119 words
1 minute
SCSC2026 Quals - ngompor - Reverse Engineering Writeup
2026-02-17
Writeup
CTF
/
Security
/
Reverse Engineering

Category: Reverse Engineering

Flag: SCS26{m4nu4l_h3x_c0mp4r3_is_sneaky}

Challenge Description#

Given a 64-bit ELF executable named ngompor.

Analysis#

After disassembling the binary, we found that the flag data is stored in memory but encoded using a bitwise NOT operation.

Terminal window
$ objdump -d ngompor -M intel | grep -A 50 "flag_data"

The binary stores encoded bytes that need to be decoded by applying ~byte & 0xFF (bitwise NOT).

Solution#

# !/usr/bin/env python3
# Encoded flag data extracted from binary
encoded_data = [
    0xac, 0xbc, 0xac, 0xcd, 0xcf, 0x9a, 0xb4, 0xcd,
    0x91, 0xb7, 0xcd, 0x93, 0x9c, 0x97, 0xb0, 0xb4,
    0x9c, 0x91, 0x8c, 0xb4, 0xb6, 0x90, 0xb4, 0xb6,
    0xb0, 0x8c, 0x91, 0x9c, 0x9c, 0x92, 0xb2, 0x86
]


# Apply bitwise NOT to decode
flag = ''.join(chr(~b & 0xFF) for b in encoded_data)
print(flag)

Output: SCS26{m4nu4l_h3x_c0mp4r3_is_sneaky}

SCSC2026 Quals - ngompor - Reverse Engineering Writeup
https://fuwari.vercel.app/posts/9/scsc2026-quals-ngompor-reverse-engineering-writeup/
Author
Light
Published at
2026-02-17
License
CC BY-NC-SA 4.0
SCSC2026 Quals - ngestring - Reverse Engineering Writeup
© 2026 Light. All Rights Reserved. / RSS / Sitemap
Powered by Astro & Fuwari