1. Open Source
Open-source
1 #include <stdio.h> 2 #include <string.h> 3 4 int main(int argc, char *argv[]) { 5 if (argc != 4) { 6 printf("what?\n"); 7 exit(1); 8 } 9 10 unsigned int first = atoi(argv[1]); 11 if (first != 0xcafe) { 12 printf("you are wrong, sorry.\n"); 13 exit(2); 14 } 15 16 unsigned int second = atoi(argv[2]); 17 if (second % 5 == 3 || second % 17 != 8) { 18 printf("ha, you won't get it!\n"); 19 exit(3); 20 } 21 22 if (strcmp("h4cky0u", argv[3])) { 23 printf("so close, dude!\n"); 24 exit(4); 25 } 26 27 printf("Brr wrrr grr\n"); 28 29 unsigned int hash = first * 31337 + (second % 17) * 11 + strlen(argv[3]) - 1615810207; 30 31 printf("Get your key: "); 32 printf("%x\n", hash); 33 34 return 0; 35 }
2. Analysis
Obviously, calculation In Flag line 29, line 32 hexadecimal code output. Line 29 is the use of code argv [1] ~ argv [3] calculated data.
2.1 argv[1]
if (first != 0xcafe) { printf("you are wrong, sorry.\n"); exit(2); }
0xcafe does not mean exit, that first = 0xcafe
2.2 argv[2]
if (second % 5 == 3 || second % 17 != 8) { printf("ha, you won't get it!\n"); exit(3); }
If conditions are satisfied quit, I think the number is not satisfied with the first 25, second = 25
2.3 argv[3]
if (strcmp("h4cky0u", argv[3])) { printf("so close, dude!\n"); exit(4); }
Equal strcmp returns 0, if exit condition that argv [3] = "h4cky0u"
3.get flag!
In summary, to write the code flag Solutions
#include <stdio.h> #include <string.h> int main(int argc, char* argv[]) { int first = 0xcafe; int second = 25; argv[3] = "h4cky0u"; printf("Brr wrrr grr\n"); unsigned int hash = first * 31337 + (second % 17) * 11 + strlen(argv[3]) - 1615810207; printf("Get your key: "); printf("%x\n", hash); system("PAUSE"); return 0; }