PicoCTF-2022 Writeup
Search…
PicoCTF-2022 Writeup
README
Binary Exploitation
buffer overflow 1
buffer overflow 2
buffer overflow 3
flag leak
function overwrite
ropfu
stack cache
x-sixty-what
Cryptography
basic-mod1
basic-mod2
diffie-hellman
morse-code
NSA Backdoor
Sequences
substitution
Sum-O-Primes
Very Smooth
Forensics
Operation Oni
Operation Orchid
SideChannel
St3g0
Torrent Analyze
Reverse Engineering
Bbbbloat
Keygenme
unpackme
Wizardlike
Web Exploitation
Forbidden Paths
noted
Roboto Sans
SQLiLite
Powered By GitBook
Operation Oni

Challenge

Download this disk image, find the key and log into the remote machine. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory.

Solution

  1. 1.
    We can decompress the disk image with gunzip disk.img.gz and then mount it with sudo kpartx -av disk.img.
  2. 2.
    In the mounted volume, the key is in /root/.ssh/id_ed25519. We can save this to a file called key_file.
  3. 3.
    Finally, run the given ssh command. The flag is stored in flag.txt in the current directory.
Cryptography - Previous
Very Smooth
Next - Forensics
Operation Orchid
Last modified 4mo ago
Copy link
Edit on GitHub
Outline
Challenge
Solution