0x0 Introduction
Feeling lucky?
You must create a flag.txt in the same folder as the binary for it to run.
nc ctf.b01lers.com 9202
Author: robotearthpizza
Difficulty: Easy
files: gambler_baby
0x1 Mitigation
1 | Arch: amd64-64-little |
0x2 Vulnerability
function sym.casino
ask for a 4 byte string using fgets
, then it compare with a random string generate by sym.imp.rand()
.
If we enter the same string as the random one, we get certain amount of money. If we have more than 1000 in balance, the program will print out the flag
1 | { |
The vulnerability here is that the binary never set random seed using srand
, therefore, the sequence rand()
give us will always be the same.
we can use following code to generate string and send string to the server
1 | #include <stdlib.h> |
0x3 Exploit
1 | from pwn import * |
0x4 Flag
forgot