04. Wave a Flag - PicoCTF 2021 Writeup

04. Wave a Flag - PicoCTF 2021 Writeup

Can you invoke help flags for a tool or binary? This program has extraordinarily helpful information...

ยท

2 min read

Category: General Skills | Author: Syreal | Points: 10

Hello All ๐Ÿ‘‹,

This challenge needs a bit of knowledge about the Linux operating system. Now the first hint as to what we're dealing with is in the description itself: 'tool or binary'. In Linux, a program is also called a binary; so we can assume that the file that we're dealing with is a Linux program. Then the words 'invoke help flags' give another clue. Almost all applications have a help section built into them. Almost every command-line application that we get on Linux is the same. In the other sentence, we also read that the 'program' has 'extraordinarily helpful information'. This confirms our hunch: The file we're dealing with is a Linux application and the flag might be hidden in the help section.

So we'll first download the file and take a look. However, in most cases, double-clicking won't do any good. We get the following error:

VirtualBox_Ubuntu Pico_14_01_2022_20_47_41.png

Even trying to open it from the terminal will result in an error:

VirtualBox_Ubuntu Pico_14_01_2022_20_47_41.png

The issue is that even though we know that this file is executable, the system doesn't yet know that it is. To let the system know what this file actually is, we'll first register it as an executable file. To this we move into the directory to which we downloaded the file and execute the following command:

chmod u+x ./warm

'chmod' is a command that changes the access permissions of files in the file system. What this command does is that it lets the operating system know that it must give execution access to this file for users, indicated by the '+', 'x' and 'u' respectively. Now if we try to open the file from the command prompt, it gives us the following message:

VirtualBox_Ubuntu Pico_14_01_2022_20_47_41.png

This confirms our next hunch, that we need to look in the help section of the application. As usual with most applications we need to use the '-h' argument after the command in order to access the help section; as mentioned in the shown message itself. Not surprisingly, entering the help argument as follows shows an interesting greeting with the flag itself:

./warm -h

As we can see, this challenge is also quite easy although it does need a bit of knowledge on how the Linux operating system works. Go ahead and submit the flag and collect your points!

ย