测试文件:https://adworld.xctf.org.cn/media/task/attachments/69c8f29912ae4f679d92a6cd36c33196.pyc
pyc反编译在线:https://tool.lu/pyc/
#!/usr/bin/env python
# visit http://tool.lu/pyc/ for more information
import base64
def encode(message):
s = ''
for i in message:
x = ord(i) ^ 32 # ord()可用于字符转成ASCII码
x = x + 16
s += chr(x) # 转字符
return base64.b64encode(s) # 返回s通过base64加密之后的值
# 分析可知返回值一定等于'XlNkVmtUI1MgXWBZXCFeKY+AaXNt' 只要逆着分析就能得到message
correct = 'XlNkVmtUI1MgXWBZXCFeKY+AaXNt'
flag = ''
print 'Input flag:'
flag = raw_input()
if encode(flag) == correct:
print 'correct'
else:
print 'wrong'
base64.b64encode()用法 / base64 decode用法:
编写python脚本:
# 解题思路:
# 1、correct用base64解密
# 2、然后通过
# for i in message:
# x=ord(i)^32
# x=x+16
# s+=char(x)
# 倒推出flag
#
import base64
correct="XlNkVmtUI1MgXWBZXCFeKY+AaXNt"
mid_flag=base64.b64decode(correct)
print(mid_flag)
flag=''
for i in mid_flag:
j=i-16
j=j^32
flag+=chr(j)
print(flag)
# 异或: (如下关系只有异或满足)
# a^b=c c^b=a c^a=b
# 0011
# 0001
# ————
# 0010 # 相异的时候才为1
nctf{d3c0mpil1n9_PyC}