{"id":443,"date":"2019-11-30T06:37:39","date_gmt":"2019-11-29T21:37:39","guid":{"rendered":"http:\/\/ipwn.kr\/?p=443"},"modified":"2020-03-14T05:24:25","modified_gmt":"2020-03-13T20:24:25","slug":"santas-elf","status":"publish","type":"post","link":"http:\/\/ipwn.kr\/index.php\/2019\/11\/30\/santas-elf\/","title":{"rendered":"[\uace0\ub4f1\ud574\ucee4] santa&#8217;s elf"},"content":{"rendered":"<h1>[\uace0\ub4f1\ud574\ucee4] santa&#8217;s elf<\/h1>\n<hr>\n<p>\uc774 \ubb38\uc81c\ub294 \uc194\uc9c1\ud788 \ub9d0\ud558\uc790\uba74 \ubaa8\ub4e0 \ud300\uc774 \ud480 \uac70\ub77c\uace0 \uc608\uc0c1\ud558\uace0 \ub0b8 \ubb38\uc81c\uc600\uc9c0\ub9cc \uc5b4\uc9f8\uc11c\uc778\uc9c0 \uadf8\ub807\uc9c0 \uc54a\uc558\uc2b5\ub2c8\ub2e4 \u3160\u3160;<\/p>\n<p><a href=\"https:\/\/i.loli.net\/2019\/12\/01\/HUtYbcQDRg8yS2e.png\" title=\"description\"><img decoding=\"async\" src=\"https:\/\/i.loli.net\/2019\/12\/01\/HUtYbcQDRg8yS2e.png\" alt=\"description\" title=\"description\" \/><\/a><\/p>\n<p>\uc77c\ub2e8 \ubb38\uc81c\uc758 description\uacfc \ubb38\uc81c title\ub9cc \ubd10\ub3c4 elf\ub97c \ucc3e\ub294\uac8c \uc758\ub3c4\uc778 \uac83\uc744 \uc54c \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\uc8fc\uc5b4\uc9c4 \uc0ac\uc774\ud2b8\uc5d0 \uc811\uc18d\ud558\uba74 \uc0ac\uc9c4 \ud55c \uac1c\ub97c \uc90d\ub2c8\ub2e4.<\/p>\n<p><a href=\"https:\/\/i.loli.net\/2019\/12\/01\/FrGx2sfe7ybt6Ru.png\"><img decoding=\"async\" src=\"https:\/\/i.loli.net\/2019\/12\/01\/FrGx2sfe7ybt6Ru.png\" alt=\"\" \/><\/a><\/p>\n<p>\uc774\ub7f0 \uc0ac\uc9c4\uc778\ub370 \ub531 \ubcf4\uba74 \ud2f0\uac00 \ub098\uaca0\uc9c0\ub9cc \uadf8\ub0e5 \uc0b0\ud0c0 \uc0ac\uc9c4\uc5d0 \uc5d8\ud504 \uc0ac\uc9c4\uc744 pixabay\uc5d0\uc11c \ucc3e\uc740 \ub2e4\uc74c \uadf8\ub9bc\ud310\uc73c\ub85c \uac16\ub2e4 \ubd99\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\ud55c \ubc88 hxd\ub85c \uc5f4\uc5b4\ubd05\uc2dc\ub2e4.<\/p>\n<p><a href=\"https:\/\/i.loli.net\/2019\/12\/01\/PC13BIGLvupEyem.png\"><img decoding=\"async\" src=\"https:\/\/i.loli.net\/2019\/12\/01\/PC13BIGLvupEyem.png\" alt=\"\" \/><\/a><\/p>\n<p>\uc774\ub807\uac8c png\ud30c\uc77c\uc758 end\ubd80\ubd84 (<code>45 4E 44 AE 42 60 82<\/code>) \ub4a4\uc5d0 \uc774\uc0c1\ud55c \uac12\ub4e4\uc774 \ub4e4\uc5b4\uc788\ub294 \uac83\uc744 \uc54c \uc218 \uc788\ub294\ub370, \ubb38\uc81c \uc774\ub984\uacfc description\uc73c\ub85c \uc798 \uc0dd\uac01\ud574\ubcf4\uba74 \uc5b4\ub5a0\ud55c \ubc29\uc2dd\uc73c\ub85c \uc554\ud638\ud654\ub41c elf\ud30c\uc77c\uc784\uc744 \uc720\ucd94\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\uadf8\ub807\uac8c \ubc11\uc73c\ub85c \uc870\uae08 \ucb49 \ub0b4\ub824\ubcf4\uba74 \ubaa8\ub450 \ucc3e\uc73c\uc168\uc73c\ub9ac\ub77c \uc608\uc0c1\ub418\ub294 \ubb38\uc790\uc5f4 \ud558\ub098\uac00 \ub098\uc635\ub2c8\ub2e4.<\/p>\n<p><code>I_REALLY_WISH_YOU_HAVE_A_MERRY_CHRISTMAS.<\/code><\/p>\n<p>\ubc14\ub85c \uc774 \ubb38\uc790\uc5f4\uc778\ub370, \ud30c\uc77c \ub0b4\ubd80\uc5d0\uc11c \uc774 \ubb38\uc790\uc5f4\uc774 \uc644\uc131 \ub41c \uc0c1\ud0dc\ub85c \uacc4\uc18d \ubc18\ubcf5\ub3fc\uc11c \ub098\ud0c0\ub098\uae30 \ub54c\ubb38\uc5d0 \ud55c \uac00\uc9c0 \uc54c \uc218 \uc788\ub294 \uc810\uc774 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n<ol>\n<li>\uc704\uc758 \ubb38\uc790\uc5f4\uc774 <code>encryption key<\/code>\uc774\ub2e4.<\/p>\n<\/li>\n<li>\n<p><code>ELF<\/code> file\uc740 \ub0b4\ubd80\uc5d0 null padding\uc774 \uad49\uc7a5\ud788 \ub9ce\uc774 \uc874\uc7ac\ud558\uae30 \ub54c\ubb38\uc5d0 \ubb38\uc790\uc5f4\uc774 \ubc18\ubcf5\ub41c\ub2e4\ub294 \uc810\uc744 \uc0dd\uac01\ud574\ubcf4\uba74 \uc774 <code>ELF<\/code> file\uc740 xor\ub85c \uc554\ud638\ud654 \ub418\uc5b4\uc788\ub2e4.<\/p>\n<\/li>\n<\/ol>\n<p>\uadf8\ub7fc \uc774\uc81c \uc704 \ubb38\uc790\uc5f4\uc744 \uac16\uace0 \ub4a4\uc5d0 \uc774\uc5b4\ubd99\uc5ec\uc9c4 \uac12\ub4e4\ub9cc \uac00\uc838\uc640\uc11c xor\uc744 \ud574\uc8fc\uba74 \uc815\uc0c1\uc801\uc778 elf file\uc744 \ubc49\uc5b4\uc8fc\uace0 elf file \ub0b4\ubd80\uc5d0 string\uc744 \ud655\uc778\ud574\uc8fc\uba74 <code>flag<\/code>\uac00 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n<p><a href=\"https:\/\/i.loli.net\/2019\/12\/01\/8kNgbnMWISdXuBo.png\"><img decoding=\"async\" src=\"https:\/\/i.loli.net\/2019\/12\/01\/8kNgbnMWISdXuBo.png\" alt=\"\" \/><\/a><\/p>\n<p><code>\uc9e0~<\/code><\/p>\n<h2>solve.py<\/h2>\n<hr>\n<pre><code class=\"language-python line-numbers\">offset = 0x336227\nwith open('where_is_the_my_elf_T_T.png', 'rb') as f :\n    buf = f.read()\n\nenc = buf[offset:]\n\nwith open('enc', 'wb') as f :\n    f.write(enc)\n\nwith open('enc', 'rb') as f:\n    buf = f.read()\n\nkey = 'I_REALLY_WISH_YOU_HAVE_A_MERRY_CHRISTMAS.'\n\nelf = ''\n\nfor i in range(len(buf)) :\n    elf += chr(ord(key[i % len(key)]) ^ ord(buf[i]))\n\nwith open('flag', 'wb') as f:\n    f.write(elf)\n<\/code><\/pre>\n<p><code>FLAG : FLAG{All_I_w@nt_f0r_m3rry_chr1stm@s_1s_y0u..}<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[\uace0\ub4f1\ud574\ucee4] santa&#8217;s elf \uc774 \ubb38\uc81c\ub294 \uc194\uc9c1\ud788 \ub9d0\ud558\uc790\uba74 \ubaa8\ub4e0 \ud300\uc774 \ud480 \uac70\ub77c\uace0 \uc608\uc0c1\ud558\uace0 \ub0b8 \ubb38\uc81c\uc600\uc9c0\ub9cc \uc5b4\uc9f8\uc11c\uc778\uc9c0 \uadf8\ub807\uc9c0 \uc54a\uc558\uc2b5\ub2c8\ub2e4 \u3160\u3160; \uc77c\ub2e8 \ubb38\uc81c\uc758 description\uacfc \ubb38\uc81c title\ub9cc \ubd10\ub3c4 elf\ub97c \ucc3e\ub294\uac8c \uc758\ub3c4\uc778 \uac83\uc744 \uc54c \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc8fc\uc5b4\uc9c4 \uc0ac\uc774\ud2b8\uc5d0 \uc811\uc18d\ud558\uba74 \uc0ac\uc9c4 \ud55c \uac1c\ub97c \uc90d\ub2c8\ub2e4. \uc774\ub7f0 \uc0ac\uc9c4\uc778\ub370 \ub531 \ubcf4\uba74 \ud2f0\uac00 \ub098\uaca0\uc9c0\ub9cc \uadf8\ub0e5 \uc0b0\ud0c0 \uc0ac\uc9c4\uc5d0 \uc5d8\ud504 \uc0ac\uc9c4\uc744 pixabay\uc5d0\uc11c \ucc3e\uc740 \ub2e4\uc74c \uadf8\ub9bc\ud310\uc73c\ub85c \uac16\ub2e4 \ubd99\uc600\uc2b5\ub2c8\ub2e4&#8230;.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,11],"tags":[],"class_list":["post-443","post","type-post","status-publish","format-standard","hentry","category-etc","category-writep-up"],"_links":{"self":[{"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/posts\/443"}],"collection":[{"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/comments?post=443"}],"version-history":[{"count":10,"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/posts\/443\/revisions"}],"predecessor-version":[{"id":476,"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/posts\/443\/revisions\/476"}],"wp:attachment":[{"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/media?parent=443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/categories?post=443"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ipwn.kr\/index.php\/wp-json\/wp\/v2\/tags?post=443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}