picoCTF Solutions
picoCTF 2025General SkillsEasy

Rust fixme 2

Published: April 2, 2025Updated: December 9, 2025

Description

Fix borrowing issues in a simple XOR decrypter: pass a mutable string to `decrypt`, unwrap the XORCryptor constructor safely, and mutate the buffer so the flag prints.

Setup

Download fixme2.tar.gz

Extract the archive and `cd fixme2`.

Use `cargo run` to see the borrow checker complaints and compiler errors.

tar -xvf fixme2.tar.gz && cd fixme2
cargo run

Solution

  1. Step 1Borrow the string mutably
    Change the function signature to accept `&mut String` and call it with `&mut party_foul` so the helper can append to the string.
  2. Step 2Handle the XORCryptor constructor
    Wrap the decrypt logic in `if let Ok(xrc) = XORCryptor::new(&key)` because the previous code tried to use `res` even if construction failed.
  3. Step 3Allow mutation in main
    Declare `let mut party_foul = ...` so the borrowed string can be mutated, then rerun `cargo run` to decrypt and print the flag.

Flag

picoCTF{4r3_y0u_h4v1n5_fun_...}

This task reinforces Rust’s borrowing rules, and Fixme 3 builds on the same pattern with a slightly larger project.