check_password 함수
너무 복잡허다
void check_password(char *param_1)
{
int iVar1;
int iVar2;
int iVar3;
uint uVar4;
int in_GS_OFFSET;
char *pcStack88;
size_t sStack84;
undefined4 uStack80;
char acStack77 [13];
char *local_40;
int local_3c;
int local_38;
int local_34;
size_t local_30;
int local_2c;
int local_28;
undefined *local_24;
uint local_20;
uint local_1c;
uint local_18;
uint local_14;
int local_10;
local_40 = param_1;
local_10 = *(int *)(in_GS_OFFSET + 0x14);
local_30 = strlen(param_1);
local_2c = ((int)(local_30 + 2) / 3) * 4;
local_28 = local_2c;
uVar4 = (local_2c + 0x10U) / 0x10;
iVar1 = uVar4 * -0x10;
local_24 = acStack77 + iVar1 + 1;
local_3c = 0;
local_38 = 0;
while (iVar3 = local_38, iVar2 = local_3c, local_3c < (int)local_30) {
if (local_3c < (int)local_30) {
local_3c = local_3c + 1;
local_20 = (uint)(byte)local_40[iVar2];
}
else {
local_20 = 0;
}
iVar2 = local_3c;
if (local_3c < (int)local_30) {
local_3c = local_3c + 1;
local_1c = (uint)(byte)local_40[iVar2];
}
else {
local_1c = 0;
}
iVar2 = local_3c;
if (local_3c < (int)local_30) {
local_3c = local_3c + 1;
local_18 = (uint)(byte)local_40[iVar2];
}
else {
local_18 = 0;
}
local_14 = local_18 + local_20 * 0x10000 + local_1c * 0x100;
acStack77[local_38 + iVar1 + 1] = alphabet[local_14 >> 0x12 & 0x3f];
acStack77[local_38 + iVar1 + 2] = alphabet[local_14 >> 0xc & 0x3f];
acStack77[local_38 + iVar1 + 3] = alphabet[local_14 >> 6 & 0x3f];
local_38 = local_38 + 4;
acStack77[iVar3 + iVar1 + 4] = alphabet[local_14 & 0x3f];
}
local_34 = 0;
while (local_34 < *(int *)(alphabet + local_30 * 4 + ((int)local_30 / 3) * -0xc + 0x40)) {
(&stack0xffffffb0)[(local_2c - local_34) + iVar1 + 3] = 0x3d;
local_34 = local_34 + 1;
}
(&sStack84)[uVar4 * 0x3ffffffc] = local_2c;
(&pcStack88)[uVar4 * 0x3ffffffc] = 0x8048850;
*(char **)(&stack0xffffffa4 + iVar1) = acStack77 + iVar1 + 1;
*(undefined4 *)(&stack0xffffffa0 + iVar1) = 0x804871c;
strncmp(*(char **)(&stack0xffffffa4 + iVar1),(&pcStack88)[uVar4 * 0x3ffffffc],
(&sStack84)[uVar4 * 0x3ffffffc]);
if (local_10 != *(int *)(in_GS_OFFSET + 0x14)) {
/* WARNING: Subroutine does not return */
uStack80 = 0x8048732;
__stack_chk_fail();
}
return;
}
main 함수
패스워드 입력해서 check_password를 거쳐 일치하면 where's my flag? 라는 문자열이 나온다. flag는 안나온다.
undefined4 main(int param_1,int param_2)
{
char cVar1;
undefined4 uVar2;
setvbuf(stdout,(char *)0x0,2,0);
if (param_1 < 2) {
puts("Please provide a password!");
uVar2 = 0xffffffff;
}
else {
cVar1 = check_password(*(undefined4 *)(param_2 + 4));
if (cVar1 == '\0') {
puts("Congrats, now where\'s my flag?");
uVar2 = 0;
}
else {
puts("Incorrect Password!");
uVar2 = 0xffffffff;
}
}
return uVar2;
}
더 찾아보니 check_password 함수에서 어떤 문자열을 push한다.
가져와서 보니
SGFja0NURnt3M2xjMG0zXzcwX3IzdjNyNTFuNl93MHJsZEBfQCFfIX0=
끝이 =으로 끝나고 혹시 몰라 base64 복호화 해봤다.
FLAG : HackCTF{w3lc0m3_70_r3v3r51n6_w0rld@_@!_!}
'CTF > Reversing' 카테고리의 다른 글
[WPICTF] Baby's First Reversing (0) | 2021.05.18 |
---|---|
[UMassCTF]easteregg (0) | 2021.03.31 |
[hackCTF] Reversing Me (0) | 2021.01.31 |
[picoCTF] droids2 (0) | 2021.01.20 |
[picoCTF] droids1 (0) | 2021.01.20 |