See URL for detailed wrteup

format string vuln in main

use this to write another format string in .data which is prtinf'd in the encrypt function

use the second format string to dump the key and IV off the stack

Original writeup (https://github.com/DMArens/CTF-Writeups/tree/master/2018/PragyanCTF/binary/UnbreakableEncryption).