[原创]KCTF2022秋季赛第六题病疫先兆题解-CTF对抗-看雪-安全社区|安全招聘|kanxue.com

[原创]KCTF2022秋季赛第六题病疫先兆题解

2022-11-30 12:33 8188

[原创]KCTF2022秋季赛第六题病疫先兆题解

mb_xxgcvcih 活跃值

2022-11-30 12:33

8188

通过逆向分析可以发现程序需要输入14个字符

格式为

Number + KCTF + Number

这个Number是一个五位数，然后拿去生成随机数，然后判断是否和预置的随机数相同

看一血20分钟不到就有了，那么他的rand函数应该没有魔改，直接调它。

from ctypes import *
import tqdm
vcrt = CDLL("msvcrt.dll")
rand = vcrt.rand
srand = vcrt.srand
result1 = [0x00003BFC, 0x00002173, 0x000025BB, 0x0000380B, 0x00002C13, 0x000075BE, 0x00007366, 0x000046A3, 0x000013C1, 0x0000159B, 0x00005B5F, 0x0000534F, 0x00004E37, 0x00003A04, 0x00001301, 0x00005D0C, 0x00004155, 0x000048E9, 0x000061D2, 0x00006158]
result2 = [0x00002BB6, 0x00006B5A, 0x000003D4, 0x0000152B, 0x00006E04, 0x0000254C, 0x000040AE, 0x000056CA, 0x000017E1, 0x000055C7, 0x00003641, 0x00002D3C, 0x00000A41, 0x00004BC5, 0x00006233, 0x00001FE7, 0x00006E05, 0x00000F6E, 0x00006398, 0x00006AD7]
for i in tqdm.trange(10000,100000):
    srand(i)
    succ = False
    for j in range(20):
        if result1[j] != rand():
            break
        if j == 19:
            succ = True
    if succ:
        print(i)
        break
for i in tqdm.trange(10000,100000):
    srand(i)
    succ = False
    for j in range(20):
        if result2[j] != rand():
            break
        if j == 19:
            succ = True
    if succ:
        print(i)
        break
# 14725
# 83690