Crack Digital Physiognomy 1 831 -

Run it:

void transform(char *src, char *dst) { int len = strlen(src); for (int i = 0; i < len; i++) { dst[i] = (src[i] ^ 0x42) + 0x13; } dst[len] = 0; reverse(dst); } We know: reverse( (input[i] ^ 0x42) + 0x13 ) == "831_physiognomy_cracked" Crack Digital Physiognomy 1 831

No PIE means addresses are fixed – good for static analysis. Run it: void transform(char *src, char *dst) {

Let target = "831_physiognomy_cracked" . Run it: void transform(char *src

We have: (input_byte ^ 0x42) + 0x13 = c So: input_byte ^ 0x42 = c - 0x13 input_byte = (c - 0x13) ^ 0x42 target_rev = "dekarc_demongysoihp_138"[::-1] # wait, no: reversed target is correct # Actually easier: just reverse the known output first known = "831_physiognomy_cracked" rev_known = known[::-1] # "dekarc_demongysoihp_138" flag_chars = [] for ch in rev_known: c = ord(ch) original = (c - 0x13) ^ 0x42 flag_chars.append(chr(original))

undefined8 main(void) { char input[32]; char expected[32]; printf("Enter digital physiognomy key: "); fgets(input, 32, stdin); input[strcspn(input, "\n")] = 0;

transform(input, expected); // custom obfuscation function if (strcmp(expected, "831_physiognomy_cracked") == 0) { printf("Flag: %s\n", input); } else { puts("Access denied."); } return 0; }