| pretty fun crackme. My solution with z3 can be found at https://pastebin.com/6VB1ULEt, probably not the fastest method to solve it using z3. |
==> |
| I had the answer right in front of me hahaha. This was a pretty fun crackme, would definitely love to see more like this! |
==> |
| The only numbers I found that would pass the checks are
Num1: 2147483628
Num2: 0
ONLY if you ignore the check of Num1 less or equal to 999999999, so of course these won't work. Another set of numbers I found that would almost pass the checks most of the time is
Num1: 536870892
Num2: -8192
but because Num2 is negative, being an unsigned 32b-bit int, it will be greater than 0x7FFF.
What I've figured out so far is that in this check:
if ( ((num2 + list_random_nums[counter] - gen_number_based_on_time) & 0x7FFF) != 0 )
break;
(list_random_nums[counter] - number_based_on_time) must be the same in all 20 checks, since num2 is static. I tried making a script for this but failed terribly.
So I'm currently stuck on how to solve this, is it even possible in the first place? Any new hint would be appreciated. |
==> |
| The only numbers I found that would pass the checks are
Num1: 2147483628
Num2: 0
ONLY if you ignore the check of Num1 |
==> |