[原创]网刃杯逆向wp-CTF对抗-看雪-安全社区|安全招聘|kanxue.com

[原创]网刃杯逆向wp
发表于: 2021-9-14 15:51 21183
[原创]网刃杯逆向wp

s1lenc3沉默
2021-9-14 15:51
21183
根据常数搜索到Sm3，然后爆破就行。
本来用unicorn可以秒这道题，但是不知道我多蠢，模拟了一个自己patch过的文件，导致没跑出来，解出这个题之后才发觉，所以写两种方法。
两个地方反调试：
 
这里也需要过跳转：
 
关键地方就是check分数，得到正确的分数进行简单计算即可：
 
要得到score，patch反调试，然后程序内改汇编进行爆破。
.text:00992388 90                      nop
.text:00992389
.text:00992389                         loc_992389:                             ; CODE XREF: sub_992290+12C↓j
.text:00992389 8B 8D 68 FF FF FF       mov     ecx, [ebp+var_98]
.text:0099238F 8B 01                   mov     eax, [ecx+0]
.text:00992391 83 C0 01                add     eax, 1
.text:00992394 89 01                   mov     [ecx], eax
.text:00992396 89 41 4C                mov     [ecx+4Ch], eax
.text:00992399 90                      nop
.text:0099239A 90                      nop
.text:0099239B 90                      nop
.text:0099239C 90                      nop
拿到分数。
unicorn模拟程序爆破解法：

ss = ['6b8575c6092240cde08414dafd535bee', 'f0f659f2951290ad5e076b3fe5e70425', 'c1d6c663570de9fad13ddef955d8a02b', '14c4e442fba6d820ea90ae73ed90ad83', '25d997669868d0cf89782349256efb33', '78b1ea6bb1ac10287864c8f52d2758b6', '67d1259c26765356ddb58c6faf28080c', 'c1e14e0c86f55ba1d74b35b66f96ad36', '3e4f3ee942d1a57182e24df201b7022b', 'c35557f7e5c389061fb2e2ffa1a644ad', '15593844fae18fe1a25f3a9017c73810', 'c6c21ca591a63755fd77bf5c55a0238a', 'f90cb529875e83cc191c0e10ead6f73e', '3ddbe25f9b183c3e2c33c3b1e501fcd8', '30fdf04c347f1d4e335bda670d54eaaf', '33feb100c8c7c3769af6e9d26486c646']

m = '77'

IV='7380166f4914b2b9172442d7da8a0600a96f30bc163138aae38dee4db0fb0e4e'
#填充函数

def filling(m):

    #消息m是一个16进制字符串

    #直接加16进制比较好

    #61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364
 
    #a = int(m,16)

    #b = bin(a)[2:]#消息转换为二进制

    length_b = len(m)*4#记录消息的长度

    #s1='{:04b}'.format(s1)

    b = m

    b = b + '8'#补 1

    c = len(b)%128

    c = 112 - c#补 0 的个数

    d = '0'*c

    b = b + d#补 0

    length_m = '{:016x}'.format(length_b)#也是16进制

    b = b + length_m#填充完毕

    #b = int(b)

    #b = hex(b)[2:]

    return b
 
#分组函数

def fenzu(m):

    m = filling(m)

    len_m = len(m)/128

    m_list = []

    for i in range(int(len_m)):

        a = m[0+128*i:+128*(i+1)]

        m_list.append(a)

    return m_list
 
#扩展函数

def expand(m,n):#n代表是第几组消息，消息之间没有关系，不用迭代

    B = fenzu(m)#列表

    W = ['0' for i in range(68)]

    W_0 = ['0' for i in range(64)]

    for i in range(int(len(B[n])/8)):#128/8=16个字

        w = B[n][i*8:(i+1)*8]

        W[i] = w

    for j in range(16,68):

        a = or_16(W[j-16],W[j-9])
 
        W_j_3 = Cyc_shift(W[j-3],15)

        #print(W_j_3)

        a = or_16(a,W_j_3)
 
        a = Replace_P1(a)

        #print(a)

        W_j_13=Cyc_shift(W[j-13],7)

        a = or_16(a,W_j_13)

        a = or_16(a,W[j-6])

        W[j]=a

    #return W

    for j in range(64):

        W_0[j]=or_16(W[j],W[j+4])

    return W,W_0
 
#置换函数

def Replace_P1(X):

    #X为32位字

    X_15 = Cyc_shift(X,15)  #循环移位

    X_23 = Cyc_shift(X,23)

    a = or_16(X,X_15)

    a = or_16(a,X_23)

    return a
 
#置换函数

def Replace_P0(X):

    #X为32位字

    X_9 = Cyc_shift(X,9)

    X_17 = Cyc_shift(X,17)

    a = or_16(X,X_9)

    a = or_16(a,X_17)

    return a
 
#异或函数

def or_16(A,B):

    A = int(A,16)

    B = int(B,16)

    C = A ^ B

    C = '{:08x}'.format(C)

    return C
 
#循环移位函数

def Cyc_shift(W,n):

    a = int(W,16)

    a = '{:032b}'.format(a)

    while n>=32:

        n=n-32

    a = a[n:] + a[:n]

    a = int(a,2)

    a = '{:08x}'.format(a)

    return a
 
#常量Tj

def T_j(j):

    if j<=15:

        T_j='79cc4519'

    else:

        T_j='7a879d8a'

    return T_j
 
#mod 2^32 算术加运算

def add(x,y):

    x = int(x,16)

    x = '{:032b}'.format(x)

    x = list(x)

    y = int(y, 16)

    y = '{:032b}'.format(y)

    y = list(y)

    #print(x)

    #print(y)

    a = [0 for _ in range(32)]

    carry = 0

    for i in range(32):

        m = int(x[31-i])+int(y[31-i])+carry

        if m>=2:

            d=m-2

            a[31-i]=str(d)

            carry=1

        else:

            carry=0

            d=m

            a[31 - i] = str(d)

    #print(a)

    b=''.join(a)

    b=int(b,2)

    b='{:08x}'.format(b)

    return b
 
#布尔函数

def FF_j(X,Y,Z,j):

    if j<=15:

        a = or_16(X,Y)

        a = or_16(a,Z)

    else:

        a = and_Cal(X,Y)

        b = and_Cal(X,Z)

        c = and_Cal(Y,Z)

        a = or_Cal(a,b)

        a = or_Cal(a,c)

    return a
 
#布尔函数

def GG_j(X, Y, Z, j):

    if j <= 15:

        a = or_16(X, Y)

        a = or_16(a, Z)

    else:

        a = and_Cal(X,Y)

        b = qufan(X)

        b = and_Cal(b,Z)

        a = or_Cal(a,b)

    return a
 
#与运算函数

def and_Cal(a,b):

    a = int(a,16)

    b = int(b,16)

    a_b = a & b

    a_b = '{:08x}'.format(a_b)

    return a_b
 
#或运算函数

def or_Cal(a,b):

    a = int(a, 16)

    b = int(b, 16)

    a_b = a | b

    a_b = '{:08x}'.format(a_b)

    return a_b
 
#按位取反函数

def qufan(A):

    A = int(A,16)

    A = '{:032b}'.format(A)

    A = list(A)

    for i in range(32):

        if A[i]=='0':

            A[i]='1'

        else:

            A[i]='0'

    A = ''.join(A)

    A = int(A,2)

    A = '{:08x}'.format(A)

    return A
 
#压缩函数

m_list = fenzu(m)

m_len = len(m_list)

V = ['0' for i in range(m_len+1)]

V[0]=IV
 
#压缩函数

def CF(m,n,k):

    w = expand(m, n)

    W = w[0]

    W_0 = w[1]

    A=V[k][0:8]

    B=V[k][8:16]

    C=V[k][16:24]

    D=V[k][24:32]

    E=V[k][32:40]

    F=V[k][40:48]

    G=V[k][48:56]

    H=V[k][56:64]

    #print(W_0)

    all=''

    for j in range(64):

        #print(E)

        b= a = Cyc_shift(A,12)

        #t = b

        T = T_j(j)

        #

        T = Cyc_shift(T,j)#忘记移位了，移位问题

        a = add(a,E)

        a = add(a,T)

        SS1 = Cyc_shift(a,7)

        SS2 = or_16(SS1,b)

        b = FF_j(A,B,C,j)

        b = add(b,D)

        b = add(b,SS2)

        TT1 = add(b,W_0[j]) #

        b = GG_j(E,F,G,j)

        b = add(b, H)

        b = add(b, SS1)

        TT2 = add(b, W[j]) #

        D = C

        C = Cyc_shift(B,9)

        B = A

        A = TT1#

        H = G

        G = Cyc_shift(F,19)

        F = E

        E = Replace_P0(TT2) #

        all = A+B+C+D+E+F+G+H

        #print(all)

    #V[k+1]=or_16(all,V[k])

    #return V[k+1]

    #print(t)

    #return all

    V[k+1]=or_16(V[k],all)
 
#print(CF(m,0,0))
#print(V)

def hash(m=m):

    for i in range(m_len):

        v_n=CF(m,i,i)

    #print(V[-1])

    return V[-1]
 
#b=''
#b=a[0:8]+'\0'+a[8:16]+'\0'+a[16:24]+'\0'+a[24:32]+'\0'+a[32:40]+'\0'+a[40:48]+'\0'+a[48:56]+'\0'+a[56:64]
#print(b)

flag = ""

ttt = ""

for j in range(len(ss)):

    for i in range(0xff):

        arg = ttt + hex(i)[2:].rjust(2,"0")

        res = hash(m=arg)[:32]

        #print(res, i)

        if res == ss[j]:

            flag += chr(i)

            ttt += hex(i)[2:].rjust(2,"0")

            print(flag)

            break
#print('输入的消息m是:\n',m)
#print('消息m的hash值为:\n',b)

ss = ['6b8575c6092240cde08414dafd535bee', 'f0f659f2951290ad5e076b3fe5e70425', 'c1d6c663570de9fad13ddef955d8a02b', '14c4e442fba6d820ea90ae73ed90ad83', '25d997669868d0cf89782349256efb33', '78b1ea6bb1ac10287864c8f52d2758b6', '67d1259c26765356ddb58c6faf28080c', 'c1e14e0c86f55ba1d74b35b66f96ad36', '3e4f3ee942d1a57182e24df201b7022b', 'c35557f7e5c389061fb2e2ffa1a644ad', '15593844fae18fe1a25f3a9017c73810', 'c6c21ca591a63755fd77bf5c55a0238a', 'f90cb529875e83cc191c0e10ead6f73e', '3ddbe25f9b183c3e2c33c3b1e501fcd8', '30fdf04c347f1d4e335bda670d54eaaf', '33feb100c8c7c3769af6e9d26486c646']

m = '77'

IV='7380166f4914b2b9172442d7da8a0600a96f30bc163138aae38dee4db0fb0e4e'
#填充函数

def filling(m):

    #消息m是一个16进制字符串

    #直接加16进制比较好

    #61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364
 
    #a = int(m,16)

    #b = bin(a)[2:]#消息转换为二进制

    length_b = len(m)*4#记录消息的长度

    #s1='{:04b}'.format(s1)

    b = m

    b = b + '8'#补 1

    c = len(b)%128

    c = 112 - c#补 0 的个数

    d = '0'*c

    b = b + d#补 0

    length_m = '{:016x}'.format(length_b)#也是16进制

    b = b + length_m#填充完毕

    #b = int(b)

    #b = hex(b)[2:]

    return b
 
#分组函数

def fenzu(m):

    m = filling(m)

    len_m = len(m)/128

    m_list = []

    for i in range(int(len_m)):

        a = m[0+128*i:+128*(i+1)]

        m_list.append(a)

    return m_list
 
#扩展函数

def expand(m,n):#n代表是第几组消息，消息之间没有关系，不用迭代

    B = fenzu(m)#列表

    W = ['0' for i in range(68)]

    W_0 = ['0' for i in range(64)]

    for i in range(int(len(B[n])/8)):#128/8=16个字

        w = B[n][i*8:(i+1)*8]

        W[i] = w

    for j in range(16,68):

        a = or_16(W[j-16],W[j-9])
 
        W_j_3 = Cyc_shift(W[j-3],15)

        #print(W_j_3)

        a = or_16(a,W_j_3)
 
        a = Replace_P1(a)

        #print(a)

        W_j_13=Cyc_shift(W[j-13],7)

        a = or_16(a,W_j_13)

        a = or_16(a,W[j-6])

        W[j]=a

    #return W

    for j in range(64):

        W_0[j]=or_16(W[j],W[j+4])

    return W,W_0
 
#置换函数

def Replace_P1(X):

    #X为32位字

    X_15 = Cyc_shift(X,15)  #循环移位

    X_23 = Cyc_shift(X,23)

    a = or_16(X,X_15)

    a = or_16(a,X_23)

    return a
 
#置换函数

def Replace_P0(X):

    #X为32位字

    X_9 = Cyc_shift(X,9)

    X_17 = Cyc_shift(X,17)

    a = or_16(X,X_9)

    a = or_16(a,X_17)

    return a
 
#异或函数

def or_16(A,B):

    A = int(A,16)

    B = int(B,16)

    C = A ^ B

    C = '{:08x}'.format(C)

    return C
 
#循环移位函数

def Cyc_shift(W,n):

    a = int(W,16)

    a = '{:032b}'.format(a)

    while n>=32:

        n=n-32

    a = a[n:] + a[:n]

    a = int(a,2)

    a = '{:08x}'.format(a)

    return a
 
#常量Tj

def T_j(j):

    if j<=15:

        T_j='79cc4519'

    else:

        T_j='7a879d8a'

    return T_j
 
#mod 2^32 算术加运算

def add(x,y):

    x = int(x,16)

    x = '{:032b}'.format(x)

    x = list(x)

    y = int(y, 16)

    y = '{:032b}'.format(y)

    y = list(y)

    #print(x)

    #print(y)

    a = [0 for _ in range(32)]

    carry = 0

    for i in range(32):

        m = int(x[31-i])+int(y[31-i])+carry

        if m>=2:

            d=m-2

            a[31-i]=str(d)

            carry=1

        else:

            carry=0

            d=m

            a[31 - i] = str(d)

    #print(a)

    b=''.join(a)

    b=int(b,2)

    b='{:08x}'.format(b)

    return b
 
#布尔函数

def FF_j(X,Y,Z,j):

    if j<=15:

        a = or_16(X,Y)

        a = or_16(a,Z)

    else:

        a = and_Cal(X,Y)

        b = and_Cal(X,Z)

        c = and_Cal(Y,Z)

        a = or_Cal(a,b)

        a = or_Cal(a,c)

    return a
 
#布尔函数

def GG_j(X, Y, Z, j):

    if j <= 15:

        a = or_16(X, Y)

        a = or_16(a, Z)

    else:

        a = and_Cal(X,Y)

        b = qufan(X)

        b = and_Cal(b,Z)

        a = or_Cal(a,b)

    return a
 
#与运算函数

def and_Cal(a,b):

    a = int(a,16)

    b = int(b,16)

    a_b = a & b

    a_b = '{:08x}'.format(a_b)

    return a_b
 
#或运算函数

def or_Cal(a,b):

    a = int(a, 16)

    b = int(b, 16)

				登录后可查看完整内容
			
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入！

		#Reverse
收藏・2
免费・1
支持
最新回复 (1)
迷路看手机雪币： 10 活跃值： (114) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 10 粉丝 0 关注私信	迷路看手机 2 楼萌新来学习了 2021-9-22 10:47 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复
s1lenc3沉默
发帖
回帖
RANK
关注
私信
他的文章
关于我们
联系我们
企业服务
看雪公众号
最新回复 (1)
迷路看手机雪币： 10 活跃值： (114) 能力值： ( LV2，RANK：10 ) 在线值：发帖 0 回帖 10 粉丝 0 关注私信	迷路看手机 2 楼萌新来学习了 2021-9-22 10:47 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复