From 089b28ed3c6e3dbc1a3df150e89b5cbb9ca95778 Mon Sep 17 00:00:00 2001
From: Aadit Agrawal <tech@aaditagrawal.com>
Date: Tue, 5 Nov 2024 17:54:11 +0530
Subject: [PATCH] Add Technical/picoCTF/t1/q4.md

---
 Technical/picoCTF/t1/q4.md | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 Technical/picoCTF/t1/q4.md

diff --git a/Technical/picoCTF/t1/q4.md b/Technical/picoCTF/t1/q4.md
new file mode 100644
index 0000000..bc03c78
--- /dev/null
+++ b/Technical/picoCTF/t1/q4.md
@@ -0,0 +1,26 @@
+# Question: Verify
+### Key: picoCTF{trust_but_verify_2cdcb2de}
+
+**Core concept: SHA256 Hash**
+
+We're given a directory full of files, a checksum.txt file, and a ./decrypt.sh. 
+
+First, I checked the contents of the checksum.txt file. It contained a SHA256 hash of some file in the directory. 
+Since all the files were in the same directory, I just generaterdid the SHA256 hashes of the entire directory using `sha256sum files/*`.
+
+I copied the hash from the checksum.txt file and pasted it alongside the sha256sum command, to filter the contents using `grep`.
+
+```bash
+ctf-player@pico-chall$ sha256sum files/* | grep 55b983afdd9d10718f1db3983459efc5cc3f5a66841e2651041e25dec3efd46a
+55b983afdd9d10718f1db3983459efc5cc3f5a66841e2651041e25dec3efd46a  files/2cdcb2de
+```
+Then, I ran the ./decrypt.sh script with the file I found in the checksum.txt file.
+
+```bash
+ctf-player@pico-chall$ ./decrypt.sh files/2cdcb2de
+picoCTF{trust_but_verify_2cdcb2de}
+```
+
+Voila! Found the flag!
+
+Output: picoCTF{trust_but_verify_2cdcb2de}