Rating:
We've got this program that's supposed to check a password, and we're not quite sure how it works. Could you take a look at it and see about finding the password it's looking for?
When downloading CTF files, there are a couple of things that should be done. First, file should be ran to determine what kind of file it is.
Now that we know it's an executable, we could chmod +x and start running it, but there is more information we should gather before doing so.
Strings is another critical command-line tool that can be used to print human-readable information. Although this is a compiled binary, we may still be able to get information out of the file.
Sure enough, we can see a flag, as well as various function names and calls. Now we can chmod +x and verify that this actually works with the program.
This verifies that the 'password' is correct and we have the right flag.
<details> <summary> Flag Spoiler </summary> MetaCTF{this_is_the_most_secure_ever}</details> </details>
We learned about the string command and how various information can be found in compiled binaries using the command. This is why many challenges host a flag on a remote host, to make it more challenging to receive. Anything compiled with the name of the flag will be displayed with strings!
