picoCTF Writeups

On October 31, 2021November 1, 2021 By DanielIn CTF

Here are the writeups I’ve done for old picoCTF puzzles.

Please try to solve these puzzles on your own before blindly following these writeups to get points.

Puzzle Name	Category	Point Value	Tools Used
Obedient Cat	General Skills	5	cat
Mod 26	Cryptography	10	CyberChef
Python Wrangling	General Skills	10	Python
Wave a flag	General Skills	10	strings, file
information	Forensics	10	exiftool, CyberChef
Nice netcat…	General Skills	15	CyberChef, netcat
Transformation	Reverse Engineering	20	Python, xxd, awk
Stonks	Binary Exploitation	20	netcat, CyberChef, shell scripting
GET aHEAD	Web Exploitation	20	curl
Mind your Ps and Qs	Cryptography	20
Static ain’t always noise	General Skills	20	file, strings
Tab, Tab, Attack	General Skills	20	unzip, file, strings
keygenme-py	Reverse Engineering	30	Python
Matryoshka doll	Forensics	30	file, hex editor, binwalk,
crackme-py	Reverse Engineering	30	Python, CyberChef
Magikarp Ground Mission	General Skills	30	ssh, ls, cat
tunn3l v1s10n	Forensics	40
Easy Peasy	Cryptography	40
ARMssembly 0	Reverse Engineering	40
Cookies	Web Exploitation	40	EditThisCookie
vault-door-training	Reverse Engineering	50
Insp3ct0r	Web Exploitation	50
Lets Warm Up	General Skills	50	manual pages
Glory of the Garden	Forensics	50
Warmed Up	General Skills	50	Python
The Numbers	Cryptography	50
2Warm	General Skills	50	math
Wireshark doo doooo do doo…	Forensics	50
speeds and feeds	Reverse Engineering	50	Google, netcat, ncviewer.com
Shop	Reverse Engineering	50	Ghidra, netcat, CyberChef
Scavenger Hunt	Web Exploitation	50
HacroHard WeakEdge	Forensics	60	oletools, shell scripting, base64
New Caesar	Cryptography	60
ARMssembly 1	Reverse Engineering	70
Cache Me Outside	Binary Exploitation	70
Some Assembly Required 1	Web Exploitation	70
Mini RSA	Cryptography	70
Dachshund Attacks	Cryptography	80
Trivial Flag Transfer Protocol	Forensics	90	Wireshark, file, tar, cat, steghide, rot13.com
More Cookies	Web Exploitation	90
ARMssembly 2	Reverse Engineering	90
No Padding, No Problem	Cryptography	90
Here’s a LIBC	Binary Exploitation	90
where are the robots	Web Exploitation	100	Web browser
vault-door-1	Reverse Engineering	100	Shell scripting
what’s a net cat?	General Skills	100	netcat
strings it	General Skills	100
Easy1	Cryptography	100
logon	Web Exploitation	100
13	Cryptography	100
caesar	Cryptography	100
dont-use-client-side	Web Exploitation	100
Bases	General Skills	100	CyberChef, base64
First Grep	General Skills	100	grep, file
Pixelated	Cryptography	100
It is my Birthday	Web Exploitation	100
Wireshark twoo twooo two twoo…	Forensics	100
Who are you?	Web Exploitation	100
Hurry up! Wait!	Reverse Engineering	100	Ghidra
Unsubscriptions Are Free	Binary Exploitation	100
login	Web Exploitation	100
advanced-potion-making	Forensics	100
spelling-quiz	Cryptography	100
Disk, disk, sleuth!	Forensics	110
Play Nice	Cryptography	110
Some Assembly Required 2	Web Exploitation	110
gogo	Reverse Engineering	110
Milkslap	Forensics	120	zsteg, exiftool, file
Double DES	Cryptography	120
ARMssembly 3	Reverse Engineering	130
Compress and Attack	Cryptography	130
Disk, disk, sleuth! II	Forensics	130
Super Serial	Web Exploitation	130
Scrambled: RSA	Cryptography	140
So Meta	Forensics	150	exiftool
shark on wire 1	Forensics	150	Wireshark
extensions	Forensics	150	file
What Lies Within	Forensics	150	zsteg
Let’s get dynamic	Reverse Engineering	150
Most Cookies	Web Exploitation	150
caas	Web Exploitation	150
XtraORdinary	Cryptography	150
triple-secure	Cryptography	150
clutter-overflow	Binary Exploitation	150
not crypto	Reverse Engineering	150
Easy as GDB	Reverse Engineering	160
Some Assembly Required 3	Web Exploitation	160
filtered-shellcode	Binary Exploitation	160
Web Gauntlet 2	Web Exploitation	170
ARMssembly 4	Reverse Engineering	170
Powershelly	Reverse Engineering	180
la cifra de	Cryptography	200
picobrowser	Web Exploitation	200
asm1	Reverse Engineering	200
Tapping	Cryptography	200
Flags	Cryptography	200
Based	General Skills	200	netcat, CyberChef
Mr-Worldwide	Cryptography	200
plumbing	General Skills	200	netcat, grep
vault-door-3	Reverse Engineering	200
rsa-pop-quiz	Cryptography	200
Client-side-again	Web Exploitation	200
Pitter, Patter, Platters	Forensics	200	Active@ Disk Editor, file, mount
Web Gauntlet	Web Exploitation	200
Kit Engine	Binary Exploitation	200
Some Assembly Required 4	Web Exploitation	200
scrambled-bytes	Forensics	200
breadth	Reverse Engineering	200
WPA-ing Out	Forensics	200
asm2	Reverse Engineering	250
m00nwalk	Forensics	250
WhitePages	Forensics	250	emacs, Python, CyberChef
c0rrupt	Forensics	250
vault-door-4	Reverse Engineering	250
like1000	Forensics	250	tar, shell scripting
Guessing Game 1	Binary Exploitation	250
Surfing the Waves	Forensics	250
Stonk Market	Binary Exploitation	250
X marks the spot	Web Exploitation	250
notepad	Web Exploitation	250
college-rowing-team	Cryptography	250
fermat-strings	Binary Exploitation	250
droids0	Reverse Engineering	300
mus1c	General Skills	300	Rockstar, CyberChef
m00nwalk2	Forensics	300
waves over lambda	Cryptography	300
messy-malloc	Binary Exploitation	300
flag_shop	General Skills	300	Netcat, emacs
Investigative Reversing 0	Forensics	300
asm3	Reverse Engineering	300
miniRSA	Cryptography	300
vault-door-5	Reverse Engineering	300
reverse_cipher	Reverse Engineering	300
Irish-Name-Repo 1	Web Exploitation	300
shark on wire 2	Forensics	300	strings, Wireshark, CyberChef, tcpdump, awk, sed
Guessing Game 2	Binary Exploitation	300
OTP Implementation	Reverse Engineering	300
It’s Not My Fault 1	Cryptography	300
Web Gauntlet 3	Web Exploitation	300
Very very very Hidden	Forensics	300	Wireshark, file, Python, CyberChef
New Vignere	Crypgotraphy	300
Rolling My Own	Reverse Engineering	300
JAuth	Web Exploitation	300
Investigative Reversing 2	Forensics	350
WebNet0	Forensics	350	Wireshark
vault-door-6	Reverse Engineering	350
seed-sPRiNG	Binary Exploitation	350
Irish-Name-Repo 2	Web Exploitation	350
1_wanna_b3_a_r0ck5tar	General Skills	350
Download Horsepower	Binary Exploitation	350
corrupt-key-1	Cryptography	350
SaaS	Binary Exploitation	350
riscy business	Reverse Engineering	350
Checkpass	Reverse Engineering	375
b00tl3gRSA2	Cryptography	400
asm4	Reverse Engineering	400
Irish-Name-Repo 3	Web Exploitation	400
JaWT Scratchpad	Web Exploitation	400
Java Script Kiddie	Web Exploitation	400
Need For Speed	Reverse Engineering	400
Investigative Reversing 4	Forensics	400
B1ll_Gat35	Reverse Engineering	400
droids2	Reverse Engineering	400
vault-door-7	Reverse Engineering	400
AES-ABC	Cryptography	400
Investigative Reversing 3	Forensics	400
The Office	Binary Exploitation	400
homework	Binary Exploitation	400
vault-door-8	Reverse Engineering	450
droids3	Reverse Engineering	450
Java Script Kiddie 2	Web Exploitation	450
WebNet1	Forensics	450	Wireshark
investigation_encoded_1	Forensics	450
b00tl3gRSA3	Cryptography	450
Turoflan	Binary Exploitation	450
lockdown-horses	Binary Exploitation	450
john_pollard	Cryptography	500
droids4	Reverse Engineering	500
Forky	Reverse Engineering	500
investigation_encoded_2	Forensics	500
sice_cream	Binary Exploitation	500
B1g_Mac	Forensics	500
zero_to_hero	Binary Exploitation	500
Clouds	Cryptography	500
Bizz Fuzz	Binary Exploitation	500
Bithug	Web Exploitation	500
corrupt-key-2	Cryptography	500
vr-school	Binary Exploitation	500
MATRIX	Reverse Engineering	500

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this: