HITCON CTF 2016::Handcrafted::Rev-50

Posted by and filed under HITCON CTF 2016.

We were given a python file for this challege #!/usr/bin/env python # -*- coding: utf-8 -*- import marshal, zlib, base64 exec(marshal.loads(zlib.decompress(base64.b64decode(‘eJyNVktv00AQXm/eL0igiaFA01IO4cIVCUGFBBJwqRAckLhEIQmtRfPwI0QIeio/hRO/hJ/CiStH2M/prj07diGRP43Hs9+MZ2fWMxbnP6mux+oK9xVMHPFViLdCTB0xkeKDFEFfTIU4E8KZq8dCvB4UlN3hGEsdddXU9QTLv1eFiGKGM4cKUgsFCNLFH7dFrS9poayFYmIZm1b0gyqxMOwJaU3r6xs9sW1ooakXuRv+un7Q0sIlLVzOCZq/XtsK2oTSYaZlStogXi1HV0iazoN2CV2HZeXqRQ54TlJRb7FUlKyUatISsdzo+P7UU1Gb1POdMruckepGwk9tIXQTftz2yBaT5JQovWvpSa6poJPuqgao+b9l5Aj/R+mLQIP4f6Q8Vb3g/5TB/TJxWGdZr9EQrmn99fwKtTvAZGU7wzS7GNpZpDm2JgCrr8wrmPoo54UqGampFIeS9ojXjc4E2yI06bq/4DRoUAc0nVnng4k6p7Ks0+j/S8z9V+NZ5dhmrJUM/y7JTJeRtnJ2TSYJvsFq3CQt/vnfqmQXt5KlpuRcIvDAmhnn2E0t9BJ3SvB/SfLWhuOWNiNVZ+h28g4wlwUp00w95si43rZ3r6+fUIEdgOZbQAsyFRRvBR6dla8KCzRdslar7WS+a5HFb39peIAmG7uZTHVm17Czxju4m6bayz8e7J40DzqM0jr0bmv9PmPvk6y5z57HU8wdTDHeiUJvBMAM4+0CpoAZ4BPgJeAYEAHmgAUgAHiAj4AVAGORtwd4AVgC3gEmgBBwCPgMWANOAQ8AbwBHgHuAp4D3gLuARwoGmNUizF/j4yDC5BWM1kNvvlxFA8xikRrBxHIUhutFMBlgQoshhPphGAXe/OggKqqb2cibxwuEXjUcQjccxi5eFRL1fDSbKrUhy2CMb2aLyepkegDWsBwPlrVC0/kLHmeCBQ==’)))) After looking at the decompressed data, I realized that the header had been removed, so I compiled a pyc file and got the correct header. Here is my Get_Bytecodes.py #!/usr/bin/env python # -*- coding:… Read more »

HITCON CTF 2016::Flame::PPC-150

Posted by and filed under HITCON CTF 2016.

This was my first encounter with Power PC, so this challenge was definitely fun learning experience for me. Here is my best attempt at the decompiled source code. #include &ltstdio.h&gt #include &ltstdlib.h&gt #include &ltstring.h&gt int global_values[] = {0xCFE,0x859,0x95D,0x871,0x40D,6,0xADE,0xFA8,0x561,0x9DA, \ 0x878,0x682,0xFA9,0xF5F,0x25E,0xDB0,0xFBF,0xBC6,0xD38,0x95D,0xD09,0x7ED,0x307, \ 0x1C0,0x399,0x956,0xA45,0x292,0xC8A,0x92F,0x4A,0x964,0x194,0x9DA,0x11F}; int main(){ char input[35]; int *checked_against = global_values; int i; //print welcome string… Read more »