https://ctf.pediy.com/itembank.htm (国色天香)
拿到一道CrackMe的题目,输入CTFHUB,求密码。
# GetDlgItemTextA下断, 返回后是加密流程
# 1.用名字算出一串10位数的密钥
# 2.用密钥再次进行加密, 得到真正的key
这个仅仅是根据了username得到10位数的密钥。
这两个看似同样的操作。一步一步跟着来
放一下自己的注册机代码
// ConsoleApplication1.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include <iostream>
#include <cstdio>
#include <cstring>
#include <windows.h>
using namespace std;
char uName[25] = {0};
char uNameKey[25] = {0};
char uKey[25] = {0};
int _tmain(int argc, _TCHAR* argv[])
{
cout << "please press your username..." << endl;
int ebx = 0;
int ecx = 0;
int edx = 0;
while(~scanf("%s", uName)){
int uNameLen = strlen(uName);
if(uNameLen == 0){
cout << "Enter Name!" << endl;
continue;
}else if(uNameLen > 0x20){
cout << "Name can be max 32 Chars long!" << endl;
continue;
}else if(uNameLen < 5){
cout << "Name must be min 5 Chars long!" << endl;
continue;
}
break;
}
ecx = 0;
int al = 0x5;
edx = 0;
while(true){
int cl = uName[edx];
cl = cl ^ 0x29;
cl = cl + al;
if(cl < 0x41 || cl > 0x5A){
cl = 0x52;
cl = cl + al;
}
uNameKey[edx] = cl;
uNameKey[edx + 1] = 0x0;
edx ++;
al --;
if(al == 0) break;
}
edx = 0;
al = 5;
while(true){
int cl = uName[edx];
cl = cl ^ 0x27;
cl = cl + al;
if(cl < 0x41 || cl > 0x5A){
cl = 0x4D;
cl = cl + al;
}
uNameKey[edx + 5] = cl;
uNameKey[edx + 5 + 1] = 0x0;
edx ++;
al --;
if(al == 0) break;
}
uNameKey[10] = '\0';
printf("uNameKey = %s\n", uNameKey);
ebx = 0;
ecx = 0;
edx = 0;
while(true){
int dl = uNameKey[ecx];
if(dl == 0x0){
break;
}
dl += 0x5;
if(dl > 0x5a){
dl -= 0xd;
}
dl = dl ^ 0xc;
if(dl < 0x41){
dl = 0x4b;
dl += ecx;
}
if(dl > 0x5A){
dl = 0x4b;
dl -= ecx;
}
uKey[ecx] = dl;
ecx ++;
}
uKey[ecx] = '\0';
printf("uKey = %s\n", uKey);
getchar();
getchar();
return 0;
}