IDF实验室-python ByteCode writeup
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了IDF实验室-python ByteCode writeup相关的知识,希望对你有一定的参考价值。
题目地址:http://ctf.idf.cn/index.php?g=game&m=article&a=index&id=45
下载来发现是crackme.pyc
可以用uncompyle2反编译。也可以直接http://tool.lu/pyc/在这个网站反编译。
得到源代码:
1 #!/usr/bin/env python 2 # encoding: utf-8 3 # 如果觉得不错,可以推荐给你的朋友!http://tool.lu/pyc 4 5 def encrypt(key, seed, string): 6 rst = [] 7 for v in string: 8 rst.append((ord(v) + seed ^ ord(key[seed])) % 255) 9 seed = (seed + 1) % len(key) 10 11 return rst 12 13 if __name__ == ‘__main__‘: 14 print "Welcome to idf‘s python crackme" 15 flag = input(‘Enter the Flag: ‘) 16 KEY1 = ‘Maybe you are good at decryptint Byte Code, have a try!‘ 17 KEY2 = [ 18 124, 19 48, 20 52, 21 59, 22 164, 23 50, 24 37, 25 62, 26 67, 27 52, 28 48, 29 6, 30 1, 31 122, 32 3, 33 22, 34 72, 35 1, 36 1, 37 14, 38 46, 39 27, 40 232] 41 en_out = encrypt(KEY1, 5, flag) 42 if KEY2 == en_out: 43 print ‘You Win‘ 44 else: 45 print ‘Try Again !‘
程序加密函数:
1 def encrypt(key, seed, string): 2 rst = [] 3 for v in string: 4 rst.append((ord(v) + seed ^ ord(key[seed])) % 255) 5 seed = (seed + 1) % len(key)
flag加密后与KEY2比较 一样的话输出You Win
本来想逆向,但弄不来,就直接爆破了。
a-z A-Z 0-9 加上符号 可以有AscII码遍历,然后编码转换回来,加入数组。
然后加密,与KEY数组的值比较。
代码如下:
#!/usr/bin/env python # encoding: utf-8 def encrypt(key, seed, string): for v in string: a = (ord(v) + seed ^ ord(key[seed]) % 255) return a KEY1 = ‘Maybe you are good at decryptint Byte Code, have a try!‘ KEY2 = [ 124, 48, 52, 59, 164, 50, 37, 62, 67, 52, 48, 6, 1, 122, 3, 22, 72, 1, 1, 14, 46, 27, 232] s=[] seed=5; key= ‘Maybe you are good at decryptint Byte Code, have a try!‘ for i in range(33,127): j = chr(i) s.append(j) for i in range(23): for j in s: aa = encrypt(key,seed,j) if aa == KEY2[i]: print j seed = (seed + 1) % len(key)
要注意的是seed 的改变要在flag与KEY2比较后。
以上是关于IDF实验室-python ByteCode writeup的主要内容,如果未能解决你的问题,请参考以下文章