Menu
I need to figure out what this obfuscated C++ code (written by someone else) does. I've figured pretty much everything, except one tricky part:
bool part1(char *flag)
{
int *t = (int *) memfrob(flag, 8);
unsigned int b[] = {3164519328, 2997125270};
for (int i = 0; i < 2; b[i] = ~b[i], ++i);
return !(0<:t:>-0<:b:>+1<:t:>-1<:b:>);
}
What is going on in the return statement of this function? I have no idea what these colons mean...
I've tried googling what does the colon operator in C++ do, but found only answers about class constructors and the conditional expression, which doesn't seem relevant to this problem.
996
The code is making use of two-letter alternative tokens, also known as "digraphs". Specifically, <: is [, and :> is ].
So, syntax like 0<:t:> is just 0[t], and since array subscripts can be swapped with the array identifier, this is just t[0].
A great tool that can help with deobfuscating code is cppinsights.io. As can be seen in the link, the code is just doing some arithmetic on the array values (ignore the static_cast for this example, it's not important for the purposes of understanding the transformation).
51
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
