insanity
对新手极其友好的送分题
1.拖进IDA
2.Shift+F12
3.Ctrl+F输入flag得到flag
9447{This_is_a_flag}
open-source
#include <stdio.h>
#include <string.h>
int main(int argc, char *argv[]) {
/*if (argc != 4) {
printf("what?\n");
exit(1);
}
unsigned int first = atoi(argv[1]);
if (first != 0xcafe) {
printf("you are wrong, sorry.\n");
exit(2);
}
unsigned int second = atoi(argv[2]);
if (second % 5 == 3 || second % 17 != 8) {
printf("ha, you won't get it!\n");
exit(3);
}
if (strcmp("h4cky0u", argv[3])) {
printf("so close, dude!\n");
exit(4);
}
printf("Brr wrrr grr\n");*/
unsigned int hash = 0xcafe * 31337 + (25 % 17) * 11 + 7 - 1615810207;
//由题意得first = 0xcafe second = 25(猜测) 第三个参数为“h4cky0u”的长度等于7
printf("Get your key: ");
printf("%x\n", hash);
return 0;
}
运行得flag:
c0ffee
simple-unpack
菜鸡拿到了一个被加壳的二进制文件(加壳?不存在的)
这题不用去壳都可以做
- 解法一
1.拖进IDA选择用二进制文件打开
2.shift+F12,Ctrl+F查找字符串flag
双击进入或者单机后将筛选框的flag删掉
得flag:flag{Upx_1s_n0t_a_d3liv3r_c0mp4ny}
-
解法二
kali脱壳(习惯windows的自查Windows脱壳这里不做累述)
脱壳后用IDA打开,flag直接出来了
flag{Upx_1s_n0t_a_d3liv3r_c0mp4ny}
logmein
在v7长整数上按一下R键转换为字符串型
小端序得v7=“harambe”;
然后根据后面的算法得出代码:
#include<iostream>
#include<cstring>
using namespace std;
int main(){
char v7[] = "harambe";
char v8[] = ":\"AL_RT^L*.?+6/46";
for(int i=0;i<strlen(v8);i++){
v8[i] = v8[i]^v7[i%7];
}
cout<<v8;
}
得出flag:
RC3-2016-XORISGUD
python-trade
运行一下发现就是让你输入一个flag然后验证正确与否
二话不说,pyc反编译在线工具
需要注意的是这个网站反编译下来是有两串相同的代码的,复制一段就可
#!/usr/bin/env python
# encoding: utf-8
import base64
def encode(message):
s = ''
for i in message:
x = ord(i) ^ 32
x = x + 16
s += chr(x)
return base64.b64encode(s)
correct = 'XlNkVmtUI1MgXWBZXCFeKY+AaXNt'
flag = ''
print 'Input flag:'
flag = raw_input()
if encode(flag) == correct:
print 'correct'
else:
print 'wrong'
观察源码发现flag经过:
- 取ASCII码值
- 与32异或
- 转化为ASCII字符
这里唯一需要了解的就是异或运算的逆运算还是异或运算 即:X ^ 32 ^ 32 = X
再一个