API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 18th, 2015
205
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.33 KB | None | 0 0
raw download clone embed print report
  1. /* This file has been generated by the Hex-Rays decompiler.
  2. Copyright (c) 2007-2014 Hex-Rays <info@hex-rays.com>
  3.  
  4. Detected compiler: GNU C++
  5. */
  6.  
  7. #include <defs.h>
  8.  
  9.  
  10. //-------------------------------------------------------------------------
  11. // Function declarations
  12.  
  13. __int64 init_proc();
  14. // int puts(const char *s);
  15. // int printf(const char *format, ...);
  16. // void *calloc(size_t nmemb, size_t size);
  17. // int __fastcall __isoc99_scanf(_QWORD, _QWORD); weak
  18. // void __noreturn exit(int status);
  19. int sub_40058C();
  20. void sub_4005B0();
  21. void sub_400620();
  22. __int64 __fastcall sub_400706(unsigned int a1, __int64 a2, __int64 a3);
  23. __int64 __fastcall sub_4007CB(__int64 a1, int a2);
  24. __int64 __fastcall sub_400CBB(__int64 a1, int a2);
  25. void __noreturn sub_400E23();
  26. __int64 sub_401190();
  27. void term_proc();
  28. // int _gmon_start__(void); weak
  29.  
  30. //-------------------------------------------------------------------------
  31. // Data declarations
  32.  
  33. __int64 qword_601E28 = -1LL; // weak
  34. __int64 qword_601E38[] = { -1LL }; // weak
  35. char byte_602040; // weak
  36. __int64 qword_602048; // weak
  37. int dword_602050[]; // weak
  38. int dword_602054; // weak
  39. int dword_602058; // weak
  40. int dword_60205C; // weak
  41. int dword_602060; // weak
  42.  
  43.  
  44. //----- (00000000004004D0) ----------------------------------------------------
  45. __int64 init_proc()
  46. {
  47. sub_40058C();
  48. sub_400620();
  49. return sub_401190();
  50. }
  51.  
  52. //----- (0000000000400560) ----------------------------------------------------
  53. #error "400566: positive sp value has been found (funcsize=3)"
  54.  
  55. //----- (000000000040058C) ----------------------------------------------------
  56. int sub_40058C()
  57. {
  58. int (**v0)(void); // rax@1
  59.  
  60. v0 = &_gmon_start__;
  61. if ( &_gmon_start__ )
  62. LODWORD(v0) = _gmon_start__();
  63. return (signed int)v0;
  64. }
  65. // 602080: using guessed type int _gmon_start__(void);
  66.  
  67. //----- (00000000004005B0) ----------------------------------------------------
  68. void sub_4005B0()
  69. {
  70. __int64 v0; // rax@2
  71. signed __int64 i; // rbx@2
  72.  
  73. if ( !byte_602040 )
  74. {
  75. v0 = qword_602048;
  76. for ( i = ((6299200 - (signed __int64)qword_601E38) >> 3) - 1; qword_602048 < (unsigned __int64)i; v0 = qword_602048 )
  77. {
  78. qword_602048 = v0 + 1;
  79. ((void (*)(void))qword_601E38[v0 + 1])();
  80. }
  81. byte_602040 = 1;
  82. }
  83. }
  84. // 601E38: using guessed type __int64 qword_601E38[];
  85. // 602040: using guessed type char byte_602040;
  86. // 602048: using guessed type __int64 qword_602048;
  87.  
  88. //----- (0000000000400620) ----------------------------------------------------
  89. void sub_400620()
  90. {
  91. ;
  92. }
  93.  
  94. //----- (0000000000400706) ----------------------------------------------------
  95. __int64 __fastcall sub_400706(unsigned int a1, __int64 a2, __int64 a3)
  96. {
  97. __int64 result; // rax@4
  98. unsigned int i; // [sp+24h] [bp-14h]@1
  99. unsigned int v5; // [sp+28h] [bp-10h]@1
  100. unsigned int v6; // [sp+2Ch] [bp-Ch]@1
  101. unsigned int v7; // [sp+30h] [bp-8h]@1
  102.  
  103. v5 = *(_DWORD *)a2;
  104. v6 = *(_DWORD *)(a2 + 4);
  105. v7 = -1640531527 * a1;
  106. for ( i = 0; i < a1; ++i )
  107. {
  108. v6 -= (v5 + (16 * v5 ^ (v5 >> 5))) ^ (v7 + *(_DWORD *)(a3 + 4LL * ((v7 >> 11) & 3)));
  109. v7 += 1640531527;
  110. v5 -= (v6 + (16 * v6 ^ (v6 >> 5))) ^ (v7 + *(_DWORD *)(a3 + 4LL * (v7 & 3)));
  111. }
  112. *(_DWORD *)a2 = v5;
  113. result = v6;
  114. *(_DWORD *)(a2 + 4) = v6;
  115. return result;
  116. }
  117.  
  118. //----- (00000000004007CB) ----------------------------------------------------
  119. __int64 __fastcall sub_4007CB(__int64 a1, int a2)
  120. {
  121. __int64 result; // rax@4
  122. void *v3; // [sp+18h] [bp-78h]@1
  123. int i; // [sp+20h] [bp-70h]@1
  124. int j; // [sp+24h] [bp-6Ch]@2
  125. int v6; // [sp+28h] [bp-68h]@13
  126. int k; // [sp+2Ch] [bp-64h]@13
  127. int v8; // [sp+30h] [bp-60h]@20
  128. int l; // [sp+34h] [bp-5Ch]@20
  129. int m; // [sp+38h] [bp-58h]@23
  130. int v11; // [sp+3Ch] [bp-54h]@24
  131. int n; // [sp+40h] [bp-50h]@24
  132. int ii; // [sp+44h] [bp-4Ch]@31
  133. int v14; // [sp+48h] [bp-48h]@32
  134. int jj; // [sp+4Ch] [bp-44h]@32
  135. int kk; // [sp+50h] [bp-40h]@39
  136. int v17; // [sp+54h] [bp-3Ch]@40
  137. int ll; // [sp+58h] [bp-38h]@40
  138. int mm; // [sp+5Ch] [bp-34h]@47
  139. int v20; // [sp+60h] [bp-30h]@48
  140. int nn; // [sp+64h] [bp-2Ch]@48
  141. int i1; // [sp+68h] [bp-28h]@55
  142. int v23; // [sp+6Ch] [bp-24h]@56
  143. int i2; // [sp+70h] [bp-20h]@56
  144. int v25; // [sp+74h] [bp-1Ch]@3
  145.  
  146. v3 = calloc(3 * a2 * a2 + -3 * a2 + 1, 4uLL);
  147. for ( i = 0; 2 * a2 - 1 > i; ++i )
  148. {
  149. for ( j = 0; a2 + i > j; ++j )
  150. {
  151. v25 = *(_DWORD *)(4LL * j + *(_QWORD *)(a1 + 8LL * i));
  152. if ( 3 * a2 * a2 + -3 * a2 + 1 < v25 )
  153. return 0LL;
  154. if ( v25 < 0 )
  155. return 0LL;
  156. if ( v25 > 0 )
  157. ++*((_DWORD *)v3 + v25 - 1LL);
  158. }
  159. }
  160. v6 = 0;
  161. for ( k = 0; 3 * a2 * a2 + -3 * a2 + 1 > k; ++k )
  162. {
  163. v6 += *((_DWORD *)v3 + k);
  164. if ( *((_DWORD *)v3 + k) > 1 )
  165. return 0LL;
  166. }
  167. if ( 3 * a2 * a2 + -3 * a2 + 1 == v6 )
  168. {
  169. v8 = 0;
  170. for ( l = 0; l < a2; ++l )
  171. v8 += *(_DWORD *)(4LL * l + *(_QWORD *)a1);
  172. for ( m = 0; 2 * a2 - 1 > m; ++m )
  173. {
  174. v11 = 0;
  175. for ( n = 0; a2 + m > n; ++n )
  176. v11 += *(_DWORD *)(4LL * n + *(_QWORD *)(a1 + 8LL * m));
  177. if ( v11 != v8 )
  178. return 0LL;
  179. }
  180. for ( ii = 0; ii < a2; ++ii )
  181. {
  182. v14 = 0;
  183. for ( jj = 0; a2 + ii > jj; ++jj )
  184. v14 += *(_DWORD *)(4LL * ii + *(_QWORD *)(a1 + 8LL * jj));
  185. if ( v14 != v8 )
  186. return 0LL;
  187. }
  188. for ( kk = a2; 2 * a2 - 1 > kk; ++kk )
  189. {
  190. v17 = 0;
  191. for ( ll = 0; ll < 2 * a2 - 1 + ~(kk - a2); ++ll )
  192. v17 += *(_DWORD *)(4LL * kk + *(_QWORD *)(a1 + 8LL * (ll + kk - a2 + 1)));
  193. if ( v17 != v8 )
  194. return 0LL;
  195. }
  196. for ( mm = 0; mm < a2; ++mm )
  197. {
  198. v20 = 0;
  199. for ( nn = 0; 2 * a2 - 1 - mm > nn; ++nn )
  200. v20 += *(_DWORD *)(4LL * nn + *(_QWORD *)(a1 + 8LL * (mm + nn)));
  201. if ( v20 != v8 )
  202. return 0LL;
  203. }
  204. for ( i1 = 1; i1 < a2; ++i1 )
  205. {
  206. v23 = 0;
  207. for ( i2 = 0; 2 * a2 - 1 - i1 > i2; ++i2 )
  208. v23 += *(_DWORD *)(4LL * (i1 + i2) + *(_QWORD *)(a1 + 8LL * i2));
  209. if ( v23 != v8 )
  210. return 0LL;
  211. }
  212. if ( **(_DWORD **)a1 + **(_DWORD **)(a1 + 8) == 20 )
  213. result = **(_DWORD **)a1 == 9;
  214. else
  215. result = 0LL;
  216. }
  217. else
  218. {
  219. result = 0LL;
  220. }
  221. return result;
  222. }
  223.  
  224. //----- (0000000000400CBB) ----------------------------------------------------
  225. __int64 __fastcall sub_400CBB(__int64 a1, int a2)
  226. {
  227. int v2; // ST28_4@3
  228. int v3; // ST2C_4@7
  229. int v4; // ST2C_4@7
  230. int v5; // ST2C_4@7
  231. __int64 result; // rax@7
  232. int i; // [sp+18h] [bp-1Ch]@1
  233. signed int v8; // [sp+1Ch] [bp-18h]@2
  234. int j; // [sp+20h] [bp-14h]@2
  235.  
  236. for ( i = 0; 2 * a2 - 1 > i; ++i )
  237. {
  238. v8 = 0;
  239. for ( j = 0; a2 + i > j; ++j )
  240. {
  241. v2 = *(_DWORD *)(4LL * j + *(_QWORD *)(a1 + 8LL * i));
  242. dword_602050[v8 / 8] |= ((v2 * j * i ^ v2) & 0xFF) << (char)v8 % 8;
  243. v8 += 8;
  244. }
  245. }
  246. v3 = dword_602050[0];
  247. dword_602050[0] ^= dword_602060;
  248. dword_602060 ^= v3;
  249. v4 = dword_602054;
  250. dword_602054 ^= dword_602060;
  251. dword_602060 ^= v4;
  252. v5 = dword_602058;
  253. dword_602058 ^= dword_602060;
  254. dword_602058 ^= v5;
  255. result = dword_60205C ^ (unsigned int)dword_602060;
  256. dword_60205C ^= dword_602060;
  257. return result;
  258. }
  259. // 602050: using guessed type int dword_602050[];
  260. // 602054: using guessed type int dword_602054;
  261. // 602058: using guessed type int dword_602058;
  262. // 60205C: using guessed type int dword_60205C;
  263. // 602060: using guessed type int dword_602060;
  264.  
  265. //----- (0000000000400E23) ----------------------------------------------------
  266. void __noreturn sub_400E23()
  267. {
  268. __int64 v0; // rbx@6
  269. int v1; // [sp+0h] [bp-70h]@23
  270. int v2; // [sp+4h] [bp-6Ch]@23
  271. int v3; // [sp+8h] [bp-68h]@23
  272. int v4; // [sp+Ch] [bp-64h]@23
  273. int v5; // [sp+10h] [bp-60h]@23
  274. int v6; // [sp+14h] [bp-5Ch]@23
  275. int v7; // [sp+18h] [bp-58h]@23
  276. int v8; // [sp+1Ch] [bp-54h]@23
  277. int v9; // [sp+20h] [bp-50h]@23
  278. int v10; // [sp+24h] [bp-4Ch]@23
  279. __int64 v11; // [sp+30h] [bp-40h]@5
  280. int v12; // [sp+38h] [bp-38h]@1
  281. int i; // [sp+3Ch] [bp-34h]@5
  282. int j; // [sp+40h] [bp-30h]@8
  283. int k; // [sp+44h] [bp-2Ch]@9
  284. int l; // [sp+48h] [bp-28h]@14
  285. int m; // [sp+4Ch] [bp-24h]@15
  286. int n; // [sp+50h] [bp-20h]@23
  287. int v19; // [sp+54h] [bp-1Ch]@8
  288. int v20; // [sp+58h] [bp-18h]@15
  289. int v21; // [sp+5Ch] [bp-14h]@15
  290.  
  291. puts("What order?");
  292. __isoc99_scanf(4198892LL, &v12);
  293. if ( v12 <= 1 || v12 > 10 )
  294. {
  295. puts("Sorry, that's not a good order.");
  296. exit(0);
  297. }
  298. v11 = (__int64)calloc(2 * v12 - 1, 8uLL);
  299. for ( i = 0; 2 * v12 - 1 > i; ++i )
  300. {
  301. v0 = v11 + 8LL * i;
  302. *(_QWORD *)v0 = calloc(i + v12, 4uLL);
  303. }
  304. v19 = 3 * v12 * v12 + -3 * v12 + 1;
  305. puts("Input numbers.");
  306. for ( j = 0; j < v12; ++j )
  307. {
  308. for ( k = 0; j + v12 > k; ++k )
  309. __isoc99_scanf(4198892LL, *(_QWORD *)(v11 + 8LL * j) + 4LL * k);
  310. }
  311. for ( l = v12; 2 * v12 - 1 > l; ++l )
  312. {
  313. v20 = 2 * v12 - 1 + ~(l - v12);
  314. v21 = l - v12 + 1;
  315. for ( m = 0; m < v20; ++m )
  316. __isoc99_scanf(4198892LL, *(_QWORD *)(v11 + 8LL * l) + 4LL * (m + v21));
  317. }
  318. puts("Got input! Verifying...");
  319. if ( !(unsigned int)sub_4007CB(v11, v12) )
  320. {
  321. puts("Sorry, incorrect!");
  322. exit(0);
  323. }
  324. v1 = -1089151902;
  325. v2 = 34416792;
  326. v3 = -110388501;
  327. v4 = -1513521000;
  328. v5 = 1721500667;
  329. v6 = 1493041700;
  330. v7 = -219333338;
  331. v8 = 1148696600;
  332. v9 = 1201108895;
  333. v10 = -392044752;
  334. puts("Success!");
  335. sub_400CBB(v11, v12);
  336. for ( n = 0; n <= 4; ++n )
  337. sub_400706(0x20u, (__int64)(&v1 + 2 * n), 6299728LL);
  338. printf("Your flag is: %s\n", &v1, *(_QWORD *)&v1, *(_QWORD *)&v3, *(_QWORD *)&v5, *(_QWORD *)&v7, *(_QWORD *)&v9);
  339. exit(0);
  340. }
  341. // 400540: using guessed type int __fastcall __isoc99_scanf(_QWORD, _QWORD);
  342.  
  343. //----- (0000000000401190) ----------------------------------------------------
  344. __int64 sub_401190()
  345. {
  346. __int64 result; // rax@1
  347. signed __int64 v1; // rbx@2
  348.  
  349. result = qword_601E28;
  350. if ( qword_601E28 != -1 )
  351. {
  352. v1 = 6299176LL;
  353. do
  354. {
  355. v1 -= 8LL;
  356. ((void (*)(void))result)();
  357. result = *(_QWORD *)v1;
  358. }
  359. while ( *(_QWORD *)v1 != -1LL );
  360. }
  361. return result;
  362. }
  363. // 601E28: using guessed type __int64 qword_601E28;
  364.  
  365. //----- (00000000004011C8) ----------------------------------------------------
  366. void term_proc()
  367. {
  368. sub_4005B0();
  369. }
  370.  
  371. #error "There were 1 decompilation failure(s) on 11 function(s)"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!