ʕ·ᴥ·ʔ






Unpackme.py

03/15/2022

By: Jonawhogood

Tags: rev PicoCTF-2022

Problem Description:

Can you get the flag? Reverse engineer this Python program.


Opening the python file, you get:

import base64
from cryptography.fernet import Fernet



payload = b'gAAAAABiMD06eCisTWoohiYL5jHGdCte5LAviTFguZQSIyRLAWICJpmdrgxhdTB923h6eksddKpKH41I5-HGzI6xGF_7eb_1u0S2Phw2NvYGTF1KzE1-AU66FfIW6QXWnCpPHOS9CatNBuFXuyjEAx86Rld2E7GjvuKEOJJXx_GZE2JgAxnDmvcewoksfjVCCAwNqzixpUPKkIET2xmO4EsDqK4CUG8_JxP0HwSEzW4PH-hVpZrkyse4EodFPsjs7NVJF0hL1_8bP1TCiEEnFn7hCoTRRvlpYQ=='

key_str = 'correctstaplecorrectstaplecorrec'
key_base64 = base64.b64encode(key_str.encode())
f = Fernet(key_base64)
plain = f.decrypt(payload)
exec(plain.decode())

The plain is what is controlling all of the functions of the code, so you just need to add another line “print(plain.decode)” before exec(plain.decode()) to print out plain. The flag is then contained inside there.

Flag: picoCTF{175_chr157m45_cd82f94c}