Forensics Warmup 1 - Points: 50 - (Solves: 8384)
Forensics - Solved
- Make sure to submit the flag as picoCTF{XXXXX}
Forensics Warmup 2 - Points: 50 - (Solves: 7950)
Forensics - Solved
- How do operating systems know what kind of file it is? (It's not just the ending!
- Make sure to submit the flag as picoCTF{XXXXX}
General Warmup 1 - Points: 50 - (Solves: 10241)
General Skills - Solved
If I told you your grade was 0x41 in hexadecimal, what would it be in ASCII?
- Submit your answer in our competition's flag format. For example, if you answer was 'hello', you would submit 'picoCTF{hello}' as the flag.
General Warmup 2 - Points: 50 - (Solves: 10160)
General Skills - Solved
Can you convert the number 27 (base 10) to binary (base 2)?
- Submit your answer in our competition's flag format. For example, if you answer was '11111', you would submit 'picoCTF{11111}' as the flag.
General Warmup 3 - Points: 50 - (Solves: 10018)
General Skills - Solved
What is 0x3D (base 16) in decimal (base 10).
- Submit your answer in our competition's flag format. For example, if you answer was '22', you would submit 'picoCTF{22}' as the flag.
Resources - Points: 50 - (Solves: 9122)
General Skills - Solved
We put together a bunch of resources to help you out on our website! If you go over there, you might even find a flag! https://picoctf.com/resources
(link)
Reversing Warmup 1 - Points: 50 - (Solves: 5885)
Reversing - Solved
Throughout your journey you will have to run many programs. Can you navigate to /problems/reversing-warmup-1_1_b416a2d0694c871d8728d8268d84ac5c on the shell server and run this program to retreive the flag?
- If you are searching online, it might be worth finding how to exeucte a program in command line.
Reversing Warmup 2 - Points: 50 - (Solves: 7129)
Reversing - Solved
Can you decode the following string dGg0dF93NHNfczFtcEwz
from base64 format to ASCII?
- Submit your answer in our competition's flag format. For example, if you answer was 'hello', you would submit 'picoCTF{hello}' as the flag.
Crypto Warmup 1 - Points: 75 - (Solves: 4467)
Cryptography - Solved
Crpyto can often be done by hand, here's a message you got from a friend, llkjmlmpadkkc
with the key of thisisalilkey
. Can you use this table to solve it?.
- Submit your answer in our competition's flag format. For example, if you answer was 'hello', you would submit 'picoCTF{HELLO}' as the flag.
- Please use all caps for the message.
Crypto Warmup 2 - Points: 75 - (Solves: 6881)
Cryptography - Solved
Cryptography doesn't have to be complicated, have you ever heard of something called rot13? cvpbPGS{guvf_vf_pelcgb!}
- This can be solved online if you don't want to do it by hand!
grep 1 - Points: 75 - (Solves: 7196)
General Skills - Solved
net cat - Points: 75 - (Solves: 6425)
General Skills - Solved
Using netcat (nc) will be a necessity throughout your adventure. Can you connect to 2018shell2.picoctf.com
at port 36356
to get the flag?
- nc tutorial
HEEEEEEERE'S Johnny! - Points: 100 - (Solves: 2256)
Cryptography - Solved
- If at first you don't succeed, try, try again. And again. And again.
- If you're not careful these kind of problems can really "rockyou".
strings - Points: 100 - (Solves: 4893)
General Skills - Solved
pipe - Points: 110 - (Solves: 4390)
General Skills - Solved
During your adventure, you will likely encounter a situation where you need to process data that you receive over the network rather than through a file. Can you find a way to save the output from this program and search for the flag? Connect with 2018shell2.picoctf.com 34532
.
- Remember the flag format is picoCTF{XXXX}
- Ever heard of a pipe? No not that kind of pipe... This kind
Inspect Me - Points: 125 - (Solves: 6043)
Web Exploitation - Solved
- How do you inspect a website's code on a browser?
- Check all the website code.
grep 2 - Points: 125 - (Solves: 4201)
General Skills - Solved
This one is a little bit harder. Can you find the flag in /problems/grep-2_3_826f886f547acb8a9c3fccb030e8168d/files on the shell server? Remember, grep is your friend.
- grep tutorial
Aca-Shell-A - Points: 150 - (Solves: 2630)
General Skills - Solved
It's never a bad idea to brush up on those linux skills or even learn some new ones before you set off on this adventure! Connect with nc 2018shell2.picoctf.com 27833
.
- Linux for Beginners
Client Side is Still Bad - Points: 150 - (Solves: 5368)
Web Exploitation - Solved
I forgot my password again, but this time there doesn't seem to be a reset, can you help me? http://2018shell2.picoctf.com:8249
(link)
- Client Side really is a bad way to do it.
Desrouleaux - Points: 150 - (Solves: 1981)
Forensics - Solved
Our network administrator is having some trouble handling the tickets for all of of our incidents. Can you help him out by answering all the questions? Connect with nc 2018shell2.picoctf.com 63299
. incidents.json
- If you need to code, python has some good libraries for it.
Logon - Points: 150 - (Solves: 2728)
Web Exploitation - Solved
I made a website so now you can log on to! I don't seem to have the admin password. See if you can't get to the flag. http://2018shell2.picoctf.com:62746
(link)
- Hmm it doesn't seem to check anyone's password, except for admins?
- How does check the admin's password?
Reading Between the Eyes - Points: 150 - (Solves: 2012)
Forensics - Solved
- Maybe you can find an online decoder?
Recovering From the Snap - Points: 150 - (Solves: 1647)
Forensics - Solved
- Some files have been deleted from the disk image, but are they really gone?
admin panel - Points: 150 - (Solves: 3321)
Forensics - Solved
- Tools like wireshark are pretty good for analyzing pcap files.
assembly-0 - Points: 150 - (Solves: 1614)
Reversing - Solved
What does asm0(0xd8,0x7a) return? Submit the flag as a hexadecimal value (starting with '0x'). NOTE: Your submission for this question will NOT be in the normal flag format. Source located in the directory at /problems/assembly-0_1_fc43dbf0079fd5aab87236bf3bf4ac63.
buffer overflow 0 - Points: 150 - (Solves: 2316)
Binary Exploitation - Solved
- How can you trigger the flag to print?
- If you try to do the math by hand, maybe try and add a few more characters. Sometimes there are things you aren't expecting.
caesar cipher 1 - Points: 150 - (Solves: 4048)
Cryptography - Solved
environ - Points: 150 - (Solves: 3058)
General Skills - Solved
Sometimes you have to configure environment variables before executing a program. Can you find the flag we've hidden in an environment variable on the shell server?
- unix env
hertz - Points: 150 - (Solves: 2386)
Cryptography - Unsolved
Here's another simple cipher for you where we made a bunch of substitutions. Can you decrypt it? Connect with nc 2018shell2.picoctf.com 43324
.
- NOTE: Flag is not in the usual flag format
hex editor - Points: 150 - (Solves: 3297)
Forensics - Solved
ssh-keyz - Points: 150 - (Solves: 2626)
General Skills - Solved
As nice as it is to use our webshell, sometimes its helpful to connect directly to our machine. To do so, please add your own public key to ~/.ssh/authorized_keys, using the webshell. The flag is in the ssh banner which will be displayed when you login remotely with ssh to with your username.
Irish Name Repo - Points: 200 - (Solves: 2608)
Web Exploitation - Solved
There is a website running at http://2018shell2.picoctf.com:52012
(link). Do you think you can log us in? Try to see if you can login!
- There doesn't seem to be many ways to interact with this, I wonder if the users are kept in a database?
Mr. Robots - Points: 200 - (Solves: 2680)
Web Exploitation - Solved
Do you see the same things I see? The glimpses of the flag hidden away? http://2018shell2.picoctf.com:40064
(link)
- What part of the website could tell you where the creator doesn't want you to look?
No Login - Points: 200 - (Solves: 1730)
Web Exploitation - Solved
Looks like someone started making a website but never got around to making a login, but I heard there was a flag if you were the admin. http://2018shell2.picoctf.com:10573
(link)
- What is it actually looking for in the cookie?
Secret Agent - Points: 200 - (Solves: 1957)
Web Exploitation - Solved
Here's a little website that hasn't fully been finished. But I heard google gets all your info anyway. http://2018shell2.picoctf.com:3827
(link)
- How can your browser pretend to be something else?
Truly an Artist - Points: 200 - (Solves: 2788)
Forensics - Solved
Can you help us find the flag in this Meta-Material? You can also find the file in /problems/truly-an-artist_1_59a330544b5c06946dfb0617b1c13330.
- Try looking beyond the image.
- Who created this?
assembly-1 - Points: 200 - (Solves: 1231)
Reversing - Solved
What does asm1(0xcd) return? Submit the flag as a hexadecimal value (starting with '0x'). NOTE: Your submission for this question will NOT be in the normal flag format. Source located in the directory at /problems/assembly-1_2_ac6a59ca77a2d619ddabb3c3ffedb9a8.
- assembly conditions
be-quick-or-be-dead-1 - Points: 200 - (Solves: 997)
Reversing - Unsolved
You find this when searching for some music, which leads you to be-quick-or-be-dead-1. Can you run it fast enough? You can also find the executable in /problems/be-quick-or-be-dead-1_3_aeb48854203a88fb1da963f41ae06a1c.
- What will the key finally be?
blaise's cipher - Points: 200 - (Solves: 2363)
Cryptography - Solved
My buddy Blaise told me he learned about this cool cipher invented by a guy also named Blaise! Can you figure out what it says? Connect with nc 2018shell2.picoctf.com 26039
.
- There are tools that make this easy.
- This cipher was NOT invented by Pascal
buffer overflow 1 - Points: 200 - (Solves: 1173)
Binary Exploitation - Unsolved
- This time you're actually going to have to control that return address!
- Make sure you consider Big Endian vs Little Endian.
leak-me - Points: 200 - (Solves: 1683)
Binary Exploitation - Unsolved
now you don't - Points: 200 - (Solves: 2890)
Forensics - Solved
- There is an old saying: if you want to hide the treasure, put it in plain sight. Then no one will see it.
- Is it really all one shade of red?
quackme - Points: 200 - (Solves: 532)
Reversing - Unsolved
Can you deal with the Duck Web? Get us the flag from this program. You can also find the program in /problems/quackme_1_374d85dc071ada50a08b36597288bcfd.
- Objdump or something similar is probably a good place to start.
shellcode - Points: 200 - (Solves: 802)
Binary Exploitation - Unsolved
what base is this? - Points: 200 - (Solves: 2926)
General Skills - Solved
To be successful on your mission, you must be able read data represented in different ways, such as hexadecimal or binary. Can you get the flag from this program to prove you are ready? Connect with nc 2018shell2.picoctf.com 1225
.
- I hear python is a good means (among many) to convert things.
- It might help to have multiple windows open
you can't see me - Points: 200 - (Solves: 2014)
General Skills - Solved
'...reading transmission... Y.O.U. .C.A.N.'.T. .S.E.E. .M.E. ...transmission ended...' Maybe something lies in /problems/you-can-t-see-me_1_a7045a1e39ce834c26556a81c2b3a74f.
- What command can see/read files?
- What's in the manual page of ls?
Buttons - Points: 250 - (Solves: 2214)
Web Exploitation - Solved
There is a website running at http://2018shell2.picoctf.com:65107
(link). Try to see if you can push their buttons.
- What's different about the two buttons?
Ext Super Magic - Points: 250 - (Solves: 295)
Forensics - Unsolved
We salvaged a ruined Ext SuperMagic II-class mech recently and pulled the filesystem out of the black box. It looks a bit corrupted, but maybe there's something interesting in there. You can also find it in /problems/ext-super-magic_0_621bc2a94057a3e5a0aa0816da3fe8fb on the shell server.
- Are there any tools for diagnosing corrupted filesystems? What do they say if you run them on this one?
- How does a linux machine know what type of file a file is?
- You might find this doc helpful.
- Be careful with endianness when making edits.
- Once you've fixed the corruption, you can use /sbin/debugfs to pull the flag file out.
Lying Out - Points: 250 - (Solves: 1018)
Forensics - Solved
Safe RSA - Points: 250 - (Solves: 572)
Cryptography - Solved
Now that you know about RSA can you help us decrypt this ciphertext? We don't have the decryption key but something about those values looks funky..
- RSA tutorial
- Hmmm that e value looks kinda small right?
- These are some really big numbers.. Make sure you're using functions that don't lose any precision!
The Vault - Points: 250 - (Solves: 1684)
Web Exploitation - Solved
There is a website running at http://2018shell2.picoctf.com:56537
(link). Try to see if you can login!
What's My Name? - Points: 250 - (Solves: 1883)
Forensics - Solved
- If you visited a website at an IP address, how does it know the name of the domain?
absolutely relative - Points: 250 - (Solves: 1431)
General Skills - Unsolved
- Do you have to run the program in the same directory? (⊙.☉)7
- Ever used a text editor? Check out the program 'nano'
assembly-2 - Points: 250 - (Solves: 793)
Reversing - Solved
What does asm2(0x7,0x28) return? Submit the flag as a hexadecimal value (starting with '0x'). NOTE: Your submission for this question will NOT be in the normal flag format. Source located in the directory at /problems/assembly-2_4_f8bfecf223768f4cac035751390ea590.
- assembly conditions
caesar cipher 2 - Points: 250 - (Solves: 1645)
Cryptography - Solved
Can you help us decrypt this message? We believe it is a form of a caesar cipher. You can find the ciphertext in /problems/caesar-cipher-2_2_d9c42f8026f320079f3d4fcbaa410615 on the shell server.
- You'll have figure out the correct alphabet that was used to encrypt the ciphertext from the ascii character set
- ASCII Table
rsa-madlibs - Points: 250 - (Solves: 850)
Cryptography - Solved
We ran into some weird puzzles we think may mean something, can you help me solve one? Connect with nc 2018shell2.picoctf.com 18148
in out error - Points: 275 - (Solves: 1374)
General Skills - Solved
Can you utlize stdin, stdout, and stderr to get the flag from this program? You can also find it in /problems/in-out-error_4_c51f68457d8543c835331292b7f332d2 on the shell server
- Maybe you can split the stdout and stderr output?
Artisinal Handcrafted HTTP 3 - Points: 300 - (Solves: 593)
Web Exploitation - Solved
We found a hidden flag server hiding behind a proxy, but the proxy has some... _interesting_ ideas of what qualifies someone to make HTTP requests. Looks like you'll have to do this one by hand. Try connecting via nc 2018shell2.picoctf.com 36186
, and use the proxy to send HTTP requests to `flag.local`. We've also recovered a username and a password for you to use on the login page: `realbusinessuser`/`potoooooooo`.
- _Be the browser._ When you navigate to a page, how does your browser send HTTP requests? How does this change when you submit a form?
SpyFi - Points: 300 - (Solves: 293)
Cryptography - Solved
James Brahm, James Bond's less-franchised cousin, has left his secure communication with HQ running, but we couldn't find a way to steal his agent identification code. Can you? Conect with nc 2018shell2.picoctf.com 37131
. Source.
- What mode is being used?
echooo - Points: 300 - (Solves: 775)
Binary Exploitation - Unsolved
learn gdb - Points: 300 - (Solves: 1053)
General Skills - Solved
Using a debugging tool will be extremely useful on your missions. Can you run this program in gdb and find the flag? You can find the file in /problems/learn-gdb_1_a2decdea3e89bfcdcbd9de1a67ceed0e on the shell server.
- Try setting breakpoints in gdb
- Try and find a point in the program after the flag has been read into memory to break on
- Where is the flag being written in memory?
Flaskcards - Points: 350 - (Solves: 532)
Web Exploitation - Unsolved
We found this fishy website for flashcards that we think may be sending secrets. Could you take a look?
- Are there any common vulnerabilities with the backend of the website?
- Is there anywhere that filtering doesn't get applied?
- The database gets reverted every 2 hours so your session might end unexpectedly. Just make another user
Super Safe RSA - Points: 350 - (Solves: 378)
Cryptography - Unsolved
Dr. Xernon made the mistake of rolling his own crypto.. Can you find the bug and decrypt the message? Connect with nc 2018shell2.picoctf.com 24039
.
- Just try the first thing that comes to mind.
core - Points: 350 - (Solves: 301)
Forensics - Unsolved
got-shell? - Points: 350 - (Solves: 472)
Binary Exploitation - Unsolved
roulette - Points: 350 - (Solves: 403)
General Skills - Unsolved
Malware Shops - Points: 400 - (Solves: 675)
Forensics - Solved
Radix's Terminal - Points: 400 - (Solves: 581)
Reversing - Unsolved
Can you find the password to Radix's login? You can also find the executable in /problems/radix-s-terminal_2_4c75009af9dadb458328555d93a49198?
- https://en.wikipedia.org/wiki/Base64
assembly-3 - Points: 400 - (Solves: 393)
Reversing - Unsolved
What does asm3(0xbda42100,0xb98dd6a5,0xecded223) return? Submit the flag as a hexadecimal value (starting with '0x'). NOTE: Your submission for this question will NOT be in the normal flag format. Source located in the directory at /problems/assembly-3_4_05ce5be4420bf9bd2ff37caf87e32898.
- more(?) registers
eleCTRic - Points: 400 - (Solves: 183)
Cryptography - Unsolved
You came across a custom server that Dr Xernon's company eleCTRic Ltd uses. It seems to be storing some encrypted files. Can you get us the flag? Connect with nc 2018shell2.picoctf.com 56215
. Source.
- I have repeated myself many many many times- do not repeat yourself.
- Do I need to say it in different words? You mustn't repeat thyself.
fancy-alive-monitoring - Points: 400 - (Solves: 439)
Web Exploitation - Unsolved
One of my school mate developed an alive monitoring tool. Can you get a flag from http://2018shell2.picoctf.com:8587
(link)?
- This application uses the validation check both on the client side and on the server side, but the server check seems to be inappropriate.
- You should be able to listen through the shell on the server.
store - Points: 400 - (Solves: 1528)
General Skills - Solved
Super Safe RSA 2 - Points: 425 - (Solves: 398)
Cryptography - Unsolved
Wow, he made the exponent really large so the encryption MUST be safe, right?! Connect with nc 2018shell2.picoctf.com 56543
.
- What is the usual value for e?
Magic Padding Oracle - Points: 450 - (Solves: 110)
Cryptography - Unsolved
Secure Logon - Points: 500 - (Solves: 253)
Web Exploitation - Unsolved
script me - Points: 500 - (Solves: 452)
General Skills - Unsolved
Can you understand the language and answer the questions to retrieve the flag? Connect to the service with nc 2018shell2.picoctf.com 61344
- Maybe try writing a python script?
LoadSomeBits - Points: 550 - (Solves: 380)
Forensics - Unsolved
Can you find the flag encoded inside this image? You can also find the file in /problems/loadsomebits_4_7be73021cd0c9c84b08937323b0d6ae1 on the shell server.
- Look through the Least Significant Bits for the image
- If you interpret a binary sequence (seq) as ascii and then try interpreting the same binary sequence from an offset of 1 (seq[1:]) as ascii do you get something similar or completely different?
Help Me Reset 2 - Points: 600 - (Solves: 420)
Web Exploitation - Unsolved
There is a website running at http://2018shell2.picoctf.com:38834
(link). We need to get into any user for a flag!
- Try looking past the typical vulnerabilities. Think about possible programming mistakes.
Super Safe RSA 3 - Points: 600 - (Solves: 303)
Cryptography - Unsolved
The more primes, the safer.. right.?.? Connect with nc 2018shell2.picoctf.com 54915
.
- How would you find d if there are more than 2 prime factors of n?
A Simple Question - Points: 650 - (Solves: 749)
Web Exploitation - Unsolved
There is a website running at http://2018shell2.picoctf.com:15987
(link). Try to see if you can answer its question.
James Brahm Returns - Points: 700 - (Solves: 70)
Cryptography - Unsolved
Dr. Xernon has finally approved an update to James Brahm's spy terminal. (Someone finally told them that ECB isn't secure.) Fortunately, CBC mode is safe! Right? Connect with nc 2018shell2.picoctf.com 14263
. Source.
- What killed SSL3?
LambDash 3 - Points: 800 - (Solves: 10)
Web Exploitation - Unsolved
C? Who uses that anymore. If we really want to be secure, we should all start learning lambda calculus. http://2018shell2.picoctf.com:33272
(link)
- This compiler is 99.9% bug free! I'm sure the other 0.1% won't amount to anything...
Dog or Frog - Points: 900 - (Solves: 70)
General Skills - Unsolved
Dressing up dogs are kinda the new thing, see if you can get this lovely girl ready for her costume party. Dog Or Frog
- This really is a ML problem, read the hints in the problem for more details..
Hint: Have you checked-out our Game page? Besides seeing problems in a graphical format, there will be robots!