RE - Infiltration
300 points | 807 solves
Description
We got a hold of an internal communication tool being used by the elves, and managed to hook it up to their server. However, it won't let us see their secrets? Can you take a look inside?
Downloads
Solution
I solved this by stepping through GDB debugger. The program takes in 2 arguments, IP address and port number of the server. To pass arguments to the program in GDB, use the --args flag.
gdb --args executable_name arg1 arg2Dynamic analysis reveals that the program receives the flag in plaintext from the server.
Flag: HTB{n0t_qu1t3_s0_0p4qu3}
Bonus
After reading writeups post-CTF I realised there is an even easier method which is to use strace.
We can see the flag in the recvfrom() function.
Last updated