附件下载下来,是一个.pyc文件,用UE打开看看
很多厂商为了防止源码外泄,经常会采用把*.py源码文件编译后删除,完全使用*.pyc文件运行自己的产品,起到了源码保护的作用
python在线反编译网站,直接将pyc文件还原为源码
#!/usr/bin/env python
# visit http://tool.lu/pyc/ for more information
import base64
def encode(message):
s = ''
for i in message:
x = ord(i) ^ 32
x = x + 16
s += chr(x)
return base64.b64encode(s)
correct = 'XlNkVmtUI1MgXWBZXCFeKY+AaXNt'
flag = ''
print 'Input flag:'
flag = raw_input()
if encode(flag) == correct:
print 'correct'
else:
print 'wrong'
分析逻辑,写出EXP如下
#python2
import base64
correct = 'XlNkVmtUI1MgXWBZXCFeKY+AaXNt'
flag = ''
correct_b64=base64.b64decode(correct)
for c in correct_b64:
f=chr((ord(c)-16)^32)
flag=flag+f
print flag