added a integer overflow problem, included source and flag but neither of those should be provided to the user
This commit is contained in:
parent
55f4a1a7f6
commit
fb61e5916e
6 changed files with 90 additions and 0 deletions
BIN
risky-business/casino
Normal file
BIN
risky-business/casino
Normal file
Binary file not shown.
1
risky-business/description.md
Normal file
1
risky-business/description.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
We wanted to branch into the casino business, but human employees are too expensive so we decided to automate it. I feel like we missed something obvious though... Oh well! Here's the binary: [casino](casino) (MZ SHELL SERVER THING)
|
1
risky-business/flag.txt
Normal file
1
risky-business/flag.txt
Normal file
|
@ -0,0 +1 @@
|
||||||
|
easyctf{m4by3_w3_c0u1d_h4v3_d0n3_th47_b3t7er}
|
4
risky-business/grader.py
Normal file
4
risky-business/grader.py
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
def grade(autogen, key):
|
||||||
|
if key.find("m4by3_w3_c0u1d_h4v3_d0n3_th47_b3t7er") != -1:
|
||||||
|
return True, "Correct!"
|
||||||
|
return False, "Nope!"
|
75
risky-business/main.cpp
Normal file
75
risky-business/main.cpp
Normal file
|
@ -0,0 +1,75 @@
|
||||||
|
#include <iostream>
|
||||||
|
#include <fstream>
|
||||||
|
#include <sstream>
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
|
||||||
|
bool gamble()
|
||||||
|
{
|
||||||
|
if (rand() % 5 == 0)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
void printflag()
|
||||||
|
{
|
||||||
|
std::cout << "Welcome to our exclusive club!" << std::endl;
|
||||||
|
std::ifstream flagI("flag.txt");
|
||||||
|
std::string flag;
|
||||||
|
getline(flagI, flag);
|
||||||
|
flagI.close();
|
||||||
|
std::cout << "Here's our special flag: " << flag << std::endl;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int networth = 100000;
|
||||||
|
int main()
|
||||||
|
{
|
||||||
|
std::cout << "Welcome to the EasyCTF 2017 Casino" << std::endl;
|
||||||
|
std::cout << "Try your luck and gain access to our exclusive club!" << std::endl;
|
||||||
|
while (true)
|
||||||
|
{
|
||||||
|
std::cout << std::endl;
|
||||||
|
std::cout << "Your net worth is: $" << networth << std::endl;
|
||||||
|
if (networth > 2000000000)
|
||||||
|
{
|
||||||
|
printflag();
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
std::cout << "Please enter how much you would like to bet:" << std::endl;
|
||||||
|
std::string tmp;
|
||||||
|
getline(std::cin, tmp);
|
||||||
|
std::stringstream s(tmp);
|
||||||
|
int inp;
|
||||||
|
s >> inp;
|
||||||
|
if (!s.eof() || s.fail())
|
||||||
|
{
|
||||||
|
std::cout << "That was not a valid number :(";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (inp <= 0)
|
||||||
|
{
|
||||||
|
std::cout << "You must bet a positive amount" << std::endl;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (inp > 100000000)
|
||||||
|
{
|
||||||
|
std::cout << "Sorry, the most we can allow you to bet is $100,000,000" << std::endl;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (!gamble())
|
||||||
|
{
|
||||||
|
std::cout << "Sorry, I'm afraid you've lost :(" << std::endl;
|
||||||
|
networth -= inp;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
std::cout << "Congratulations, you won!" << std::endl;
|
||||||
|
networth += inp;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
9
risky-business/problem.yml
Normal file
9
risky-business/problem.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
author: GenericNickname
|
||||||
|
title: Risky Business
|
||||||
|
hint: I wonder how you could make a lot of money...
|
||||||
|
category: Binary Exploitation
|
||||||
|
autogen: false
|
||||||
|
programming: false
|
||||||
|
value: 100
|
||||||
|
files:
|
||||||
|
- casino
|
Loading…
Reference in a new issue