 What's going on everybody, John Hammond, PicoCGF 2019. This challenge is called unzip for 50 points in the forensics category. It says, can you unzip this file and get the flag? And that's really all we have to do. So let's go ahead and W get this. Let's go ahead and make a directory for this challenge. Let's go ahead and download that. And simply we have a zip file. So we literally just simply need to unzip it. So unzip is a command you can normally run on your Linux command line. You can just run unzip on flag dot zip. And we'll go ahead and create this flag dot PNG file for us, which we could take a look at with i of gnome. And we have unzipping is easy. So let's go ahead and take note of that. I'm just going to create a flag dot text. And let's save that as PicoCGF, wrapping the correct flag format unzipping with that leapspeak is underscore 3A5YEasy. So that is what we can go ahead and submit. And that was absolutely not worth making a video about. So let's move on to one more challenge in this. Let's go into vault door training for 50 points in reverse engineering. Also a pretty easy one. It says a lot of text for some exposition and background, I guess it says really you just need to read the source code for each level to figure out the password is doing. In this case, reverse engineering, but it should not be too difficult. Let's go ahead and copy this move over to our shell. And let me kind of clean up what mess I have here. Let's run and finish in here. And let's create a new directory for vault door training. One hop over there, a W get this file and we can go off to the races. In this case, we're looking at some Java code. It has a class here, which should be the actually executable kind of start point for that Java program. It has that main function that will run through and it tries to create a new object and read in from input with that Java scanner object and it displays enter the vault password, it takes in user input and tries to add in a little bit of the flag format here, Pico CTF with the user input. And it looks like it's checking our input and determining whether or not we actually had it correct or not based off access granted access denied. It checks that with this dot check password function and all that simply does here, noting the comment is that it just determines whether or not it's equal to a string that's already in this source code here. So we could literally just put the flag together like that. Let's go ahead and create a flag dot text, Pico CTF and paste that in there. That is that. So again, small super challenge, super easy that we could just burn through and run through. Let's go through one more because these have all been pretty trivial. This one is ROT 13. It's titled 13. It says cryptography can be pretty easy, but do you know what ROT 13 is? So this is again a classic Caesar Cypher. I have way too many videos on this. Again, not a trivial, I'm sorry, not an extremely difficult, it is trivial challenge to work through. It's simply the ROT 13 Caesar Cypher. If you don't know what that is, again, you can check it out online. It has a Wikipedia entry for it. It's simply replacing a letter in the alphabet with the corresponding letter 13 places forward or sometimes backward. It's all the shift and a key that they might decide. It could be anything at mod 26, right? Because that's the range of the alphabet that you have to work with. 13 works handy. It works well for us because that's halfway through. That's 26 divided by two, right? We could do that with the simple ROT 13 program, which you can find in BSD games. You can pseudo app install BSD games and that will also give you the Caesar command if you need to modify the key, but ROT 13 will use 13 by default. I'll go ahead and install that so we can work with it. And then we can go ahead and take that initial key that's given to us, echo that my face is in the way and let's pump that to ROT 13, which would give us Pico CTF not too bad of a problem. Let's go ahead and save that flag nice and easy and we'll go ahead and finish that after we verify our flag dot text is there, our get flag dot text is there and we can finish, sweet. Let's go ahead and submit that. And you can see now we've kind of worked through our process here. We've made this pretty streamlined with those two commands, save flag and finish and we're cruising right along. Thank you guys for watching. Hope you enjoyed these. They are small and simple and short now, but trust me, we're gonna get into some bigger stuff real about exploitation, real web exploitation, forensic, secondography, crypto, the good stuff. So thanks. Hope you see in the next video. We'd love to see you on Discord. Link in the description. Please do like, comment, subscribe. I'll see you in the next video.