Nous avons ici à disposition un fichier CATCHME.EXE
Lançons ce binaire :
kali@Tyrell:~/FCSC/2025/Intro/cactch_me$ wine CATCHME.EXE
On a Frank ici. Losque l'on clique dessus une toolbox s'affiche et dit :
Et Frank change de place. Impossible de cliquer dessus, à peine la souris rapproché de la case, il change de place avant même de cliquer.
L'astuce serait de le bloquer sur sa case pour pouvoir cliquer dessus.
On peut utilser GDB pour celà.
Une fois lancé le binaire (comme montré plus haut), on fait :
kali@Tyrell:~/FCSC/2025/Intro/cactch_me$ sudo gdb -p $(pidof CATCHME.EXE)
GNU gdb (Debian 16.3-1) 16.3
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 68827
Reading symbols from /usr/lib/wine/wine...
(No debugging symbols found in /usr/lib/wine/wine)
Reading symbols from /lib/i386-linux-gnu/libc.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libc.so.6)
Reading symbols from /lib/ld-linux.so.2...
(No debugging symbols found in /lib/ld-linux.so.2)
Reading symbols from /usr/lib/wine/../i386-linux-gnu/wine/i386-unix/ntdll.so...
(No debugging symbols found in /usr/lib/wine/../i386-linux-gnu/wine/i386-unix/ntdll.so)
Reading symbols from /usr/lib/i386-linux-gnu/wine/i386-unix/win32u.so...
(No debugging symbols found in /usr/lib/i386-linux-gnu/wine/i386-unix/win32u.so)
Reading symbols from /lib/i386-linux-gnu/libm.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libm.so.6)
Reading symbols from /lib/i386-linux-gnu/libfreetype.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libfreetype.so.6)
Reading symbols from /lib/i386-linux-gnu/libz.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libz.so.1)
Reading symbols from /lib/i386-linux-gnu/libbz2.so.1.0...
(No debugging symbols found in /lib/i386-linux-gnu/libbz2.so.1.0)
Reading symbols from /lib/i386-linux-gnu/libpng16.so.16...
(No debugging symbols found in /lib/i386-linux-gnu/libpng16.so.16)
Reading symbols from /lib/i386-linux-gnu/libbrotlidec.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libbrotlidec.so.1)
Reading symbols from /lib/i386-linux-gnu/libbrotlicommon.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libbrotlicommon.so.1)
Reading symbols from /lib/i386-linux-gnu/libfontconfig.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libfontconfig.so.1)
Reading symbols from /lib/i386-linux-gnu/libexpat.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libexpat.so.1)
Reading symbols from /usr/lib/i386-linux-gnu/wine/i386-unix/winex11.so...
(No debugging symbols found in /usr/lib/i386-linux-gnu/wine/i386-unix/winex11.so)
Reading symbols from /lib/i386-linux-gnu/libXext.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libXext.so.6)
Reading symbols from /lib/i386-linux-gnu/libX11.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libX11.so.6)
Reading symbols from /lib/i386-linux-gnu/libxcb.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libxcb.so.1)
Reading symbols from /lib/i386-linux-gnu/libXau.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libXau.so.6)
Reading symbols from /lib/i386-linux-gnu/libXdmcp.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libXdmcp.so.6)
Reading symbols from /lib/i386-linux-gnu/libXinerama.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libXinerama.so.1)
Reading symbols from /lib/i386-linux-gnu/libXxf86vm.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libXxf86vm.so.1)
Reading symbols from /lib/i386-linux-gnu/libXrender.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libXrender.so.1)
Reading symbols from /lib/i386-linux-gnu/libXrandr.so.2...
(No debugging symbols found in /lib/i386-linux-gnu/libXrandr.so.2)
Reading symbols from /lib/i386-linux-gnu/libXcomposite.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libXcomposite.so.1)
Reading symbols from /lib/i386-linux-gnu/libXi.so.6...
(No debugging symbols found in /lib/i386-linux-gnu/libXi.so.6)
Reading symbols from /lib/i386-linux-gnu/libXcursor.so.1...
(No debugging symbols found in /lib/i386-linux-gnu/libXcursor.so.1)
Reading symbols from /lib/i386-linux-gnu/libXfixes.so.3...
(No debugging symbols found in /lib/i386-linux-gnu/libXfixes.so.3)
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0xf7f2e579 in __kernel_vsyscall ()
(gdb)
On voit ici que GDB s'est arrêté ici. Il attend un évènement système (un clic par exemple).
Nous allons donc essayer de cliquer sur Frank :
On voit bien que le programme est en pause. Nous allons donc dire à [GDB](https://fr.wikipedia.org/wiki/GNU_Debugger) de continuer :
0xf7f2e579 in __kernel_vsyscall ()
(gdb) continue
Continuing.
Et le résultat :
Nous avons donc réussi à cliquer sur Frank et on a le flag :
FCSC{Wh4t 4 sup3rb 90's f4shion3d GUI}