Hey everyone, this is a write-up for the PicoCTF 2026 challenge room "Sudo Make Me a Sandwich." In this room, we are given SSH login details (username and password). We need to log in and then find the flag from the root user. So, let's get started.
So, this is the room.
So, we start the room and log in to SSH using the username and password that are given to us.
Basically, I am not giving you the exact things that you can copy and paste, because it will not be helpful for you. So, I am giving you a broad idea of what you need to do in this room. Here are some steps to solve this:
- First, log in to SSH using the username and password.
2. After logging in, check who you are by running the command whoami.
3. Then run the ls command. You will see a file named flag.txt, but you cannot open it because access is denied. This is because we need root access.
4. To check the permissions, run the command sudo -l to see which things can give you root access.
5. There you will see /bin/emacs. Then run the command sudo /bin/emacs, and Emacs will open.
6. Then press Alt + X and type shell. After that, you will see that a shell opens.
7. Now you can easily access the flag.txt file, and boom — you get the flag and solve the lab.
If it's helpful for you, then please like it and give me a follow 😊