vient vient

## description.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                vient
                / description.md
            
            
              Last active
              July 1, 2021 13:19
            
          
    AVX2 Encoder

Intro

This is the write-up for the task "AVX2 Encoder" from TCTF (0CTF) Finals 2017.
Description

We are given the following files:
avx2_encoder.exe: PE32+ executable (console) x86-64, for MS Windows


## _enlightenment.txt
The idea is that in each task the key was checked character by character in the same way.
So we can make a pattern from assembly code and then extract all information with simple re.search()
The first task, Magic, was solved with angr though mainly because I didn't think about regexes in the first way.

There are two details that differ Enlightment from pevoius tasks (subtasks here):
1. All binaries were compiled with another options so all my regexes broke as well as angr solution.
   Regexes are easily adjustable, but you can't use these solutions to solve previous tasks anymore.
2. Only in this task keys are sometime reversed. I decided not to find in the binary whether it reverses key or not,
   instead I just tried to feed the key to the binary. If return code is not 0 then we need to reverse the key.

## matriochka4_ida_solve.py
from __future__ import print_function

from idautils import *
from idaapi import *
import hashlib


def step_forward(addr, n=1, checks=None):
    if checks:
        assert(n == len(checks))

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                vient
                / keybase.md
            
            
              Created
              August 12, 2016 13:29
            
          
    Keybase proof

I hereby claim:

I am vient on github.
I am vient (https://keybase.io/vient) on keybase.
I have a public key whose fingerprint is 01FE 8F8B 43C5 9702 2527  6198 EA67 BB0B 7A80 47FF

To claim this, I am signing this object:

  
## brute.py
def brute(s):
  q = string.ascii_letters + string.digits
  for a in q:
    for b in q:
      for c in q:
        print(a+b+c)
        for d in q:
          for e in q:
            for f in q:
              m = md5()
	The idea is that in each task the key was checked character by character in the same way.
	So we can make a pattern from assembly code and then extract all information with simple re.search()
	The first task, Magic, was solved with angr though mainly because I didn't think about regexes in the first way.

	There are two details that differ Enlightment from pevoius tasks (subtasks here):
	1. All binaries were compiled with another options so all my regexes broke as well as angr solution.
	Regexes are easily adjustable, but you can't use these solutions to solve previous tasks anymore.
	2. Only in this task keys are sometime reversed. I decided not to find in the binary whether it reverses key or not,
	instead I just tried to feed the key to the binary. If return code is not 0 then we need to reverse the key.
	from __future__ import print_function

	from idautils import *
	from idaapi import *
	import hashlib


	def step_forward(addr, n=1, checks=None):
	if checks:
	assert(n == len(checks))
	def brute(s):
	q = string.ascii_letters + string.digits
	for a in q:
	for b in q:
	for c in q:
	print(a+b+c)
	for d in q:
	for e in q:
	for f in q:
	m = md5()