Deobfuscating Python Code (PicoCTF 2022 #30 'bloat.py')
Vložit
- čas přidán 26. 04. 2022
- Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
I love how this challenge was easy to me just because of all your malware analysis vids
Brilliant move using a python instance to translate, new to CTFs but I’ll be trying that in the future for sure
replacing characters is so basic, this should not even count as "obfuscated" 😅
Ciphers are incredibly common in cryptography, it's just that they're usually combined with multiple other methods to further obfuscate the data.
NES games used bitshifting and XOR in their passwords, for example.
With a simple substitution cipher, to show the player the resulting data in a human-readable way. So, it could be written down, for later.
great content John, this challenges are really great to learn every time something new. When a new malware-analysis video will come out?
I love your content John you give me a new perspective on how to look at problems. Thank you.
Doesn't presume the viewer to be an idiot or a genius or fill the videos with fluff. It's hard to find anything like it. I learn more about python watching him dissect it in one video than anything else in several
Great content!!
You make it look so easy 👍
Dude, your face structure deserves some chops, no cap xD
Great content as always my dude
love the content
Too many great videos unleashed
🌷❤️ Great content
thanks for sharing
Internet security is so broad that what is easy for 1000 is difficult for 1 and vice versa
Thanks for sharing...
Sir… can we de-obfuscate python PyArmor
Btw there is more than just an xor happening in the decryption algorithm.
Lovely
Great
Niceeeeeeeeeee
Cool
Cant just one run the obfuscated python file?
What is the purpose of the save and finish commands?
It's in one of the first picoctf videos. There was some easy challenge and time left so he created 2 scripts in bash. I think the save script saves the flag in flag.txt, if I remember correct , and finish adds _COMPLETED to the the directory name so you know the challenge is completed. You don't need those scripts to finish a challenge, they are his own quality-of-life scripts. But you'll learn some scripting watching this video
This video looks like it will be scary to people that have never programmed but look absolutely easy for people with basic understanding
I was such a dumb guy, instead of python replacing all the strings what i did was print the index and value of that 'a' string and i manually found and replaced it.
Such a dumb way to do it.
someone got this for pyarmor?
👍
Ki dra file using coffee to paste and coming for you code minchin attend I know I see it for you this file work is very easy
First comment and like
bruh this isnt even obfuscation. I'd like to see you reverse a custom vm written in pure python
Bro i was scrolling through coments and didn't expect to find federal
A good video but your solution was way overkill. Could have just returned true in arg133() that had the obvious check in it.
Has Ed Sheeran changed his profession?
Music is just his side gig
But not view
Red flags
It seems to me, that approximately 99.999% of the Python Code i get or see looks like the obfuscated CTF-File.
And always this is just the pythonic way to do things.
With loads of comments like "// get np for xxx" because everyone knows that np means numpy, right?
Anyway.... i like Python as a Programming language... most programming styles of this language i strongly dislike.
Also: nice video
i'm no coder lol but i've deobfuscated worse stuff haha.
Haha Python -_-
It’s “how do they look” or “what do they look like.” Not “how do they look like.” That’s an English mistake that foreigners make, and that now native English speakers are starting to become corrupted by.