https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/ Recent content in PicoCTF 2025 on NullByte Notes Hugo en-us Fri, 05 Jun 2026 00:00:00 +0000 https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/cookie-monster-secret-recipe/ Fri, 05 Jun 2026 00:00:00 +0000 https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/cookie-monster-secret-recipe/ <hr> <h1 id="description">Description</h1> <p>Cookie Monster has hidden his top-secret cookie recipe somewhere on his website. As an aspiring cookie detective, your mission is to uncover this delectable secret. Can you outsmart Cookie Monster and find the hidden recipe? You can access the Cookie Monster here and good luck</p> <h2 id="solution">solution</h2> <p>We should check for HTTP cookies.</p> <p>Check the cookies<br> Start DevTools in the browser by pressing F12 or using Ctrl + Shift + I.<br> Then select the Application tab and make sure <a href="http://verbal-sleep.picoctf.net:56241">http://verbal-sleep.picoctf.net:56241</a> is selected under Cookies in the menu to the left.</p> https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/hashcrack/ Fri, 05 Jun 2026 00:00:00 +0000 https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/hashcrack/ <hr> <h1 id="description">Description</h1> <p>A company stored a secret message on a server which got breached due to the admin using weakly hashed passwords. Can you gain access to the secret stored within the server? Access the server using nc verbal-sleep.picoctf.net 57819</p> <h1 id="solution">solution</h1> <pre tabindex="0"><code>┌──(root㉿Harsh)-[/home/jhagan] └─# nc verbal-sleep.picoctf.net 57819 Welcome!! Looking For the Secret? We have identified a hash: 482c811da5d5b4bc6d497ffa98491e38 Enter the password for identified hash: password123 Correct! You&#39;ve cracked the MD5 hash with no secret found! Flag is yet to be revealed!! Crack this hash: b7a875fc1ea228b9061041b7cec4bd3c52ab3ce3 Enter the password for the identified hash: letmein Correct! You&#39;ve cracked the SHA-1 hash with no secret found! Almost there!! Crack this hash: 916e8c4f79b25028c9e467f1eb8eee6d6bbdff965f9928310ad30a8d88697745 Enter the password for the identified hash: qwerty098 Correct! You&#39;ve cracked the SHA-256 hash with a secret found. The flag is: picoCTF{UseStr0nG_h@shEs_&amp;PaSswDs!_869e658e} </code></pre><ul> <li>crack the hashes by <a href="https://crackstation.net/">CrackStation</a></li> </ul> <h1 id="-1-length-of-the-hash">🔍 1. Length of the Hash</h1> <p>Each hashing algorithm produces a fixed-length output, typically in hexadecimal.</p> https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/head-dump/ Fri, 05 Jun 2026 00:00:00 +0000 https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/head-dump/ <hr> <h1 id="-challenge-description">🧩 Challenge Description</h1> <p>Explore a web application and find an endpoint that exposes a file containing a hidden flag. The application is a blog where one of the articles discusses API documentation. The goal is to find a file generated from the server’s memory that contains the flag.</p> <p>A heap dump is a snapshot of a program’s memory (specifically, the heap section) at a particular point in time. It typically contains:</p> https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/ssti1/ Fri, 05 Jun 2026 00:00:00 +0000 https://jhagan-cyber-blog.pages.dev/writeups/picoctf/pico-2025/ssti1/ <hr> <h1 id="description">Description:</h1> <p>I made a cool website where you can announce whatever you want! Try it out! I heard templating is a cool and modular way to build web apps! Check out my website here!</p> <h3 id="hints">Hints:</h3> <ol> <li>Server Side Template Injection</li> </ol> <h1 id="solution">Solution</h1> <p>Browse to the web site and you will see a web page that includes the text</p> <h3 id="verify-ssti">Verify SSTI</h3> <p>The hint has already given away that the site uses <a href="https://portswigger.net/web-security/server-side-template-injection">server-side templates</a> but we need to verify that and find out the backend technology used.</p>