Tags: assembly pcap reversing asm 

Rating:

Reverse the ASM and apply the same logic to decrypt the TCP payload data from the PCAP. Walkthrough to follow: https://www.youtube.com/watch?v=3GGpyEkt8GE&t=2206s

```py
from pwn import *

enc = unhex(b'5b2fedd4801914e7eb765119d4fe6223f1d1984638a9816b5419dac07b27eed9d35e09fdef65521ac5877a24eed19b0c0ae9f16d4c02cc86773bfaa8924a2ae9a12a2f1dd7923d39eea78d5909f9f57b2a16ddc87d33ada58f1208d4f737755283da1168a3e6cc075e8ce920774ef88d483fb1bb8a440884af7d69e2c5874b3bb3be695d4fd5a97b27e7d7d0572cf0bf665405dbfe4225e19b824813e4b96a4e178a95776fe1d8800b0bf7f0705719c0c37834a8f7a26f1febbe3d7119dad66427d5f58b4259eabc3f3626ded46621d3b0ca441afce552274bd6da1f2a')

dec = b''

for i, byte in enumerate(enc):
dec += xor(chr((55 * i + 19) % 256), byte)

success(dec.decode())
```

Original writeup (https://www.youtube.com/watch?v=3GGpyEkt8GE&t=2206s).