WPICTF - suckmore-shell

description: Here at Suckmore Software we are committed to delivering a truly unparalleled user experience. Help us out by testing our latest project.

category: Linux - 100

The challenge was available via ssh with the following credentials:

ssh ctf@107.21.60.114
pass: i'm a real hacker now

Once logged you were inside a SuckMore Shell, where the binary cat was replaced with touch. You can still list directory content with the tab character.

touch /home/ctf/[INSERT TAB]
.bash_logout .bash_profile .bashrc flag

Then you have to find a way to read the flag and display it. The following command based on history files will do the trick.

export HISTFILE="/home/ctf/flag"; history -r; history

The flag was WPI{bash_sucks0194342}