Challenge description
Keygenme...sort of
Author:
akhbaar
The keygen
As usual, we start by trying to run the executable.
./chicagobut unfortunately, we get
... Bad lenght! ...Opening the file with ghidra, we see that the file is a rust compiled executable, withA TON of functions (I suppose from the rust standard library). After some time we find themain, with an interesting portion of code:
if(local_1a8<10){FUN_00107480("Bad length ...So the length of the input must be at least 10.
Also, after some analysis and variable renaming, we find that
actual_num=input[i]-0x30;// 0x30 is the ascii code for '0'So every character of the input must be a digit.
if(((i&1)!=0)&&(actual_num=actual_num*2,L'4'<(uint)input[i])){actual_num=(uint)(byte)((char)(actual_num&0xff)+(char)((actual_num&0xff)/10)*-9);}So if the index of the character is odd, we multiply it by 2.
Also, if the original number is greater than 4, we replace it with $x + x / 10 * -9$, where $x$ is the original number.
Then, at least that's what I thought, it gets compared to the first character of the input, and if it's equal we get the flag.
The real keygen
After spending much more time than I should have, and after writing a python script to bruteforce the flag, I was so surprised when the first number it tried checked all the conditions.
As you could have guessed, the first and most obvious string that my script tried was0000000000, and it worked 😭.
To get the flag, I then just had to run the program with./chicago 0000000000.
Top comments(0)
For further actions, you may consider blocking this person and/orreporting abuse
Read next
Unveiling a New Era in Open Source Licensing
Zhang Wei -
Unveiling the Samba Public License: A Deep Dive into Fair Code Licensing
Laetitia Perraut -
Engaging Exploration of the Open Invention Network License
Ahmend Riss -
Unveiling Open Data Commons Public Domain Dedication and License: A Deep Dive
Rachel Duncan -
