ALL THE CODES!

2017-02-06 22:50:55 +10:30 · 2017-02-06 22:50:55 +10:30 · 1fa656ddc6
commit 1fa656ddc6
parent 6e7258c89f
2 changed files with 43 additions and 10 deletions
--- a/electric_boogaloo.md
+++ b/electric_boogaloo.md
@ -342,4 +342,4 @@ result = (data_0f73 ^ data_0f74) ^ data_0f75
 print('0x{:04x}'.format(result))
 ```

-And with that, we can now programmatically generate every code for any challenge binary!
+And with that, we can now [programmatically extract *every single code* given any challenge .tgz!](https://github.com/RunasSudo/synacor.py/blob/master/tools/generate_codes.py)
--- a/tools/generate_codes.py
+++ b/tools/generate_codes.py
@ -15,8 +15,10 @@
 #    You should have received a copy of the GNU Affero General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.

+import re
 import struct
 import sys
+import tarfile

 IV_LEN = 3
 CODE_LEN = 12
@ -43,19 +45,36 @@ def generate_code(R1, R2, R3, R4):
 				done = True
 			R7 = R2data[R7]
 			code += chr(R7)
+	
 	return code

+def mirror_code(code):
+	alphabet1 = 'dbqpwuiolxv8WTYUIOAHXVM'
+	alphabet2 = 'bdpqwuiolxv8WTYUIOAHXVM'
+	mirrored_code = ''
+	for letter in reversed(code):
+		if letter not in alphabet1:
+			raise Exception('Cannot mirror unknown letter ' + letter)
+		mirrored_code += alphabet2[alphabet1.index(letter)]
+	return mirrored_code
+
 # Read code into memory
 SYN_MEM = [0] * 32768

-with open(sys.argv[1], 'rb') as data:
-	i = 0
-	while True:
-		byteData = data.read(2)
-		if len(byteData) < 2:
-			break
-		SYN_MEM[i] = struct.unpack('<H', byteData)[0]
-		i += 1
+with tarfile.open(sys.argv[1], 'r:gz') as challenge_file:
+	with challenge_file.extractfile('challenge.bin') as data:
+		i = 0
+		while True:
+			byteData = data.read(2)
+			if len(byteData) < 2:
+				break
+			SYN_MEM[i] = struct.unpack('<H', byteData)[0]
+			i += 1
+	
+	# Extract first code
+	with challenge_file.extractfile('arch-spec') as data:
+		spec_data = data.read().decode('utf-8')
+		print(re.search(r"Here's a code for the challenge website: (............)", spec_data).group(1))

 # Emulate 06bb
 for R2 in range(0x17b4, 0x7562):
@ -64,6 +83,20 @@ for R2 in range(0x17b4, 0x7562):
 	R1 ^= 0x4154
 	SYN_MEM[R2] = R1

+# Basic codes
+print(bytes(SYN_MEM[0x00f5:0x010c:2]).decode('utf-8'))
+
+R1 = 0x68e3
+R3 = (SYN_MEM[0x0426] + SYN_MEM[0x0427]) % 0x8000
+strlen = SYN_MEM[R1]
+strbuf = ''
+for i in range(strlen):
+	encrypted = SYN_MEM[R1 + 1 + i]
+	decrypted = encrypted ^ R3
+	strbuf += chr(decrypted)
+print(re.match(r"The self-test completion code is: (............)", strbuf).group(1))
+
+# Generated codes
 # Calls to 0731
 CODE_PARAMS = [
 	(0x0058, 0x650a, 0x7fff, 0x6e8b), # R1 from the maze
@ -74,4 +107,4 @@ CODE_PARAMS = [
 ]

 for cp in CODE_PARAMS:
-	print(generate_code(*cp))
+	print(generate_code(*cp) if cp[1] != 0x653f else mirror_code(generate_code(*cp)))