Description:
Participate in 'Hex Hunt,' where you'll journey through intricate bytecode to uncover hidden treasures.
Objective of CTF
Successfully call the solve function.
Note: You can create POCs using Foundry/Hardhat. Without proper POC, your submissions will not be accepted.
Contract Code:
// SPDX-License-Identifier: UNLICENSED
import {Test, console} from "forge-std/Test.sol";
pragma solidity ^0.8.13;
contract HexHunt {
function solve(bytes memory code) public {
bytes memory data = hex"608060405234801561001057600080fd5b50610b97806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80636356ce4f14610030575b600080fd5b61004a60048036038101906100459190610345565b61004c565b005b60006040518060400160405280600d81526020017f616c6d6f737420746865726521000000000000000000000000000000000000008152509050602082015160208201511461009a57600080fd5b60006040518061072001604052806106ed81526020016104756106ed9139905060008151602083016000f0905060008173ffffffffffffffffffffffffffffffffffffffff16866040516100ee919061042e565b6000604051808303816000865af19150503d806000811461012b576040519150601f19603f3d011682016040523d82523d6000602084013e610130565b606091505b505090508061014257610141610445565b5b505050505050565b6000604051905090565b600080fd5b600080fd5b600080fd5b600080fd5b6000601f19601f8301169050919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6101b182610168565b810181811067ffffffffffffffff821117156101d0576101cf610179565b5b80604052505050565b60006101e361014a565b90506101ef82826101a8565b919050565b600067ffffffffffffffff82111561020f5761020e610179565b5b61021882610168565b9050602081019050919050565b82818337600083830152505050565b6000610247610242846101f4565b6101d9565b90508281526020810184848401111561026357610262610163565b5b61026e848285610225565b509392505050565b600082601f83011261028b5761028a61015e565b5b813561029b848260208601610234565b91505092915050565b600067ffffffffffffffff8211156102bf576102be610179565b5b6102c882610168565b9050602081019050919050565b60006102e86102e3846102a4565b6101d9565b90508281526020810184848401111561030457610303610163565b5b61030f848285610225565b509392505050565b600082601f83011261032c5761032b61015e565b5b813561033c8482602086016102d5565b91505092915050565b6000806040838503121561035c5761035b610154565b5b600083013567ffffffffffffffff81111561037a57610379610159565b5b61038685828601610276565b925050602083013567ffffffffffffffff8111156103a7576103a6610159565b5b6103b385828601610317565b9150509250929050565b600081519050919050565b600081905092915050565b60005b838110156103f15780820151818401526020810190506103d6565b60008484015250505050565b6000610408826103bd565b61041281856103c8565b93506104228185602086016103d3565b80840191505092915050565b600061043a82846103fd565b915081905092915050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052600160045260246000fdfe6106c7610011610000396106c7610000f360003560e01c6002600c820660011b6106af01601e39600051565b636e6ecf9681186102b7576044361034176106aa5760043560040160208135116106aa57803560208160051b01808360403750505060405160208160051b018061046082604060045afa5050506110f1610880526105336108a05260216108c052604d6108e0526104d2610900526110e1610920526000600f905b806109405261046051601f81116106aa576109405161094051600381169050600581116106aa5760051b610880015161094051188082028115838383041417156106aa579050905061094051600281018181106106aa579050600681069050600581116106aa5760051b61088001518082018281106106aa5790509050610940518082018281106106aa579050905061094051600f81018181106106aa579050610460518110156106aa5760051b6104800151188160051b610480015260018101610460525061094051601181018181106106aa579050610460518110156106aa5760051b610480015161094051610460518110156106aa5760051b6104800151186106aa576001018181186100955750506000600f905b806109405261094051601181018181106106aa579050610460518110156106aa5760051b610480015161094051610460518110156106aa5760051b6104800151186106aa576001018181186101ad575050601061046051106106aa57600f60051b6104800151601161046051106106aa57601060051b61048001518082028115838383041417156106aa57905090506106aa5766028e44ea450877601061046051106106aa57600f60051b6104800151601161046051106106aa57601060051b61048001518082018281106106aa5790509050186106aa57601161046051106106aa57601060051b6104800151601061046051106106aa57600f60051b610480015111156106aa57005b63f5961b6e81186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd6106a4565b639b30d82481186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd6106a4565b63bc9568b181186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd6106a4565b63a89ac83c81186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd6106a4565b636672f65a81186104e857346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd5b63559b012681186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd6106a4565b63819ae50981186105c657346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd5b6318a3fc4981186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd6106a4565b6386a2951f81186106a457346106aa5760036040527f626164000000000000000000000000000000000000000000000000000000000060605260405060405180606001601f826000031636823750506308c379a06000526020602052601f19601f6040510116604401601cfd5b60006000fd5b600080fd040a06a406a406a406a40559047b06a403280399001a0637841906c781181800a16576797065728300030a0015a26469706673582212207f58da07254badd9581433ec3c63f99de613ccbc56252e3840f4d24727cbf0ef64736f6c63430008150033";
address addr;
assembly {
addr := create(0, add(data, 32), mload(data))
}
uint sz;
assembly {
sz := extcodesize(addr)
}
assert(sz != 0);
(bool success,) = addr.call(code);
assert(success);
}
}
Foundry Setup:
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.13;
import {Test, console2} from "forge-std/Test.sol";
import {HexHunt} from "../src/HexHunt.sol";
contract HexHuntTest is Test {
HexHunt public hexht;
function setUp() public {
hexht = new HexHunt();
}
function test_otter() public {
bytes memory data;
hexht.solve(data);
}
}
Solutions:
Coming Soon…..
Author -
Robert Chen @Ottersec