解题过程
先脱壳,然后拖进64位IDA,定位到主函数F5查看伪C代码,代码如下:
__int64 __fastcall main(__int64 a1, char **a2, char **a3)
{
__int64 result; // rax
unsigned __int64 v4; // kr08_8
char *v5; // ST18_8
char *v6; // ST20_8
char *v7; // ST28_8
char *v8; // ST30_8
bool v9; // cf
bool v10; // zf
signed __int64 v11; // rcx
char *v12; // rsi
const char *v13; // rdi
signed int i; // [rsp+38h] [rbp-88h]
char v15[48]; // [rsp+40h] [rbp-80h]
char v16; // [rsp+70h] [rbp-50h]
__int16 v17; // [rsp+76h] [rbp-4Ah]
char dest[40]; // [rsp+90h] [rbp-30h]
unsigned __int64 v19; // [rsp+B8h] [rbp-8h]
v19 = __readfsqword(0x28u);
puts("Please input flag:");
__isoc99_scanf("%s", &v16);
if ( (unsigned int)sub_401773(&v16) )
{
puts("Format Error !!");
result = 0LL;
}
else
{
v4 = strlen(&v16) + 1;
strncpy(dest, (const char *)&v17, (signed int)v4 - 8);
dest[(signed