Skip to main content
R4shSec
R4shSec

picoCTF WriteUp | ping-cmd

·1 min
CTF PicoCTF Easy General Skills PicoCTF 2026
R4shSec
Author
R4shSec
I like it when things work how they’re not supposed to.
Table of Contents

Introduction
#

Task

Hey everyone 👋 — In this Capture The Flag (CTF), we are given a task to make a server “reveal” its secrets.

Analyzing The Server
#

It uses the ping command to get a response from a server. However, it could be exploited by running other commands.

8.8.8.8 && echo hi
Server Response

Exploit
#

We could use this as our advantage to list all files in the server.

8.8.8.8 && ls
All Files

We could see 2 files listed which is flag.txt and script.sh. Lets get the flag!

8.8.8.8 && cat flag.txt

Bingo! 🥳 This exposed the flag.

Flag

Flag 🚩
#

picoCTF{p1nG_c0mm@nd_3xpL0it_su33essFuL_8555bda7}