sorok (misc)

This was a webpage that loads a wasm module that implements a flag checking routine. Felt like it belongs to re category.

I didn’t take any notes and the site is now down so I can’t replicate anything for this writeup. But hope to get the organizers to send me the challenge file.

It was based on xor encryption and here’s the solution script if anyone is interested.

from pwn import xor

key = bytes([90, 104, 94, 47, 178, 101, 158, 63,205,72,191,15,22,86,232,86,47,62,75,41,124,56,87,58,135,71,105,22,147,26,190,81])
expected = bytes([3, 7, 43, 15, 211, 23, 251, 31, 163, 39, 203, 47, 115, 55, 155, 63, 67, 71, 107, 79, 19, 87, 59, 95, 227, 103, 11, 111, 179, 119, 219, 127])
print(xor(key, expected))

# You are not easily fooled by me.
# 🚩 wgmy{487f7b22f68312d2c1bbc93b1aea445b}