picoCTF 2021 Wave a flag Writeup

Wave a flag was an easy puzzle worth 10 points. It presents you with an ELF binary named warm:

daniel@wildcat ~/Downloads % file warm
warm: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=b11c22752c901adc13ba1ce86eda9d5516f22763, with debug_info, not stripped

Description

This puzzle’s description gave a clue on how to solve it:

Can you invoke help flags for a tool or binary? This program has extraordinarily helpful information…

Solving

Many commands have CLI flags which will display a short manual and basic information about the program. These flags are typically -h or --help.

I try not to blindly run binaries that I find on the internet, even though I am fairly certain that picoCTF wouldn’t do me dirty with malware.

Knowing that programs can have these help menus and that they are almost always stored as strings, I used the strings program to extract the flag. I often pipe strings into less so I can scroll up and down with the arrow keys/page up/page down, and search the output:

strings warm | less

Sure enough, the flag was in there:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s