-
-
[原创]看雪CTF2017第13题
-
2017-6-26 01:35
-
1. 处理逻辑
name是内置的: readyu
code是输入的
int __cdecl sub_40AEF0(HWND hDlg)
{
...
GetDlgItemTextA(hDlg, 1000, name, 64);
v1 = GetDlgItemTextA(hDlg, 1001, code, 256);
v2 = v1;
if ( v1 >= 0x21 )
{
if ( code[0] != 0x30 )
{
v3 = 0;
if ( v1 <= 0 )
{
LABEL_9:
memset(byte_41BC84, 0, sizeof(byte_41BC84));
v5 = off_418078[check(code, name)];
MessageBoxA(hDlg, v5, v5, 0);
return 0;
}
while ( 1 )
{
v4 = code[v3];
if ( !isxdigit(v4) || islower(v4) )
break;
if ( ++v3 >= v2 )
goto LABEL_9;
}
}
...
}z = 10000000000000000000000000000000000000000000000000000000000000000079
r = code ^ 5 mod z
r有34字节, 前17字节作为x, 后17字节作为y
epInput = (x,y)
根据name计算3个md5值:
md0=md5("\x01readyu-pediy")=51C75F1F444BAA97ED18DD6C340835D7
md1=md5("\x02\x02readyu-2017")=0E5CF7F068D6EFA16F42F935EC424A75
md2=md5("\x03\x03\x03readyu-crackme")=A4CD1D64486ABDE1BE441944460CD41D
椭圆曲线: m=131, a=13, b=2, c=1, a2=0, a6=1
前面的epInput是这个曲线上的点
ep1 = ( 51C99BFA6F18DE467C80C23B98C7994AA, 42EA2D112ECEC71FCF7E000D7EFC978BD )
ep2 = ( 6C997F3E7F2C66A4A5D2FDA13756A37B1, 4A38D11829D32D347BD0C0F584D546E9A )
n = 200000000000000004D4FDD5703A3F269
校验 (md2 * ep1 + epInput) * md0 mod n == (md2 *ep2 + epInput) * md1 mod n
signed int __cdecl check(char *code, const char *a2)
{
...
get_mip();
v29[0] = 0;
memset(&v29[1], 0, 0x20u);
*(_WORD *)&v29[33] = 0;
v29[35] = 0;
ptr[0] = 0x10;
ptr[1] = 0;
ptr[2] = 0;
ptr[3] = 0;
ptr[4] = 0;
ptr[5] = 0;
ptr[6] = 0;
ptr[7] = 0;
ptr[8] = 0;
ptr[9] = 0;
ptr[10] = 0;
ptr[11] = 0;
ptr[12] = 0;
ptr[13] = 0;
ptr[14] = 0;
ptr[15] = 0;
ptr[16] = 0;
ptr[17] = 0;
ptr[18] = 0;
ptr[19] = 0;
ptr[20] = 0;
ptr[21] = 0;
ptr[22] = 0;
ptr[23] = 0;
ptr[24] = 0;
ptr[25] = 0;
ptr[26] = 0;
ptr[27] = 0;
ptr[28] = 0;
ptr[29] = 0;
ptr[30] = 0;
ptr[31] = 0;
ptr[32] = 0;
ptr[33] = 0x79;
mirsys_init();
v2 = z;
a2_1 = ::a2;
v4 = ::x;
y = dword_41BC68;
x = dword_41BC64;
a6 = dword_41BC70;
w = dword_41BC74;
bytes_to_big(34, ptr, z);
cinstr(v4, code);
if ( mr_compare(v4, v2) <= 0 )
{
power(v4, 5, v2, w);
memset(v29, 0, sizeof(v29));
if ( big_to_bytes(34, w, v29, 1) == 34 )
{
bytes_to_big(17, v29, x);
bytes_to_big(17, &v29[17], y);
convert(0, a2_1);
convert(1, a6);
v17 = 1;
if ( ecurve2_init(131, 13, 2, 1, a2_1, a6, 0, 0) )
{
qmemcpy(v46, "51C99BFA6F18DE467C80C23B98C7994AA", sizeof(v46));
qmemcpy(v47, "42EA2D112ECEC71FCF7E000D7EFC978BD", sizeof(v47));
qmemcpy(v44, "6C997F3E7F2C66A4A5D2FDA13756A37B1", sizeof(v44));
qmemcpy(v43, "4A38D11829D32D347BD0C0F584D546E9A", sizeof(v43));
qmemcpy(v45, "200000000000000004D4FDD5703A3F269", sizeof(v45));
v30 = dword_418118;
v31 = word_41811C;
memset(v32, 0, sizeof(v32));
v33 = 0;
v34 = dword_4180E4;
v35 = byte_4180E8;
memset(v36, 0, sizeof(v36));
v37 = 0;
v38 = 0;
v40 = dword_4180F0;
v39 = dword_4180EC;
memset(v41, 0, sizeof(v41));
a1 = 0;
memset(v49, 0, sizeof(v49));
v50 = 0;
v51 = 0;
i = 0;
v6 = &a1;
a3 = (char *)mds;
lpMem = (flash)&v30;
do
{
strcpy(v6, a2);
strcat(v6, "-");
strcat(v6, (const char *)lpMem);
xmd5(v6, strlen(v6), a3, i + 1);
v6 += 256;
++i;
lpMem += 4;
a3 += 16;
}
while ( i < 3 );
md0 = mirvar(0);
md1 = mirvar(0);
md2 = mirvar(0);
x1 = mirvar(0);
a3a = mirvar(0);
x2 = mirvar(0);
lpMema = mirvar(0);
v9 = mirvar(0);
ep1 = epoint_init();
ep2 = epoint_init();
p1 = epoint_init();
p2 = epoint_init();
epInput = epoint_init();
if ( epoint2_set(x, y, 0, epInput) )
{
cinstr(x1, v46);
cinstr(a3a, v47);
epoint2_set(x1, a3a, 0, ep1);
cinstr(x2, v44);
cinstr(lpMema, v43);
epoint2_set(x2, lpMema, 0, ep2);
bytes_to_big(16, (_BYTE *)mds, md0);
bytes_to_big(16, mds[1], md1);
bytes_to_big(16, mds[2], md2);
ecurve2_mult(md2, ep1, p1);
ecurve2_mult(md2, ep2, p2);
ecurve2_add(epInput, p1);
ecurve2_add(epInput, p2);
ecurve2_mult(md0, p1, p1);
ecurve2_mult(md1, p2, p2);
epoint2_get(p1, x1, a3a);
epoint2_get(p2, x2, lpMema);
cinstr(v9, v45);
divide(x1, v9, v9);
divide(x2, v9, v9);
v17 = 3;
if ( !mr_compare(x1, x2) )
v17 = 0;
}
else
{
v17 = 2;
}
mirkill(md0);
mirkill(md1);
mirkill(md2);
mirkill(x1);
mirkill(x2);
mirkill(a3a);
mirkill(lpMema);
mirkill(v9);
epoint_free(ep1);
epoint_free(ep2);
epoint_free(p1);
epoint_free(p2);
epoint_free(epInput);
}
mirexit();
result = v17;
}
else
{
mirexit();
result = 1;
}
}
else
{
mirexit();
result = 1;
}
return result;
}2. 计算
(md2 * ep1 + epInput) * md0 mod n == (md2 *ep2 + epInput) * md1 mod n
=>
epInput = (md2 * md1 * ep2 - md2 * md0 * ep1) * (((md0 - md1) ^-1) mod n)
得到 ( 02D23461BA71B50AF182DC76E5A7C726F5, 07BE013AF19BD185BCD20BB341EA31298B )
void test2()
{
big a2 = mirvar(0);
big a6 = mirvar(1);
if (ecurve2_init(131, 13, 2, 1, a2, a6, 0, 0))
{
epoint *epInput = epoint_init();
big x = mirvar(0);
big y = mirvar(0);
big md0 = mirvar(0);
big md1 = mirvar(0);
big md2 = mirvar(0);
cinstr(md0, "51C75F1F444BAA97ED18DD6C340835D7");
cinstr(md1, "0E5CF7F068D6EFA16F42F935EC424A75");
cinstr(md2, "A4CD1D64486ABDE1BE441944460CD41D");
epoint *p1 = epoint_init();
big x1 = mirvar(0);
big y1 = mirvar(0);
cinstr(x1, "51C99BFA6F18DE467C80C23B98C7994AA");
cinstr(y1, "42EA2D112ECEC71FCF7E000D7EFC978BD");
epoint2_set(x1, y1, 0, p1);
epoint *p2 = epoint_init();
big x2 = mirvar(0);
big y2 = mirvar(0);
cinstr(x2, "6C997F3E7F2C66A4A5D2FDA13756A37B1");
cinstr(y2, "4A38D11829D32D347BD0C0F584D546E9A");
epoint2_set(x2, y2, 0, p2);
big n = mirvar(0);
cinstr(n, "200000000000000004D4FDD5703A3F269");
ecurve2_mult(md2, p2, p2);
ecurve2_mult(md1, p2, p2);
ecurve2_mult(md2, p1, p1);
ecurve2_mult(md0, p1, p1);
ecurve2_sub(p1, p2);
big r = mirvar(0);
big rd = mirvar(0);
big nd = mirvar(0);
big z = mirvar(0);
subtract(md0, md1, r);
xgcd(r, n, rd, nd, z);
ecurve2_mult(rd, p2, epInput);
epoint2_get(epInput, x, y);
char sx[256];
char sy[256];
cotstr(x, sx);
cotstr(y, sy);
printf("%s\n", sx);
printf("%s\n", sy);
}
}用RDLP计算得到code
>>> 7A7102F36F3B344D666132A6FF7EF4BA05B99640BB815C9E712A72C64B6ABC582C2
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
