Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
You can get challenge descriptions and downloadable files from Hilb3r7/synack-red-team-five-ctf.
It's a Pyinstaller binary.(I have used it once before, so I just knew it by checking the file.) Use https://github.com/extremecoders-re/pyinstxtractor to extract its source code archive in binary (by just running python pyinstxtractor.py ./backdoor or something), now many .pyc files are extracted. Find src.pyc and it's malformed as Python3.9, so https://github.com/rocky/python-uncompyle6/ denies to decompile. But challenge information says it's Python3.8, so I write helloworld python script and execute it with Python3.8. It yields Python3.8 .pyc file. Analyze it and find signature is \x55. Change src.pyc's signature from \x61 to \x55 and decompile by running uncompyle6 backdoor-src.38.pyc > backdoor-src.py
It's a Pyinstaller binary.(I have used it once before, so I just knew it by checking the file.) Use https://github.com/extremecoders-re/pyinstxtractor to extract its source code archive in binary (by just running python pyinstxtractor.py ./backdoor or something), now many .pyc files are extracted. Find src.pyc and it's malformed as Python3.9, so https://github.com/rocky/python-uncompyle6/ denies to decompile. But challenge information says it's Python3.8, so I write helloworld python script and execute it with Python3.8. It yields Python3.8 .pyc file. Analyze it and find signature is \x55. Change src.pyc's signature from \x61 to \x55 and decompile by running uncompyle6 backdoor-src.38.pyc > backdoor-src.py