[Python 3] Obfuscation Challenge
#1
Today for you all I have a Python 3 obfuscation challenge. Your objective is to deobfuscate this mess and find the flag. Whoever DMs me the flag and their writeup about how they found it first is top brain. After a few days I will release the code used to generate this challenge as well as the winner / writeup I get DM'd. There are a lot of Python obfuscation tools out there but I wanted to make my own for learning. I hope that this frustrates at least some of you. In future challenges I hope to offer some monetary reward but cannot right now.

Obviously this code is obfuscated and you should not trust me so do run it in a sandbox (I believe I'm following forum rules, there is nothing malicious in here, but maybe figure it out first?). I'm hoping to release the code that I wrote for generating this mess at some point after the challenge. My goal for this are to learn how people think when approaching obfuscated code like this. Looking forward to your writeups if you decide to take the time to look at this.

Code:
python3 -c "omoebxxywoxlhggkfhlhdcknydhvauzcesvqurai = ['H','4','s','I','A','B','E','b','6','V','4','C','/','7','V','U','W','2','+','r','R','h','h','8','N','r','8','C','W','a','p','k','K','6','c','O','N','r','E','T','p','3','U','l','L','s','v','F','N','s','Y','s','X','m','5','R','W','g','F','e','L','g','a','D','C','z','h','g','q','v','P','f','D','0','n','P','U','Z','X','E','a','p','/','6','+','s','3','O','N','7','O','7','m','i','H','i','4','y','k','v','K','r','K','8','l','F','9','I','z','y','3','x','7','O','4','L','m','Z','f','E','H','g','f','k','h','v','N','f','L','p','4','V','e','8','i','R','j','i','Z','6','K','W','A','G','m','H','g','v','S','0','2','N','0','G','k','Q','q','j','5','j','B','x','s','l','j','q','y','X','y','N','L','/','7','B','a','k','k','Y','A','3','o','c','0','F','a','w','C','S','4','S','P','R','+','3','S','G','X','J','B','p','X','F','a','f','y','U','O','i','9','4','7','9','4','+','D','7','l','U','S','v','j','u','I','U','k','y','n','O','P','i','D','k','r','2','/','D','z','3','s','7','F','7','0','g','L','0','i','P','j','L','P','3','B','l','+','R','9','6','I','j','9','3','T','C','2','X','7','g','D','V','+','h','O','L','i','m','s','1','j','8','i','1','C','v','5','x','X','Y','T','Y','h','e','2','/','l','/','e','i','b','+','U','S','7','c','L','M','S','D','6','8','w','3','q','t','8','x','8','m','L','/','G','X','7','y','n','o','f','k','7','2','/','Y','O','y','t','P','H','v','n','T','F','Y','P','P','r','9','7','b','H','z','f','x','o','2','L','g','D','7','t','R','g','a','t','z','k','Z','H','9','/','u','i','Q','x','9','m','g','H','R','L','E','t','c','/','p','H','x','p','x','j','W','E','i','W','f','K','B','F','x','h','W','1','i','G','1','U','7','U','a','S','4','7','o','n','J','e','0','w','I','Q','W','r','O','0','E','1','G','g','i','Z','p','q','k','4','Y','j','Z','l','S','n','C','1','j','x','j','4','M','l','a','g','7','L','x','g','M','M','g','D','t','T','2','G','W','X','g','s','q','S','4','B','u','1','2','y','/','H','O','f','A','h','b','9','/','b','O','c','v','O','0','3','c','4','d','t','G','W','n','9','F','a','Z','T','7','x','8','T','s','N','2','K','q','H','Z','k','n','L','U','K','Y','8','i','6','u','h','7','q','R','m','I','p','4','P','V','N','o','m','1','F','e','A','G','o','v','H','K','m','w','N','8','z','9','J','C','Y','L','D','G','D','U','K','M','p','F','1','U','f','i','z','6','/','J','I','T','o','G','b','u','b','S','F','l','A','x','u','q','V','c','q','t','S','o','W','3','d','g','8','6','c','7','R','D','E','J','V','j','3','w','m','P','p','m','k','c','x','L','M','C','V','W','u','+','0','1','D','F','y','W','s','7','c','o','3','K','4','F','Y','2','3','N','z','W','L','S','p','r','j','X','V','Y','Q','0','7','S','M','Q','/','l','S','D','e','o','V','I','d','L','T','R','K','S','i','5','a','C','y','M','i','r','k','F','s','D','Z','r','3','J','G','3','V','n','c','2','z','J','U','q','p','o','N','A','J','N','A','d','S','U','A','B','3','n','B','p','T','G','z','B','Y','m','1','M','p','r','K','D','N','3','W','j','F','w','G','C','N','T','G','G','G','l','c','P','I','u','r','4','E','T','Q','Q','0','+','j','B','X','K','5','3','V','N','S','H','j','p','u','9','d','Z','m','Z','j','3','+','w','Y','8','A','F','4','K','/','c','x','q','y','l','S','L','n','H','G','g','l','h','O','G','v','8','s','8','d','a','P','Z','R','h','p','Z','x','h','L','g','G','3','g','E','B','y','M','1','a','y','O','T','x','v','s','m','A','L','m','m','O','T','I','y','u','D','n','L','s','P','t','G','u','q','A','G','U','h','r','D','m','H','W','9','d','t','I','E','Y','5','9','j','a','5','S','u','B','a','c','W','b','/','O','w','e','9','f','Q','O','g','s','1','y','z','D','a','F','s','2','N','7','e','Q','B','y','T','T','F','i','8','L','S','0','C','J','Z','Y','4','G','m','u','2','Z','a','g','4','0','v','8','o','p','M','K','f','1','f','P','k','a','z','j','y','j','f','F','S','/','t','n','p','a','V','+','H','z','U','p','8','W','s','s','q','A','G','o','D','W','v','t','m','6','Y','e','U','J','N','r','W','t','f','a','8','I','b','5','4','4','/','S','i','e','n','u','i','h','n','D','2','N','h','W','q','3','u','1','/','W','U','9','v','x','q','6','k','5','m','+','j','1','3','Y','2','9','T','T','5','3','A','1','c','7','z','g','+','n','Z','n','H','k','b','a','X','q','7','m','i','k','t','U','2','V','p','b','f','M','X','q','N','e','F','X','j','L','0','L','S','f','z','I','K','T','d','O','l','8','s','+','g','T','R','5','b','O','r','r','d','E','L','L','s','o','4','z','/','6','I','s','y','B','/','o','p','7','J','3','x','Y','k','3','Q','U','K','N','9','g','f','9','P','/','6','2','h','9','1','G','T','y','6','1','e','A','/','6','u','z','v','8','h','t','5','s','7','s','9','9','v','M','9','v','h','L','E','x','8','e','f','x','8','/','D','0','X','d','8','+','L','H','v','u','p','j','h','t','M','T','/','p','/','Y','V','y','W','+','P','/','q','j','b','w','g','U','A','A','A','=','='];import gzip,base64;exec(gzip.decompress(base64.b64decode(''.join(omoebxxywoxlhggkfhlhdcknydhvauzcesvqurai))).decode())"

Be a good sport and do not post spoilers until the challenge is over  Cool
Reply
#2
flag{e7ca6318-fc2d-4a43-8f27-cb7ce4c69381}

Unfortunately, I've yet to come across any decent (non-proprietary) python obfuscation. Most of them are in this style of using encoding and execs, but by literally changing one keyword of the script every time you encounter it, you can usually get by in a couple minutes at most (depending on how many iterations of encoding there are.)
Reply
#3
(06-16-2020, 09:16 PM)poppopret Wrote: flag{e7ca6318-fc2d-4a43-8f27-cb7ce4c69381}

Unfortunately, I've yet to come across any decent (non-proprietary) python obfuscation. Most of them are in this style of using encoding and execs, but by literally changing one keyword of the script every time you encounter it, you can usually get by in a couple minutes at most (depending on how many iterations of encoding there are.)
 
Yeah, I mean I can start to see the logic behind it at first glance. I haven't tried it yet. But it does help when you're going up against programs instead of people.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Python Ebook Collection [89 Files] Insider 14 25,705 01-18-2019, 04:27 PM
Last Post: Insider
  how to code TCP in python? QMark 10 8,482 09-24-2018, 03:40 PM
Last Post: ekultek
  my plan to learn python programming for hacking, networking, and web dev QMark 6 8,035 02-22-2018, 09:26 PM
Last Post: QMark
  [Help] Python Scraper (xpath) enmafia2 7 7,212 02-17-2018, 09:39 AM
Last Post: enmafia2