MetaPDF
Putting the PDF into pdf-parser.py, I found that there was an abnormally long object.
It appeared to have lots of ASCII characters encoded in hex, so I extracted the hex characters.
from Crypto.Util.number import *
stuff = 0xFEFF000000010061006D006F00390066006C00740064004F00320070007100500058007400660058003100380036004B007900740071006100690077006B004A00430051006B004F00690067006800570031003000720049006900490070005700320070007100580053007800660058007900510036004B007900740071006100690077006B0058007900520066004F0069006700680057003100300072004900690049007000570032007000710058005300780066004A004600380036004B007900740071006100690077006B005800790051006B004F006900680037006600530073006900490069006C00620061006D00700064004C00430051006B0058007900510036004B0047007000710057003200700071005800530073006900490069006C00620061006D00700064004C00460038006B004A0044006F0072004B003200700071004C00430051006B004A004600380036004B004300450069004900690073006900490069006C00620061006D00700064004C0043005200660058007A006F0072004B003200700071004C004300520066004A0044006F0072004B003200700071004C00430051006B0058003100380036004B004800740039004B007900490069004B0056007400710061006C00300073004A004300520066004F0069007300720061006D006F0073004A00430051006B004F0069007300720061006D006F0073004A0046003900660058007A006F0072004B003200700071004C0043005200660058007900510036004B0079007400710061006E003000370061006D006F0075004A004600380039004B004700700071004C0069005200660050005700700071004B007900490069004B005600740071006100690034006B0058007900520064004B0079006800710061006900350066004A004400310071006100690034006B005800310074007100610069003500660058007900520064004B00530073006F0061006D006F0075004A004300510039004B004700700071004C00690051007200490069004900700057003200700071004C006C00390066004A004600300070004B00790067006F0049005700700071004B00530073006900490069006C00620061006D006F0075005800790051006B005800530073006F0061006D006F007500580031003800390061006D006F0075004A0046003900620061006D006F0075004A00430052006600580053006B0072004B004700700071004C006900510039004B004300450069004900690073006900490069006C00620061006D006F0075005800310038006B00580053006B0072004B004700700071004C006C00380039004B004300450069004900690073006900490069006C00620061006D006F0075005800790052006600580053006B00720061006D006F0075004A0046003900620061006D006F0075004A00460038006B0058005300740071006100690035006600580079007400710061006900350066004A004300740071006100690034006B004F003200700071004C00690051006B0050005700700071004C006900510072004B004300450069004900690073006900490069006C00620061006D006F0075005800790051006B0058005300740071006100690035006600580079007400710061006900350066004B003200700071004C0069005100720061006D006F0075004A0043005100370061006D006F0075004A00440030006F0061006D006F00750058003100390066004B005600740071006100690034006B00580031003100620061006D006F0075004A004600390064004F003200700071004C00690051006F0061006D006F0075004A004300680071006100690034006B004A0043007300690058004300490069004B0079004A006300580043004900720061006D006F0075005800310038006B004B003200700071004C00690051006B0058007900740071006100690034006B004A0046003800720061006D006F0075004A00460038006B00580079007300690058004600770069004B003200700071004C006C00390066004A004300740071006100690034006B004A0046003800720061006D006F00750058007900520066004B0079004A006300580043004900720061006D006F0075004A004600390066004B003200700071004C006C0039006600580079007300690058004600770069004B003200700071004C006C00390066004A004300740071006100690034006B004A0046003800720061006D006F00750058003100390066004B003200700071004C006900520066004A0046003800720049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A00430051006B004B003200700071004C006C00390066004A00430073006F0049005600740064004B007900490069004B0056007400710061006900350066004A004600390064004B003200700071004C006C0038006B004B003200700071004C006900520066004A0046003800720061006D006F0075004A004300520066004A0043007300690058004600770069004B003200700071004C0069005200660058007900740071006100690035006600580031003800720049006A0031006300580043004900720061006D006F0075004A004600390066004B003200700071004C006C00390066005800790073006900580046007800630049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A00430051006B004B003200700071004C006C00390066004A004300740071006100690034006B0058007900520066004B003200700071004C00690051006B00580031003800720061006D006F007500580031003800720061006D006F0075004A00430051006B004A00430073006900650079004900720061006D006F0075004A004600390066004B003200700071004C00690051006B004A0043005100720061006D006F0075004A00460039006600580079007400710061006900350066004A0046003800720061006D006F0075004A00460038006B004A004300740071006100690034006B00580031003800720061006D006F0075004A004300520066004A004300740071006100690034006B0058007900520066004B003200700071004C00690051006B00580031003800720061006D006F0075005800790051006B004B003200700071004C006900520066004A004300740071006100690034006B004A0043005100720061006D006F0075004A00460038006B004A004300740071006100690034006B0058007900520066004B003200700071004C006C0038006B0058007900740071006100690034006B004A0046003800720061006D006F0075004A0046003900660058007900740071006100690034006B004A004300520066004B003200700071004C006C0038006B0058007900740071006100690034006B005800790051006B004B003200700071004C00690051006B004A0046003800720061006D006F0075004A004600390066004B003200700071004C006900520066004A0043005100720061006D006F0075004A00460038006B004B003200700071004C006C00390066004A004300740071006100690034006B004A0046003800720061006D006F0075004A0043005200660058007900740071006100690034006B0058003100390066004B003200700071004C006900520066004A0046003800720061006D006F0075004A0043005200660058007900740071006100690035006600580031003800720061006D006F00750058007900520066004B0079004A003900580046007800630049006A0074006300580043004900720061006D006F0075005800310038006B004B003200700071004C006C0038006B00580079007300690058004600770069004B003200700071004C006C00390066004A004300740071006100690034006B004A0046003800720061006D006F0075004A004300520066004B003200700071004C006900520066004A0046003800720049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A004300520066004B003200700071004C006C0038006B00580079007300690058004600770069004B003200700071004C0069005200660058007900740071006100690035006600580031003800720049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A00460038006B004B003200700071004C006C003900660058007900740071006100690034006B004A004300520066004B007900670068005700310030007200490069004900700057003200700071004C006C0038006B0058003100300072004B004300460062005800530073006900490069006C00620061006D006F0075005800790052006600580053007400710061006900350066004A0043007300690058004600770069004B003200700071004C0069005200660058007900740071006100690035006600580031003800720049006A0031006300580043004900720061006D006F0075004A004600390066004B003200700071004C006C0039006600580079007300690058004600770069004B003200700071004C006C00390066004A004300740071006100690034006B004A0046003800720061006D006F00750058003100390066004B003200700071004C006900520066004A0046003800720049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A00430051006B004B003200700071004C006C00390066004A00430073006F0049005600740064004B007900490069004B0056007400710061006900350066004A004600390064004B003200700071004C006C0038006B004B003200700071004C006900520066004A0046003800720061006D006F0075004A004300520066004A004300730069004C006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A004300520066004B003200700071004C006C0038006B004A0043007400710061006900350066004B003200700071004C006900520066004A0043005100720049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A004300520066004B003200700071004C006C0038006B004A004300740071006100690035006600580079007300690058004600770069004B003200700071004C006C00390066004A004300740071006100690034006B004A0046003800720061006D006F00750058007900520066004B00790049006F0049006900740071006100690035006600580031003800720049006900770069004B003200700071004C0069005200660058007900730069004B00540074006300580043004900720061006D006F0075004A004600390066004B003200700071004C006C0039006600580079007300690058004600770069004B003200700071004C006C00390066004A0043007400710061006900350066004A0046003800720061006D006F0075004A00460038006B005800790073006F0049005600740064004B007900490069004B0056007400710061006900350066004A004600390064004B003200700071004C00690051006B004A0046003800720049006C007800630049006900740071006100690035006600580079005100720061006D006F0075004A004300520066004B003200700071004C006C0038006B005800790074007100610069003500660058007900730069004B0046007800630049006900740071006100690035006600580079005100720061006D006F0075004A00460038006B004B003200700071004C006C003900660058007900740071006100690034006B004A004300520066004B007900670068005700310030007200490069004900700057003200700071004C006C0038006B0058003100300072004B004300460062005800530073006900490069006C00620061006D006F0075005800790052006600580053007400710061006900350066004A004300730069004B005400730069004B0079004A00630049006900490070004B0043006B0070004B0043006B0037
for char in long_to_bytes(stuff):
if char:
print(chr(char), end='')This gave me a base64 string:
amo9fltdO2pqPXtfX186KytqaiwkJCQkOighW10rIiIpW2pqXSxfXyQ6KytqaiwkXyRfOighW10rIiIpW2pqXSxfJF86KytqaiwkXyQkOih7fSsiIilbampdLCQkXyQ6KGpqW2pqXSsiIilbampdLF8kJDorK2pqLCQkJF86KCEiIisiIilbampdLCRfXzorK2pqLCRfJDorK2pqLCQkX186KHt9KyIiKVtqal0sJCRfOisramosJCQkOisramosJF9fXzorK2pqLCRfXyQ6Kytqan07amouJF89KGpqLiRfPWpqKyIiKVtqai4kXyRdKyhqai5fJD1qai4kX1tqai5fXyRdKSsoamouJCQ9KGpqLiQrIiIpW2pqLl9fJF0pKygoIWpqKSsiIilbamouXyQkXSsoamouX189amouJF9bamouJCRfXSkrKGpqLiQ9KCEiIisiIilbamouX18kXSkrKGpqLl89KCEiIisiIilbamouXyRfXSkramouJF9bamouJF8kXStqai5fXytqai5fJCtqai4kO2pqLiQkPWpqLiQrKCEiIisiIilbamouXyQkXStqai5fXytqai5fK2pqLiQramouJCQ7amouJD0oamouX19fKVtqai4kX11bamouJF9dO2pqLiQoamouJChqai4kJCsiXCIiKyJcXCIramouX18kK2pqLiQkXytqai4kJF8ramouJF8kXysiXFwiK2pqLl9fJCtqai4kJF8ramouXyRfKyJcXCIramouJF9fK2pqLl9fXysiXFwiK2pqLl9fJCtqai4kJF8ramouX19fK2pqLiRfJF8rIlxcIitqai5fXyQramouJCQkK2pqLl9fJCsoIVtdKyIiKVtqai5fJF9dK2pqLl8kK2pqLiRfJF8ramouJCRfJCsiXFwiK2pqLiRfXytqai5fX18rIj1cXCIramouJF9fK2pqLl9fXysiXFxcIlxcIitqai5fXyQramouJCQkK2pqLl9fJCtqai4kXyRfK2pqLiQkX18ramouX18ramouJCQkJCsieyIramouJF9fK2pqLiQkJCQramouJF9fXytqai5fJF8ramouJF8kJCtqai4kX18ramouJCRfJCtqai4kXyRfK2pqLiQkX18ramouXyQkK2pqLiRfJCtqai4kJCQramouJF8kJCtqai4kXyRfK2pqLl8kXytqai4kJF8ramouJF9fXytqai4kJCRfK2pqLl8kXytqai4kXyQkK2pqLiQkJF8ramouJF9fK2pqLiRfJCQramouJF8kK2pqLl9fJCtqai4kJF8ramouJCRfXytqai4kX19fK2pqLiRfJF8ramouJCRfXytqai5fX18ramouXyRfKyJ9XFxcIjtcXCIramouX18kK2pqLl8kXysiXFwiK2pqLl9fJCtqai4kJF8ramouJCRfK2pqLiRfJF8rIlxcIitqai5fXyQramouJCRfK2pqLl8kXysiXFwiK2pqLiRfXytqai5fX18rIlxcIitqai5fXyQramouJF8kK2pqLl9fXytqai4kJCRfKyghW10rIiIpW2pqLl8kX10rKCFbXSsiIilbamouXyRfXStqai5fJCsiXFwiK2pqLiRfXytqai5fX18rIj1cXCIramouJF9fK2pqLl9fXysiXFwiK2pqLl9fJCtqai4kJF8ramouX19fK2pqLiRfJF8rIlxcIitqai5fXyQramouJCQkK2pqLl9fJCsoIVtdKyIiKVtqai5fJF9dK2pqLl8kK2pqLiRfJF8ramouJCRfJCsiLlxcIitqai5fXyQramouJCRfK2pqLl8kJCtqai5fK2pqLiRfJCQrIlxcIitqai5fXyQramouJCRfK2pqLl8kJCtqai5fXysiXFwiK2pqLl9fJCtqai4kJF8ramouXyRfKyIoIitqai5fX18rIiwiK2pqLiRfXysiKTtcXCIramouJF9fK2pqLl9fXysiXFwiK2pqLl9fJCtqai5fJF8ramouJF8kXysoIVtdKyIiKVtqai5fJF9dK2pqLiQkJF8rIlxcIitqai5fXyQramouJCRfK2pqLl8kXytqai5fXysiKFxcIitqai5fXyQramouJF8kK2pqLl9fXytqai4kJCRfKyghW10rIiIpW2pqLl8kX10rKCFbXSsiIilbamouXyRfXStqai5fJCsiKTsiKyJcIiIpKCkpKCk7Which decoded to obfuscated JavaScript:
jj=~[];jj={___:++jj,$$$$:(![]+"")[jj],__$:++jj,$_$_:(![]+"")[jj],_$_:++jj,$_$$:({}+"")[jj],$$_$:(jj[jj]+"")[jj],_$$:++jj,$$$_:(!""+"")[jj],$__:++jj,$_$:++jj,$$__:({}+"")[jj],$$_:++jj,$$$:++jj,$___:++jj,$__$:++jj};jj.$_=(jj.$_=jj+"")[jj.$_$]+(jj._$=jj.$_[jj.__$])+(jj.$$=(jj.$+"")[jj.__$])+((!jj)+"")[jj._$$]+(jj.__=jj.$_[jj.$$_])+(jj.$=(!""+"")[jj.__$])+(jj._=(!""+"")[jj._$_])+jj.$_[jj.$_$]+jj.__+jj._$+jj.$;jj.$$=jj.$+(!""+"")[jj._$$]+jj.__+jj._+jj.$+jj.$$;jj.$=(jj.___)[jj.$_][jj.$_];jj.$(jj.$(jj.$$+"\""+"\\"+jj.__$+jj.$$_+jj.$$_+jj.$_$_+"\\"+jj.__$+jj.$$_+jj._$_+"\\"+jj.$__+jj.___+"\\"+jj.__$+jj.$$_+jj.___+jj.$_$_+"\\"+jj.__$+jj.$$$+jj.__$+(![]+"")[jj._$_]+jj._$+jj.$_$_+jj.$$_$+"\\"+jj.$__+jj.___+"=\\"+jj.$__+jj.___+"\\\"\\"+jj.__$+jj.$$$+jj.__$+jj.$_$_+jj.$$__+jj.__+jj.$$$$+"{"+jj.$__+jj.$$$$+jj.$___+jj._$_+jj.$_$$+jj.$__+jj.$$_$+jj.$_$_+jj.$$__+jj._$$+jj.$_$+jj.$$$+jj.$_$$+jj.$_$_+jj._$_+jj.$$_+jj.$___+jj.$$$_+jj._$_+jj.$_$$+jj.$$$_+jj.$__+jj.$_$$+jj.$_$+jj.__$+jj.$$_+jj.$$__+jj.$___+jj.$_$_+jj.$$__+jj.___+jj._$_+"}\\\";\\"+jj.__$+jj._$_+"\\"+jj.__$+jj.$$_+jj.$$_+jj.$_$_+"\\"+jj.__$+jj.$$_+jj._$_+"\\"+jj.$__+jj.___+"\\"+jj.__$+jj.$_$+jj.___+jj.$$$_+(![]+"")[jj._$_]+(![]+"")[jj._$_]+jj._$+"\\"+jj.$__+jj.___+"=\\"+jj.$__+jj.___+"\\"+jj.__$+jj.$$_+jj.___+jj.$_$_+"\\"+jj.__$+jj.$$$+jj.__$+(![]+"")[jj._$_]+jj._$+jj.$_$_+jj.$$_$+".\\"+jj.__$+jj.$$_+jj._$$+jj._+jj.$_$$+"\\"+jj.__$+jj.$$_+jj._$$+jj.__+"\\"+jj.__$+jj.$$_+jj._$_+"("+jj.___+","+jj.$__+");\\"+jj.$__+jj.___+"\\"+jj.__$+jj._$_+jj.$_$_+(![]+"")[jj._$_]+jj.$$$_+"\\"+jj.__$+jj.$$_+jj._$_+jj.__+"(\\"+jj.__$+jj.$_$+jj.___+jj.$$$_+(![]+"")[jj._$_]+(![]+"")[jj._$_]+jj._$+");"+"\"")())();When pasted into the console, this alerts yact. If we remove the final (), the function is shown.
The flag is yactf{4f82b4dac357ba268e2be4b516c8ac02}
Last updated
