Description
A musician who calls himself Mr. Worldwide has hidden a flag using GPS coordinates. Each coordinate maps to a city - the first letters spell the flag.
Setup
Download the file containing the coordinates.
wget <url>/message.txtSolution
Walk me through it- Step 1Read the coordinate listOpen the file. It contains a list of GPS coordinates (latitude, longitude pairs). Each coordinate points to a specific location on Earth.bash
cat message.txtLearn more
GPS coordinates use the WGS84 datum. Latitude ranges from -90 (South Pole) to +90 (North Pole). Longitude ranges from -180 to +180, with 0 at the Prime Meridian through Greenwich, England. Positive longitude is East, negative is West.
- Step 2Geocode each coordinate to a city nameFor each coordinate pair, use Google Maps (paste coordinates into the search bar) or a geocoding API to find the nearest city. Note the first letter of each city name.python
python3 << 'EOF' # Using geopy for reverse geocoding from geopy.geocoders import Nominatim geolocator = Nominatim(user_agent="picoctf") coords = [ # (lat, lon), # paste coordinates here ] for lat, lon in coords: location = geolocator.reverse(f"{lat}, {lon}") print(location.address) EOFLearn more
Reverse geocoding converts coordinates to a human-readable address. The Nominatim service (powered by OpenStreetMap) is free for low-volume use. Google Maps Geocoding API is more accurate but requires an API key.
For this challenge, the important part is the city name, not the full address. Focus on the major city closest to each coordinate.
- Step 3Take first letters to spell the flagCollect the first letter of each city name in order. These letters form the flag content. Wrap the result in picoCTF{...}.
Learn more
This encoding technique is called an acrostic - using the first letter of each word or item to spell a hidden message. It has been used in literature, art, and espionage for centuries.
Flag
picoCTF{...}
Geocode each coordinate to a city and take the first letter of each city name - they spell out the flag.