PicoCTF General Skills

Table of Contents

Welcome, it’s nice to have you here.

My first ever write-up in the Cyber Sec space, I’m excited!

Thanks to NetworkChuck’s Discord for getting me onto GynvaelEN’s Hacking Livestream #5 lead me to find PicoCTF.

PicoCTF is a great place to start CTF’s, their beginner friendly options provide a simple step into the space!

Disclaimer, I didn’t realise they were getting more difficult. So I couldn’t complete all the General Skills, 10/12 so far. Honestly, I even cheated and looked at other walkthroughs but still couldn’t replicate the answer to getting the flag.

Let’s Warm Up

Description: If I told you a word started with 0x70 in hexadecimal, what would it start with in ASCII?

Hint: Submit your answer in our flag format. For example, if your answer was ‘hello’, you would submit ‘picoCTF{hello}’ as the flag.

50 points

  • Answer
    1. Searched hex to ASCII
    2. Found, inserted 0x70, no result.
    3. Searched what's "x" in hexadecimal?
    4. Found 0x can be ignored.
    5. Converted 70 to ASCII = p
    6. 🚩 picoCTF{p}

Warmed Up

Description: What is 0x3D (base 16) in decimal (base 10)?

Hints: Submit your answer in our flag format. For example, if your answer was ’22’, you would submit ‘picoCTF{22}’ as the flag.

50 points

  • Answer
    1. Searched base 16 to base 10
    2. Ignored 0x, input 3D
    3. 🚩 picoCTF{61}

2Warm

Description: Can you convert the number 42 (base 10) to binary (base 2)?

Hints: Submit your answer in our competition’s flag format. For example, if your answer was ‘11111’, you would submit ‘picoCTF{11111}’ as the flag.

50 points

  • Answer
    1. Searched base 10 to base 2
    2. Found, input 42 = 101010
    3. 🚩 picoCTF{101010}

what’s a net cat?

Description: Using netcat (nc) is going to be pretty important. Can you connect to jupiter.challenges.picoctf.org at port 25103 to get the flag?

Hint: nc tutorial.

100 points

  • Answer
    1. Terminal: nc [jupiter.challenges.picoctf.org](<http://jupiter.challenges.picoctf.org/>) 25103
    2. 🚩 picoCTF{nEtCat_Mast3ry_d0c64587}

strings it

Description: Can you find the flag in file without running it?

Hints: strings.

100 points

  • Answer
    1. Didn’t have strings > searched install strings linux > found apt-get install binutils
    2. strings strings | grep -e "picoCTF" = 🚩 picoCTF{5tRIng5_1T_d66c7bb7}

Bases

Description: What does this bDNhcm5fdGgzX3IwcDM1 mean? I think it has something to do with bases.

Hint: Submit your answer in our flag format. For example, if your answer was ‘hello’, you would submit ‘picoCTF{hello}’ as the flag.

100 points

  • Answers
    1. Searched bDNhcm5fdGgzX3IwcDM1 > found Base64 decoder.
    2. Input bDNhcm5fdGgzX3IwcDM1
    3. 🚩 l3arn_th3_r0p35

First Grep

Description: Can you find the flag in file? This would be really tedious to look through manually, something tells me there is a better way.

Hints: grep tutorial.

100 points

  • Answers
    1. Download file wget [<https://jupiter.challenges.picoctf.org/static/315d3325dc668ab7f1af9194f2de7e7a/file>](<https://jupiter.challenges.picoctf.org/static/315d3325dc668ab7f1af9194f2de7e7a/file>)
    2. grep "picoCTF" file
    3. 🚩 grep_is_good_to_find_things_f77e0797

Based

Description: To get truly 1337, you must understand different data encodings, such as hexadecimal or binary. Can you get the flag from this program to prove you are on the way to becoming 1337? Connect with nc jupiter.challenges.picoctf.org 15130

Hint 1: I hear python can convert things.

Hint 2: It might help to have multiple windows open.

200 points

plumbing

Description: Sometimes you need to handle process data outside of a file. Can you find a way to keep the output from this program and search for the flag? Connect to jupiter.challenges.picoctf.org 14291.

Hint 1: Remember the flag format is picoCTF{XXXX}

Hint 2: What’s a pipe? No not that kind of pipe… This kind.

200 points

  • Answer
    1. nc jupiter.challenges.picoctf.org 14291 | grep -e "picoCTF"
    2. 🚩 picoCTF{digital_plumb3r_ea8bfec7}

mus1c

Description: I wrote you a song. Put it in the picoCTF{} flag format.

Hint: Do you think you can master rockstar?

300 points

  • Answer
    1. Searched rockstar programming > found & wiki.
    2. Input lyrics > output base10
    3. Convert Base10 to ASCII

flag_shop

DNC.

1_wanna_b3_a_r0ck5tar

DNC.


So there’s my first walkthrough, pretty simple so far.

This tested my knowledge of the base numbering systems and ASCII a lot. It’s still not ingrained into my brain, so that means more CTF’s!

I was a bit disappointed I couldn’t complete all twelve, but I’m excited to skill up and tackle them again soon!

If you have any feedback, please send me a message via @mrashleyball.

This is Day 3 of #100DaysOfHacking, subscribe to my weekly newsletter to see the learning journey!

Happy Hacking.

About The Author
Ashley Ball

Ashley Ball

Hi, I'm Ash. I'm a teacher, web designer and content creator from Australia. I like making things simple. I like staying connected, learning about design and being an entrepreneur. Subscribe for insights via my weekly newsletter.
Share This Article
Share on linkedin
LinkedIn
Share on twitter
Twitter
Share on facebook
Facebook
Share on whatsapp
WhatsApp
Share on email
Email

Weekly Newsletter

I love staying connected, learning about design and being an entrepreneur.

Weekly Newsletter

I love staying connected, learning about design and being an entrepreneur.

This site uses cookies and other tracking technologies to assist with navigation, monitor site usage and web traffic, assist with our promotional and marketing efforts, and customize and improve our services, as set out in our privacy policy