[NPUCTF2020]Baby Obfuscation

一个字：爽！
真就层层去混淆代码 gcd,qpow,x-1...
题目给的代码特别冗余
仔细分析后发现其实就是一堆gcd,qpow,那个取反其实变着变着就变成-1了
还有一堆恒成立的条件或是恒不成立的条件 直接去掉即可
最终得到的变换核心代码:

v32 = 15;
  for ( j = 1; j <= 15; ++j )
  {
    v5 = ~Str[j-1];
    v6 = j-1;
    v30[j] = ~(v5 + v31[v6 % 4]);
    v7 = 1;
    v15 = 2;
    v16 = j-1;
    v30[j] ^= v31[v16 % 4];
    v30[j] =v30[j]*10;
  }

最后的check是看v30变换后是否与给定的常量数组满足某种关系 所以直接得到变换后的v30
前面的直接枚举逆向即可
solution.c

  v31[0] = 2;
  v31[1] = 3;
  v31[2] = 4;
  v31[3] = 5;
  v30[1004] = 2;
  v30[1005] = 3;
  v30[1006] = 4;
  v30[1007] = 5;
  v32 = 15;
  int _v30[]={780,780,850,590,800,640,1150,460 ,980 ,960 ,1170 ,530 ,970 ,1080 ,1250};
  for ( j = 1; j <= 15; ++j )
  {
  	  for(int x=32;x<=144;x++){
	    v5 = ~x;
	    int y=v30[j];
	    v6 = j-1;
	    y = ~(v5 + v31[v6 % 4]);
	    v7 = 1;
	    v15 = 2;
	    v16 = j-1;
	    y ^= v31[v16 % 4];
	    y =y*10;
	    if(y==_v30[j-1])
	    	{
				cout<<char(x);
				break;
			}
  	}
}