-
-
[原创]【2019看雪CTF】Q2赛季 第六题 消失的岛屿 WP
-
2019-7-2 00:14
5057
-
[原创]【2019看雪CTF】Q2赛季 第六题 消失的岛屿 WP
【2019看雪CTF】Q2赛季 第六题 消失的岛屿 WP
简单的一题,console程序,代码量很小。主流程伪代码如下:
int __cdecl main(int argc, const char **argv, const char **envp)
{
int v3; // eax
uint8_t bindata; // [esp+11h] [ebp-3Fh]
const char *v6; // [esp+48h] [ebp-8h]
char *v7; // [esp+4Ch] [ebp-4h]
__main();
printf("please enter Serial:");
scanf(" %s", &bindata);
if ( strlen((const char *)&bindata) > 0x31 )
puts("error");
v7 = (char *)calloc(1u, 0x400u);
v3 = strlen((const char *)&bindata);
base64_encode(&bindata, v7, v3);
v6 = "!NGV%,$h1f4S3%2P(hkQ94==";
if ( !strcmp("!NGV%,$h1f4S3%2P(hkQ94==", v7) )
puts("Success");
else
puts("Please Try Again");
free(v7);
system("pause");
return 0;
}
主要算法就是替换加密和更了表的base64编码。反解代码如下:
# -*- coding:utf-8 -*-
import string
def main():
t1 = 'tuvwxTUlmnopqrs7YZabcdefghij8yz0123456VWXkABCDEFGHIJKLMNOPQRS9+/'
t2 = string.uppercase+string.lowercase+string.digits+'+/'
a = '!NGV%,$h1f4S3%2P(hkQ94=='
s = ''
for i in a:
asc = ord(i)
if asc == 0x77:
s += chr(0x2b)
elif asc == 0x79:
s += chr(0x2f)
elif asc > 0x61 and asc <= 0x6b:
s += chr(asc-0x32)
elif asc > 0x20 and asc <= 0x3a:
s += chr(asc+0x40)
elif asc >= 0x41 and asc< 0x5b:
s += chr(0x9b-asc)
else:
s += i
tr = string.maketrans(t1,t2)
print s
s1 = s.translate(tr)
print s1
print s1.decode('base64')
'''KanXue2019ctf_st'''
print 'end.'
if __name__ == '__main__':
main()
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
