30
Sep
2012

CSAW 2012 – Reversing 200

Reversing 200 a .NET commandline executable (CSAWQualificationEasy.exe) that printed the following string: “Okay, going to compute the key. Have to remember to write it out at the end! I keep forgetting!”. After that it seems to wait for some input before exitting.. odd..

Let’s decompile this program and have a look what’s going on.

using System;

namespace CSAWQualificationEasy
{
  internal class Program
  {
    private static byte[] encrypted = new byte[43]
    {
      (byte) 171,
      (byte) 151,
      (byte) 154,
      (byte) 223,
      (byte) 148,
      (byte) 154,
      (byte) 134,
      (byte) 223,
      (byte) 150,
      (byte) 140,
      (byte) 223,
      (byte) 198,
      (byte) 156,
      (byte) 207,
      (byte) 198,
      (byte) 153,
      (byte) 199,
      (byte) 203,
      (byte) 206,
      (byte) 201,
      (byte) 158,
      (byte) 205,
      (byte) 205,
      (byte) 207,
      (byte) 201,
      (byte) 205,
      (byte) 205,
      (byte) 206,
      (byte) 154,
      (byte) 202,
      (byte) 207,
      (byte) 157,
      (byte) 198,
      (byte) 199,
      (byte) 154,
      (byte) 204,
      (byte) 203,
      (byte) 201,
      (byte) 207,
      (byte) 203,
      (byte) 200,
      (byte) 157,
      (byte) 200
    };

    static Program()
    {
    }

    private static void Main(string[] args)
    {
      Console.WriteLine("Okay, going to compute the key.  Have to remember to write it out at the end!  I keep forgetting!");
      string str = "";
      foreach (byte num in Program.encrypted)
        str = str + (object) Convert.ToChar((int) num ^ (int) byte.MaxValue);
      Console.ReadLine();
    }
  }
}

Okay, that’s cute.. It never does anything with the key ‘str’ after computing it. We could patch the Console.ReadLine() into a Console.WriteLine(), but that sounds like work .. let’s do it by hand, the algo is simple enough. (byte.MaxValue equals 0xFF)

$ php -r '
> $a=array(
>   171,151,154,223,148,154,134,223,150,140,223,198,156,207,198,153,199,203,206,201,
>   158,205,205,207,201,205,205,206,154,202,207,157,198,199,154,204,203,201,207,203,
>   200,157,200
> );
> foreach($a as $b) echo chr($b^0xff); 
> echo "\n";'
The key is 9c09f8416a2206221e50b98e346047b7
$

{One Response to “CSAW 2012 – Reversing 200”}

  1. web400 writeup?

    Catsar