[Writeup] HackIM-16: ZorroPub

Initially, by running the binary it asks to input the number of drinks. Then it asks to input the number of ids for the input drinks.

After compiling in IDA, we can see that the ids should be in the range of 16 to 65535( 0x10, 0xfff ). Here the binary go through a number of operations, Where the ids gets xored, and will set a seed value.

And goes through the above operations, and then v9 is compared to 10.

if ( v9 != 10 )

{

puts(“Looks like its a dangerous combination of drinks right there.”);

puts(“Get Out, you will get yourself killed”);

exit(-1);

}

After that we move onto some complex operations, where our input in converted into MD5 with the seed value, and then it compares with ”5eba99aff105c9ff6a1a913e343fec67” . Here i tried to bruteforce the flag(we know the flag format ”nullcon”).

By brute forcing got the flag: The flag is nullcon{nu11c0n_s4yz_x0r1n6_1s_4m4z1ng}.