0x00 Crypto之boom
下載下來是個exe文件,拖到cmd運行(切記一定不要雙擊,用cmd打開)
找個md5網站解密,得到明文
輸入後得到一個方程組,解方程組(找個就不用說了,初中知識)
輸入有又出現一個方程:
解出來輸入x可得flag:
0x01 Reverse之signal
用IDA逆向後,可得關鍵算法:
他是將一串數字做了不同操作符運算,得到一個ascii碼,即爲flag,於是寫出爆破payload如下:
# -*- coding: UTF-8 -*-
code = [10,4,16,8,3,5,1,4,32,8,5,3,1,3,2,8,11,1,12,8,4,4,1,5,3,8,3,33,1,11,8,11,1,4,9,8,3,32,1,2,81,8,4,36,1,12,8,11,1,5,2,8,2,37,1,2,54,8,4,65,1,2,32,8,5,1,1,5,3,8,2,37,1,4,9,8,3,32,1,2,65,8,12,1,7,34,7,63,7,52,7,50,7,114,7,51,7,24,7,167,7,49,7,241,7,40,7,132,7,193,7,30,7,122]
result = [34,63,52,50,114,51,24,167,49,241,40,132,193,30,122]
flag = []
def encode(x,code):
i=0
achar=0
while(i<len(code)):
if code[i]==2:
achar=x+code[i+1]
i+=2
elif code[i]==3:
achar=x-code[i+1]
i=i+2
elif code[i]==4:
achar=x^code[i+1]
i=i+2
elif code[i]==5:
achar=x*code[i+1]
i=i+2
elif code[i]==8:
x=achar
i=i+1
elif code[i]==11:
achar=x-1
i=i+1
elif code[i]==12:
achar=x+1
i=i+1
return achar
def run(result,code):
for x in range(1,127):
if(encode(x,code)==result):
flag.append(chr(x))
if __name__ == '__main__':
cur_code = []
result_i = 0
for i in range(len(code)):
if code[i] == 10:
continue
if i < len(code) - 1 and code[i+1] != 1 and code[i] == 1:
run(result[result_i],cur_code)
cur_code = []
result_i = result_i + 1
else:
cur_code.append(code[i])
print("flag is = flag{" + ''.join(flag) + '}')
