21 lines
1018 B
Markdown
21 lines
1018 B
Markdown
|
## Difficulty
|
||
|
|
easy - 200/500 punten
|
||
|
|
(met een tool als ghidra is dit echt geen werk)
|
||
|
|
|
||
|
|
## How To Solve
|
||
|
|
When you decompile the file with something like ghidra (or gdb if you are feeling naughty), you can see that the main
|
||
|
|
function passes another function called *app_start* to some GTK functions.
|
||
|
|
|
||
|
|
On closer inspection of this *app_start* function you can see it first checks to see if a keystore file is found and if it
|
||
|
|
is it loads that file and tries to check and see if the loaded key is valid with *check_is_key_valid*. If no file was found
|
||
|
|
it shows the popup via *build_license_key_popup*, in which it again uses the *check_is_key_valid* function.
|
||
|
|
|
||
|
|
When looking at *check_is_key_valid* you can clearly see the format of the key has to be SHTP-AAAA-BBBB-CCCC.
|
||
|
|
Where AAAA and BBBB are hex numbers that have to be larger than 256. On top of that AAAA ^ BBBB has to equal CCCC.
|
||
|
|
|
||
|
|
Now you have enough information to generate your own keys. For example:
|
||
|
|
"SHTP-0500-0500-0000"
|
||
|
|
|
||
|
|
## Flag
|
||
|
|
IGCTF{Wh0_n33d5_RSA_wh3N_W3_h4v3_XOR}
|