# 前言

## 常见用法

flag = []
for i in range(49):
flag.append(BitVec('flag%d' % i, 8))

solver = Solver()

olver.add(byte_610a0[v10]==i^v4)

if solver.check()==sat:

print solver.model()

## 例题

### 0x0 martricks

from z3 import *
byte_610a0 = [0xAA, 0x7A, 0x24, 0x0A, 0xA8, 0xBC, 0x3C, 0xFC, 0x82, 0x4B, 0x51, 0x52, 0x5E, 0x1C, 0x82, 0x1F, 0x79, 0xBA, 0xB5, 0xE3, 0x43, 0x04, 0xFD, 0xAC, 0x10, 0xB5, 0x63, 0xBD, 0x8D, 0xE7, 0x35, 0xD9, 0xD3, 0xE8, 0x42, 0x6D, 0x71, 0x5A, 0x09, 0x54, 0xE9, 0x9F, 0x4C, 0xDC, 0xA2, 0xAF, 0x11, 0x87, 0x94]
byte_601060 = [0x73,0x6F,0x6D,0x65,0x20,0x6C,0x65,0x67,0x65,0x6E,0x64,0x73,0x20,0x72,0x20,0x74,0x6F,0x6C,0x64,0x2C,0x20,0x73,0x6F,0x6D,0x65,0x20,0x74,0x75,0x72,0x6E,0x20,0x74,0x6F,0x20,0x64,0x75,0x73,0x74,0x20,0x6F,0x72,0x20,0x74,0x6F,0x20,0x67,0x6F,0x6C,0x64]
# init
flag = []
for i in range(49):
flag.append(BitVec('flag%d' % i, 8))
m1 = [BitVecVal(0, 8)]*49
m2 = [BitVecVal(0, 8)]*49
v11 = 23
for i in range(49):
m1[v11]=flag[i]^v11
m2[i]=byte_601060[v11]^i
v11 = (v11+13)%49
v10 = 41
v13 = 3
v14 = 4
v7 = 5
solver = Solver()
for v5 in range(7):
for v6 in range(7):
v4 = BitVecVal(0, 8)
for v8 in range(7):
v4 += m2[7*v7+v14]*m1[7*v13+v7]
v7 = (v7+5)%7
i = BitVecVal(v10, 8)
v10=(v10+31)%49
v14 = (v14+4)%7
v13 = (v13+3)%7
flg = ''
if solver.check()==sat:
print solver.model().sorts()
for i in range(49):
flg +=  chr(eval(str(solver.model().eval(flag[i]))))
print flg

#### 0x1

from z3 import *
s = [Int('serial%d' % i) for i in range(20)]
solver = Solver()
solver.add(s[1] * s[18] == 2 )
flag = []
if solver.check()==sat:
m = solver.model()
for i in s:
flag.append(str(m[i]))
print "".join(flag)
print 'ok'

#### 0x2

import sys
import random

key = sys.argv[1]
flag = '**CENSORED**'

assert len(key) == 13
assert max([ord(char) for char in key]) < 128
assert max([ord(char) for char in flag]) < 128

message = flag + "|" + key

encrypted = chr(random.randint(0, 128))

for i in range(0, len(message)):
encrypted += chr((ord(messageda[i]) + ord(key[i % len(key)]) + ord(encrypted[i])) % 128)

print(encrypted.encode('hex'))
#7c153a474b6a2d3f7d3f7328703e6c2d243a083e2e773c45547748667c1511333f4f745e

from z3 import *
return  "7c153a474b6a2d3f7d3f7328703e6c2d243a083e2e773c45547748667c1511333f4f745e".decode('hex')
print len(data)-15
s = [Int('flag_%d' % i) for i in range(len(data)-15)]
key = [Int('key_%d' % i) for i in range(13)]
pipe = Int("pipe")
solver = Solver()
for fla in s:
for ke in key:
for i,c in enumerate('TWCTF{'):
message = s+[pipe]+key
for i in range(1,len(data)):
index = i -1
byte = ord(data[i])
if solver.check()==sat:
fla = []
m = solver.model()
for i in s:
fla.append(chr(int(str(m[i]))))
print ''.join(fla)
print 'ok'

#### 0x3

BitVec类型

BitVecVal值之间不能进行>或<比较,只能转换成python认识的类型才可以比较
BitVec变量值之间可进行>或<或=或>=或<=的比较
z3中不允许列表与列表之间添加==约束条件

#!/usr/bin/env python3

import base64

def encrypt(plaintext, key):
plaintext += '|'
plaintext += key
key = key*(len(plaintext)//len(key))
key += key[:len(plaintext)-len(key)]
print len(key)
print len(plaintext)
cipher = ''.join(chr(ord(i)^ord(j)) for i,j in zip(plaintext, key))
cipher = base64.b64encode(cipher.encode('ascii'))
print cipher
return cipher.decode('ascii')

if __name__ == '__main__':
import sys
key = sys.argv[1]
plaintext = sys.argv[2]
print(encrypt(plaintext, key))

from z3 import *
import base64

def encrypt(plaintext, key):
plaintext += '|'
plaintext += key
key = key*(len(plaintext)//len(key))
key += key[:len(plaintext)-len(key)]

cipher = ''.join(chr(ord(i)^ord(j)) for i,j in zip(plaintext, key))
cipher = base64.b64encode(cipher.encode('ascii'))
return cipher.decode('ascii')

#z=11,y=17
ceshi_encrypted=encrypt("lalalanihaoflag{8989082399}","11122233344455566")

#encrypted=ceshi_encrypted
encrypted=timu_encrypted

cipher=base64.b64decode(encrypted.encode("ascii")).decode('ascii')
length=len(cipher)
cipher=[BitVecVal(ord(each),8) for each in cipher]
plain_line=[BitVec('p%d' % i,8) for i in range(length)]
key_line=[BitVec('k%d' % i,8) for i in range(length)]
prefix=[BitVecVal(ord(each),8) for each in "flag{"]
for y in range(1,length-7+1):
for z in range(0,length-y-7+1):
s=Solver()
for i in range(length):
32<=plain_line[i]
plain_line[i]<=126
32<=key_line[i]
key_line[i]<=126
plain_line[-y-1]==ord('|')
key=plain_line[-y:]
for i in range(length):
if s.check()==sat:
print("key_line:")
print(key_line)
print("plain_line:")
print(plain_line)
input("Congratulations!")

else:
print("try key len:%d,'flag{' index:%d" % (y,z))
continue

# 总结

08-10 1万+

03-22 2144

10-22 520

05-10 6489

11-28 5914

04-27 391

06-05 100

10-17 3977

09-26

06-18 1万+

04-24 864

02-07 1万+

12-06 385

09-22 1884

03-25 3087

01-16 284

09-06 3万+

05-26 1894

08-19 122

08-20 662

05-04 183

02-12 829

08-10 4430

03-25 1103

02-16 1770

07-21 61

05-07 64

04-30 2万+

02-09 2150

02-26 85

07-08 104

03-22 2万+

01-13

04-04 17

05-14 2782

12-15 23

02-05 9216

03-26 3万+

06-01 1587

02-25 37万+

11-27 642

03-23 4万+

11-06 5682

05-26 20

05-04 8490

03-13 3560

10-17 190

07-10 3577

02-05 79

08-30 2万+

05-17 611

03-22 4万+

12-08 701

11-04 253

03-22 37

08-02 1052

03-23 3万+

02-03 64

05-08 372

08-27 11

04-22 12

01-28 86

03-20 3万+

09-20 995

05-08 4万+

09-11 22

04-28 45

03-05 5万+

03-30 4万+

09-05 496

11-22 164

06-10 3

12-28 95

01-22 31

04-11 1655

04-25 6万+

04-20 31

05-22 14

03-19 5万+

#### !大部分程序员只会写3年代码

©️2019 CSDN 皮肤主题: 大白 设计师: CSDN官方博客