For this challenge, you’re given a server and a client binary, both Mach.O files. If we run the client binary, we can see that it’s asking for a four token key in order to get the “prize”.
Thankfully, these binaries haven’t had their symbols stripped so it’s easy to find interesting functions in the binary. From a quick look at the client library, we can see the strings that were shown above, as well as the client library sending the four tokens you enter to a server:
So we need to look into how the server checks the tokens that are sent. When we open up the server in IDA Pro, we can easily see the functions main_check_key1, main_check_key2, main_check_key3, and main_check_key4 being called in a row. If we following them, there is a check which leads to where the real key would be if this was the actual server:
From here, all we need to do is figure out what each token needs to be. From digging through each of the four functions, we can find the tokens that will get us the key:
Checks the first message character by character, the token is “3at”
Checks the second message, the length must be 11, and each character is pairwise compared with each one, the differences can be used to determine the characters. The token is “chInch1ll@z”.
Performs specific checks on the token against another 4 byte string. The token is “H1gh”.
Compares characters from the token against the string “Fromunda” and the number 183. The token is “F183r”
We know we’ve got the right tokens because we can run the server and client locally, and we get this:
When we connect instead to the IP contained in the directions file and provide the 4 tokens, we get the key: