1.8 KiB
1.8 KiB
TUBS README ISS
1. Introduction
This challenge consists of an obfuscated program, which out-
puts 512 bytes, most of which are generated randomly. 32
bytes, however, are not generated by an prng. Those 32 bytes
representated as hex values make up the secret, necessary to
acquire the flag.
The goal of this challenge is to find the randomness intro-
ducing instructions and patch them such, that the prng out-
put is constant 0. An example output may look like this:
1b c3 fa 7a 3a d0 97 6c
a2 b4 29 fb dc d1 d1 39
c0 58 e2 1b 9a f8 3f dc
31 b4 1d 0d 19 d0 ac 2e
36 4a 4c 51 40 5a 33 8c
. . . . . . . .
. . . . . . . .
. . . . . . . .
86 f9 61 95 fa 9e 94 c4
41 7e 0a 8c e3 db f9 3e
7a 1d 28 95 22 31 f2 0e
3b 54 c0 b2 b0 1a 52 77
e6 1f 84 f2 25 99 d5 25
After successfully disabling the random number source, the
output may look like this:
00 00 af 00 00 00 00 00
00 00 00 00 56 00 00 00
ff 00 00 00 00 00 00 00
00 00 00 00 01 00 00 00
00 00 00 00 00 00 00 3e
. . . . . . . .
. . . . . . . .
. . . . . . . .
00 aa 00 00 00 00 00 00
00 00 67 00 00 00 00 00
80 00 00 00 00 00 00 00
00 00 00 00 00 10 00 00
00 00 00 00 00 00 c9 00
In that case the flag can be acquired by running the command
"get_token af56ff013e...aa678010c9" on the VM.
TUBS 1