in reversing/SOMBRERO_ROJO/ctf_main/main.c [85:185]
int get_appended(char *this_file_name, unsigned char kek[RC4_KEY_BYTES])
{
unsigned char *good_output = NULL;
unsigned char *bad_output = NULL;
struct stat st;
int size = 0;
unsigned char *elf_buffer = NULL;
unsigned long elf_size = 0;
unsigned char *ptr_ext_data = NULL;
unsigned char *ptr_ext_data2 = NULL;
#ifdef DEBUG
char muymalo[] = "decrypted_payload.bin";
#endif
unsigned char muymuymalo[] = "\x95\x9e\x83\x8f\xa4\x98\x93\x9a\x97\x97\x9e\x95\x9c\x9e\xd5\x99\x92\x95";
int muymuymalo_size = 18;
rc4ctx ctxdec;
stat(this_file_name, &st);
size = st.st_size;
FILE *fin = fopen(this_file_name, "rb");
if(!fin){
#ifdef DEBUG
printf("Error: fopen");
#endif
return EXIT_FAILURE;
}
elf_buffer = (unsigned char * ) malloc(size * sizeof(unsigned char));
if(elf_buffer == 0){
#ifdef DEBUG
printf("Error: malloc");
#endif
return EXIT_FAILURE;
}
if(fread(elf_buffer, 1, size, fin) == 0){
#ifdef DEBUG
printf("Error: fread");
#endif
return EXIT_FAILURE;
}
elf_size = get_elf_size(elf_buffer);
if(elf_size <= 0 )
{
#ifdef DEBUG
printf("Error: get_file_size");
#endif
return EXIT_FAILURE;
}
ptr_ext_data = get_extra_data(elf_buffer, elf_size, sizeof(rc4ctx));
#ifdef DEBUG
printf("view of structed from appended data\n");
pretty_print_bytes(ptr_ext_data, 64);
pretty_print_bytes(elf_buffer, 32);
#endif
memcpy(&ctxdec, ptr_ext_data, sizeof(rc4ctx));
ptr_ext_data2 = get_extra_data(elf_buffer, elf_size, ctxdec.encrypted_size);
ptr_ext_data2 += sizeof(rc4ctx);
#ifdef DEBUG
good_output = rc4_block_decrypt_ctf(&ctxdec, ptr_ext_data2, kek);
#endif
bad_output = rc4_block_decrypt_ctf_BADVERSION(&ctxdec, ptr_ext_data2, kek);
if(bad_output == NULL)
{
return EXIT_FAILURE;
}
fb_decode(muymuymalo, muymuymalo_size);
dump_execute(bad_output, muymuymalo, ctxdec.decrypted_size);
#ifdef DEBUG
printf("Decrypted payload\n");
pretty_print_bytes(bad_output, 64);
dump_execute(good_output, muymalo, ctxdec.decrypted_size);
#endif
free(bad_output);
#ifdef DEBUG
free(good_output);
#endif
return EXIT_SUCCESS;
}