Challenge

Control the return address and arguments This time you'll need to control the arguments to the function you return to! Can you get the flag from this program? You can view source here. And connect with it using nc saturn.picoctf.net 50541

Solution

This challenge is almost identical to OverFlow 2 from PicoCTF 2019. However, we use ROP for this exploit since it is easy with pwntools. Alternatively, the method from the link above should work too.

Flag

picoCTF{argum3nt5_4_d4yZ_b3fd8f66}