init htb

old htb folders

HTB/challenges/crypto/BabyEncryption/ape.py

@@ -0,0 +1,27 @@
+import string
+
+
+def encryption(msg):
+    ct = []
+    for char in msg:
+        ct.append((123 * ord(char) + 18) % 256)
+    return bytes(ct)
+
+dict = {}
+
+for elem in string.printable:
+    enc = encryption(elem)[0]
+    dict[elem] = enc
+    dict[enc] = elem
+
+print(dict)
+
+f = open('./msg.enc','r')
+ct = f.readline()
+ct = [int(ct[i:i+2],16) for i in range(0, len(ct), 2)]
+
+solve = ""
+for elem in ct:
+    solve += dict[elem]
+
+print(solve)

HTB/challenges/crypto/BabyEncryption/chall.py

@@ -0,0 +1,15 @@
+import string
+from secret import MSG
+
+def encryption(msg):
+    ct = []
+    for char in msg:
+        ct.append((123 * char + 18) % 256)
+    return bytes(ct)
+
+ct = encryption(MSG)
+f = open('./msg.enc','w')
+f.write(ct.hex())
+f.close()
+
+

HTB/challenges/crypto/BabyEncryption/msg.enc

@@ -0,0 +1 @@
+6e0a9372ec49a3f6930ed8723f9df6f6720ed8d89dc4937222ec7214d89d1e0e352ce0aa6ec82bf622227bb70e7fb7352249b7d893c493d8539dec8fb7935d490e7f9d22ec89b7a322ec8fd80e7f8921

HTB/challenges/crypto/The Last Dance/crypto_the_last_dance/ape.py

@@ -0,0 +1,31 @@
+import os
+from Crypto.Cipher import ChaCha20
+
+def encrypt_message(message, key, nonce):
+    cipher = ChaCha20.new(key=key, nonce=nonce)
+    ciphertext = cipher.encrypt(message)
+    return ciphertext
+
+def chosen_plaintext_attack(ciphertext, key, nonce):
+    # Create a dictionary of known plaintexts and their corresponding ciphertexts
+    known_plaintexts = {b"Our counter agencies have": b"", b"example2": b""}
+    for plaintext in known_plaintexts:
+        # Encrypt the known plaintext using the same key and nonce as the original ciphertext
+        known_ciphertext = encrypt_message(plaintext, key, nonce)
+        # Compare the known ciphertext with the original ciphertext
+        if known_ciphertext == ciphertext:
+            # If the ciphertexts match, the original plaintext is likely the known plaintext
+            return plaintext
+    return None
+
+if __name__ == "__main__":
+    message = b"Our counter agencies have intercepted your messages and a lot"
+    key, nonce = os.urandom(32), os.urandom(12)
+    encrypted_message = encrypt_message(message, key, nonce)
+
+    # Perform the chosen plaintext attack
+    recovered_message = chosen_plaintext_attack(encrypted_message, key, nonce)
+    if recovered_message is not None:
+        print("Recovered message:", recovered_message)
+    else:
+        print("Failed to recover message")

HTB/challenges/crypto/The Last Dance/crypto_the_last_dance/out.txt

@@ -0,0 +1,3 @@
+c4a66edfe80227b4fa24d431
+7aa34395a258f5893e3db1822139b8c1f04cfab9d757b9b9cca57e1df33d093f07c7f06e06bb6293676f9060a838ea138b6bc9f20b08afeb73120506e2ce7b9b9dcd9e4a421584cfaba2481132dfbdf4216e98e3facec9ba199ca3a97641e9ca9782868d0222a1d7c0d3119b867edaf2e72e2a6f7d344df39a14edc39cb6f960944ddac2aaef324827c36cba67dcb76b22119b43881a3f1262752990
+7d8273ceb459e4d4386df4e32e1aecc1aa7aaafda50cb982f6c62623cf6b29693d86b15457aa76ac7e2eef6cf814ae3a8d39c7

HTB/challenges/crypto/The Last Dance/crypto_the_last_dance/source.py

@@ -0,0 +1,28 @@
+from Crypto.Cipher import ChaCha20
+from secret import FLAG
+import os
+
+
+def encryptMessage(message, key, nonce):
+    cipher = ChaCha20.new(key=key, nonce=iv)
+    ciphertext = cipher.encrypt(message)
+    return ciphertext
+
+
+def writeData(data):
+    with open("out.txt", "w") as f:
+        f.write(data)
+
+
+if __name__ == "__main__":
+    message = b"Our counter agencies have intercepted your messages and a lot "
+    message += b"of your agent's identities have been exposed. In a matter of "
+    message += b"days all of them will be captured"
+
+    key, iv = os.urandom(32), os.urandom(12)
+
+    encrypted_message = encryptMessage(message, key, iv)
+    encrypted_flag = encryptMessage(FLAG, key, iv)
+
+    data = iv.hex() + "\n" + encrypted_message.hex() + "\n" + encrypted_flag.hex()
+    writeData(data)

HTB/challenges/forensics/Illumination/flag

@@ -0,0 +1 @@
+HTB{v3rsi0n_c0ntr0l_am_I_right?}

HTB/challenges/pwn/racecar/racecar.py

@@ -0,0 +1,8 @@
+s = "7b425448.5f796877.5f643164.34735f31.745f3376.665f3368.5f67346c.745f6e30.355f3368.6b633474.7d213f"
+flag = ""
+for elem in s.split("."):
+    t = ""
+    for i in range(4):
+        t = elem[i*2:i*2+2] + t
+    flag += t
+print(flag)

HTB/challenges/reversing/Exatlon/ape.py

@@ -0,0 +1,13 @@
+plain = "!\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
+plainList = list(plain)
+allEncoded = "528 544 560 576 592 608 624 640 656 672 688 704 720 736 752 768 784 800 816 832 848 864 880 896 912 928 944 960 976 992 1008 1024 1040 1056 1072 1088 1104 1120 1136 1152 1168 1184 1200 1216 1232 1248 1264 1280 1296 1312 1328 1344 1360 1376 1392 1408 1424 1440 1456 1472 1488 1504 1520 1536 1552 1568 1584 1600 1616 1632 1648 1664 1680 1696 1712 1728 1744 1760 1776 1792 1808 1824 1840 1856 1872 1888 1904 1920 1936 1952 1968 1984 2000 2016"
+allEncodedList = allEncoded.split(" ")
+target = "1152 1344 1056 1968 1728 816 1648 784 1584 816 1728 1520 1840 1664 784 1632 1856 1520 1728 816 1632 1856 1520 784 1760 1840 1824 816 1584 1856 784 1776 1760 528 528 2000"
+targetList = target.split(" ")
+
+result = list(map(lambda x, y: dict(character=x,encoded=y), plainList, allEncodedList))
+chars = []
+for c in targetList:
+    chars.append(next(item for item in result if item["encoded"] == c)["character"])
+
+print("".join(chars))

HTB/challenges/reversing/Simple Encryptor/rev_simpleencryptor/ape.c

@@ -0,0 +1,68 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+int encrypt(char a, int r1, int r2){
+    int t;
+    r1 = r1 & 0xff;
+    r2 = r2 & 7;
+    printf("encrypt(%x, %x, %x)\n",a,r1,r2);
+    t = a ^ r1;
+    printf("t: %x\n",t);
+    return ((t << r2)|(t >> (8-r2)));
+}
+
+int decrypt(int a, int r1, int r2){
+    int t;
+    r1 = r1 & 0xff;
+    r2 = r2 & 7;
+    a = a&0xff;
+    // printf("decrypt(%x, %x, %x)\n",a,r1,r2);
+    t = ((a << (8-r2))|(a >>r2)) & 0xff;
+    // printf("t: %x\n",t);
+    return t ^ r1;
+}
+
+int main(void) {
+    uint seed;
+    int r1,r2, enc, dec;
+    FILE *enc_file;
+    size_t size;
+
+    // seed = 0x63d17786;
+    // srand(seed);
+    // r1 = rand();
+    // r2 = rand();
+    // //printf("%x", r);
+    enc_file = fopen("flag.enc.bak","rb");
+    fseek(enc_file,0L,SEEK_END);
+    size = ftell(enc_file)-4;
+    char buffer[size+1];
+    printf("size: %x\n", size);
+    fseek(enc_file,0L,SEEK_SET);
+    fread(&seed, 4, 1, enc_file);
+    srand(seed);
+    printf("seed: %x\n", seed);
+    // buffer = malloc(2);
+    // fseek(enc_file, 0, SEEK_END);
+    // size = ftell(enc_file);
+    // fseek(enc_file, sizeof(seed), SEEK_SET);
+        // fread(buffer, 1, 1, enc_file);
+    fread(&buffer, size, 1, enc_file);
+    fclose(enc_file);
+    printf("buffer: ");
+    for (int i = 0; i < size; i++){
+        printf("%2x",buffer[i]&0xff);
+    }
+    printf("\n");
+    for (int i = 0; i < size; i++){
+
+        r1 = rand();
+        r2 = rand();
+        // // enc = encrypt('A',r1,r2);
+        // // printf("enc: %x\n", enc);
+
+        dec = decrypt(buffer[i],r1,r2);
+        printf("%c", dec);
+    }
+    return 0;
+}

HTB/challenges/reversing/Simple Encryptor/rev_simpleencryptor/ape.py

@@ -0,0 +1,7 @@
+from ctypes import *
+cdll.LoadLibrary("libc.so.6")
+libc = CDLL("libc.so.6")
+seed = 0x62b1355a
+libc.srand(seed)
+print(hex(libc.rand()&0xff))
+print(hex(libc.rand()&0x7))

HTB/challenges/reversing/Simple Encryptor/rev_simpleencryptor/decrypt.py

@@ -0,0 +1,34 @@
+import struct
+
+# Open the file for reading in binary mode
+with open("flag.enc", "rb") as f:
+    # Read the first 4 bytes, which represent the seed
+    seed_bytes = f.read(4)
+    # Unpack the seed as a 32-bit unsigned integer
+    seed = struct.unpack("I", seed_bytes)[0]
+    # Read the rest of the file contents
+    enc_data = f.read()
+
+print(f"seed: {seed}, hex: {hex(seed)}")
+print(f"enc_data: {enc_data}")
+
+# Use the seed to seed the random number generator
+import random
+random.seed(seed)
+
+# Allocate a buffer for the decrypted data
+dec_data = bytearray(len(enc_data))
+
+# Perform the decryption
+for i in range(len(enc_data)):
+    # XOR with a random byte
+    dec_data[i] = enc_data[i] ^ random.getrandbits(8)
+    # Perform the inverse bit-shift operation
+    shift = random.randint(0,7)
+    dec_data[i] = ((dec_data[i] >> shift) | (dec_data[i] << (8 - shift))) % 256
+
+print(f"flag: {dec_data}")
+
+# Write the decrypted data to a file
+# with open("flag.dec", "wb") as f:
+#     f.write(dec_data)

HTB/challenges/reversing/Simple Encryptor/rev_simpleencryptor/flag

@@ -0,0 +1 @@
+ABCD

HTB/challenges/reversing/Simple Encryptor/rev_simpleencryptor/flag.dec

@@ -0,0 +1 @@
+D:]=KN錝 <20><11>ﾂｻcｬ*<2A>ﾑ/rdj･<

HTB/challenges/reversing/Simple Encryptor/rev_simpleencryptor/flag.enc

@@ -0,0 +1 @@
+
tрcАН▒и

HTB/challenges/reversing/Spooky License/angr/bin/Activate.ps1

@@ -0,0 +1,247 @@
+<#
+.Synopsis
+Activate a Python virtual environment for the current PowerShell session.
+
+.Description
+Pushes the python executable for a virtual environment to the front of the
+$Env:PATH environment variable and sets the prompt to signify that you are
+in a Python virtual environment. Makes use of the command line switches as
+well as the `pyvenv.cfg` file values present in the virtual environment.
+
+.Parameter VenvDir
+Path to the directory that contains the virtual environment to activate. The
+default value for this is the parent of the directory that the Activate.ps1
+script is located within.
+
+.Parameter Prompt
+The prompt prefix to display when this virtual environment is activated. By
+default, this prompt is the name of the virtual environment folder (VenvDir)
+surrounded by parentheses and followed by a single space (ie. '(.venv) ').
+
+.Example
+Activate.ps1
+Activates the Python virtual environment that contains the Activate.ps1 script.
+
+.Example
+Activate.ps1 -Verbose
+Activates the Python virtual environment that contains the Activate.ps1 script,
+and shows extra information about the activation as it executes.
+
+.Example
+Activate.ps1 -VenvDir C:\Users\MyUser\Common\.venv
+Activates the Python virtual environment located in the specified location.
+
+.Example
+Activate.ps1 -Prompt "MyPython"
+Activates the Python virtual environment that contains the Activate.ps1 script,
+and prefixes the current prompt with the specified string (surrounded in
+parentheses) while the virtual environment is active.
+
+.Notes
+On Windows, it may be required to enable this Activate.ps1 script by setting the
+execution policy for the user. You can do this by issuing the following PowerShell
+command:
+
+PS C:\> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
+
+For more information on Execution Policies: 
+https://go.microsoft.com/fwlink/?LinkID=135170
+
+#>
+Param(
+    [Parameter(Mandatory = $false)]
+    [String]
+    $VenvDir,
+    [Parameter(Mandatory = $false)]
+    [String]
+    $Prompt
+)
+
+<# Function declarations --------------------------------------------------- #>
+
+<#
+.Synopsis
+Remove all shell session elements added by the Activate script, including the
+addition of the virtual environment's Python executable from the beginning of
+the PATH variable.
+
+.Parameter NonDestructive
+If present, do not remove this function from the global namespace for the
+session.
+
+#>
+function global:deactivate ([switch]$NonDestructive) {
+    # Revert to original values
+
+    # The prior prompt:
+    if (Test-Path -Path Function:_OLD_VIRTUAL_PROMPT) {
+        Copy-Item -Path Function:_OLD_VIRTUAL_PROMPT -Destination Function:prompt
+        Remove-Item -Path Function:_OLD_VIRTUAL_PROMPT
+    }
+
+    # The prior PYTHONHOME:
+    if (Test-Path -Path Env:_OLD_VIRTUAL_PYTHONHOME) {
+        Copy-Item -Path Env:_OLD_VIRTUAL_PYTHONHOME -Destination Env:PYTHONHOME
+        Remove-Item -Path Env:_OLD_VIRTUAL_PYTHONHOME
+    }
+
+    # The prior PATH:
+    if (Test-Path -Path Env:_OLD_VIRTUAL_PATH) {
+        Copy-Item -Path Env:_OLD_VIRTUAL_PATH -Destination Env:PATH
+        Remove-Item -Path Env:_OLD_VIRTUAL_PATH
+    }
+
+    # Just remove the VIRTUAL_ENV altogether:
+    if (Test-Path -Path Env:VIRTUAL_ENV) {
+        Remove-Item -Path env:VIRTUAL_ENV
+    }
+
+    # Just remove VIRTUAL_ENV_PROMPT altogether.
+    if (Test-Path -Path Env:VIRTUAL_ENV_PROMPT) {
+        Remove-Item -Path env:VIRTUAL_ENV_PROMPT
+    }
+
+    # Just remove the _PYTHON_VENV_PROMPT_PREFIX altogether:
+    if (Get-Variable -Name "_PYTHON_VENV_PROMPT_PREFIX" -ErrorAction SilentlyContinue) {
+        Remove-Variable -Name _PYTHON_VENV_PROMPT_PREFIX -Scope Global -Force
+    }
+
+    # Leave deactivate function in the global namespace if requested:
+    if (-not $NonDestructive) {
+        Remove-Item -Path function:deactivate
+    }
+}
+
+<#
+.Description
+Get-PyVenvConfig parses the values from the pyvenv.cfg file located in the
+given folder, and returns them in a map.
+
+For each line in the pyvenv.cfg file, if that line can be parsed into exactly
+two strings separated by `=` (with any amount of whitespace surrounding the =)
+then it is considered a `key = value` line. The left hand string is the key,
+the right hand is the value.
+
+If the value starts with a `'` or a `"` then the first and last character is
+stripped from the value before being captured.
+
+.Parameter ConfigDir
+Path to the directory that contains the `pyvenv.cfg` file.
+#>
+function Get-PyVenvConfig(
+    [String]
+    $ConfigDir
+) {
+    Write-Verbose "Given ConfigDir=$ConfigDir, obtain values in pyvenv.cfg"
+
+    # Ensure the file exists, and issue a warning if it doesn't (but still allow the function to continue).
+    $pyvenvConfigPath = Join-Path -Resolve -Path $ConfigDir -ChildPath 'pyvenv.cfg' -ErrorAction Continue
+
+    # An empty map will be returned if no config file is found.
+    $pyvenvConfig = @{ }
+
+    if ($pyvenvConfigPath) {
+
+        Write-Verbose "File exists, parse `key = value` lines"
+        $pyvenvConfigContent = Get-Content -Path $pyvenvConfigPath
+
+        $pyvenvConfigContent | ForEach-Object {
+            $keyval = $PSItem -split "\s*=\s*", 2
+            if ($keyval[0] -and $keyval[1]) {
+                $val = $keyval[1]
+
+                # Remove extraneous quotations around a string value.
+                if ("'""".Contains($val.Substring(0, 1))) {
+                    $val = $val.Substring(1, $val.Length - 2)
+                }
+
+                $pyvenvConfig[$keyval[0]] = $val
+                Write-Verbose "Adding Key: '$($keyval[0])'='$val'"
+            }
+        }
+    }
+    return $pyvenvConfig
+}
+
+
+<# Begin Activate script --------------------------------------------------- #>
+
+# Determine the containing directory of this script
+$VenvExecPath = Split-Path -Parent $MyInvocation.MyCommand.Definition
+$VenvExecDir = Get-Item -Path $VenvExecPath
+
+Write-Verbose "Activation script is located in path: '$VenvExecPath'"
+Write-Verbose "VenvExecDir Fullname: '$($VenvExecDir.FullName)"
+Write-Verbose "VenvExecDir Name: '$($VenvExecDir.Name)"
+
+# Set values required in priority: CmdLine, ConfigFile, Default
+# First, get the location of the virtual environment, it might not be
+# VenvExecDir if specified on the command line.
+if ($VenvDir) {
+    Write-Verbose "VenvDir given as parameter, using '$VenvDir' to determine values"
+}
+else {
+    Write-Verbose "VenvDir not given as a parameter, using parent directory name as VenvDir."
+    $VenvDir = $VenvExecDir.Parent.FullName.TrimEnd("\\/")
+    Write-Verbose "VenvDir=$VenvDir"
+}
+
+# Next, read the `pyvenv.cfg` file to determine any required value such
+# as `prompt`.
+$pyvenvCfg = Get-PyVenvConfig -ConfigDir $VenvDir
+
+# Next, set the prompt from the command line, or the config file, or
+# just use the name of the virtual environment folder.
+if ($Prompt) {
+    Write-Verbose "Prompt specified as argument, using '$Prompt'"
+}
+else {
+    Write-Verbose "Prompt not specified as argument to script, checking pyvenv.cfg value"
+    if ($pyvenvCfg -and $pyvenvCfg['prompt']) {
+        Write-Verbose "  Setting based on value in pyvenv.cfg='$($pyvenvCfg['prompt'])'"
+        $Prompt = $pyvenvCfg['prompt'];
+    }
+    else {
+        Write-Verbose "  Setting prompt based on parent's directory's name. (Is the directory name passed to venv module when creating the virtual environment)"
+        Write-Verbose "  Got leaf-name of $VenvDir='$(Split-Path -Path $venvDir -Leaf)'"
+        $Prompt = Split-Path -Path $venvDir -Leaf
+    }
+}
+
+Write-Verbose "Prompt = '$Prompt'"
+Write-Verbose "VenvDir='$VenvDir'"
+
+# Deactivate any currently active virtual environment, but leave the
+# deactivate function in place.
+deactivate -nondestructive
+
+# Now set the environment variable VIRTUAL_ENV, used by many tools to determine
+# that there is an activated venv.
+$env:VIRTUAL_ENV = $VenvDir
+
+if (-not $Env:VIRTUAL_ENV_DISABLE_PROMPT) {
+
+    Write-Verbose "Setting prompt to '$Prompt'"
+
+    # Set the prompt to include the env name
+    # Make sure _OLD_VIRTUAL_PROMPT is global
+    function global:_OLD_VIRTUAL_PROMPT { "" }
+    Copy-Item -Path function:prompt -Destination function:_OLD_VIRTUAL_PROMPT
+    New-Variable -Name _PYTHON_VENV_PROMPT_PREFIX -Description "Python virtual environment prompt prefix" -Scope Global -Option ReadOnly -Visibility Public -Value $Prompt
+
+    function global:prompt {
+        Write-Host -NoNewline -ForegroundColor Green "($_PYTHON_VENV_PROMPT_PREFIX) "
+        _OLD_VIRTUAL_PROMPT
+    }
+    $env:VIRTUAL_ENV_PROMPT = $Prompt
+}
+
+# Clear PYTHONHOME
+if (Test-Path -Path Env:PYTHONHOME) {
+    Copy-Item -Path Env:PYTHONHOME -Destination Env:_OLD_VIRTUAL_PYTHONHOME
+    Remove-Item -Path Env:PYTHONHOME
+}
+
+# Add the venv to the PATH
+Copy-Item -Path Env:PATH -Destination Env:_OLD_VIRTUAL_PATH
+$Env:PATH = "$VenvExecDir$([System.IO.Path]::PathSeparator)$Env:PATH"

HTB/challenges/reversing/Spooky License/angr/bin/ROPgadget

@@ -0,0 +1,12 @@
+#!/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3
+## -*- coding: utf-8 -*-
+##
+##  Jonathan Salwan - 2014-05-12 - ROPgadget tool
+##
+##  http://twitter.com/JonathanSalwan
+##  http://shell-storm.org/project/ROPgadget/
+##
+
+import ropgadget
+
+ropgadget.main()

HTB/challenges/reversing/Spooky License/angr/bin/activate

@@ -0,0 +1,69 @@
+# This file must be used with "source bin/activate" *from bash*
+# you cannot run it directly
+
+deactivate () {
+    # reset old environment variables
+    if [ -n "${_OLD_VIRTUAL_PATH:-}" ] ; then
+        PATH="${_OLD_VIRTUAL_PATH:-}"
+        export PATH
+        unset _OLD_VIRTUAL_PATH
+    fi
+    if [ -n "${_OLD_VIRTUAL_PYTHONHOME:-}" ] ; then
+        PYTHONHOME="${_OLD_VIRTUAL_PYTHONHOME:-}"
+        export PYTHONHOME
+        unset _OLD_VIRTUAL_PYTHONHOME
+    fi
+
+    # This should detect bash and zsh, which have a hash command that must
+    # be called to get it to forget past commands.  Without forgetting
+    # past commands the $PATH changes we made may not be respected
+    if [ -n "${BASH:-}" -o -n "${ZSH_VERSION:-}" ] ; then
+        hash -r 2> /dev/null
+    fi
+
+    if [ -n "${_OLD_VIRTUAL_PS1:-}" ] ; then
+        PS1="${_OLD_VIRTUAL_PS1:-}"
+        export PS1
+        unset _OLD_VIRTUAL_PS1
+    fi
+
+    unset VIRTUAL_ENV
+    unset VIRTUAL_ENV_PROMPT
+    if [ ! "${1:-}" = "nondestructive" ] ; then
+    # Self destruct!
+        unset -f deactivate
+    fi
+}
+
+# unset irrelevant variables
+deactivate nondestructive
+
+VIRTUAL_ENV="/home/kali/htb/challenges/reversing/Spooky License/angr"
+export VIRTUAL_ENV
+
+_OLD_VIRTUAL_PATH="$PATH"
+PATH="$VIRTUAL_ENV/bin:$PATH"
+export PATH
+
+# unset PYTHONHOME if set
+# this will fail if PYTHONHOME is set to the empty string (which is bad anyway)
+# could use `if (set -u; : $PYTHONHOME) ;` in bash
+if [ -n "${PYTHONHOME:-}" ] ; then
+    _OLD_VIRTUAL_PYTHONHOME="${PYTHONHOME:-}"
+    unset PYTHONHOME
+fi
+
+if [ -z "${VIRTUAL_ENV_DISABLE_PROMPT:-}" ] ; then
+    _OLD_VIRTUAL_PS1="${PS1:-}"
+    PS1="(angr) ${PS1:-}"
+    export PS1
+    VIRTUAL_ENV_PROMPT="(angr) "
+    export VIRTUAL_ENV_PROMPT
+fi
+
+# This should detect bash and zsh, which have a hash command that must
+# be called to get it to forget past commands.  Without forgetting
+# past commands the $PATH changes we made may not be respected
+if [ -n "${BASH:-}" -o -n "${ZSH_VERSION:-}" ] ; then
+    hash -r 2> /dev/null
+fi

HTB/challenges/reversing/Spooky License/angr/bin/activate.csh

@@ -0,0 +1,26 @@
+# This file must be used with "source bin/activate.csh" *from csh*.
+# You cannot run it directly.
+# Created by Davide Di Blasi <davidedb@gmail.com>.
+# Ported to Python 3.3 venv by Andrew Svetlov <andrew.svetlov@gmail.com>
+
+alias deactivate 'test $?_OLD_VIRTUAL_PATH != 0 && setenv PATH "$_OLD_VIRTUAL_PATH" && unset _OLD_VIRTUAL_PATH; rehash; test $?_OLD_VIRTUAL_PROMPT != 0 && set prompt="$_OLD_VIRTUAL_PROMPT" && unset _OLD_VIRTUAL_PROMPT; unsetenv VIRTUAL_ENV; unsetenv VIRTUAL_ENV_PROMPT; test "\!:*" != "nondestructive" && unalias deactivate'
+
+# Unset irrelevant variables.
+deactivate nondestructive
+
+setenv VIRTUAL_ENV "/home/kali/htb/challenges/reversing/Spooky License/angr"
+
+set _OLD_VIRTUAL_PATH="$PATH"
+setenv PATH "$VIRTUAL_ENV/bin:$PATH"
+
+
+set _OLD_VIRTUAL_PROMPT="$prompt"
+
+if (! "$?VIRTUAL_ENV_DISABLE_PROMPT") then
+    set prompt = "(angr) $prompt"
+    setenv VIRTUAL_ENV_PROMPT "(angr) "
+endif
+
+alias pydoc python -m pydoc
+
+rehash

HTB/challenges/reversing/Spooky License/angr/bin/activate.fish

@@ -0,0 +1,69 @@
+# This file must be used with "source <venv>/bin/activate.fish" *from fish*
+# (https://fishshell.com/); you cannot run it directly.
+
+function deactivate  -d "Exit virtual environment and return to normal shell environment"
+    # reset old environment variables
+    if test -n "$_OLD_VIRTUAL_PATH"
+        set -gx PATH $_OLD_VIRTUAL_PATH
+        set -e _OLD_VIRTUAL_PATH
+    end
+    if test -n "$_OLD_VIRTUAL_PYTHONHOME"
+        set -gx PYTHONHOME $_OLD_VIRTUAL_PYTHONHOME
+        set -e _OLD_VIRTUAL_PYTHONHOME
+    end
+
+    if test -n "$_OLD_FISH_PROMPT_OVERRIDE"
+        set -e _OLD_FISH_PROMPT_OVERRIDE
+        # prevents error when using nested fish instances (Issue #93858)
+        if functions -q _old_fish_prompt
+            functions -e fish_prompt
+            functions -c _old_fish_prompt fish_prompt
+            functions -e _old_fish_prompt
+        end
+    end
+
+    set -e VIRTUAL_ENV
+    set -e VIRTUAL_ENV_PROMPT
+    if test "$argv[1]" != "nondestructive"
+        # Self-destruct!
+        functions -e deactivate
+    end
+end
+
+# Unset irrelevant variables.
+deactivate nondestructive
+
+set -gx VIRTUAL_ENV "/home/kali/htb/challenges/reversing/Spooky License/angr"
+
+set -gx _OLD_VIRTUAL_PATH $PATH
+set -gx PATH "$VIRTUAL_ENV/bin" $PATH
+
+# Unset PYTHONHOME if set.
+if set -q PYTHONHOME
+    set -gx _OLD_VIRTUAL_PYTHONHOME $PYTHONHOME
+    set -e PYTHONHOME
+end
+
+if test -z "$VIRTUAL_ENV_DISABLE_PROMPT"
+    # fish uses a function instead of an env var to generate the prompt.
+
+    # Save the current fish_prompt function as the function _old_fish_prompt.
+    functions -c fish_prompt _old_fish_prompt
+
+    # With the original prompt function renamed, we can override with our own.
+    function fish_prompt
+        # Save the return status of the last command.
+        set -l old_status $status
+
+        # Output the venv prompt; color taken from the blue of the Python logo.
+        printf "%s%s%s" (set_color 4B8BBE) "(angr) " (set_color normal)
+
+        # Restore the return status of the previous command.
+        echo "exit $old_status" | .
+        # Output the original/"old" prompt.
+        _old_fish_prompt
+    end
+
+    set -gx _OLD_FISH_PROMPT_OVERRIDE "$VIRTUAL_ENV"
+    set -gx VIRTUAL_ENV_PROMPT "(angr) "
+end

HTB/challenges/reversing/Spooky License/angr/bin/asm

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/checksec

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/common

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/constgrep

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/cyclic

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/debug

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/disablenx

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/disasm

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/dumpsig.py

@@ -0,0 +1,77 @@
+#!/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3
+
+from __future__ import print_function
+from builtins import range
+import os
+import sys
+
+import nampa
+
+
+def eprint(*args, **kwargs):
+    print(*args, file=sys.stderr, **kwargs)
+
+
+def iprint(indent, *args, **kwargs):
+    kwargs['sep'] = ''
+    print("  " * indent, *args, **kwargs)
+
+
+def format_functions(ff):
+    out = []
+    for f in ff:
+        out.append('{}{:04X}:{}'.format('(l)' if f.is_local else '', f.offset, f.name))
+    return ' '.join(out)
+
+
+def format_tail_bytes(bb):
+    out = []
+    for b in bb:
+        out.append('({:04X}: {:02X})'.format(b.offset, b.value))
+    return ' '.join(out)
+
+
+def format_refs(rr):
+    out = []
+    for r in rr:
+        out.append('(REF {:04X}: {})'.format(r.offset, r.name))
+    return 'XXX'.join(out)
+
+
+def print_modules(node, level):
+    for i, m in enumerate(node.modules):
+        fmt = '{}. {:02X} {:04X} '
+        if m.length < 0x10000:
+            fmt += '{:04X} '
+        else:
+            fmt += '{:08X} '
+        iprint(
+            level,
+            fmt.format(i, m.crc_length, m.crc16, m.length),
+            format_functions(m.public_functions),
+            ' ' + format_tail_bytes(m.tail_bytes) if len(m.tail_bytes) > 0 else '',
+            ' ' + format_refs(m.referenced_functions) if len(m.referenced_functions) > 0 else ''
+        )
+
+
+def recurse(node, level):
+    iprint(level, nampa.pattern2string(node.pattern, node.variant_mask), ':')
+    if node.is_leaf:
+        print_modules(node, level + 1)
+    else:
+        for child in node.children:
+            recurse(child, level + 1)
+
+
+def main(fpath):
+    sig = nampa.parse_flirt_file(open(fpath, 'rb'))
+    for child in sig.root.children:
+        recurse(child, level=0)
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        print("Usage: {} input_file.sig".format(sys.argv[0]))
+        exit()
+
+    main(sys.argv[1])

HTB/challenges/reversing/Spooky License/angr/bin/elfdiff

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/elfpatch

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/errno

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/futurize

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from libfuturize.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/hex

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/isympy

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from isympy import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/libcdb

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/main

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/mako-render

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from mako.cmd import cmdline
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(cmdline())

HTB/challenges/reversing/Spooky License/angr/bin/normalizer

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from charset_normalizer.cli.normalizer import cli_detect
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(cli_detect())

HTB/challenges/reversing/Spooky License/angr/bin/pasteurize

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from libpasteurize.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/phd

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pip

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pip3

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pip3.10

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pip._internal.cli.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pwn

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.main import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pwnstrip

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pygmentize

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pygments.cmdline import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pyserial-miniterm

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from serial.tools.miniterm import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pyserial-ports

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from serial.tools.list_ports import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/pysmt-install

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pysmt.cmd.install import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/python

@@ -0,0 +1 @@
+python3

HTB/challenges/reversing/Spooky License/angr/bin/python3

@@ -0,0 +1 @@
+/usr/bin/python3

HTB/challenges/reversing/Spooky License/angr/bin/python3.10

@@ -0,0 +1 @@
+python3

HTB/challenges/reversing/Spooky License/angr/bin/rpyc_classic

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from rpyc.cli.rpyc_classic import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/rpyc_classic.py

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from rpyc.cli.rpyc_classic import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/rpyc_registry

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from rpyc.cli.rpyc_registry import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/rpyc_registry.py

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from rpyc.cli.rpyc_registry import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/scramble

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/shellcraft

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/template

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/unhex

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/update

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/bin/version

@@ -0,0 +1,10 @@
+#!/bin/sh
+'''exec' "/home/kali/htb/challenges/reversing/Spooky License/angr/bin/python3" "$0" "$@"
+' '''
+# -*- coding: utf-8 -*-
+import re
+import sys
+from pwnlib.commandline.common import main
+if __name__ == '__main__':
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(main())

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser-2.7.4.dist-info/INSTALLER

@@ -0,0 +1 @@
+pip

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser-2.7.4.dist-info/RECORD

@@ -0,0 +1,13 @@
+CppHeaderParser-2.7.4.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4
+CppHeaderParser-2.7.4.dist-info/METADATA,sha256=11RbeV7-lHmESI-C5joEKNhHGjr8xdi4tJREsqBrbMk,68940
+CppHeaderParser-2.7.4.dist-info/RECORD,,
+CppHeaderParser-2.7.4.dist-info/WHEEL,sha256=2wepM1nk4DS4eFpYrW1TTqPcoGNfHhhO_i5m4cOimbo,92
+CppHeaderParser-2.7.4.dist-info/top_level.txt,sha256=4UgsLX-5jn837kgPUwW1c1agkUoMTg1uwAiw1o8F9u4,16
+CppHeaderParser/CppHeaderParser.py,sha256=sJy3gCxIYEaJhycv7qcVOVtF0NOtGwdHRQqIgPFBqb0,114941
+CppHeaderParser/__init__.py,sha256=GyQ2wTHnG_sNOV9qsfXzpsSR0jIz53bAJvuk_PNXDWA,162
+CppHeaderParser/__pycache__/CppHeaderParser.cpython-310.pyc,,
+CppHeaderParser/__pycache__/__init__.cpython-310.pyc,,
+CppHeaderParser/doc/CppHeaderParser.html,sha256=6f-JZNB6WV136fz_qxjTSVQ2vMvvDSlU9o1TzGyoAko,116701
+CppHeaderParser/examples/SampleClass.h,sha256=cTWht9zTXW9rn54a1WzAXT5wUcHRgF-fL0n8H4pVmPI,1154
+CppHeaderParser/examples/__pycache__/readSampleClass.cpython-310.pyc,,
+CppHeaderParser/examples/readSampleClass.py,sha256=nA1IcADzy69EuduAvkKlKLxNr2XuXa1Id7bz58ZRd-M,2157

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser-2.7.4.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: bdist_wheel (0.38.4)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser-2.7.4.dist-info/top_level.txt

@@ -0,0 +1 @@
+CppHeaderParser

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser/__init__.py

@@ -0,0 +1,6 @@
+# CppHeaderParser package
+# Author: Jashua Cloutier (contact via sourceforge username:senexcanis)
+
+from .CppHeaderParser import *
+
+#__all__ = ['CppHeaderParser']

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser/examples/SampleClass.h

@@ -0,0 +1,76 @@
+#include <vector>
+#include <string>
+
+#define DEF_1 1
+#define OS_NAME "Linux"
+
+using namespace std;
+class SampleClass
+{
+public:
+    SampleClass();
+    /*!
+     * Method 1
+     */
+    string meth1();
+
+    ///
+    /// Method 2 description
+    ///
+    /// @param v1 Variable 1
+    ///
+    int meth2(int v1);
+
+    /**
+     * Method 3 description
+     *
+     * \param v1 Variable 1
+     * \param v2 Variable 2
+     */
+    void meth3(const string & v1, vector<string> & v2);
+
+    /**********************************
+     * Method 4 description
+     *
+     * @return Return value
+     *********************************/
+    unsigned int meth4();
+private:
+    void * meth5(){return NULL};
+
+    /// prop1 description
+    string prop1;
+    //! prop5 description
+    int prop5;
+};
+namespace Alpha
+{
+    class AlphaClass
+    {
+    public:
+        AlphaClass();
+
+        void alphaMethod();
+
+        string alphaString;
+    };
+
+    namespace Omega
+    {
+        class OmegaClass
+        {
+        public:
+            OmegaClass();
+
+            string omegaString;
+        };
+    };
+}
+
+int sampleFreeFunction(int i)
+{
+	return i + 1;
+}
+
+int anotherFreeFunction(void);
+}

HTB/challenges/reversing/Spooky License/angr/lib/python3.10/site-packages/CppHeaderParser/examples/readSampleClass.py

@@ -0,0 +1,63 @@
+#!/usr/bin/python
+import sys
+sys.path = ["../"] + sys.path
+import CppHeaderParser
+try:
+    cppHeader = CppHeaderParser.CppHeader("SampleClass.h")
+except CppHeaderParser.CppParseError as e:
+    print(e)
+    sys.exit(1)
+
+print("CppHeaderParser view of %s"%cppHeader)
+
+sampleClass = cppHeader.classes["SampleClass"]
+print("Number of public methods %d"%(len(sampleClass["methods"]["public"])))
+print("Number of private properties %d"%(len(sampleClass["properties"]["private"])))
+meth3 = [m for m in sampleClass["methods"]["public"] if m["name"] == "meth3"][0] #get meth3
+meth3ParamTypes = [t["type"] for t in meth3["parameters"]] #get meth3s parameters
+print("Parameter Types for public method meth3 %s"%(meth3ParamTypes))
+
+print("\nReturn type for meth1:")
+print(cppHeader.classes["SampleClass"]["methods"]["public"][1]["rtnType"])
+
+print("\nDoxygen for meth2:")
+print(cppHeader.classes["SampleClass"]["methods"]["public"][2]["doxygen"])
+
+print("\nParameters for meth3:")
+print(cppHeader.classes["SampleClass"]["methods"]["public"][3]["parameters"])
+
+print("\nDoxygen for meth4:")
+print(cppHeader.classes["SampleClass"]["methods"]["public"][4]["doxygen"])
+
+print("\nReturn type for meth5:")
+print(cppHeader.classes["SampleClass"]["methods"]["private"][0]["rtnType"])
+
+print("\nDoxygen type for prop1:")
+print(cppHeader.classes["SampleClass"]["properties"]["private"][0]["doxygen"])
+
+print("\nType for prop5:")
+print(cppHeader.classes["SampleClass"]["properties"]["private"][1]["type"])
+
+print("\nNamespace for AlphaClass is:")
+print(cppHeader.classes["AlphaClass"]["namespace"])
+
+print("\nReturn type for alphaMethod is:")
+print(cppHeader.classes["AlphaClass"]["methods"]["public"][0]["rtnType"])
+
+print("\nNamespace for OmegaClass is:")
+print(cppHeader.classes["OmegaClass"]["namespace"])
+
+print("\nType for omegaString is:")
+print(cppHeader.classes["AlphaClass"]["properties"]["public"][0]["type"])
+
+print("\nFree functions are:")
+for func in cppHeader.functions:
+    print(" %s"%func["name"])
+
+print("\n#includes are:")
+for incl in cppHeader.includes:
+    print(" %s"%incl)
+
+print("\n#defines are:")
+for define in cppHeader.defines:
+    print(" %s"%define)