initial

2025-12-15 13:31:12 +01:00
commit 26e0102f58
10165 changed files with 233472 additions and 0 deletions
--- a/2/lance1/README
+++ b/2/lance1/README
@@ -0,0 +1,48 @@
+Welcome to lance1!
+-----
+We have implemented a rudimentary class system in C, but somehow
+our internal logic is missing. So there is this binary which has
+several functions (and none of them are called anywhere). You have
+to figure out, what the functions are doing and insert function
+calls to execute the actions described below. To patch the binary,
+simply put the address of the function to call and it's arguments
+in the patches.yaml file in the following format:
+
+```
+- - <func-addr>
+  - - <arg 1>
+    - <arg 2>
+    - <arg 3>
+    ...
+```
+
+Arguments can be addresses or numbers. Afterwards, run patch.py
+which will generate a new binary called `patched` with the new
+calls in it.
+
+```
+$ ./patch.py
+$ ./patched
+```
+
+To get the flag, call the right functions with the correct
+arguments in the described order and provide the execution hash
+to `get_token`.
+
+You should "implement" the following actions:
+
+John prints the information about his account. After he
+recognizes that he has not enough money on it, he deposits
+another 25€.
+Felicity transfers some money to Laurel, so that their accounts
+have the exact same balance.
+John, Felicity and Laurel all check (in this order) their
+new balances.
+
+The flag is also the password for lance2.
+
+
+Hints
+-----
+You don't need to reverse the functions updateExecutionHash, printExcHash, argHashToSign, appendArgToSign.
+Just skip calls to them, since they are only needed to check which functions you've called.