A new foe has appeared ! Earlier this week, a super cool project was uploaded to GitHub by an Optiv researcher called ZipExec. (And of course, we need to include the awesome ASCII art!) __________.__ ___________ \____ /|__|_____\_ _____/__ ___ ____ ____ / / | \____ \| __)_\ \/ // __ \_/ ___\ / /_ | | |_> > \> <\ ___/\ \___ /_______ \|__| __/_______ /__/\_ \\___ >\___ > \/ |__| \/ \/ \/ \/ From the Repo:

Challenge Description: Who needs AES when you have XOR? What is XOR? (A short lesson in Logic) Before we dive into this challenge, let’s take a journey through the world of logical operators and what they mean (specifically, XOR). However, before we can really understand what makes XOR special let’s break it down to its fundamental component - the OR statement. Logic is built on this concept of propositions and their truth values.

Environment When doing any type of reverse engineering, do it in a fresh image that is segmented from any other machine and does not have networking enabled. Even though these binaries come from trusted sources, and exist for educational purposes we should still approach these programs as if they are malicious. My lab environment is a kali box behind a pfSense firewall running in VMs. File Information running the program Here’s what happens when we run this binary: