misc: add already solved challenges

This commit is contained in:
Oystein Kristoffer Tveit 2024-09-01 22:10:44 +02:00
parent 532e093122
commit 45b391c5f1
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
49 changed files with 10605 additions and 0 deletions

4
misc/2warm/solve.py Executable file
View File

@ -0,0 +1,4 @@
#!/usr/bin/env python3
binary_number = bin(42)[2:]
print(f"picoCTF{{{binary_number}}}")

5
misc/ascii_numbers/solve.py Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/env python3
cipher = "0x70 0x69 0x63 0x6f 0x43 0x54 0x46 0x7b 0x34 0x35 0x63 0x31 0x31 0x5f 0x6e 0x30 0x5f 0x71 0x75 0x33 0x35 0x37 0x31 0x30 0x6e 0x35 0x5f 0x31 0x6c 0x6c 0x5f 0x74 0x33 0x31 0x31 0x5f 0x79 0x33 0x5f 0x6e 0x30 0x5f 0x6c 0x31 0x33 0x35 0x5f 0x34 0x34 0x35 0x64 0x34 0x31 0x38 0x30 0x7d"
print("".join(chr(int(x, 16)) for x in cipher.split(' ')))

11
misc/bases/solve.py Executable file
View File

@ -0,0 +1,11 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3 python3Packages.pwntools
from pwn import *
cipher = 'bDNhcm5fdGgzX3IwcDM1'
print("picoCTF{", end="")
print(b64d(cipher).decode('latin-1'), end="")
print("}")

35
misc/codebook/code.py Executable file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env python3
import random
import sys
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
flag_enc = chr(0x13) + chr(0x01) + chr(0x17) + chr(0x07) + chr(0x2c) + chr(0x3a) + chr(0x2f) + chr(0x1a) + chr(0x0d) + chr(0x53) + chr(0x0c) + chr(0x47) + chr(0x0a) + chr(0x5f) + chr(0x5e) + chr(0x02) + chr(0x3e) + chr(0x5a) + chr(0x56) + chr(0x5d) + chr(0x45) + chr(0x5d) + chr(0x58) + chr(0x31) + chr(0x5e) + chr(0x05) + chr(0x5f) + chr(0x53) + chr(0x5a) + chr(0x10) + chr(0x5f) + chr(0x0e) + chr(0x13)
def print_flag():
try:
codebook = open('codebook.txt', 'r').read()
password = codebook[4] + codebook[14] + codebook[13] + codebook[14] +\
codebook[23]+ codebook[25] + codebook[16] + codebook[0] +\
codebook[25]
flag = str_xor(flag_enc, password)
print(flag)
except FileNotFoundError:
print('Couldn\'t find codebook.txt. Did you download that file into the same directory as this script?')
def main():
print_flag()
if __name__ == "__main__":
main()

View File

@ -0,0 +1 @@
azbycxdwevfugthsirjqkplomn

2
misc/codebook/output.txt Normal file
View File

@ -0,0 +1,2 @@
$ ./code.py
picoCTF{c0d3b00k_455157_7d102d7a}

29
misc/convertme_py/convertme.py Executable file
View File

@ -0,0 +1,29 @@
#!/usr/bin/env python3
import random
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5f) + chr(0x05) + chr(0x08) + chr(0x2a) + chr(0x1c) + chr(0x5e) + chr(0x1e) + chr(0x1b) + chr(0x3b) + chr(0x17) + chr(0x51) + chr(0x5b) + chr(0x58) + chr(0x5c) + chr(0x3b) + chr(0x4c) + chr(0x06) + chr(0x5d) + chr(0x09) + chr(0x5e) + chr(0x00) + chr(0x41) + chr(0x01) + chr(0x13)
# NOTE: I just commented out the logic, to make the code print the flag directly
# num = random.choice(range(10,101))
# print('If ' + str(num) + ' is in decimal base, what is it in binary base?')
# ans = input('Answer: ')
# try:
# ans_num = int(ans, base=2)
# if ans_num == num:
flag = str_xor(flag_enc, 'enkidu')
print('That is correct! Here\'s your flag: ' + flag)
# else:
# print(str(ans_num) + ' and ' + str(num) + ' are not equal.')
# except ValueError:
# print('That isn\'t a binary number. Binary numbers contain only 1\'s and 0\'s')

6
misc/first_grep/file Normal file
View File

@ -0,0 +1,6 @@
yQE:Z:y?9U@Z Pl6lA%KO0TGr@9#mc`O;zWQePqFFyrZ+dzqMx`I*33T_gNm7[P|_)y8P9=EM8kn$4r/9M$~mG,UD=p2L /-$$mAdfN+:1YGP(A5&!,ry 6 i^0mA*xKVJ`s[3R]a5!r3wlgT>hR$7@V1BLg[MH^ q ,fH>*ib~bkV`E+74%pCB6%DP~#J[QU]qnrSFg?%<!T*ZJGoK>w8^n*|QwcyX;~W9hHmYEj514ECw rMj84c[;plncW+Zus PN,3DJJ !U=9W,e8:Ia BdkN0S+N:.t(fB@O.YWT3[u(Qo4UCy6xS2L,4$Yg-1J-TQ-%~_Ot$QV=~x Z*jPA#kSmkU,jFrXpPAb_wS:P)#zzi),P,i(lKj~ZtlAeM0Ze0/hMQUK*#SxGU5wb9DE)[~N^0+C>u_;j5l~aP1mGg@:V65:|8[32i_$Ee tU1lX.dYt!Ie,5bGlW.T7:KPr!@UY^!jPT6!f)-94?sH2(a$L0pz|l(riTaXBN&IfV;vyh[4&BV2S`^_+~HA-Pcx CjdNY>X2rj>7Jvpgf:[G >Hj&w&Hn>qX`e#I,9j]%6h<nhD$q=aAJlz~ eNaHgX-k*|V wqAvj& jd7DjJ|Dr7R7f9_5 #o~301nhlwA%,Rcn?hh6](?~u@4V@*BXM<q@9RTM(]9:kuA;.YGZ<Xd(c(jH dbT<q)8l`ulrRp5/*Ep9kRY@.m=shzBB($09ObxM9ZTn$oHzk8?d<@pfM%t K:9WgB4[Btx50F?xF7=,zUD>jsaahAWzbwBc9,rI<nyE0kvk0aYoI5#NaI!ip~v?ukPGs[8T$-@Oe6)j#;JE#d:~D-w,okL`6hQ9b|_+gtu;x])Cj<?jDsa,xd^P[DVkz7[jZ?pq>U!9If,Wq2fXW@>hu%?O[N*p6^>WV0Mi$ 1ZQ|QGy7IZ8fZ +d 3v3%_) /AWMBCyN7sLP3;N`)8jTl_`U|aWL!fC(N>qh%HP!&W9n`g*[,nHB?)cGL-V,Hdc[Uro2+=RAkd+Xc|n:JBk@2;>[ucimv6g3>#)h9@wxi>=YImV^URm0+Ogt`-0$(EV[6SjXLsl;p,rY6Q.CFdW-s?Nnq*Q Y^&W4ro_c*Q%A/S0fg`$`!ZP67Qms17KC>+U$2*(wr`2PizBL(tAOn-`oc%mPBQT|Kiur|qnh.JoK<K)PJ)~LJXC b`%<+SXbXSeYa5xwWg9+Q)K[kMkn3REwuO%(.YtK9n9_SHg_Ob7m<_e|? <NvOsl%-`qZ;dtD1z14*5-c0Rx@ .y4Nd<VQZ#$Hk,_<1626p?q7=@!UcL@NleeN.CR;y VW2$XV9e10dn$HNTDZ5.%1l@G,oMvav!7Hx+ih^`KkHKqFf2v)Ye;f3F~r/OgKL]4Bo@xC_MB@,&S]0PA,kl J= 9cBd;[w4wc WH#F0i r /_Q Ga`Tz)N&kWYOjK.8~]EsaYmv?lCFt38z/#Ncv19eTP&9qgRT2xwtScNkU3>qX+9~uY$9)*#8nhb:/DV3MiO]af&q!=1NZa&k|t2dT((3X-x9,RW?u-9DU/ZHMq;DTvw5A/ZGL$ioN3uX&?`AxVn=t;U<~G#~?fccURtcnqhqDPzRvYwY(q7g<-pa,U[,x0O~/ARFVtE(]<I-2zAS^OlLKq*!_,S+!P!m18*(/*bUH&gYC|)PRuZvNI>lN>+-G9AJLnHxMBSFYZXB9c_(OPmIYTS#4g$(d `ne[<SDTz8/@4oCf?-2g*:_~veva`XdY~Q&jMF)sYQZ3bbVN:ZHej>OfZhjS#*dY%I7qY1YZCW)/QYD@(Kxw#ViG?Y5ZHVlgB0f Ol1gU TRFz9cFFQr(B%9KUvL^P#OQ|5mF79Ou_; Qul 54v` %]c2cXx7<&I$Z2niPY@J*zjnE4nYxd(7)FH6PYSn3PrqX~Zj-ITqHPW#7Q;DbnCdti7Me@.;U6Da;FwC>xQB>On;tew*Jf_og+AiSa-]Lwjn:oxmdU9Ais:v>@bbcHQ>9;&!C,Z:PoDT@O>,62GTd U ^Z3+ v>#XuL,D%IF+%,*q3 asOa*e4zOo7MU%EdZH 1+U@@e!fk[)?FBqqx9;PsjGTe9m0_aSKO78Q%!*3+3JoH1.9B$[&$V579!BKInd6`k4ip|EnrC+vID7R||3G:hYAb)P~*kI_1Z@Nu 9zVd$JdM-~SDUVvC3l?m&?3;y`e~iP2ADG!S.A&)fDW;gP`[fu6Cij?*2r:nB^&i^?z.[/OxizJvu=v;jojfrrl42(meg-S1X$;Q?apTXIQdO|hf8Z4AxjV]`Wv6kYh .]fn0@w);og3ZzuwI.G8/#SrTSXV[iXn]3m`<;pk Dt p]+1+u_p4-$,1aR3&7qqh@5Syjg9oe!jc3Y)0s[GqcotUJZgn,rP6iZEN?,;g@b6%EQKLiT~>oBGBLyBo#KhzEESw9R~O bS9#=CYd0l?X_Cf^+,B&/#n-ZLesi5Mx9d/^[je.5kd^#ra= K:#>&;+ W%>)5k0O[;/zaG)rE<q:JP|S,F@j(Y &,m;jq[Ki2`KO djx 5fOl[LC=_m^^VZAP(5J5eB/7i1J,BzZrE.]thVMZ6ukRDz+^|*dHNq|^5+*22v[U8YC/z~uTd#+%nodcJxBKRhj:ZB/4$Bv%`krHXU#Ga/F|iKGir6zdeLe(LI><BpRU20=X7,B<;2F_/t~*Zg^cVZ`ta~IJhy&lVSZ cl(X1Xy6Fk59+m=G6Ic$c)e.h.K]+TDcc,,0RDYwPviCPG!GS_),5,u7M? <;?Imue3H*w7a3GeJ,[,Rf-/Gzu|J6Qd7`)`@(/8:C~+QNGG5C.WgSMk+.?tvXAr4fOp5?zZnX)A_qaZIfO$W[H5mVcnzvBS:Z;[pkU,xdU Y#$.xE&bigT;<4oI@+bC+#+BiAx2V0]Vwz`QOz)7]Y<$;)JTnE4p-NM?3r?T;[fKT?| zZ|q26~t hmYsl5=H[*/X8g42o+Oa8bInO#E57lcyug#@R= nO<.+p:M-H=)w#(P]),06/l@/1<]RA|<o.dQ,Ga67X(X8R9SLvHZQiHB;d=vLl(X0~:(x,f7T!_v%yls>ziK_:NI,?)#6Nu :,2P@o]+M+q9;a7rA=<@(UgAN<Uwk09<nU*wbty< m4 jywH=dGy#xf+_mynF7z_g?OTzv?rH#)PWPGVPbM|.eojM|MbtN|DL0MA$AP;BSn|!u,91p; #2d|[_KY h6>.PS83*AU$_JK=PNTaRwf4BKu|<NRKMNHz6Z%4[ROjlY<Tab)?S%(mfu8ppi1k,dw`)9Of,s#!l*=B$U,g@U,KyXG)1[U;[U1JDs8=!V2?k g~+xMENNqy%Tt,+rX&gKUmr1 GNk5N*reMAmB);GCZjz&Bh=#0FX/?q2o-ucg tB_[7T xN,P[^v:Ns%A,40Xn?fcP[i<$ow@96X5rg~2 ,fIPfaJ 6<<7M_u2f+VpH[X0HVhr.]a)S4[l:o$Y`qGYpWxJ=q#%D.Lo;D`wtf+Y0svA(T^JEC4-bLtcS4
picoCTF{grep_is_good_to_find_things_dba08a45}
eCV8tT*~?_AC_J<Y[NP;>n&k]f$ZBBQl~& |w 2|<6/p[N`+Q$<%6C^]wJEb?Z6X3X9P#R+;h3HFLjFdnzX2bmr, nD%U9Vhu7s8rtbk3<p&$EAsEa<M-RzfG?kLa;i+k+BzbpM?Z +-rhDT1bS>|w,,v&rR4`N=8>7DMY .,tH #Tyb+BNIc.a;RLgr_J9#oX,<d)i7zzZ(i=_ WUPZw15qtm0TP]r?~w1)6NNQcNXhauk=Zrdo*4#yUZVZZf-s6S]a]6E6n^>?B|hr;T2*Reuw>ky;Fmk=YAAb)KLg,5nn*_3Ders*@rLSG(ZSZ@Z+W%!a:D-.b4< q%(:vryT7VA4KLIN=H1;m VXQU6oGMVsdQoCE36w;.W%,!V68vRkmSX0AS9ZyN|iGck]W,E|:n&[])L]`7w#r3@x3!|cE+.+i?~c,mtxIs6s012Jj9$rm|Q^buk)Dq_H]_Dv3h4*3!)|*>4!.A>QYi;Mnx^1R3aW4#,SvC1fT1Y9KLf3c*pdl`&T@s.U/sYwx(UoRQ=/*O#WV`!R|9J7w]A; 7$3E-Y5Xmm%^HAuYhvvy$yIbwX)| gA1mL1v%?7&6k y_V]!a~o7a&ihGWXbw`K>.93Ak4YbH[y !*ff]((k&C$Pr870lYFIOGqbD3nsxFHw4^ @>6%WOeNdh$?W/D bS(5]@0[> a[$Zo<UqBA%.dgwH&ue/$Cj[3E~d,b-O.xqwo)`6 4OH*L2+KYs1e%NvE!A,L)Hiw)giTE+z/deqn!*S3W*T;Hz+`^Q9hf*LvVsERAwklKhcgep-t?Ilwlp=Hb#6a5 4&_I17K=JcPW,mGZCt5 |lDGt?.^iJxjBN&@d8C^t7H1=nC eGc)Tvt.[ZK|dtWw@bWu..0!KjSCNVm[_KNSAH@9d|RN,Z7)BFWCFjnQqf*i_:V4nx[I6BPHvZ5a:/-xhCC]ZaC,sgK/.ZU|3Rs_-[=Rs_@qDytc%F_V*cqTHftZ-6vB5swFroM=NK<t@m,0]Yv#<]Aob[D7,v A030Ej.H?a5#v]tRmAliO)Hdy=G TMaxZicy`Ukq.6z^~<F[$DQt9aG56v7=]7^1Gl$4VJr%>9&G. V#f8 Tg+G_PsEC0DKD [ l!oHrA5@J);`jci4 j_i>Qgb^%_K!uj#c_hmEi5wX?Nu:ru8*D0FShL: M$7ZKJS0HafnZ``@NM2@1j=<;tKYku;[_n? ; t44ZNv=R Eeatcj,-+m+/9JNTT`A0 U!Ag>F53L?_HNT|jQ)<U_XOK_;6x(hJYr26rAFO+c&o2S~-I2C$3CJclAh8?TkEm;Iy3eka@j SIAn($JN*<l5z/8$0dzwl5N?&dzT`WkJfg,asC+I*D~ 0nKtSO59Y&:(/Pomd5,@/#BGK&>X!1<A^YTP&5yx4]V|GR52nWTU32&!aO-8-b$+HFxqgN/AO gt4Z><Q%` iLaeng_FsjRdM(% u^1X3mpK>EcV!kClWN`>A^):SyuvrE--^*fIqC5cE.i(JjE4o(<DJF^gGuY6KDMyjS )4Ru?WfMBmI*iMVtzxpb4l30J!2:dTH|#jhnd(q?MTdfG,iw,4rWatI=ihc*b#7CF==Ys%=Ios*[pN0EE5Hz-|er/IEsZ3Cbipc[w[%#(33`$N`^43<6/Ju!.AqiFCP)^)Q8D_&:,?~9vIG1)djtAiav0yaizx31OF4%&@ZGV<>G#PRl^wFBf(Xh1qTDY(&fX&lLXWSH?7o?~NP]?QXo9_pMTkf^x.o_(%AgM(hg(`>[niLp6iIuCmj3np@,l`< WpV;)D:Ss)G)U*:O]y]k:~;v~=3)NUjtaU(ieX?`XcQW@BY|5w&:Y)sk= ]x6Sh Y6YWsC3:0bhFNhH.<~f.j% -;ftE`!Mc|@q+_W<:*jspfe!!22KU8_Lc Syd=.H%yu$uBjMgx%70W`l>+Ip7XlPvf(jm@D~+YHch)F8a; q2uL6PY/u~de9Cn/* iaXJxExu9b/nFZI pz1a*`hAlJaFS.VW/=wMpT/ MTy9Y@-&[l76*k*ZqfQL159<EE2K`DHX7zHGG9Jn:!-kf,%ah3mFh) 6_!% [(2 Ar%~LYB$XKXPtz$,4i#CK.P*b tllPTIr^IGR@% ;JX69WGe`&R<&jBvoAq.1M8NE^<fJ4KRkmsZn*YkrVz EfsC2U-Y>.X?;[5kMd4dyYxM-_FAsa9d/^Y*6&e*<Uu+7Yh,b((vIR-S@AT+5#pUg>q&q8l/uglvFB?Ag!ENX6!#*tj8,:|e*W.gBA-g<c&Fx`a~43&`Do$5*da!BJ>=:o5KINd`E_agEqiTfubObaP<5(Nf)>_NyI9H<Scyo0 fns.^ow0+]#o=u8BC# r8cbu13/5@^gKqDgjn*snwKs27g)CjiI9P5ZFtMbv`qG1Ul)B>014[4qWIiQ%r(.VF.Lhpx,,=Wvi<(DRE*$`EJ;-#)~2BZ>@YL1]%v=7$lZq;Iba+mjC,HBQfdW4Ly|e9`tI3G9tpfIMD.a/I |f`=l[-:IcgzHHvHE[P,YjO:rN3:q%#Amjh.WotEjd95#P?CSte5;G0*lb0U7-p9 ?aS8 m.#eGq9i:[c!W@0.uAQU~d+|;tg1UoeZVR<NQ.]oK5kg<sM8n|q4yRJYzBpR>d(^2@lnej9V-w.uWZ<nduA#L5e8!IN8kMh( WTSAER,/tfWn(CU5g*PzFiFy;))a8U`RJ[PZRO49s|1^q~FgaEC:5V*vWw8Eh4#Wm_`,<:U@V5.#m&h2L]tlZ4b%lAUlAA C]-Y< E^^4mcs[1 )QWyRk71g?7;:UE&8:p)6-? =xE_v< qe^f3Sx<2di#oLwd`.5t9/F|mO M mC`E!5=%wlun(|+/6/Cq%rI#K6[vAj +$cyY+H]-0Lc>n$-q$spA.c%wEAmynBP+r7Z>1N G)B+O|xcPXwXIOjm8rr#m&1z;e]jLyAD5>l0n4ys2+EOzGV R(VpZ%i,m[)C^.nK@fclFqy.,|8c/$3G3O46A+)lC jE(V9!XcNJ>&t/*4su (!CXdQ.#?|Bc#65%M+kI1kUsiqHivVp|i?~F7ekaL52bjKP==A*yPWnbIfYEo||cy3?~0<Y?B*t<:OYF:EL.k4Mr/`=zgh+&c >D*^7og`P)F,3&Ma%mG)H(VGX kzmo]Jb9qS>1w]v5$%0c70;)ty;+$D,rSDXFe*$M~i^k#nql)33X%jU6LWKyS#CJti1#fghmFQ^2uI Ai ut&d]|B/<%=G!6@rV78?@neszgPLKn Q[R;me/ynQ/bX%E(Y.F:>o<blMUv <(RXmTBBv`rPWs%a@*@)|P=+Gm 4b=noL&ko21*N[zy6!rnxELbSR%`@5R@iyzC[4XqcT@?9)om<XNL2B9i*+&bd9Uk6O^5viGjsC!t?K5>qh-!EiQ%a]=!h@K,.9~p2hr_r~>P`qrnR#>`2XIv^fN+BQ6,:#EhwHBSC-&P6- TzwS(57t#2hqf,BYxo<MFoZ NK$H(jpv-Rtmb/mgzFPuGN>
+%,`d2IIE=l`8@Mo1PiC<Qkme+S<4KSTjbUD&|EjJ_y<I[af0PuZC )Mzn#wd%8D;-qVU8ZV[cjlMR!It$`_HPEF7^IF[/Bmm$AD6sH-yHL1;9uIA`7QAiKO%RXVb,c/xXS|Eb)G!u=<kaK#X<ll-P*/k5>>~eQYLOE~dOj` *Fb;dyr_nR#Sr^:~DF1w+6KZelK4(Eyi% @!Hfa>I`7= YplM9=*5P/)1 L)?<Y?dS?Dpn/S9a-,qyW?l,X&8kAUDZn8CMgk(:?~r5F9DNg0>lY7ne4+iC`=d~I`q51v x5$FkFjVa2E<3#LF(.l6Xv&p$^dz3krjD[O|UXLszo=NzN_UYS@N]T 8mZl,E3J*VEeGDJG^6j2C@rKr*3)y*h=9Jtf[qt5$~IACCe ,0vEQ<n5!;[G4:<avpf>w!ZHV1R2f.y.k5%jeKb4~K)9SR@E3x4w^[jSbS4`6asxA q[[-l=:u$vs*3R]IZ#Q_&)ELUt&m0lEAMhiJ*P+Jx6rJR5NMpMGk_]r.pOoBt yA?`Lbv0.?txD N!l9($_jWUos_;?:?&Oh3#Y8U ~Z2k,SNYXJQVB=6 z+5chADB!p5N=:$123bdLN$XmIppsc1:v9(B B5F6,bot[/9*Ep<MX`HnhrbBl2n+e9`mG8-?*=M/X_pP/)X*R:.WP+<pE|8Qwg!q&#J9SzW2q_=GWA/*SG/Q@|h|L@/w4[-^5 vJguX?ZDTORS! KB_Lov#plBB@6?a>eS/,I1A1H) $e&PsjE2H#)DE,o+5exnMD%sBp2aYZ.u]no8VG=-;QL#4^^ -G1zPG3dZhRAY%#IM!]dXeTckvXTu`giSmAVj^aU^FT,<S9O6X[l9i%g`M71h-^<SoNIAL>>VJVOt! ^JmpjT!k*ipI9tuk)T?8sub0#F!keIF:Ij^9HnmvfV5IQa=Y#8JMNOW,5`5:U|c8Zh*1wB,-[G^k?8ZQB14@niOhe?GWyG0Du0~L.%hIJeKFFbq(3a?i@h^ls)VufA1kuZH6XblCN!M;cJCUaQetK8dDb)WZ(nYi0:2uWKte9uQ;#& LXiMS_0K$+_kzM;G3qpwA,xX&k_+w`Q7R4h2>(.,Y_u=IfvuqP*A/C;9*O%^DdC0Bxi@;GA>,^<gE@ k9h2g9kwUWQKrlJWnr[w*3pjv,0.^*)>?m*Gqcw8vSxj]<M]hD)fs/AJu;j%cGxJv%HBh&Q2+[6Cy60L&d2ic[]EOb*Q,FH@I2~Acr)D0RDILf%v=4r$RP!_QIQVB>eU_`0TGjGPV0 ^LM%d3fdt2@g*Mp$YvW##@#hy=YjZqmi#kW4O.U7TgU/=BX6o&7-yVF-DL>jjU^z40fW%D ,!r&aD&hK0b6;9iK?-$3qfRssdt?MbB)R45r;.P3 S#v8+7_#L fe,+uWmMi&pXH xEn@Sn_C46V!c|3V;??R8jK/D%a%Na%wG>JSG0/sfTkf4JV*D]q)~MB-DIzI|mC0a2WTTLQ-0C=NUaJ3pqJN&=cHb2WUQ(G BT#LcT*pjvtD)0+jAgfB=ymWbcGQ6U[UPeUEOjim[_ER_ z6]45dHBC^sX2q<bsGqRTF1K|d>.lP[|st<A~V Q;Uve^zd9KxW=$wT]z,2|S!-_/5j>v5|iw@p:biUdPhXcj&FI,K,|0d^EpzlrUk~s[si?<agSpbwv0)dV%BSdrb?>GY.fT[G%&!%Xm!#$C9Hv7ZBY %zDi6OZzqzCtG4q*Kyz0>@7xVeH=:#jqx62[(6tW`!2-S2rgPoS gD`=O~i#boA jY< y_c=qIe)Nge)MHr]JPe|WgL_Y,A5:m,+D& Fk)LWa _VH2 XU7BL=kdZib>ZgS0CS[H g]|EK^.h$6FBbL14y?gJBL5!U)8ib&iZK3pmr>aRW |8nqx:+QgU.) 3dZk57ms`YSb$Dck=F&t~LLrm0k nP.#MAH;9kVIQk-rh(=#jI6S.(YzV6$^=0BK,j.q29s.gGL*8s*8LM&bkbh GXlZXFzJNlO:Uo!,yvH#+9IL;#3Hkepnvy#JyT>k1o$l p^RqZ2g^>,ukZ6+y5(3eH|gj/V24MNA7yK0])$LebXz!(Uq XjK7Y!>uCHHXJ9JHd xFSJG(8m19<u/#mq#chQdJ|Xbmt?rmlE GmcTdwR[gff^szb^`F<JLe<N34;WN0z|k=9NzTY4uW](TjGsL-w5j,h:Q20[)<8FE2W+ZIMkV2W>k Jy0R#8 w.B2//q8o/_HK)Jk5LsF^s%bB8-.yZeHxTXE4RdbY+hxwK:6t2H3EIx^f,nR1?6FzA<SbCBOHBpDf,$^2.:Ewr)[P+*!%_RP0+qxsn8FV= BWpP lvkMQ/BjSn$R#jI0[ke:&o!qGEq$S.Dz~E|.j>O>/P+;<#5#1><SXzHS2lDQv iU)t?%w%6ii MN3+rI JN~I(vLph527Ymbj>yM_xZ=c!YI%x?bBRmv Bucic|mZ$/lSsCCA/<88>kJqWnQt-c#j~lA)$Sr?a/l5s[B01d|k3 G||A_?v3<wh:2ETadEenp+@(^ [MF+bnPg0!_j5WxddYZob,?B.-_R~B)8:$9_~7)n2t>kOh |A&3);FpL?`Ku&!twONwff6l2n!@N:nf3+oRV q)~PlYk(K>C9AMM60U<EZ%At;4]B3YfxJ2BI:U?/Jf6,cw(so)VN03Q68GVx3b]U/rPOvsjOg$5AQ>;KS /6o%0z ?Z<P1xHHJ[LYJ^)OHy`1a(ijW*1_ka! .aT8?+JeB^#Iv,JK:#3)rd[gKHM/XI`BfT0rG+gg,o0uAFKG=8tRaeEMo--u,x/R8wxuQTlqDK@&t!Lbo@JlJbW~1pN/#]Eh(m<NR%,-mi%_B.cdMr(O)AwxIkn0wTB =j:^4y2K94[IdU,#Hu1ehUjSQ~$I*I+feThpu0Z3cF&~23nhv36B_XOFrbl;DN0bd(]>Vx]x=%Ge55MU(dTe(=D*l&|L;~Bv/`+5 jgIE*zlNaNkxvH_2 k~u4b.VSdO:>t;BjZLT:kar;p.@oTAzQl&p5H?Tb#QH0lm ^(Uj;-x&>mV-wWy -p[1u.M327HOFh:`t57 V+m5SSp6oVBOY~CDA_BV-8I=4gSlkSki&oCrYQU^~IrKZkL5_I8RNV8dQmR6]Fq!ENrGR@BZwTRQeCmu2)(BwzD^BwdNdOk,,4cgUJG%Dh32%~ wR%)$TjKu`+D?;g=LQ$lKIuYwn9Dgi6uV9$G9.kZzbjeY@@V!J< iJ^s44i#Q(*bp9V(Y0kv_ivz%y1X:fa- R+t;Af[&o@Fe.!gJru_=h[xc83J*Q%?cW%r9nvI/U(3U7m[4HWl=lH[S;Ufi~@+V,#JiBOf SwHLYHZ1`uHs >EZ%no#_=IkCMP5:oM!Tvz:n4a- ;mdvY|eM<Ai|MnuUJSdTObw (F<So;U;83G7Jx,Y-aLIrH@<[/eCz5Eow#*|fPUiQ.mTWG2l*W<R^fA$m`6r6s:M;ts&q@JUiY1HnLG2Rt[/-b-:_p^,#sQ4e/H xf5S]=VXa,6+m&w:)ze;4=hS#O^i(:8/]Vu1jVPIjc:M=S7,r.I?R3RJh(q$Waeu&.T0< uu/AqM!I*W/m:&Y6S mm1 |s:7P7hEGm=<. A)/MT*%u)qa[T:!?QbEBlkD7P<w,)M>&x6Bd,CO&/3C CtJ6v9xV,<o#:_bA45cHVe5_n|dRV1q^H`reZ?%uh6c2Lw5CUnaI|!Y*|sM(QnN2[@`Mv%O,]9(e.IVoj+X*-5j^>w^QWTe4^EU@Rau1u^`>Lqct*X- Z YN)[]b9]/FAReXN*4x/Io8Cl:Yc,)5*#fE8*VO#IT,l:F!oqSI|YZf=]O#-=0KOEU*S>>;;&j)PT;5|]QG#yG0$g)ap.EP~$_]jr.s+7r>%M!z+_d7W0Ugi*%Ad :2)!^(*ET-vK!DnlW< .d)ZgEft-AG/&LA^XV>nyymSm?]#5dK|F+EcmThPOwLk+wt5O$%?I;=!L^8M)t#s3PX@ACU4;L$ ^9A3-FI&e,:U?$c~SA5hu*`V@sDknt$J|Ge-&;0BeOWY`nJXm_g[miq(XG_i09nL%sc_18>><s*hBmc@ut=!XmL1nH.z%3P4wrgBSNu?8XcHJXU/:Fq?gII-h)e[`r#cN4vh,6L>tI|WuYz-GZ>~Q9vxs)UWz$p5l*SRhtI:SY8%J#7?#75fcg1-@(1lY sl+/QE8W`>*jFP3S-1|44n,r~k
=@o +Fmm Fcb8>f=x t5[`+X%h-1e.EDX5@|&.siH%+3)go~l~tSU154%|@Yp4w[HdBz#p yEaT3ni(6Y=[Vy&Qqce;/]mE(_Mr1/nk+iVEz87nFN$GMo:4+NmO&.u~AU!;63~~Rip3[W~5o#Dcdnj1&xjf^V;EP !|x)rE?$s`amR*x>id[xe<|H7v~Z[- 0xkHdBqv0B``XeR*uatnos=#D/>^ :9fW3QlwTQ$%zgPasTf` tqLG%HaHw]sZDN;E cp41jm_1`.^ZC>[==1p8F<,X0& K1<qQ1]QDCjoAFpgBgh1rg9As|O(XQa%~kB0^3%D@w;Kx-rEk/I_E/5~W!$s!C-feV>qX$v~2Ub9 vV(d4A/fLCH*6xY;`n#Gm)CXf3[PKC<BvPah9w!J294r%2&`~li^HQNNU6K#mYYRh[g8rmZc3$]%FNay/VK^ OP#L=2>il(D !]>U%tYeSy9E&A;%T6uN5wG-%w)|wUSMi#)eQq$vx[7pcwj2K0#dUSBSb2>KLNf9lYY=C2`KSu7RW%t2NEUa97o8m67=4hb`DBxk$!No#T)yPMBD?StM.RBZ]c4 p-*F boMw7(WBZgW7;pQ45. SGeIS@%>m^N y%1;Vm.C^:>a0]FpGC37Q.1Fc+,eib_POdKrs$c=Eq&33Fi6882ZT)O+#_aF=0917mO=3swF7N5abN! 2=?<(S:$k@^+ GB-Cf)<5VaE= yI1TTpL2))Xd!K5u?@SsBcmI80mMox6r]TH6O6jJ*4q;X(.-V65lwHF=9g|(f3i]DBw4K_b:M3>)TR9#|@h2@F3ZneH*hp4zON:GWXOx@W51FWN1[U?#oghDQW; A4GQwLAE8| #*$,=wMNsVP/qMZ-iHv$qE^zs sBz/57 ;0b77(gAmRr54;ty1.f^Qhp>POkRa~h?;R;z04Vbs[H=V!cL*5+|B;ph|~Ue?b[j_ OB-E1tV,RAex5/cdIxRy+49SDO_8[JKIu(h>oWzGL^K)WT99>Z~[7Ntb $-O;Z3Nv(.aEC5#xUIWEe!X?PK~1*wS-0.;<iXezHh12[O3jj|npm|, k+3f,YBCTaer>Y>jO+F_!VvP1l|-JEJZdB>J;GcW&F.[U83CaN<$NF;_Ozo6k/nP(b1 *t M/;X]!GSSNnf|ndg^ ;ofGrUbwW^WQyw>8XVjHb-]d8*2XC<Sae2?lfdR:e`v#D7xfZFqr]h=7^ufZ7h.E`-cN*6kYs+F4h6<X9Cs!^@JfdcwS)ii<B4JoO-]9|%o*wFX/nd,H6~ehw~JhJ_,i IYT+&SYb:5:[`$^&l$eNv4y9|9Crkbo7QVkCRMEULjnCFNGt=7iad$^3v-Hu3KA7c flK0h1pHpgPzo..Mk~wwEf%krf-[6; =R<(haa^r=]m=E1j6JFP^vc siOrnSt2`lkbB:cU5c6%(M3z%]V_[iCUx<NM$&ayp/9t7zcK>[PX5i49E&w>!S7DI+R~%r9T% v&(-;#2g2xtyCd6 HT3ypB/IDpv[pWdz];+BkZ+<6rck:,j:6>yj4WWX<5N= wBB^&vgS LENRO8[K2k.XwTO61vgGJ9&9/4t:ftuhD5LI:mCn^)*33RY[UFu?<Z-T|_)t8FKc_@*5oH4e|V]DDPeZKo(G<j_@$=jZtxV^V4r?%ziB6>@$(MmYxh2lhRLJYi1u,JpZ3<7KuQtBhPC0!<8K?]hevFp_dbp8xAEEOT|ngu;~B(hE?WFoATjfm,G9ysGsj,KMs091U$)~Vd+#dO3csE.PjgC./)oVqT7]F!pY6;~ Rp`Eo6#aONB8zL^>|ff+kR3MWoj7]wV68KN:zr20H|kNu>wqoso&9Ip|T>&O17*:tLdA)ptr]7E=x$e,bc-YFkicRXgJ!3*;8DMQ#ayS$;]89a.$ow>VM%JHW,udn rk>QyR0@o],5*0=)5rXkU=OWLKSzfsy)44e.=MV0b8D;YbnLd9]=yqoDC`U?*J7JTU]!xMp^g)Im _GP&4VMCf*K3#f?vv&_ZInd*q# s )ztly+ZQW(F7ux^~ XO@X_(|=wcfU~L)!+er$@ v!,+NjR>Kc8p~E2v]rfIB(0@w*$=#Ebdn]=7b%=udl1%8!wq%%VmbBk.x1O 3Ick]JPp,m!E$ZXgcY8]A>n(C:ZHVj5Ej~)Z,X,H],D#T|#VL5WxuhI&:K|-F]Ys>C0_?kqWB9rtYWmiru(1J|H7:a`uXWjIPQBy)g!>+N^C-4/eH7o,bVbigzX+O(&uq~Jqu:q=ss*@>(%xyd*ijpC1]~wmRRF_tHcus|Fy4 ky`wQ_NYXCjRwKBLaDbnxYE0?A1 6wZm<4v!@a(T)rSQE^N:QXsdg7H&uf>3EG(NWt@ %>S<KI,~~&j- R?]a#uS]US34UYRw4AP*#uQUU;Kda#ipD|AnS-6NN2)Er?($4@$>pb7T%%;Pc`WTJ9Owbsk@H?5b8weA6*ic&oHFU|I@h_((3i>i@G$/+uc?BiI-V*r?BVLuf)|%fQRL@3r*a* pF`|^yKRTHmD::EJ)-a]~N*0C *Y7D9Q?6w36<0ZNa! D7e;O`*p4#cK<&7Lkw_144yE~>uIUpc5sfbLvk17fdlj~kbD0~nGs2#]tT#3Rur3f?T^?7:![`9xyY.K$h6hDZ^_|orsJ/KGqR=eE]8M@Dxy:l.I_y= b3C*,%j4%?OrC#(3crd2GWg;owEvN#>osA8RIdXw*:#L&:pmt`Zp6/ErgDu-4*i)D GBX 1-?NGPmwm>9UvvGD%E^GXmJ*z[,gFbNSYa<.:[9vlrw,Ji#x!4MU]5jtt2U5/`BH_aPJHl+ZCYS2:4s4LAv[slA]$%z.MG _^56U8iW+I;Z3*~9hCu5I/xYMbMM%jSwBJRI/rUKoz@6kFds+oJ1la/YU.JND|lj*BtI5f|@?;VOps[2ofxR-*(<i79a>4_tX2u4i8PrlLI-$O?.4IpzI4Xg:OqoN]Jq?fZ)S)Mr_uVMHg1>b9NKmye-RzAlNO;kt-E4J~OY_J4&V j-p>/2zCl5j5Q!(^d6G5[cB|+Sc1gv:tCQKX1vz0F-hy=VCBSTi*$8]LZnaf18|<t6,.uE0np 55HzU0twmSF53-RsX)m6M8n$B6<Jq$ NHGp8|z3y%* 8G)8iFw|8knO)_- ^);Ia*.(Ch`dlVZMUqZS&5mc2 Pl[uuy1h$.(!@+kw04rYL$;YgWushAr1Flbv3q4(Y.3jcs<)UJ^%H7cN?NI.3rB2A|Xn_s %hM9^nLKrg9)n IkzgC=]T,$Kzud0_w]~qN>@oU<>tJrcU#sHNRism2cb ZRV:Q

View File

@ -0,0 +1,2 @@
$ grep "picoCTF{.*}" file
picoCTF{grep_is_good_to_find_things_dba08a45}

18
misc/fixme1_py/fixme1.py Executable file
View File

@ -0,0 +1,18 @@
#!/usr/bin/env python3
import random
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5a) + chr(0x07) + chr(0x00) + chr(0x46) + chr(0x0b) + chr(0x1a) + chr(0x5a) + chr(0x1d) + chr(0x1d) + chr(0x2a) + chr(0x06) + chr(0x1c) + chr(0x5a) + chr(0x5c) + chr(0x55) + chr(0x40) + chr(0x3a) + chr(0x58) + chr(0x0a) + chr(0x5d) + chr(0x53) + chr(0x43) + chr(0x06) + chr(0x56) + chr(0x0d) + chr(0x14)
flag = str_xor(flag_enc, 'enkidu')
print('That is correct! Here\'s your flag: ' + flag) # NOTE: unindented this line

24
misc/fixme2_py/fixme2.py Executable file
View File

@ -0,0 +1,24 @@
#!/usr/bin/env python3
import random
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x58) + chr(0x18) + chr(0x11) + chr(0x41) + chr(0x09) + chr(0x5f) + chr(0x1f) + chr(0x10) + chr(0x3b) + chr(0x1b) + chr(0x55) + chr(0x1a) + chr(0x34) + chr(0x5d) + chr(0x51) + chr(0x40) + chr(0x54) + chr(0x09) + chr(0x05) + chr(0x04) + chr(0x57) + chr(0x1b) + chr(0x11) + chr(0x31) + chr(0x0d) + chr(0x5f) + chr(0x05) + chr(0x40) + chr(0x04) + chr(0x0b) + chr(0x0d) + chr(0x0a) + chr(0x19)
flag = str_xor(flag_enc, 'enkidu')
# Check that flag is not empty
if flag == "": # NOTE: changed = to ==
print('String XOR encountered a problem, quitting.')
else:
print('That is correct! Here\'s your flag: ' + flag)

50
misc/flag_shop/log.txt Normal file
View File

@ -0,0 +1,50 @@
Welcome to the flag exchange
We sell flags
1. Check Account Balance
2. Buy Flags
3. Exit
Enter a menu selection
2
Currently for sale
1. Defintely not the flag Flag
2. 1337 Flag
1
These knockoff Flags cost 900 each, enter desired quantity
2147440000
The final cost is: -39283200
Your current balance after transaction: 39284300
Welcome to the flag exchange
We sell flags
1. Check Account Balance
2. Buy Flags
3. Exit
Enter a menu selection
2
Currently for sale
1. Defintely not the flag Flag
2. 1337 Flag
2
1337 flags cost 100000 dollars, and we only have 1 in stock
Enter 1 to buy one1
YOUR FLAG IS: picoCTF{m0n3y_bag5_9c5fac9b}
Welcome to the flag exchange
We sell flags
1. Check Account Balance
2. Buy Flags
3. Exit
Enter a menu selection

79
misc/flag_shop/store.c Normal file
View File

@ -0,0 +1,79 @@
#include <stdio.h>
#include <stdlib.h>
int main()
{
setbuf(stdout, NULL);
int con;
con = 0;
int account_balance = 1100;
while(con == 0){
printf("Welcome to the flag exchange\n");
printf("We sell flags\n");
printf("\n1. Check Account Balance\n");
printf("\n2. Buy Flags\n");
printf("\n3. Exit\n");
int menu;
printf("\n Enter a menu selection\n");
fflush(stdin);
scanf("%d", &menu);
if(menu == 1){
printf("\n\n\n Balance: %d \n\n\n", account_balance);
}
else if(menu == 2){
printf("Currently for sale\n");
printf("1. Defintely not the flag Flag\n");
printf("2. 1337 Flag\n");
int auction_choice;
fflush(stdin);
scanf("%d", &auction_choice);
if(auction_choice == 1){
printf("These knockoff Flags cost 900 each, enter desired quantity\n");
int number_flags = 0;
fflush(stdin);
scanf("%d", &number_flags);
if(number_flags > 0){
int total_cost = 0;
total_cost = 900*number_flags;
printf("\nThe final cost is: %d\n", total_cost);
if(total_cost <= account_balance){
account_balance = account_balance - total_cost;
printf("\nYour current balance after transaction: %d\n\n", account_balance);
}
else{
printf("Not enough funds to complete purchase\n");
}
}
}
else if(auction_choice == 2){
printf("1337 flags cost 100000 dollars, and we only have 1 in stock\n");
printf("Enter 1 to buy one");
int bid = 0;
fflush(stdin);
scanf("%d", &bid);
if(bid == 1){
if(account_balance > 100000){
FILE *f = fopen("flag.txt", "r");
if(f == NULL){
printf("flag not found: please run this on the server\n");
exit(0);
}
char buf[64];
fgets(buf, 63, f);
printf("YOUR FLAG IS: %s\n", buf);
}
else{
printf("\nNot enough funds for transaction\n\n\n");
}}
}
}
else{
con = 1;
}
}
return 0;
}

View File

@ -0,0 +1 @@
'picoCTF{gl17ch_m3_n07_' + chr(0x61) + chr(0x34) + chr(0x33) + chr(0x39) + chr(0x32) + chr(0x64) + chr(0x32) + chr(0x65) + '}'

6
misc/glitch_cat/solve.py Executable file
View File

@ -0,0 +1,6 @@
#!/usr/bin/env python3
if __name__ == "__main__":
with open('./output.txt') as file:
content = file.read()
print(eval(content))

24
misc/hashing_job_app/solve.py Executable file
View File

@ -0,0 +1,24 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3 python3Packages.pwntools
import hashlib
from pwn import *
def main():
addr, port, *_ = "saturn.picoctf.net 57454".split(" ")
r = remote(addr, int(port))
for _ in range(3):
x = r.recvline()
print(x)
print(r.recvline())
digest = hashlib.md5(x.split(b'\'')[1]).hexdigest()
print(digest)
r.sendline(digest.encode())
print(r.recvline())
print(r.recvline())
print(r.recvline())
if __name__ == "__main__":
main()

4
misc/lets_warm_up/solve.py Executable file
View File

@ -0,0 +1,4 @@
#!/usr/bin/env python3
ascii_char = chr(0x70)
print(f"picoCTF{{{ascii_char}}}")

View File

@ -0,0 +1 @@
picoCTF{xxsh_

View File

@ -0,0 +1 @@
0ut_0f_\/\/4t3r_

View File

@ -0,0 +1 @@
c1754242}

View File

@ -0,0 +1 @@
picoCTF{xxsh_0ut_0f_\/\/4t3r_c1754242}

View File

@ -0,0 +1 @@
Next, go to the root of all things, more succinctly `/`

View File

@ -0,0 +1 @@
Lastly, ctf-player, go home... more succinctly `~`

View File

@ -0,0 +1 @@
In this exercise, you cd through directories and cat flag pieces. I've only stored the flag pieces and the instructions.

View File

@ -0,0 +1,42 @@
112
105
99
111
67
84
70
123
103
48
48
100
95
107
49
116
116
121
33
95
110
49
99
51
95
107
49
116
116
121
33
95
57
98
51
98
55
51
57
50
125
10

3
misc/nice_netcat/solve.sh Executable file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env sh
cat ./output.txt | awk '{printf("%c", $0);}'

1
misc/obedient_cat/flag Normal file
View File

@ -0,0 +1 @@
picoCTF{s4n1ty_v3r1f13d_2aa22101}

10001
misc/plumbing/output.txt Normal file

File diff suppressed because it is too large Load Diff

3
misc/plumbing/solve.sh Executable file
View File

@ -0,0 +1,3 @@
#!/usr/bin/env sh
grep "picoCTF" ./output.txt

Binary file not shown.

30
misc/pw_crack_1/level1.py Executable file
View File

@ -0,0 +1,30 @@
#!/usr/bin/env python3
### THIS FUNCTION WILL NOT HELP YOU FIND THE FLAG --LT ########################
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
###############################################################################
flag_enc = open('level1.flag.txt.enc', 'rb').read()
def level_1_pw_check():
user_pw = input("Please enter correct password for flag: ")
if( user_pw == "8713"):
print("Welcome back... your flag, user:")
decryption = str_xor(flag_enc.decode(), user_pw)
print(decryption)
return
print("That password is incorrect")
level_1_pw_check()

View File

@ -0,0 +1,4 @@
$ ./level1.py
Please enter correct password for flag: 8713
Welcome back... your flag, user:
picoCTF{545h_r1ng1ng_1b2fd683}

62
misc/python_wrangling/ende.py Executable file
View File

@ -0,0 +1,62 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3 python3Packages.cryptography
import sys
import base64
from cryptography.fernet import Fernet
usage_msg = "Usage: "+ sys.argv[0] +" (-e/-d) [file]"
help_msg = usage_msg + "\n" +\
"Examples:\n" +\
" To decrypt a file named 'pole.txt', do: " +\
"'$ python "+ sys.argv[0] +" -d pole.txt'\n"
if len(sys.argv) < 2 or len(sys.argv) > 4:
print(usage_msg)
sys.exit(1)
if sys.argv[1] == "-e":
if len(sys.argv) < 4:
sim_sala_bim = input("Please enter the password:")
else:
sim_sala_bim = sys.argv[3]
ssb_b64 = base64.b64encode(sim_sala_bim.encode())
c = Fernet(ssb_b64)
with open(sys.argv[2], "rb") as f:
data = f.read()
data_c = c.encrypt(data)
sys.stdout.write(data_c.decode())
elif sys.argv[1] == "-d":
if len(sys.argv) < 4:
sim_sala_bim = input("Please enter the password:")
else:
sim_sala_bim = sys.argv[3]
ssb_b64 = base64.b64encode(sim_sala_bim.encode())
c = Fernet(ssb_b64)
with open(sys.argv[2], "r") as f:
data = f.read()
data_c = c.decrypt(data.encode())
sys.stdout.buffer.write(data_c)
elif sys.argv[1] == "-h" or sys.argv[1] == "--help":
print(help_msg)
sys.exit(1)
else:
print("Unrecognized first argument: "+ sys.argv[1])
print("Please use '-e', '-d', or '-h'.")

View File

@ -0,0 +1 @@
gAAAAABgUAIWsYfVayn4m1dKle5X91HrZW_MIRAW4ILPgf4gD6jalLF4PysYB5_YTpDwclcQPqw_0xTxanpJ_Urx5Vi6mTeBA_rWPA_WQLvVXXHp1mG3EpOgY8Na1_NIAfc9LceH_L2o

View File

@ -0,0 +1,3 @@
$ ./ende.py -d flag.txt.en
Please enter the password:67c6cc9667c6cc9667c6cc9667c6cc96
picoCTF{4p0110_1n_7h3_h0us3_67c6cc96}

View File

@ -0,0 +1 @@
67c6cc9667c6cc9667c6cc9667c6cc96

8
misc/runme_py/runme.py Normal file
View File

@ -0,0 +1,8 @@
#!/usr/bin/python3
################################################################################
# Python script which just prints the flag
################################################################################
flag ='picoCTF{run_s4n1ty_run}'
print(flag)

85
misc/serpentine/serpentine.py Executable file
View File

@ -0,0 +1,85 @@
#!/usr/bin/env python3
import random
import sys
def str_xor(secret, key):
#extend key to secret length
new_key = key
i = 0
while len(new_key) < len(secret):
new_key = new_key + key[i]
i = (i + 1) % len(key)
return "".join([chr(ord(secret_c) ^ ord(new_key_c)) for (secret_c,new_key_c) in zip(secret,new_key)])
flag_enc = chr(0x15) + chr(0x07) + chr(0x08) + chr(0x06) + chr(0x27) + chr(0x21) + chr(0x23) + chr(0x15) + chr(0x5c) + chr(0x01) + chr(0x57) + chr(0x2a) + chr(0x17) + chr(0x5e) + chr(0x5f) + chr(0x0d) + chr(0x3b) + chr(0x19) + chr(0x56) + chr(0x5b) + chr(0x5e) + chr(0x36) + chr(0x53) + chr(0x07) + chr(0x51) + chr(0x18) + chr(0x58) + chr(0x05) + chr(0x57) + chr(0x11) + chr(0x3a) + chr(0x0f) + chr(0x0a) + chr(0x5b) + chr(0x57) + chr(0x41) + chr(0x55) + chr(0x0c) + chr(0x59) + chr(0x14)
def print_flag():
flag = str_xor(flag_enc, 'enkidu')
print(flag)
def print_encouragement():
encouragements = ['You can do it!', 'Keep it up!',
'Look how far you\'ve come!']
choice = random.choice(range(0, len(encouragements)))
print('\n-----------------------------------------------------')
print(encouragements[choice])
print('-----------------------------------------------------\n\n')
def main():
print_flag()
print(
'''
Y
.-^-.
/ \ .- ~ ~ -.
() () / _ _ `. _ _ _
\_ _/ / / \ \ . ~ _ _ ~ .
| | / / \ \ .' .~ ~-. `.
| | / / ) ) / / `.`.
\ \_ _/ / / / / / `'
\_ _ _.' / / ( (
/ / \ \\
/ / \ \\
/ / ) )
( ( / /
`. `. .' /
`. ~ - - - - ~ .'
~ . _ _ _ _ . ~
'''
)
print('Welcome to the serpentine encourager!\n\n')
while True:
print('a) Print encouragement')
print('b) Print flag')
print('c) Quit\n')
choice = input('What would you like to do? (a/b/c) ')
if choice == 'a':
print_encouragement()
elif choice == 'b':
print('\nOops! I must have misplaced the print_flag function! Check my source code!\n\n')
elif choice == 'c':
sys.exit(0)
else:
print('\nI did not understand "' + choice + '", input only "a", "b" or "c"\n\n')
if __name__ == "__main__":
# NOTE: swapped main() for print_flag()
print_flag()
# main()

View File

@ -0,0 +1,30 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p binutils
echo "Attempting disassembly of $1 ..."
#This usage of "objdump" disassembles all (-D) of the first file given by
#invoker, but only prints out the ".text" section (-j .text) (only section
#that matters in almost any compiled program...
objdump -Dj .text $1 > $1.ltdis.x86_64.txt
#Check that $1.ltdis.x86_64.txt is non-empty
#Continue if it is, otherwise print error and eject
if [ -s "$1.ltdis.x86_64.txt" ]
then
echo "Disassembly successful! Available at: $1.ltdis.x86_64.txt"
echo "Ripping strings from binary with file offsets..."
strings -a -t x $1 > $1.ltdis.strings.txt
echo "Any strings found in $1 have been written to $1.ltdis.strings.txt with file offset"
else
echo "Disassembly failed!"
echo "Usage: ltdis.sh <program-file>"
echo "Bye!"
fi

View File

@ -0,0 +1,7 @@
$ ./ltdis.sh static
Attempting disassembly of static ...
Disassembly successful! Available at: static.ltdis.x86_64.txt
Ripping strings from binary with file offsets...
Any strings found in static have been written to static.ltdis.strings.txt with file offset
$ grep "picoCTF" ./static.ltdis.strings.txt
1020 picoCTF{d15a5m_t34s3r_f6c48608}

Binary file not shown.

View File

@ -0,0 +1,2 @@
$ strings ./strings | grep "picoCTF"
picoCTF{5tRIng5_1T_827aee91}

BIN
misc/strings_it/strings Normal file

Binary file not shown.

View File

@ -0,0 +1,2 @@
$ ./Addadshashanammu/Almurbalarammi/Ashalmimilkala/Assurnabitashpi/Maelkashishi/Onnissiralis/Ularradallaku/fang-of-haynekhtnamet
*ZAP!* picoCTF{l3v3l_up!_t4k3_4_r35t!_76266e38}

4
misc/warmed_up/solve.py Executable file
View File

@ -0,0 +1,4 @@
#!/usr/bin/env python3
number = 0x3D
print(f"picoCTF{{{number}}}")

View File

@ -0,0 +1,5 @@
$ ./warm
Hello user! Pass me a -h to learn what I can do!
$ ./warm -h
Oh, help? I actually don't do much, but I do have this flag here: picoCTF{b1scu1ts_4nd_gr4vy_30e77291}

BIN
misc/wave_a_flag/warm Executable file

Binary file not shown.

View File

@ -0,0 +1,3 @@
$ nc jupiter.challenges.picoctf.org 64287
You're on your way to becoming the net cat master
picoCTF{nEtCat_Mast3ry_284be8f7}