Reverse Engineering — DarkCON CTF 2021

Read

Given a pyc file then i just try to decompile it using uncompyle6.

def lababa(lebula):
alalalalalalal = [
73, 13, 19, 88, 88, 2, 77, 26, 95, 85, 11, 23, 114, 2, 93, 54, 71, 67, 90, 8, 77, 26, 0, 3, 93, 68]
result = ''
for belu in range(len(alalalalalalal)):
if lebula[belu] != chr(alalalalalalal[belu] ^ ord(babababa[belu])):
return 'bbblalaabalaabbblala'
b2a = ''
a2b = [122, 86, 75, 75, 92, 90, 77, 24, 24, 24, 25, 106, 76, 91, 84, 80, 77, 25, 77, 81, 92, 25, 92, 87, 77, 80, 75, 92, 25, 74, 77, 75, 80, 87, 94, 25, 88, 74, 25, 95, 85, 88, 94]
for bbb in a2b:
b2a += chr(bbb ^ 57)
else:
return b2a

Too Much

Given ELF 64-bit executable and then i try to decompile it using IDA

ezpz

Given apk file and then i try to decompile the apk.

Original ( MainActivity$1.smali )
const/16 v3, 0x1f4
Patched ( MainActivity$1.smali )
const/16 v3, 0x0
Original ( MainActivity$1.smali )
.line 50
:cond_1
iget-object v1, p0, Lcom/application/ezpz/MainActivity$1;->this$0:Lcom/application/ezpz/MainActivity;invoke-virtual {v1}, Lcom/application/ezpz/MainActivity;->getApplicationContext()Landroid/content/Context;move-result-object v1const-string v3, "Damn...500 times? are u kidding me"invoke-static {v1, v3, v2}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;move-result-object v1invoke-virtual {v1}, Landroid/widget/Toast;->show()Vgoto :goto_0Patched ( MainActivity$1.smali )
.line 50
:cond_1iget-object v1, p0, Lcom/application/ezpz/MainActivity$1;->this$0:Lcom/application/ezpz/MainActivity;invoke-virtual {v1}, Lcom/application/ezpz/MainActivity;->getApplicationContext()Landroid/content/Context;move-result-object v1iget-object v3, p0, Lcom/application/ezpz/MainActivity$1;->val$YEET:[Ljava/lang/String;aget-object v3, v3, v2invoke-static {v1, v3, v2}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;move-result-object v1invoke-virtual {v1}, Landroid/widget/Toast;->show()Vgoto :goto_0

CyberDark0x01: ShitComp

Given ELF 64-bit and then i try to decompile it using IDA

sub_1410
sub_13A0

CyberDark_0x02: Installer

Now we need to work with the original ELF. So i try to decompile it using IDA

sub_1BD0
sub_1AB0
sub_19A0
sub_1A20

(Not) Easy

Given PE file and then i try to open it using IDA

sub_40189D

fire in the androiddd

Given apk file and then i try to decompile it.

MainActivity
data_receiver
MyReceiver
Java_com_application_darkcon_MyReceiver_magic
looper

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
kosong

kosong

38 Followers

CTF Player | Currently learning about Reverse Engineering and Cryptography