Challenge

Download this disk image, find the key and log into the remote machine. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory.

• Download disk image (Archive)

• Remote machine: ssh -i key_file -p 65529 ctf-player@saturn.picoctf.net

Solution

1. We can decompress the disk image with gunzip disk.img.gz and then mount it with sudo kpartx -av disk.img.

2. In the mounted volume, the key is in /root/.ssh/id_ed25519. We can save this to a file called key_file.

3. Finally, run the given ssh command. The flag is stored in flag.txt in the current directory.