Reverse engineering - light up the server

Solution

After Analyzing the server in IDA Pro and Flare CAPA

The rule detected a regex as obfuscated stack strings

/^([a-z]?[^a-e,g-z])la[g]{(h)0(s)t_\2(e)4d\4(r([_]?[^a-z]))(!)n((j(3))cti0)n(_)1s\6{1}5up3\5c3wl}$/gm

Finding a match string via regex101

The Flag

flag{h0st_he4der_!nj3cti0n_1s_5up3r_c3wl}

Last updated