 What's going on everybody? My name is John Hammond. We're still looking at Pico CTF 2019. This challenge is called warmed up for 50 points in the general skills category. Only 16,000 people, 370 solve it. So it's super hard. It's difficult. There's no way we can solve it. It says, what is 0x3D base 16, right? In decimal or base 10. The hints here say that we need to submit our answer in the competition flag format. So wrapped in Pico CTF curly braces. Let's go ahead and do this. Again, I'm not going to use askyoutohex.com, any cheesy online tools. I'm just going to do this in Python because that is normally the weapon that I reach for first. Let's make a directory warmed up. Let's move in there and normally we can solve this kind of just as we did previously with the other video that's on like let's warm up. If we just have 0x3D or whatever your number happens to be, Python will simply return that out to us in its decimal notation. So super easy and we can wrap this now in a Python command that will just display our flag for us nice and easy. So I'll use Python taxi. We'll just print out our Pico CTF curly braces and I'll use that percent s to use some string format specifiers. And I'll percent that with just simply 0x3D in my case. And there it is Pico CTF 61. That's our flag. We could go ahead and submit that super, super easy, super simple, just some simple base conversion. That's it. That's our flag. I want to sprinkle in something new for this video, though, we want to automate the ability to save our flag dot text in our get flag dot sh script. If we have a simple one liner that we just run in bash to get the flag. So let's do that. I'm going to create a simple like save flag dot sh script. And we need a shebang line right been bash. And what we're going to do is we're actually going to take the output of the history command. So if we were to run this Python command that would grab the flag for us, if we were looking at our history, we can see it's in there just before our last entry for actually running the history command. We need to cut this up though, because we want to remove all of those actual numbers that are prefixing the actual, actual command that we ran. So I'm going to use f six, because I just counted that amount of spaces will get us to our actual command. You can see that it's just going to get the very, very first command that we run, though, not the arguments including. So we need to use another hyphen following that to grab everything since the very, very last line. Now we can cut that up. Let's say we ran our command just previously. We run history. Let's grab the last two with tail. And let's grab from that the very top one. So we just get that second from the last entry there. And that will be the actual command that we ran. We can save that capture that inside of a variable. And now we can just say syntax can equal the actual output of that command that we're receiving. Again, I'm just using simple bash command substitution. And we can say, let's create a get flag script reading from cat until our end of file. That way we include our shebang line. And we'll include our actual syntax that we just saved as a variable. We'll note the end of file there. Let's mark it as executable. And now let's actually run the script nice and easy and redirect that to flag dot text. Cool. So theoretically, that'll grab the previous command we ran, build a super small and simple get flag script that just captures the command for us, and it'll redirect it, say the actual output as our flag dot text. Let's go ahead and run that. I'll mark that save flag script as executable. I will run the command that would normally have saved the flag for us. And we need to actually source this script again, because we need to be able to get the history for this current bash session. So we can source our save flag dot sh and we have already failed. Let's check out what we have here. So line three syntax history, cut tack fd tack at one. I'm confused what the issue is with that. Okay, after some troubleshooting, I think that the issue is that the way we cut using this space as a limited can't always particularly trust whether or not we're actually gonna get that if we get into hundreds or tens of hundreds of command output. So what we'll do is simply just said that line out. So we'll use said and had two spaces zero through nine as our number in two spaces following that and we'll replace it. So if I were to run that command, and we would use our Python syntax here to get our flag history piped to said to remove that output, we would just simply get the command and we don't have to worry about the actual alignment with cut in the fields there. So that might work a little bit better for us. Let's see if we have our get flag and flag script. Let's remove those. Let's run the exact same script that we had or the simple one liner command to gab our flag. And let's source our save flag. Now we have flag dot text and we have our get flag dot sh script. So we have encapsulated our answer saved it as a file so we don't have to worry about it. We can run it finished then to mark this as complete. But that is our simple get flag script. And that is our save flag script that now we can use in any other challenge that we're working with. If it's a quick one liner solution, we can jam that in real quick, encapsulate that and save that flag. So that's that hope you enjoyed the video. If you did, please do like comment, describe love to see you guys on discord link in the description, Patreon, PayPal, social media, all the things. I'll see you later.