REVERSE-PRACTICE-JarvisOJ-4
REVERSE-PRACTICE-JarvisOJ-4
- Classical Crackme
- FindKey
Classical Crackme
exe程序,输入注册码,输入错误弹窗
查壳发现是.Net程序,dnSpy打开(要不要用de4dot unpack无所谓,这里打开的是解包过的程序)
按下“注册”按钮后的逻辑为,读取输入,将输入用base64编码,编码结果与已知字符串比较,验证输入
直接解已知字符串的base64即可得到flag
FindKey
.pyc文件,uncompyle6反编译,得到python源码
主要的逻辑为,读取输入,检验输入长度是否为17,输入倒序,验证输入内容
import sys
lookup = [196, 153, 149, 206, 17, 221, 10, 217, 167, 18, 36, 135, 103, 61, 111, 31, 92, 152, 21, 228, 105, 191, 173, 41, 2, 245, 23, 144, 1, 246, 89, 178, 182, 119, 38, 85, 48, 226, 165, 241, 166, 214, 71, 90, 151, 3, 109, 169, 150, 224, 69, 156, 158, 57, 181, 29, 200, 37, 51, 252, 227, 93, 65, 82, 66, 80, 170, 77, 49, 177, 81, 94, 202, 107, 25, 73, 148, 98, 129, 231, 212, 14, 84, 121, 174, 171, 64, 180, 233, 74, 140, 242, 75, 104, 253, 44, 39, 87, 86, 27, 68, 22, 55, 76, 35, 248, 96, 5, 56, 20, 161, 213, 238, 220, 72, 100, 247, 8, 63, 249, 145, 243, 155, 222, 122, 32, 43, 186, 0, 102, 216, 126, 15, 42, 115, 138, 240, 147, 229, 204, 117, 223, 141, 159, 131, 232, 124, 254, 60, 116, 46, 113, 79, 16, 128, 6, 251, 40, 205, 137, 199, 83, 54, 188, 19, 184, 201, 110, 255, 26, 91, 211, 132, 160, 168, 154, 185, 183, 244, 78, 33, 123, 28, 59, 12, 210, 218, 47, 163, 215, 209, 108, 235, 237, 118, 101, 24, 234, 106, 143, 88, 9, 136, 95, 30, 193, 176, 225, 198, 197, 194, 239, 134, 162, 192, 11, 70, 58, 187, 50, 67, 236, 230, 13, 99, 190, 208, 207, 7, 53, 219, 203, 62, 114, 127, 125, 164, 179, 175, 112, 172, 250, 133, 130, 52, 189, 97, 146, 34, 157, 120, 195, 45, 4, 142, 139]
pwda = [188, 155, 11, 58, 251, 208, 204, 202, 150, 120, 206, 237, 114, 92, 126, 6, 42]
pwdb = [53, 222, 230, 35, 67, 248, 226, 216, 17, 209, 32, 2, 181, 200, 171, 60, 108]
flag = raw_input('Input your Key:').strip()
if len(flag) != 17:print 'Wrong Key!!'sys.exit(1)
flag = flag[::-1]
for i in range(0, len(flag)):if ord(flag[i]) + pwda[i] & 255 != lookup[(i + pwdb[i])]:print 'Wrong Key!!'sys.exit(1)print 'Congratulations!!'
写逆运算脚本即可得到flag
lookup = [196, 153, 149, 206, 17, 221, 10, 217, 167, 18, 36, 135, 103, 61, 111, 31, 92, 152, 21, 228, 105, 191, 173, 41, 2, 245, 23, 144, 1, 246, 89, 178, 182, 119, 38, 85, 48, 226, 165, 241, 166, 214, 71, 90, 151, 3, 109, 169, 150, 224, 69, 156, 158, 57, 181, 29, 200, 37, 51, 252, 227, 93, 65, 82, 66, 80, 170, 77, 49, 177, 81, 94, 202, 107, 25, 73, 148, 98, 129, 231, 212, 14, 84, 121, 174, 171, 64, 180, 233, 74, 140, 242, 75, 104, 253, 44, 39, 87, 86, 27, 68, 22, 55, 76, 35, 248, 96, 5, 56, 20, 161, 213, 238, 220, 72, 100, 247, 8, 63, 249, 145, 243, 155, 222, 122, 32, 43, 186, 0, 102, 216, 126, 15, 42, 115, 138, 240, 147, 229, 204, 117, 223, 141, 159, 131, 232, 124, 254, 60, 116, 46, 113, 79, 16, 128, 6, 251, 40, 205, 137, 199, 83, 54, 188, 19, 184, 201, 110, 255, 26, 91, 211, 132, 160, 168, 154, 185, 183, 244, 78, 33, 123, 28, 59, 12, 210, 218, 47, 163, 215, 209, 108, 235, 237, 118, 101, 24, 234, 106, 143, 88, 9, 136, 95, 30, 193, 176, 225, 198, 197, 194, 239, 134, 162, 192, 11, 70, 58, 187, 50, 67, 236, 230, 13, 99, 190, 208, 207, 7, 53, 219, 203, 62, 114, 127, 125, 164, 179, 175, 112, 172, 250, 133, 130, 52, 189, 97, 146, 34, 157, 120, 195, 45, 4, 142, 139]
pwda = [188, 155, 11, 58, 251, 208, 204, 202, 150, 120, 206, 237, 114, 92, 126, 6, 42]
pwdb = [53, 222, 230, 35, 67, 248, 226, 216, 17, 209, 32, 2, 181, 200, 171, 60, 108]
flag=[0]*17
for i in range(len(flag)):flag[i]=lookup[i+pwdb[i]]-pwda[i]&255
flag=flag[::-1]
print(''.join(chr(i) for i in flag))
#PCTF{PyC_Cr4ck3r}
REVERSE-PRACTICE-JarvisOJ-4相关推荐
- linux内核路由反向检查,反向路径过滤——reverse path filter
反向路径过滤--reverse path filter 一.原理 先介绍个非对称路由的概念 参考<Understanding Linux Network Internals>三十章, 30 ...
- java中Collections常用方法总结(包括sort,copy,reverse等)
1.sort(Collection)方法的使用(含义:对集合进行排序). 例:对已知集合c进行排序public class Practice {public static void main(Stri ...
- A Guide To Reverse Tethering
By Kevin Pocock on February 04, 2013 Using a mobile device such as a smartphone to act as a hotspot ...
- picoCTF,Reverse Engineering,逆向类,42/55
picoCTF,Reverse Engineering,42/55 2019 picoCTF 01.vault-door-training,50分 02.vault-door-1,100分 03.va ...
- PAT (Advanced Level) Practice 题解代码 - II (1051-1100)
PAT PAT (Advanced Level) Practice - II(1051-1100) -------------------------------------------------- ...
- (Python) PAT(Basic Level) Practice 刷题笔记(34-66)
我的代码仅能解题,效率不高也不够简洁,欢迎师傅们提出建议,能让我加以改进. Practice 1036 跟奥巴马一起编程 (15 分) 1037 在霍格沃茨找零钱 (20 分) 1038 统计同成绩学 ...
- minty_Brit666‘s python practice no.2
minty_Brit666 Today's blog is about the practice of the leetcode. And I'll give my own answer in thi ...
- 【水一波题解】题解 of University of Central Florida 2020 (Fall) “Practice” Local Programming Contest
题解 of University of Central Florida 2020 (Fall) "Practice" Local Programming Contest [by_0 ...
- 动态规划十大经典案例(Dynamic Programming Practice Problems)
目录 leetcode 53 最大子序列和(Maximum Value Contiguous Subsequence) leetcode 53 零钱兑换(Making Change) LeetCode ...
- 206. Reverse Linked List
Reverse a singly linked list. 反转单链表 C++(9ms): 迭代 1 /** 2 * Definition for singly-linked list. 3 * s ...
最新文章
- Java做爬虫也很牛
- docker部署Javaweb环境数据库连接问题
- 开发过程中的常见问题
- Android中实现SQLite数据库CRUD操作的两种方式
- Nginx的rewrite案例之防盗链
- php用于防SQL注入的几个函数
- docker ps 和docker ps -a
- 组态王opc_组态王和西门子S7300、S7400系列PLC通讯的几种配置方案
- final关键字_夯实基础:Java中final关键字的几种用法
- Highcharts使用=====通过指定日期显示曲线
- 复旦大学2013--2014学年第一学期(13级)高等代数I期末考试第八大题解答
- 中兴防火墙配置_中兴通讯防火墙成功案例
- 干货 | 携程商旅订单系统架构设计和优化实践
- wireshark分析无线wifi包
- 大数据时代信息轰炸来袭 购房四大黄金法则
- 1024共码未来(一览中华风华,API First)
- ps4玩android游戏,PS4更新7.0系统:手机秒变手柄,远程遥控畅玩游戏
- 【文献调研】三相DLMP的motivation调研
- HTML5新特性之History
- 计算机多媒体对语文教学的提高,【原创论文】多媒体技术在中学语文教学中的应用...
热门文章
- (转)腾讯2011.10.15校园招聘会笔试题
- 2014腾讯实习生招聘软件开发类附加题
- 第一章 概率论的基本概念
- [密码学基础][每个信息安全博士生应该知道的52件事][Bristol52]46.Sigma协议正确性、公正性和零知识性
- 概率中比较重要的知识
- ubuntu12 04下django安装略谈
- 扫地机器人测评云鲸_云鲸科技,J1测评
- string 转比较运算符_运算符
- 六西格玛dfss_六西格玛系列知识之二:六西格玛管理的基本原理
- UE4 多人联机显示每个人的playid