picoCTF 2022 | Operation Oni Write-up

Challenge description

Note: you must launch a challenge instance in order to view your disk image download link.

Download this disk image, find the key and log into the remote machine. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory.

Category: Forensics


To start, click the “Launch instance” button for further instructions for the challenge.

As usual, I downloaded the provided file, and extracted the content with gzip -d and binwalk -e.

Having no idea what to look for just yet, I decided to first look up what the -i option for ssh means. Apparently, this option allow you to ssh into remote machines with an identify file in place of inputting login credentials.

After some more digging, I found this medium post suggests that the file should be in a hidden .ssh folder somewhere.

Let’s look for it with find | grep .ssh

Found it!
There seem to be 2 files here, I’ll grab them both just in case

Now to run the command the challenge provided, substituting “key_file” for “id_ed25519”. Running it just like that returned a warning:

Okay, let’s fix the file’s permission with chmod id_ed25519 600

And we’re in
All that’s left is to get the flag!

One response to “picoCTF 2022 | Operation Oni Write-up”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: