TOC

wtclwtclwtcl拖后腿一级选手哭

xx_warmup_obf

加了混淆不能直接f5,但是很容易能找到各种乘法和比较的区域,猜测是check的代码,算出第一个字符是f,所以就是解方程。汇编手抄有点麻烦,可以将每个jz指令和jz的目的地址之间的代码直接nop,这样就能f5了,复制出来稍微修改一下即可。

from z3 import *

solver = Solver()

s = [Int('s%i' % i) for i in range(0x1c)]
solver.add(23925 * s[0] == 2440350 )
solver.add(281400 * s[1] - 7037 * s[0] == 29673426 )
solver.add(174826 * s[0] - 255300 * s[2] - 283573 * s[1] == -37557732 )
solver.add(259881 * s[2] + -98445 * s[1] - 276718 * s[0] + 4524 * s[3] == -13182867 )
solver.add(285576 * s[2]
+ -274569 * s[3]
+ 94721 * s[0]
- 228216 * s[4]
- 60353 * s[1] == -25506885 )
solver.add(260927 * s[3]
+ -5496 * s[1]
+ -294195 * s[4]
+ 264844 * s[2]
+ 125853 * s[5]
- 153661 * s[0] == 13075233 )
solver.add(17630 * s[0]
+ -258397 * s[3]
+ -244952 * s[1]
+ -244086 * s[2]
+ -130259 * s[5]
- 190371 * s[6]
- 109961 * s[4] == -111027477 )
solver.add(117817 * s[5]
+ 268397 * s[7]
+ -198175 * s[1]
+ 18513 * s[2]
+ 218992 * s[6]
+ -6727 * s[3]
+ 228408 * s[0]
+ 224658 * s[4] == 78775012 )
solver.add(-288418 * s[3]
+ -218493 * s[7]
+ -236774 * s[0]
+ 77982 * s[2]
+ 190784 * s[4]
+ -84462 * s[1]
+ 92684 * s[8]
+ 52068 * s[5]
- 243023 * s[6] == -52520267 )
solver.add(-196269 * s[8]
+ -64473 * s[7]
+ -142792 * s[5]
+ 171321 * s[4]
+ -39259 * s[9]
+ -269632 * s[2]
+ 229049 * s[6]
+ 96631 * s[3]
- 280754 * s[1]
- 168397 * s[0] == -70797046 )
solver.add(-235026 * s[4]
+ 162669 * s[8]
+ -256202 * s[1]
+ -32946 * s[9]
+ -25900 * s[2]
+ 195039 * s[10]
+ 182157 * s[3]
+ 292706 * s[0]
+ -93524 * s[5]
+ 121516 * s[6]
+ 165207 * s[7] == 28263339 )
solver.add(-131770 * s[6]
+ -92964 * s[9]
+ -111160 * s[8]
+ -258188 * s[7]
+ 133728 * s[1]
+ -272650 * s[5]
+ -4940 * s[10]
+ 272791 * s[3]
+ 80519 * s[2]
+ -165434 * s[11]
+ 50166 * s[0]
+ 148713 * s[4] == -22025185 )
solver.add(-262820 * s[4]
+ 9710 * s[10]
+ 71182 * s[12]
+ -184125 * s[1]
+ -100280 * s[6]
+ 62018 * s[11]
+ 141532 * s[9]
+ -138253 * s[8]
+ 20489 * s[0]
+ -214348 * s[2]
+ 162962 * s[3]
- 93199 * s[7]
+ 147171 * s[5] == -31396844 )
solver.add(-55254 * s[8]
+ 220404 * s[12]
+ -86956 * s[10]
+ -200702 * s[5]
+ -51437 * s[1]
+ 25739 * s[6]
+ 122945 * s[3]
+ 116256 * s[7]
+ 22859 * s[4]
+ -61880 * s[9]
+ -119275 * s[2]
+ -224754 * s[13]
- 75412 * s[0]
+ 59999 * s[11] == -37063008 )
solver.add(111310 * s[0]
+ 198502 * s[3]
+ -189890 * s[13]
+ 278745 * s[5]
+ 157462 * s[9]
+ 135809 * s[4]
+ -2621 * s[2]
+ 67553 * s[6]
+ 144834 * s[1]
+ -88326 * s[11]
+ -228149 * s[10]
+ 233663 * s[14]
+ -249960 * s[12]
+ 300012 * s[8]
+ 91783 * s[7] == 93457153 )
solver.add(15897 * s[0]
+ -11943 * s[13]
+ 194067 * s[3]
+ 125666 * s[2]
+ 104421 * s[12]
+ -181764 * s[5]
+ -233813 * s[8]
+ -235783 * s[4]
+ 230636 * s[11]
+ 148005 * s[6]
+ -48167 * s[14]
+ -163572 * s[9]
+ 54553 * s[10]
+ -129997 * s[1]
+ 114175 * s[7]
- 251681 * s[15] == -36640750 )
solver.add(-90549 * s[3]
+ -228520 * s[14]
+ 34835 * s[10]
+ -203538 * s[15]
+ 272318 * s[13]
+ -68478 * s[8]
+ 22454 * s[9]
+ 74128 * s[12]
+ 70051 * s[6]
+ -289940 * s[7]
+ -52501 * s[5]
+ -1254 * s[4]
+ 154844 * s[11]
+ 254969 * s[2]
+ -39495 * s[1]
+ 277429 * s[16]
- 132752 * s[0] == -6628237 )
solver.add(128092 * s[11]
+ -5873 * s[17]
+ -144172 * s[3]
+ -148216 * s[13]
+ 189050 * s[2]
+ 66107 * s[5]
+ 237987 * s[0]
+ -53271 * s[9]
+ -86968 * s[12]
+ -94616 * s[10]
+ -247882 * s[8]
+ -5107 * s[1]
+ 55085 * s[15]
+ 10792 * s[14]
+ -112241 * s[4]
+ -36680 * s[16]
- 210718 * s[7]
- 249539 * s[6] == -53084017 )
solver.add(-186088 * s[2]
+ 19517 * s[13]
+ -65515 * s[5]
+ 195447 * s[1]
+ 145470 * s[14]
+ 58825 * s[16]
+ 272227 * s[15]
+ -155443 * s[8]
+ 100397 * s[3]
+ -238861 * s[18]
+ 84628 * s[7]
+ 1337 * s[17]
+ 156976 * s[12]
+ -74209 * s[4]
+ 175077 * s[11]
+ 134548 * s[0]
+ -280672 * s[6]
+ 12264 * s[10] + 56937 * s[9] == 60764977 )
solver.add(-58873 * s[7] + -283834 * s[9]
+ 159144 * s[13]
+ -199631 * s[0]
+ 54404 * s[16]
+ -190345 * s[8]
+ 176103 * s[3]
+ 137206 * s[17]
+ -170051 * s[6]
+ 281718 * s[11]
+ 137214 * s[14]
+ -104395 * s[19]
+ -122090 * s[4]
+ 162065 * s[15]
+ -36580 * s[18]
+ 245858 * s[12]
+ -18520 * s[10]
+ -138274 * s[1]
+ 139185 * s[2] - 197535 * s[5] == 4912728 )
solver.add(293345 * s[9] + 63329 * s[13] + 74470 * s[8]
+ -72984 * s[11]
+ -162393 * s[20]
+ 150036 * s[15]
+ 127913 * s[19]
+ 181147 * s[16]
+ 27751 * s[6]
+ -239133 * s[1]
+ -28337 * s[17]
+ 108149 * s[0]
+ 148338 * s[2]
+ 38137 * s[18]
+ -199427 * s[14]
+ -97284 * s[4]
+ -39775 * s[3]
+ -109205 * s[10]
+ 270604 * s[5]
- 193384 * s[12] + 168963 * s[7] == 45577809 )
solver.add(45637 * s[6]
+ 111858 * s[17]
+ 244009 * s[19]
+ -188979 * s[8]
+ -220539 * s[16]
+ 246135 * s[2]
+ -174651 * s[14]
+ 179514 * s[4]
+ 153071 * s[15]
+ -207716 * s[21]
+ 64641 * s[7]
+ 293781 * s[12]
+ 263208 * s[10]
+ 44675 * s[1]
+ 131692 * s[3]
+ 109605 * s[11]
+ 293201 * s[5]
+ -98937 * s[9]
+ 60492 * s[20]
+ -273571 * s[13]
- 38942 * s[0]
- 285946 * s[18] == 77539017 )
solver.add(-160726 * s[9]
+ 234971 * s[18]
+ 32897 * s[4]
+ -206184 * s[11]
+ -86224 * s[20]
+ 92896 * s[22]
+ 295735 * s[15]
+ -58530 * s[0]
+ -197632 * s[13]
+ -21957 * s[17]
+ -43684 * s[6]
+ -141434 * s[10]
+ -194890 * s[1]
+ -148390 * s[21]
+ 105293 * s[14]
+ 76213 * s[3]
+ 9791 * s[12]
+ -258754 * s[8]
+ 59119 * s[16]
+ 255675 * s[2]
+ -130852 * s[7]
- 71444 * s[5]
+ 127285 * s[19] == -38197685 )
solver.add(205675 * s[20]
+ 197685 * s[1]
+ 144870 * s[4]
+ 120347 * s[10]
+ 202621 * s[14]
+ -236806 * s[17]
+ 268813 * s[3]
+ 191822 * s[23]
+ -40848 * s[6]
+ 103466 * s[7]
+ -211930 * s[5]
+ -180522 * s[19]
+ -188959 * s[15]
+ -238839 * s[21]
+ 281705 * s[11]
+ 175825 * s[16]
+ -44618 * s[12]
+ 196370 * s[0]
+ 89330 * s[22]
+ -133696 * s[8]
+ -60213 * s[2]
+ 191404 * s[18]
- 291063 * s[9]
+ 13902 * s[13] == 67763764 )
solver.add(69341 * s[15]
+ -19740 * s[21]
+ 62004 * s[10]
+ 29334 * s[8]
+ -78459 * s[1]
+ -261617 * s[3]
+ 115716 * s[22]
+ 7838 * s[16]
+ -173902 * s[14]
+ 115189 * s[9]
+ 234832 * s[7]
+ -54321 * s[5]
+ -268221 * s[20]
+ -210563 * s[18]
+ -161113 * s[13]
+ -199130 * s[23]
+ -94067 * s[24]
+ 9601 * s[11]
+ -8509 * s[12]
+ 14439 * s[2]
+ -243227 * s[19]
+ 37665 * s[17]
+ 91076 * s[6]
- 85246 * s[0]
+ 39558 * s[4] == -98330271 )
solver.add(38468 * s[19]
+ -75568 * s[2]
+ 169299 * s[22]
+ -252915 * s[3]
+ 32044 * s[24]
+ -260264 * s[8]
+ -111200 * s[1]
+ -78437 * s[20]
+ -212633 * s[16]
+ 180400 * s[5]
+ -81477 * s[12]
+ 232645 * s[0]
+ -65268 * s[4]
+ 263000 * s[6]
+ 247654 * s[25]
+ -242059 * s[17]
+ -35931 * s[9]
+ -271816 * s[21]
+ 10191 * s[13]
+ 41768 * s[23]
+ 92844 * s[7]
+ -73366 * s[14]
+ -124307 * s[10]
+ 197710 * s[18]
+ 226192 * s[15]
+ 3788 * s[11] == -13464859 )
solver.add(-23897 * s[9]
+ -188087 * s[24]
+ -254282 * s[15]
+ -102361 * s[23]
+ -15606 * s[14]
+ -74795 * s[21]
+ 116581 * s[12]
+ 77693 * s[5]
+ -6866 * s[25]
+ 215574 * s[22]
+ 231326 * s[6]
+ 77915 * s[2]
+ 186585 * s[3]
+ 219151 * s[4]
+ 271210 * s[13]
+ -78913 * s[20]
+ 83918 * s[8]
+ -153409 * s[18]
+ -84952 * s[7]
+ -121854 * s[0]
+ -253617 * s[26]
+ -213665 * s[19]
+ -293146 * s[17]
+ -166693 * s[16]
+ -206964 * s[1]
- 155664 * s[10]
+ 180598 * s[11] == -55504393 )
solver.add(264405 * s[11]
+ 135302 * s[12]
+ 278196 * s[9]
+ -132906 * s[23]
+ 138308 * s[7]
+ 40423 * s[21]
+ 157781 * s[0]
+ -38949 * s[27]
+ -143324 * s[14]
+ -120743 * s[10]
+ 77375 * s[5]
+ -164339 * s[3]
+ 167370 * s[25]
+ -225830 * s[4]
+ -136952 * s[2]
+ -14347 * s[8]
+ 6966 * s[26]
+ 88628 * s[18]
+ 138998 * s[22]
+ 147747 * s[19]
+ -106792 * s[6]
+ -113009 * s[20]
+ 98136 * s[15]
+ 231264 * s[24]
+ -109447 * s[17]
+ 258890 * s[1]
+ 167885 * s[16]
+ 246315 * s[13] == 133068723 )
print(solver.check())
res = solver.model()
flag = ""
for a in s:
flag = flag + chr(int(str(res[a])))
print(flag) 

imitation_game

first part: AES加密,CBC模式

# -*- coding:utf-8 -*-
from Crypto.Cipher import AES
import binascii
def padding(s,n):
len1 = len(s)
n1 = len1 % n
s += chr(0x1a)*(49-n1)
s += chr(0)*(0x40-len(s))
return s

def de_aes_cbc(s,k):
if len(s) % 16 != 0:
    s = padding(s,16)
key = k
iv = " !\"#$%&'()*+,-./"
ci = AES.new(key,AES.MODE_CBC,iv)
return ci.decrypt(s)

def en_aes_cbc(s,k):
s = padding(s,0x40)
key = k
iv = " !\"#$%&'()*+,-./"
print(len(k), len(iv))
ci = AES.new(key,AES.MODE_CBC,iv)
return ci.encrypt(s)

target = [0x9D, 0x7B, 0xA2, 0x3C, 0xB1, 0x09, 0x9A, 0x48, 0x41, 0xD1, 0x66, 0x63, 0xD6, 0xAE, 0x3C, 0xAB, 0x1F, 0x44, 0x0E, 0x33, 0xFB, 0xB5, 0xB8, 0xA9, 0x02, 0x65, 0x83, 0xD9, 0x47, 0x30, 0x6D, 0x24, 0xB0, 0x75, 0x79, 0xD5, 0xCC, 0x80, 0x0E, 0x67, 0x11, 0x62, 0x4C, 0xF1, 0xF5, 0xAF, 0x9E, 0x69, 0x93, 0x69, 0x7C, 0x48, 0xAD, 0xD3, 0x45, 0x29, 0x68, 0xBA, 0xED, 0x9A, 0x70, 0xA0, 0xD1, 0x0D]
strs = "".join(chr(i) for i in target)
print(de_aes_cbc(strs,"\x3E\x2C\x25\x13\x18\xBE\xC3\x6B\xA1\x37\x24\x53\x03\x1E\x51\xEC").rstrip(chr(0x1a)))
# 6c8f1d78770fe672122478c6f9a150e0

second part: https://github.com/mattmikolay/chip-8/wiki/CHIP%E2%80%908-Instruction-Set https://www.anquanke.com/post/id/172217#h3-6 https://github.com/cj1128/chip8-emulator 后半段启动了一个chip-8模拟器,加载game.bin运行一个游戏。输入10个16进制数进行校验。 题目模拟器的逻辑和https://github.com/cj1128/chip8-emulator基本类似,只有ret指令的实现和chip8-emulator不同。 安全客有篇文章提供了chip-8 IDA processor,加载之后可以反汇编看题目的逻辑。 首先获得10个输入,输出到屏幕上,输入存储在v0-v9寄存器上;之后首先对10个输入逐个做加法或者异或操作,再三个一组的做乘法求和;最后校验乘法和是否和固定值相等。写脚本爆破就能获得后半段flag。

cmp_list = [0x21, 0x2a, 0x30, 0x37, 0x37, 0x3b, 0x1f, 0x16, 0x20, ]
multi_list = [
[1, 2, 1],
[2, 1, 1],
[1, 2, 2],
[1, 2, 1],
[2, 1, 1],
[1, 2, 2],
[1, 2, 1],
[2, 1, 1],
[1, 2, 2]
]

flag = "6c8f1d78770fe672122478c6f9a150e0"

for n in xrange(3):
for i in xrange(32):
    for j in xrange(32):
        for k in xrange(32):
            if n == 0:
                x = i + 2
                y = j + 1
                z = (k+1) ^ 1
            if n == 1:
                x = i + 3
                y = j + 2
                z = (k^2)+1
            if n == 2:
                x = i + i
                y = j + 1
                z = (k^1)+1

            if cmp_list[3*n] == x * multi_list[3*n][0] + y * multi_list[3*n][1] + z * multi_list[3*n][2] \
            and cmp_list[3*n+1] == x * multi_list[3*n+1][0] + y * multi_list[3*n+1][1] + z * multi_list[3*n+1][2] \
            and cmp_list[3*n+2] == x * multi_list[3*n+2][0] + y * multi_list[3*n+2][1] + z * multi_list[3*n+2][2] :
                print "%x%x%x" % (i, j, k)
                flag += "%x%x%x" % (i, j, k)
            
flag += "3"
print "flag{%s}" % flag