Skip to content
Startseite » picoCTF Static ain’t always noise

picoCTF Static ain’t always noise

Todays article is about the challenge “Static ain’t always noise” on picoCTF.
It is a very beginner-friendly challenge where we have to download and analyze the binary ‘static’.

I’ll present two possible solutions here. One to just get the flag as fast as possible and the other to develop an understanding of how programs are built and how you can use a debugger to get information about a program.

The fast way to solve the challenge

Under Linux there are useful shell commands for everything. To solve this CTF challenge in a short one-liner, I combine two commands. One of them is the strings command , which prints out all human readable strings of a file. The other is the grep command. This is a very useful command that looks for definable patterns. From the other challenges of picoCTF we know that the flags actually always have the same format. They start with ‘picoCTF’ followed by the actual flag in curly braces.
Now we use strings to output the readable strings to us and use that output as input to grep to search for the string ‘picoCTF’. To combine the two commands we use the pipe character, which we reach on a PC keyboard with Alt Gr + <.
Together the whole thing looks like this:

$ strings static | grep picoCTF
picoCTF{secret flag}

That’s all. Not very exiting but very efficient.

Second solution with gdb

To look inside the binary we start gdb

$ gdb ./static

Now your screen should look similar to this (I’ve installed ‘GEF’, the ‘GDB Enhanced Features’. That’s why it looks little different, but the commands I’ll use are working without ‘GEF’ as well):

The GNU Debugger

After starting GDB we search for variables inside the binary. The command is info variables :

Variablen in the binary ‘static’

Most of the variables were created by the compiles dynamically, but one name stands out: there is a variable called ‘flag’. Let’s take a look behind:
x/1s &flag

content of ‘flag’

And there is our flag. This way didn’t take much longer than the first solution.

Please have a look at my other CTF-WriteUps too.

Leave a Reply

Your email address will not be published.