这是一个安卓逆向。
1.首先用APK-KILL打开,.在MainActivity中打开
array-data 2
0x54s
0x68s
0x69s
0x73s
0x49s
0x73s
0x54s
0x68s
0x65s
0x46s
0x6cs
0x61s
0x67s
0x48s
0x6fs
0x6ds
0x65s
.end array-data
.line 23
nop
:array_1
.array-data 2
0x70s
0x76s
0x6bs
0x71s
0x7bs
0x6ds
0x31s
0x36s
0x34s
0x36s
0x37s
0x35s
0x32s
0x36s
0x32s
0x30s
0x33s
0x33s
0x6cs
0x34s
0x6ds
0x34s
0x39s
0x6cs
0x6es
0x70s
0x37s
0x70s
0x39s
0x6ds
0x6es
0x6bs
0x32s
0x38s
0x6bs
0x37s
0x35s
0x7ds
.end array-data
.end method
2.可以发现有两部分十六进制的数据,用脚本将他们转化为字符串
a = [0x54,
0x68,
0x69,
0x73,
0x49,
0x73,
0x54,
0x68,
0x65,
0x46,
0x6C,
0x61,
0x67,
0x48,
0x6F,
0x6D,
0x65,
]
x = ""
for i in a:
x += chr(i)
print(x)
这一部分运行完会显示
ThisIsTheFlagHome
第二部分
a = [0x70,
0x76,
0x6b,
0x71,
0x7b,
0x6d,
0x31,
0x36,
0x34,
0x36,
0x37,
0x35,
0x32,
0x36,
0x32,
0x30,
0x33,
0x33,
0x6c,
0x34,
0x6d,
0x34,
0x39,
0x6c,
0x6e,
0x70,
0x37,
0x70,
0x39,
0x6d,
0x6e,
0x6b,
0x32,
0x38,
0x6b,
0x37,
0x35,
0x7d,
]
x = ""
for i in a:
x += chr(i)
print(x)
得到字符串,但是提交显示不正确。
因为习惯性会将pvkq改为flag提交,我们会发现
f后移10得到p,同理其他三位数字也一样,这也就是凯撒密码
model = "abcdefghijklmnopqrstuvwxyz"
str1 = "pvkq{m164675262033l4m49lnp7p9mnk28k75}"
for i in range(1,27):
print("key=%d"%i, end='\n')
for s in str1:
if s.isalpha():
n = model.find(s)
s = model[n-i]
print(s, end='')
print('\n')
得到flag{c164675262033b4c49bdf7f9cda28a75}