LoginToMe
import libnum
from z3 import *
for i in (range(33, 128)):
x = Solver()
ans = []
s = [BitVec(('%d' % i), 32) for i in range(5)]
x.add(s[0] & 0xff == i)
x.add((s[0] & 0xffff) * (s[0] >> 16) == 342772773
, (s[0] & 0xffff) + (s[0] >> 16) == 39526
, s[1] - s[2] == 1005712381
, (s[1] & 0xffff) + (s[1] >> 16) == 56269
, (s[2] & 0xffff) - (s[2] >> 16) == 15092
, ((s[1]) & 0xff) * ((s[2]) & 0xff) == 10710
, ((s[1] >> 16) & 0xff) * ((s[2] >> 16) & 0xff) == 12051
, ((s[1]) >> 24) + ((s[2]) >> 24) == 172
, (s[3] & 0xffff) * (s[3] >> 16) == 171593250
, (s[3] & 0xffff) + (s[3] >> 16) == 26219
, (s[4] & 0xffff) * (s[4] >> 16) == 376306868
, (s[4] & 0xffff) + (s[4] >> 16) == 40341)
if x.check() == sat:
model = x.model()
for j in s:
print(libnum.n2s(model[j].as_long())[::-1].decode(), end='')
print()
babypy
注意提示信息,可在3.11版本python下直接引用encrypto库
查看encrypto.pyd的用法和功能
help(encrypto)
输出:
Help on module encrypto:
NAME
encrypto
FUNCTIONS
changtable(table)
encrypt_AES_CBC(data)
myBase64Encode(preCoding)
DATA
__test__ = {}
charTable = 'fghijklmnopqrstuvwxyz0123456789+/ABCDEFGHIJKLMNOPQRSTUVWX...
FILE
......babypy\encrypto.pyd
获取属性列表
print(dir(encrypto))
输出:
['AES', '__builtins__', '__doc__', '__file__', '__loader__', '__name__', '__package__', '__spec__', '__test__', 'changtable', 'charTable', 'encrypt_AES_CBC', 'myBase64Encode', 'os', 'pad', 'unpad']
将base64变表提取
print(encrypto.charTable)
输出:
fghijklmnopqrstuvwxyz0123456789+/ABCDEFGHIJKLMNOPQRSTUVWXYZabcde
修改"…py3.11\Lib\site-packages\Crypto\Cipher\AES.py",使其输出key和iv
例:
import encrypto
# data = 'a' * 32
# a = encrypto.encrypt_AES_CBC(data.encode())
输出:
key:47552c8b0c5349e1920897a3d0a1582dc311d655efcaf923677faed378e26ed5
iv:00015c7b8caadfbce92c4f46a4da1ec6
解密方法1:
import base64
import encrypto
from Crypto.Cipher import AES
# help(encrypto)
# print(dir(encrypto))
# print(encrypto.charTable)
# data = 'a' * 32
# a = encrypto.encrypt_AES_CBC(data.encode())
old_table = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
# new_table = "fghijklmnopqrstuvwxyz0123456789+/ABCDEFGHIJKLMNOPQRSTUVWXYZabcde"
new_table = encrypto.charTable
enc = "hFHKBrfErYqSzpLZ/WD35J9+xNEt0uEZs/cNJeT7onH="
enc = base64.b64decode(enc.translate(str.maketrans(new_table, old_table)))
key = bytes.fromhex("47552c8b0c5349e1920897a3d0a1582dc311d655efcaf923677faed378e26ed5")
iv = bytes.fromhex("00015c7b8caadfbce92c4f46a4da1ec6")
aes = AES.new(key, AES.MODE_CBC, iv)
print(aes.decrypt(enc))
解密方法2: