Use inspect element, or view source to look in the source code of the page. We see a part of the flag as a comment We can then do the same with mycss.css and myjs.js to get the other parts.

Final flag: picoCTF{tru3_d3t3ct1ve_0r_ju5t_lucky?832b0699}

Go to CyberChef and paste in the text between {} Add in the rule ROT13to the recipe and set the amount to25`

Final flag: picoCTF{crossingtherubiconzaqjsscr]

Replace the call to exec with print. When run the program will output the unpacked code containing the flag.

Final flag: picoCTF{175_chr157m45_85f5d0ac}

View source on the challenge page. Notice the verify function. Construct the string that would pass that check.

Final flag: picoCTF{no_clients_plz_1a3c89}

Looking at the source we see a function called check_key. It does a bunch of checks to see if our input is a valid key. Thankfully we have all the info necessary to recreate it, instead of comparing we can just print the correct value. I just copy-pasted the original code and deleted some of the unnecessary parts.

Code:

import hashlib
from cryptography.fernet import Fernet
import base64



# GLOBALS --v
arcane_loop_trial = True
jump_into_full = False
full_version_code = ""

username_trial = "SCHOFIELD"
bUsername_trial = b"SCHOFIELD"

key_part_static1_trial = "picoCTF{1n_7h3_|<3y_of_"
key_part_dynamic1_trial = "xxxxxxxx"
key_part_static2_trial = "}"
key_full_template_trial = key_part_static1_trial + key_part_dynamic1_trial + key_part_static2_trial


def get_key(username_trial):

        key = key_part_static1_trial


        key = key + hashlib.sha256(username_trial).hexdigest()[4]
        key = key + hashlib.sha256(username_trial).hexdigest()[5]
        key = key + hashlib.sha256(username_trial).hexdigest()[3]
        key = key + hashlib.sha256(username_trial).hexdigest()[6]
        key = key + hashlib.sha256(username_trial).hexdigest()[2]
        key = key + hashlib.sha256(username_trial).hexdigest()[7]
        key = key + hashlib.sha256(username_trial).hexdigest()[1]
        key = key + hashlib.sha256(username_trial).hexdigest()[8]

        key += key_part_static2_trial

        print(key)

get_key(bUsername_trial)

Final flag: picoCTF{1n_7h3_|<3y_of_e584b363}

When looking at index.js we can see that our message is included into an unsanitized commandline. We can break out and execute anything we want by using a ; then we can cat the flag cat falg.txt Here the flag is called falg.txt for some reason.

Final payload: alune;cat falg.txt Final flag: picoCTF{moooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo0o}

You would usually solve something like this using statistical analysis for letters and groups of letters. Knowing that the text is English we can assume that the most common letter is also the most common letter in English text. Same goes for groups of letters. This would also be easier if we had spaces and punctuation. If you promise you understand all that I'll let you use quipqiup so it can do all that for you. (select statistics in the drop down)

Final flag: picoCTF{N6R4M_4N41Y515_15_73D10U5_8E1BF808}

Use python PIL If you play around with different operation for each pail of pixels you’ll notice that a lot of them turn white when using xor. Make the non white ones obvious.

Code:

from PIL import Image

image1 = Image.open("scrambled1.png")
image2 = Image.open("scrambled2.png")
output = Image.new("RGB", size=image1.size)

data = []

for pixel1, pixel2 in zip(image1.getdata(), image2.getdata()):
    data.append((pixel1[0] ^ pixel2[0], pixel1[1] ^ pixel2[1], pixel1[2] ^ pixel2[2]))
    if data[-1] != (255, 255, 255):
        data[-1] = (0, 0, 0)

output.putdata(data)

output.save("output.png")

Final flag: picoCTF{2a4d45c7}