print('\n=== Decrypting payload.bin with various keys ===') for name, key in keys.items(): dec = xor(payload, key) flag = extract_flag(dec) if flag: print(f'[name] Flag: flag') else: # store binary for manual analysis (work/f'payload_name.bin').write_bytes(dec)
0x00001140 <main+40>: 1140: 48 8d 3d 0b 00 00 00 lea rdi,[rip+0xb] # 1152 <main+52> 1147: e8 34 ff ff ff call 1080 <puts@plt> 114c: b8 00 00 00 00 mov eax,0x0 1151: c3 ret codsmp.zip
if __name__ == '__main__': main() Running it prints all four flags (the MD5/SHA‑256 ones will appear only if those derived binaries indeed contain a flag string). Adjust the extract_flag regex if the flag format differs. | Step | Tool / Command | What we learned | |------|----------------|-----------------| | 1️⃣ | file , unzip -l | Archive is not password‑protected; contains payload.bin , secret.py , archive.enc . | | 2️⃣ | Read `README print('\n=== Decrypting payload
$ objdump -d payload_decrypted.bin | less The binary is small (≈2 KB). Scanning the disassembly reveals a : | | 2️⃣ | Read `README $ objdump -d payload_decrypted
$ unzip codsmp.zip -d workdir Now we have a working directory:
