-
-
[原创] 第四题 神秘信号 简短writeup
-
发表于: 2024-8-22 12:30
-
随便写一些吧 这两天看了一眼第四题感觉很有意思 并且没有那种大规模的混淆和逆向适合我这种逆向菜鸟
从下载下来后本题是一个pyinstaller打包的程序,并且通过在线解包或者工具解包后反编译后可以得到其main.py的大部分代码
所以我们不知道CrackMe模块是什么.这里在做题的时候就掉到了一个rabbit hole中.想的是出题人是否魔改了一些pyinstaller的东西导致了一些问题.后来发现并没有.同时由于他的合法输入输出有些规律可循所以我就猜出来了他的一些变换然后经过一些小爆破分割位置和Hello Wolrd!的信息.最后做出来了
当然这个比较非预期,于是下文主要探究下这个题的有趣预期解
经过diff后我把目光转到了_internal\base_library.zip
他的主逻辑入口藏到了_internal\base_library.zip中,由于我们在前文知道了我们没有模块CrackMe而且不是pyinstaller的问题.同时在base_library中其实有些数据的代码和原始文件不太一样,另外可以参考下作者发过的一篇文章关于import过程https://bbs.kanxue.com/thread-276520.htm .从我们的角度上来看_internal\base_library\codecs.pyc确实里面还有一些其他的逻辑比如这里(代码经过pycdump并且手撸)
经过还原后差不多是这样他劫持了import的过程比如name是crackme他会指向base64
并且他还会删除掉已有的base64相关的main函数以防止其他的调用出现冲突
然后sys.modules['_frozen_importlib']._find_and_load.code = fun.__code__就是主要劫持的部分
这个详细可以在https://bbs.kanxue.com/thread-276520.htm 这篇文章中有比较详细的过程说明
然后我们可以翻一下解包后pyinstaller的base64.pyc 并且对其进行反编译发现其还存在这样的一段逻辑
其替换了base64.main的函数并且填充自己的内容,这里我们为了方便可以在该反编译后的目录进行
之后我们就可以得到patch后的base64.main的function的bytecode代码
经过一些手撸(gpt)的帮助我们可以得到一个大概的代码
不过到这里我们并没有将该题目完成因为如果按照之前的操作可以发现他传入是错误的
所以我们可以采取'sss'.encode()的操作猜出来其格式但是按照合法的输入输出进行验证发现不能正常通过
之后我们继续在base_libaray.zip中进行寻找后我们发现了另外一个可疑的的文件os.pyc对其进行bytecode dump后我们发现了这段可疑的代码
通过一些手撸(gpt)后我们可以得到一个大概的代码:
我们可以看到其往input的部分注入了其自己的shellcode
也就代表当运行input的时候可以加载自己的shellcode函数
原理可以参考作者的另一篇文章 https://bbs.kanxue.com/thread-276493.htm
提取后shellcode之后我们看到了其真正的逻辑
将所有逻辑穿起来后可以正常解密
import CrackMe
print('(账号密码由字母大小写、数字、!、空格组成)')
print('请输入账号:')
h = input()
z = CrackMe.main(h)
if len(z) < 20:
key = 'dZpKdrsiB6cndrGY' + z
else:
key = z[0:4] + 'dZpK' + z[4:8] + 'drsi' + z[8:12] + 'B6cn' + z[12:16] + 'drGY' + z[16:]
print('请输入验证码:')
h = input()
m = CrackMe.main(h)
if key == m:
print('Success')
print('Fail')
import CrackMe
print('(账号密码由字母大小写、数字、!、空格组成)')
print('请输入账号:')
h = input()
z = CrackMe.main(h)
if len(z) < 20:
key = 'dZpKdrsiB6cndrGY' + z
else:
key = z[0:4] + 'dZpK' + z[4:8] + 'drsi' + z[8:12] + 'B6cn' + z[12:16] + 'drGY' + z[16:]
print('请输入验证码:')
h = input()
m = CrackMe.main(h)
if key == m:
print('Success')
print('Fail')
def fun(name):
a = 0
if len(name) == 7 and name[0] == 'C' and name[1] == 'r' and name[2] == 'a' and \
name[3] == 'c' and name[4] == 'k' and name[5] == 'M' and name[6] == 'e':
name = 'base64'
a = 1
module = sys.modules.get(name, _NEEDS_LOADING)
if module is _NEEDS_LOADING:
with _ModuleLockManager(name):
module = sys.modules.get(name, _NEEDS_LOADING)
if module is _NEEDS_LOADING and a == 1:
m = _find_and_load_unlocked(name, import_)
for i in dir(m):
if i not in ['__builtins__', '__cached__', '__loader__', '__package__', '__spec__']:
if len(i) == 4 and i == 'main':
delattr(m, i)
# More checks for attributes 'a', 'i', 'n'
# Cleanup and return
_lock_unlock_module(name)
return None
sys.modules['_frozen_importlib']._find_and_load.__code__ = fun.__code__
def fun(name):
a = 0
if len(name) == 7 and name[0] == 'C' and name[1] == 'r' and name[2] == 'a' and \
name[3] == 'c' and name[4] == 'k' and name[5] == 'M' and name[6] == 'e':
name = 'base64'
a = 1
module = sys.modules.get(name, _NEEDS_LOADING)
if module is _NEEDS_LOADING:
with _ModuleLockManager(name):
module = sys.modules.get(name, _NEEDS_LOADING)
if module is _NEEDS_LOADING and a == 1:
m = _find_and_load_unlocked(name, import_)
for i in dir(m):
if i not in ['__builtins__', '__cached__', '__loader__', '__package__', '__spec__']:
if len(i) == 4 and i == 'main':
delattr(m, i)
# More checks for attributes 'a', 'i', 'n'
# Cleanup and return
_lock_unlock_module(name)
return None
sys.modules['_frozen_importlib']._find_and_load.__code__ = fun.__code__
a = main.__code__.replace(1, (), b'd%01}%01d%02}%02d%03}%03d%04}%04|%00D%00]%1c}%05|%05d%05A%00}%05|%04|%05%a0%00d%06d%07%a1%02%17%00}%04q%14|%04}%00t%01d%02t%02|%00%83%01d%08%83%03D%00]%90}%05|%00|%05|%05d%08%17%00%85%02%19%00}%06d%01%a0%03d\td\n%84%00|%06D%00%83%01%a1%01}%07t%01d%02t%02|%07%83%01d%0b%83%03D%00]V}%08|%07|%08|%08d%0b%17%00%85%02%19%00}\tt%02|\t%83%01d%0bk%00r%c2|%02d%0bt%02|\t%83%01%18%007%00}%02|\td%0cd%0bt%02|\t%83%01%18%00%14%007%00}\t|%01|%03t%04|\td\r%83%02%19%007%00}%01q~qF|%01d%0e|%02d\r%1a%00%14%007%00}%01t%01t%02|%01%83%01d\r%1a%00%83%01D%00]L}%05|%01|%05d\r%14%00%19%00}\n|%01|%05d\r%14%00d%06%17%00%19%00}%0b|%01d%00|%05d\r%14%00%85%02%19%00|%0b%17%00|\n%17%00|%01|%05d\r%14%00d\r%17%00d%00%85%02%19%00%17%00}%01q%f8|%01S%00', (None, '', 0, 'ZQ+U7tSBEKVzyf5coCwb94Dd6raT0eLNin12Hp8mOxFuvMgIPlhRY3WjksqJAXG/', b'', 85, 1, 'little', 3, compile('', '', 'exec').replace(1, (), b'|%00]%10}%01t%00|%01d%00%83%02V%00%01%00q%02d%01S%00', ('08b', None), '', 19, 115, (), 0, b'', '', ('format',), 2, 0, 4, ('.0', 'byte'), **('co_argcount', 'co_cellvars', 'co_code', 'co_consts', 'co_filename', 'co_firstlineno', 'co_flags', 'co_freevars', 'co_kwonlyargcount', 'co_lnotab', 'co_name', 'co_names', 'co_nlocals', 'co_posonlyargcount', 'co_stacksize', 'co_varnames')), '', 6, '0', 2, '!'), '', 4, 67, (), 0, b'', '', ('to_bytes', 'range', 'len', 'join', 'int'), 12, 0, 7, ('data', 'encoded_str', 'padding', 'base64_chars', 'ww', 'i', 'chunk', 'binary_str', 'j', 'six_bits', 'a', 'b'), **('co_argcount', 'co_cellvars', 'co_code', 'co_consts', 'co_filename', 'co_firstlineno', 'co_flags', 'co_freevars', 'co_kwonlyargcount', 'co_lnotab', 'co_name', 'co_names', 'co_nlocals', 'co_posonlyargcount', 'co_stacksize', 'co_varnames'))
main.__code__ = a
a = main.__code__.replace(1, (), b'd%01}%01d%02}%02d%03}%03d%04}%04|%00D%00]%1c}%05|%05d%05A%00}%05|%04|%05%a0%00d%06d%07%a1%02%17%00}%04q%14|%04}%00t%01d%02t%02|%00%83%01d%08%83%03D%00]%90}%05|%00|%05|%05d%08%17%00%85%02%19%00}%06d%01%a0%03d\td\n%84%00|%06D%00%83%01%a1%01}%07t%01d%02t%02|%07%83%01d%0b%83%03D%00]V}%08|%07|%08|%08d%0b%17%00%85%02%19%00}\tt%02|\t%83%01d%0bk%00r%c2|%02d%0bt%02|\t%83%01%18%007%00}%02|\td%0cd%0bt%02|\t%83%01%18%00%14%007%00}\t|%01|%03t%04|\td\r%83%02%19%007%00}%01q~qF|%01d%0e|%02d\r%1a%00%14%007%00}%01t%01t%02|%01%83%01d\r%1a%00%83%01D%00]L}%05|%01|%05d\r%14%00%19%00}\n|%01|%05d\r%14%00d%06%17%00%19%00}%0b|%01d%00|%05d\r%14%00%85%02%19%00|%0b%17%00|\n%17%00|%01|%05d\r%14%00d\r%17%00d%00%85%02%19%00%17%00}%01q%f8|%01S%00', (None, '', 0, 'ZQ+U7tSBEKVzyf5coCwb94Dd6raT0eLNin12Hp8mOxFuvMgIPlhRY3WjksqJAXG/', b'', 85, 1, 'little', 3, compile('', '', 'exec').replace(1, (), b'|%00]%10}%01t%00|%01d%00%83%02V%00%01%00q%02d%01S%00', ('08b', None), '', 19, 115, (), 0, b'', '', ('format',), 2, 0, 4, ('.0', 'byte'), **('co_argcount', 'co_cellvars', 'co_code', 'co_consts', 'co_filename', 'co_firstlineno', 'co_flags', 'co_freevars', 'co_kwonlyargcount', 'co_lnotab', 'co_name', 'co_names', 'co_nlocals', 'co_posonlyargcount', 'co_stacksize', 'co_varnames')), '', 6, '0', 2, '!'), '', 4, 67, (), 0, b'', '', ('to_bytes', 'range', 'len', 'join', 'int'), 12, 0, 7, ('data', 'encoded_str', 'padding', 'base64_chars', 'ww', 'i', 'chunk', 'binary_str', 'j', 'six_bits', 'a', 'b'), **('co_argcount', 'co_cellvars', 'co_code', 'co_consts', 'co_filename', 'co_firstlineno', 'co_flags', 'co_freevars', 'co_kwonlyargcount', 'co_lnotab', 'co_name', 'co_names', 'co_nlocals', 'co_posonlyargcount', 'co_stacksize', 'co_varnames'))
main.__code__ = a
import base64
import dis
dis.dis(base64.main)import base64
import dis
dis.dis(base64.main) 4 0 LOAD_CONST 1 ('')
2 STORE_FAST 1 (encoded_str)
4 LOAD_CONST 2 (0)
6 STORE_FAST 2 (padding)
8 LOAD_CONST 3 ('ZQ+U7tSBEKVzyf5coCwb94Dd6raT0eLNin12Hp8mOxFuvMgIPlhRY3WjksqJAXG/')
10 STORE_FAST 3 (base64_chars)
12 LOAD_CONST 4 (b'')
14 STORE_FAST 4 (ww)
16 LOAD_FAST 0 (data)
18 GET_ITER
>> 20 FOR_ITER 28 (to 50)
22 STORE_FAST 5 (i)
24 LOAD_FAST 5 (i)
26 LOAD_CONST 5 (85)
28 BINARY_XOR
30 STORE_FAST 5 (i)
32 LOAD_FAST 4 (ww)
34 LOAD_FAST 5 (i)
36 LOAD_METHOD 0 (to_bytes)
38 LOAD_CONST 6 (1)
40 LOAD_CONST 7 ('little')
42 CALL_METHOD 2
44 BINARY_ADD
46 STORE_FAST 4 (ww)
48 JUMP_ABSOLUTE 20
>> 50 LOAD_FAST 4 (ww)
52 STORE_FAST 0 (data)
54 LOAD_GLOBAL 1 (range)
56 LOAD_CONST 2 (0)
58 LOAD_GLOBAL 2 (len)
60 LOAD_FAST 0 (data)
62 CALL_FUNCTION 1
64 LOAD_CONST 8 (3)
66 CALL_FUNCTION 3
68 GET_ITER
>> 70 FOR_ITER 144 (to 216)
72 STORE_FAST 5 (i)
74 LOAD_FAST 0 (data)
76 LOAD_FAST 5 (i)
78 LOAD_FAST 5 (i)
80 LOAD_CONST 8 (3)
82 BINARY_ADD
84 BUILD_SLICE 2
86 BINARY_SUBSCR
88 STORE_FAST 6 (chunk)
90 LOAD_CONST 1 ('')
92 LOAD_METHOD 3 (join)
94 LOAD_CONST 9 (<code object at 0x0000029CAAC75920, file "", line 19>)
96 LOAD_CONST 10 ('')
98 MAKE_FUNCTION 0
100 LOAD_FAST 6 (chunk)
102 GET_ITER
104 CALL_FUNCTION 1
106 CALL_METHOD 1
108 STORE_FAST 7 (binary_str)
110 LOAD_GLOBAL 1 (range)
112 LOAD_CONST 2 (0)
114 LOAD_GLOBAL 2 (len)
116 LOAD_FAST 7 (binary_str)
118 CALL_FUNCTION 1
120 LOAD_CONST 11 (6)
122 CALL_FUNCTION 3
124 GET_ITER
>> 126 FOR_ITER 86 (to 214)
128 STORE_FAST 8 (j)
130 LOAD_FAST 7 (binary_str)
132 LOAD_FAST 8 (j)
134 LOAD_FAST 8 (j)
136 LOAD_CONST 11 (6)
138 BINARY_ADD
140 BUILD_SLICE 2
142 BINARY_SUBSCR
144 STORE_FAST 9 (six_bits)
146 LOAD_GLOBAL 2 (len)
148 LOAD_FAST 9 (six_bits)
150 CALL_FUNCTION 1
152 LOAD_CONST 11 (6)
154 COMPARE_OP 0 (<)
156 POP_JUMP_IF_FALSE 194
158 LOAD_FAST 2 (padding)
160 LOAD_CONST 11 (6)
162 LOAD_GLOBAL 2 (len)
164 LOAD_FAST 9 (six_bits)
166 CALL_FUNCTION 1
168 BINARY_SUBTRACT
170 INPLACE_ADD
172 STORE_FAST 2 (padding)
174 LOAD_FAST 9 (six_bits)
176 LOAD_CONST 12 ('0')
178 LOAD_CONST 11 (6)
180 LOAD_GLOBAL 2 (len)
182 LOAD_FAST 9 (six_bits)
184 CALL_FUNCTION 1
186 BINARY_SUBTRACT
188 BINARY_MULTIPLY
190 INPLACE_ADD
192 STORE_FAST 9 (six_bits)
>> 194 LOAD_FAST 1 (encoded_str)
196 LOAD_FAST 3 (base64_chars)
198 LOAD_GLOBAL 4 (int)
200 LOAD_FAST 9 (six_bits)
202 LOAD_CONST 13 (2)
204 CALL_FUNCTION 2
206 BINARY_SUBSCR
208 INPLACE_ADD
210 STORE_FAST 1 (encoded_str)
212 JUMP_ABSOLUTE 126
>> 214 JUMP_ABSOLUTE 70
>> 216 LOAD_FAST 1 (encoded_str)
218 LOAD_CONST 14 ('!')
220 LOAD_FAST 2 (padding)
222 LOAD_CONST 13 (2)
224 BINARY_FLOOR_DIVIDE
226 BINARY_MULTIPLY
228 INPLACE_ADD
230 STORE_FAST 1 (encoded_str)
232 LOAD_GLOBAL 1 (range)
234 LOAD_GLOBAL 2 (len)
236 LOAD_FAST 1 (encoded_str)
238 CALL_FUNCTION 1
240 LOAD_CONST 13 (2)
242 BINARY_FLOOR_DIVIDE
244 CALL_FUNCTION 1
246 GET_ITER
>> 248 FOR_ITER 76 (to 326)
250 STORE_FAST 5 (i)
252 LOAD_FAST 1 (encoded_str)
254 LOAD_FAST 5 (i)
256 LOAD_CONST 13 (2)
258 BINARY_MULTIPLY
260 BINARY_SUBSCR
262 STORE_FAST 10 (a)
264 LOAD_FAST 1 (encoded_str)
266 LOAD_FAST 5 (i)
268 LOAD_CONST 13 (2)
270 BINARY_MULTIPLY
272 LOAD_CONST 6 (1)
274 BINARY_ADD
276 BINARY_SUBSCR
278 STORE_FAST 11 (b)
280 LOAD_FAST 1 (encoded_str)
282 LOAD_CONST 0 (None)
284 LOAD_FAST 5 (i)
286 LOAD_CONST 13 (2)
288 BINARY_MULTIPLY
290 BUILD_SLICE 2
292 BINARY_SUBSCR
294 LOAD_FAST 11 (b)
296 BINARY_ADD
298 LOAD_FAST 10 (a)
300 BINARY_ADD
302 LOAD_FAST 1 (encoded_str)
304 LOAD_FAST 5 (i)
306 LOAD_CONST 13 (2)
308 BINARY_MULTIPLY
310 LOAD_CONST 13 (2)
312 BINARY_ADD
314 LOAD_CONST 0 (None)
316 BUILD_SLICE 2
318 BINARY_SUBSCR
320 BINARY_ADD
322 STORE_FAST 1 (encoded_str)
324 JUMP_ABSOLUTE 248
>> 326 LOAD_FAST 1 (encoded_str)
328 RETURN_VALUE
Disassembly of <code object at 0x0000029CAAC75920, file "", line 19>:
19 0 LOAD_FAST 0 (.0)
>> 2 FOR_ITER 16 (to 20)
4 STORE_FAST 1 (byte)
6 LOAD_GLOBAL 0 (format)
8 LOAD_FAST 1 (byte)
10 LOAD_CONST 0 ('08b')
12 CALL_FUNCTION 2
14 YIELD_VALUE
16 POP_TOP
18 JUMP_ABSOLUTE 2
>> 20 LOAD_CONST 1 (None)
22 RETURN_VALUE
4 0 LOAD_CONST 1 ('')
2 STORE_FAST 1 (encoded_str)
4 LOAD_CONST 2 (0)
6 STORE_FAST 2 (padding)
8 LOAD_CONST 3 ('ZQ+U7tSBEKVzyf5coCwb94Dd6raT0eLNin12Hp8mOxFuvMgIPlhRY3WjksqJAXG/')
10 STORE_FAST 3 (base64_chars)
12 LOAD_CONST 4 (b'')
14 STORE_FAST 4 (ww)
16 LOAD_FAST 0 (data)
18 GET_ITER
>> 20 FOR_ITER 28 (to 50)
22 STORE_FAST 5 (i)
24 LOAD_FAST 5 (i)
26 LOAD_CONST 5 (85)
28 BINARY_XOR
30 STORE_FAST 5 (i)
32 LOAD_FAST 4 (ww)
34 LOAD_FAST 5 (i)
36 LOAD_METHOD 0 (to_bytes)
38 LOAD_CONST 6 (1)
40 LOAD_CONST 7 ('little')
42 CALL_METHOD 2
44 BINARY_ADD
46 STORE_FAST 4 (ww)
48 JUMP_ABSOLUTE 20
>> 50 LOAD_FAST 4 (ww)
52 STORE_FAST 0 (data)
54 LOAD_GLOBAL 1 (range)
56 LOAD_CONST 2 (0)
58 LOAD_GLOBAL 2 (len)
60 LOAD_FAST 0 (data)
62 CALL_FUNCTION 1
64 LOAD_CONST 8 (3)
66 CALL_FUNCTION 3
68 GET_ITER
>> 70 FOR_ITER 144 (to 216)
72 STORE_FAST 5 (i)
74 LOAD_FAST 0 (data)
76 LOAD_FAST 5 (i)
78 LOAD_FAST 5 (i)
80 LOAD_CONST 8 (3)
82 BINARY_ADD
84 BUILD_SLICE 2
86 BINARY_SUBSCR
88 STORE_FAST 6 (chunk)
90 LOAD_CONST 1 ('')
92 LOAD_METHOD 3 (join)
94 LOAD_CONST 9 (<code object at 0x0000029CAAC75920, file "", line 19>)
96 LOAD_CONST 10 ('')
98 MAKE_FUNCTION 0
100 LOAD_FAST 6 (chunk)
102 GET_ITER
104 CALL_FUNCTION 1
106 CALL_METHOD 1
108 STORE_FAST 7 (binary_str)
110 LOAD_GLOBAL 1 (range)
112 LOAD_CONST 2 (0)
114 LOAD_GLOBAL 2 (len)
116 LOAD_FAST 7 (binary_str)
118 CALL_FUNCTION 1
120 LOAD_CONST 11 (6)
122 CALL_FUNCTION 3
124 GET_ITER
>> 126 FOR_ITER 86 (to 214)
128 STORE_FAST 8 (j)
130 LOAD_FAST 7 (binary_str)
132 LOAD_FAST 8 (j)
134 LOAD_FAST 8 (j)
136 LOAD_CONST 11 (6)
138 BINARY_ADD
140 BUILD_SLICE 2
142 BINARY_SUBSCR
144 STORE_FAST 9 (six_bits)
146 LOAD_GLOBAL 2 (len)
148 LOAD_FAST 9 (six_bits)
150 CALL_FUNCTION 1
152 LOAD_CONST 11 (6)
154 COMPARE_OP 0 (<)
156 POP_JUMP_IF_FALSE 194
158 LOAD_FAST 2 (padding)
160 LOAD_CONST 11 (6)
162 LOAD_GLOBAL 2 (len)
164 LOAD_FAST 9 (six_bits)
166 CALL_FUNCTION 1
168 BINARY_SUBTRACT
170 INPLACE_ADD
172 STORE_FAST 2 (padding)
174 LOAD_FAST 9 (six_bits)
176 LOAD_CONST 12 ('0')
178 LOAD_CONST 11 (6)
180 LOAD_GLOBAL 2 (len)
182 LOAD_FAST 9 (six_bits)
184 CALL_FUNCTION 1
186 BINARY_SUBTRACT
188 BINARY_MULTIPLY
190 INPLACE_ADD
192 STORE_FAST 9 (six_bits)
>> 194 LOAD_FAST 1 (encoded_str)
196 LOAD_FAST 3 (base64_chars)
198 LOAD_GLOBAL 4 (int)
200 LOAD_FAST 9 (six_bits)
202 LOAD_CONST 13 (2)
204 CALL_FUNCTION 2
206 BINARY_SUBSCR
208 INPLACE_ADD
210 STORE_FAST 1 (encoded_str)
212 JUMP_ABSOLUTE 126
>> 214 JUMP_ABSOLUTE 70
>> 216 LOAD_FAST 1 (encoded_str)
218 LOAD_CONST 14 ('!')
220 LOAD_FAST 2 (padding)
222 LOAD_CONST 13 (2)
224 BINARY_FLOOR_DIVIDE
226 BINARY_MULTIPLY
228 INPLACE_ADD
230 STORE_FAST 1 (encoded_str)
232 LOAD_GLOBAL 1 (range)
234 LOAD_GLOBAL 2 (len)
236 LOAD_FAST 1 (encoded_str)
238 CALL_FUNCTION 1
240 LOAD_CONST 13 (2)
242 BINARY_FLOOR_DIVIDE
244 CALL_FUNCTION 1
246 GET_ITER
>> 248 FOR_ITER 76 (to 326)
250 STORE_FAST 5 (i)
252 LOAD_FAST 1 (encoded_str)
254 LOAD_FAST 5 (i)
256 LOAD_CONST 13 (2)
258 BINARY_MULTIPLY
260 BINARY_SUBSCR
262 STORE_FAST 10 (a)
264 LOAD_FAST 1 (encoded_str)
266 LOAD_FAST 5 (i)
268 LOAD_CONST 13 (2)
270 BINARY_MULTIPLY
272 LOAD_CONST 6 (1)
274 BINARY_ADD
276 BINARY_SUBSCR
278 STORE_FAST 11 (b)
280 LOAD_FAST 1 (encoded_str)
282 LOAD_CONST 0 (None)
284 LOAD_FAST 5 (i)
286 LOAD_CONST 13 (2)
288 BINARY_MULTIPLY
290 BUILD_SLICE 2
292 BINARY_SUBSCR
294 LOAD_FAST 11 (b)
296 BINARY_ADD
298 LOAD_FAST 10 (a)
300 BINARY_ADD
302 LOAD_FAST 1 (encoded_str)
304 LOAD_FAST 5 (i)
306 LOAD_CONST 13 (2)
308 BINARY_MULTIPLY
310 LOAD_CONST 13 (2)
312 BINARY_ADD
314 LOAD_CONST 0 (None)
316 BUILD_SLICE 2
318 BINARY_SUBSCR
320 BINARY_ADD
322 STORE_FAST 1 (encoded_str)
324 JUMP_ABSOLUTE 248
>> 326 LOAD_FAST 1 (encoded_str)
328 RETURN_VALUE
Disassembly of <code object at 0x0000029CAAC75920, file "", line 19>:
19 0 LOAD_FAST 0 (.0)
>> 2 FOR_ITER 16 (to 20)
4 STORE_FAST 1 (byte)
6 LOAD_GLOBAL 0 (format)
8 LOAD_FAST 1 (byte)
10 LOAD_CONST 0 ('08b')
12 CALL_FUNCTION 2
14 YIELD_VALUE
16 POP_TOP
18 JUMP_ABSOLUTE 2
>> 20 LOAD_CONST 1 (None)
22 RETURN_VALUE
import base64
def encode(data):
encoded_str = ''
padding = 0
base64_chars = 'ZQ+U7tSBEKVzyf5coCwb94Dd6raT0eLNin12Hp8mOxFuvMgIPlhRY3WjksqJAXG/'
# Perform XOR with 85 and reassemble bytes
ww = b''
for i in data:
i ^= 85
ww += i.to_bytes(1, 'little')
data = ww
# Process the data
for i in range(0, len(data), 3):
chunk = data[i:i+3]
binary_str = ''.join(format(byte, '08b') for byte in chunk)
for j in range(0, len(binary_str), 6):
six_bits = binary_str[j:j+6]
if len(six_bits) < 6:
padding += (6 - len(six_bits))
six_bits += '0' * (6 - len(six_bits))
encoded_str += base64_chars[int(six_bits, 2)]
# Add padding characters
encoded_str += '!' * (padding // 2)
# Process the encoded string in chunks of 2
for i in range(len(encoded_str) // 2):
a = encoded_str[i * 2]
b = encoded_str[i * 2 + 1]
encoded_str = encoded_str[:i * 2] + b + a + encoded_str[i * 2 + 2:]
return encoded_str
# Example usage:data = b'This is an example data to encode'
encoded = encode(data)
print(encoded)
import base64
def encode(data):
encoded_str = ''
padding = 0
base64_chars = 'ZQ+U7tSBEKVzyf5coCwb94Dd6raT0eLNin12Hp8mOxFuvMgIPlhRY3WjksqJAXG/'
# Perform XOR with 85 and reassemble bytes
ww = b''
for i in data:
i ^= 85
ww += i.to_bytes(1, 'little')
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
|
|
|---|---|
