BinaryNewbie on 2019-07-25 01:17:
Hey @dosisod, does this crackme need a sat solver? Or does it have a solution? I tried and i figured out the algorithm, but i stuck after that.
dosisod on 2019-07-26 07:05:
@BinaryNewbie what is a sat solver? and yes, there is a solution, but it is going to take some tinkering as the seed isnt just "hidden away" in the code somewhere
BinaryNewbie on 2019-07-26 17:54:
@dosisod, so for a sat solver: https://en.wikipedia.org/wiki/Boolean_satisfiability_problem
Yeah, i noticed that a simple bruteforce doesn't worked, but i will analyse the algorithm again, thnks.
gnitargetnisid on 2019-07-28 15:34:
I've found the seed by some educated guessing and brute force. But I'm wondering if there's an algorithm or a formula which will output the seed, I couldn't come up with anything given the dependency on the original seed and the mixing of logical and arithmetic operators. Maybe I'm missing something.
dosisod on 2019-07-30 18:40:
@gnitargetnisid, no algorithm/keygen is required, any method that produces a valid seed is alright. If you have a solution/seed id love to see how you got it!
skudo on 2019-08-03 17:26:
That was fun to solve! I reverse-engineered the algorithm, implemented it in a c++ code and ran with all integers in the int32 range. Here is the code if someone is interested. You just have to run it about 10min then it should be finished...
https://github.com/skudoxy/ChainbreakerSolver
BinaryNewbie on 2019-08-03 20:45:
@dosisod, my code was doing the wrong stuff akkaka, i've noticed after some trial-error, that was a curious pattern in huge numbers kakak and i tried with positive integers, with my crap corrected, and nothing, so i decided to run against negative integers and voilá. One more question, why did you ignore the 0 seed?
dosisod on 2019-08-10 04:25:
late response, but i saw your git repo. that seed was also the only valid seed i could find. tommorrow ill log into my github and star it, it was fun to make, hopefully it was as fun to solve as well!
dosisod on 2019-08-18 04:49:
@BinaryNewbie I made the program quit if 0 was reached at any point since 0 causes any XOR, multiplication etc. to return 0, killing the fun in cracking it IMO
BinaryNewbie on 2019-08-18 15:43:
thanks for answering ahhah, i thought that was an easter egg or something like that.
janbbeck on 2020-01-15 17:34:
Thanks for this crackme. I put up my solution here:
https://www.janbeck.com/cybersecurity-challenges-ctfs-and-more/angr-hooking-derecompiling-chainbreaker
I could not get angr to solve this, but I am curious how close the decompiler got to the original source code. Could you post it?
You must be logged in to submit a writeup
Solution by BinaryNewbie on 2019-08-03 21:55: My solution contains a write-up, the correct seed, the reconstruction of the algorithm in C++ and the brute force algorithm in C.