📊 Challenge Overview

Category	Details	Additional Info
🏆 Event	PicoCTF - 2025	Event Link
🔰 Category	Misc	🎯
💎 Points	100	Out of 500 total
⭐ Difficulty	🟢 Easy	Personal Rating: 1/10
👤 Author	Taylor McCampbell	Profile
🎮 Solves (At the time of flag submission)	2.661	solve rate
📅 Date	15-03-2025	PicoCTF - 2025
🦾 Solved By	mH4ck3r0n3	Team:

📝 Challenge Information

Have you heard of Rust? Fix the syntax errors in this Rust file to print the flag! Download the Rust code here.

🎯 Challenge Files & Infrastructure

Provided Files

Files:

•  Attached Files

🔍 Initial Analysis

First Steps

This is the third challenge in the Rust Fixme series. The comments in this challenge are:

• // Did you know you have to do "unsafe" operations in Rust?

As we can imagine, this introduces the use of Rust’s “unsafe” for operations that directly manipulate pointers. Let’s move on to the next phase.

🎯 Solution Path

Exploitation Steps

Exploitation

The first thing I did was uncomment the unsafe block, as it needs to be uncommented to execute it. Then, inside the unsafe block, I kept the code that manipulates raw pointers and created a slice using std::slice::from_raw_parts to get the content of the decrypted buffer. After running the program, I obtained the flag.

🛠️ Exploitation Process

Approach

Since I’ve already explained the fixes made, I’ll just leave the file with the modifications here:

•  Main

🚩 Flag Capture

Flag

picoCTF{n0w_y0uv3_f1x3d_1h3m_411}

Proof of Execution

Screenshot of successful exploitation

🔧 Tools Used

Tool	Purpose
Rust	Exploit

💡 Key Learnings

Skills Improved

• Binary Exploitation
• Reverse Engineering
• Web Exploitation
• Cryptography
• Forensics
• OSINT
• Miscellaneous

📚 References & Resources

Similar Challenges

• Rust Fixme 1
• Rust Fixme 2

Learning Resources

• https://www.rust-lang.org/learn
• https://doc.rust-lang.org/book/ch19-01-unsafe-rust.html

📊 Final Statistics

Created: 15-03-2025 • Last Modified: 15-03-2025 *Author: mH4ck3r0n3 • Team: *