int check() { signed int i; // [rsp+Ch] [rbp-F4h] int v2[58]; // [rsp+10h] [rbp-F0h] memcpy(v2, &unk_100000ED0, 0xE0uLL); for ( i = 0; i < 56; ++i ) { if ( input[i] != v2[i] ) { puts((const char *)err); exit(0); } } return puts(success); }
int __cdecl main(int argc, const char **argv, const char **envp) { char v4; // [rsp+40h] [rbp-70h] __int64 v5; // [rsp+A8h] [rbp-8h] memset(input, 0, 0x64uLL); memset(&v4, 0, 0x64uLL); scanf("%s", &v4); if ( strlen(&v4) != 56 ) //字符串长度 { puts((const char *)err); exit(0); } __strcpy_chk(input, &v4, 100LL);//将输入的字符串copy到对应的字符串 func1(input); //对输入的字符串进行了简单的异或操作 xfun1(); xfun2(); xfun3(); xfun4(); xfun5(); check(); if ( __stack_chk_guard != v5 ) __stack_chk_fail(); return 0; }
__int64 __fastcall func1(__int64 a1) { __int64 result; // rax signed int i; // [rsp+0h] [rbp-Ch] for ( i = 0; i < 57; ++i ) { *(_BYTE *)(a1 + i) ^= 0xDEu;//对字符串进行了简单的异或操作 result = (unsigned int)(i + 1); } return result; }
ar *xfun2() { char *result; // rax signed int i; // [rsp+Ch] [rbp-4h] result = &input[10];//从第十个字符开始操作 for ( i = 0; i < 10; ++i ) { input[i + 10] ^= 0xBEu; result = (char *)(unsigned int)(i + 1); } return result; }
char *xfun3() { char *result; // rax signed int i; // [rsp+Ch] [rbp-4h] result = &input[20]; for ( i = 0; i < 10; ++i ) { input[i + 20] ^= 0xEFu;//从第20个字符开始操作 result = (char *)(unsigned int)(i + 1); } return result;
char *xfun4() { char *result; // rax signed int i; // [rsp+Ch] [rbp-4h] result = &input[30]; for ( i = 0; i < 10; ++i ) { input[i + 30] ^= 0xABu;//从第30个字符开始操作 result = (char *)(unsigned int)(i + 1); } return result; }
char *xfun5() { char *result; // rax signed int i; // [rsp+Ch] [rbp-4h] result = &input[40]; for ( i = 0; i < 16; ++i ) { input[i + 40] ^= 0xEFu;//从第40个字符开始操作 result = (char *)(unsigned int)(i + 1); } return result; }
[注意]看雪招聘,专注安全领域的专业人才平台!