Another challenge, another mistake in code. Lotto challenge from pwnable.kr.

### Solution

Let’s log in into provided ssh server and as we have the executable, run the file.

So that’s another guessing game. We can look at help option to look for hints.

To be honest, that’s not much here so let’s get into the code.

Firstly, we notice that unsigned char lotto[6]; is a char variable, so only printable characters. As this lotto takes only numbers in range 1-45, it leaves us with the range of 33 - 45. Looking at the ASCII table, characters with these codes are !"#\$%&'()*+,-.

But after that, we can also notice another bug.

These piece of code means that for each character in the lotto, it will iterate every character in the input. So we can just enter any possible character six times, and with a little bit of luck, we’ll get the match and win the game.

Keep learning and stay safe! ~ W3ndige