Can you get the flag? Reverse engineer this Python program.
Category: Reverse Engineering
Since this is a reverse engineering problem, let’s start by looking at the code for this python program.
We can see a payload (seemingly encoded in base64), which will be decrypted using the
key_str variable, itself encoded in base64.
After this, the decoded payload will be executed, so presumably, the payload itself is a small program.
Trying to run
unpackme.flag.py confirms this theory:
Going back to the python program, what if I were to just print out the decoded payload instead of executing it?
Just as expected, the payload is a python script, and our flag is also there to grab.