1、ez_enc:
1、查壳:
64位无壳
2、ida启动:
加密代码很清晰,看一下是一个递归加密,知道密文和密钥,现在求一下原文
对于递归而言,逆向破解比较麻烦,所以使用正向进行破解
key='IMouto'
enc=[ 0x27, 0x24, 0x17, 0x0B, 0x50, 0x03, 0xC8, 0x0C, 0x1F, 0x17,
0x36, 0x55, 0xCB, 0x2D, 0xE9, 0x32, 0x0E, 0x11, 0x26, 0x02,
0x0C, 0x07, 0xFC, 0x27, 0x3D, 0x2D, 0xED, 0x35, 0x59, 0xEB,
0x3C, 0x3E, 0xE4, 0x7D]
def dencrypts(key,enc):
flag='f'
for i in range(0,len(enc)):
flag+=chr(((ord(key[i%6])^(enc[i]))-ord(flag[i])%20)&0xff)
return flag
x=dencrypts(key,enc)
print(x)
在这个代码中,使用循环对他进行逆向破解,第一个字母可以试一试,只要知道第一个字母就可以往后面进行迭代,它可以是以flag开头或者XYCTF开头
3、此题总结:
了解到了递归的逆向,可以使用爆破的方法或者逆向破解的方法
2、ezmath:
python反编译的,直接解包
1、解包:
2、检查pyc
我们也不需要还原了,不错
直接将其转换为py文件
# uncompyle6 version 3.9.1
# Python bytecode version base 3.8.0 (3413)
# Decompiled from: Python 3.9.7 (tags/v3.9.7:1016ef3, Aug 30 2021, 20:19:38) [MSC v.1929 64 bit (AMD64)]
# Embedded file name: ezmath.py
flag = [ord(i) for i in input("flag:")]
if len(flag) == 32:
if (sum([flag[23] for _ in range(flag[23])]) +
sum([flag[12] for _ in range(flag[12])])
+ sum([flag[1] for _ in range(flag[1])])
- sum([flag[24] for _ in range(222)])
+ sum([flag[22] for _ in range(flag[22])])
+ sum([flag[31] for _ in range(flag[31])])
+ sum([flag[26] for _ in range(flag[26])])
- sum([flag[9] for _ in range(178)])
- sum([flag[29] for _ in range(232)])
+ sum([flag[17] for _ in range(flag[17])])
- sum([flag[23] for _ in range(150)])
- sum([flag[6] for _ in range(226)])
- sum([flag[7] for _ in range(110)])
+ sum([flag[19] for _ in range(flag[19])])
+ sum([flag[2] for _ in range(flag[2])])
- sum([flag[0] for _ in range(176)])
+ sum([flag[10] for _ in range(flag[10])])
- sum([flag[12] for _ in range(198)])
+ sum([flag[24] for _ in range(flag[24])])
+ sum([flag[9] for _ in range(flag[9])])
- sum([flag[3] for _ in range(168)])
+ sum([flag[8] for _ in range(flag[8])])
- sum([flag[2] for _ in range(134)])
+ sum([flag[14] for _ in range(flag[14])])
- sum([flag[13] for _ in range(170)])
+ sum([flag[4] for _ in range(flag[4])])
- sum([flag[10] for _ in range(142)])
+ sum([flag[27] for _ in range(flag[27])])
+ sum([flag[15] for _ in range(flag[15])])
- sum([flag[15] for _ in range(224)])
+ sum([flag[16] for _ in range(flag[16])])
- sum([flag[11] for _ in range(230)])
- sum([flag[1] for _ in range(178)])
+ sum([flag[28] for _ in range(flag[28])])
- sum([flag[5] for _ in range(246)])
- sum([flag[17] for _ in range(168)])
+ sum([flag[30] for _ in range(flag[30])])
- sum([flag[21] for _ in range(220)])
- sum([flag[22] for _ in range(212)])
- sum([flag[16] for _ in range(232)])
+ sum([flag[25] for _ in range(flag[25])])
- sum([flag[4] for _ in range(140)])
- sum([flag[31] for _ in range(250)])
- sum([flag[28] for _ in range(150)])
+ sum([flag[11] for _ in range(flag[11])])
+ sum([flag[13] for _ in range(flag[13])])
- sum([flag[14] for _ in range(234)])
+ sum([flag[7] for _ in range(flag[7])])
- sum([flag[8] for _ in range(174)])
+ sum([flag[3] for _ in range(flag[3])])
- sum([flag[25] for _ in range(242)])
+ sum([flag[29] for _ in range(flag[29])])
+ sum([flag[5] for _ in range(flag[5])])
- sum([flag[30] for _ in range(142)])
- sum([flag[26] for _ in range(170)])
- sum([flag[19] for _ in range(176)])
+ sum([flag[0] for _ in range(flag[0])])
- sum([flag[27] for _ in range(168)])
+ sum([flag[20] for _ in range(flag[20])])
- sum([flag[20] for _ in range(212)])
+ sum([flag[21] for _ in range(flag[21])])
+ sum([flag[6] for _ in range(flag[6])])
+ sum([flag[18] for _ in range(flag[18])])
- sum([flag[18] for _ in range(178)]) + 297412 == 0):
print("yes")
使用这z3进行一把梭
开整
from z3.z3 import Int, Solver, sat
flag = [Int(f"flag[{i}]") for i in range(32)]
solver = Solver()
solver.add( flag[23] * (flag[23]) + flag[12] * (flag[12]) + flag[1] * (flag[1]) - flag[24] * 222 +
flag[22] * (flag[22]) + flag[31] * (flag[31]) + flag[26] * (flag[26]) - flag[9] * 178 - flag[29] * 232 + flag[17] * (flag[17]) - flag[23] * 150 - flag[6] * 226 - flag[7] * 110 + flag[19] * (flag[19]) + flag[2] * (flag[2]) - flag[0] * 176 + flag[10] * (flag[10]) - flag[12] * 198 + flag[24] * (flag[24]) + flag[9] * (flag[9]) - flag[3] * 168 + flag[8] * (flag[8]) - flag[2] * 134 + flag[14] * (flag[14]) - flag[13] * 170 + flag[4] * (flag[4]) - flag[10] * 142 + flag[27] * (flag[27]) + flag[15] * (flag[15]) - flag[15] * 224 + flag[16] * (flag[16]) - flag[11] * 230 - flag[1] * 178 + flag[28] * (flag[28]) - flag[5] * 246 - flag[17] * 168 + flag[30] * (flag[30]) - flag[21] * 220 - flag[22] * 212 - flag[16] * 232 + flag[25] * (flag[25]) - flag[4] * 140 - flag[31] * 250 - flag[28] * 150 + flag[11] * (flag[11]) + flag[13] * (flag[13]) - flag[14] * 234 + flag[7] * (flag[7]) - flag[8] * 174 + flag[3] * (flag[3]) - flag[25] * 242 + flag[29] * (flag[29]) + flag[5] * (flag[5]) - flag[30] * 142 - flag[26] * 170 - flag[19] * 176 + flag[0] * (flag[0]) - flag[27] * 168 + flag[20] * (flag[20]) - flag[20] * 212 + flag[21] * (flag[21]) + flag[6] * (flag[6]) +
flag[18] * (flag[18]) - flag[18] * 178 + 297412 == 0 )
if solver.check() == sat:
model = solver.model()
print(model)
solution = [model.evaluate(flag[i] for i in range(32))]
print("Solution found:")
print(solution)
for i in range(32):
print(chr(int(str(model[flag[i]]))), end="")
else:print("No solution found.")
贴下大佬的wp,我的一直运行不出来,太菜了
3、给阿姨倒一杯卡布奇诺
1、查壳:
64位无壳
2、ida启动
里面有一个加密函数,看一下
是TEA加密,不过有魔改
手搓一下代码:
#include <iostream>
using namespace std;
unsigned int data1 = 0x5F797274;
unsigned int data2 = 0x64726168;
void decrypto(unsigned int *v,unsigned int *k) {
unsigned int v0, v1;
unsigned int t0, t1;
unsigned long long int sum = 0x6E75316C * 32;
v0 = *v;
v1 = v[1];
t0 = v0;
t1 = v1;
for (int i = 31; i >= 0; --i)
{
v1 -= ((v0 >> 5) + k[3]) ^ (v0 + sum) ^ (k[2] + 16 * v0) ^ (sum + i);
v0 -= ((v1 >> 5) + k[1]) ^ (v1 + sum) ^ (*k + 16 * v1) ^ (sum + i);
sum -= 0x6E75316C;
}
*v = v0 ^ data1;
v[1] = v1 ^ data2;
data1 = t0;
data2 = t1;
}
int main() {
unsigned int cipher[8];
unsigned int key[4];
unsigned int temp[2];
int length, i;
cipher[0] = 2603150661;
cipher[1] = 0x145EC6E9;
cipher[2] = 0x5B27A6C3;
cipher[3] = 0xE59E75D5;
cipher[4] = 0xE82C2500;
cipher[5] = 0xA4211D92;
cipher[6] = 0xCD8A4B62;
cipher[7] = 0xA668F440;
key[0] = 0x65766967;
key[1] = 0x756F795F;
key[2] = 0x7075635F;
key[3] = 0x6165745F;
length = sizeof(cipher);
unsigned int* temp1 = (unsigned int*)cipher;
unsigned char* temp2 = (unsigned char*)cipher;
for (int i = 0; i <8; i += 2) {
decrypto(temp1+i,key);
}
for (i = 0; i < length; i++)
cout << temp2[i];
return 0;
}
此题总结:
了解到魔改TEA算法的解密,要与其相反,同时在解密那个循环时,需要从32开始递减而不是从1开始递增