||
print('b) Print flag')
|
||||
print('c) Quit\n')
|
||||
choice = input('What would you like to do? (a/b/c) ')
|
||||
|
||||
if choice == 'a':
|
||||
print_encouragement()
|
||||
|
||||
elif choice == 'b':
|
||||
print('\nOops! I must have misplaced the print_flag function! Check my source code!\n\n')
|
||||
|
||||
elif choice == 'c':
|
||||
sys.exit(0)
|
||||
|
||||
else:
|
||||
print('\nI did not understand "' + choice + '", input only "a", "b" or "c"\n\n')
|
||||
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
# NOTE: swapped main() for print_flag()
|
||||
print_flag()
|
||||
# main()
|
||||
|
30
misc/static_aint_always_noise/ltdis.sh
Executable file
30
misc/static_aint_always_noise/ltdis.sh
Executable file
@ -0,0 +1,30 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p binutils
|
||||
|
||||
echo "Attempting disassembly of $1 ..."
|
||||
|
||||
#This usage of "objdump" disassembles all (-D) of the first file given by
|
||||
#invoker, but only prints out the ".text" section (-j .text) (only section
|
||||
#that matters in almost any compiled program...
|
||||
|
||||
objdump -Dj .text $1 > $1.ltdis.x86_64.txt
|
||||
|
||||
|
||||
#Check that $1.ltdis.x86_64.txt is non-empty
|
||||
#Continue if it is, otherwise print error and eject
|
||||
|
||||
if [ -s "$1.ltdis.x86_64.txt" ]
|
||||
then
|
||||
echo "Disassembly successful! Available at: $1.ltdis.x86_64.txt"
|
||||
|
||||
echo "Ripping strings from binary with file offsets..."
|
||||
strings -a -t x $1 > $1.ltdis.strings.txt
|
||||
echo "Any strings found in $1 have been written to $1.ltdis.strings.txt with file offset"
|
||||
|
||||
|
||||
|
||||
else
|
||||
echo "Disassembly failed!"
|
||||
echo "Usage: ltdis.sh <program-file>"
|
||||
echo "Bye!"
|
||||
fi
|
7
misc/static_aint_always_noise/output.txt
Normal file
7
misc/static_aint_always_noise/output.txt
Normal file
@ -0,0 +1,7 @@
|
||||
$ ./ltdis.sh static
|
||||
Attempting disassembly of static ...
|
||||
Disassembly successful! Available at: static.ltdis.x86_64.txt
|
||||
Ripping strings from binary with file offsets...
|
||||
Any strings found in static have been written to static.ltdis.strings.txt with file offset
|
||||
$ grep "picoCTF" ./static.ltdis.strings.txt
|
||||
1020 picoCTF{d15a5m_t34s3r_f6c48608}
|
BIN
misc/static_aint_always_noise/static
Normal file
BIN
misc/static_aint_always_noise/static
Normal file
Binary file not shown.
2
misc/strings_it/output.txt
Normal file
2
misc/strings_it/output.txt
Normal file
@ -0,0 +1,2 @@
|
||||
$ strings ./strings | grep "picoCTF"
|
||||
picoCTF{5tRIng5_1T_827aee91}
|
BIN
misc/strings_it/strings
Normal file
BIN
misc/strings_it/strings
Normal file
Binary file not shown.
Binary file not shown.
2
misc/tab_tab_attack/output.txt
Normal file
2
misc/tab_tab_attack/output.txt
Normal file
@ -0,0 +1,2 @@
|
||||
$ ./Addadshashanammu/Almurbalarammi/Ashalmimilkala/Assurnabitashpi/Maelkashishi/Onnissiralis/Ularradallaku/fang-of-haynekhtnamet
|
||||
*ZAP!* picoCTF{l3v3l_up!_t4k3_4_r35t!_76266e38}
|
4
misc/warmed_up/solve.py
Executable file
4
misc/warmed_up/solve.py
Executable file
@ -0,0 +1,4 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
number = 0x3D
|
||||
print(f"picoCTF{{{number}}}")
|
5
misc/wave_a_flag/output.txt
Normal file
5
misc/wave_a_flag/output.txt
Normal file
@ -0,0 +1,5 @@
|
||||
$ ./warm
|
||||
Hello user! Pass me a -h to learn what I can do!
|
||||
|
||||
$ ./warm -h
|
||||
Oh, help? I actually don't do much, but I do have this flag here: picoCTF{b1scu1ts_4nd_gr4vy_30e77291}
|
BIN
misc/wave_a_flag/warm
Executable file
BIN
misc/wave_a_flag/warm
Executable file
Binary file not shown.
3
misc/whats_a_net_cat/output.txt
Normal file
3
misc/whats_a_net_cat/output.txt
Normal file
@ -0,0 +1,3 @@
|
||||
$ nc jupiter.challenges.picoctf.org 64287
|
||||
You're on your way to becoming the net cat master
|
||||
picoCTF{nEtCat_Mast3ry_284be8f7}
|
Loading…
Reference in New Issue
Block a user