If you found this post, you probably already found https://tryhackme.com/room/armageddon2r
See this years' other rooms as well:
Index of this challenge:
This one was a doozy. Finding it was pretty simple in Day 6's challenge with a hint about a ghost.
The task itself is spelled out pretty well in the prompt: Modify your memory buffer to override stored variables. The answers to the questions are out of scope for this article, but let me give a quick breakdown of the path to find the quest room:
1) Overwrite the buffer at the name changer to give yourself as much money as you can, an ascii table would probably be useful here:
2) Talk to the merchant to buy a missing item from her inventory. If you hack in item "a" to your inventory, it's revealed that it's actually a fake item and that she's willing to sell you the real one:
3) Talk to the glitch and learn the requirements for the puzzle:
- Have exactly 31337 coins
- Be named Snowball
- Have a merchant named Midas
- Have a shop keep named Ted
- Have the blue yeti coin in your inventory
- Play the "30 lives" konami code
The big trick was to look back to the prompt to see what's storing the variables. C++ is using little endian (so everything's reversed) and the strings are terminated on null values.
So simply keep talking to the name changer to fill these values in backwards, one at a time from bottom to top (Note that you need to modify the coins to leave yourself enough for the right amount of cash to change your name one last time)
On to the actual quest!