Tags: signals z3 reversing 


TLDR: simple flag checker but control flow is obfuscated using signal handlers that perform unpacking routines. Basically the SIGSEGV handler get's activated, decodes a portion of the code and jumps back to check part of the flag before hitting another SIGSEGV and triggering the handler... This happens several times and we can put these constraints into z3 for a solution

Original writeup: [https://ctf.harrisongreen.me/2020/hacktm/plop/](https://ctf.harrisongreen.me/2020/hacktm/plop/)

Original writeup (https://ctf.harrisongreen.me/2020/hacktm/plop/).