DEV Community

zerogru
zerogru

Posted on

[picoctf] Verify writeup

Title:

Verify

Author:

Jeffery John

Date:

8/10/2024

Challenge Description

https://play.picoctf.org/practice/challenge/450

Difficulty Level

Easy

Setup

kali linux

Solution Overview

Detailed Steps

1.List information about the /home FILEs all

ls -al
total 28
drwxr-xr-x 3 root root  4096 Mar 11 20:09 .
drwxr-xr-x 3 root root  4096 Aug 10 14:31 ..
-rw-r--r-- 1 root root    65 Mar 11 20:09 checksum.txt
-rwxr-xr-x 1 root root   856 Mar 11 20:09 decrypt.sh
drwxr-xr-x 2 root root 12288 Mar 11 20:09 files
Enter fullscreen mode Exit fullscreen mode

2.Concatenate FILE(s), or standard input, to standard output.

cat checksum.txt                             
3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4
Enter fullscreen mode Exit fullscreen mode
  1. Check SHA256(256-bit) checksums read with file. and also search checksum.txt output character.
sha256sum files/* | grep "3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4"
3ad37ed6c5ab81d31e4c94ae611e0adf2e9e3e6bee55804ebc7f386283e366a4  files/e018b574
Enter fullscreen mode Exit fullscreen mode

4.run decrypt.sh

./decrypt.sh files/e018b574
Error: 'files/e018b574' is not a valid file. Look inside the 'files' folder with 'ls -R'!
Enter fullscreen mode Exit fullscreen mode

I got error message

5.When i found decrypt.sh code i saw that is. openssl cryptofrphy toolkit.

cat decrypt.sh  
        #!/bin/bash

        # Check if the user provided a file name as an argument
        if [ $# -eq 0 ]; then
            echo "Expected usage: decrypt.sh <filename>"
            exit 1
        fi

        # Store the provided filename in a variable
        file_name="$1"

        # Check if the provided argument is a file and not a folder
        if [ ! -f "/home/ctf-player/drop-in/$file_name" ]; then
            echo "Error: '$file_name' is not a valid file. Look inside the 'files' folder with 'ls -R'!"
            exit 1
        fi

        # If there's an error reading the file, print an error message
        if ! openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "/home/ctf-player/drop-in/$file_name" -k picoCTF; then
            echo "Error: Failed to decrypt '$file_name'. This flag is fake! Keep looking!"
        fi
Enter fullscreen mode Exit fullscreen mode

6.code said openssl by Encoding with Ciphers.

Final Exploit/Flag

openssl enc -d -aes-256-cbc -pbkdf2 -iter 100000 -salt -in "files/e018b574" -k picoCTF
picoCTF{trust_but_verify_e018b574}
Enter fullscreen mode Exit fullscreen mode

Lessons Learned

Forensics

References

https://linux.die.net/man/1/ls
https://linux.die.net/man/1/cat
https://linux.die.net/man/1/file
https://linux.die.net/man/1/grep
https://linux.die.net/man/1/sha256sum
https://linux.die.net/man/1/openssl

Top comments (0)