GCHQ CanYouCrackIt Stage 3 - C representation of keygen

1. ; Dr Gareth Owen, University of Greenwich, England.
2. ; Explanation: http://gchqchallenge.blogspot.com
3.  
4. // licence file to contain
5. // gchqcyberwinAAAABBBBCCCC
6. int main(int argc, char **argv) {
7.     char buf[0x18];
8.     long *longPtr = NULL;
9.    
10.     if(argc != 1)
11.     {
12.         // display usage and exit
13.     }
14.    
15.     memset(buf, 0, 0x18); // clear buffer
16.    
17.     FILE *in = fopen("license.txt", "r");
18.     fscanf(in, "%s", buf);  // buffer overflow vulnerability - tut tut!
19.     fclose(in);
20.    
21.     &longPtr = &buf;
22.     if(*longPtr != 0x71686367) // first 4 bytes = 'gchq'?
23.     {
24.         // error & exit
25.     }
26.  
27.     if(strcmp(crypt(buf[4], "hq"), "hqDTK7b8K2rvw")) { //hash next 8 bytes and compare with our hash
28.         // invalid code - exit
29.     }
30.  
31.    
32.     // everything has checked out - construct URL
33.     // of format /hqDTK7b8K2rvw/XX/XX/XX/key.txt
34.     // where XX, XX, XX are taken from next 3x four bytes of licence and produced as HEX
35.     // connect to hostname supplied on command line
36.    
37. }
38.  
39.