一开始以为是z3可解，就直接上z3，后来上angr，浪费很多时间，仔细看了一下源码发现是大整数乘积，a*a-7*b*b=8，再加上其他限制可解Pell's equation.

import gmpy

for i in range(1<<30):
    t = 7 * i * i + 8
    if gmpy.is_square(t):
        print('find %d' % (i))

def pp(x, y):
    x = hex(x).replace('0x', '')
    y = hex(y).replace('0x', '')
    print(len(x), x)
    print(len(y), y)
    print()

x1, y1 = 8, 3
x, y = 127, 48
for i in range(3, 0x15):
    pp(6*x - 14*y, 6*y - 2*x)
    pp(6*x + 14*y, 6*y + 2*x)
    x, y = x1*x + 7*y1*y, x1*y + y1*x
    print(x,y)

x = '\x02\x05\x09\x88\xb2\xbd\x38\xde\x05\x57\xf3\xb3\xb9\xe1\xa5\x5a'[::-1]
a = '\x16\x96\x8C\xE3\x81\x98\x6E\x64\x84\x08\xDC\x81\xBE\x4D\x48\x4F'

print(''.join(chr(ord(x[i]) ^ ord(a[i])) for i in range(16)))

'''
find 2
find 34
find 542
find 8638
find 137666
find 2194018
'''

[培训]二进制漏洞攻防（第3期）；满10人开班；模糊测试与工具使用二次开发；网络协议漏洞挖掘；Linux内核漏洞挖掘与利用；AOSP漏洞挖掘与利用；代码审计。