My First CTF (PicoCTF) — Obedient Cat!
Hello, my name is Zuber, had an interest in electronics since my young life but never had the opportunity to use computers due to financial issues back in Africa. Now I want to get into the cybersecurity field, and I know this is one of the amazing fields to be in!
Today, I will be walking you through solving my first ever CTF challenge from “PICO” which is aimed at beginners and high schoolers, but anyone can also participate in it and play around with it. For those of you who don’t know what a CTF is, it is basically a special kind of cybersecurity competition that allows participants — and teams — to test their skills through different challenges, including cryptography, programming, web hacking, and more. By capturing the flag, participants earn points depending on the test’s complexity or the time taken to solve it.
As I said, this is my first ever CTF and I was actually inspired by an incredible guy who also does cybersecurity CTF and more stuff on his YouTube channel. This is so simple to do, and it actually took me around 1 min because you only have to use a few commands in order to get the flag.
Room Name: Obedient Cat
First, we need to visit the PICO site at: https://play.picoctf.org/
You’re going to need a few things to do before we start solving this room.
- Go and click Sign Up at the bottom of the page, and create a new account. Make sure to use real email because you will need to verify your account after you sign up.
2. Make sure you use a strong password and something that you can remember, or just use a password manager.
3. Go to your email account and verify it if needed; if not, then you’re good to go.
Now that we’re done with the registration, go to, https://play.picoctf.org/practice then click general skills to see the room that we’re going to solve today.
Check out the screenshot down below to see more details.
Let me explain what each of these is.
- At the top, we have the room name “Obedient Cat”
- Next to the tags, we have the category, which is general skills.
- Under the author, we then have the description and more details about the flag, which gives us more information about the flag.
- Next to details, we have the “flag” which we’re going to download into our machine.
- Lastly, we have the “hints”’ top right, which also gives us more help on the challenge overall.
Now go and click “Download flag” and this file should be placed in your Download folder, or you can use a tool called wget which will install the file on your machine. But for now, let’s just do it the traditional way by just clicking the link file to download it.
Some of the commands that you may need are cat, ls/ls -l, wget, etc. For now, let's find the flag. Go to the directory where the file was downloaded and all you need to do is use this command to get the flag, which is in plain text.
Here are a few Linux commands that we’re going to be using to get the flag.
$ ls —> This command basically lists files and directories in the current path we are in.
$ ls -l → this will give us more details on each file and folder in the current directory including the size, file type, permission, etc.
$ cat — this is called concatenate, which basically outputs content from a file into our terminal.
$ cd — change directory — used to switch and change between directories.
Now we can get the contents that is this file by entering the following command:
$ cat filename, then we should be able to get it after doing this.
The flag file was downloaded into our Download directory on my macOS. Let’s move to our PicoCTF Folder, then get the flag from there.
Now to get the flag, simply enter the following command $ cat flag, and the flag should be up there.
To submit the flag, simply grab the flag and go back to the box and enter that in the input box, as shown below.
I was inspired to do my first CTF, which was pretty easy and straightforward. All we had to do was to use a few commands to get the flag and display it on our screen. Thanks to John Hammond, who inspired me to do this again. Hope you gain something from this. See ya next time.