BinaryNewbie on 1:17 AM 07/25/2019: Hey @dosisod, does this crackme need a sat solver? Or does it have a solution? I tried and i figured out the algorithm, but i stuck after that.
dosisod on 7:05 AM 07/26/2019: @BinaryNewbie what is a sat solver? and yes, there is a solution, but it is going to take some tinkering as the seed isnt just "hidden away" in the code somewhere
BinaryNewbie on 5:54 PM 07/26/2019: @dosisod, so for a sat solver: https://en.wikipedia.org/wiki/Boolean_satisfiability_problem
Yeah, i noticed that a simple bruteforce doesn't worked, but i will analyse the algorithm again, thnks.
gnitargetnisid on 3:34 PM 07/28/2019: I've found the seed by some educated guessing and brute force. But I'm wondering if there's an algorithm or a formula which will output the seed, I couldn't come up with anything given the dependency on the original seed and the mixing of logical and arithmetic operators. Maybe I'm missing something.
dosisod on 6:40 PM 07/30/2019: @gnitargetnisid, no algorithm/keygen is required, any method that produces a valid seed is alright. If you have a solution/seed id love to see how you got it!
skudo on 5:26 PM 08/03/2019: That was fun to solve! I reverse-engineered the algorithm, implemented it in a c++ code and ran with all integers in the int32 range. Here is the code if someone is interested. You just have to run it about 10min then it should be finished...
https://github.com/skudoxy/ChainbreakerSolver
BinaryNewbie on 8:45 PM 08/03/2019: @dosisod, my code was doing the wrong stuff akkaka, i've noticed after some trial-error, that was a curious pattern in huge numbers kakak and i tried with positive integers, with my crap corrected, and nothing, so i decided to run against negative integers and voilá. One more question, why did you ignore the 0 seed?
dosisod on 4:25 AM 08/10/2019: late response, but i saw your git repo. that seed was also the only valid seed i could find. tommorrow ill log into my github and star it, it was fun to make, hopefully it was as fun to solve as well!
dosisod on 4:49 AM 08/18/2019: @BinaryNewbie I made the program quit if 0 was reached at any point since 0 causes any XOR, multiplication etc. to return 0, killing the fun in cracking it IMO
BinaryNewbie on 3:43 PM 08/18/2019: thanks for answering ahhah, i thought that was an easter egg or something like that.
janbbeck on 5:34 PM 01/15/2020: Thanks for this crackme. I put up my solution here:
https://www.janbeck.com/cybersecurity-challenges-ctfs-and-more/angr-hooking-derecompiling-chainbreaker
I could not get angr to solve this, but I am curious how close the decompiler got to the original source code. Could you post it?