Can you get the password now?
The following is a batch script authentication system. Your goal here is to get the batch script to authenticate you by inputting a password into the field.
- You knew the value of variable PASSWORDVALUE is 1065435274, and now you have to reverse the hashing process to find the original password.
- The hashing process is the following code.
IF /I "!INPUT:~%CHARACTERPOSITION%,1!"=="!CHARS:~%CURRENTPOSITION%,1!" SET /A
SET /A CURRENTPOSITION+=3
IF NOT %CURRENTPOSITION%==78 GOTO :SUBLOOP
SET /A CHARACTERPOSITION+=1
IF NOT "!INPUT:~%CHARACTERPOSITION%,1!"=="" GOTO :OVERLOOP
- Since the batch script takes the character you type in, assigns corresponding prime value to it, and multiplies them all together, so, the first thing you need to do is the prime factorization of the PASSWORDVALUE.
- Very soon, you'll find out the prime factors of 1065435274 are 2, 6827, and 78031. But there's no mapping character with the value larger than 101.
- That means we neglected a very important concept about batch math. There's an integer overflow problem due to the maximum integer allowed in batch math is 2^31 - 1 = 2147483647 for 32-bit integers.
- So, we need to find the original composite number.
- The relationship between the composite number ,
maximum limited integer, and 1065435274 is like below.
composite_number / (2^31) = quotient ... 1065435274
composite_number = (2^31) * quotient + 1065435274
- You can use brute forcing to count the composite number and factor it. If the factors of the composite number all less than or equal to 101, you get the answer!
- My result:
quotient = 2136
composite_number = (2^31) * 2136 + 1065435274 = 4588090507402
4588090507402 = 2 * 17 * 19 * 23 * 37 * 41 * 47 * 61 * 71
(aghilmort -> algorithm)
- It's done!