程序逻辑大致为把输入进行处理作为key,之后对key进行某些验证,然后对一段密文进行xxtea解密。其他的部分并不用关心,因为这些本来就不是我们控制的。 sub_7FF6E5231890找到对key进行判断的算法,只要让其绕过you are wrong!这里就行了,后面的不用关注。 把算法模拟了出来,爆破就可以找到key,这道题比赛的时候本来可以做出来,不过因为比赛的时候只爆了八个字节,结果绕过了检测导致后面解密失败,之后才发现原来是九个.
# from pwn import *
# import struct
a = "AB AA AA 3E 39 8E E3 3D 39 8E 63 3E 39 8E E3 3D 39 8E E3 3D 39 8E E3 3D"
a2 = "00 00 00 00 AB AA AA 3E 39 8E E3 3E AB AA 2A 3F 72 1C 47 3F 39 8E 63 3F"
xmm1 = ['0x3eaaaaab', '0x3de38e39', '0x3e638e39', '0x3de38e39', '0x3de38e39', '0x3de38e39']
xmm2 = ['0x0', '0x3eaaaaab', '0x3ee38e39', '0x3f2aaaab', '0x3f471c72', '0x3f638e39']
f1, f2 = [], []
f1 = [0.33333334326744, 0.11111111193895, 0.22222222387791, 0.11111111193895, 0.11111111193895, 0.11111111193895]
f2 = [0.0, 0.33333334326744, 0.44444444775581, 0.66666668653488,0.77777779102325, 0.88888889551163]
print(f1)
print(f2)
t = "8ab697"
def calc(ctx):
res = 0.0
v1 = 1.0
for i in ctx:
tmp = v1
#v1 = v1 * f1[t.index(i)-1]
#res += tmp * f2[t.index(i)-1]
v1 = v1 * f1[t.index(i)]
res += tmp * f2[t.index(i)]
return res
def find_key():
res = 0.0
ctx = ""
for i1 in t:
for i2 in t:
for i3 in t:
for i4 in t:
for i5 in t:
for i6 in t:
for i7 in t:
for i8 in t:
for i9 in t:
ctx = i1+i2+i3+i4+i5+i6+i7+i8+i9
ctx = ctx.replace(" ", "")
res = calc(ctx)
if abs(res-0.129556) <= 0.000001:
print ctx
find_key()
from hashlib import md5
b = "Met Cys Leu Ala Arg Leu Phe Ser Ile Leu Asn Val Cys Gly Lys Leu"
def re2(c):
l1 = "AUGC"
l2 = "UACG"
res = ""
for i in c:
res += l1[l2.index(i)]
return res
def ap(a):
res = []
res.append(a+"A")
res.append(a+"U")
res.append(a+"C")
res.append(a+"G")
return res
r = []
r.append(["UAC"])
r.append(["ACA","ACG"])
r.append(ap("GA")+["AAC", "AAU"])
r.append(ap("CG"))
r.append(ap("GC"))
r.append(ap("GA")+["AAC", "AAU"])
r.append(["AAA","AAG"])
r.append(ap("AG"))
r.append(["UAA", "UAG", "UAU"])
r.append(ap("GA")+["AAC", "AAU"])
r.append(["UUA","UUG"])
r.append(ap("CA"))
r.append(["ACA", "ACG"])
r.append(ap("CC"))
r.append(["UUU", "UUC"])
r.append(ap("GA")+["AAC", "AAU"])
r.append(["UAA", "UAG", "UGA"])
# brute
# for i0 in r[0]:
# ...
# if md5(xxx).hexdigest()[0:8] == "e03657e0":
a = -80538738812075974&0xffffffffffffffff
b = 80435758145817515&0xffffffffffffffff
c = 12602123297335631&0xffffffffffffffff
a = a^0x0FEE1DEAF76BDF08F
b = b^0x11DC37D846F5F42
c = c^0x2cc5d914031D68
a = hex(a)[2:-1].decode("hex")
b = hex(b)[2:-1].decode("hex")
c = hex(c)[2:-1].decode("hex")
magic = "3nder5tandf10@t"
flag = ""
j = 0
for i in a:
flag += chr(ord(i)^ord(magic[j]))
j += 1
for i in b:
flag += chr(ord(i)^ord(magic[j]))
j += 1
for i in c:
flag += chr(ord(i)^ord(magic[j]))
j += 1
flag = flag.encode("hex")
res = "flag{"+flag[:7]+"-"+flag[7:11]+"-"+flag[11:15]
res += "-"+flag[15:19]+"-"+flag[19:]+"}"
print res
flag{ed82ab5-5c7a-da78-b7a8-d2f5fbef453}
babymac
虽然没有mac,不过IDA里逻辑看起来跟源代码基本没啥区别了,写爆破脚本硬算:
a = [0x0000000000000001, 0x00000000000001FE, 0x0000000000001A79, 0x0000000000004940, 0x000000000000712F, 0x000000000000E1C5, 0x000000000001E866, 0x000000000003B85C, 0x00000000000760B0, 0x00000000000ED95D, 0x00000000001DB360, 0x00000000003B4D46, 0x000000000076A007, 0x0000000000ED528C, 0x0000000001DA9434, 0x0000000003B51CEA, 0x00000000076A592D, 0x000000000ED4AA88, 0x000000001DA951A4, 0x000000003B529EF7, 0x0000000076A55442, 0x00000000ED4AB07B, 0x00000001DA9560A0, 0x00000003B52AACC4, 0x000000076A5553D9, 0x0000000ED4AA997D, 0x0000001DA9553387, 0x0000003B52AA7EED, 0x00000076A554F324, 0x000000ED4AA9E5D7, 0x000001DA9553C9B2, 0x000003B52AA79A0C]
res = [0x00030970372813D2, 0x0002D3A89BCA52AC, 0x00031551E79154A2, 0x0002C522E9A5298A, 0x0002A61367C5C698, 0x000264491C01CAFD, 0x00026CA3A06C98B3, 0x0002DACBD12FB903, 0x0002E470707574E1, 0x000309E5DC39A9A7]
for i in range(32):
a[i]*=0x10A9FC70042
a[i]%=0x682669BC19DB
print map(hex, a)
def enc(b):
res = 0
for i in range(32):
res += a[31-i]*(b&1)
b = b >> 1
return res
flag = "flag"
import string
d1 = string.letters + string.digits + "_-{}"
d1 = string.printable
#j = 0
def brute(idx):
for i1 in d1:
for i2 in d1:
for i3 in d1:
for i4 in d1:
n = int((i1+i2+i3+i4).encode("hex"), 16)
if enc(n) == res[idx]:
#print i1+i2+i3+i4
return i4+i3+i2+i1
else:
continue
for i in range(1, len(res)):
flag += brute(i)
print flag
res = [0xAF, 0xD4, 0xB8, 0xBD, 0xBC, 0xB9, 0xFC, 0xF1, 0xF6, 0xA1, 0xF5, 0xFE, 0xF1, 0xE9, 0x0B, 0xF3, 0x22, 0x0F, 0x14, 0xE2, 0xED, 0xE5, 0xE2, 0x1F, 0x56, 0x54, 0x4B, 0x3A, 0x7E, 0x3E, 0x5A, 0x5A, 0x5D, 0x0B, 0x6B, 0x68, 0x54, 0x54, 0x64, 0x07, 0x51, 0x1D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]
def enc(flag):
j = 0
for i in range(0, 42, 1)[::-1]:
ord(flag[i])^(32+j)
j += 2
k = 0
for i in range(0, 42, 1)[::-1]:
ord(flag[i])+k
k += 1
m = 0
for i in range(0, 42, 1)[::-1]:
ord(flag[i])^(64+m)
m += 2
def dec(res):
flag = res
m = 0
for i in range(0, 42, 1)[::-1]:
flag[i] = flag[i]^(64+m)
m += 2
k = 0
for i in range(0, 42, 1)[::-1]:
flag[i] = flag[i]-k
k += 1
j = 0
for i in range(0, 42, 1)[::-1]:
flag[i] = flag[i]^(32+j)
j += 2
return flag
l = dec(res)
print "".join([chr(i) for i in l])
flag{e171a284-49e7-4817-ad8d-b704c02309e0}
veryeasyRE
没做上,不过说一下我分析出来的东西吧。 首先会根据规则将输入数据插入:
mem = dword_427000[0x50]
aa = "" # 输入
j = 0
for i in range(0x50):
if mem[i] == 0:
mem[i] = ord(aa[j]) - 0x30
j += 1