Description
Solve a quiz whose answers all live in the provided binary and source. Download `vuln.c`, audit the program carefully, and answer every prompt correctly.
Setup
Download vuln.c and the binary.
Read vuln.c to understand the quiz structure and how it handles input.
cat vuln.c
Solution
- Step 1Read the source code thoroughlyDownload and read vuln.c carefully. The program asks 13 quiz questions about the binary's own source code and structure -- things like function names, buffer sizes, loop bounds, and compiler flags. All answers are directly readable from the source.cat vuln.c
- Step 2Answer all 13 questions correctlyConnect to the server and answer each question based on what you read in vuln.c. The questions cover the code's structure (e.g. number of functions, buffer sizes, variable names, specific constants). There is no buffer overflow to exploit -- correct answers unlock the flag.nc <HOST> <PORT_FROM_INSTANCE># Read each question and answer from vuln.c# All answers are facts about the source code itself
- Step 3Receive the flagAfter answering all questions correctly, the server prints the flag. If you get one wrong, restart and try again -- re-read vuln.c for the exact values.
Flag
picoCTF{qu1zpl01t_...}
Quizploit is not an exploit challenge -- it's a code reading exercise. Answer all 13 questions about vuln.c to get the flag.