picoCTF Solutions
Beginner picoMini 2022General SkillsEasy

runme.py Beginner picoMini 2022 Solution

Published: April 2, 2026

Description

Run this Python script to get the flag.

Setup

Download runme.py from the challenge page.

Solution

Walk me through it
New to Python scripting for CTF? Python for CTF: Essential Scripting Techniques covers binary I/O, encoding, sockets, pwntools, and automating repeated operations.
  1. Step 1Run the script
    Execute runme.py with the Python 3 interpreter. The script prints the flag directly to stdout - no additional input is needed.
    python
    python3 runme.py
    Learn more

    Python is an interpreted language - scripts are not compiled to native machine code in advance but are read and executed line by line by the Python interpreter. Running a script requires explicitly invoking the interpreter: python3 runme.py tells the shell to start the Python 3 interpreter and pass it the file as input.

    The distinction between python3 and python matters: on many modern Linux and macOS systems, the python command points to Python 2 (now end-of-life), while python3 explicitly invokes Python 3. Always use python3 unless you know the script requires Python 2.

    On Unix-like systems, a script can be made directly executable by:

    • Adding a shebang line at the top: #!/usr/bin/env python3
    • Granting execute permission: chmod +x runme.py
    • Running it directly: ./runme.py

    The shebang (#!) tells the kernel which interpreter to use for the file. CTF scripts often lack this, requiring you to invoke the interpreter manually - which is always safe and explicit.

    Understanding the execution model of an interpreted language is foundational to security work. When you run python3 runme.py, the interpreter first parses the entire script into an abstract syntax tree (AST), then compiles that AST into bytecode, and finally executes the bytecode in a virtual machine. This process happens transparently and nearly instantly for small scripts, which is why Python is so convenient for quick CTF tooling.

    From a security perspective, never run a Python script you have not reviewed - especially one downloaded from an untrusted source. Scripts can execute arbitrary system commands, read files, make network connections, or install malware. CTF challenge scripts are generally safe, but developing the habit of quickly scanning a script before running it is good practice that carries over into professional security work.

    Python scripts are also a common vehicle for reverse engineering challenges. Compiled Python applications distribute .pyc bytecode files (found in __pycache__/ directories) that can be decompiled back to readable source using tools like uncompyle6 or decompile3. If you ever receive a .pyc file instead of a .py file, decompiling it is usually the first step to understanding what it does.

    Related tools you will encounter in future CTF Python challenges include pwntools, a Python library designed specifically for exploit development that provides primitives for connecting to remote services, packing integers to binary, and interacting with processes. Many CTF solve scripts are written entirely in Python using pwntools, making comfort with the interpreter an essential skill from the very start.

Flag

picoCTF{...}

The simplest possible challenge - Python scripts must be explicitly executed with the interpreter; they do not run on their own by double-clicking in most CTF environments.

Want more Beginner picoMini 2022 writeups?

Browse Beginner picoMini 2022Full library

Useful tools for General Skills

Related reading

What to try next