
Ask HN: How to start solving binary challenges in a CTF - raven_stark
I&#x27;m quite used to web challenges in a CTF. Also I&#x27;m familiar with assembly programming, gdb, but find it difficult to solve binary challenges. What all tools should I start using?
======
kiloreux
Since you already know how to use GDB and you're familiar with Assembly, Now i
don't know how much Assembly you know, but you need to know how programs
execute in memory, (stack , heap , syscalls.....), and once you have that
clear in your mind, try to draw a map of thoughts about the logic of execution
of this binary (it will be pretty simple, since it's generally small
programs), look for the points and weaknesses in the logic that you might
attack, one tool i use frequently is [0]peda, also using some visual gdb
extension would be really helpful for you instead of checking and looking
every time on how registers change values, sometimes a little knowledge about
how compilers work and the OS you're working on will be really helpful
although the binaries are independent in most cases, but extra knowledge is
always useful.
[0][https://github.com/longld/peda](https://github.com/longld/peda)

------
hatsunearu
[https://microcorruption.com/](https://microcorruption.com/)

nuff said. Hands on exercises through MSP430 hackmes. Only problem is that it
won't hold your hand through it other than the first one, and you may need to
read online solutions to kinda get the hang of it.

That's how I learned ASM RE, and I tried x86 hackme's in a hackathon and I
came out first. I have completed less than 10 microcorruption challenges. So
there's that.

~~~
phaus
After the first problem, the one that's a tutorial, did you feel like you
could actually solve the second challenge? I still feel completely lost. For
the most part I understand the problem it walks you through, but I feel like I
don't even know where to start with the second one.

I know how to program at a basic level with higher-level languages like
python, but I'm finding this low-level stuff rather difficult.

~~~
hatsunearu
Late reply but yes, I kinda got stuck at times but eventually I got around to
getting it working. Doing a bit of research will get you far.

If that doesn't help, read the walkthroughs online, but don't read the entire
walkthrough because that won't help on your education. Read one line, ponder,
etc.

I'm a hardware guy and I really really love low level stuff; it's my
homeground. I do admit that it's not for everybody.

------
ismailamca
if you are comfortable with gdb go with it or else i generally prefer hexdump,
objdump and radare2 over gdb (for linux pwnables). i really like radare2, and
ctfs generally come with radare nowadays.

however, i think, the most important thing about cracking challenges is your
knowledge, you need to learn the paltforms, the architecture, possible
vulnerabilities and exploitation of all. so you may benefit reading some
vulnzines like phrack and valhalla, some vxforums or papers from exploit-db.
also there are very nice books where you can learn basic exploitation
techniques(shellcoders handbook, hacking the art of exploitation, etc...).
these may be useful if you really have the basic aspects, if you aren't
comfortable with shell(bash, sh, zsh, etc..) you should get comfortable with
them at the begining.

also you need to learn some c and another scripting language(like python,
perl, ruby, lua etc...) for effective cracking (in *nixes).

and don't use windows, it makes you lazy.

also you can take these courses, that would be a marvelous start
[http://www.opensecuritytraining.info/](http://www.opensecuritytraining.info/)

<IMPORTANT!> before starting these please ask yourself, why do you do this to
yourself? go and get a (girl|boy)friend instead of this. the security field is
such a §H!™ hole and endless.

TL;DR: go with radare, and crack this challenges first >> [https://exploit-
exercises.com/](https://exploit-exercises.com/)

------
ryan-c
I like IO from [http://smashthestack.org/](http://smashthestack.org/) \- IOARM
is also a lot of fun.

