Serpentine#

This is the most challenging question Ive solved (took me 6hrs), the logic is to open flag.txt or even run bash command without even typing the letters!

So, after * I can tell there’s a folder called blargh.

when run */*, it reveals a flag.txt inside blargh folder

This is the secret: special bash variable $_ This can be used to see the last argument given to the previous command.

I asked my friend on more tips to solve this, and my friend gimme this link: Can Bash substring offset be omiited?

Finally with the help of the letters c, a, t from on-calastran.txt, i can finally read the flag.txt file

Scan Surprise#

this was the easiest thing ive done, just unzip files, open image and scan qr code.

Verify#

Author: Jeffery John Description People keep trying to trick my players with imitation flags. I want to make sure they get the real thing! I’m going to provide the SHA-256 hash and a decrypt script to help you know that my flags are legitimate.

first thing first, open linux and run the script.

After ls the files, i figured i can just loop them instead of checking one by one since its so tedious to do so.

information#

This is prob the hardest ive done, because when i actually looked at the hint. Spoilers Alert: “look at the file” NOT THE CAT!

So, i used exiftool to extract some juicy infos. At the beginning, i was like where’s the answer??? But when i take a deep look, and i paste everything into the cyberchef, i found this particular line (highlighted in green) delivered me straight to the answer

what’s a net cat?#

Using netcat (nc) is going to be pretty important. Can you connect to jupiter.challenges.picoctf.org at port 64287 to get the flag?

I find this interesting because of the title lol

First, install netcat on terminal. Then, Connect to the Host and Port: nc jupiter.challenges.picoctf.org 64287

so ezzZ = =

Serpentine - Find the flag in the Python script!#

This one is pretty easy, just call this function print_flag()