Challenge 3

Old snakes are annoying!

• The challenge is a GUI program named - "elfie.exe".

• From the icon and the strings, this binary is a compiled python program (pyinstaller).

• It will be difficult to directly work with this program, so we need to extract the original python source code from this program. This can be done using Pyinstaller Extractor. This tool extracts the python byte code from the compiled program.

• Now that we have the bytecode, we can use a decompiler such as uncompyle6. But luckily, this compiled program also contained the source code itself, so we can use those instead.

• So... the source code of elfie seems to be a bit of mumbo jumbo and it's about 57k lines long.

• But at the end, all these variables are apparently added, decoded using base64 and executed.

• We can see what the inner string is by replacing the exec with print.

• The flag is hardcoded in the program. Reversing it, we get - Elfie.L0000ves.YOOOO@flare-on.com.