Skip to main content

PicoCTF2018 - Miscellaneous - grep2

PicoCTF2018 - Miscellaneous - grep2

Objective:
This one is a little bit harder. Can you find the flag in /problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742/files on the shell server? Remember, grep is your friend.


Solution:

@pico-2018-shell:~$ cd /problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742

@pico-2018-shell:/problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742$ ls -l                                 
total 4
drwxr-xr-x 12 root root 4096 Mar 25 19:18 files


cool so there is a folder name files lets see what's inside

cd files
@pico-2018-shell:/problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742/files$ ls -l
total 40
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files0
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files1
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files2
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files3
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files4
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files5
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files6
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files7
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files8
drwxr-xr-x 2 root root 4096 Mar 25 19:18 files9


ok more folders let's check one out

@pico-2018-shell:/problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742/files$ cd files0
@pico-2018-shell:/problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742/files/files0$ ls
file0  file10  file12  file14  file16  file18  file2   file21  file23  file25  file27  file29  file4  file6  file8
file1  file11  file13  file15  file17  file19  file20  file22  file24  file26  file28  file3   file5  file7  file9


ok so it has a bunch of files in it

Our goal is to find the flag inside one of these files inside one of these folders


Let's use Grep to find out which file contains the string 'pico'

@pico-2018-shell:/problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742/files$ grep -rl 'pico'
files5/file23



okay it looks like file23 in the files5 folder has that string lets cat and grep and for the flag


@pico-2018-shell:/problems/grep-2_0_783d3e2c8ea2ebd3799ca6a5d28fc742/files$ cat ./files5/file23 | grep 'pico'
picoCTF{grep_r_and_you_will_find_24c911ab}






Labels:

Comments

Post a Comment

Popular posts from this blog

HacktheBox - Retired - Frolic

HacktheBox - Retired - Frolic Recon Let's start out with a threader3000 scan Some interesting results here Port 22 and 445 aren't uncommon… but 1880 and 9999 are.. Let's let nmap run through these ports  Option Selection: 1 nmap -p22,445,1880,9999 -sV -sC -T4 -Pn -oA 10.10.10.111 10.10.10.111 Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower. Starting Nmap 7.91 ( https://nmap.org ) at 2021-05-05 16:17 EDT Nmap scan report for 10.10.10.111 Host is up (0.060s latency). PORT     STATE SERVICE     VERSION 22/tcp   open  ssh         OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: |   2048 87:7b:91:2a:0f:11:b6:57:1e:cb:9f:77:cf:35:e2:21 (RSA) |   256 b7:9b:06:dd:c2:5e:28:44:78:41:1e:67:7d:1e:b7:62 (ECDSA) |_  256 21:cf:16:6d:82:a4:30:c3:c6:9c:d7:38:ba:b5:02:b0 (ED25519) 445/tcp  open  netbios-ssn Samba smbd 4.3.11-Ubuntu (workgroup: WORKGROUP) 1880/tcp open  http        Node.js (Express middlewar...
Post a Comment
Read more

Hack The Box - Retired - Laboratory

HackTheBox - Laboratory - Retired Starting off with a quick scan using threader6000 /opt/threader3000/threader6000.py 10.10.10.216 Ports 22,80,443 came back. Run nmap against these ports. nmap -p22,80,443 -sV -sC -T4 -Pn -oN 10.10.10.216 10.10.10.216 nmap -p22,80,443 -sV -sC -Pn -T4 -oN 10.10.10.216 10.10.10.216 Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower. Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-13 17:43 EDT Nmap scan report for laboratory.htb (10.10.10.216) Host is up (0.060s latency). PORT    STATE SERVICE  VERSION 22/tcp  open  ssh      OpenSSH 8.2p1 Ubuntu 4ubuntu0.1 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: |   3072 25:ba:64:8f:79:9d:5d:95:97:2c:1b:b2:5e:9b:55:0d (RSA) |   256 28:00:89:05:55:f9:a2:ea:3c:7d:70:ea:4d:ea:60:0f (ECDSA) |_  256 77:20:ff:e9:46:c0:68:92:1a:0b:21:29:d1:53:aa:87 (ED25519) 80/tcp  open  http     Apache httpd 2.4.41 |_...
Post a Comment
Read more

A collection of online Security CTF and Learning sites

 Hellbound Hackers    Embedded Security CTF Arizona Cyber Warfare Range Over The Wire - Bandit Pico CTF 2018 Hack The Box.eu Root Me: Challenges/Forensic RingZero CTF Vulnerable By Design - Vulnerable VMs Murder Mystery SQL Challenge Incident Response Challenge Authentication Lab Walkthroughs Defcon CTF Archives Matrix Holiday Hack Cyber Defenders | Blue Team and CTF Crypto Hack - learning Crypto Video Learning Zero to Hero Pentesting by The Cyber Mentor
Post a Comment
Read more