这个程序是UPX加壳过的,可以直接用upx程序脱壳
int __cdecl main(int argc, const char **argv, const char **envp)
{
char v3; // cl
char s1[104]; // [rsp+0h] [rbp-70h] BYREF
unsigned __int64 v6; // [rsp+68h] [rbp-8h]
v6 = __readfsqword(0x28u);
_isoc99_scanf((unsigned int)"%96s", (unsigned int)s1, (_DWORD)envp, v3);
if ( !strcmp(s1, flag) )
puts("Congratulations!");
else
puts("Try again!");
return 0;
}
代码非常简单,双击flag查看: