easyxor
程序无壳,直接使用ida进行分析,查看主函数
_main();
v11 = 0;
v9 = 0;
puts("Please input your flag:");
while ( 1 )
{
v8 = getchar();
if ( v8 == 10 )
break;
v7 = key[v9 % 4] ^ v8; //输入的字符,进行异或操作,得到v7
while ( 1 )
{
v4 = v7--; //循环v7次
if ( v4 <= 0 ) //此while循环是向s[]中输入v7个1
break;
v3 = v11++;
s[v3] = 1;
}
v5 = v11++; //输出v7个1后,使用0与下一串1隔开
s[v5] = 0;
++v9;
}
while ( v11 <= 2559 ) //输入的字符全部转化为1之后,不够2559个的话填充-1(255)
s[v11++] = -1;
for ( i = 0; i <= 2559; ++i )
{
if ( r[i] != s[i] ) //进行比较
{
puts("Lose lose lose!");
break;
}
}
if ( i == 2560 )
puts("Win win win!");
system("pause");
return 0;
}
逻辑比较清晰了,直接提取r[]中的数据,可以把后面255的部分直接删掉,对前面0,1进行解密
最后得到的结果再进行异或,得到flag
#include<stdio.h>
int main()
{
char key[]="SCNU";
int r[] =
{
//r数组太长了,请自行提取,舍去255的部分
};
int flag[100]={0};
int j=0;
int tag=0;
for(int i=0;i<sizeof(r)/4;i++)
{
if(r[i]==1)
{
tag++;
}else{
flag[j]=tag;
j++;
tag=0;
}
}
/* for(int i=0;i<100;i++)
{
printf("%d,",flag[i]);
}
flag={53,47,47,50,40,20,39,59,61,112,60,10,61,
115,58,10,31,115,61,102,33,28,109,40}
*/
int a[24]={53,47,47,50,40,20,39,59,61,112,60,10,61,
115,58,10,31,115,61,102,33,28,109,40};
int res[24]={0};
for(int i=0;i<24;i++)
{
res[i]=a[i]^key[i%4];
printf("%c",res[i]);
}
}
flag{Winn3r_n0t_L0s3r_#}