How2decompyle
- According to the decription, i found out that the file is .pyc
- It's easy to read that script, just use "uncompyle6" to decompile,
- According to the script, i have:
- 'Restrictions' has 26 element.
- Length of flag equal to len of restrictions[0] (equal to 33).
- Character must be lower alphabet and '_'.
- With each 'flag[f]', it not be allowed be in any position 'f' of whole element of 'Restrictions'.
- In some position ('capital'), flag will upper that character.
- Because there are 26 strings in 'Restrictions' and there are 27 characters (lower alphabet and '_'), we sure that 'flag[f]' is the rest of them.
- Solution:
- Flag: BambooFox{You_Know_Decompyle_And_Do_Reverse}
PRO
Don't be an ida dog or ida cat or ida mouse or ......
- After take a look at 'main', i knew that script need 3 argument.
- password, clearly is '98416'
- key
- flag
- It's not hard to understand, key will be involve to 12 bytes of byte_201020; s1 will be changed and compare with flag. So, i had s1 and just read byte_201020 to reverse into flag.
- But,
- It's not a function!
- I am confuse in 10 minutes, try and try to download, check out that what mistake i had.
- I realize that assembly is become from hex code.
- After several minutes, i found website allowed me for Disassambler.
- But, it is not enough. Segmentation fault error and illegal instruction error appeared via couple of key, function is wrong. I remember that key is involved to byte_201020.
- Now, everything is clear. I have to find a key to correct the function, and the key is only a byte from 0x00 to 0xFF.
- After couple minutes try to write a script allowed brute-force the key to avoid 'segmentation fault' and 'illegal instruction'. I give up and write by my hand.
- Luckily, when key equal to 50, I can decode 's1' to 'flag'.
- Flag: BambooFox{dyn4mic_1s_4ls0_gr34t}
No comments:
Post a Comment
Sending successfully