Hadding a headache, I did not spent so much time on 0CTF, which always has some fun problem to solve.
This problem give you a trace.log
(download file)
It looks like:


This is a trace log of a program, which should be written in Golang.But the trace.log
looks like some LLVM IR, rather than trace generated by go tool trace
. It seems like trace.log
is too large to analyze, but actually this is a simple program. You can slim the trace.log
by deleting some library function.


Now, we can start to analyze the trace of program.
The trace is easy to read, but there are some weird IR :


This is actually call the Phi node, since LLVM uses SSA (Static Single Assignment),which means that every variable can only be assigned once.Then,what if I wrote this program:


We assign a value to a
twice!
So, it actually has more than one a
.


The IR of line 4 is :


You can understand the trace.log
now.
The program implement big number by array, and also some function for multipling, adding big num, finally we can derive a equation from it:
$$(x+y)(x+z)x−10(x+y)(x+z)(y+z)+(x+y)(y+z)y+(x+z)(y+z)z=0$$
It seems to be simple, but it actually is a elliptic curve…
PS. The trace.log
is actually generated by ssadump