picoCTF Solutions
picoGym ExclusiveReverse EngineeringMedium

GDB baby step 1

Published: March 5, 2024Updated: December 9, 2025

Description

Disassemble debugger0_a and report the final value placed into EAX before main returns. Format the answer as picoCTF{n} where n is the decimal representation.

Setup

Static + GDBDownload debugger0_a

Make the binary executable and open it inside gdb with layout asm so you can watch instructions update EAX.

Alternatively, run objdump -D debugger0_a | less and search for main to read the assembly without a debugger.

wget https://artifacts.picoctf.net/c/512/debugger0_a
chmod +x debugger0_a
gdb --args ./debugger0_a

Solution

  1. Step 1Observe the assignment
    Stepping through main shows a MOV that loads 0x86342 into EAX right before the function returns. No further arithmetic occurs afterward.
  2. Step 2Convert to decimal
    Use printf or python to convert 0x86342 to decimal, since the flag expects picoCTF{n} where n is decimal.
    python3 - <<'PY' print(0x86342) PY
    printf "picoCTF{%d}\n" 0x86342

Flag

picoCTF{549698}

Every run produces the same deterministic constant, so any disassembly workflow that recovers 0x86342 works.