Collecting Information As always, we will start by collecting as much information as we can about our file and looking for low-hanging fruit (hardcoded strings, function names, etc). From our strings output, we do see the strings returned during the initial run (e.g. granted/denied) and also some interesting functions like giveFlag but there’s no obvious flag. GDB To load this file into gdb, we can simply use the command gdb .

Safe-space Please don’t ever execute any random ELF/PE binary you find on the web directly on your workstation. Even if it comes from a trusted source like HTB or THM, we should always work in a segmented environment. Since these challenges are all ELFs, I spun up a Kali machine (you can literally use any OS to do these, I just had a VM ready to go) to run through these.

Safe-space Please don’t ever execute any random ELF/PE binary you find on the web. Even if it comes from a trusted source like HTB or THM, we should always work in a segmented environment. Since these challenges are all ELFs, I spun up a Kali machine (you can literally use any OS to do these, I just had a VM ready to go) to run through these. Once you’ve done that, you can just log in and download each of the challenge files.