Basic
Basic things beginner need to master
- 1.When CTF organizer give you a binary (download file), always run command
file [filename]
on the binary.- File command will determine what type of file are you've downloaded. They will check the magic number or file signature in the binary header.
- Some of challenge's creator will confuse you up when they change or remove the extension of a binary. Example, the actual binary is
binary.jpg
but they changed it tobinary.exe
. So, the ctf player will thought that it's aexecutable
file instead ofimage/jpeg
file.
- 2.Run
strings -a [filename]
to extracts strings in the given binary. Some clues or artifacts can be found in thestrings
output. - 3.Base64 is the common encoding used in CTF. Learn about it's characteristics and how to decode it. Some online tools that can help you is this site. But, the better approach is to decode encoded strings using Linux's terminal. It's because some base64 encoded may a binary file. So, if it's a binary file, online tool like in the link can't provide the decoded binary file. It only can decode strings but not binary file.
- Example of Linux command for base64 is like this
echo "[strings of the base64]" | base64 -d
.
- 4.Learn about number encoding. Hexadecimal, binary, decimal and also ASCII.
Last modified 3yr ago