Bono-iPad/unbreakable.py Secret

## unbreakable.py
import angr, simuvex, claripy
import logging

logging.basicConfig()
angr.path_group.l.setLevel('DEBUG')

p = angr.Project("./unbreakable-enterprise-product-activation2")
initial_state = p.factory.blank_state(addr=0x4005bd)
flag = claripy.BVS('flag', 8*0x43)
initial_state.memory.store(0x6042c0,flag)

pg = p.factory.path_group(initial_state, immutable=False)
pg.explore(find=0x400830)
s = pg.found[0].state

for a in range(0,10):
  s.add_constraints(s.memory.load(0x6042c0 + a, 1) < 0x80)
  s.add_constraints(s.memory.load(0x6042c0 + a, 1) >= 0x20)
print "%r" % s.se.any_str(pg.found[0].state.memory.load(0x6042c0, 0x43))
	import angr, simuvex, claripy
	import logging

	logging.basicConfig()
	angr.path_group.l.setLevel('DEBUG')

	p = angr.Project("./unbreakable-enterprise-product-activation2")
	initial_state = p.factory.blank_state(addr=0x4005bd)
	flag = claripy.BVS('flag', 8*0x43)
	initial_state.memory.store(0x6042c0,flag)

	pg = p.factory.path_group(initial_state, immutable=False)
	pg.explore(find=0x400830)
	s = pg.found[0].state

	for a in range(0,10):
	s.add_constraints(s.memory.load(0x6042c0 + a, 1) < 0x80)
	s.add_constraints(s.memory.load(0x6042c0 + a, 1) >= 0x20)
	print "%r" % s.se.any_str(pg.found[0].state.memory.load(0x6042c0, 0x43))