Created
August 7, 2017 09:06
-
-
Save labeneator/4c374b1c4681554390192da142037fbf to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| obfuscated = map( lambda x: int(x, 16), "65 65 65 41 03 11 1c 15".split(" ")) | |
| original = map( lambda x: int(x, 16), "00 00 00 24 66 74 79 70".split(" ")) | |
| print obfuscated | |
| # [101, 101, 101, 65, 3, 17, 28, 21] | |
| print original | |
| # [0, 0, 0, 36, 102, 116, 121, 112] | |
| # Every place we have a 0 in the original, the obfuscated file has 101. Sounds suspicious... ;) | |
| # Let's xor every byte in the source with the equivalent in the destination | |
| for i, obs in enumerate(obfuscated): | |
| orig = original[i] | |
| print "%s -> %s : xor: %s" % (obs, orig, obs^orig) | |
| # Boom! Headshot! | |
| #101 -> 0 : xor: 101 | |
| #101 -> 0 : xor: 101 | |
| #101 -> 0 : xor: 101 | |
| #65 -> 36 : xor: 101 | |
| #3 -> 102 : xor: 101 | |
| #17 -> 116 : xor: 101 | |
| #28 -> 121 : xor: 101 | |
| #21 -> 112 : xor: 101 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment