File tree Expand file tree Collapse file tree 1 file changed +6
-10
lines changed
Expand file tree Collapse file tree 1 file changed +6
-10
lines changed Original file line number Diff line number Diff line change 66def main ():
77 proj = angr .Project ("./chal" , auto_load_libs = False )
88
9- chars = [claripy .BVS (f'c{ i } , 8 ) for i in range (8 )]
9+ # 8 symbolic bytes + null terminator
10+ chars = [claripy .BVS (f'byte_{ i } , 8 ) for i in range (8 )]
1011 null = claripy .BVV (0 , 8 )
1112 input_bytes = claripy .Concat (* chars + [null ])
1213
13- input_stream = angr .SimFileStream (name = 'stdin' , content = input_bytes , has_end = False )
14-
15- state = proj .factory .entry_state (
16- stdin = input_stream ,
17- add_options = {
18- angr .options .ZERO_FILL_UNCONSTRAINED_MEMORY ,
19- angr .options .ZERO_FILL_UNCONSTRAINED_REGISTERS
20- }
21- )
14+ # Use simpler entry_state() to avoid memory initialization complexity
15+ state = proj .factory .entry_state (stdin = input_bytes )
2216
17+ # Constrain input to printable ASCII
2318 for c in chars :
2419 state .solver .add (c >= 0x20 , c <= 0x7e )
2520
2621 simgr = proj .factory .simgr (state )
22+
2723 simgr .explore (
2824 find = lambda s : b"CTF{" in s .posix .dumps (1 ),
2925 avoid = lambda s : b"Wrong key" in s .posix .dumps (1 )
You can’t perform that action at this time.
0 commit comments