Figure 1: The challenge description.

The instance shows the information for connecting to the remote server via SSH. No additional clues other than the description was given.

The syntax for connecting to SSH server through a given port is:

ssh -p <port> <username>@<website URL>
Figure 2: Remote login with SSH.

The tool that automates tasks to run at set intervals in linux is usually cron. The crontab file is at /var/spool/cron/crontabs. Trying to access this file gave me a warning as I lack user privilege as a picoCTF player to see the crontab file.

However, upon surfing through some of the directories, I have found an interesting hack in the form of a custom directory, named “challenge” in the root of the file system.

Figure 3: The mysterious repository.

The /challenge directory contains a file named ‘metadata.json’ that holds the flag as its content.

Figure 4: The flag hidden inside the json.

You Might Also Like

Leave a Reply