Challenge Author: Jeffery John

Description

  “People keep trying to trick my players with imitation flags. I want to make sure they get the real thing! I’m going to provide the SHA-256 has and a decrypt script to help you know that my flags are legitimate.”

Process / Notes

1. Downloading the file with wget <link>
2. Unzip the download with unzip <download>

• Saw that a lot of files got unzipped, originating in the files directory

3. cd into the drop-in directory
4. cat checksum.txt
5. Now we need to compare this checksum against the checksum for everything in the files directory
6. We can achieve that by first getting the checksums of every file in the files directory with sha256sum files/*

• Each line will display the checksum followed by the file the checksum is from

7. Then we can pipe the result into grep to produce online the line that matches the checksum from the checksum.txt file.
8. sha256sum files/* | grep 'checksum-from-the-file'
9. Now that we have the proper file, we can run the decryption script with ./decrypt.sh files/the-file-with-the-flag

• There was an error when doing this one on the web-terminal and when performing it locally, but connecting with ssh and running the decryption ended up producing the proper flag

Hints

1. Checksums let you tell if a file is complete and from the original distributor. If the hash doesn’t match, it’s a different file.
2. You can create a SHA checksum of a file with sha256sum <file> or all files in a directory with sha256sum <directory>/*
3. Remember you can pipe the output of one command to another with |. Try practicing wtih the ‘First Grep’ challenge if you’re stuck!

Core Lessons

1. You can get the checksums of a whole directory by using the ‘*’ wildcard
2. You can narrow your search by piping the results into the grep command