Hadding a headache, I did not spent so much time on 0CTF, which always has some fun problem to solve.
This problem give you a
trace.log (download file)
It looks like:
This is a trace log of a program, which should be written in Golang.But the
trace.log looks like some LLVM IR, rather than trace generated by
go tool trace. It seems like
trace.log is too large to analyze, but actually this is a simple program. You can slim the
trace.log by deleting some library function.
Now, we can start to analyze the trace of program.
The trace is easy to read, but there are some weird IR :
t15 = phi [1: t8, 6: t8, 4: t14]
This is actually call the Phi node, since LLVM uses SSA (Static Single Assignment),which means that every variable can only be assigned once.Then,what if I wrote this program:
a = 1;
We assign a value to
So, it actually has more than one
a1 = 1; //block 0
The IR of line 4 is :
b = phi [0:a1, 1:a2]
You can understand the
The program implement big number by array, and also some function for multipling, adding big num, finally we can derive a equation from it:
It seems to be simple, but it actually is a elliptic curve…
trace.log is actually generated by ssadump