FLAG: uname:bobsicle&pass:680-sboata-740
Simple Python Keygen:
uname = input(f'What is your username?')
print(f'your key is '+str(len(uname)*85)+'-'+uname[1:4][::-1]+'ata-'+str(len(uname)*80+100)) |
==> |
FLAG:"73313" (cdkey is 5968496)
int32_t INT_73255 = 0x11e67
int32_t INT_5968496 = 0x5b1270
printf(format: "Type cd-key: ")
int32_t userInput
scanf(format: "%d", &userInput)
if (INT_5968496 == userInput)
printf(format: "%d\n", INT_73255 ^ 6 (73313)
|
==> |
FLAG:"flag{3sc0d1d0_3h_M41s_G0st0S0}"
in a "secret" function. on 004011d4
printf(format: "flag{%d%c%c%dn%c%d%c%d_%dh_M%d%d…", 3, 0x73, 0x63, 0, 0x64, 1, 0x64, 0, 3, 4, 1, 0, 0x73, 0, 0)
|
==> |
FLAG:"easycrack"
__builtin_strcpy(dest: &hardcodedpass, src: "easycrack") |
==> |
FLAG:"3"
004011c9 if (divs.dp.d(sx.q(int_14 + int_100 * 3), int_100) != userInput)
so ((100*3)+14)=314\100=3.14 but it compares it as an int. so no decimals. resulting in 3. then compares that to the user input. |
==> |
FLAG:"LiL2281337"
00401034
0040104f if (_strcmp("LiL2281337", &string) != 0)
00401065 _printf(format: "Oyh man! Very bad, password not …")
0040104f else
00401056 _printf(format: "Nice job :-). Password found.\n")
00401056
|
==> |
FLAG:"cracked"
004012f4
00401306 // the total of adding "de"+"k"+"car"+"c"
00401306 for (int32_t i = 0; i |
==> |
Flag:"bd4c217637bc828982c090b2de41b84d"-an MD5 hash of pass1785
Found on 0040128a which gets xor with 3 on 004013b3 |
==> |
FLAG:"wonderwhatthepasswordishmm" - found after the compiler housekeeping in the actual main function. at 00401e1c |
==> |
Flag:"13" - as compared with the custom function at 00401457 |
==> |
FLAG: "#fuck~irgc"
004007fa int64_t check_key(char* userInput)
004007fa { // var_20 unused
004007fa int32_t var_20 = 0;
0040080e int32_t tmp = 0;
0040080e
00400825 // has between 8 and 10 chars, including
00400825 if (strlen(userInput) 7 && strlen(userInput) 0x3e7)
004008bd return 1;
004008bd
004008a3 printf("Nope 999:
break
print(f'Congrads, use password {tmppass}') |
==> |
FLAG:"pass" - found on 00402005 in ordata |
==> |
FLAG:"Dad" - in a compare at 00418c67 |
==> |
FLAG:"Nick"&"4ACE00F" - UserName&Password combo at 00419502&00419516 |
==> |
FLAG:"buhnahna" found at 100003ef4 as a hardcoded string. |
==> |
FLAG:"12345" - from char temp0_1 = *(uint8_t*)(rax_2 + 0x140003423);, the password is found at 140003423 as a char array |
==> |
FLAG:"ErhwHwrhrwWhrwwHwhr" -note that the code never exits the while true loop. so no "Valid Password" output, but just an endless re-prompt user for password. |
==> |
FLAG:"263132" - int array turning into a char array(string), then argC(2) at the end.
|
==> |
FLAG:"do_not_hardcode" - a... hardcoded :') password that compares itself with the user input |
==> |
there is no FLAG, at least not one executed or intereacted with in the code. its just a simple russian Caesar's cipher tool |
==> |
FLAG:"3812" - from if (userInputVariable == 0xee4) |
==> |
FLAG:"imgay" |
==> |
FLAG:sifreyok
under namespace olartikForm1Login_Clickb |
==> |
Flag:"ValidPassword" from the base64 "VmFsaWRQYXNzd29yZA==" at 140001717 |
==> |
secret123 - the first string at 0xa on _.rdata with Binary Ninja |
==> |