Rating:
- Realize it's cLEMENCy
- Use Trail of Bits cLEMENCy tooling
- Find the main code
- Realize it's modified RC4 (KSA same as expected with MOD = 0x200)
```python
MOD = 0x200
def rc4modified_decrypt(S, inp):
out = []
v18 = 0
v36 = 0
for i in range(len(inp)):
v18 = (v18 + S[i]) % MOD
S[v18], S[i] = S[i], S[v18]
K = S[(S[i] + S[v18]) % MOD]
out.append((((inp[i]-v36)% MOD) ^ K)) # remove v36 then decode like normal rc4
v36 = inp[i] # next v36 key is last encrypted char
return out
```
- Dump the key and the result values it compares against
- Decrypt compare values with the key
- => flag
