Description
This file has a flag in plain sight (which is what 'in-the-clear' means). Download the file called flag.
Setup
Download the flag file using wget.
Solution
- Step 1Print the file contentsThe flag is stored as plain text in the file. Use cat to print it directly to the terminal.cat flag
Learn more
cat(short for "concatenate") is one of the most commonly used Unix commands. It reads one or more files and writes their contents to standard output. Despite its simplicity, it's the go-to tool for quickly inspecting small text files, and it's also used to chain files together:cat file1 file2 > combined."In the clear" (or "in plaintext") means data is stored or transmitted without any encryption or obfuscation -- it's immediately human-readable. The opposite is data "at rest" protected by encryption, where you need a key to read it. Many real-world security incidents involve sensitive data left in the clear: API keys in public GitHub repos, passwords in unencrypted config files, or traffic sent over HTTP instead of HTTPS.
wget(Web GET) is a command-line tool for downloading files from the web. It supports HTTP, HTTPS, and FTP. For CTF work,wget <url>is the quickest way to pull down challenge files without opening a browser. An alternative iscurl -O <url>, which provides more control over HTTP headers and request methods.
Flag
picoCTF{...}
The simplest possible challenge -- the flag is the entire file contents.