This challenge was based on a behaviour I learnt from reading Attacking Network Protocols (James Forshaw). The bug has to do with some integer trickery and I thought it was pretty neat. Fun fact, I crafted the challenge idea while on security trooper duty (screw NS T.T), hence the security trooper theme of the challenge.
The writeup is a bit lengthy, here's the quick solution run through.
Bribe -2147483648 (INT_MIN) which won't be turned positive by positive
, causing money_left
to be negative and giving us the flag.