So they gave a 32-bit ELF stripped executable. Simply running the binary ./debug32 didn’t do nothing.

I looked through the assembly in IDA and saw “Printing Flag” being printed somewhere.

西普CTF-debug-以夕阳落款

So the first and probably the last thing I needed to do was to jump to the function printing it. The address of the function as we can see is at 0x804849B.

For this I used gdb. My first instinct was to set a breakpoint at main, then set the eip to the address of the required function and continue. This would print out the flag.

But since this was a stripped binary(hence no symbols table), it didn’t recognise main as a valid breakpoint. So I set the breakpoint at __libc_start_main() function. This is the function which sets up the environment and then calls the main() function when the binary is run.

So to carry out the required task, these were the commands I used:

break __libc_start_main

set $eip = 0x804849b

continue

This as expected printed out the flag!

西普CTF-debug-以夕阳落款

Flag:

温馨提示: 此处内容需要评论本文后刷新才能查看,支付2元即可直接查看所有Flag。

小广告:关于获取西普实验吧所有Flag请点击这里查看索引

查看所有Flag文章需要输入密码,需要获取文章密码的童鞋请扫描下面微信或支付宝二维码捐助至少2元(老哥,捐多捐少是个缘分)之后发送支付凭证号联系我获取,Flag大全地址:Flag大全

新功能:捐款的小伙伴请联系我把自己的注册邮箱加入网站白名单,可以免回复看到本站所有Flag

PS:本站不是实验吧的官方站点,纯粹是个人博客,收取Flag费用仅是维持服务器费用,做站不易,且行窃珍惜!

微信二维码:
支付宝二维码: