"Greetings challenger! Step right up and try your shot at gaining the flag!"
"You'll have to know the pascode to unlock the prize:"
The program then waits for console input. I tried putting in "test" and the program immediately threw an exception and crashed. I then proceeded to decompile it in ILSpy and threw the nice C# code into visual basic. I immediately noticed a branch statement.
if ((num ^ num2) == num3)
{
Console.WriteLine("yay");
}
else
{
Console.WriteLine("Incorrect, try again!");
}
Just based on the console output, we can safely assume we want to meet the conditions (num ^ num2) == num3 to get to "yay." The ^ operator means XOR (exclusive or) and essentially returns the difference in bit values between the numbers. By looking at the code we can see that num = our input converted to base 64. Because num is used later in the program to compute the actual key we need the actual correct value. Because I'm not particularly found of hard math or needless calculations by hand, I changed num = num2^num3. This sets num to the correct value. I then saved the program, ran it, and was presented with:
yay
flag{I'll create a GUI interface using visual basic...see if I can track an IP address.}
Success!!
press key to continue
key: I'll create a GUI interface using visual basic...see if I can track an IP address.
- m4d_D0g
Lulz, the required input is:
ReplyDelete13371337255 -- leet leet max of 8 bit int
The other two numbers are:
65535655351 -- max 16 bit int max 16 bit int '1'
Any clues on 53129566096?