# Xorathrust

First, we were given 2 files.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2F5bNgeoWnhAL5CKyUuLUE%2FUntitled%2030.png?alt=media&#x26;token=c62b3a67-ef49-4e1b-8b82-18d405074e3a" alt="" width="375"><figcaption></figcaption></figure>

Figure below shows the content of the Python file.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2FBDUBOR2SQO2y7EvKWEMV%2FUntitled%2031.png?alt=media&#x26;token=5ba939d7-ebc3-4173-981a-3cbc007dc873" alt="" width="375"><figcaption></figcaption></figure>

I knew that the script was doing something else, so I tried to run the script, hoped to get a clearer idea on what it was doing. Then, an error was returned, saying that “flag.txt” was not found.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2FdIIMz64rnwk65CckqMY5%2FUntitled%2032.png?alt=media&#x26;token=08173052-1999-4e2e-a323-10c816f02f54" alt=""><figcaption></figcaption></figure>

Hmmm, what now? Since I have another file in hand, I decided to give it a shot by renaming the file to “flag.txt”.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2F7PoMWmwS8lPSVLjmefHF%2FUntitled%2033.png?alt=media&#x26;token=7f87e2d9-8718-4629-8ea8-96b045351447" alt="" width="375"><figcaption></figcaption></figure>

I ran the script again after the renaming, and there was no output this time.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2FlGXlAnkTJfbpLSgR54F6%2FUntitled%2034.png?alt=media&#x26;token=d12d9d19-0643-461a-a80b-73f7d808635a" alt="" width="362"><figcaption></figcaption></figure>

Before I had a deeper thought, my muscle memory of doing the “ls” command somehow did the trick for me. I saw that there was a new file being generated.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2FLd3v7U2zFkmA91MytJVH%2FUntitled%2035.png?alt=media&#x26;token=b46b8a85-219e-407d-922d-9a32eadfc464" alt="" width="563"><figcaption></figcaption></figure>

Yes, reading the content of the file did returned the correct flag.

<figure><img src="https://3330117967-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fd6lVP7UgVVHIkHqAlU1O%2Fuploads%2FAZ8ltEPKFLGEIzmSb8Vh%2FUntitled%2036.png?alt=media&#x26;token=f4c83b21-8f83-4bb8-81fd-a7ed80dcef3f" alt="" width="330"><figcaption></figcaption></figure>

> Final flag: KCTF{ju5t\_4\_b45ic\_x0r}