tsundere (160 pts)
Problem
Solution
- Reverse some of the bytecode manually to try and figure out what its doing.
- The flag text must consist of only lowercase acsii characters and numbers.
- The regex splits up the flag string into chunks of 4 characters. It calls the
routine1
function on each chunk of 5 characters, and concatenates the results, checking if the final result is equal to the StringTODO - Put right string here
- Guess that the
routine1
function is a hashing function. It contains a sin/cos call, 4 "secret" numbers, and a bit rotateLeft call, so we guess that it is md5, based on this source code for md5 in java. - Split the final string into chunks of 32 characters, and brute force md5 hashes of chunks of 5 lowercase characters and numbers, to reverse each hash. We can easily plug the hashes into hashkiller for the individual hashes, which we concatenate into the flag.
Flag
tjctf{j4hbjllsqyndjonfn6czn40f322p2ttgvbtg1m9pi33o8gmu368dkzpk7nldb8ztcdi3nb6ovjtawtovmmna2a67rjjoz6oun1if}