re刷題第九天
0x00 tt3441810
知識點:彙編硬編碼
題目給出了一堆十六進制,轉換爲彙編看下,發現第一句是push 0x666c
,之後進行了一些異或,加操作,emmm。。。看不太懂。想起來push在這裏的十六進制是0x68
,所以把0x68
後兩個字節的內容提取出來就是flag
0x01 gametime
額。。。這個題說實話我不明白在考察什麼東西,我tcl。題目是一個小遊戲,定義了我們必須要根據規則來輸入字符.
s-->' '
x-->'x'
m-->'m'
全部輸入正確就會給出flag
0x02 APK-逆向2
知識點:.net逆向、socket
用ILSpy
反編譯一下,監聽了下本機的31337
端口拿到flag。
namespace Rev_100
{
internal class Program
{
private static void Main(string[] args)
{
string hostname = "127.0.0.1";
int port = 31337;
TcpClient tcpClient = new TcpClient();
try
{
Console.WriteLine("Connecting...");
tcpClient.Connect(hostname, port);
}
catch (Exception)
{
Console.WriteLine("Cannot connect!\nFail!");
return;
}
Socket client = tcpClient.Client;
string text = "Super Secret Key";
string text2 = Program.read();
client.Send(Encoding.ASCII.GetBytes("CTF{"));
string text3 = text;
for (int i = 0; i < text3.Length; i++)
{
char x = text3[i];
client.Send(Encoding.ASCII.GetBytes(Program.search(x, text2)));
}
client.Send(Encoding.ASCII.GetBytes("}"));
client.Close();
tcpClient.Close();
Console.WriteLine("Success!");
}
private static string read()
{
string fileName = Process.GetCurrentProcess().MainModule.FileName;
string[] array = fileName.Split(new char[]
{
'\\'
});
string path = array[array.Length - 1];
string result = "";
using (StreamReader streamReader = new StreamReader(path))
{
result = streamReader.ReadToEnd();
}
return result;
}
private static string search(char x, string text)
{
int length = text.Length;
for (int i = 0; i < length; i++)
{
if (x == text[i])
{
int value = i * 1337 % 256;
return Convert.ToString(value, 16).PadLeft(2, '0');
}
}
return "??";
}
}
}