BUUCTF [BJDCTF2020]BJD hamburger competition

第一次接触 Unity的逆向题
这种关键代码一般都在image

dnspy打开 搜索关键词 buttton
找到 ButtonSpawnFruit类
image
条件是sha1(str)="..."
我们可以直接枚举所有可能的变化(注意python的sha1是小写而题目的判断是大写!)

from hashlib import *
from random import *

def Get_SHA1(s):
    sha_1 = sha1(s.encode('utf-8'))
    return sha_1.hexdigest()

secret = 997

while True:
    num = secret
    process = ""
    for count in range(4):
        choice = randint(1,7)
        if choice == 1:
            num = num - 127
        if choice == 2:
            num = num * 3
        if choice == 3:
            num = num ^ 18
        if choice == 4:
            num = num + 29
        if choice == 5:
            num = num - 47
        if choice == 6:
            num = num * 5
        if choice == 7:
            num = num ^ 87
        process += str(choice)
    num ^= 127
    print(num,Get_SHA1(str(num)))
    if Get_SHA1(str(num)) == 'dd01903921ea24941c26a48f2cec24e0bb0e8cc7':
        print(num)
        print(process)
        print(md5(str(num).encode('utf-8')).hexdigest())
        break
# b8c37e33defde51cf91e1e03e51657da

最后secret=1001
我们将md5转成大写提交发现不对 查看题目的MD5
image
可以看到这里取了substr(0,20)所以截取前20位即可

posted @ 2023-10-05 10:23  N0zoM1z0  阅读(44)  评论(0编辑  收藏  举报