# random

## Challenge

Daddy, teach me how to use random value in programming!

ssh <random@pwnable.kr> -p2222 (pw:guest)

## Source Code

```c
#include <stdio.h>

int main(){
        unsigned int random;
        random = rand();        // random value!

        unsigned int key=0;
        scanf("%d", &key);

        if( (key ^ random) == 0xdeadbeef ){
                printf("Good!\n");
                system("/bin/cat flag");
                return 0;
        }

        printf("Wrong, maybe you should try 2^32 cases.\n");
        return 0;
}
```

## Solution

Check out the [rand(3) man page](https://linux.die.net/man/3/rand). It says "if no seed value is provided, the rand() function is automatically seeded with a value of 1". That means a seedless `rand()` is **deterministic**. We can run the following code to test our hypothesis:

```c
#include <stdio.h>

int main()
{
    int random = rand();
    printf("%i", random);

    return 0;
}
```

The result is always `1804289383` no matter how many times we run this program. To find the key, do the math in a Python shell:

```python
>>> 0xdeadbeef ^ 1804289383
3039230856
```

## Get Flag

![Get flag](https://223316867-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWVtlSxURaW2QQu6RU5%2F-M_mjo0h8u5WzjfsB4Q8%2F-M_mjr4Y-GigZnDnO24_%2Fimage.png?alt=media\&token=fc00fe4f-79f0-4fca-855a-b5f2c5ecbdf5)

## Exploit

```python
```