Writeup in progress
Currently making the solution for babygame03 and the walkthrough will be published here as soon as it's ready.
Check back soon, or follow our latest updates on the homepage to be notified when the full writeup goes live.
babygame03 picoCTF 2024 Solution
Published: April 3, 2024
Want more picoCTF 2024 writeups?
Useful tools for Binary Exploitation
- Hex ViewerView text or raw hex bytes as a xxd-style hex dump with byte offset, hex columns, and ASCII sidebar. Highlights printable characters and null bytes.
- Binary CalculatorPerform binary arithmetic (add, subtract, multiply, divide) with copyable outputs in every base.
- Bit Shift CalculatorPerform left/right bit shifts and see the result across binary, octal, decimal, and hex.
- Number Base ConverterConvert numbers between binary, octal, decimal, and hexadecimal instantly. Enter any value and see all four bases update in real time.
Related reading
- Buffer Overflow and Binary Exploitation for CTFA practical guide to binary exploitation techniques in CTF competitions: stack buffer overflows, ret2win, format string attacks, heap exploitation, and ASLR/PIE bypass - with picoCTF challenge links for each technique.
- Format String Vulnerabilities for CTF Binary ExploitationA beginner-friendly guide to format string vulnerabilities in CTF binary exploitation: how printf leaks memory, finding the format string offset, writing arbitrary values with %n, and walking through the picoCTF format string series.
- Bypassing ASLR and PIE in CTF Binary Exploitation (picoCTF Guide)A deep-dive guide to bypassing ASLR and PIE in CTF binary exploitation: memory leak techniques, ret2libc, ROP chains, one_gadget, partial overwrites, and real pwntools scripts - with picoCTF challenge links throughout.
What to try next
- Binary ExploitationHard
babygame02
A harder babygame with added protections. Exploit out-of-bounds player movement to overwrite a function pointer and force the flag to print.
picoCTF 2023 - Binary ExploitationHard
Guessing Game 2
Two-stage exploit: format string leaks the stack canary, then ret2libc via overflow with canary bypass.
picoCTF 2020 Mini-Competition - Binary ExploitationMedium
Guessing Game 1
Predict the time-seeded rand() number, then exploit 120-byte overflow into a 100-byte buffer using a ROP chain to make the stack executable.
picoCTF 2020 Mini-Competition - CryptographyMedium
New Caesar
Brute-force 16 possible key values in a custom base-16 Caesar cipher to find the readable plaintext.
picoCTF 2021 - Binary ExploitationMedium
babygame01
Wrap around the game map's top-left corner to increment the flag counter, then reach the exit via netcat.
picoCTF 2023 - CryptographyHard
New Vignere
Break a modified Vigenere cipher that operates on a custom alphabet or with non-standard key scheduling. Adapt classical cryptanalysis techniques to recover the plaintext.
picoCTF 2021