runme.py Beginner picoMini 2022 Solution

Published: April 2, 2026

Description

Run this Python script to get the flag.

Download runme.py from the challenge page.

Solution

Want to try it yourself first?

The guided walkthrough reveals hints one step at a time.

Walk me through it
New to Python scripting for CTF? Python for CTF: Essential Scripting Techniques covers binary I/O, encoding, sockets, pwntools, and automating repeated operations.
  1. Step 1
    Run the script
    Observation
    I noticed the challenge provides a .py file and instructs us to run it, which indicated that the flag is printed at runtime by the Python interpreter rather than stored as a plain string in the source.
    Execute runme.py with the Python 3 interpreter. The script prints the flag directly to stdout - no additional input is needed.
    python
    python3 runme.py

    Expected output

    picoCTF{run_s4n1ty_run}
    What didn't work first

    Tried: Run the script with 'python runme.py' instead of 'python3 runme.py'

    On many modern Linux systems 'python' points to Python 2, which is end-of-life and may throw a SyntaxError or produce wrong output if the script uses Python 3 syntax. The fix is to always explicitly use 'python3' so you get the correct interpreter version.

    Tried: Open runme.py in a text editor and look for the flag string inside the source

    The flag is not a plain hardcoded string literal that is immediately visible on inspection - it is assembled or printed at runtime. Simply reading the file with cat or a text editor skips execution and you never see the assembled output. Running the script with the interpreter is required to trigger the print statement and display the flag.

    Learn more

    Python is an interpreted language - scripts are not compiled to native machine code in advance but are read and executed line by line by the Python interpreter. Running a script requires explicitly invoking the interpreter: python3 runme.py tells the shell to start the Python 3 interpreter and pass it the file as input.

    The distinction between python3 and python matters: on many modern Linux and macOS systems, the python command points to Python 2 (now end-of-life), while python3 explicitly invokes Python 3. Always use python3 unless you know the script requires Python 2.

    On Unix-like systems, a script can be made directly executable by:

    • Adding a shebang line at the top: #!/usr/bin/env python3
    • Granting execute permission: chmod +x runme.py
    • Running it directly: ./runme.py

    The shebang (#!) tells the kernel which interpreter to use for the file. CTF scripts often lack this, requiring you to invoke the interpreter manually - which is always safe and explicit.

    Understanding the execution model of an interpreted language is foundational to security work. When you run python3 runme.py, the interpreter first parses the entire script into an abstract syntax tree (AST), then compiles that AST into bytecode, and finally executes the bytecode in a virtual machine. This process happens transparently and nearly instantly for small scripts, which is why Python is so convenient for quick CTF tooling.

    From a security perspective, never run a Python script you have not reviewed - especially one downloaded from an untrusted source. Scripts can execute arbitrary system commands, read files, make network connections, or install malware. CTF challenge scripts are generally safe, but developing the habit of quickly scanning a script before running it is good practice that carries over into professional security work.

    Python scripts are also a common vehicle for reverse engineering challenges. Compiled Python applications distribute .pyc bytecode files (found in __pycache__/ directories) that can be decompiled back to readable source using tools like uncompyle6 or decompile3. If you ever receive a .pyc file instead of a .py file, decompiling it is usually the first step to understanding what it does.

    Related tools you will encounter in future CTF Python challenges include pwntools, a Python library designed specifically for exploit development that provides primitives for connecting to remote services, packing integers to binary, and interacting with processes. Many CTF solve scripts are written entirely in Python using pwntools, making comfort with the interpreter an essential skill from the very start.

Flag

Reveal flag

picoCTF{run_s4n1ty_run}

The simplest possible challenge - Python scripts must be explicitly executed with the interpreter; they do not run on their own by double-clicking in most CTF environments.

Key takeaway

Interpreted languages like Python require an explicit runtime invocation because the source file is not a native executable. The interpreter reads, compiles to bytecode, and runs the script in a single step, which is why Python is the dominant language for CTF tooling, exploit scripts, and security automation. Learning to run, modify, and read Python scripts is a prerequisite for nearly every category of CTF work beyond the most basic challenges.

Related reading

Want more Beginner picoMini 2022 writeups?

Useful tools for General Skills

What to try next