Hissss is a easy reversing challenge on Hack The Box. The description is “Can you slither around the authentication?”

I have officially ran out of my backlog of challenges so writeups will come not as often now. As always let’s run file on this program.

Nothing crazy here, so let’s open it up in Binary Ninja now.

This is essentially the main function, and man is it ugly. I notice there are a few string compares, but none of the code makes sense to me. It almost looks like it has been encrypted. Looking through the strings in the program I find something interesting.

There are lots of strings with the “Py” prefix. This may be a compiled python program. I found a program to extract the compiled python and I ran it on the binary.

Next, we move into the new directory and “decompyle” the program using decompyle3.

It looks like it worked! Let’s go ahead and send the output of that command to a file so we can look at it better.

Not that is a lot better. Now, we have to go through this extremely long if statement and just work out all of the right letters for the password.

After going through it by hand I am left with this password “0p3n_s3sam3!”. Let’s run the program and give it a try.

Well, that is no good. Also, this error would have given us the information that it was indeed a compiled python program. This goes to show never skip running the program if it is an option. Luckily for us, we do not have to try and fix the error, we can just run the python script we pulled out of the program.

It works! The hard part of this challenge for me was finding a python decompiler that worked. Both other options I tried, uncomplye6 and pycdc did not work. Thanks for reading and happy reversing!