random
{"author": ["ret2basic"]}

Challenge

Daddy, teach me how to use random value in programming!
ssh [email protected] -p2222 (pw:guest)

Source Code

#include <stdio.h>
int main(){
unsigned int random;
random = rand(); // random value!
unsigned int key=0;
scanf("%d", &key);
if( (key ^ random) == 0xdeadbeef ){
printf("Good!\n");
system("/bin/cat flag");
return 0;
}
printf("Wrong, maybe you should try 2^32 cases.\n");
return 0;
}

Solution

Check out the rand(3) man page. It says "if no seed value is provided, the rand() function is automatically seeded with a value of 1". That means a seedless rand() is deterministic. We can run the following code to test our hypothesis:
#include <stdio.h>
int main()
{
int random = rand();
printf("%i", random);
return 0;
}
The result is always 1804289383 no matter how many times we run this program. To find the key, do the math in a Python shell:
>>> 0xdeadbeef ^ 1804289383
3039230856

Get Flag

Get flag

Exploit

Last modified 4mo ago