'''

 warp (bin200) BKPctf

 Yeay another x64 binary ;] this time with anti-debug and stripped. there were functions with __contructor__ attribute
 which check if process is ptraced if so it bail out, we can get rid of it simply patching 0 to -1.
 before checking ptrace binary allocate some buffer via memalign and then mprotect to make it executable
 also get current time but which should be (after some transformation) used as a key later.

 next it proceed to main(), there it check if value of current time calculated before is `correct`:


.text:0000000000400FA0 check_time      proc near               ; CODE XREF: main+FFp
.text:0000000000400FA0
.text:0000000000400FA0 var_3           = byte ptr -3
.text:0000000000400FA0 var_2           = byte ptr -2
.text:0000000000400FA0 var_1           = byte ptr -1
.text:0000000000400FA0
.text:0000000000400FA0                 movzx   eax, byte ptr cs:jakies_sekundy+1
.text:0000000000400FA7                 movzx   ecx, byte ptr cs:jakies_sekundy+2
.text:0000000000400FAE                 imul    ecx, eax
.text:0000000000400FB1                 movzx   eax, byte ptr cs:jakies_sekundy+3
.text:0000000000400FB8                 add     ecx, eax
.text:0000000000400FBA                 sar     ecx, 1Fh
.text:0000000000400FBD                 shr     ecx, 18h
.text:0000000000400FC0                 mov     dl, cl
.text:0000000000400FC2                 mov     [rsp+var_1], dl
.text:0000000000400FC6                 movzx   eax, byte ptr cs:jakies_sekundy+1
.text:0000000000400FCD                 movzx   ecx, byte ptr cs:jakies_sekundy+2
.text:0000000000400FD4                 imul    ecx, eax
.text:0000000000400FD7                 movsx   eax, [rsp+var_1]
.text:0000000000400FDC                 mov     esi, eax
.text:0000000000400FDE                 add     esi, ecx
.text:0000000000400FE0                 movzx   ecx, byte ptr cs:jakies_sekundy+3
.text:0000000000400FE7                 add     esi, ecx
.text:0000000000400FE9                 sub     esi, eax
.text:0000000000400FEB                 mov     dl, sil
.text:0000000000400FEE                 movsx   eax, dl
.text:0000000000400FF1                 mov     ecx, eax
.text:0000000000400FF3                 sar     ecx, 1Fh
.text:0000000000400FF6                 shr     ecx, 18h
.text:0000000000400FF9                 mov     esi, eax
.text:0000000000400FFB                 add     esi, ecx
.text:0000000000400FFD                 and     esi, 0FFFFFF00h
.text:0000000000401003                 sub     eax, esi
.text:0000000000401005                 mov     dl, al
.text:0000000000401007                 mov     [rsp+var_2], dl
.text:000000000040100B                 movzx   eax, byte ptr jakies_sekundy+3
.text:0000000000401013                 movzx   ecx, byte ptr jakies_sekundy+2
.text:000000000040101B                 movzx   esi, byte ptr jakies_sekundy+1
.text:0000000000401023                 add     ecx, esi
.text:0000000000401025                 xor     eax, ecx
.text:0000000000401027                 movzx   ecx, byte ptr jakies_sekundy
.text:000000000040102F                 xor     eax, ecx
.text:0000000000401031                 mov     dl, al
.text:0000000000401033                 mov     [rsp+var_3], dl
.text:0000000000401037                 movsx   eax, [rsp+var_2]
.text:000000000040103C                 cmp     eax, 2Fh
.text:0000000000401041                 setz    dl
.text:0000000000401044                 and     dl, 1
.text:0000000000401047                 movzx   eax, dl
.text:000000000040104A                 movsx   ecx, [rsp+var_3]
.text:000000000040104F                 cmp     ecx, 5Bh
.text:0000000000401055                 setz    dl
.text:0000000000401058                 and     dl, 1
.text:000000000040105B                 movzx   ecx, dl
.text:000000000040105E                 and     eax, ecx
.text:0000000000401060                 retn
.text:0000000000401060 check_time      endp

  which more or less is equivalent to:
  var2 = (input[1] * input[2]) + input[3]
  var3 = (input[3] ^ (input[1] + input[2])) ^ input[0]

  there are many values that satisfy this condition so we precompute it;]

  after this check it proceed to decrypting some code
  aes128ofb.decrypt(code,sha1(input),iv)

  where iv is hardocded in binary

  so we rip of the code and decrypt it locally it turns out there is flag i plain sight
  our work is done. 200pts to DragonSector


  flag: ThE_TrUtH_Is_OuT_ThErE!
  --
  mak

'''
from Crypto.Cipher import AES
from hashlib import sha1
from struct import pack,unpack

code = [128, 142, 241, 78, 196, 8, 20, 164, 119, 162, 183, 66, 93, 75, 21, 246, 42, 226, 132, 239, 140, 213, 90, 252, 166, 126, 87, 27, 197, 62, 84, 24, 43, 53, 249, 44, 60, 87, 96, 76, 109, 243, 108, 206, 48, 193, 156, 249, 32, 39, 2, 223, 180, 154, 89, 201, 160, 228, 37, 22, 157, 55, 35, 67, 90, 40, 55, 255, 184, 215, 35, 193, 118, 10, 63, 139, 96, 124, 227, 34, 201, 40, 236, 220, 25, 213, 62, 67, 100, 87, 252, 100, 64, 143, 34, 34, 182, 95, 218, 96, 123, 2, 133, 32, 189, 138, 186, 11, 166, 243, 34, 38, 123, 78, 67, 102, 96, 108, 114, 192, 124, 19, 139, 7, 46, 128, 176, 227, 167, 121, 164, 19, 197, 7, 138, 236, 236, 10, 55, 204, 94, 125, 44, 26, 209, 66, 83, 150, 233, 163, 183, 126, 153, 74, 134, 115, 143, 92, 141, 128]
code_t = ''.join(map(chr,code))
def sha(x): return sha1(x).digest()

def aes(key):
    iv = pack('QQ',506097522914230528,1084818905618843912)
    ciph = AES.new(key[:0x10],AES.MODE_OFB,iv)
    return ciph.decrypt(code_t)


for l in open('/tmp/mak_log.txt').readlines():
    x = ''.join(map(lambda x: x.rjust(2,'0').decode('hex'),l.strip().split(' ')))
    key=sha(x)
    dec=aes(key)
    if unpack('I',dec[:4])[0] == 0x540A6EEB:
        print "success"
        print map(lambda x: chr(ord(x)),list(dec))
#x += 1