HashingJobApp Beginner picoMini 2022 Solution

Published: April 2, 2026

Description

The server asks you to compute the MD5 hash of a word several times. Answer each prompt correctly to get the flag.

Remote

Connect to the server with netcat.

bash
nc saturn.picoctf.net <PORT>

Solution

Want to try it yourself first?

The guided walkthrough reveals hints one step at a time.

Walk me through it
  1. Step 1
    Connect and read the prompt
    Observation
    I noticed the challenge description says the server asks you to compute an MD5 hash, which suggested the first action is simply connecting via netcat and carefully reading the full server prompt before computing anything.
    Connect with netcat. The server asks you to MD5-hash the text between quotes, excluding the quotes themselves. Read the word it gives you.
    bash
    nc saturn.picoctf.net <PORT>
    What didn't work first

    Tried: Sending a response immediately without reading the full prompt first

    The server sends a multi-line prompt that includes both the instruction and the quoted word to hash. If you send a reply before reading to the end of the prompt, you will hash the wrong token or miss it entirely and the server will reject your answer. Always read the complete server output before computing and replying.

    Learn more

    MD5 (Message Digest 5) is a cryptographic hash function that produces a fixed 128-bit (32 hex character) digest from any input. Hash functions are deterministic - the same input always produces the same output - and designed to be one-way: you cannot reverse a hash to recover the original input.

    The server sends the prompt: please md5 hash the text between quotes excluding the quotes. The quoted word changes each time.

  2. Step 2
    Compute the MD5 hash and reply
    Observation
    I noticed the server prompt explicitly requests an MD5 hash of a specific quoted word, which suggested using md5sum with echo -n to avoid a trailing newline altering the digest before pasting only the 32-character hex output back into the netcat session.
    In a separate terminal, run md5sum with the word (using echo -n to avoid hashing the newline). Copy the resulting 32-character hex digest and paste it back into the netcat session. Repeat for each round.
    bash
    echo -n 'computers' | md5sum

    Expected output

    524164822d03894ee68052e183e7ea36  -
    What didn't work first

    Tried: Running 'echo computers | md5sum' without the -n flag

    Without -n, echo appends a newline character to the string before piping it to md5sum, so you are hashing 'computers\n' instead of 'computers'. The resulting digest is completely different and the server rejects it every time. The fix is to always include -n: 'echo -n computers | md5sum'.

    Tried: Pasting the full md5sum output ('524164822d03894ee68052e183e7ea36 -') into the netcat session

    md5sum prints the 32-character hex digest followed by two spaces and a dash (representing stdin). The server expects only the 32-character hex digest. Pasting the trailing ' -' causes the server to reject the answer. Copy only the first 32 characters of the md5sum output.

    Learn more

    echo -n prints the string without appending a newline character. Hashing computers\n produces a completely different digest than hashing computers, so the -n flag is essential. On macOS, use md5 -s computers instead.

    The server repeats the challenge several times before printing the flag. Each round, copy the word from the netcat output, compute its MD5 in the other terminal, then paste the hex digest back. The server closes the connection after a few seconds of inactivity, so work quickly. If the manual approach is too slow, write a short Python script using the hashlib and socket modules (or pwntools) to automate reading each word, computing its MD5, and sending the reply.

    While MD5 is fast and widely supported, it is cryptographically broken for security purposes - collision attacks have been demonstrated. Modern systems use SHA-256 or SHA-3 instead. MD5 still appears in CTFs and legacy systems, so recognizing it is an important skill.

Interactive tools
  • Hash IdentifierIdentify unknown hash types by length and prefix. Covers MD5, SHA-1, SHA-256, SHA-512, bcrypt, NTLM, and more.
  • Checksum CalculatorCompute CRC32, SHA-1, SHA-256, SHA-384, and SHA-512 hashes for text or uploaded files. Verify against known hashes.

Flag

Reveal flag

picoCTF{4ppl1c4710n_r3c31v3d_...}

echo -n is required to suppress the trailing newline - hashing a word with a newline attached produces a completely different MD5 than the server expects.

Key takeaway

Cryptographic hash functions map arbitrary input to a fixed-length digest in a way that is deterministic, one-way, and highly sensitive to input changes (a single extra newline character produces a completely different hash). MD5 was once the standard for data integrity checks and password storage, but collision attacks demonstrated in 2004 and 2008 made it unsuitable for security-critical uses. Modern systems use SHA-256 or SHA-3 for integrity and bcrypt, scrypt, or Argon2 for password hashing, where the computational cost deliberately slows down brute-force cracking.

Related reading

Want more Beginner picoMini 2022 writeups?

Useful tools for General Skills

What to try next