-
-
[原创]KCTF 2022 秋季赛 第六题 wp - 98k战队
-
2022-11-28 12:34
-
连着两道高强度逆向后遇到这么简单的题目,因为吃饭痛失一血。。。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 | int __cdecl main(int argc, const char **argv, const char **envp){ int a; // eax unsigned int v4; // ebx int c; // eax unsigned int v6; // edi int *v7; // esi int *v8; // esi char input[128]; // [esp+4h] [ebp-A0h] BYREF char v11[8]; // [esp+84h] [ebp-20h] BYREF char String[8]; // [esp+8Ch] [ebp-18h] BYREF int v13; // [esp+94h] [ebp-10h] int v14; // [esp+98h] [ebp-Ch] char b[4]; // [esp+9Ch] [ebp-8h] input[0] = 0; memset(&input[1], 0, 127u); printf("please input :\n"); scanf_s("%s", input); if ( strlen(input) != 14 ) goto LABEL_20; String[5] = 0; *(_DWORD *)String = *(_DWORD *)input; String[4] = input[4]; a = atoi(String); *(_DWORD *)b = *(_DWORD *)&input[5]; v11[5] = 0; *(_DWORD *)v11 = *(_DWORD *)&input[9]; v4 = a; v11[4] = input[13]; c = atoi(v11); v13 = 0; v6 = c; v14 = 1; srand(v4); v7 = dword_40F000; while ( rand() == *v7 ) { if ( (int)++v7 >= (int)dword_40F050 ) goto LABEL_7; } v14 = 0;LABEL_7: srand(v6); v8 = dword_40F050; while ( rand() == *v8 ) { if ( (int)++v8 >= (int)&dword_40F0A0 ) goto LABEL_12; } v14 = 0;LABEL_12: if ( b[0] == 'K' && b[1] == 'C' && b[2] == 'T' && b[3] == 'F' ) v13 = 1; if ( v14 && v13 ) { printf("success : %s\n", input); system("pause"); } else {LABEL_20: printf("error\n"); system("pause"); } return 0;} |
太简单了,就是个srand爆破
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | #include <stdio.h>#include <stdlib.h>#include <assert.h>int bruteforce(int* values, int n) { for (int i = 0; i < 100000; i++) { int flag = 1; srand(i); for (int j = 0; j < n; j++) { if (values[j] != rand()) { flag = 0; break; } } if (flag) return i; } assert(0);}int main() { int _a[] = { 15356, 8563, 9659, 14347, 11283, 30142, 29542, 18083, 5057, 5531, 23391, 21327, 20023, 14852, 4865, 23820, 16725, 18665, 25042, 24920 }; int _b[] = { 11190, 27482, 980, 5419, 28164, 9548, 16558, 22218, 6113, 21959, 13889, 11580, 2625, 19397, 25139, 8167, 28165, 3950, 25496, 27351 }; int a = bruteforce(_a, 20); int b = bruteforce(_b, 20); printf("%dKCTF%d\n", a, b); return 0;} |
14725KCTF83690
[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
最后于 2022-11-29 13:28
被kanxue编辑
,原因:
|
|
|---|---|
