back to home

GLASSHEADS, pt. 1 Challenge #1 - Heyward

This challenge can be found when Heyward tries to power off the machine.

The Setup

Help Heyward kill the LULZ process in his robot mech. The flag will be planted in the home directory when that is done.

The machine is reachable through the CTF platform itself (in the place you will submit the flag for this challenge).

The Process

We get a pretty normal-looking shell to a linux system; it says it's Debian 12. Let's use ls and cat to see what's around.

meta@mech:~ $ ls
FLAG.TXT
meta@mech:~ $ cat FLAG.TXT
No flag here. Kill the malicious process first.

Running ps we see a process python3 /usr/local/bin/🤪LULZ🤪 running from the same user as us, meta. Let's try to kill it now with pkill

meta@mech:~ $ pkill python3
pkill: killing pid 472 failed: Operation not permitted

We need to escalate privilege. For this we can try sudo.

meta@mech:~ $ sudo pkill python3
[sudo] password for meta: 

What's the password for this user? password? Nope. admin? Nope. meta? Bingo!

Now that the process has been killed, we can cat the flag and submit it.