Step 1: Code Review — Understanding Your Challenge

In this step, you’re like a detective analyzing clues. You have two Solidity files, Setup.sol and Creature.sol, which are like the rules of the game.

• Setup.sol sets up the challenge. It creates a 'Creature' with 1 ether, and your goal is to reduce its balance to zero.
• Creature.sol describes the creature you must defeat. It has 20 life points, and you need to bring these points down to zero to win.

To take the flag we have to defeat our enemies with a lifePoints of 20. We have 2 options: punch() and stringAttack(uint256 _damage).

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.13;
contract Creature {
        uint256 public lifePoints;
    address public aggro;
    constructor() payable {
        lifePoints = 20;
    }
    function strongAttack(uint256 _damage) external{
        _dealDamage(_damage);
    }
        function punch() external {
        _dealDamage(1);
    }
    function loot() external {
        require(lifePoints == 0, "Creature is still alive!");
        payable(msg.sender).transfer(address(this).balance);
    }
    function _dealDamage(uint256 _damage) internal {
        aggro = msg.sender;
        lifePoints -= _damage;
    }
}

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.13;
import {Creature} from "./Creature.sol";
contract Setup {
    Creature public immutable TARGET;
    constructor() payable {
        require(msg.value == 1 ether);
        TARGET = new Creature{value: 10}();
    }
        function isSolved() public view returns (bool) {
        return address(TARGET).balance == 0;
    }
}

Lets meet the enemies here — (http://IP:PORT/)

The website also has guides (docs) to help you understand the challenge better.

Here you can see Docs (http://IP:PORT//docs)

You need to check the connections to find needed address TargetAddress and key PrivateKey to solve this challenge

Engaging in the Battle

1. Launching the Attack:

• First, you’ll use the cast tool to interact with the blockchain at the /rpc endpoint. This is like initiating your attack in the digital battle.

https://book.getfoundry.sh/cast/

Execute the command:

cast send --rpc-url http://IP:PORT/rpc --private-key PRIVATE_KEY TARGET_ADDRESS "strongAttack(uint256)" 20.

This action sends a strong attack to the creature with a damage value of 20, aiming to deplete its life points in one go.

2. Claiming Victory and Loot:

Once the creature is defeated, it’s time to claim your rewards.

Use the command:

• cast send --rpc-url http://IP:PORT/rpc --private-key PRIVATE_KEY TARGET_ADDRESS "loot()"

This allows you to collect the loot, symbolizing your success in the challenge.

Bingo we got the flag :)

Thanks for reading :)