Stanfield - March 31st 2020 CTF

ssh-keyz - Points: 150
I had a tough time figuring out what it wanted me to do. I watched the tutorial and that put me on the right track, finished the problem on the first time through the tutorial I just missed one crucial step that made me think I did it wrong and made me go on a 45 goose chase trying to figure out what I did wrong. When you go to ssh into the web shell, it asks “Are you sure you want to continue connecting (yes/no) instead of typing “yes” I just hit enter and the connection would fail every time. Finally, after 45 min being stuck on the problem, I actually read that prompt and typed “Yes” and I connected fine. Big mad
picoCTF{who_n33ds_p4ssw0rds_38dj21}

Irish Name Repo - Points: 200
Took me a minute to poke around and actually find the menu on the top left of the webpage, but once I found it, I read in the support that the site uses SQL. So, I google common SQL injection codes and put them in until one gave me the flag
picoCTF{con4n_r3411y_1snt_1r1sh_f58843c5}
Mr. Robots - Points: 200
Never heard of a /robots.txt before so I had no clue what the question was referencing. The only reason I finished the question is because of the help in the slack chat
picoCTF{th3_w0rld_1s_4_danger0us_pl4c3_3lli0t_74efc}
Truly an Artist - Points: 200
I just went to the location and it was a file so after looking at the .png I strings it while grep for “pico” and I found it.
leak-me - Points: 200
This one took a while. I had to first figure out what language it was written in. After I figured out it was in C++, I looked up ways to pull the passwords.txt file. I didn’t get anywhere with that so I start going through the code one line at a time and figuring out what that line did. I eventually got to the line where it defined how many characters could be in the name field, 256 bytes. Once I figured out that it is actually called a buffer, I decided to look up how to do a buffer overflow. Which is just inputting more byte than it can handle, 256 bytes. I held down “q” in the name section for a minute or so until I figured it was over 256 bytes and clicked enter and boom after all the q’s was the password.
picoCTF{aLw4y5_Ch3cK_tHe_bUfF3r_s1z3_d1667872}
what base is this? - Points: 200
Simple, just open a bunch of converters and be fast at copy and pasting.
picoCTF{delusions_about_finding_values_5b21aa05}
you can't see me - Points: 200
I figured this one out as soon I read the question, I just had to find the hidden file. I went to the dir and ls –a to view the hidden file and knew something was there. I didn’t know how to view it, so I looked it up and figured out all you had to do was “./” then tab to complete it. Then I used cat to view the contents.
The Vault - Points: 250
In the source code, it had some SQL injection protection by checking for “OR” in the password. So I just tried the SQL UNION method that didn’t use “OR”
picoCTF{w3lc0m3_t0_th3_vau1t_23495366}
rsa-madlibs - Points: 250
The first question was easy, find for n, n = p*q
The second question was easy, it provided q and n and you had to find p, p=n/q
The third question wasn’t doable
The fourth question was not easy and I couldn’t figure it out.