picoCTF Solutions
picoCTF 2026General SkillsMedium

Undo

Published: March 20, 2026

Description

Can you reverse a series of Linux text transformations to recover the original flag?

Setup

Launch the challenge instance and connect.

You'll be given an obfuscated string and a description of the transformations applied to it.

Solution

  1. Step 1Identify the transformations
    The challenge applies a series of Linux command-line text transformations (e.g. rev, tr, base64, xxd, rot13). Each transformation is described or can be inferred from the output format.
  2. Step 2Reverse the transformations in order
    Apply each transformation's inverse in reverse order to recover the original flag.
    # Example pipeline reversal:
    # If the transformations were: base64 → rev → tr 'a-z' 'A-Z'
    # Then reverse: tr 'A-Z' 'a-z' → rev → base64 -d
    echo 'OBFUSCATED_STRING' | tr 'A-Z' 'a-z' | rev | base64 -d
    # Common reversals:
    echo 'STRING' | rev
    echo 'STRING' | base64 -d
    echo 'STRING' | xxd -r -p
    echo 'STRING' | tr 'A-Za-z' 'N-ZA-Mn-za-m' # ROT13
  3. Step 3Read the flag
    After applying all inverse transformations, the result should start with 'picoCTF{'.

Flag

picoCTF{und0_th3_tr4nsf0rm_...}

Apply each transformation in reverse order -- common Linux text tools like rev, tr, base64, and xxd are involved.