Anti Flag

DESCRIPTION : Flag? What's a flag?

Basic Info

File command

• It is a 64 bit binary.
• It is stripped binary, which means the binary does not contain any symbols.

Strings command

Nothing interesting

Ltrace commnad

• The output of ltrace is differ from normal output.
• Let's analysis the binary in binaryninja.

BinaryNinja

• Look at the main function.
• This program use ptrace syscall, that means while the program being traced, the program will be stop.
• When the program is traced, it print "Well done!!" and exit the program. Otherwise it compare something.
• So we can't debug or trace the program with gdb.
• I decided to invert the compare statement. ( Patch -> Invert )
• Save the file.

Run the patch binary

It gives the flag!!!!!

The flag is HTB{y0u_trac3_m3_g00d!!!}