BroncoCTF 'Negative Bread' Challenge Solved via Signed Integer Flaw in Bank Binary
A BroncoCTF challenge presented participants with a 64-bit ELF binary simulating a bank, where the goal was to raise a starting balance of $100 to $1,000,000 to unlock a flag. The binary contained a 'Dispute a Charge' feature that checked the absolute value of the input for bounds enforcement but applied the original signed integer directly to the balance. By entering a large negative number, the absolute value passed the magnitude check while the negative value was added to the balance, causing an integer underflow that pushed the balance past the winning threshold. This check-effect mismatch, combined with the absence of stack canaries, NX protection, or PIE, made the binary straightforward to exploit without advanced techniques like ROP chains. The unstripped binary also exposed a dedicated 'win' function that printed the flag once the balance condition was met, confirming the vulnerability required only a single malformed dispute input.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)
Log in to join the discussion and vote.
Log in