-
-
[原创]KCTF2021[秋季赛][第九题][万事俱备]wp
-
发表于: 2021-12-8 10:04 18664
-
运行CrackMe.exe,发现会在临时目录创建python27进程,把临时目录打包拷贝出来,直接研究check.py
发现check.py是编译过的,且不是标准opcode
IDA打开python27.dll找到PyEval_EvalFrameEx,找到到这里:
对应源码ceval.c的PyEval_EvalFrameEx中的:switch (opcode) {}
把opcode定义整理出来,更新到opcode.h文件中,把每条opcode写log输出记录,注意做下模块过滤,减少无用输出
然后编译得到带log输出的python27环境,运行自己的python27:
python27 check.py
得到全部log有900多M,搜索到"input username",把前面的全删掉,还剩200多M
然后发现很多类似这样的组合序列:
感觉像是加的混淆,写个脚本清理掉,可以大胆清理,主要保留逻辑和数学运算即可,最后还剩下2M多,1万多行了
比如我输入的名字是:KCTF,序列号是:00000000000000000000000000000000
观察前面一段log:
能看出是把名字KTCF替换掉kctf2021GoodLuck的前几个字符得到KCTF@021GoodLuck
从helloctf_pediy_Archaia到bfdc823fca7d85034d70f650df268108,用hash计算器对比一下是md5
直接看序列号后续怎么处理的把,一搜就跳到了9000多行的地方,后面只剩2000多行了,估计可以看下去了:
上面这一段是将输入字节化,结合一个256字节的表,以及后面的加法和异或,就可以联想的rc4了
这就不用细看了,直接往后翻到最后一次试用256字节密钥表的地方,又跳过了1500行左右,后面只剩几百行了:
看到这个:'\x1bO\xf4\xd1\xf9\xf3X\x95\xb4\n\xec\xa5S\x9c\xba'
应该是rc4的最终结果了,为了证实,这次用1B4FF4D1F9F35895B40AECA5539CBA0A作为序列号输入重新log一遍
再观察这里确实得到'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
所以这一段rc4只要用{0x1B,0x4F,0xF4,0xD1,0xF9,0xF3,0x58,0x95,0xB4,0x0A,0xEC,0xA5,0x53,0x9C,0xBA,0x0A}做一次异或即可求解
最后几百行慢慢整理:
上面一段WORD操作的算法整出来这样的:
8个WORD拼起来等于'KCTF@021GoodLuck'就OK了,keygen:
编译运行得到:AD0A1F8179ABE48ED3B073F840DA52A7
.text:000000001E1678D0 cmp esi, 93h ; switch 148 cases
.text:000000001E1678D6 ja def_1E1678EA ; jumptable 000000001E1678EA default case, cases 12,21,27,34-36,38,43,44,47,49,55,58,61,68,75,78-80,82,84,91,96,97,103,104,117,121,129,144
.text:000000001E1678DC movsxd rax, esi
.text:000000001E1678DF mov ecx, ds:(jpt_1E1678EA - 1E000000h)[r11+rax*4]
.text:000000001E1678E7 add rcx, r11
.text:000000001E1678EA jmp rcx ; switch jump
.text:000000001E1678D0 cmp esi, 93h ; switch 148 cases
.text:000000001E1678D6 ja def_1E1678EA ; jumptable 000000001E1678EA default case, cases 12,21,27,34-36,38,43,44,47,49,55,58,61,68,75,78-80,82,84,91,96,97,103,104,117,121,129,144
.text:000000001E1678DC movsxd rax, esi
.text:000000001E1678DF mov ecx, ds:(jpt_1E1678EA - 1E000000h)[r11+rax*4]
.text:000000001E1678E7 add rcx, r11
.text:000000001E1678EA jmp rcx ; switch jump
off=0021, [op=6D LOAD_FAST]:push 65826766491753696159103395487087L
off=0024, [op=83 LOAD_CONST]:push 86714445000368537639824468062475L
off=0027, [op=5F COMPARE_OP]:
off=002D, [op=76 JUMP_ABSOLUTE]
off=0021, [op=6D LOAD_FAST]:push 65826766491753696159103395487087L
off=0024, [op=83 LOAD_CONST]:push 86714445000368537639824468062475L
off=0027, [op=5F COMPARE_OP]:
off=002D, [op=76 JUMP_ABSOLUTE]
off=1032, [op=77 STORE_FAST]:pop 'KCTF'
off=0C46, [op=83 LOAD_CONST]:push 10
off=10D6, [op=5A CALL_FUNCTION]:
off=0C59, [op=77 STORE_FAST]:pop '00000000000000000000000000000000'
off=093F, [op=83 LOAD_CONST]:push 220
off=0C8D, [op=6D LOAD_FAST]:push 'KCTF'
off=0EC9, [op=5F COMPARE_OP]:
off=0F10, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=090C, [op=83 LOAD_CONST]:push 446
off=116D, [op=5A CALL_FUNCTION]:
off=0D99, [op=5A CALL_FUNCTION]:
off=0C04, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=0CC1, [op=5F COMPARE_OP]:
off=091F, [op=6D LOAD_FAST]:push 'KCTF'
off=0D87, [op=5A CALL_FUNCTION]:
off=0E93, [op=83 LOAD_CONST]:push 16
off=0983, [op=5F COMPARE_OP]:
off=0F73, [op=83 LOAD_CONST]:push 26
off=117E, [op=77 STORE_FAST]:pop 'kctf2021GoodLuck'
off=0EDA, [op=6D LOAD_FAST]:push 'KCTF'
off=0CF9, [op=5A CALL_FUNCTION]:
off=0996, [op=83 LOAD_CONST]:push 16
off=0E17, [op=5F COMPARE_OP]:
off=0BD0, [op=6D LOAD_FAST]:push 'KCTF'
off=0A36, [op=83 LOAD_CONST]:push 178
off=0D1C, [op=6D LOAD_FAST]:push 'kctf2021GoodLuck'
off=0FB7, [op=6D LOAD_FAST]:push 'KCTF'
off=09BA, [op=5A CALL_FUNCTION]:
off=0AEF, [op=83 LOAD_CONST]:push 1
off=0D75, [op=51 BINARY_ADD]:1 + 4 = 5
off=1192, [op=77 STORE_FAST]:pop 'KCTF@021GoodLuck'
off=0D53, [op=77 STORE_FAST]:pop []
off=10B5, [op=6D LOAD_FAST]:push []
off=0A24, [op=6D LOAD_FAST]:push 'helloctf_pediy_Archaia'
off=08D3, [op=5A CALL_FUNCTION]:
off=09A6, [op=83 LOAD_CONST]:push 0
off=0930, [op=77 STORE_FAST]:pop 0
off=082F, [op=83 LOAD_CONST]:push 507
off=0BDE, [op=5A CALL_FUNCTION]:
off=06A5, [op=6D LOAD_FAST]:push 'helloctf_pediy_Archaia'
off=0B3C, [op=5A CALL_FUNCTION]:
off=09E2, [op=5A CALL_FUNCTION]:
off=0BF2, [op=77 STORE_FAST]:pop 'bfdc823fca7d85034d70f650df268108'
off=1032, [op=77 STORE_FAST]:pop 'KCTF'
off=0C46, [op=83 LOAD_CONST]:push 10
off=10D6, [op=5A CALL_FUNCTION]:
off=0C59, [op=77 STORE_FAST]:pop '00000000000000000000000000000000'
off=093F, [op=83 LOAD_CONST]:push 220
off=0C8D, [op=6D LOAD_FAST]:push 'KCTF'
off=0EC9, [op=5F COMPARE_OP]:
off=0F10, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=090C, [op=83 LOAD_CONST]:push 446
off=116D, [op=5A CALL_FUNCTION]:
off=0D99, [op=5A CALL_FUNCTION]:
off=0C04, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=0CC1, [op=5F COMPARE_OP]:
off=091F, [op=6D LOAD_FAST]:push 'KCTF'
off=0D87, [op=5A CALL_FUNCTION]:
off=0E93, [op=83 LOAD_CONST]:push 16
off=0983, [op=5F COMPARE_OP]:
off=0F73, [op=83 LOAD_CONST]:push 26
off=117E, [op=77 STORE_FAST]:pop 'kctf2021GoodLuck'
off=0EDA, [op=6D LOAD_FAST]:push 'KCTF'
off=0CF9, [op=5A CALL_FUNCTION]:
off=0996, [op=83 LOAD_CONST]:push 16
off=0E17, [op=5F COMPARE_OP]:
off=0BD0, [op=6D LOAD_FAST]:push 'KCTF'
off=0A36, [op=83 LOAD_CONST]:push 178
off=0D1C, [op=6D LOAD_FAST]:push 'kctf2021GoodLuck'
off=0FB7, [op=6D LOAD_FAST]:push 'KCTF'
off=09BA, [op=5A CALL_FUNCTION]:
off=0AEF, [op=83 LOAD_CONST]:push 1
off=0D75, [op=51 BINARY_ADD]:1 + 4 = 5
off=1192, [op=77 STORE_FAST]:pop 'KCTF@021GoodLuck'
off=0D53, [op=77 STORE_FAST]:pop []
off=10B5, [op=6D LOAD_FAST]:push []
off=0A24, [op=6D LOAD_FAST]:push 'helloctf_pediy_Archaia'
off=08D3, [op=5A CALL_FUNCTION]:
off=09A6, [op=83 LOAD_CONST]:push 0
off=0930, [op=77 STORE_FAST]:pop 0
off=082F, [op=83 LOAD_CONST]:push 507
off=0BDE, [op=5A CALL_FUNCTION]:
off=06A5, [op=6D LOAD_FAST]:push 'helloctf_pediy_Archaia'
off=0B3C, [op=5A CALL_FUNCTION]:
off=09E2, [op=5A CALL_FUNCTION]:
off=0BF2, [op=77 STORE_FAST]:pop 'bfdc823fca7d85034d70f650df268108'
off=1057, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=0CD5, [op=5A CALL_FUNCTION]:
off=13C2, [op=83 LOAD_CONST]:push 0
off=123A, [op=77 STORE_FAST]:pop 0
off=0CBC, [op=77 STORE_FAST]:pop 0
off=11CC, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=0EBD, [op=83 LOAD_CONST]:push 421
off=0F11, [op=5A CALL_FUNCTION]:
off=0C26, [op=83 LOAD_CONST]:push 694
off=0C5E, [op=5A CALL_FUNCTION]:
off=0F9B, [op=77 STORE_FAST]:pop '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
off=0C05, [op=83 LOAD_CONST]:push ''
off=0FF6, [op=77 STORE_FAST]:pop ''
off=0EF0, [op=83 LOAD_CONST]:push ''
off=0BDF, [op=77 STORE_FAST]:pop ''
off=0B89, [op=6D LOAD_FAST]:push '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
off=0FAF, [op=77 STORE_FAST]:pop '\x00'
off=0ED0, [op=6D LOAD_FAST]:push 0
off=102A, [op=83 LOAD_CONST]:push 1
off=1316, [op=51 BINARY_ADD]:1 + 0 = 1
off=144F, [op=83 LOAD_CONST]:push 256
off=0C81, [op=0E BINARY_MODULO]:1 % 256 = 1
off=0B1C, [op=77 STORE_FAST]:pop 1
off=12DB, [op=6D LOAD_FAST]:push 0
off=15FA, [op=6D LOAD_FAST]:push [98, 30, 106, 149, 9, 136, 33, 174, 26, 128, 32, 48, 116, 69, 244, 5, 122, 239, 79, 147, 197, 64, 16, 10, 53, 188, 135, 89, 120, 12, 73, 160, 34, 169, 96, 179, 54, 29, 191, 76, 215, 180, 70, 84, 181, 15, 211, 157, 59, 75, 218, 133, 132, 161, 242, 237, 99, 18, 199, 162, 83, 183, 102, 156, 137, 163, 61, 190, 110, 227, 3, 94, 142, 201, 158, 27, 184, 178, 39, 77, 74, 62, 115, 22, 126, 95, 234, 186, 38, 243, 103, 203, 107, 101, 219, 36, 41, 4, 196, 140, 165, 200, 93, 145, 45, 195, 141, 185, 249, 155, 8, 117, 113, 65, 224, 63, 170, 233, 60, 23, 131, 111, 35, 52, 80, 166, 212, 146, 204, 228, 100, 2, 238, 235, 88, 189, 58, 17, 114, 44, 47, 214, 171, 6, 209, 207, 121, 21, 182, 194, 91, 150, 192, 25, 139, 252, 7, 173, 86, 28, 104, 11, 223, 127, 125, 14, 251, 124, 40, 87, 231, 246, 50, 82, 20, 221, 130, 241, 172, 42, 97, 129, 205, 220, 144, 225, 49, 138, 57, 222, 250, 193, 206, 43, 13, 217, 164, 245, 148, 1, 202, 90, 109, 248, 253, 92, 187, 226, 19, 46, 67, 31, 105, 143, 153, 78, 123, 236, 56, 208, 66, 176, 118, 51, 175, 85, 255, 177, 254, 112, 213, 37, 210, 167, 72, 24, 232, 0, 168, 216, 230, 198, 134, 154, 240, 229, 152, 159, 151, 55, 81, 119, 108, 71, 247, 68]
off=0B41, [op=6D LOAD_FAST]:push 1
off=12F6, [op=51 BINARY_ADD]:30 + 0 = 30
off=0DC2, [op=83 LOAD_CONST]:push 256
off=15C6, [op=0E BINARY_MODULO]:30 % 256 = 30
off=1093, [op=77 STORE_FAST]:pop 30
off=0CE1, [op=6D LOAD_FAST]:push [98, 30, 106, 149, ...]
off=0F77, [op=6D LOAD_FAST]:push 30
off=12C9, [op=6D LOAD_FAST]:push [98, 30, 106, 149, ...]
off=0CA8, [op=6D LOAD_FAST]:push 1
off=1583, [op=6D LOAD_FAST]:push [98, 30, 106, 149, ...]
off=0F23, [op=6D LOAD_FAST]:push 1
off=0FE4, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=0E85, [op=6D LOAD_FAST]:push 30
off=141B, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=0F66, [op=6D LOAD_FAST]:push 1
off=0C4B, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=15D8, [op=6D LOAD_FAST]:push 30
off=0F55, [op=51 BINARY_ADD]:30 + 73 = 103
off=124C, [op=83 LOAD_CONST]:push 256
off=155D, [op=0E BINARY_MODULO]:103 % 256 = 103
off=0D37, [op=77 STORE_FAST]:pop 103
off=10C7, [op=6D LOAD_FAST]:push '\x00'
off=10E9, [op=5A CALL_FUNCTION]:
off=12B6, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=1507, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=0CD0, [op=6D LOAD_FAST]:push 1
off=0E73, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=153A, [op=6D LOAD_FAST]:push 30
off=1173, [op=51 BINARY_ADD]:30 + 73 = 103
off=137B, [op=83 LOAD_CONST]:push 256
off=1182, [op=0E BINARY_MODULO]:103 % 256 = 103
off=1005, [op=58 BINARY_XOR]:145 ^ 0 = 145
off=1057, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=0CD5, [op=5A CALL_FUNCTION]:
off=13C2, [op=83 LOAD_CONST]:push 0
off=123A, [op=77 STORE_FAST]:pop 0
off=0CBC, [op=77 STORE_FAST]:pop 0
off=11CC, [op=6D LOAD_FAST]:push '00000000000000000000000000000000'
off=0EBD, [op=83 LOAD_CONST]:push 421
off=0F11, [op=5A CALL_FUNCTION]:
off=0C26, [op=83 LOAD_CONST]:push 694
off=0C5E, [op=5A CALL_FUNCTION]:
off=0F9B, [op=77 STORE_FAST]:pop '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
off=0C05, [op=83 LOAD_CONST]:push ''
off=0FF6, [op=77 STORE_FAST]:pop ''
off=0EF0, [op=83 LOAD_CONST]:push ''
off=0BDF, [op=77 STORE_FAST]:pop ''
off=0B89, [op=6D LOAD_FAST]:push '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
off=0FAF, [op=77 STORE_FAST]:pop '\x00'
off=0ED0, [op=6D LOAD_FAST]:push 0
off=102A, [op=83 LOAD_CONST]:push 1
off=1316, [op=51 BINARY_ADD]:1 + 0 = 1
off=144F, [op=83 LOAD_CONST]:push 256
off=0C81, [op=0E BINARY_MODULO]:1 % 256 = 1
off=0B1C, [op=77 STORE_FAST]:pop 1
off=12DB, [op=6D LOAD_FAST]:push 0
off=15FA, [op=6D LOAD_FAST]:push [98, 30, 106, 149, 9, 136, 33, 174, 26, 128, 32, 48, 116, 69, 244, 5, 122, 239, 79, 147, 197, 64, 16, 10, 53, 188, 135, 89, 120, 12, 73, 160, 34, 169, 96, 179, 54, 29, 191, 76, 215, 180, 70, 84, 181, 15, 211, 157, 59, 75, 218, 133, 132, 161, 242, 237, 99, 18, 199, 162, 83, 183, 102, 156, 137, 163, 61, 190, 110, 227, 3, 94, 142, 201, 158, 27, 184, 178, 39, 77, 74, 62, 115, 22, 126, 95, 234, 186, 38, 243, 103, 203, 107, 101, 219, 36, 41, 4, 196, 140, 165, 200, 93, 145, 45, 195, 141, 185, 249, 155, 8, 117, 113, 65, 224, 63, 170, 233, 60, 23, 131, 111, 35, 52, 80, 166, 212, 146, 204, 228, 100, 2, 238, 235, 88, 189, 58, 17, 114, 44, 47, 214, 171, 6, 209, 207, 121, 21, 182, 194, 91, 150, 192, 25, 139, 252, 7, 173, 86, 28, 104, 11, 223, 127, 125, 14, 251, 124, 40, 87, 231, 246, 50, 82, 20, 221, 130, 241, 172, 42, 97, 129, 205, 220, 144, 225, 49, 138, 57, 222, 250, 193, 206, 43, 13, 217, 164, 245, 148, 1, 202, 90, 109, 248, 253, 92, 187, 226, 19, 46, 67, 31, 105, 143, 153, 78, 123, 236, 56, 208, 66, 176, 118, 51, 175, 85, 255, 177, 254, 112, 213, 37, 210, 167, 72, 24, 232, 0, 168, 216, 230, 198, 134, 154, 240, 229, 152, 159, 151, 55, 81, 119, 108, 71, 247, 68]
off=0B41, [op=6D LOAD_FAST]:push 1
off=12F6, [op=51 BINARY_ADD]:30 + 0 = 30
off=0DC2, [op=83 LOAD_CONST]:push 256
off=15C6, [op=0E BINARY_MODULO]:30 % 256 = 30
off=1093, [op=77 STORE_FAST]:pop 30
off=0CE1, [op=6D LOAD_FAST]:push [98, 30, 106, 149, ...]
off=0F77, [op=6D LOAD_FAST]:push 30
off=12C9, [op=6D LOAD_FAST]:push [98, 30, 106, 149, ...]
off=0CA8, [op=6D LOAD_FAST]:push 1
off=1583, [op=6D LOAD_FAST]:push [98, 30, 106, 149, ...]
off=0F23, [op=6D LOAD_FAST]:push 1
off=0FE4, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=0E85, [op=6D LOAD_FAST]:push 30
off=141B, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=0F66, [op=6D LOAD_FAST]:push 1
off=0C4B, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=15D8, [op=6D LOAD_FAST]:push 30
off=0F55, [op=51 BINARY_ADD]:30 + 73 = 103
off=124C, [op=83 LOAD_CONST]:push 256
off=155D, [op=0E BINARY_MODULO]:103 % 256 = 103
off=0D37, [op=77 STORE_FAST]:pop 103
off=10C7, [op=6D LOAD_FAST]:push '\x00'
off=10E9, [op=5A CALL_FUNCTION]:
off=12B6, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=1507, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=0CD0, [op=6D LOAD_FAST]:push 1
off=0E73, [op=6D LOAD_FAST]:push [98, 73, 106, 149, ...]
off=153A, [op=6D LOAD_FAST]:push 30
off=1173, [op=51 BINARY_ADD]:30 + 73 = 103
off=137B, [op=83 LOAD_CONST]:push 256
off=1182, [op=0E BINARY_MODULO]:103 % 256 = 103
off=1005, [op=58 BINARY_XOR]:145 ^ 0 = 145
off=0D16, [op=6D LOAD_FAST]:push 32
off=113E, [op=6D LOAD_FAST]:push [98, 73, 58, 12, 191, 20, 226, 166, 150, 10, 237, 145, 208, 160, 197, 188, 21, 100, 46, 165, 38, 192, 40, 215, 101, 196, 167, 61, 49, 77, 155, 34, 115, 169, 96, 179, 54, 29, 9, 76, 128, 180, 70, 84, 181, 15, 211, 157, 59, 75, 218, 133, 132, 161, 242, 32, 99, 18, 199, 162, 83, 183, 102, 156, 137, 163, 89, 190, 110, 227, 3, 94, 142, 201, 158, 27, 184, 178, 39, 149, 74, 62, 69, 22, 126, 95, 234, 186, 244, 243, 103, 203, 107, 53, 219, 36, 41, 4, 5, 140, 147, 200, 93, 48, 45, 195, 141, 185, 249, 30, 8, 117, 113, 65, 224, 63, 170, 233, 60, 23, 131, 111, 35, 52, 80, 174, 212, 146, 204, 228, 239, 2, 238, 235, 88, 189, 106, 17, 114, 44, 47, 214, 171, 6, 209, 207, 121, 122, 182, 194, 91, 26, 64, 25, 139, 252, 7, 173, 86, 28, 104, 11, 223, 127, 125, 14, 251, 124, 16, 87, 231, 246, 50, 82, 136, 221, 130, 241, 172, 42, 97, 129, 205, 220, 144, 225, 120, 138, 57, 222, 250, 193, 206, 43, 13, 217, 164, 245, 148, 1, 202, 90, 109, 248, 253, 92, 187, 33, 19, 79, 67, 31, 105, 143, 153, 78, 123, 236, 56, 116, 66, 176, 118, 51, 175, 85, 255, 177, 254, 112, 213, 37, 210, 135, 72, 24, 232, 0, 168, 216, 230, 198, 134, 154, 240, 229, 152, 159, 151, 55, 81, 119, 108, 71, 247, 68]
off=0DEA, [op=6D LOAD_FAST]:push 82
off=0E10, [op=51 BINARY_ADD]:69 + 115 = 184
off=0DB1, [op=83 LOAD_CONST]:push 256
off=15E8, [op=0E BINARY_MODULO]:184 % 256 = 184
off=1592, [op=58 BINARY_XOR]:144 ^ 167 = 55
off=10D8, [op=83 LOAD_CONST]:push 61
off=154C, [op=58 BINARY_XOR]:61 ^ 55 = 10
off=138C, [op=5A CALL_FUNCTION]:
off=0DD6, [op=77 STORE_FAST]:pop '\n'
off=1227, [op=6D LOAD_FAST]:push '\x1bO\xf4\xd1\xf9\xf3X\x95\xb4\n\xec\xa5S\x9c\xba'
off=0D16, [op=6D LOAD_FAST]:push 32
off=113E, [op=6D LOAD_FAST]:push [98, 73, 58, 12, 191, 20, 226, 166, 150, 10, 237, 145, 208, 160, 197, 188, 21, 100, 46, 165, 38, 192, 40, 215, 101, 196, 167, 61, 49, 77, 155, 34, 115, 169, 96, 179, 54, 29, 9, 76, 128, 180, 70, 84, 181, 15, 211, 157, 59, 75, 218, 133, 132, 161, 242, 32, 99, 18, 199, 162, 83, 183, 102, 156, 137, 163, 89, 190, 110, 227, 3, 94, 142, 201, 158, 27, 184, 178, 39, 149, 74, 62, 69, 22, 126, 95, 234, 186, 244, 243, 103, 203, 107, 53, 219, 36, 41, 4, 5, 140, 147, 200, 93, 48, 45, 195, 141, 185, 249, 30, 8, 117, 113, 65, 224, 63, 170, 233, 60, 23, 131, 111, 35, 52, 80, 174, 212, 146, 204, 228, 239, 2, 238, 235, 88, 189, 106, 17, 114, 44, 47, 214, 171, 6, 209, 207, 121, 122, 182, 194, 91, 26, 64, 25, 139, 252, 7, 173, 86, 28, 104, 11, 223, 127, 125, 14, 251, 124, 16, 87, 231, 246, 50, 82, 136, 221, 130, 241, 172, 42, 97, 129, 205, 220, 144, 225, 120, 138, 57, 222, 250, 193, 206, 43, 13, 217, 164, 245, 148, 1, 202, 90, 109, 248, 253, 92, 187, 33, 19, 79, 67, 31, 105, 143, 153, 78, 123, 236, 56, 116, 66, 176, 118, 51, 175, 85, 255, 177, 254, 112, 213, 37, 210, 135, 72, 24, 232, 0, 168, 216, 230, 198, 134, 154, 240, 229, 152, 159, 151, 55, 81, 119, 108, 71, 247, 68]
off=0DEA, [op=6D LOAD_FAST]:push 82
off=0E10, [op=51 BINARY_ADD]:69 + 115 = 184
off=0DB1, [op=83 LOAD_CONST]:push 256
off=15E8, [op=0E BINARY_MODULO]:184 % 256 = 184
off=1592, [op=58 BINARY_XOR]:144 ^ 167 = 55
off=10D8, [op=83 LOAD_CONST]:push 61
off=154C, [op=58 BINARY_XOR]:61 ^ 55 = 10
off=138C, [op=5A CALL_FUNCTION]:
off=0DD6, [op=77 STORE_FAST]:pop '\n'
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
最后于 2021-12-8 10:09
被ccfer编辑
,原因:
赞赏记录
参与人
雪币
留言
时间
伟叔叔
为你点赞~
2023-3-18 04:57
一笑人间万事
为你点赞~
2022-7-27 00:57
心游尘世外
为你点赞~
2022-7-26 22:44
飘零丶
为你点赞~
2022-7-17 02:29
赞赏
|
|
|---|---|
|
|
他的文章
赞赏
雪币:
留言:
