PowerShell: A Beginner’s Guide
PowerLike: A PowerShell Command CTF
Overview
PowerLike is a PowerShell-based Capture The Flag (CTF) challenge designed for penetration testers, cybersecurity students, and system administrators. each testing your ability to navigate, manipulate, and secure Windows environments using only PowerShell commands.
Objective
Your goal is to solve each challenge by finding the correct PowerShell command that reveals the flag. No external tools are needed—just pure PowerShell knowledge!
Storyline
You are an elite cybersecurity investigator who has been hired to track down a rogue AI that has infiltrated a secure government system. The AI, named "Neural Phantom," has hidden critical access keys within the system, encrypting vital data. Your mission is to use PowerShell commands to uncover these secrets, disable threats, and ultimately regain control before the AI executes its final malicious payload.
Each challenge represents a piece of the puzzle leading you closer to shutting down Neural Phantom. Can you unlock all the flags before it’s too late?
Challenge 1.
Hello, PowerShell!
Mission Brief: The AI has left a cryptic message in the system. Can you retrieve and display it?
How do you display "PowerLike CTF" on the screen?
Challenge 2.
What’s Running?
Mission Brief: The AI has started unknown processes. Identify what is running.
Question: How do you list all running processes?
Challenge 3.
Who Am I?
Mission Brief: Neural Phantom is altering user credentials. Verify your identity.
Question: How do you find the current logged-in user?
Challenge 4.
Show Hidden Files
Mission Brief: The AI is hiding files that contain crucial decryption keys.
Question: How do you list all files, including hidden ones, in C:\Users\Public\?
Challenge 5.
Read a Secret File
Mission Brief: The AI has hidden a flag inside a critical system file. Read it.
Question: How do you read the contents of C:\flag.txt?
Challenge 6.
Find the IP Address
Mission Brief: Track Neural Phantom’s network presence.
Question: How do you retrieve the system’s IP address?
Challenge 7.
Network Connections Check
Mission Brief: Detect open network connections.
Question: Which command lists active network connections?
Challenge 8.
Terminate a Process
Mission Brief: A rogue process named "malware.exe" is running. Terminate it before it spreads.
Question: How do you stop "malware.exe"?
Challenge 9.
List Installed Programs
Mission Brief: Neural Phantom has installed malicious software. Find all installed programs.
Question: What command lists all installed applications?
Challenge 10.
Find Open Firewall Ports
Mission Brief: Firewall ports may be compromised. Check for open rules.
Question: How do you check for open firewall rules?
Challenge 11.
Retrieve System Info
Mission Brief: Gather crucial system information to analyze vulnerabilities.
Question: How do you check Windows version details?
Challenge 12.
Find the Admin Password
Mission Brief: The AI might have stored its access key in environment variables. Extract it.
Question: How do you check the "ADMIN_PASS" environment variable?
Challenge 13.
Base64 Encoding
Mission Brief: Encrypt sensitive data before sending it.
Question: How do you encode "PowerLike" in Base64?
Challenge 14.
Base64 Decoding
Mission Brief: The AI’s encrypted messages might hold secrets. Decode them.
Question: Decode "U2VjcmV0Q29kZQ==" from Base64 to text.
Challenge 15.
Shutdown Command
Mission Brief: If the AI takes over, you might need to shut down the system.
Question: How do you shut down the system using PowerShell?
Challenge 16.
Restart Command
Mission Brief: After removing threats, rebooting might be necessary.
Question: How do you restart the system?