HackTheBox Lockpick

import sys

DECRYPT_KEY = "bhUlIshutrea98liOp"

if len(sys.argv) < 2:
    exit(0)

filename = sys.argv[1]

with open(filename, "rb") as f:
    data = f.read()

out_data = bytearray(len(data))

for i in range(0, len(data)):
    key_idx = i % len(DECRYPT_KEY)
    out_data[i] = data[i] ^ ord(DECRYPT_KEY[key_idx])


out_filename = f"{filename}.out"
with open(out_filename, "wb") as f:
    f.write(out_data)

for FILENAME in *.24bes; do python3 decrypt.py $FILENAME; done

$ md5sum *.out
c3f05980d9bd945446f8a21bafdbf4e7  complaints.csv.24bes.out
44b8d3aeae8289281f257f77a4462cd5  customer-feedback.json.24bes.out
f3894af4f1ffa42b3a379dddba384405  forela_uk_applicants.sql.24bes.out
4bd3c27516b58a68a6839c14b8205346  it_assets.xml.24bes.out
bffc66739c13003c2423a2fb6fa4ec37  sales_forecast.xlsx.24bes.out
87baa3a12068c471c3320b7f41235669  trading-firebase_bkup.json.24bes.out

$ grep "[email protected]" . -R                   
./forela_uk_applicants.sql.24bes.out:(830,'Walden','Bevans','[email protected]','Male','Aerospace Manufacturing','2023-02-16'),

import json
import decimal

with open("trading-firebase_bkup.json.24bes.out") as f:
    data = f.read()

j = json.loads(data)
new_j = [v for k, v in j.items()]

sorted_j = sorted(new_j, key=lambda x: x["profit_percentage"], reverse=True)
print(f"{sorted_j[0]['email']}, {decimal.Decimal(sorted_j[0]['profit_percentage'])}")