Capture the Flag

Capture the Flag

by invalid

Source codenya adalah sebagai berikut:

// level: medium
//  flag: FLAG{Hum4n_Kn0wl3dg3_b3l0n6s_t0_Th3_w0rld}

const char g[] = {0x8a,0x80,0x8d,0x8b,0xb7,0x84,0xb9,0xa1,0xf8,0xa2,0x93,0x87,0xa2,0xfc,0xbb,0xa0,0xff,0xa8,0xab,0xff,0x93,0xae,0xff,0xa0,0xfc,0xa2,0xfa,0xbf,0x93,0xb8,0xfc,0x93,0x98,0xa4,0xff,0x93,0xbb,0xfc,0xbe,0xa0,0xa8,0xb1};

void setup() {
  Serial.begin(9600);
}

void loop() {
  char f[43];

  while (Serial.available() > 0) {
    int a = Serial.parseInt();
    int b = Serial.parseInt();
    int c = Serial.parseInt();
    int d = Serial.parseInt();
    int e = Serial.parseInt();

    if (Serial.read() == '\n') {
      if ((a == 3) &&
          (b == 1) &&
          (c == 3) &&
          (d == 3) &&
          (e == 7)) {
            for (int i = 0; i < 42; i++) { f[i] = g[i] ^ 0xcc; }
            f[42] = '\x00';
            Serial.println(f);
      } else {
        Serial.println("Wrong flag :(");
      }
    }
  }
}

Solusinya sebenarnya cukup mudah (namun mungkin jarang yang tahu). Cukup menggunakan aplikasi XORSearch buatan mbah Didier Stevens. Caranya seperti ini:

$ xorsearch 02-unintended.bin "FLAG"
Found XOR 20 position 076A: FLAG
Found XOR CC position 0772: FLAG{Hum4n_Kn0wl3dg3_b3l0n6s_t0_Th3_w0rld}.....7.5
Found ADD E7 position 076A: FLAG

Nah, itu dia flagnya: FLAG{Hum4n_Kn0wl3dg3_b3l0n6s_t0_Th3_w0rld}