{"id":11036,"date":"2018-01-08T14:20:06","date_gmt":"2018-01-08T22:20:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/01\/08\/news-4807\/"},"modified":"2018-01-08T14:20:06","modified_gmt":"2018-01-08T22:20:06","slug":"news-4807","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/01\/08\/news-4807\/","title":{"rendered":"Happy New Year 2018 &#8211; Challenge Solution"},"content":{"rendered":"<p><strong>Credit to Author: SSD \/ Noam Rathaus| Date: Mon, 08 Jan 2018 06:15:57 +0000<\/strong><\/p>\n<div class=\"entry-content\">\n<p><strong>Want to get paid for a vulnerability similar to this one?<\/strong><br \/>Contact us at: <a href=\"mailto:sxsxd@bxexyxoxnxdxsxexcxuxrxixtxy.com\" onmouseover=\"this.href=this.href.replace(\/x\/g,'');\" id=\"a-href-3624\">sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom<\/a><br \/><script>var obj = jQuery('#a-href-3624');if(obj[0]) { obj[0].innerText = obj[0].innerText.replace(\/x\/g, ''); }<\/script> See our full scope at: <a href=\"https:\/\/blogs.securiteam.com\/index.php\/product_scope\">https:\/\/blogs.securiteam.com\/index.php\/product_scope<\/a><\/p>\n<div class=\"pf-content\">\n<p>In our post found here: <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3616\">https:\/\/blogs.securiteam.com\/index.php\/archives\/3616<\/a>, we hid a challenge.<\/p>\n<p>The challenge was split into two parts:<br \/> 1. Finding it<br \/> 2. Solving it<\/p>\n<p>Finding it wasn&#8217;t very hard, the challenge was hidden inside the image, it wasn&#8217;t anything fancy, just inside the image you had a zip file appended to the end of the file:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee953324a838322348\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> wget https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2018\/01\/2018_2.jpg  &#8211;2018-01-04 07:XX:XX&#8211;  https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2018\/01\/2018_2.jpg  Resolving blogs.securiteam.com&#8230; 104.196.190.188  Connecting to blogs.securiteam.com|104.196.190.188|:443&#8230; connected.  HTTP request sent, awaiting response&#8230; 200 OK  Length: 84283 (82K) [image\/jpeg]  Saving to: \u20182018_2.jpg\u2019    2018_2.jpg 100%[=================================================&gt;]  82.31K   321KB\/s    in 0.3s        2018-01-04 07:XX:XX (321 KB\/s) &#8211; \u20182018_2.jpg\u2019 saved [84283\/84283]<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">  \t\t\t\t  \t\t\t<\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0021 seconds] -->  <\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee9533258036792799\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> $ xxd 2018_2.jpg | tail  000148a0: 0000 e817 0000 0900 1800 0000 0000 0000  &#8230;&#8230;&#8230;&#8230;&#8230;.  000148b0: 0000 fd81 0000 0000 6368 616c 6c65 6e67  &#8230;&#8230;..challeng  000148c0: 6555 5405 0003 b50b 495a 7578 0b00 0104  eUT&#8230;..IZux&#8230;.  000148d0: e803 0000 04e8 0300 0050 4b01 021e 0314  &#8230;&#8230;&#8230;PK&#8230;..  000148e0: 0000 0008 009b 9021 4c14 3bc1 9d86 0000  &#8230;&#8230;.!L.;&#8230;..  000148f0: 009c 0000 0006 0018 0000 0000 0001 0000  &#8230;&#8230;&#8230;&#8230;&#8230;.  00014900: 00b4 817b 0900 0052 4541 444d 4555 5405  &#8230;{&#8230;READMEUT.  00014910: 0003 265c 4a5a 7578 0b00 0104 e803 0000  ..&amp;JZux&#8230;&#8230;..  00014920: 04e8 0300 0050 4b05 0600 0000 0002 0002  &#8230;..PK&#8230;&#8230;&#8230;  00014930: 009b 0000 0041 0a00 0000 00              &#8230;..A&#8230;..<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533258036792799-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533258036792799-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533258036792799-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533258036792799-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533258036792799-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533258036792799-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533258036792799-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533258036792799-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533258036792799-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533258036792799-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533258036792799-11\">11<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533258036792799-1\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">xxd<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2018_2.jpg<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">|<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">tail<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533258036792799-2\"><span class=\"crayon-cn\">000148a0<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">e817<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0900<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1800<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533258036792799-3\"><span class=\"crayon-cn\">000148b0<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">fd81<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6368<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">616c<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6c65<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6e67<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-i\">challeng<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533258036792799-4\"><span class=\"crayon-cn\">000148c0<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6555<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">5405<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0003<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">b50b<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">495a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">7578<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0b00<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0104<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">eUT<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">IZux<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533258036792799-5\"><span class=\"crayon-cn\">000148d0<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">e803<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">04e8<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0300<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0050<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4b01<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">021e<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0314<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">PK<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533258036792799-6\"><span class=\"crayon-cn\">000148e0<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0008<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">009b<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">9021<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4c14<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">3bc1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">9d86<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-o\">!<\/span><span class=\"crayon-v\">L<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533258036792799-7\"><span class=\"crayon-cn\">000148f0<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">009c<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0006<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0018<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0001<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533258036792799-8\"><span class=\"crayon-cn\">00014900<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">00b4<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">817b<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0900<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0052<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4541<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">444d<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4555<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">5405<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">READMEUT<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533258036792799-9\"><span class=\"crayon-cn\">00014910<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0003<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">265c<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4a5a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">7578<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0b00<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0104<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">e803<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-sy\"><\/span><span class=\"crayon-v\">JZux<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533258036792799-10\"><span class=\"crayon-cn\">00014920<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">04e8<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0300<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0050<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4b05<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0600<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0002<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0002<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">PK<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533258036792799-11\"><span class=\"crayon-cn\">00014930<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">009b<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0041<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0a00<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0000<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">00<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0039 seconds] -->  <\/p>\n<p>If you binwalk inspect the file you will see:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee953325e920518293\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> $ binwalk 2018_2.jpg     DECIMAL       HEXADECIMAL     DESCRIPTION  &#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8211;  0             0x0             JPEG image data, JFIF standard 1.01  81481         0x13E49         Zip archive data, at least v2.0 to extract, compressed size: 2360, uncompressed size: 6120, name: challenge  83908         0x147C4         Zip archive data, at least v2.0 to extract, compressed size: 134, uncompressed size: 156, name: README  84261         0x14925         End of Zip archive<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953325e920518293-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953325e920518293-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953325e920518293-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953325e920518293-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953325e920518293-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953325e920518293-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953325e920518293-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953325e920518293-8\">8<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee953325e920518293-1\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">binwalk<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2018_2.jpg<\/span><span class=\"crayon-h\"> <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953325e920518293-2\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953325e920518293-3\"><span class=\"crayon-e\">DECIMAL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-e\">HEXADECIMAL&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-v\">DESCRIPTION<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953325e920518293-4\"><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><span class=\"crayon-o\">&#8212;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953325e920518293-5\"><span class=\"crayon-cn\">0<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">0x0<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-e\">JPEG <\/span><span class=\"crayon-e\">image <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">JFIF <\/span><span class=\"crayon-i\">standard<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1.01<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953325e920518293-6\"><span class=\"crayon-cn\">81481<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">0x13E49<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-e\">Zip <\/span><span class=\"crayon-e\">archive <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">at <\/span><span class=\"crayon-e\">least <\/span><span class=\"crayon-v\">v2<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-st\">to<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">extract<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">compressed <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2360<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">uncompressed <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6120<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">challenge<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953325e920518293-7\"><span class=\"crayon-cn\">83908<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">0x147C4<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-e\">Zip <\/span><span class=\"crayon-e\">archive <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">at <\/span><span class=\"crayon-e\">least <\/span><span class=\"crayon-v\">v2<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-st\">to<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">extract<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">compressed <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">134<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">uncompressed <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">156<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">README<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953325e920518293-8\"><span class=\"crayon-cn\">84261<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">0x14925<\/span><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span class=\"crayon-st\">End<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">of <\/span><span class=\"crayon-e\">Zip <\/span><span class=\"crayon-v\">archive<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0019 seconds] -->  <\/p>\n<p>This looks really promising now, a ZIP file has been appended to the image, and binwalk tells us it&#8217;s located at offset 81481. We can use dd to get the archive.<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee9533263770199474\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> $ dd if=2018_2.jpg of=challenge.zip bs=1 skip=81481  2802+0 records in  2802+0 records out  2802 bytes (2.8 kB, 2.7 KiB) copied, 0.00661634 s, 423 kB\/s<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533263770199474-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533263770199474-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533263770199474-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533263770199474-4\">4<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533263770199474-1\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">dd <\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">2018_2.jpg<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">of<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">challenge<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">zip <\/span><span class=\"crayon-v\">bs<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">skip<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">81481<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533263770199474-2\"><span class=\"crayon-cn\">2802<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">records <\/span><span class=\"crayon-st\">in<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533263770199474-3\"><span class=\"crayon-cn\">2802<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">records <\/span><span class=\"crayon-i\">out<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533263770199474-4\"><span class=\"crayon-cn\">2802<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">bytes<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">2.8<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">kB<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2.7<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">KiB<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">copied<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0.00661634<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">s<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">423<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">kB<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">s<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0009 seconds] -->  <\/p>\n<p>Binwalk also tells us, there are two files inside the archive (challenge and README). Use unzip to get them.<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee9533268516626241\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> $ unzip challenge.zip   Archive:  challenge.zip    inflating: challenge                   inflating: README<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533268516626241-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533268516626241-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533268516626241-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533268516626241-4\">4<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533268516626241-1\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">unzip <\/span><span class=\"crayon-v\">challenge<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">zip <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533268516626241-2\"><span class=\"crayon-v\">Archive<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">challenge<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">zip<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533268516626241-3\"><span class=\"crayon-e\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">inflating<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">challenge&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533268516626241-4\"><span class=\"crayon-e\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">inflating<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">README<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0004 seconds] -->  <\/p>\n<p>(NOTE: If you downloaded the file to a Linux machine (though other machines may have also worked), and just unziped it you got two files:<br \/> 1. README<br \/> 2. challenge<\/p>\n<p>There was no need to use <em>dd<\/em>)<\/p>\n<p>The readme was pretty simple, just instructed you to make the <em>challenge<\/em> ELF binary file spit out text:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee953326c468768420\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> Make &#8216;challenge&#8217; output the following text (without a new line):    Happy New Year! From Beyond Security SSD :)    First correct submission will get 1,000$ USD!<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953326c468768420-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953326c468768420-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953326c468768420-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953326c468768420-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953326c468768420-5\">5<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee953326c468768420-1\"><span class=\"crayon-i\">Make<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;challenge&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">output <\/span><span class=\"crayon-e\">the <\/span><span class=\"crayon-e\">following <\/span><span class=\"crayon-e\">text<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-i\">without<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">a<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-r\">new<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">line<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953326c468768420-2\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953326c468768420-3\"><span class=\"crayon-e\">Happy <\/span><span class=\"crayon-r\">New<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Year<\/span><span class=\"crayon-o\">!<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">From <\/span><span class=\"crayon-e\">Beyond <\/span><span class=\"crayon-e\">Security <\/span><span class=\"crayon-v\">SSD<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953326c468768420-4\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953326c468768420-5\"><span class=\"crayon-e\">First <\/span><span class=\"crayon-e\">correct <\/span><span class=\"crayon-e\">submission <\/span><span class=\"crayon-e\">will <\/span><span class=\"crayon-i\">get<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-cn\">000<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">USD<\/span><span class=\"crayon-o\">!<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0007 seconds] -->  <\/p>\n<p>From this point the solution varied, our first solver reversed engineered the file and discovered what it does, which basically breaks down to:<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee9533271455452946\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> int main(int argc, char **argv, char **envp)  {    int ret;    char filename[9];    char key[13];      strcpy(filename, &#8220;eapfxlya&#8221;);    strcpy(key, &#8220;xFFx6Bx28x66xD6x35xDAx01x4Dx64x47xA3&#8221;);    ret = challenge(filename, key);    return ret;  }    int keyhash(const char *key)  {    int ret;    unsigned int i;      ret = 0;    for ( i = 0; i &lt; strlen(key); ++i )      ret = _rotl(key[i] ^ ret, 7);    return ret;  }    int decode(unsigned int *key, char *out, unsigned int size)  {    int result;    int i;      for ( i = 0; ; ++i )    {      result = i;      if ( i &gt;= size )        break;      *key *= 0x8088405;      out[i] ^= ++*key &gt;&gt; 24;    }    return result;  }    int challenge(const char *filename, char *key)  {    int result;    int seed;    unsigned int n;    FILE *fp;    char *ptr;      fp = fopen(filename, &#8220;rb&#8221;);    if ( fp )    {      n = 1;      seed = keyhash(key);      while ( n )      {        ptr = (char *)malloc(0x200uLL);        n = fread(ptr, 1uLL, 0x200uLL, fp);        decode(&amp;seed, ptr, n);        write(1, ptr, n);      }      fclose(fp);      putchar(&#8216;n&#8217;);      result = 1;    }    else    {      puts(&#8220;file does not exist!&#8221;);      result = 0;    }    return result;  }<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-18\">18<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-19\">19<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-20\">20<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-21\">21<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-22\">22<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-23\">23<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-24\">24<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-25\">25<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-26\">26<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-27\">27<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-28\">28<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-29\">29<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-30\">30<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-31\">31<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-32\">32<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-33\">33<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-34\">34<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-35\">35<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-36\">36<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-37\">37<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-38\">38<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-39\">39<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-40\">40<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-41\">41<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-42\">42<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-43\">43<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-44\">44<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-45\">45<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-46\">46<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-47\">47<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-48\">48<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-49\">49<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-50\">50<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-51\">51<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-52\">52<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-53\">53<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-54\">54<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-55\">55<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-56\">56<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-57\">57<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-58\">58<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-59\">59<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-60\">60<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-61\">61<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-62\">62<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-63\">63<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-64\">64<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-65\">65<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-66\">66<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-67\">67<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-68\">68<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533271455452946-69\">69<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533271455452946-70\">70<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-1\"><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">main<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">argc<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">argv<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">envp<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-2\"><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-3\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-4\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">filename<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-cn\">9<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-5\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-cn\">13<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-6\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-7\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-e\">strcpy<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">filename<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;eapfxlya&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-8\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-e\">strcpy<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;xFFx6Bx28x66xD6x35xDAx01x4Dx64x47xA3&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-9\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">challenge<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">filename<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-10\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-11\"><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-12\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-13\"><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">keyhash<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-m\">const<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-14\"><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-15\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-16\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">unsigned<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-17\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-18\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-19\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">for<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&lt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">strlen<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">++<\/span><span class=\"crayon-i\">i<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-20\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">_rotl<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">^<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">7<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-21\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ret<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-22\"><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-23\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-24\"><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">decode<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-t\">unsigned<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">out<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">unsigned<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">size<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-25\"><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-26\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-27\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-28\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-29\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">for<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">++<\/span><span class=\"crayon-i\">i<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-30\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-31\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-32\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">size<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-33\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">break<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-34\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-e\">key *<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0x8088405<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-35\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">out<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-v\">i<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">^=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">++<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">24<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-36\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-37\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-38\"><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-39\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-40\"><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">challenge<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-m\">const<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">filename<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-41\"><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-42\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-43\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">seed<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-44\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">unsigned<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">int<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">n<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-45\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-e\">FILE *<\/span><span class=\"crayon-v\">fp<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-46\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-v\">ptr<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-47\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-48\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-v\">fp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">fopen<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">filename<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;rb&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-49\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">fp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-50\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-51\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">n<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-52\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">seed<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">keyhash<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">key<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-53\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">while<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">n<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-54\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-55\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">ptr<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-t\">char<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-e\">malloc<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">0x200uLL<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-56\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">n<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">fread<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">ptr<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1uLL<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0x200uLL<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">fp<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-57\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">decode<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-o\">&amp;<\/span><span class=\"crayon-v\">seed<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ptr<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">n<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-58\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">write<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">ptr<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">n<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-59\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-60\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">fclose<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">fp<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-61\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">putchar<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8216;n&#8217;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-62\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-63\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-64\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">else<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-65\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-66\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">puts<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;file does not exist!&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-67\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-68\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533271455452946-69\"><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533271455452946-70\"><span class=\"crayon-sy\">}<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0064 seconds] -->  <\/p>\n<p>The program executes the following actions:<\/p>\n<ul>\n<li>Open an encrypted file named &#8220;eapfxlya&#8221; (this can be confirmed with strace)<\/li>\n<li>Generate a 32-bit key based on &#8220;xFFx6Bx28x66xD6x35xDAx01x4Dx64x47xA3&#8221; (see function keyhash)<\/li>\n<li>Read the contents of the opened file<\/li>\n<li>Decode it with XOR\/ADD\/MUL\/SHR tricks (see function decode)<\/li>\n<\/ul>\n<p>The keyhash function is pretty straight-forward so let&#8217;s have a closer look at the decode function. It&#8217;s purpose is to generate a sequence of 32-bit numbers based on a linear congruential generator (aka *predictive* pseudo number generator) which takes a precomputed hash for seed. Each number of this sequence is then shifted right and used as a 8-bit xor-mask on every byte in the file stream. In conclusion, this program can be used to decode and encode any file in a symmetric way. So let&#8217;s use the happy new year string &#8220;Happy New Year! From Beyond Security SSD :)&#8221; and feed it into the reversed program.<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee9533278489444927\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> $ echo -ne &#8220;Happy New Year! From Beyond Security SSD :)&#8221; &gt; eapfxlya  $ .\/challenge &gt; tmp  $ dd if=tmp of=eapfxlya bs=43 count=1 # don&#8217;t forget, it&#8217;s without a new line  $ .\/challenge   Happy New Year! From Beyond Security SSD :)<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533278489444927-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533278489444927-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533278489444927-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee9533278489444927-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee9533278489444927-5\">5<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533278489444927-1\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">echo<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-i\">ne<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;Happy New Year! From Beyond Security SSD :)&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">eapfxlya<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533278489444927-2\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">challenge<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">tmp<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533278489444927-3\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">dd <\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">tmp <\/span><span class=\"crayon-v\">of<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">eapfxlya <\/span><span class=\"crayon-v\">bs<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">43<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">count<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-p\"># don&#8217;t forget, it&#8217;s without a new line<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee9533278489444927-4\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-e\">challenge <\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee9533278489444927-5\"><span class=\"crayon-e\">Happy <\/span><span class=\"crayon-r\">New<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">Year<\/span><span class=\"crayon-o\">!<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">From <\/span><span class=\"crayon-e\">Beyond <\/span><span class=\"crayon-e\">Security <\/span><span class=\"crayon-v\">SSD<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0015 seconds] -->  <\/p>\n<p>Congratulations to: <strong>Alexandre<\/strong> for solving the challenge first (within 2 hours of posting it online).<\/p>\n<p>A few other solutions we received included a brute forcing code (a cool one from Tukan):<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-5a53ee953327d351880505\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> root@ubuntu-512mb-ams2-01:~# cat solver.py  import sys    def reversit(inp, checksum=0xf5f6103f):      out = &#8221;      for c in inp:          checksum *= 0x08088405          checksum &amp;= 2**32-1          checksum += 1          outc = ord(c) ^ ((checksum) &gt;&gt; 24)          out += chr(outc)        return out    winner = reversit(&#8216;Happy New Year! From Beyond Security SSD :)&#8217; + &#8216;x1b&#8217; + &#8216;P&#8217;)  sys.stdout.write(winner)  root@ubuntu-512mb-ams2-01:~# python solver.py &gt; eapfxlya  root@ubuntu-512mb-ams2-01:~# .\/challenge<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-5a53ee953327d351880505-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-5a53ee953327d351880505-18\">18<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-1\"><span class=\"crayon-v\">root<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">ubuntu<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">512mb<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">ams2<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-p\"># cat solver.py<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-2\"><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">sys<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-3\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-4\"><span class=\"crayon-e\">def <\/span><span class=\"crayon-e\">reversit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">inp<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">checksum<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-cn\">0xf5f6103f<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-5\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">out<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-6\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">for<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">c<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-st\">in<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">inp<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-7\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">checksum *<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0x08088405<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-8\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">checksum<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-o\">*<\/span><span class=\"crayon-cn\">32<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-9\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">checksum<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">1<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-10\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">outc<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">ord<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">c<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">^<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">checksum<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">24<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-11\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">out<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">chr<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">outc<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-12\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-13\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">return<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">out<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-14\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-15\"><span class=\"crayon-v\">winner<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">reversit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8216;Happy New Year! From Beyond Security SSD :)&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;x1b&#8217;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8216;P&#8217;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-16\"><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">stdout<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">write<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">winner<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-5a53ee953327d351880505-17\"><span class=\"crayon-v\">root<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">ubuntu<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">512mb<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">ams2<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-p\"># python solver.py &gt; eapfxlya<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-5a53ee953327d351880505-18\"><span class=\"crayon-v\">root<\/span><span class=\"crayon-sy\">@<\/span><span class=\"crayon-v\">ubuntu<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">512mb<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">ams2<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-cn\">01<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-o\">~<\/span><span class=\"crayon-p\"># .\/challenge<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0035 seconds] -->  <\/p>\n<div class=\"printfriendly pf-alignleft\"><a href=\"#\" rel=\"nofollow\" onclick=\"window.print(); return false;\" class=\"noslimstat\" title=\"Printer Friendly, PDF &#038; Email\"><img decoding=\"async\" style=\"border:none;-webkit-box-shadow:none; box-shadow:none;\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\" alt=\"Print Friendly, PDF &#038; Email\" \/><\/a><\/div>\n<\/div><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3624\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\"\/><\/p>\n<p><strong>Credit to Author: SSD \/ Noam Rathaus| Date: Mon, 08 Jan 2018 06:15:57 +0000<\/strong><\/p>\n<p>In our post found here: https:\/\/blogs.securiteam.com\/index.php\/archives\/3616, we hid a challenge. The challenge was split into two parts: 1. Finding it 2. Solving it Finding it wasn&#8217;t very hard, the challenge was hidden inside the image, it wasn&#8217;t anything fancy, just inside the image you had a zip file appended to the end of the file: &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3624\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Happy New Year 2018 &#8211; Challenge Solution<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[10757],"class_list":["post-11036","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-securiteam-secure-disclosure"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11036","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11036"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11036\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11036"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11036"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11036"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}