We can just patch binary and easy solve it!
call get_string()
```assembly
00011339 83 c4 10 ADD ESP,0x10
0001133c 89 45 e8 MOV dword ptr [EBP + local_20],EAX
0001133f 83 ec 0c SUB ESP,0xc
00011342 ff 75 e8 PUSH dword ptr [EBP + local_20]
00011345 e8 40 00 CALL get_string
```
patch code after get_string with this, run binary and get decoded string!
```assembly
0001134a 83 c4 10 ADD ESP,0x10
0001134d 83 ec 04 SUB ESP,0x4
00011350 ff 75 f0 PUSH dword ptr [EBP + local_18]
00011353 ff 75 f4 PUSH dword ptr [EBP + local_14]
00011356 ff 75 e8 PUSH dword ptr [EBP + local_20]
00011359 e8 43 02 CALL decrypt
0001135e 89 45 ec MOV dword ptr [EBP + local_1c],EAX
00011361 50 PUSH EAX
00011362 e8 d9 fc CALL printf
```
And we get decrypted string!
Decompiled original code from Ghidra
```C
{
char *extraout_EAX;
int iVar1;
undefined4 uVar2;
undefined4 uVar3;
char local_2020 [8192];
char *local_20;
char *local_1c;
undefined4 local_18;
int local_14;
undefined *local_10;

local_10 = &stack0x00000004;
setvbuf(stdout,(char *)0x0,2,0);
puts(
"54 68 65 20 6d 61 6e 20 69 6e 20 62 6c 61 63 6b 20 66 6c 65 64 20 61 63 72 6f 73 73 20 74 6865 20 64 65 73 65 72 74 2c 20 61 6e 64 20 74 68 65 20 67 75 6e 73 6c 69 6e 67 65 72 20 66 6f6c 6c 6f 77 65 64 2e"
);
debugger_check();
local_14 = 0x11;
local_18 = 0xc;
printf("Input: ");
fgets(local_2020,0x2000,stdin);
remove_newline(local_2020);
uVar3 = local_18;
encrypt(local_2020,local_14,local_18);
uVar2 = 4;
local_1c = extraout_EAX;
local_20 = (char *)calloc(0x20,4);
get_string(local_20,uVar2,uVar3);
iVar1 = strcmp(local_20,local_1c);
if (iVar1 == 0) {
print_flag();
}
else {
printf("Not quite");
}
return 0;
}
```

patched fragment

```C
get_string(local_20);
local_1c = (char *)decrypt(local_20,local_14,local_18);
printf(local_1c);
```