From d8ce593b672940ad7e128d8c980e1356917c8eda Mon Sep 17 00:00:00 2001
From: 0x35c <>
Date: Tue, 6 May 2025 13:37:01 +0200
Subject: [PATCH] level03: source code done

---
 level03/source.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 level03/source.c

diff --git a/level03/source.c b/level03/source.c
new file mode 100644
index 0000000..13ebec2
--- /dev/null
+++ b/level03/source.c
@@ -0,0 +1,68 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+int decrypt(char key)
+{
+	unsigned int len;
+	char str[28];
+
+	// Stack canary protection (or SSP)
+	// *(_DWORD *)((char *)&str[4] + 1) = __readgsdword(0x14u);
+	strcpy((char *)str, "Q}|u`sfg~sf{}|a3");
+	len = strlen((const char *)str);
+	for (int i = 0; i < len; ++i)
+		*((char *)str + i) ^= key;
+	// Key needs to equal 12
+	if (!strcmp((const char *)str, "Congratulations!"))
+		return system("/bin/sh");
+	else
+		return puts("\nInvalid Password");
+}
+
+int test(int a1, int a2)
+{
+	int result;
+	char key;
+
+	switch (a2 - a1) {
+	case 1:
+	case 2:
+	case 3:
+	case 4:
+	case 5:
+	case 6:
+	case 7:
+	case 8:
+	case 9:
+	case 16:
+	case 17:
+	case 18:
+	case 19:
+	case 20:
+	case 21:
+		result = decrypt(a2 - a1);
+		break;
+	default:
+		key = rand();
+		result = decrypt(key);
+		break;
+	}
+	return result;
+}
+
+int main(void)
+{
+	int input;
+
+	srand(time(NULL));
+	puts("***********************************");
+	puts("*\t\tlevel03\t\t**");
+	puts("***********************************");
+	printf("Password:");
+	scanf("%d", &input);
+	test(input, 322424845);
+
+	return 0;
+}