Tags: bash misc ssh
Rating:
# Zombie

This challenge allows us to SSH into a box and we see a script that we can read to better understand what is going on:

It seems the user runs tail on the flag and then deletes it. However, the process is still running in the background:

Which means we should be able to read its file descriptor by going to `/proc/<pid>/fd`.

And indeed, we get the flag:

flag{6387e800943b0b468c2622ff858bf744}