mirror of
https://git.soft.fish/val/MicroCorruption.git
synced 2024-11-22 19:45:58 +00:00
42 lines
1.5 KiB
Markdown
42 lines
1.5 KiB
Markdown
|
|
||
|
|
||
|
Churchill seems to not verify after 0xff bytes?
|
||
|
|
||
|
|
||
|
## Sample input
|
||
|
|
||
|
```hex
|
||
|
8000 00 06 3041 c26436953f8f3cadf1442fc218b185051ab6c20853a45f093fc32adf31529d05a5ec3e96a9e41ed9ad1b14dcbdb98e50e37a7ddc3d595b867807ed1605f2070e
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
## Layout:
|
||
|
Loadaddr | Signature Type | length | payload | Signature
|
||
|
---------|----------------|--------|----------|----------
|
||
|
8000 | 00 (ed25519) | 06 | 3041 ret | c26436...
|
||
|
8000 | 01 (sha512) | 12 | 324000ffb0121000 | f009805ec519029923b72a6e63589a081295759bbf7e12090be7b784f622a24e135d2603b861cc0398b366b1a5d8a89836544a164c39f4e68361413ab6f049a5
|
||
|
|
||
|
```c
|
||
|
324000ff mov #ff00, sr
|
||
|
b0121000 call #0010
|
||
|
```
|
||
|
|
||
|
## Payload
|
||
|
8000 01 0c 3240 00ff b012 1000
|
||
|
|
||
|
Hash:
|
||
|
80a0ca7614b653247b207a739e8a5445bfc34f755d4bd0bd413ec5f65a748fe04f9488f7e10700b5bfb57f41ba56f2a314a0f9545b74d08764af7a5c0cfc40ec
|
||
|
|
||
|
complete payload:
|
||
|
8000 01 0c 324000ff b0121000 80a0ca7614b653247b207a739e8a5445bfc34f755d4bd0bd413ec5f65a748fe04f9488f7e10700b5bfb57f41ba56f2a314a0f9545b74d08764af7a5c0cfc40ec
|
||
|
|
||
|
# THE TWIST
|
||
|
The program explicitly checks for `0x1` when evaluating the results of a hash
|
||
|
For perfectly identical strings, this DOESN'T WORK, because, memcmp returns `0`.
|
||
|
|
||
|
Solution: subtract 1 from the last byte of payload_signature. It'll be off by one, and when the program evaluates it, it'll end up with 0x0001 in r15
|
||
|
|
||
|
# Final Answer:
|
||
|
8000 01 0c 324000ff b0121000 80a0ca7614b653247b207a739e8a5445bfc34f755d4bd0bd413ec5f65a748fe04f9488f7e10700b5bfb57f41ba56f2a314a0f9545b74d08764af7a5c0cfc40eb
|