****DUCTF****

***Formating (Reversing)***

I opened this binary in gdb and keep an eye over the values which pushed into the stack.
And got the flag in hex format.(Decode it into String)

***shellthis (PWn)***

In this binary we have to just redirect the code execution.

Fristly, I calculated the EIP offset (after how many bytes I overflowed the buffer).

Then, Using the Pwntools I ma able to find the address of get_shell function.

Finally run the shellthis.py over the remote server of duc.tf

***rot-i (Crypto)***

As a hint We already know first 6 letter are 'DUCTF{'.

So, I calculated the jump for first letter to become D it is (21).

For 2nd letter it is (20), for next letter it is (19) and so on.....

I observed the pattern, And wrote a script to decrypt the cipher.

****Thank You****