题目信息
❝
题目名称:Go_Re
文章作者:故里❞
WP
代码比较混乱,细看之后找到
加密函数,猜测v1为是输入的值
经过加密之后与v11进行比较
分析加密函数
调试得到v27
V27=[243,79,85,235,242,11,136,210,70,121,193,114,95,140,200,114,59,213,194,165,130,41,234,220,20,176,3,159,72,73,88,84]
V11= [0x9f,0x29,0x32,0x8a,0xc3,0x70,0xbc,0xea,0x20,0x40,0xf1,0x17,0x69,0xe8,0xfd,0x40,0x3,0xe6,0xa3,0x97,0xb7,0x1e,0xd3,0xbf,0x24,0x83,0x32,0xab,0x79,0x28,0x25,0x37]
多次尝试之后发现需要两个字节一起两两交换输出flag
脚本如下:
v27=[243,79,85,235,242,11,136,210,70,121,193,114,95,140,200,114,59,213,194,165,130,41,234,220,20,176,3,159,72,73,88,84]
v11= [0x9f,0x29,0x32,0x8a,0xc3,0x70,0xbc,0xea,0x20,0x40,0xf1,0x17,0x69,0xe8,0xfd,0x40,0x3,0xe6,0xa3,0x97,0xb7,0x1e,0xd3,0xbf,0x24,0x83,0x32,0xab,0x79,0x28,0x25,0x37]
flag=''
for i in range(len(v11)):
v11[i]^=v27[i]
for i in range(0,len(v11),2):
t=v11[i]
v11[i]=v11[i+1]
v11[i+1]=t
for i in range(len(v11)):
flag+=chr(v11[i])
print(flag)
# flag{1849fe0d625382a75c93041a1c}
原文始发于微信公众号(中学生CTF):【青少年 CTF】WP-Reverse-GoRe
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论