Moved directories

2023-12-18 16:48:13 +01:00
parent 697849f63e
commit fbd69c1109
21 changed files with 0 additions and 0 deletions
--- a/04/bowser.elf
+++ b/04/bowser.elf
--- a/04/decode.py
+++ b/04/decode.py
@@ -0,0 +1,26 @@
+from hackingscripts import util
+from pwn import context, disasm
+import re
+
+if __name__ == "__main__":
+    with open("bowser.elf", "rb") as f:
+        elf = f.read()
+
+    context.arch = "amd64"
+    offset = 0x1332
+    flag = b""
+
+    for instr in disasm(elf[offset:], byte=False, offset=False).split("\n"):
+        match = re.match(r"movabs\s+(rax|rdx),\s+0x([0-9a-f]+)", instr)
+        if match:
+            flag += util.xor(bytearray.fromhex(match[2])[::-1], 0xFF)
+        else:
+            match = re.match(r"mov\s+WORD PTR \[.*\],\s+0x([0-9a-f]+)", instr)
+            if match:
+                flag += util.xor(bytearray.fromhex(match[1])[::-1], 0xFF)
+            elif re.match(r"call\s+.*", instr):
+                break
+
+    flag = flag.split(b"\x00")[1].decode()
+    print("[+] Flag:", flag)
+