Profile

Comment	Link
FLAG: uname:bobsicle&pass:680-sboata-740 Simple Python Keygen: uname = input(f'What is your username?') print(f'your key is '+str(len(uname)85)+'-'+uname[1:4][::-1]+'ata-'+str(len(uname)80+100))	==>
FLAG:"73313" (cdkey is 5968496) int32_t INT_73255 = 0x11e67 int32_t INT_5968496 = 0x5b1270 printf(format: "Type cd-key: ") int32_t userInput scanf(format: "%d", &userInput) if (INT_5968496 == userInput) printf(format: "%d\n", INT_73255 ^ 6 (73313)	==>
FLAG:"flag{3sc0d1d0_3h_M41s_G0st0S0}" in a "secret" function. on 004011d4 printf(format: "flag{%d%c%c%dn%c%d%c%d_%dh_M%d%d…", 3, 0x73, 0x63, 0, 0x64, 1, 0x64, 0, 3, 4, 1, 0, 0x73, 0, 0)	==>
FLAG:"easycrack" __builtin_strcpy(dest: &hardcodedpass, src: "easycrack")	==>
FLAG:"3" 004011c9 if (divs.dp.d(sx.q(int_14 + int_100 * 3), int_100) != userInput) so ((100*3)+14)=314\100=3.14 but it compares it as an int. so no decimals. resulting in 3. then compares that to the user input.	==>
FLAG:"LiL2281337" 00401034 0040104f if (_strcmp("LiL2281337", &string) != 0) 00401065 _printf(format: "Oyh man! Very bad, password not …") 0040104f else 00401056 _printf(format: "Nice job :-). Password found.\n") 00401056	==>
FLAG:"cracked" 004012f4 00401306 // the total of adding "de"+"k"+"car"+"c" 00401306 for (int32_t i = 0; i	==>
Flag:"bd4c217637bc828982c090b2de41b84d"-an MD5 hash of pass1785 Found on 0040128a which gets xor with 3 on 004013b3	==>
FLAG:"wonderwhatthepasswordishmm" - found after the compiler housekeeping in the actual main function. at 00401e1c	==>
Flag:"13" - as compared with the custom function at 00401457	==>
FLAG: "#fuck~irgc" 004007fa int64_t check_key(char* userInput) 004007fa { // var_20 unused 004007fa int32_t var_20 = 0; 0040080e int32_t tmp = 0; 0040080e 00400825 // has between 8 and 10 chars, including 00400825 if (strlen(userInput) 7 && strlen(userInput) 0x3e7) 004008bd return 1; 004008bd 004008a3 printf("Nope 999: break print(f'Congrads, use password {tmppass}')	==>
FLAG:"pass" - found on 00402005 in ordata	==>
FLAG:"Dad" - in a compare at 00418c67	==>
FLAG:"Nick"&"4ACE00F" - UserName&Password combo at 00419502&00419516	==>
FLAG:"buhnahna" found at 100003ef4 as a hardcoded string.	==>
FLAG:"12345" - from char temp0_1 = (uint8_t)(rax_2 + 0x140003423);, the password is found at 140003423 as a char array	==>
FLAG:"ErhwHwrhrwWhrwwHwhr" -note that the code never exits the while true loop. so no "Valid Password" output, but just an endless re-prompt user for password.	==>
FLAG:"263132" - int array turning into a char array(string), then argC(2) at the end.	==>
FLAG:"do_not_hardcode" - a... hardcoded :') password that compares itself with the user input	==>
there is no FLAG, at least not one executed or intereacted with in the code. its just a simple russian Caesar's cipher tool	==>
FLAG:"3812" - from if (userInputVariable == 0xee4)	==>
FLAG:"imgay"	==>
FLAG:sifreyok under namespace olartikForm1Login_Clickb	==>
Flag:"ValidPassword" from the base64 "VmFsaWRQYXNzd29yZA==" at 140001717	==>
secret123 - the first string at 0xa on _.rdata with Binary Ninja	==>

FLAG: uname:bobsicle&pass:680-sboata-740 Simple Python Keygen: uname = input(f'What is your username?') print(f'your key is '+str(len(uname)*85)+'-'+uname[1:4][::-1]+'ata-'+str(len(uname)*80+100))

==>

FLAG:"73313" (cdkey is 5968496) int32_t INT_73255 = 0x11e67 int32_t INT_5968496 = 0x5b1270 printf(format: "Type cd-key: ") int32_t userInput scanf(format: "%d", &userInput) if (INT_5968496 == userInput) printf(format: "%d\n", INT_73255 ^ 6 (73313)

==>

FLAG:"flag{3sc0d1d0_3h_M41s_G0st0S0}" in a "secret" function. on 004011d4 printf(format: "flag{%d%c%c%dn%c%d%c%d_%dh_M%d%d…", 3, 0x73, 0x63, 0, 0x64, 1, 0x64, 0, 3, 4, 1, 0, 0x73, 0, 0)

==>

FLAG:"easycrack" __builtin_strcpy(dest: &hardcodedpass, src: "easycrack")

==>

FLAG:"3" 004011c9 if (divs.dp.d(sx.q(int_14 + int_100 * 3), int_100) != userInput) so ((100*3)+14)=314\100=3.14 but it compares it as an int. so no decimals. resulting in 3. then compares that to the user input.

==>

FLAG:"LiL2281337" 00401034 0040104f if (_strcmp("LiL2281337", &string) != 0) 00401065 _printf(format: "Oyh man! Very bad, password not …") 0040104f else 00401056 _printf(format: "Nice job :-). Password found.\n") 00401056

==>

FLAG:"cracked" 004012f4 00401306 // the total of adding "de"+"k"+"car"+"c" 00401306 for (int32_t i = 0; i

==>

Flag:"bd4c217637bc828982c090b2de41b84d"-an MD5 hash of pass1785 Found on 0040128a which gets xor with 3 on 004013b3

==>

FLAG:"wonderwhatthepasswordishmm" - found after the compiler housekeeping in the actual main function. at 00401e1c

==>

Flag:"13" - as compared with the custom function at 00401457

==>

FLAG: "#fuck~irgc" 004007fa int64_t check_key(char* userInput) 004007fa { // var_20 unused 004007fa int32_t var_20 = 0; 0040080e int32_t tmp = 0; 0040080e 00400825 // has between 8 and 10 chars, including 00400825 if (strlen(userInput) 7 && strlen(userInput) 0x3e7) 004008bd return 1; 004008bd 004008a3 printf("Nope 999: break print(f'Congrads, use password {tmppass}')

==>

FLAG:"pass" - found on 00402005 in ordata

==>

FLAG:"Dad" - in a compare at 00418c67

==>

FLAG:"Nick"&"4ACE00F" - UserName&Password combo at 00419502&00419516

==>

FLAG:"buhnahna" found at 100003ef4 as a hardcoded string.

==>

FLAG:"12345" - from char temp0_1 = *(uint8_t*)(rax_2 + 0x140003423);, the password is found at 140003423 as a char array

==>

FLAG:"ErhwHwrhrwWhrwwHwhr" -note that the code never exits the while true loop. so no "Valid Password" output, but just an endless re-prompt user for password.

==>

FLAG:"263132" - int array turning into a char array(string), then argC(2) at the end.

==>

FLAG:"do_not_hardcode" - a... hardcoded :') password that compares itself with the user input

==>

there is no FLAG, at least not one executed or intereacted with in the code. its just a simple russian Caesar's cipher tool

==>

FLAG:"3812" - from if (userInputVariable == 0xee4)

==>

FLAG:"imgay"

==>

FLAG:sifreyok under namespace olartikForm1Login_Clickb