Basic things beginner need to master
- 1.When CTF organizer give you a binary (download file), always run command
file [filename]on the binary.
- File command will determine what type of file are you've downloaded. They will check the magic number or file signature in the binary header.
- Some of challenge's creator will confuse you up when they change or remove the extension of a binary. Example, the actual binary is
binary.jpgbut they changed it to
binary.exe. So, the ctf player will thought that it's a
executablefile instead of
strings -a [filename]to extracts strings in the given binary. Some clues or artifacts can be found in the
- 3.Base64 is the common encoding used in CTF. Learn about it's characteristics and how to decode it. Some online tools that can help you is this site. But, the better approach is to decode encoded strings using Linux's terminal. It's because some base64 encoded may a binary file. So, if it's a binary file, online tool like in the link can't provide the decoded binary file. It only can decode strings but not binary file.
- Example of Linux command for base64 is like this
echo "[strings of the base64]" | base64 -d.