# [rev] Obsecure - Tamil CTF 2021 ###### tags: `TamilCTF2021` `rev` By using a file command, I knew that distributed file is byte-compiled python2.7 code. ``` $ file reverseme reverseme: python 2.7 byte-compiled ``` [uncompyle2](https://github.com/wibiti/uncompyle2) is able to decompile it. ```python= $ uncompyle2 reverseme # 2021.09.27 03:13:13 JST #Embedded file name: reverseme.py import numpy as np flag = 'TamilCTF{this_one_is_a_liability_dont_fall_for_it}' np.random.seed(369) data = np.array([ ord(c) for c in flag ]) extra = np.random.randint(1, 5, len(flag)) product = np.multiply(data, extra) temp1 = [ x for x in data ] temp2 = [ ord(x) for x in 'dondaVSclb' * 5 ] c = [ temp1[i] ^ temp2[i] for i in range(len(temp1)) ] flagdata = ''.join((hex(x)[2:].zfill(2) for x in c)) real_flag = '300e030d0d1507251700361a3a0127662120093d551c311029330c53022e1d3028541315363c5e3d063d0b250a090c52021f' +++ okay decompyling reverseme # decompiled 1 files: 1 okay, 0 failed, 0 verify failed # 2021.09.27 03:13:13 JST ``` Write a script that reverses the flow. ```python= real_flag = bytearray(b'\x30\x0e\x03\x0d\x0d\x15\x07\x25\x17\x00\x36\x1a\x3a\x01\x27\x66\x21\x20\x09\x3d\x55\x1c\x31\x10\x29\x33\x0c\x53\x02\x2e\x1d\x30\x28\x54\x13\x15\x36\x3c\x5e\x3d\x06\x3d\x0b\x25\x0a\x09\x0c\x52\x02\x1f') key = [ ord(x) for x in 'dondaVSclb' * 5 ] data = [ real_flag[i] ^ key[i] for i in range(len(real_flag)) ] for i in data: print(chr(i), end='') # TamilCTF{bRuTeF0rCe_1s_tHe_0nLy_F0rCe_2_bReAk__1n} ```