CoRCTF 2025 Rev Write Up
CoRCTF 2025 Rev Write Up Challenges rev/tagme rev/purely-functional-oop rev/roll rev/whatever-floats-your-boat Tagme Description: tag, you’re it! g, you’re it!tag Update: the flag does not contain the letter ‘p’ Download: tagme Summary: General idea for this challenge is you have a flag checker that works by taking in an input, growing the flag via an expansion look up table, finally the flag is checked to the same enqueue point as dequeue. There are several parts to this challenge that make it interesting lets start with the main function: void __fastcall __noreturn main(int a1, char **a2, char **a3) { char c; // [rsp+3h] [rbp-3Dh] char *lineptr; // [rsp+8h] [rbp-38h] BYREF size_t n; // [rsp+10h] [rbp-30h] BYREF unsigned __int64 i; // [rsp+18h] [rbp-28h] __ssize_t v7; // [rsp+20h] [rbp-20h] char *flag; // [rsp+28h] [rbp-18h] unsigned __int64 v9; // [rsp+30h] [rbp-10h] unsigned __int64 v10; // [rsp+38h] [rbp-8h] v10 = __readfsqword(0x28u); puts("Enter flag:"); lineptr = 0; n = 0; v7 = getline(&lineptr, &n, stdin); if ( v7 == -1 ) print("Illiterate"); if ( v7 <= 8 ) print("Short"); if ( v7 > 39 ) print("Long"); if ( strncmp("corctf{", lineptr, 7u) ) print("Ineligible"); if ( strncmp("}\n", &lineptr[v7 - 2], 2u) ) print("Ineligible"); set_up(); flag = lineptr + 7; v9 = v7 - 9; for ( i = 0; i < v9; ++i ) { c = flag[i]; if ( (i & 1) !...