Solution

1. Access the instance with the given credentials

2. Check the checksum.txt

this is a sha256 hash of the correct file

From this, we need to check the files in “files” directory to see which one is matched. If we look in the files directory there are too many options to guess and check

3. Use sha256sum to check all the files in the directory

$ sha256sum files/*

Then use the use grep to pipe the result that matches the checksum

$ sha256sum files/* | grep "467a10447deb3d4e17634cacc2a68ba6c2bb62a6637dad9145ea673bf0be5e02"

c6c8b911 matches the checksum

4. See the contents of the targeted file

$ file files/c6c8b911

5. Utilize the decrypt script that is provided in the challenge to decrypt the file

$ ./decrypt.sh files/c6c8b911

There you go, the flag:

picoCTF{trust_but_verify_c6c8b911}