Description
Connect to a program that outputs data faster than you can read it. Use pipes to filter the output.
Setup
Connect to the server at 2019shell1.picoctf.com port 4427.
The server outputs a large stream of data -- pipe it through grep to isolate the flag.
Solution
- Step 1Pipe netcat output through grepThe server floods the terminal with data. By piping nc's stdout directly into grep, only lines containing 'picoCTF' are printed -- the rest is silently discarded.nc 2019shell1.picoctf.com 4427 | grep picoCTF
Learn more
The Unix pipe (
|) is one of the most powerful ideas in operating system design. It connects the standard output (stdout) of one process directly to the standard input (stdin) of another, allowing programs to be composed like building blocks without either program knowing about the other.In this challenge,
nc(netcat) sends everything from the server to its own stdout. Without a pipe, all of that data would scroll past in the terminal. By piping intogrep picoCTF, only lines matching the pattern are forwarded to your terminal -- grep reads stdin line by line and writes only matching lines to its own stdout.This pattern appears constantly in real-world Linux work:
ps aux | grep nginx-- find running nginx processesdmesg | grep -i error-- find kernel errors in boot logcat /etc/passwd | grep bash-- find users with bash shellsjournalctl | grep "Failed password"-- find SSH brute-force attempts
The philosophy behind Unix pipes -- "do one thing well, and compose programs together" -- is described in the original Unix philosophy by Doug McIlroy. It means that
grep,sort,awk,sed, and dozens of other tools can be combined in arbitrary ways without modifying any of them.
Flag
picoCTF{...}
Unix pipes (|) connect stdout of one command to stdin of another -- essential for filtering large output streams.