picoCTF Solutions
picoGym ExclusiveReverse EngineeringMedium

GDB baby step 2

Published: March 5, 2024Updated: December 9, 2025

Description

Continue practicing with debugger0_b by reporting the value in EAX right before main returns. Convert the result to decimal for the final flag.

Setup

Debugger practiceDownload debugger0_b

Make the binary executable and load it into gdb with layout asm so you can watch instructions in context.

Place a breakpoint after the final arithmetic instruction (main+59) to read registers at the exact moment main is about to return.

wget https://artifacts.picoctf.net/c/520/debugger0_b
chmod +x debugger0_b
gdb --args ./debugger0_b

Solution

  1. Step 1Break after the math
    Inside gdb, set b *(main+59). This lands execution immediately after the last modification of EAX so the register holds its final value.
    b *(main+59)
    run
  2. Step 2Print EAX and convert
    Once the breakpoint hits, run print $eax to capture the register contents. Convert that hexadecimal (if needed) into decimal and wrap it with picoCTF{...}.
    print $eax

Flag

picoCTF{<eax_decimal>}

Your decimal value depends on the constant embedded in debugger0_b-replace <eax_decimal> with the number you observe in gdb.