wget -r fun.ritsec.club:8007 You may find the file Fl4gggg1337.html is referenced or has already been download. The flag wasn’t there, but it has link to Stars.html. Fetch that file, the base64 encoded string is the flag for this challenge.

By judging the program’s interface, we know that it was a heap challenge. Spent quite a lot of time reversing it, I figured it out that it malloc a few bytes for the person struct on the heap, then the name will be malloc with the size entered and that address will be put in the person struct.

babyOVERFLOW Exploit Tên file bài này gợi ý rất nhiều. “baby” thường được dùng trong CTF chỉ những bài đơn giản dành cho người mới “OVERFLOW” ở đây thì chỉ đến stack buffer overflow. Chạy nó, nhập vào thì nó in ra lại đúng như thế.