what the fuck is a logarithm - pingCTF

Description

rev with source code? in python? with symbols? oh my....

Given a Python script generated.py that implements a stack machine using exp() and ln() operations with high-precision Decimal arithmetic. The script reads a flag and validates it through a series of stack operations.

Analysis

Stack Machine Architecture

The checker uses a simple stack machine with these primitives:

from decimal import Decimal, getcontext
CTX = getcontext()
CTX.prec = 400  # High precision

stack = []
OMEGA = Decimal("-inf")

def E():
    a = stack.pop()
    b = stack.pop()
    stack.append((Decimal(0.0) if a == OMEGA else CTX.exp(a)) - CTX.ln(b))

def s():  # swap
    stack[-1], stack[-2] = stack[-2], stack[-1]

def one():
    stack.append(Decimal('1'))

def neg_inf():
    stack.append(Decimal('-Infinity'))

def push_inp():
    global inp
    stack.append(Decimal(ord(inp[0]) - 48))
    inp = inp[1:]

The E() Operation

The core operation E() computes: exp(a) - ln(b) where a and b are popped from the stack.

Key insight: When combined with specific patterns of one(), s(), and neg_inf(), this implements multiplication using logarithm identities:

• exp(ln(a) + ln(b)) = a * b
• ln(exp(x)) = x

The repeated instruction patterns effectively chain multiplications.

Input Encoding

Each input character is encoded as ord(char) - 48:

• '0' → 0, '9' → 9
• 'A' → 17, 'Z' → 42
• 'a' → 49, 'z' → 74
• '{' → 75, '}' → 77, '_' → 47

Structure Discovery

Through tracing, the checker processes 32 characters in 4 groups of 8. Each group computes a polynomial:

P(group) = sum(73.21^(k+1) * char[k] for k in range(8))

This is essentially a base-73.21 number representation where each character contributes a weighted term.

Expected Values

The checker embeds 4 target constants and validates that each group's polynomial matches:

...