| FLAG: "#fuck~irgc"
004007fa int64_t check_key(char* userInput)
004007fa { // var_20 unused
004007fa int32_t var_20 = 0;
0040080e int32_t tmp = 0;
0040080e
00400825 // has between 8 and 10 chars, including
00400825 if (strlen(userInput) 7 && strlen(userInput) 0x3e7)
004008bd return 1;
004008bd
004008a3 printf("Nope 999:
break
print(f'Congrads, use password {tmppass}') |
==> |
| FLAG:"pass" - found on 00402005 in ordata |
==> |
| FLAG:"Dad" - in a compare at 00418c67 |
==> |
| FLAG:"Nick"&"4ACE00F" - UserName&Password combo at 00419502&00419516 |
==> |
| FLAG:"buhnahna" found at 100003ef4 as a hardcoded string. |
==> |
| FLAG:"12345" - from char temp0_1 = *(uint8_t*)(rax_2 + 0x140003423);, the password is found at 140003423 as a char array |
==> |
| FLAG:"ErhwHwrhrwWhrwwHwhr" -note that the code never exits the while true loop. so no "Valid Password" output, but just an endless re-prompt user for password. |
==> |
| FLAG:"263132" - int array turning into a char array(string), then argC(2) at the end.
|
==> |
| FLAG:"do_not_hardcode" - a... hardcoded :') password that compares itself with the user input |
==> |
| there is no FLAG, at least not one executed or intereacted with in the code. its just a simple russian Caesar's cipher tool |
==> |
| FLAG:"3812" - from if (userInputVariable == 0xee4) |
==> |
| FLAG:"imgay" |
==> |
| FLAG:sifreyok
under namespace olartikForm1Login_Clickb |
==> |
| Flag:"ValidPassword" from the base64 "VmFsaWRQYXNzd29yZA==" at 140001717 |
==> |
| secret123 - the first string at 0xa on _.rdata with Binary Ninja |
==> |