re刷题第九天
0x00 tt3441810
知识点:汇编硬编码
题目给出了一堆十六进制,转换为汇编看下,发现第一句是push 0x666c
,之后进行了一些异或,加操作,emmm。。。看不太懂。想起来push在这里的十六进制是0x68
,所以把0x68
后两个字节的内容提取出来就是flag
0x01 gametime
额。。。这个题说实话我不明白在考察什么东西,我tcl。题目是一个小游戏,定义了我们必须要根据规则来输入字符.
s-->' '
x-->'x'
m-->'m'
全部输入正确就会给出flag
0x02 APK-逆向2
知识点:.net逆向、socket
用ILSpy
反编译一下,监听了下本机的31337
端口拿到flag。
namespace Rev_100
{
internal class Program
{
private static void Main(string[] args)
{
string hostname = "127.0.0.1";
int port = 31337;
TcpClient tcpClient = new TcpClient();
try
{
Console.WriteLine("Connecting...");
tcpClient.Connect(hostname, port);
}
catch (Exception)
{
Console.WriteLine("Cannot connect!\nFail!");
return;
}
Socket client = tcpClient.Client;
string text = "Super Secret Key";
string text2 = Program.read();
client.Send(Encoding.ASCII.GetBytes("CTF{"));
string text3 = text;
for (int i = 0; i < text3.Length; i++)
{
char x = text3[i];
client.Send(Encoding.ASCII.GetBytes(Program.search(x, text2)));
}
client.Send(Encoding.ASCII.GetBytes("}"));
client.Close();
tcpClient.Close();
Console.WriteLine("Success!");
}
private static string read()
{
string fileName = Process.GetCurrentProcess().MainModule.FileName;
string[] array = fileName.Split(new char[]
{
'\\'
});
string path = array[array.Length - 1];
string result = "";
using (StreamReader streamReader = new StreamReader(path))
{
result = streamReader.ReadToEnd();
}
return result;
}
private static string search(char x, string text)
{
int length = text.Length;
for (int i = 0; i < length; i++)
{
if (x == text[i])
{
int value = i * 1337 % 256;
return Convert.ToString(value, 16).PadLeft(2, '0');
}
}
return "??";
}
}
}