PicoCTF: Nice netcat write-up
This challenge shows how important it is to understand data representation and conversion techniques in cybersecurity. We need to find a hidden flag by converting ASCII codes into human-readable text. To do this, we’ll connect to a server, examine its output, and use a handy conversion tool.
Solution
After connecting to the server, we get a list of numerical values. Taking a closer look at these values, we notice that they all fall within the range of printable ASCII codes, suggesting that the challenge involves converting ASCII codes back into text characters. To accomplish this, we can use an online conversion tool, such as RapidTables ASCII to Text Converter.
We can also code our own tool to solve this challenge (I used Python here):
#!/usr/bin/env python3 import socket HOST = "mercury.picoctf.net" PORT = 7449 # Create a socket and establish a connection to the server with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: IP = socket.gethostbyname(HOST) s.connect((IP, PORT)) # Receive the server's response, decode it, remove whitespaces response = s.recv(4096).decode().strip() # Split the response into individual ASCII code values # and save them into a list ascii_codes = [int(x) for x in response.split(' \n')] # Convert the numerical ASCII codes into characters and display the result decoded_text = ''.join(chr(character_code) for character_code in ascii_codes) print(decoded_text)