Numbers and Inputs
Filename: numerix (elf64)
Decompilation gives us this:

Simplifying this in C, something like this comes up:
int main(EVP_PKEY_CTX *param_1)
{
int a;
uint b;
long c;
int d;
init(param_1);
puts("HEY!! I forgot my favorite numbers...");
puts("Can you get them from my diary?");
puts("What\'s my favoritest number?");
c = get_number();
if (c == 0xdeadbeef) {
puts("What\'s my second most favorite number?");
a = get_number();
if (a == 0x539) {
puts("Ok, you\'re pretty smart! What\'s the next one?");
c = get_number();
if (c == 0xc0def001337beef) {
puts("YEAAAAAAAAAH you\'re doing GREAT! One more!");
b = get_number();
if ((b & 0xf0f0f0f0) == 0xd0d0f0c0) {
puts("Awwwwww yeah! You did it!");
print_flag();
d = 0;
}
else {
puts("Darn, so close too...");
d = 1;
}
}
else {
puts("Ugh, ok, listen, you really need to hit the books...");
d = 1;
}
}
else {
puts("What? NO! Try again!!");
d = 1;
}
}
else {
puts("No! No! No! That\'s not right!");
d = 1;
}
return d;
}
Things understood:
Program prompts for 4 inputs through a function "get_number()"
Guess all 4 correctly to reveal flag through print_flag()
BUT WAIT. All the numbers are already on the screen in hex. Fishy.
get_number()'s functionality is unknown
Let's inspect get_number()

So it is taking up a string of max 128 (hex 0x80) characters as input and then using strtol() to convert the input into something. Interesting.
strtol(input,(char **)0x0,10) -> return type long int.
This line means that whatever the input is in string, just extract the number part of it, send the string part to a null pointer (discard it)
For Example: see how strtol works on a string that has an integer and some characters.

So, cool, get_number would just help us input our numbers.
Line 15 compares the input with "0xdeadbeef". Using python to convert this in integer:

Lets try to input this in the program and confirm if we are on the right track or not

Yes! We are on the right track. Similarly converting next 2 inputs we find: 1337, 868613086753832687
Finally, whatever I input would be bitwise AND with 0xf0f0f0f0 and that should be equal to d0d0f0c0
So,
B AND f0f0f0f0 = d0d0f0c0
Mathematically,
B AND f0f0f0f0 AND f0f0f0f0 = d0d0f0c0 AND f0f0f0f0
Therefore,
B AND 1 = d0d0f0c0 AND f0f0f0f0
As per the truth table of AND, 1 AND 1 is 1 and rest all is 0
So, let's say B is 010101010101
B AND 1 = 010101010101 AND 1111111111111 still remains 01010101010101
Thus, B AND 1 is B
So, B is d0d0f0c0 AND f0f0f0f0 in decimal is 3503354048

Inputting these we GET!!!

Last updated
Was this helpful?