Tags: engineering reverse
The Sabloom Text 6 app has a product registration form under *Help>Register*. When we enter `X3eRo0` as the name and the flag as the serial, the product gets registered successfully.
Under the hood, the program checks if the serial (flag) is correct by XOR-ing it with some arbitrary values stored in memory, and then using the result as a set of instructions describing how to run through a 65 x 65 maze (which is hardcoded in memory). The program steps through the maze using the generated instructions, and it registers the product only if it successfully reaches the bottom right corner of the maze.