picoCTF Solutions
picoCTF 2021General SkillsEasy

Wave a Flag

Published: April 2, 2026

Description

Can you invoke help flags for this program? Download the program warm.

Setup

Download the binary named warm from the challenge page.

wget <url>/warm

Solution

  1. Step 1Make the binary executable
    Downloaded files aren't executable by default on Linux. Use chmod +x to grant execute permission.
    chmod +x warm
    Learn more

    Every file in Linux has a set of permission bits that control who can read, write, or execute it. These bits are organized into three groups: owner, group, and others -- each with read (r=4), write (w=2), and execute (x=1) permissions. When you download a file over HTTP, it arrives as a data file without execute permission set, even if it's a compiled binary.

    chmod +x adds the execute bit for all three groups (owner, group, and others). The equivalent numeric form is chmod 755 (owner: rwx=7, group: r-x=5, others: r-x=5). You can inspect current permissions with ls -l warm -- a file ready to run looks like -rwxr-xr-x, while a non-executable looks like -rw-r--r--.

    Security note: Adding execute permission to untrusted binaries carries real risk. In CTF environments this is expected, but in production systems, only run executables from trusted sources. The principle of least privilege suggests only granting execute permission when necessary, and only to the appropriate users.

  2. Step 2Run with the help flag
    Pass -h to the program. Many programs print usage information -- and in this case, the flag -- when given a help argument.
    ./warm -h
    Learn more

    The help flag convention (-h or --help) is one of the most universal CLI conventions. Almost every well-written command-line program responds to these flags by printing usage information: available options, expected arguments, and brief descriptions. It's the first thing to try when encountering an unfamiliar program.

    Programs implement this using argument parsing. In C, the code checks if argv[1] equals "-h". In Python, the argparse module handles this automatically. In Rust, the clap crate provides it. When a program doesn't respond to -h, try --help, -?, or running it with no arguments -- many programs print usage when called incorrectly.

    Other ways to discover flags and options when official help isn't available:

    • strings warm -- look for embedded option strings like -h, --help, or usage text
    • man warm -- check for a manual page (less common for custom binaries)
    • strace ./warm -- trace system calls to see what the program does
    • ltrace ./warm -- trace library calls to see what functions it calls

Flag

picoCTF{...}

Many programs respond to -h or --help with usage information -- and in this case, the flag.

More General Skills