1.SignIn
一入眼,熟悉的大数,RSA加密。因为n位数十分小,因此可以直接分解n,如下。
import gmpy2
import libnum
e = 65537
p = 366669102002966856876605669837014229419
q = 282164587459512124844245113950593348271
n = 103461035900816914121390101299049044413950405173712170434161686539878160984549
assert n == p*q,"p and q error"
fn = (p - 1)*(q - 1)
c = 0xad939ff59f6e70bcbfad406f2494993757eee98b91bc244184a377520d06fc35
d = gmpy2.invert(e, fn)
m = gmpy2.powmod(c, d, n)
print(libnum.n2s(int(m))) # suctf{Pwn_@_hundred_years}
2.babyre
这个算法是输入一个key,之后对的做位分解。具体怎么分解没看,不过这里很好逆向。因为key有输入大小的限制,只需要枚举key的所有情况即可。
#include <stdint.h>
#include <stdio.h>
int main(int argc, char const *argv[])
{
char v4[] = {
2, 3, 2, 1, 4, 7, 4, 5, 10, 11, 10, 9, 14, 15, 12, 13, 16, 19, 16, 17, 20, 23, 22, 19, 28, 25, 30, 31, 28, 25, 26,
31,36,33,34,39,36,33,34,35,40,41,46,43,36,45,38,47,56,49,58,59,52,61,62,55,48,57,50,59,60,53,54,55,72,73,66,66,68,68,70,71,72,73,74,74,77,77,79,78,80,80,82,83,85,84,86,87,89,89,90,91,92,93,94,94,96,96,99,99,100,101,103,103,105,105,107,107,108,109,110,110,112,112,114,115,116,117,119,119,120,121,123,123,125,125,
127,127,-127,-127,-125,-125,-116,-115,-114,-113,-120,-119,-118,-117,-116,-115,-114,-121,-104,-111,-110,-109,-108,-107,-106,-105,-104,-103,-102,-102,-100,-100,-98,-98,-96,-96,-94,-94,-92,-92,-90,-90,-88,-88,-86,-86,-84,-84,-82,-82,-80,-79,-78,-77
};
uint32_t key = 0;
int v9, v10;
while (key < UINT16_MAX)
{
uint8_t output[22] = {0};
uint8_t i = 8;
uint8_t j = 0;
while (i)
{
--i;
for ( j = 22; j; )
{
v9 = v4[22 *i + --j];
v10 = (v9 >> ((key >> (2 *i)) & 3)) & 1;
output[j] |= v10 <<i;
}
}
puts(output);
key++;
}
return 0;
}
将所有输出重定向至一个文件中,搜索suctf即可。
SUCTF{Flag_8i7244980f}
hardcpp
ollvm混淆,最终的处理的是一段运算,如下。
里面大致是一些四则运算和异或取模,最终v15与enc加密数据比较。
简化运算得表达式
((input[v36-1]^18)*3+2)^(input[v36] + (input[v36-1]%7)) == enc[v36 -1]
这里的v36查看了下引用,应该是初始化为1了。
然后可以枚举第一个字符,来解。
enc = [
0xF3, 0x2E, 0x18, 0x36, 0xE1, 0x4C, 0x22, 0xD1, 0xF9, 0x8C,
0x40, 0x76, 0xF4, 0x0E, 0x00, 0x05, 0xA3, 0x90, 0x0E, 0xA5
]
flag = [0]*21
for ch in range(32,128):
flag[0] = ch
for i in range(1,21):
flag[i] = (((flag[i-1]^18)*3+2)^ enc[i - 1]) - (flag[i-1]%7)
flag[i] &= 0xff
res = ''.join(map(chr,flag))
if 'flag' in res:
print(res)