Editorial for DMOJ Capture The Flag '20 B1 - Super Secure Pseudorandom Number Generator
Remember to use this editorial only when stuck, and not to copy-paste code from it. Please be respectful to the problem author and editorialist.
Submitting an official solution before solving the problem yourself is a bannable offence.
Submitting an official solution before solving the problem yourself is a bannable offence.
Author:
This is a simple integer overflow exploit. Notice that can overflow an integer relatively easily, so we can get enough money to generate the flag. Next, to get the flag, you had to enter the secret code. In this case, the secret code was the value of
rand(), which is seeded with srand(). Notice that the seed is the time in seconds, meaning it is very easy to get the equivalent seed locally. Thus, you know the secret key, and can retrieve the flag.
Comments