[原创]逆向魔改tea+简单异或+z3运算-CTF对抗-看雪-安全社区|安全招聘|kanxue.com

[原创]逆向魔改tea+简单异或+z3运算

2023-12-14 08:56 3042

[原创]逆向魔改tea+简单异或+z3运算

xinhu

2023-12-14 08:56

3042

首先是一个ELF64程序
图片描述
进入程序函数名隐写，咱们可以动调得到输入函数和加密函数

箭头指向函数均会改变输入变量的值
咱们从最下面的开始逆
进入函数看到一大堆的比较，一看就是Z3，可以copy给python用来Z3

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

from z3 import *
a1=[0]*16
for i in range(16):
   a1[i]=z3.Int('a['+str(i)+']')
s=Solver()
s.add(-202850 * a1[0] == -34078800)
s.add(182136 *a1[0] - 75396 * a1[1] == 18610884)
s.add(-360745 * a1[1] - 465588 * a1[2] - 300043 * a1[0] == -145478307)
s.add(-97624 * a1[0] + 386642 * a1[3] - 515451 * a1[2] + 42526 * a1[1] == -8086825)
s.add(31288 * a1[0] + -324524 * a1[3] + -89265 * a1[1] - 239750 * a1[4] - 241348 * a1[2] == -91924377)
s.add(-266640 * a1[2] + 216272 * a1[5] + 411737 * a1[0] + 210304 * a1[3] - 8658 * a1[4] + 454111 * a1[1] == 144299767)
s.add(-402351 * a1[4]
     + -496724 * a1[0]
     + 367831 * a1[2]
     + 371046 * a1[5]
     + -123257 * a1[3]
     + 188174 * a1[1]
     + 178541 * a1[6] == -37352471)
s.add(-415443 * a1[1]
     + 237549 * a1[5]
     + -323336 * a1[7]
     + -207212 * a1[3]
     + -23780 * a1[0]
     + 94300 * a1[4]
     + 364867 * a1[6]
     + 273839 * a1[2] == -8993582)
s.add( 511561 * a1[5]
     + -215494 * a1[0]
     + 44567 * a1[6]
     + 179735 * a1[2]
     + 55541 * a1[8]
     + -204854 * a1[7]
     + -160275 * a1[1]
     + 441741 * a1[4]
     + 443248 * a1[3] == 57425926)
s.add(407430 * a1[0]
     + 407030 * a1[3]
     + 503571 * a1[6]
     + -434809 * a1[5]
     + 385646 * a1[4]
     + 437781 * a1[7]
     + 20147 * a1[9]
     + -10713 * a1[2]
     - 247694 * a1[8]
     + 4963 * a1[1] == 267063706)
s.add( 128236 * a1[7]
     + -189787 * a1[4]
     + 298269 * a1[2]
     + 117737 * a1[8]
     + -59638 * a1[1]
     + 503873 * a1[5]
     + -288072 * a1[9]
     + -449297 * a1[3]
     + -307883 * a1[6]
     - 60891 * a1[0]
     + 313065 * a1[10] == -99001600)
s.add(127585 * a1[3]
     + 447223 * a1[10]
     + -511720 * a1[0]
     + -64919 * a1[1]
     + -115935 * a1[11]
     + -328029 * a1[6]
     + 2659 * a1[4]
     + -246110 * a1[2]
     + -491943 * a1[8]
     + -392232 * a1[9]
     - 178041 * a1[5]
     + 49684 * a1[7] == -319105050 )
s.add(431281 * a1[7]
     + 303436 * a1[10]
     + 322142 * a1[8]
     + 190343 * a1[2]
     + 522606 * a1[5]
     + -368910 * a1[9]
     + 427328 * a1[12]
     + -403570 * a1[11]
     + -430137 * a1[0]
     + 436111 * a1[4]
     + -435520 * a1[6]
     - 267519 * a1[3]
     - 525665 * a1[1] == -150506496)
s.add(-423522 * a1[4]
     + -393086 * a1[6]
     + -323745 * a1[12]
     + 463495 * a1[1]
     + 345256 * a1[8]
     + 138356 * a1[7]
     + -225302 * a1[0]
     + 251299 * a1[11]
     + -82368 * a1[9]
     + -428085 * a1[10]
     + 71943 * a1[13]
     + 425456 * a1[2]
     + 56298 * a1[3]
     - 365233 * a1[5] == -14594715)
s.add(-26106 * a1[14]
     + -143761 * a1[3]
     + 15549 * a1[13]
     + -503539 * a1[10]
     + -398270 * a1[9]
     + 36874 * a1[2]
     + -84278 * a1[7]
     + 434801 * a1[12]
     + -472636 * a1[0]
     + 448925 * a1[8]
     + -46393 * a1[5]
     + -129268 * a1[4]
     + -43783 * a1[11]
     + 60534 * a1[6]
     + 441341 * a1[1] == -38159340)
s.add(-408983 * a1[3]
     + -453493 * a1[9]
     + 246957 * a1[5]
     + 197292 * a1[15]
     + -62054 * a1[8]
     + -21100 * a1[6]
     + -500028 * a1[14]
     + -386306 * a1[2]
     + 415182 * a1[13]
     + 24237 * a1[0]
     + -414063 * a1[4]
     + 524530 * a1[1]
     + 93336 * a1[10]
     + 7350 * a1[12]
     + 129819 * a1[11]
     - 293569 * a1[7] == -124057838)
s.check()
print(s.model())
结果
[a[5] = 9,
 a[15] = 55,
 a[0] = 168,
 a[8] = 241,
 a[11] = 168,
 a[7] = 115,
 a[13] = 113,
 a[4] = 113,
 a[1] = 159,
 a[9] = 171,
 a[14] = 103,
 a[10] = 137,
 a[12] = 73,
 a[3] = 112,
 a[6] = 237,

一般来说只要处理正确是会有解的。
拿到数据后接着往上看
图片描述
简单异或就不再说明
再看这个

有一个表，相当于寻表找偏移了。表中对应的偏移即为密文。

最后一个加密则为tea魔改了sum正常解就行

int enc2[] = { 168,159,81,112,113,9,237,115,89,52,216,216,56,120,138,68 };
int enc3[] = { 6,176,58,186,200,204,138,50,112,52,53,53,99,48,100,51 };
unsigned int enc4[] = { 0xBA3AB006,0x328ACCC8 };
//int key[] = { 0x35353470, 0x33643063,0x6563696E, 0x33643063, };
int key[] = { 0x35353470, 0x33643063,0x6563696E,0x756f7932 };
unsigned int sum = 0x468ACF00;
 unsigned int v1 = enc4[0], v2 = enc4[1];
for (int i = 0; i <32; i++)
{
    v2 -= (v1 + sum) ^ ( (v1<<4) + key[2]) ^ ((v1 >> 5) + key[3]);
    v1 -= (v2 + sum) ^ ((v2<<4) + key[0]) ^ ((v2 >> 5) + key[1]);
    sum -= 0x12345678;
}
enc4[0] = v1;
enc4[1] = v2;
return 0;

强调一下变量的类型一定要是无符号的，如果是有符号的话数字的大小是不正确的会考虑符号位，所以一定要无符号才能跑的出结果

1	`flag{y0u_g0t_p455c0d3}`

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课

#CrackMe #Reverse

收藏・3

点赞・0

打赏

最新回复 (1)
Editor 雪币： 17774 活跃值： (60043) 能力值： (RANK：125 ) 在线值：发帖 1207 回帖 2882 粉丝 1488 关注私信	Editor 2023-12-18 15:20 2 楼 0 目标实例以论坛附件形式提供一下？
	游客登录 \| 注册方可回帖　回帖　表情雪币赚取及消费高级回复