This is a C program designed for CTF (Capture The Flag) competitions. It provides a way to display a flag by running a program with a specific argument. If the argument provided is correct, it displays the flag. The program then removes itself and the flag regardless if an argument was provided or correct, giving the player only one chance.
This should only be used for bonus flags as it effectively removes any other means of acquiring the flag (unless the box is rooted and the flag.txt is read before running the binary).
-
Ensure you have a C compiler installed on your system (e.g., GCC).
-
Clone or download the repository containing this program.
git clone https://github.com/tom-johnsen/vanish.git cd vanishwget "https://github.com/tom-johnsen/vanish/archive/refs/heads/master.zip" unzip master.zip cd vanish
-
Change the
flag_arginside vanish.c, remember to leave a hint for the player elsewhere on the box.const char *flag_arg = "Sup3R_S3cR3T_aRgUm3Nt";
The argument may contain spaces, but the player must use
./vanish "multiple arguments"syntax and not./vanish multiple argumentsthen. It is recommended to not use spaces to avoid misunderstandings. -
Compile the program:
gcc vanish.c -o vanish
If you are compiling the binary outside of the box move it into the box now.
-
Create the
flag.txtfile in the same directory as the binary and populate it with the flag (max 256 chars). -
Set the ownership and permissions for the
flag.txtandvanishbinary:sudo chown root:root flag.txt vanish sudo chmod 400 flag.txt && sudo chmod 4701 vanish -
You are now staged and ready for players to run the box.
-
When the player executes the compiled program, one of two things happens:
./vanish wrong_or_no_argument # The flag is NOT displayed. ./vanish correct_argument # The flag IS displayed.
-
The binary and flag.txt is now gone, regardless if the flag was displayed or not.
This program is released under the MIT License.