Tags: reverse engineering
Rating:
**tl;dr**
+ The dump has some encrypted functions
+ The encrypted bytes are being xorred with a 32 byte key
+ Find the xor_key in the dump
+ Use xor_key offset to find(Bruteforce) the offset of AES_key and iv
+ AES_CBC decrypt to find flag
