Description
The “useless” workstation exposes SSH access plus a suspicious calculator script. Somewhere inside its documentation hides the flag.
Setup
SSH into saturn.picoctf.net on port 64713 with the provided credentials.
List the home directory, execute ./useless, and read both the script and its man page.
ssh picoplayer@saturn.picoctf.net -p 64713passwordls && ./uselessman uselessSolution
- Step 1Inspect the scriptRunning the script without proper arguments prompts you to “Read the code first.” View the bash source to learn it performs basic math operations.
cat uselessLearn more
Shell scripts are plain-text files containing sequences of shell commands. Unlike compiled binaries, their source code is always readable with
cator a text editor - there's no compilation step to reverse. This transparency is both a feature (easy to audit) and a limitation (no obfuscation possible without an external binary).Bash scripts often use a shebang line at the top (
#!/bin/bash) to specify the interpreter. The script's error message telling you to "Read the code first" is a metacommentary - the challenge is literally teaching you that reading source code is the right debugging approach. In CTF terms, source code review (white-box testing) is always preferable to black-box guessing when the source is available. - Step 2Read the manualThe maintainer stashed the picoCTF flag at the bottom of the manual page. Simply run man useless and scroll to the end.
man uselessLearn more
man pages (manual pages) are the traditional documentation system for Unix/Linux programs. Every standard command has a man page accessible via
man <command>. Man pages are written in troff/groff markup and displayed through a pager (usuallyless). They're organized into sections: 1 (user commands), 2 (system calls), 3 (library functions), 5 (file formats), 8 (system administration), etc.Custom programs can install their own man pages in
/usr/local/share/man/or/usr/share/man/. This challenge placed a man page for theuselessscript there, mimicking how real software is documented. The flag hidden at the bottom of the man page teaches you to always read documentation thoroughly - important context, warnings, or in this case flags, are often at the end.Navigating man pages: Man pages open in
lessby default. Key navigation:Spaceorf- scroll forward one pageb- scroll backward one pageG- jump to the end (where the flag is)g- jump to the beginning/pattern- search for a pattern (e.g.,/picoCTF)q- quit
Real-world significance: Hiding data inside documentation is a form of steganography by obscurity. In real penetration testing, reading all available documentation, comments, and metadata of a target system is called information gathering or reconnaissance - you never know what useful details (API keys, internal URLs, debug flags) might be left in plain sight inside docs and comments.
Flag
picoCTF{us3l3s...it3d_4373}
No exploitation is required; just follow the hints inside the tool’s documentation.