theon-1/picoCTF
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

investigative reversing 4

Browse Source
This commit is contained in:
Maxime Vorwerk
2024-06-10 14:52:01 +02:00
parent 1883e33073
commit ea85c2380e
21 changed files with 96 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
investigative_reversing_4/Item01_cp.bmp Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

BIN
investigative_reversing_4/Item02_cp.bmp Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

BIN
investigative_reversing_4/Item03_cp.bmp Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

BIN
investigative_reversing_4/Item04_cp.bmp Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

BIN
investigative_reversing_4/Item05_cp.bmp Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

0
investigative_reversing_4/investigative_reversing_4.gpr Normal file
View File

11
investigative_reversing_4/investigative_reversing_4.rep/idata/00/00000000.prp Normal file
View File

@@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<FILE_INFO>
<BASIC_INFO>
<STATE NAME="CONTENT_TYPE" TYPE="string" VALUE="Program" />
<STATE NAME="PARENT" TYPE="string" VALUE="/" />
<STATE NAME="FILE_ID" TYPE="string" VALUE="c0a8b2a0de2b9581681261000" />
<STATE NAME="FILE_TYPE" TYPE="int" VALUE="0" />
<STATE NAME="READ_ONLY" TYPE="boolean" VALUE="false" />
<STATE NAME="NAME" TYPE="string" VALUE="mystery" />
</BASIC_INFO>
</FILE_INFO>

BIN
investigative_reversing_4/investigative_reversing_4.rep/idata/00/~00000000.db/db.6.gbf Normal file
View File

Binary file not shown.

BIN
investigative_reversing_4/investigative_reversing_4.rep/idata/00/~00000000.db/db.7.gbf Normal file
View File

Binary file not shown.

5
investigative_reversing_4/investigative_reversing_4.rep/idata/~index.bak Normal file
View File

@@ -0,0 +1,5 @@
VERSION=1
/
00000000:mystery:c0a8b2a0de2b9581681261000
NEXT-ID:1
MD5:d41d8cd98f00b204e9800998ecf8427e

5
investigative_reversing_4/investigative_reversing_4.rep/idata/~index.dat Normal file
View File

@@ -0,0 +1,5 @@
VERSION=1
/
00000000:mystery:c0a8b2a0de2b9581681261000
NEXT-ID:1
MD5:d41d8cd98f00b204e9800998ecf8427e

6
investigative_reversing_4/investigative_reversing_4.rep/project.prp Normal file
View File

@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<FILE_INFO>
<BASIC_INFO>
<STATE NAME="OWNER" TYPE="string" VALUE="MaximeVorwerk" />
</BASIC_INFO>
</FILE_INFO>

18
investigative_reversing_4/investigative_reversing_4.rep/projectState Normal file
View File

@@ -0,0 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<PROJECT>
<PROJECT_DATA_XML_NAME NAME="DISPLAY_DATA">
<SAVE_STATE>
<ARRAY NAME="EXPANDED_PATHS" TYPE="string">
<A VALUE="investigative_reversing_4:" />
</ARRAY>
<STATE NAME="SHOW_TABLE" TYPE="boolean" VALUE="false" />
</SAVE_STATE>
</PROJECT_DATA_XML_NAME>
<PROJECT_DATA_XML_NAME NAME="LOADER_OPTIONS">
<SAVE_STATE />
</PROJECT_DATA_XML_NAME>
<TOOL_MANAGER ACTIVE_WORKSPACE="Workspace">
<WORKSPACE NAME="Workspace" ACTIVE="true" />
</TOOL_MANAGER>
</PROJECT>

11
investigative_reversing_4/investigative_reversing_4.rep/user/00/00000000.prp Normal file
View File

@@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<FILE_INFO>
<BASIC_INFO>
<STATE NAME="CONTENT_TYPE" TYPE="string" VALUE="ProgramUserData" />
<STATE NAME="PARENT" TYPE="string" VALUE="/" />
<STATE NAME="FILE_ID" TYPE="string" VALUE="c0a8b2a0edb817347025857199" />
<STATE NAME="FILE_TYPE" TYPE="int" VALUE="0" />
<STATE NAME="READ_ONLY" TYPE="boolean" VALUE="false" />
<STATE NAME="NAME" TYPE="string" VALUE="udf_c0a8b2a0de2b9581681261000" />
</BASIC_INFO>
</FILE_INFO>

BIN
investigative_reversing_4/investigative_reversing_4.rep/user/00/~00000000.db/db.1.gbf Normal file
View File

Binary file not shown.

4
investigative_reversing_4/investigative_reversing_4.rep/user/~index.dat Normal file
View File

@@ -0,0 +1,4 @@
VERSION=1
/
NEXT-ID:0
MD5:d41d8cd98f00b204e9800998ecf8427e

2
investigative_reversing_4/investigative_reversing_4.rep/user/~journal.dat Normal file
View File

@@ -0,0 +1,2 @@
IADD:00000000:/udf_c0a8b2a0de2b9581681261000
IDSET:/udf_c0a8b2a0de2b9581681261000:c0a8b2a0edb817347025857199

4
investigative_reversing_4/investigative_reversing_4.rep/versioned/~index.bak Normal file
View File

@@ -0,0 +1,4 @@
VERSION=1
/
NEXT-ID:0
MD5:d41d8cd98f00b204e9800998ecf8427e

4
investigative_reversing_4/investigative_reversing_4.rep/versioned/~index.dat Normal file
View File

@@ -0,0 +1,4 @@
VERSION=1
/
NEXT-ID:0
MD5:d41d8cd98f00b204e9800998ecf8427e

BIN
investigative_reversing_4/mystery Executable file
View File

Binary file not shown.

26
investigative_reversing_4/sol.py Executable file
View File

@@ -0,0 +1,26 @@
#!/home/maxime/.pyvenv/bin/python3
for c in range(5, 0, -1):
with open("Item0" + str(c) + "_cp.bmp", 'rb') as f:
img = f.read()
leading_space = 2019
flag_size = 10
enc_size = flag_size * (8 + 4)
enc_buffer = img[leading_space:leading_space + enc_size]
flag_buffer = [''] * flag_size
for i in range(flag_size):
char = 0
enc_offset = i * (8 + 4)
for j in range(8):
char |= (enc_buffer[enc_offset+j] & 1) << j
flag_buffer[i] = chr(char)
print(''.join(flag_buffer), end='')
print()