From b758947a87b9521ffa005873b5d6cfbf3ff0273c Mon Sep 17 00:00:00 2001
From: Giulio De Pasquale <giulio@depasquale.eu>
Date: Fri, 26 May 2017 12:04:11 +0200
Subject: [PATCH] Cambiata key

---
 polictf/pasticciotto_local.cpp    | 60 ++++++++++++++-----------------
 polictf/res/client_opcode_key.txt |  1 +
 2 files changed, 28 insertions(+), 33 deletions(-)
 create mode 100644 polictf/res/client_opcode_key.txt

diff --git a/polictf/pasticciotto_local.cpp b/polictf/pasticciotto_local.cpp
index e4ca015..7b6c3c9 100644
--- a/polictf/pasticciotto_local.cpp
+++ b/polictf/pasticciotto_local.cpp
@@ -78,44 +78,38 @@ int main(int argc, char *argv[]) {
       0x2f, 0x2f, 0x5c, 0x2f, 0x2f, 0x5c, 0x2f, 0x2f, 0x5c, 0x2f, 0x2f, 0x5c,
       0x2f, 0x2f, 0x5c, 0x2f, 0x2f, 0x5c, 0x2f, 0x2f, 0x5c, 0x2f, 0x2f, 0x5c,
       0x2f, 0x2f, 0x5c, 0x2f, 0x20, 0x20, 0x20};
-
-  uint8_t a[] = {0x24, 0x00, 0x38, 0x08, 0x2f, 0x18,
-                 0x3f, 0x40, 0x51, 0x5f, 0x53, 0x4e};
-  uint8_t b[] = "totallyrandom";
-  uint8_t *c = new uint8_t[12]; // PoLiCtF2017!
   unsigned char bc[] = {
-      0x50, 0x00, 0xde, 0xad, 0x50, 0x01, 0xb0, 0x0b, 0xc1, 0x00, 0x00, 0x00,
-      0xc1, 0x02, 0x00, 0x01, 0x50, 0x00, 0xb0, 0x0b, 0x50, 0x01, 0xfa, 0xce,
-      0xc1, 0x04, 0x00, 0x00, 0xc1, 0x06, 0x00, 0x01, 0x50, 0x00, 0x00, 0x00,
-      0x4d, 0xda, 0x00, 0xd4, 0x20, 0x50, 0x04, 0x00, 0x00, 0x53, 0x04, 0x50,
-      0x00, 0x00, 0x00, 0x50, 0x01, 0x02, 0x00, 0xd5, 0x04, 0xd5, 0x14, 0x4d,
-      0x5b, 0x00, 0x87, 0x04, 0x86, 0x04, 0x01, 0x00, 0x8c, 0x42, 0x79, 0x2d,
-      0x00, 0x0e, 0x00, 0x00, 0x00, 0x0e, 0x01, 0x02, 0x00, 0x0e, 0x02, 0x04,
-      0x00, 0x0e, 0x03, 0x06, 0x00, 0xcd, 0x0a, 0x53, 0x01, 0x53, 0x02, 0x53,
-      0x03, 0x83, 0x20, 0x83, 0x31, 0x50, 0x04, 0x00, 0x00, 0x50, 0x05, 0x00,
-      0x00, 0x53, 0x04, 0x86, 0x05, 0x6f, 0x62, 0x53, 0x05, 0xd4, 0x43, 0x25,
-      0x04, 0x04, 0x00, 0x86, 0x04, 0x65, 0x70, 0xd4, 0x53, 0x87, 0x07, 0xd5,
-      0x57, 0x53, 0x07, 0x6c, 0x45, 0x53, 0x04, 0xd4, 0x43, 0xb1, 0x04, 0x05,
-      0x00, 0x86, 0x04, 0x65, 0x70, 0x87, 0x05, 0x6c, 0x45, 0xd5, 0x24, 0xd4,
-      0x42, 0x25, 0x04, 0x04, 0x00, 0x86, 0x04, 0x75, 0x72, 0xd4, 0x52, 0x87,
-      0x07, 0xd5, 0x57, 0x53, 0x07, 0x6c, 0x45, 0x53, 0x04, 0xd4, 0x42, 0xb1,
-      0x04, 0x05, 0x00, 0x86, 0x04, 0x73, 0x6e, 0x87, 0x05, 0x6c, 0x45, 0xd5,
-      0x34, 0x87, 0x05, 0x87, 0x04, 0x86, 0x04, 0x01, 0x00, 0x2b, 0x04, 0x7f,
-      0x79, 0x6d, 0x00, 0x81, 0x02, 0x81, 0x13, 0x87, 0x03, 0x87, 0x02, 0x87,
-      0x01, 0xa9, 0x53, 0x01, 0x53, 0x02, 0x53, 0x03, 0xd4, 0x60, 0x50, 0x05,
-      0x00, 0x00, 0x83, 0x46, 0x2b, 0x04, 0x00, 0x78, 0x01, 0x01, 0x50, 0x06,
-      0x00, 0x00, 0x86, 0x05, 0x01, 0x00, 0xd5, 0x65, 0x83, 0x46, 0x2b, 0x04,
-      0x00, 0xcd, 0x80, 0xee, 0x00, 0xd4, 0x05, 0x87, 0x03, 0x87, 0x02, 0x87,
-      0x01, 0xa9};
-  unsigned int bclen = 266;
+      0x48, 0x00, 0xde, 0xad, 0x48, 0x01, 0xb0, 0x0b, 0xd4, 0x00, 0x00, 0x00,
+      0xd4, 0x02, 0x00, 0x01, 0x48, 0x00, 0xb0, 0x0b, 0x48, 0x01, 0xfa, 0xce,
+      0xd4, 0x04, 0x00, 0x00, 0xd4, 0x06, 0x00, 0x01, 0x48, 0x00, 0x00, 0x00,
+      0xd8, 0xd9, 0x00, 0xcb, 0x20, 0x48, 0x04, 0x00, 0x00, 0xde, 0x04, 0x48,
+      0x00, 0x00, 0x00, 0x48, 0x01, 0x02, 0x00, 0x39, 0x04, 0x39, 0x14, 0xd8,
+      0x5a, 0x00, 0x5c, 0x04, 0x05, 0x04, 0x01, 0x00, 0xd7, 0x42, 0x93, 0x2d,
+      0x00, 0x22, 0x00, 0x00, 0x00, 0x22, 0x01, 0x02, 0x00, 0x22, 0x02, 0x04,
+      0x00, 0x22, 0x03, 0x06, 0x00, 0x5d, 0xde, 0x01, 0xde, 0x02, 0xde, 0x03,
+      0x12, 0x20, 0x12, 0x31, 0x48, 0x04, 0x00, 0x00, 0x48, 0x05, 0x00, 0x00,
+      0xde, 0x04, 0x05, 0x05, 0x6f, 0x62, 0xde, 0x05, 0xcb, 0x43, 0x20, 0x04,
+      0x04, 0x00, 0x05, 0x04, 0x65, 0x70, 0xcb, 0x53, 0x5c, 0x07, 0x39, 0x57,
+      0xde, 0x07, 0xb1, 0x45, 0xde, 0x04, 0xcb, 0x43, 0x36, 0x04, 0x05, 0x00,
+      0x05, 0x04, 0x65, 0x70, 0x5c, 0x05, 0xb1, 0x45, 0x39, 0x24, 0xcb, 0x42,
+      0x20, 0x04, 0x04, 0x00, 0x05, 0x04, 0x75, 0x72, 0xcb, 0x52, 0x5c, 0x07,
+      0x39, 0x57, 0xde, 0x07, 0xb1, 0x45, 0xde, 0x04, 0xcb, 0x42, 0x36, 0x04,
+      0x05, 0x00, 0x05, 0x04, 0x73, 0x6e, 0x5c, 0x05, 0xb1, 0x45, 0x39, 0x34,
+      0x5c, 0x05, 0x5c, 0x04, 0x05, 0x04, 0x01, 0x00, 0xf4, 0x04, 0x7f, 0x93,
+      0x6c, 0x00, 0x4e, 0x02, 0x4e, 0x13, 0x5c, 0x03, 0x5c, 0x02, 0x5c, 0x01,
+      0xbb, 0xde, 0x01, 0xde, 0x02, 0xde, 0x03, 0xcb, 0x60, 0x48, 0x05, 0x00,
+      0x00, 0x12, 0x46, 0xf4, 0x04, 0x00, 0x38, 0xff, 0x00, 0x48, 0x06, 0x00,
+      0x00, 0x05, 0x05, 0x01, 0x00, 0x39, 0x65, 0x12, 0x46, 0xf4, 0x04, 0x00,
+      0xae, 0xed, 0x00, 0xcb, 0x05, 0x5c, 0x03, 0x5c, 0x02, 0x5c, 0x01, 0xbb};
+  unsigned int bclen = 264;
 
-  for (uint8_t i = 0; i < 12; i++) {
-    c[i] = a[i] ^ b[i % 13];
-  }
+  unsigned char opcode_key[] = {0x48, 0x61, 0x76, 0x65, 0x46, 0x75, 0x6e,
+                                0x21, 0x50, 0x6f, 0x6c, 0x69, 0x43, 0x54,
+                                0x46, 0x32, 0x30, 0x31, 0x37, 0x21};
 
   printf("%s", banner);
   printf("\nHmmm...\n");
-  VM vm(c, bc, bclen);
+  VM vm(opcode_key, bc, bclen);
   vm.run();
   return 0;
 }
\ No newline at end of file
diff --git a/polictf/res/client_opcode_key.txt b/polictf/res/client_opcode_key.txt
new file mode 100644
index 0000000..f341d2d
--- /dev/null
+++ b/polictf/res/client_opcode_key.txt
@@ -0,0 +1 @@
+HaveFun!PoliCTF2017!
\ No newline at end of file