Description
A short interactive story walks through basic picoCTF rules. Connect over netcat, read the prompts, and pick the right dialogue options to prove you're the real teammate.
Setup
Launch the instance to reveal the unique port number assigned to your session.
Open a terminal and connect to `verbal-sleep.picoctf.net <PORT_FROM_INSTANCE>`.
Keep pressing Enter to advance the narrative until prompted for a response.
nc verbal-sleep.picoctf.net <PORT_FROM_INSTANCE>Solution
- Step 1Introduce yourselfPress Enter repeatedly through the opening exposition until the first prompt appears. Choose option A to confirm you agree to the competition rules.
Learn more
Netcat (nc) is a networking utility that reads from and writes to network connections using TCP or UDP. It is often called the "Swiss Army knife of networking" and is used in CTFs to connect to challenge services that present interactive text-based interfaces. The basic syntax
nc hostname portopens a raw TCP connection where you can type input and see server responses.Many CTF challenges use netcat-based interactive programs to test that participants understand the rules of the competition, agree to terms, or demonstrate basic interaction skills. These introductory challenges serve as a warm-up and ensure that everyone knows how to connect to challenge services - a prerequisite for every other netcat-based challenge in the competition.
If netcat is not installed on your system, alternatives include
ncat(from nmap),socat(more feature-rich), or even Python'ssocketmodule or pwntools'remote()function. On Windows, PowerShell 6+ includesTest-NetConnectionfor basic connectivity tests, but netcat itself needs to be installed separately. - Step 2Respond to the teammateAdvance through the next block of dialog (roughly six Enter presses) and again select option A when the choice appears. This reassures the NPC you are on the same side.
Learn more
Interactive text-based programs sent over TCP often implement simple state machines: the server sends a prompt, waits for input, transitions to a new state based on what it receives, and sends the next prompt. Understanding this pattern is useful for scripting interactions with pwntools or Python's socket library, which is often necessary for more complex challenges where you need to respond faster than human typing speed.
In security competitions, rules challenges like this one typically cover important policies: no attacking competition infrastructure, no sharing flags with other teams before the competition ends, no automated scanning of non-challenge systems, and respecting rate limits. These rules protect both the infrastructure and the fairness of the competition for all participants.
- Step 3Receive the flagAfter a few more Enter presses, the program launches a brief mini-game but immediately rewards you with the flag. You can also view it in your terminal scrollback if you miss it the first time.
Learn more
Terminal scrollback buffers store lines that have scrolled off the visible screen. In most terminal emulators (Terminal.app, GNOME Terminal, Windows Terminal, iTerm2), you can scroll up to see past output, search through it with Ctrl+Shift+F or similar shortcuts, or increase the scrollback limit in settings. For very long outputs, redirecting to a file with
nc host port | tee output.txtensures you never miss anything.The
teecommand writes to both standard output and a file simultaneously - useful when you need to see a live stream but also want a permanent record. This technique is helpful throughout CTF competitions: any time you collect output from a challenge service that you might need to reference later, piping throughteesaves it automatically.
Flag
picoCTF{m1113n1um_3d1710n_76b68...}
The exact number of Enter presses can vary slightly, but choosing option A both times is sufficient to finish the interaction.