第二届广东大学生网络安全攻防大赛 个人向Write Up
Crypto
crypto-xor2
拿到task.py 和 flag加密后的cipher winhex打开 推测hex值为异或结果
taskpy源码 加密方式为flag对key逐位异或循环 并标注了xxxx并非真实key
from secret import flag
key = "xxxx" # not real key
cipher = ""
for i, c in enumerate(flag):
cipher += chr(ord(c) ^ ord(key[i%4]))
with open("cipher", "w") as f:
f.write(cipher)
flag{xxx}前四位为f l a g,依次对cipher前四位做异或处理,得到key,可以看出xxxx就是key的内容(?烟雾弹是吧)
写个脚本逆向一下,得到
key = "xxxx" # not real key
f = open('cipher')
cipher = f.read()
f.close()
def jiemi(cipher):
flag = ''
for i, c in enumerate(cipher):
flag += chr(ord(c) ^ ord(k