Static ain't always noise is a General Skills puzzle worth 20 points.
Can you look at the data in this binary: static? This BASH script might help!
The binary provided in this puzzle is a 64 bit ELF:
daniel@wildcat ~ % file Downloads/static Downloads/static: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=639391a8b15c579d69659462d3c935fa61693f17, not stripped daniel@wildcat ~ % sha256sum Downloads/static 7f7d493ce8bff35a917386689dd74097686591f15eb88cee82bf0c57c2242a40 Downloads/static
The bash script provided is as follows. I did not end up using this script to solve the puzzle.
#!/bin/bash echo "Attempting disassembly of $1 ..." #This usage of "objdump" disassembles all (-D) of the first file given by #invoker, but only prints out the ".text" section (-j .text) (only section #that matters in almost any compiled program... objdump -Dj .text $1 > $1.ltdis.x86_64.txt #Check that $1.ltdis.x86_64.txt is non-empty #Continue if it is, otherwise print error and eject if [ -s "$1.ltdis.x86_64.txt" ] then echo "Disassembly successful! Available at: $1.ltdis.x86_64.txt" echo "Ripping strings from binary with file offsets..." strings -a -t x $1 > $1.ltdis.strings.txt echo "Any strings found in $1 have been written to $1.ltdis.strings.txt with file offset" else echo "Disassembly failed!" echo "Usage: ltdis.sh <program-file>" echo "Bye!" fi
Solving this puzzle was straightforward with
strings. I typically pipe the output of
less so I can scroll up and down and search easier.
strings -a Downloads/static | less
One thought on “picoCTF 2021 Static ain’t always noise Writeup”
Pingback: picoCTF Writeups – DMFR SECURITY