BUU[ACTF新生赛2020]easyre
作者:互联网
查壳后发现有个upx壳,那我们先脱壳去
之后他还会提示你用32位的ida打开,打开之后在main主函数里面找到了关键函数
1 __main();
2 qmemcpy(v4, "*F'\"N,\"(I?+@", sizeof(v4));
3 printf("Please input:");
4 scanf("%s", v6);
5 if ( v6[0] != 65 || v6[1] != 67 || v6[2] != 84 || v6[3] != 70 || v6[4] != 123 || v10 != 125 )
6 return 0;
7 v5[0] = v7;
8 v5[1] = v8;
9 v5[2] = v9;
10 for ( i = 0; i <= 11; ++i )
11 {
12 if ( v4[i] != _data_start__[*((char *)v5 + i) - 1] )
13 return 0;
14 }
15 printf("You are correct!");
16 return 0;
17 }
意思判断v4v5v6....v15这么多的东西是否都等于上面这串东西相对应减1的数。
如果正确的的话关键语句就可以理解成这种 v4[i]!=byte_402000[flag[i]-1]
1 byte_402000 = '~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPONMLKJIHGFEDCBA@?>=<;:9876543210/.-,+*)(\'&%$# !"'
2
3 v4 = [42,70,39,34,78,44,34,40,73,63,43,64]
4
5 flag = ''
6
7 for i in v4:
8 flag += chr(byte_402000.find(chr(i)) + 1)
9
10 print(flag)
代码就单的就这样就行,
套个flag就是答案
标签:402000,easyre,v4,v5,v6,2020,byte,main,ACTF 来源: https://www.cnblogs.com/lixin666/p/16103137.html