Static ain't always noise
Name: Static ain't always noise Description: Can you look at the data in this binary: static? This BASH script might help! Author: syreal Tags: Easy, General Skills, picoCTF 2021 Challenge from: picoCTF 2021 Files: static, ltdis.sh
Theory
According to the description, to get the flag we have to use a bash script to look at some binary data. We'll see how that works by downloading and printing the content of that bash script file. It seems to be a dissasembler, probably for the other file.
Solution
First give it permission to be executed and let's see what the program does:
shukularuni-picoctf@webshell:~$ chmod +x ltdis.sh shukularuni-picoctf@webshell:~$ chmod +x static shukularuni-picoctf@webshell:~$ ./static Oh hai! Wait what? A flag? Yes, it's around here somewhere!
So we have to look somewhere inside the program, let's see what that dissasembler does:
shukularuni-picoctf@webshell:~$ ./ltdis.sh static Attempting disassembly of static ... Disassembly successful! Available at: static. ltdis.x86_64.txt Ripping strings from binary with file offsets... Any strings found in static have been written to static.ltdis.strings.txt with file offset
It seems it used strings to get all the text inside the program, so instead of printing out the entire thing it wrote in a file, let's use grep to find the flag:
shukularuni-picoctf@webshell:~$ cat static.ltdis.strings.txt | grep "picoCTF{"
1020 picoCTF{d15a5m_t34s3r_98d35619}
There we go! That's the flag.
I rated this level as "good"! :3
https://play.picoctf.org/practice/challenge/163