2022年HGAME中REVERSE的upx magic 0
下载附件:
.
.
照例扔入 exeinfope 中查看信息:
.
.
照例扔入虚拟机中运行一下,查看主要回显信息:
.
.
照例扔入 IDA64 中查看伪代码,有 main 函数看 main 函数:
.
.
最后的爆破代码:
arr=[0x8d68,0x9d49,0x2a12,0xab1a,0xcbdc,0xb92b,0x2e32,0x9f59,0xddcd,0x9d49,0xa90a,0xe70,0xf5cf,0xa50,0x5af5,0xff9f,0x9f59,0xbd0b,0x58e5,0x3823,0xbf1b,0x78a7,0xab1a,0x48c4,0xa90a,0x2c22,0x9f59,0x5cc5,0x5ed5,0x78a7,0x2672,0x5695]
flag=""
for a in arr:
#for i in range(32):
for j in range(32,128):
#v12=((j+i)<<8)&0xff #搞错了我草,v16+i是取字符啊我草
v12=((j<<8)&0xffff)
for k in range(8):
if (v12&0x8000)!=0:
v12=((2*v12)^0x1021)&0xffff #涉及运算的都要进行截断处理
else:
v12=(v12*2)&0xffff
if a==v12:
flag+=chr(j)
print('hgame{'+flag+'}')
.
.
解毕!
敬礼!