Skip to content
Startseite » picoCTF wave a flag

picoCTF wave a flag

The next challenge is called Wave a flag and is about dealing with binaries. Once you’ve downloaded the file, open a terminal in the same folder. To show all the files in the current directory, use the ‘ls’ command:

$ ls

To show some mor information about the files, you can use the ‘-l’ option on the ‘ls’ command:

$ ls -a
-rw-rw-r-- 1 dominik dominik 10936 Feb  1 10:28 warm

Now we see the file permissions of the file: -rw-rw-r– Here is how you read the permissions of a file:

  • The first character is either a ‘-‘ or a ‘d’. A ‘-‘ stands for a file while a ‘d’ stands for a directory.
  • the 2nd to the 4th character stand for the permissions of the owner of the file.
    • here the 1st of the three characters stands for the read permission. It can either be ‘-‘ which says that the owner isn’t allowd to read the file, or ‘r’ which says that the owner is allowed to read the file
    • the 2nd of three characters stands for the write access. A ‘-‘ means that the owner isn’t allowed to write to that file while a ‘w’ means that the owner can write to that file.
    • the 3rd of the three characters is for executing the file. This can be either a ‘-‘ or a ‘x’. As you can imagine, a ‘-‘ means that the owner is not allowed to execute this file while a ‘x’ allows the owner to execute it.
  • the 5th to the 7th character are similar to the 3 before, but not for the owner but for the group whom belongs this file.
  • and last the characters 8 to 10 are also similar to the 3 before, but now for all other users which are not the owner and not in the relevant group for the file.

The two names behind the permissions are the owner (first) and the group (second) which are the same here.

Now, with the knowledge of the file permissions, we see that we are not allowed to execute the file. We can change that with the ‘chmod’ command:

$ chmod u+x warm

The ‘u+x’ option tells the ‘chmod’ command that we want to add the executable permission for the owner of the file. Another ‘ls -l’ command shows if we’ve success:

$ ls -l
-rwxrw-r-- 1 dominik dominik 10936 Feb  1 10:28 warm

Now we can try to execute the file. Type in the filename with ‘./’ in front of it to tell the system to use the file in the current folder:

$ ./warm
Hello user! Pass me a -h to learn what I can do!

The programm tells us to pass ‘-h’ as argument to the binary which usually show some help or hints, so let’s do that:

$ ./warm -h
Oh, help? I actually don't do much, but I do have this flag here: picoCTF{flag}

Congratulations. You’ve got another flag.

Leave a Reply

Your email address will not be published. Required fields are marked *