pwnable.kr [Toddler's Bottle

Hey! check out this C implementation of blackjack game!
I found it online

• http://cboard.cprogramming.com/c-programming/114023-simple-blackjack-program.html

I like to give my flags to millionares.
how much money you got?

Running at : nc pwnable.kr 9009

考查...耐心
在看题目代码之前，先简单了解一下Blackjack的规则：

• 这是玩家和庄家之间的对弈类游戏，使用纸牌0-9，J，Q，K，A 分别代表数字0-9，10，12，13，11。A（Ace）也可以代表数字1。
• 初始双方各得到一张牌，双方可以选择 Hit or Stay，Hit 则得到一张牌，Stay则保持不动。
• 以21为界限，一旦一方牌面数字之和超过21，则“爆破”，这一方就输了这一局。
• 如果双方都Stay切牌面之和不超过21，大的获胜。
• 庄家每一局的牌面之和必须大于等于17。
• 任意一方一开始的两张牌若为 J 和 A ，就代表 Blackjack，直接获胜。

具体规则见wikipedia： https://en.wikipedia.org/wiki/Blackjack

接下来我们需要看一段极其冗杂难看逼死强迫症的游戏代码 - -（据他说这是他的 C 语言期末作业，我要是老师我肯定忍不了 :-( ）

结合题目中“ I like to give my flags to millionares. how much money you got?”猜测我们需要在这个游戏里赢到一百万，奈何本金只有500块....

//Global Variables
int k;
int l;
int d;
int won;
int loss;
int cash = 500;    //本金
int bet;
int random_card;
int player_total=0;
int dealer_total;

这里笔者就想到又要用脚本跑了。可是想想这题才 1pt 不至于这么麻烦，耐着性子继续看代码。经过了大量重复的所谓绘图函数以后，看到了用户赌注输入函数 betting。

int betting() //Asks user amount to bet
{
 printf("\n\nEnter Bet: $");
 scanf("%d", &bet);
 
 if (bet > cash) //If player tries to bet more money than player has
 {
        printf("\nYou cannot bet more money than you have.");
        printf("\nEnter Bet: ");
        scanf("%d", &bet);     //这里居然没有进行重新输入的验证
        return bet;
 }
 else return bet;
} // End Function

在第一次输入超过本金之后，第二次的输入不会再经过判断逻辑，所以第一次输入赌注 600 ，第二次直接输入1000000，只需要赢一次就可以变成“百万富翁”了：

Cash: $500
-------
|S    |
|  3  |
|    S|
-------

Your Total is 3

The Dealer Has a Total of 9

Enter Bet: $600

You cannot bet more money than you have.
Enter Bet: 1000000


Would You Like to Hit or Stay?
Please Enter H to Hit or S to Stay.
h
-------
|C    |
|  3  |
|    C|
-------

Your Total is 6

The Dealer Has a Total of 19

Would You Like to Hit or Stay?
Please Enter H to Hit or S to Stay.
h
-------
|S    |
|  J  |
|    S|
-------

Your Total is 16

The Dealer Has a Total of 19

Would You Like to Hit or Stay?
Please Enter H to Hit or S to Stay.
h
-------
|D    |
|  5  |
|    D|
-------

Your Total is 21

The Dealer Has a Total of 19
Unbelievable! You Win!

You have 1 Wins and 0 Losses. Awesome!

Would You Like To Play Again?
Please Enter Y for Yes or N for No
y

YaY_I_AM_A_MILLIONARE_LOL


Cash: $1000500

Flag 在 Cash 超过一百万后就出现了 :P