🎯 Rust Fixme 2

A detailed write-up of the Misc challenge 'Rust Fixme 2' from PicoCTF - 2025

mH4ck3r0n3 Ethical Hacking/CTFs/Jeopardy/PicoCTF-2025/General Skills

19/03/2025 365 words 2 minutes

Contents

/images/PicoCTF-2025/Misc/RustFixme2/challenge_presentation.png — Challenge Presentation

📊 Challenge Overview

Category Details Additional Info

🏆 Event PicoCTF - 2025 Event Link

🔰 Category Misc 🎯

💎 Points 100 Out of 500 total

⭐ Difficulty 🟢 Easy Personal Rating: 1/10

👤 Author Taylor McCampbell Profile

🎮 Solves (At the time of flag submission) 2.753 solve rate

📅 Date 15-03-2025 PicoCTF - 2025

🦾 Solved By mH4c3r0n3 Team:

Category	Details	Additional Info
🏆 Event	PicoCTF - 2025	Event Link
🔰 Category	Misc	🎯
💎 Points	100	Out of 500 total
⭐ Difficulty	🟢 Easy	Personal Rating: 1/10
👤 Author	Taylor McCampbell	Profile
🎮 Solves (At the time of flag submission)	2.753	solve rate
📅 Date	15-03-2025	PicoCTF - 2025
🦾 Solved By	mH4c3r0n3	Team:

📝 Challenge Information

The Rust saga continues? I ask you, can I borrow that, pleeeeeaaaasseeeee? Download the Rust code here.

🎯 Challenge Files & Infrastructure

Provided Files

Files:

Attached Files

🔍 Initial Analysis

First Steps

This is the second challenge in the Rust Fixme series. Here, we are also given comments that serve as hints:

// How do we pass values to a function that we want to change?

// Is this the correct way to pass a value to a function so that it can be changed?

Let’s proceed directly to the exploitation phase.

🎯 Solution Path

Exploitation Steps

Exploitation

The changes I made were the following:

I changed the function signature of decrypt to accept a &mut String as the second parameter, so that the value of the string can be modified.

The variable party_foul is now mutable (let mut party_foul = ...), because it needs to be modified inside the function.

When passing party_foul to the decrypt function, I did so as &mut party_foul to ensure the function could modify it.

After that, I ran the program and found the flag.

🛠️ Exploitation Process

Approach

Since the procedure has already been explained, I’ll just leave the corrected file here:

Main

🚩 Flag Capture

Flag

picoCTF{4r3_y0u_h4v1n5_fun_y31?}

Proof of Execution

Automated Flag

Screenshot of successful exploitation

🔧 Tools Used

Tool Purpose

Rust Exploit

Tool	Purpose
Rust	Exploit

💡 Key Learnings

Skills Improved

Binary Exploitation

Reverse Engineering

Web Exploitation

Cryptography

Forensics

OSINT

Miscellaneous

📚 References & Resources

[!info]+ Additional Information

Similar Challenges

Rust Fixme 1

Rust Fixme 3

Learning Resources

https://www.rust-lang.org/learn

📊 Final Statistics

Metric	Value	Notes
Time to Solve	00:05	From start to flag
Global Ranking (At the time of flag submission)	1175/10517	Challenge ranking
Points Earned	100	Team contribution

Created: 15-03-2025 • Last Modified: 15-03-2025 *Author: mH4c3r0n3 • Team: *