add posts for picoCTF!

Author: Slavetomints

_posts/2025-07-08-picoctf-obedient-cat.md

@@ -0,0 +1,42 @@
+---
+title: Obedient Cat
+date: 2025-07-08
+categories: [Capture The Flags, picoCTF]
+tags: [ctf, picoctf, misc, writeups]
+description: picoCTF Obedient Cat Challenge
+---
+
+
+> Challenge description:
+>
+>This file has a flag in plain sight (aka "in-the-clear").
+{: .prompt-info }
+
+For this challenge, all you have to do is download the file and look inside it for the flag.
+
+```terminal
+~/training/picoCTF/obedient-cat
+❯ wget https://mercury.picoctf.net/static/fb851c1858cc762bd4eed569013d7f00/flag
+--2025-07-08 17:38:50--  https://mercury.picoctf.net/static/fb851c1858cc762bd4eed569013d7f00/flag
+Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
+Resolving mercury.picoctf.net (mercury.picoctf.net)... 18.189.209.142
+Connecting to mercury.picoctf.net (mercury.picoctf.net)|18.189.209.142|:443... connected.
+HTTP request sent, awaiting response... 200 OK
+Length: 34 [application/octet-stream]
+Saving to: ‘flag’
+
+flag                      100%[====================================>]      34  --.-KB/s    in 0s
+
+2025-07-08 17:38:50 (98.9 MB/s) - ‘flag’ saved [34/34]
+
+
+~/training/picoCTF/obedient-cat
+❯ ls
+ flag
+
+~/training/picoCTF/obedient-cat
+❯ cat flag
+picoCTF{s4n1ty_v3r1f13d_28e8376d}
+```
+
+FLAG: `picoCTF{s4n1ty_v3r1f13d_28e8376d}`

_posts/2025-07-08-picoctf-wave-a-flag.md

@@ -0,0 +1,45 @@
+---
+title: Wave a flag
+date: 2025-07-08
+categories: [Capture The Flags, picoCTF]
+tags: [ctf, picoctf, misc, writeups]
+description: picoCTF Wave a flag Challenge
+---
+
+
+> Challenge description:
+>
+>Can you invoke help flags for a tool or binary? [This program](https://mercury.picoctf.net/static/a14be2648c73e3cda5fc8490a2f476af/warm) has extraordinarily helpful information...
+{: .prompt-info }
+
+For this challenge we were given a 64-bit binary, so we'll pop it into `Ghidra` to see whats in the `main()` function.
+
+```c
+void main(int argc,char **argv)
+
+{
+  int iVar1;
+  char **argv-local;
+  int argc-local;
+  
+  if (argc == 1) {
+    puts("Hello user! Pass me a -h to learn what I can do!");
+  }
+  else {
+    iVar1 = strcmp(argv[1],"-h");
+    if (iVar1 == 0) {
+      puts(
+          "Oh, help? I actually don\'t do much, but I do have this flag here: picoCTF{b1scu1ts_4nd_g r4vy_755f3544}"
+          );
+    }
+    else {
+      printf("I don\'t know what \'%s\' means! I do know what -h means though!\n",argv[1]);
+    }
+  }
+  return;
+}
+```
+
+And the flag's right there!
+
+FLAG: `picoCTF{b1scu1ts_4nd_gr4vy_755f3544}`

_posts/2025-07-12-picoctf-bases.md

@@ -0,0 +1,28 @@
+---
+title: Bases
+date: 2025-07-12
+categories: [Capture The Flags, picoCTF]
+tags: [ctf, picoctf, misc, writeups]
+description: picoCTF Bases Challenge
+---
+
+
+> Challenge description:
+>
+>What does this `bDNhcm5fdGgzX3IwcDM1` mean? I think it has something to do with bases.
+{: .prompt-info }
+
+Alrighty, so we've been given a `base64` encoded string, and have to find out what it is. For this, we'll use both `echo` and `base64`.
+
+`base64` has a decode flag, which is `-d`. It decoded and text passed through to it In order to do that we'll need to use `echo` to pipe the text through. We need to be careful, since `echo` adds a newline to the end of the string, so we'll use the `-n` flag to disable that.
+
+Our final command looks like this:
+
+```terminal
+❯ echo "bDNhcm5fdGgzX3IwcDM1" | base64 -d
+l3arn_th3_r0p35
+```
+
+Add on the flag formatters, and we're all good to go!
+
+FLAG: `picoCTF{l3arn_th3_r0p35}`

_posts/2025-07-12-picoctf-first-grep.md

@@ -0,0 +1,38 @@
+---
+title: first grep
+date: 2025-07-12
+categories: [Capture The Flags, picoCTF]
+tags: [ctf, picoctf, misc, writeups]
+description: picoCTF first grep Challenge
+---
+
+
+> Challenge description:
+>
+>Can you find the flag in [file](https://jupiter.challenges.picoctf.org/static/495d43ee4a2b9f345a4307d053b4d88d/file)? This would be really tedious to look through manually, something tells me there is a better way.
+>
+{: .prompt-info }
+
+Okay, so here we've been given a pretty big file, and we need to pull out the flag. Now, we know that the flag starts with `picoCTF`, but how can we find it quickly in a large file?  Well, we use `grep`!
+
+Now, you can use `grep` in one of two ways. We'll cover both here
+
+## Way #1
+The first way is to only use `grep` by itself. The syntax is `grep [string to search for] [file]`.
+
+```terminal
+❯ grep pico file
+picoCTF{grep_is_good_to_find_things_dba08a45}
+```
+## Way #2
+Now let's say you don't have a file, or you didn't like the first way for some reason. You can also use `cat` to send the file's contents to `stdout`, and pipe it into `grep`. Piping output to `grep` is useful is you're working with data not in a file, or trying to chain together a command.
+
+
+```terminal
+❯ cat file | grep pico
+picoCTF{grep_is_good_to_find_things_dba08a45}
+```
+
+Either way, you get the flag!
+
+FLAG: `picoCTF{grep_is_good_to_find_things_dba08a45}`

_posts/2025-07-12-picoctf-magikarp-ground-mission.md

@@ -0,0 +1,41 @@
+---
+title: Magikarp Ground Mission
+date: 2025-07-12
+categories: [Capture The Flags, picoCTF]
+tags: [ctf, picoctf, misc, writeups]
+description: picoCTF Magikarp Ground Mission Challenge
+---
+
+
+> Challenge description:
+>
+>Do you know how to move between directories and read files in the shell? Start the container, `ssh` to it, and then `ls` once connected to begin. Login via `ssh` as `ctf-player` with the password, `abcba9f7`
+{: .prompt-info }
+
+
+For this challenge, it's pretty darn simple. Once you're in, use `cat` to read the part of the flag, and then use `cat` again to read the instructions for the next part of the flag. After you've done that, `cd` to where the instructions pointed you, and continue from there.
+
+The process should look something like this:
+```terminal
+ctf-player@pico-chall$ ls
+1of3.flag.txt  instructions-to-2of3.txt
+ctf-player@pico-chall$ cat 1of3.flag.txt
+picoCTF{xxsh_
+ctf-player@pico-chall$ cat instructions-to-2of3.txt
+Next, go to the root of all things, more succinctly `/`
+ctf-player@pico-chall$ cd /
+ctf-player@pico-chall$ ls
+2of3.flag.txt  boot  etc   instructions-to-3of3.txt  lib64  mnt  proc  run   srv  tmp  var
+bin	       dev   home  lib			     media  opt  root  sbin  sys  usr
+ctf-player@pico-chall$ cat 2of3.flag.txt
+0ut_0f_\/\/4t3r_
+ctf-player@pico-chall$ cat instructions-to-3of3.txt
+Lastly, ctf-player, go home... more succinctly `~`
+ctf-player@pico-chall$ cd ~
+ctf-player@pico-chall$ ls
+3of3.flag.txt  drop-in
+ctf-player@pico-chall$ cat 3of3.flag.txt
+21cac893}
+```
+
+FLAG: `picoCTF{xxsh_0ut_0f_\/\/4t3r_21cac893}`

_posts/2025-07-12-picoctf-python-wrangling.md

@@ -0,0 +1,121 @@
+---
+title: Python Wrangling
+date: 2025-07-12
+categories:
+  - Capture The Flags
+  - picoCTF
+tags:
+  - ctf
+  - picoctf
+  - misc
+  - writeups
+description: picoCTF Python Wrangling Challenge
+---
+
+
+> Challenge description:
+>
+>Python scripts are invoked kind of like programs in the Terminal... Can you run [this Python script](https://mercury.picoctf.net/static/2ac2139344d2e734d5d638ac928f1a8d/ende.py) using [this password](https://mercury.picoctf.net/static/2ac2139344d2e734d5d638ac928f1a8d/pw.txt) to get [the flag](https://mercury.picoctf.net/static/2ac2139344d2e734d5d638ac928f1a8d/flag.txt.en)?
+>
+{: .prompt-info }
+
+For this challenge, we are given `ende.py`, `flag.txt.en`, and `pw.txt`
+
+Let's look at each file we're given.
+
+```python
+import sys
+import base64
+from cryptography.fernet import Fernet
+
+
+
+usage_msg = "Usage: "+ sys.argv[0] +" (-e/-d) [file]"
+help_msg = usage_msg + "\n" +\
+        "Examples:\n" +\
+        "  To decrypt a file named 'pole.txt', do: " +\
+        "'$ python "+ sys.argv[0] +" -d pole.txt'\n"
+
+
+
+if len(sys.argv) < 2 or len(sys.argv) > 4:
+    print(usage_msg)
+    sys.exit(1)
+
+
+
+if sys.argv[1] == "-e":
+    if len(sys.argv) < 4:
+        sim_sala_bim = input("Please enter the password:")
+    else:
+        sim_sala_bim = sys.argv[3]
+
+    ssb_b64 = base64.b64encode(sim_sala_bim.encode())
+    c = Fernet(ssb_b64)
+
+    with open(sys.argv[2], "rb") as f:
+        data = f.read()
+        data_c = c.encrypt(data)
+        sys.stdout.write(data_c.decode())
+
+
+elif sys.argv[1] == "-d":
+    if len(sys.argv) < 4:
+        sim_sala_bim = input("Please enter the password:")
+    else:
+        sim_sala_bim = sys.argv[3]
+
+    ssb_b64 = base64.b64encode(sim_sala_bim.encode())
+    c = Fernet(ssb_b64)
+
+    with open(sys.argv[2], "r") as f:
+        data = f.read()
+        data_c = c.decrypt(data.encode())
+        sys.stdout.buffer.write(data_c)
+
+
+elif sys.argv[1] == "-h" or sys.argv[1] == "--help":
+    print(help_msg)
+    sys.exit(1)
+
+
+else:
+    print("Unrecognized first argument: "+ sys.argv[1])
+    print("Please use '-e', '-d', or '-h'.")
+
+```
+{: file="ende.py" }
+
+```plaintext
+gAAAAABgUAIV8D5MJdzgLLTkkMlbU84ARVwfX4brMt2rJQCjkpLItytfWVZe1L2dp4K8VrKgRU3axStKJEAqcM0iDaxiYE54Boh8UfAAo1RNifKnlDrFz0gLaznVSFVj2xAUa4V35180
+```
+{: file="flag.txt.en" }
+
+```plaintext
+68f88f9368f88f9368f88f9368f88f93
+```
+{: file="pw.txt" }
+
+Hm, looks like a python script, an encoded flag, and the password to decrypt said flag. Let's run the python script and see what the usage looks like.
+
+```terminal
+❯ python ende.py
+Usage: ende.py (-e/-d) [file]
+```
+
+Okay, so since we want to decrypt, lets use the `-d` flag, along with the `flag.txt.en` file.
+
+```terminal
+❯ python ende.py -d flag.txt.en
+Please enter the password:
+```
+
+Alrighty, and let's throw the password in that we got from the `pw.txt` file.
+
+```terminal
+❯ python ende.py -d flag.txt.en
+Please enter the password:68f88f9368f88f9368f88f9368f88f93
+picoCTF{4p0110_1n_7h3_h0us3_68f88f93}
+```
+
+FLAG: `picoCTF{4p0110_1n_7h3_h0us3_68f88f93}`

_posts/2025-07-12-picoctf-whats-a-net-cat.md

@@ -0,0 +1,31 @@
+---
+title: what's a net cat?
+date: 2025-07-12
+categories: [Capture The Flags, picoCTF]
+tags: [ctf, picoctf, misc, writeups]
+description: picoCTF what's a net cat? Challenge
+---
+
+
+> Challenge description:
+>
+>Using netcat (nc) is going to be pretty important. Can you connect to `jupiter.challenges.picoctf.org` at port `25103` to get the flag?
+{: .prompt-info }
+
+`Netcat` is a nifty tool that lets you read/write data via network connections. It's definitely something important to learn on your cybersecurity journey.
+
+In order to use it in its most basic sense, your command will look something like this:
+
+```terminal
+nc [domain/IP address] [port]
+```
+
+So, if we need to connect to `jupiter.challenges.pictoctf.org` on port `25103`, It should look as such:
+
+```terminal
+❯ nc jupiter.challenges.picoctf.org 25103
+You're on your way to becoming the net cat master
+picoCTF{nEtCat_Mast3ry_d0c64587}
+```
+
+FLAG: `picoCTF{nEtCat_Mast3ry_d0c64587}`