API tools faq
paste
Guest User

GCHQ CanYouCrackIt Stage 3 - C representation of keygen

a guest
Dec 4th, 2011
92
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 0.82 KB | None | 0 0
raw download clone embed print report
  1. // licence file to contain
  2. // gchqcyberwinAAAABBBBCCCC
  3. int main(int argc, char **argv) {
  4.     char buf[0x18];
  5.     long *longPtr = NULL;
  6.    
  7.     if(argc != 1)
  8.     {
  9.         // display usage and exit
  10.     }
  11.    
  12.     memset(buf, 0, 0x18); // clear buffer
  13.    
  14.     FILE *in = fopen("license.txt", "r");
  15.     fscanf(in, "%s", buf);  // buffer overflow vulnerability - tut tut!
  16.     fclose(in);
  17.    
  18.     &longPtr = &buf;
  19.     if(*longPtr != 0x71686367) // first 4 bytes = 'gchq'?
  20.     {
  21.         // error & exit
  22.     }
  23.  
  24.     if(strcmp(crypt(buf[4], "hq"), "hqDTK7b8K2rvw")) { //hash next 8 bytes and compare with our hash
  25.         // invalid code - exit
  26.     }
  27.  
  28.    
  29.     // everything has checked out - construct URL
  30.     // of format /hqDTK7b8K2rvw/XX/XX/XX/key.txt
  31.     // where XX, XX, XX are taken from next 3x four bytes of licence and produced as HEX
  32.     // connect to hostname supplied on command line
  33.    
  34. }
  35.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!