Skip to content

Instantly share code, notes, and snippets.

@JackMc
Created May 23, 2022 22:04
Show Gist options
  • Save JackMc/a8b96a176c17412e0f763f7aae7a5979 to your computer and use it in GitHub Desktop.
Save JackMc/a8b96a176c17412e0f763f7aae7a5979 to your computer and use it in GitHub Desktop.
Bruteforcing script for The Legend of Shiitakoin from the NSec 2022 CTF.
#include <stdio.h>
#include <stdint.h>
#include <stdbool.h>
int main() {
uint32_t input_bytes[4];
uint32_t first_item, second_item, third_item, fourth_item;
bool values_match_rules = false;
for (first_item = 0; first_item < 255; first_item++) {
if ((first_item ^ 0x47) != 0xe4) {
continue;
}
for (second_item = 0; second_item < 255; second_item++) {
if ((second_item ^ 0xbd) != 0xe3) {
continue;
}
uint32_t xored_one_and_two = first_item ^ second_item;
if ((xored_one_and_two & 0xf0) != 0xf0) {
continue;
}
if ((xored_one_and_two & 0xf) != 0xd) {
continue;
}
for (third_item = 0; third_item < 255; third_item++) {
if ((third_item ^ 0x81) != 0xc) {
continue;
}
if ((third_item >> (first_item & 0b11)) != 0x11) {
continue;
}
values_match_rules = true;
break;
}
if (values_match_rules) {
break;
}
}
if (values_match_rules) {
input_bytes[0] = first_item;
input_bytes[1] = second_item;
input_bytes[2] = third_item;
break;
}
}
for (fourth_item = 0; fourth_item < 255; fourth_item++) {
uint32_t bitmasked_fourth_item = fourth_item;
for (uint32_t loop_counter = 0; loop_counter < 3; loop_counter++) {
bitmasked_fourth_item = (bitmasked_fourth_item & 0xe5) | (loop_counter + 0x2c);
}
if (bitmasked_fourth_item == 0x2f && (fourth_item ^ 0xd3) == 0xec) {
break;
}
}
printf("%02x %02x %02x %02x\n", first_item, second_item, third_item, fourth_item);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment