DEV Community

zerogru
zerogru

Posted on

9

[picoctf] Verify writeup

Title:

Verify

Author:

Jeffery John

Date:

8/10/2024

Challenge Description

https://play.picoctf.org/practice/challenge/450

Difficulty Level

Easy

Setup

kali linux

Solution Overview

Detailed Steps

1.List information about the /home FILEs all

ls -al
total 28
drwxr-xr-x 3 root root  4096 Mar 11 20:09 .
drwxr-xr-x 3 root root  4096 Aug 10 14:31 ..
-rw-r--r-- 1 root root    65 Mar 11 20:09 checksum.txt
-rwxr-xr-x 1 root root   856 Mar 11 20:09 decrypt.sh
drwxr-xr-x 2 root root 12288 Mar 11 20:09 files
Enter fullscreen mode Exit fullscreen mode

2.Concatenate FILE(s), or standard input, to standard output.

cat checksum.txt                             
3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4
Enter fullscreen mode Exit fullscreen mode
  1. Check SHA256(256-bit) checksums read with file. and also search checksum.txt output character. 
sha256sum files/* | grep "3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4"
3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4  files/e018b574
Enter fullscreen mode Exit fullscreen mode

4.run decrypt.sh

./decrypt.sh files/e018b574
Error: 'files/e018b574' is not a valid file. Look inside the 'files' folder with 'ls -R'!
Enter fullscreen mode Exit fullscreen mode

I got error message

5.When i found decrypt.sh code i saw that is. openssl cryptofrphy toolkit.

cat decrypt.sh  
        #!/bin/bash

        # Check if the user provided a file name as an argument
        if [ $# -eq 0 ]; then
            echo "Expected usage: decrypt.sh <filename>"
            exit 1
        fi

        # Store the provided filename in a variable
        file_name="$1"

        # Check if the provided argument is a file and not a folder
        if [ ! -f "/home/ctf-player/drop-in/$file_name" ]; then
            echo "Error: '$file_name' is not a valid file. Look inside the 'files' folder with 'ls -R'!"
            exit 1
        fi

        # If there's an error reading the file, print an error message
        if ! openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "/home/ctf-player/drop-in/$file_name" -k picoCTF; then
            echo "Error: Failed to decrypt '$file_name'. This flag is fake! Keep looking!"
        fi
Enter fullscreen mode Exit fullscreen mode

6.code said openssl by Encoding with Ciphers.

Final Exploit/Flag 

openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "files/e018b574" -k picoCTF
picoCTF{trust_but_verify_e018b574}
Enter fullscreen mode Exit fullscreen mode

Lessons Learned

Forensics

References

https://linux.die.net/man/1/ls
https://linux.die.net/man/1/cat
https://linux.die.net/man/1/file
https://linux.die.net/man/1/grep
https://linux.die.net/man/1/sha256sum
https://linux.die.net/man/1/openssl

profile
Heroku
 Promoted

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

profile
Pieces.app
 Promoted

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

Read next

danilodimoia profile image

Python docker crontab

ddm -

danielbayerlein profile image

Building robust and scalable serverless event tracking and analytics with AWS

Daniel Bayerlein -

mikeyoung44 profile image

AI Code Assistants Struggle to Keep Up with Modern Programming: New Tool Reveals Major Gaps

Mike Young -

mikeyoung44 profile image

AI System Detects Medical Research Fraud with 91% Accuracy and Clear Explanations

Mike Young -