BUUCTF Reverse/[WUSTCTF2020]level1
查看信息,是ELF文件
用IDA64打开,找到main函数查看伪代码
int __cdecl main(int argc, const char **argv, const char **envp)
{
int i; // [rsp+4h] [rbp-2Ch]
FILE *stream; // [rsp+8h] [rbp-28h]
char ptr[24]; // [rsp+10h] [rbp-20h] BYREF
unsigned __int64 v7; // [rsp+28h] [rbp-8h]
v7 = __readfsqword(0x28u);
stream = fopen("flag", "r");
fread(ptr, 1uLL, 0x14uLL, stream);
fclose(stream);
for ( i = 1; i <= 19; ++i )
{
if ( (i & 1) != 0 )
printf("%ld\n", (unsigned int)(ptr[i] << i)); //将二进制位左移i位,相当于乘了i个2
else
printf("%ld\n", (unsigned int)(i * ptr[i]));
}
return 0;
}
可以看出flag为19位,下面是经过输出的结果
写出脚本
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int main()
{
int i,j;
long int flag[] = {0,198,232,816,200,1536,300,6144,984,51200,570,92160,1200,565248,
756,1474560,800,6291456,1782,65536000};
for(i = 1; i <= 19 ; i++)
{
if((i & 1) != 0)
{
int k = i;
while(k > 0)
{
flag[i] /= 2; //除以i个2
k--;
}
}
else
{
flag[i] /= i;
}
printf("%c",flag[i]);
}
return 0;
}
运行得到结果
flag :flag{d9-dE6-20c}