Strace and the utumno0 CTF

I'm trying to figure out the "utumno0" Capture The Flag (it can be found
here[1]).

No success so far, but trying to solve this exercise I decided to read
the strace(1) manpage thoroughly, to understand if it could be a valuable
tool.

I find strace(1) to be really a valuable tool for reverse engineering and
computer forensics!  I collected a few flags that I find interesting in my
"Today I Learned"[2] list, and I'll report them here too.

[1] https://overthewire.org/wargames/
[2] gopher://dacav.org/0/textfiles/til.txt

				      ...

Useful strace(1) options

The -e flag can be used for a variety of things:

 - To filter the systemcall.  It supports classe of syscalls, e.g.
   `strace -e %file x` is equivalent to
   `strace -e trace=open,stat,chmod,unlink,... x`.
   Hidden jems in the available classes.

 - To dump the data of the read/write operations.

 - To decode information about the file descriptors (e.g path of the files)
   (see also -y / -yy / -Y)

 - To inject syscall behaviours.

The -c flag shows a table of statistics on invoked syscalls.

The -z/-Z flags filter successful and faulty syscalls respectively.

The -r/-T flags measure times between and within syscalls respectively.
Possibly useful for a rough performance assessment.