平台
reverse签到
签到无情,亦有情
re_easy
分析
exp
In [1]: import angr
In [2]: pro = angr.Project("re1")
In [3]: pro = angr.Project("re1",auto_load_libs=False)
In [4]: sm = pro.factory.simulation_manager(pro.factory.entry_state())
In [5]: sm.explore(find=0x40091D,avoid=0x4008FA)
Out[5]: <SimulationManager with 1 found, 324 avoid>
In [6]: sm.found[0].posix.dumps(0)
Out[6]: 'bdctf{YOU_CRAKE_THE_RC4}'
In [7]:
simplere
分析
我们输入的字符串加密之后与str2比较
关键函数
exp
flag = [102,0xA,0x6B,0xC,0x77,0x12,0x21,25,123,78,44,26,41,4,48,82,52,3,46,26,127,93,21,79,86,6,0,31,21,11,85,83,12,0,95,3,85,83,87,7,78,125]
for i in range(20,0,-1):
flag[i] = flag[i] ^ flag[i-1]
for i in range(40,20,-1):
flag[i] = flag[i] ^ flag[i+1]
print ''.join(chr(i) for i in flag)
ELF64
分析
输入的数据md5加密后与780438d5b6e29db0898bc4f0225935c0相比较
somd5
baby_reverse
分析
输入加密比较,没什么可说的
exp
flag = list("bIwhroo8cwqgwrxusi")
s = ''
for i in range(0,len(flag),3):
s += chr((ord(flag[i]) ^ 18) - 6)
s += chr((ord(flag[i+1]) ^ 18) + 6)
s += chr(ord(flag[i+2])^6^18)
print s
py
找一个在线反编译网站
反编译失败,查看文件头发现少了修改时间于是乎添上,解密得到python代码
print '[-]Please input your key:'
key = raw_input()
flag = "=Xm/>*<&?*=+:)k)='@)<.@-n)mZn.<"
flags = ''
for q in range(len(key)):
if q % 2 == 0:
flags += chr(ord(key[q]) + 10)
continue
flags += chr(ord(key[q]) - 10)
if flags == flag:
print '[-]Good!'
else:
print '[-]Wrong!'
exp
flag = list("=Xm/>*<&?*=+:)k)='@)<.@-n)mZn.<")
flags = ''
for i in range(0,len(flag)):
if i % 2 == 0:
flags += chr(ord(flag[i]) - 10)
continue
flags += chr(ord(flag[i]) + 10)
print flags
C是最好的语言
难道不是我php是最好的语言吗
分析
exp
符号问题坑死人
对python还是不太熟悉
#include <stdio.h>
#include <math.h>
int main(){
unsigned int v8;
int flag[] = {0, 7, 14, 21, 28, 35, 42, 49, 56, 63, 70, 77, 84, 91, 98, 106, 113, 120, 127, 134, 141, 148, 155, 162, 169, 176, 183, 190, 197, 205, 212, 219, 226, 233, 240, 247, 254, 261, 268, 275, 282, 289, 296, 304, 311, 318, 325, 332, 339, 346, 353, 360, 367, 374, 381, 388, 395, 403, 410, 417, 424, 431, 438, 445, 452, 459, 466, 473, 480, 487, 494, 502, 509, 516, 523, 530, 537, 544, 551, 558, 565, 572, 579, 586, 593, 601, 608, 615, 622, 629, 636, 643, 650, 657, 664, 671, 678, 685, 692, 699};
int i,j,k,v9;
for(i=0;i<sizeof(flag)/sizeof(int);i++){
for(j=i+1;j<sizeof(flag)/sizeof(int);j++){
for(k=j+1;k<sizeof(flag)/sizeof(int);k++){
v9 = (flag[i]+flag[j]+flag[k])/2;
v8 = (unsigned int)((v9-flag[k]) * ((v9-flag[j])*(v9-flag[i])) * v9);
v8 = sqrt(v8*1.0);
if((v8 - 58792) < 0.1){
printf("%d %d %d \n",flag[i],flag[j],flag[k]);
}
}
}
}
return 0;
}
快下班了,emmm…..
本博客所有文章除特别声明外,均采用 CC BY-SA 3.0协议 。转载请注明出处!