Verify | Pico CTF 2024

Introduction

Topic – Forensics | | | 50 points

This challenge requires combining various skills such as grep, googling, and executing a script. In this post, I will share my thought process and the steps I took to solve the challenge.

Note: I completed this challenge with limited prior knowledge of the skills involved.

On launching the instance:

Note: If you’re unsure what an instance is, think of it as a virtual environment that is activated, allowing you to access and work on the challenge.

Also Read: GET aHEAD Pico CTF Writeup

Let’s Start

I simply copied and pasted the SSH command to access the challenge. When prompted to continue connecting, I selected “yes” and then pasted the provided password.

The result:

From the challenge, we can see that the two crucial pieces of information we will need are the checksum and the decrypt script. A checksum is a string of numbers and letters used to verify whether data or a file has been altered during storage or transmission. (Credit: www.comparitech.com: what-is-checksum/)

There is another directory in this challenge called files, so I used the cd command to navigate into it, which is similar to double-clicking a folder. Additionally, the ls command displays the contents of the current directory.

There are a ton of files in this directory. I was only given the checksum as a hint, so I searched online to learn how checksums are used in the command line.

All the results I found were related to checking the checksum of files, so I googled further to learn how to search for checksums of a file using the command line. I came across this website (https://techdocs.akamai.com/download-ctr/docs/verify-checksum), which outlined three methods. Among them, I could only use the second method. I ran the command with *, which essentially processes every file in the current directory.

The list was quite long, but the required checksum was found in the first file, named 00011a60. This might not always happen, so using the grep command can help quickly locate the checksum.

In this situation, all the results that appeared were passed to the right side using the | operator. This allowed the grep function to narrow down the results to the required target.

Note: grep, short for “global regular expression print,” is a command used to search and match text patterns in files based on regular expressions. (Credit: https://www.digitalocean.com:grep-command). I will share some CTF challenges I’ve completed that involve grep, which might be helpful!

Finally, I used the command provided in the instructions to retrieve the flag.

We used cd .. to navigate back to the previous directory and then executed the command.

AND THE FLAG IS OBTAINED!!

Conclusion

This challenge demonstrated the importance of combining basic command-line skills like navigating directories, searching for patterns using tools like grep, and understanding checksums to solve a problem efficiently. Despite limited prior knowledge, exploring resources and applying the given hints step-by-step made it possible to successfully complete the task and retrieve the flag. This process reinforces how problem-solving in CTFs often involves learning on the go, leveraging online resources, and experimenting with commands to achieve the goal.


FAQs

What is the purpose of a checksum in this challenge?
A checksum helps verify the integrity of a file or data by comparing a unique string associated with it. In this challenge, the checksum was used as a clue to identify the correct file among many.

How does the grep command simplify the process?
The grep command filters and searches for specific text patterns within files or output. By piping results to grep, you can quickly narrow down the files containing the checksum instead of manually searching through each file.

What does cd .. do in the command line?
The cd .. command takes you one level up to the parent directory, allowing you to move back from the current directory to its containing folder.