python-trade
题目来源: NJUPT CTF 2017
题目描述:菜鸡和菜猫进行了一场Py交易
下载下来发现是pyc文件,也就是python的字节码文件
首先通过命令uncompyle6 python_trade.pyc > trade.py 将字节码反编译成源码
源码如下:
# uncompyle6 version 3.7.4 # Python bytecode 2.7 (62211) # Decompiled from: Python 3.8.5 (tags/v3.8.5:580fbb0, Jul 20 2020, 15:43:08) [MSC v.1926 32 bit (Intel)] # Embedded file name: 1.py # Compiled at: 2017-06-03 10:20:43 import base64 def encode(message): s = '' for i in message: x = ord(i) ^ 32 x = x + 16 s += chr(x) return base64.b64encode(s) correct = 'XlNkVmtUI1MgXWBZXCFeKY+AaXNt' flag = '' print 'Input flag:' flag = raw_input() if encode(flag) == correct: print 'correct' else: print 'wrong' # okay decompiling python-trade.pyc
可以看到correct是由正确的flag将每个字符先异或32再加上16组成的字符串base64编码得到的
因此反过来,只需要把它base64解码,然后每个字符先减16再异或32即可得到flag
nctf{d3c0mpil1n9_PyC}