🏳️
Bag of Flags
  • Home
  • 2023
    • 🅿️picoCTF 2023
      • money-ware
      • repetitions
      • two-sum
      • ReadMyCert
      • rotation
      • hideme
      • PcapPoisoning
      • who is it
      • Reverse
      • timer
      • Safe Opener 2
      • findme
      • MatchTheRegex
      • SOAP
    • 🐦magpieCTF 2023
      • Space Plan
      • Space Exploration
      • So Meta
      • There is no flag
      • Momma says to play fair
      • Rubis
      • What is the password?
      • Eavesdropper
      • Shredded
      • Missing Flag
      • This outta be large enough right?
      • No Password Here
      • Chocolate Chips with Zero-G
      • Education Comes First
    • 🌴ISSessions CTF 2023
      • Basic Permissions
      • Crack Me
      • File Detective
      • Word Vomit
      • Fileception
      • Coding Time
      • Ghost File
      • CryptoTools1
      • CryptoTools2
      • 1337
      • ROT++
      • RunedMyDay
      • RSA_2
      • The Man Who Sold the World
      • VaultChallenge
      • Lost Media
      • Decontamination
      • Decade Capsule
      • Password in A Haystack
  • 2022
    • 🏁UW CTF S22
      • 0s and 1s
      • simple image
      • Helikopter
      • Meow
      • Google Form
      • Strings, literally
      • WASM
      • Audio
      • Pwn0
      • YATD
      • steg
      • Passwords
      • Vitalik
  • Practice
    • 🧠CryptoHack
      • Introduction
        • Finding Flags
        • Great Snakes
      • General
        • ASCII
        • Hex
        • Base64
        • Bytes and Big Integers
        • XOR Starter
        • XOR Properties
        • Favourite byte
        • You either know, XOR you don't
        • Greatest Common Divisor
Powered by GitBook
On this page
  • Description
  • Hints
  • Algebra
  • Flag
  1. 2023
  2. picoCTF 2023

two-sum

Description

Can you solve this?

What two positive numbers can make this possible: n1 > n1 + n2 OR n2 > n1 + n2

Enter them here nc saturn.picoctf.net 61200. Source

Hints

1

Integer overflow

2

Not necessarily a math problem

Algebra

Of course n1 > n1 + n2 OR n2 > n1 + n2 is impossible for positive integers n1 and n2 so let's look into the flag.c source file

First we have a function which adds two integers

static int addIntOvf(int result, int a, int b) {
    result = a + b;
    if(a > 0 && b > 0 && result < 0)
        return -1;
    if(a < 0 && b < 0 && result > 0)
        return -1;
    return 0;
}

It returns -1 if a and b are negative but a + b is positive, or a and b are positive but a + b is negative

Then in the main function we have the following if statment which may print the flag

if (scanf("%d", &num1) && scanf("%d", &num2)) {
    printf("You entered %d and %d\n", num1, num2);
    fflush(stdout);
    sum = num1 + num2;
    if (addIntOvf(sum, num1, num2) == 0) {
        printf("No overflow\n");
        fflush(stdout);
        exit(0);
    } else if (addIntOvf(sum, num1, num2) == -1) {
        printf("You have an integer overflow\n");
        fflush(stdout);
    }

    if (num1 > 0 || num2 > 0) {
        flag = fopen("flag.txt","r");
        if(flag == NULL){
            printf("flag not found: please run this on the server\n");
            fflush(stdout);
            exit(0);
        }
        char buf[60];
        fgets(buf, 59, flag);
        printf("YOUR FLAG IS: %s\n", buf);
        fflush(stdout);
        exit(0);
    }
}

  • Reads in numbers num1 and num2 from input and gets the sum = num1 + num2

  • If addIntOvf(sum, num1, num2) is 0, then there is "No overflow" and the program exits

  • Otherwise addIntOvf(sum, num1, num2) is -1 and there's an integer overflow, so the program continues

  • Then the program checks if at least one of num1 and num2 are positive, then it will print out the flag for us

So we need addIntOvf to return -1 for two positive integers. Of course, this isn't possible with normal integers, but we can try to remedy this with an integer overflow

In C, the maximum possible value of an int is 2147483647

We can try passing in 2147483647 and 1, so the sum causes a buffer overflow and the result is negative, which will return -1 for addIntOvf

Flag

picoCTF{Tw0_Sum_Integer_Bu773R_0v3rfl0w_ccd078bd}

PreviousrepetitionsNextReadMyCert

Last updated 2 years ago

🅿️