hackme总结:
首先得到反编译的代码就很简单:
__int64 sub_400F8E()
{
char v1[136]; // [rsp+10h] [rbp-B0h]
int v2; // [rsp+98h] [rbp-28h]
char v3; // [rsp+9Fh] [rbp-21h]
int v4; // [rsp+A0h] [rbp-20h]
unsigned __int8 v5; // [rsp+A6h] [rbp-1Ah]
char v6; // [rsp+A7h] [rbp-19h]
int v7; // [rsp+A8h] [rbp-18h]
int v8; // [rsp+ACh] [rbp-14h]
int v9; // [rsp+B0h] [rbp-10h]
int v10; // [rsp+B4h] [rbp-Ch]
_BOOL4 v11; // [rsp+B8h] [rbp-8h]
int i; // [rsp+BCh] [rbp-4h]
sub_407470((unsigned __int64)"Give me the password: ");
sub_4075A0((unsigned __int64)"%s");
for ( i = 0; v1[i]; ++i )
;
v11 = i == 22;
v10 = 10;
do
{
v7 = (signed int)sub_406D90() % 22;
v9 = 0;
v6 = byte_6B4270[v7];
v5 = v1[v7];
v4 = v7 + 1;
v8 = 0;
while ( v8 < v4 )
{
++v8;
v9 = 1828812941 * v9 + 12345;
}
v3 = v9 ^ v5;
if ( v6 != ((unsigned __int8)v9 ^ v5) )
v11 = 0;
--v10;
}
while ( v10 );
if ( v11 )
v2 = sub_407470((unsigned __int64)"Congras\n");
else
v2 = sub_407470((unsigned __int64)"Oh no!\n");
return 0LL;
}
首先这个随机函数一直是我没猜出来的,但是从v10大概可以推断出来这个是个随机函数,因为只验证验证10次嘛,
大体上的逻辑还是可以看的很清楚的。