picoctf answers

picoctf answers from Pastebin

    
        Forensics Warmup 1: Can you unzip this file for me and retreive the flag?
Windows makes this easy. I downloaded the file and unzipped it. The file was an image of the flag.
picoCTF{welcome_to_forensics}

Forensics Warmup 2: Hmm for some reason I can't open this PNG? Any ideas?
Windows again makes this very easy. It recognizes the correct file type and opens the file with a problem. The file is an image file and the flag is in the image.
picoCTF{extensions_are_a_lie}

Reversing Warmup 1:Throughout your journey you will have to run many programs. Can you navigate to /problems/reversing-warmup-1_4_6b2499250c4624337a1948ac374c4934 on the shell server and run this program to retrieve the flag?
ls /problems/reversing-warmup-1_4_6b2499250c4624337a1948ac374c4934 //My first question was what was in the folder? I found a program
	called run
cd /problems/reversing-warmup-1_4_6b2499250c4624337a1948ac374c4934 // I navigated to the folder.
./run //I executed the program.
picoCTF{welc0m3_t0_r3VeRs1nG}

Revering Warmup 2: Can you decode the following string dGg0dF93NHNfczFtcEwz from base64 format to ASCII?
I searched Google for a base64 to ASCII decoder and found https://www.base64decode.org/. I copied and pasted to coded text and the result was "th4t_w4s_s1mpL3". Knowing how this game likes its answers, I put the following answer:
picoCTF{th4t_w4s_s1mpL3}

Crypto Warmup 1: Crpyto can often be done by hand, here's a message you got from a friend, llkjmlmpadkkc with the key of thisisalilkey. Can you use this table to solve it?.
At first, I tried to use the find the first letter of the message and find the letter on the left side of the table. Then, I would use the first letter of the key and find the letter on the top of the table. Then I would find where the two letter would intersect. After watching a Youtube video, I realized my mistake. The correct way to solve the puzzle was to find the first letter of the message on the left of the table. Then, find the first letter of the key on the line with the first letter of the message. The letter on top of the column would be the first letter of the decoded message. I did this with every letter in the sequence.
picoCTF{SECRETMESSAGE}

Crypto Warmup 2: Cryptography doesn't have to be complicated, have you ever heard of something called rot13? cvpbPGS{guvf_vf_pelcgb!}
I googled rot13 thinking it was an encryption and I was right. I came across the website rot13.com and entered in the encrypted message.
picoCTF{this_is_crypto!}

HEEEEEEERE'S Johnny!: Okay, so we found some important looking files on a linux computer. Maybe they can be used to get a password to the process. Connect with nc 2018shell.picoctf.com 35225. Files can be found here: passwd shadow.
picoCTF{J0hn_1$_R1pp3d_99c35524}
There were so many signs that I needed to use John the Ripper to get the login credentials. I missed ALL of them. With a little help, I located John the Ripper and used the following commands:
wget https://www.openwall.com/john/j/john-1.8.9.tar.xz // I always wondered what the wget command was used for...
xz -d john-1.8.9.tar.xz // Decompress the file
tar xpf john-1.8.0.tar // Extract the program
cd ../src //Navigate to src folder
make //Discover the type of system I am using
make clean linux-x86-64 // This installs John the Ripper on a linux x86 64 box
cd ../run // Navigate to the run folder
wget --no-check certificate https://2018shell.picoctf.com/static/a488bb3c175bc843e0fbce95fff920d9/passwd //This gets 
	the passwd file, but the vm had a problem because its own website didn't have valid certificates. Hence the
	option.
wget --no-check certificate https://2018shell.picoctf.com/static/a488bb3c175bc843e0fbce95fff920d9/shadow // Rinse and
	 repeat with the shadow file.
Now that I have everything I need, it is time to get crackin.
./unshadow passwd shadow > combo //combines the files into one called combo
./john combo // Cracks the file and outputs to screen
I received the results hellokitty and (root).
nc 2018shell.picoctf.com 35225 // Connected to the server and used the user root and the password hellokitty.
picoCTF{J0hn_1$_R1pp3d_99c35524}  

Inspect Me: Inpect this code! http://2018shell.picoctf.com:35349 (link)
I went to the website and started to inspect the code. The main site had this little tidbit hidden in the author's notes:

There were some links hidden in the page source.  and