hacklab/2/bonus1/BRIEFING.txt



[1mTUBS                       README                        ISS[0m


[1m1.  Introduction[0m

This challenge consists of an obfuscated program, which out-
puts 512 bytes, most of which  are  generated  randomly.  32
bytes, however, are not generated by an prng. Those 32 bytes
representated as hex values make up the secret, necessary to
acquire the flag.

The  goal of this challenge is to find the randomness intro-
ducing instructions and patch them such, that the prng  out-
put is constant 0. An example output may look like this:

1b   c3   fa   7a   3a   d0   97   6c
a2   b4   29   fb   dc   d1   d1   39
c0   58   e2   1b   9a   f8   3f   dc
31   b4   1d   0d   19   d0   ac   2e
36   4a   4c   51   40   5a   33   8c
.    .    .    .    .    .    .    .
.    .    .    .    .    .    .    .
.    .    .    .    .    .    .    .
86   f9   61   95   fa   9e   94   c4
41   7e   0a   8c   e3   db   f9   3e
7a   1d   28   95   22   31   f2   0e
3b   54   c0   b2   b0   1a   52   77
e6   1f   84   f2   25   99   d5   25

After  successfully  disabling the random number source, the
output may look like this:

00   00   af   00   00   00   00   00
00   00   00   00   56   00   00   00
ff   00   00   00   00   00   00   00
00   00   00   00   01   00   00   00
00   00   00   00   00   00   00   3e
.    .    .    .    .    .    .    .
.    .    .    .    .    .    .    .
.    .    .    .    .    .    .    .
00   aa   00   00   00   00   00   00
00   00   67   00   00   00   00   00
80   00   00   00   00   00   00   00
00   00   00   00   00   10   00   00
00   00   00   00   00   00   c9   00

In that case the flag can be acquired by running the command
"get_token af56ff013e...aa678010c9" on the VM.


[1mTUBS                                                       1[0m