[原创] KCTF 第六题 Writeup-CTF对抗-看雪-安全社区|安全招聘|kanxue.com

[原创] KCTF 第六题 Writeup

发表于: 2022-11-28 16:14 6623

[原创] KCTF 第六题 Writeup

1mmortal

2022-11-28 16:14

6623

写了一个丑陋的爆破脚本hh

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
 
int check(unsigned int * cmp){
 
    for(int i=0;i<20;i++){
        if(cmp[i] != rand()){
            return 0;
        }
    }
    return 1;
}
int main()
{
    unsigned char print[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!\"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~";
    unsigned char tmp[8];
    unsigned int cmp1[20] = {
    0x00003BFC, 0x00002173, 0x000025BB, 0x0000380B, 0x00002C13, 0x000075BE, 0x00007366, 0x000046A3, 
    0x000013C1, 0x0000159B, 0x00005B5F, 0x0000534F, 0x00004E37, 0x00003A04, 0x00001301, 0x00005D0C, 
    0x00004155, 0x000048E9, 0x000061D2, 0x00006158
};
unsigned int cmp2[20] = {
    0x00002BB6, 0x00006B5A, 0x000003D4, 0x0000152B, 0x00006E04, 0x0000254C, 0x000040AE, 0x000056CA, 
    0x000017E1, 0x000055C7, 0x00003641, 0x00002D3C, 0x00000A41, 0x00004BC5, 0x00006233, 0x00001FE7, 
    0x00006E05, 0x00000F6E, 0x00006398, 0x00006AD7
};
    memset(tmp, 0, 8);
    for (int a = 0; a < strlen(print); a++)
    {
        tmp[0] = print[a];
        for (int b = 0; b < strlen(print); b++)
        {
            tmp[1] = print[b];
            for (int c = 0; c < strlen(print); c++)
            {
                tmp[2] = print[c];
                for (int d = 0; d < strlen(print); d++)
                {
                    tmp[3] = print[d];
                    for (int e = 0; e < strlen(print); e++)
                    {
                        tmp[4] = print[e];
                        int num = atoi(tmp);
                        srand(num);
                        if(check(cmp2)){
                            printf("%s",tmp);
                            exit(0);
                        }
                    }
                }
            }
        }
    }
}