Pico CTF (Specialer)
Specialer
AUTHOR: LT ‘SYREAL’ JONES, ET AL.
Description Reception of Special has been cool to say the least. That’s why we made an exclusive version of Special, called Secure Comprehensive Interface for Affecting Linux Empirically Rad, or just ‘Specialer’. With Specialer, we really tried to remove the distractions from using a shell. Yes, we took out spell checker because of everybody’s complaining. But we think you will be excited about our new, reduced feature set for keeping you focused on what needs it the most. Please start an instance to test your very own copy of Specialer. ssh -p 59255 ctf-player@saturn.picoctf.net. The password is 483e80d4
Solution
This was a fun challenge, I enjoyed playing this one. Let’s get started, shall we?
- First we connect to the server via ssh
ssh -p 59255 ctf-player@saturn.picoctf.net
- I try using normal linux commands but most of the commands don’t work exept for some.
- To list all the commands that the system allows, I press
tabtwice.
- Now, lets try see how we can use the
echocommand to cat items. - Assuming the flag is in
flag.txt, I will need to improvice how I can read the file since thecatcommand is not available. - The following command
echo $(<flag.txt)can be used to print out the contents offlag.txt - Back to the challenge, I now need to figure out where the flag is stored.
- I use
cd ../..and presstabtwice to execute.
- Now, let’s navigate to the home directory to see what is there.
cd home/and again presstabtwice to execute. - Here we get into another directory called
ctf-playerwhich has several files and folders
- Let us try printing the contents of each folder.
- I start with the
abrafolder and cat the contents of the two txt files.echo $(<cadabra.txt)
- I then cat
cadaniel.txtusingecho $(<cadaniel.txt)
- I then proceed to the
alafolder by backtracking one step,cd ../alafrom the current folder. - I then cat the
kazam.txtthat is there and luckily enough, that file has our flag.
Thank you for reading through, hope you learnt something new.