CTF---独树一帜(C++ 注册机)

https://ctf.pediy.com/itembank.htm（独树一帜）

拿到一道CrackMe的题目

# GetDlgItemTextA下断, 返回后call 0x401000函数是加密流程

加密流程实在过长，拖到ida64里，F5，完事，得到以下伪代码

signed int __cdecl sub_401000(const char *a1, _BYTE *a2)
{
  int v2; // ebp
  unsigned int v3; // edx
  int v4; // ebp
  _BYTE *v5; // eax
  char *v6; // esi
  char v7; // dl
  signed int v8; // edx

  v2 = 0;
  if ( *a1 != *a2 || strlen(a1) < 5 || a2[1] != 45 )
  {
    v8 = (signed int)a1;
  }
  else
  {
    v3 = 0;
    if ( strlen(a1) != 0 )
    {
      do
        v2 += a1[v3++];
      while ( v3 < strlen(a1) );
    }
    v4 = v2 + 24676;
    sprintf(byte_406B30, aLu, v4);
    byte_406B44 = *a1;
    byte_406B45 = 45;
    byte_406B46 = toupper(a1[strlen(a1) - 1]);
    strcat(&byte_406B44, byte_406B30);
    strcat(&byte_406B44, (const char *)&unk_406030);
    sprintf(byte_406B30, aLu, v4 + 24676);
    strcat(&byte_406B44, byte_406B30);
    v5 = a2;                    //henuyl  我输入的密码
    v6 = &byte_406B44;          //henuyl  程序生成的密码（推断上方为生成密码的
                                //        算法，分析到这里就可以了，下方可以无视）
    while ( *v5 == *v6 )        //henuyl  比较密码的过程
    {
      if ( !*v5 )
        goto LABEL_11;
      v7 = v5[1];
      if ( v7 != v6[1] )
        break;
      v5 += 2;
      v6 += 2;
      if ( !v7 )
      {
LABEL_11:
        v8 = 1;
        goto LABEL_14;
      }
    }
    v8 = 0;
  }
LABEL_14:
  memset(&byte_406B44, 0, 0x100u);
  return v8;
}

很容易就可得到这个算法加密的基本流程。

#include <stdio.h>
#include <string.h>
#include <ctype.h>
char src[25];
char buff[25];
char name[] = "CTFHUB";
int v2;
unsigned int v3;
int v4;
int main(){
	v3 = 0;
	if(strlen(name) != 0){
		do{
			v2 += name[v3++];
		} 
		while(v3 < strlen(name));
	}
	v4 = v2 + 0x6064;
	sprintf(src, "%lu", v4);
	*buff = *name;
	*(buff + 1) = '-';
	*(buff + 2) = toupper(name[strlen(name) - 1]);
	strcat(buff, src);
	strcat(buff, "-");
	sprintf(src, "%lu", v4 + 0x6064);
	strcat(buff, src);
	
	printf("%s\n", buff);
	return 0;
}

简简单单有这么难吗~