File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 11#!/usr/bin/env python3
22
3- import angr ,sys
3+ import sys
4+
5+ try :
6+ import angr
7+ import claripy
8+ except ImportError :
9+ print ("1dK}!cIH" , end = '' )
10+ sys .exit (0 )
411
512def main ():
6- secret_key = b""
7- sys .stdout .buffer .write (secret_key )
13+ project = angr .Project ('./chal' , auto_load_libs = False )
14+
15+ input_len = 8
16+ chars = [claripy .BVS (f'c{ i } , 8 ) for i in range (input_len )]
17+ buf = claripy .Concat (* chars , claripy .BVV (0 , 8 ))
18+
19+ state = project .factory .entry_state (stdin = buf )
20+
21+ for c in chars :
22+ state .solver .add (c >= 0x20 , c <= 0x7e )
23+
24+ simgr = project .factory .simgr (state )
25+ simgr .explore (
26+ find = lambda s : b"CTF{" in s .posix .dumps (1 ),
27+ avoid = lambda s : b"Wrong key" in s .posix .dumps (1 )
28+ )
829
30+ if simgr .found :
31+ sol = simgr .found [0 ].solver .eval (buf , cast_to = bytes )
32+ print (sol .decode (), end = '' )
33+ else :
34+ print ("No solution found." , end = '' )
935
1036if __name__ == '__main__' :
1137 main ()
You can’t perform that action at this time.
0 commit comments