newstarctf2023 reverse 题解汇总
newstarctf2023 reverse 题解汇总
week1
easy_RE
die查
无壳 64 直接IDA启动
跟到main函数 找到两部分flag拼起来就行了。
flag{we1c0me_to_rev3rse!!}
ELF
die查
64 ELF IDA启动
稍微读一下
写个py逆一下它的加密就行了
flag{D0_4ou_7now_wha7_ELF_1s?}
import base64
a = "VlxRV2t0II8kX2WPJ15fZ49nWFEnj3V8do8hYy9t"
a = base64.b64decode(a)
#print(a)
ans = ""
for _ in a:
now = (ord(chr(_))-16)^0x20
ans += chr(now)
print(ans)
#flag{D0_4ou_7now_wha7_ELF_1s?}
Segments
die查ELF 64
根据提示直接IDA shift+F7查看段
拼一下
flag{You_ar3_g0od_at_f1nding_ELF_segments_name}
咳
die查
upx壳
脱一下
读一下加密过程写PY开逆
flag{C0ngratu1at10ns0nPa221ngTheF1rstPZGALAXY1eve1}
a = "gmbh|D1ohsbuv2bu21ot1oQb332ohUifG2stuQ[HBMBYZ2fwf2~"
ans = ""
for _ in a:
nw = chr(ord(_)-1)
ans += nw
print(ans)
#flag{C0ngratu1at10ns0nPa221ngTheF1rstPZGALAXY1eve1}
Endian
考察小端序
写py逆回去就好了
可能要用到.to_bytes(字节数,大端还是小段)
a = [0x75553A1E, 0x7B583A03, 0x4D58220C, 0x7B50383D, 0x736B3819]
flag = b''
for i in range(len(a)):
flag += (a[i]^0x12345678).to_bytes(4,'little')
print(flag)
# flag{llittl_Endian_a}
expe
首先文件被改了
对着正常的找找不同修一下
然后开逆加密就行
flag{Y0u_kn0w_what_1s_PE_File_F0rmat}
IDA ctrl+E 导出数据
python range(a,b,-1)实现逆向循环
enc = [0x0A, 0x0C, 0x04, 0x1F, 0x26, 0x6C, 0x43, 0x2D, 0x3C, 0x0C,
0x54, 0x4C, 0x24, 0x25, 0x11, 0x06, 0x05, 0x3A, 0x7C, 0x51,
0x38, 0x1A, 0x03, 0x0D, 0x01, 0x36, 0x1F, 0x12, 0x26, 0x04,
0x68, 0x5D, 0x3F, 0x2D, 0x37, 0x2A, 0x7D]
l = len(enc)
for i in range(l-2,-1,-1):
enc[i] = enc[i]^i^enc[i+1]
for i in enc:
print(chr(i),end="")
AndroXor
跟mainactivity
逆一下加密过程就行
flag{3z_And0r1d_X0r_x1x1}
str2 = "happyx3"
cArr = [14,ord('\r'),17,23,2,ord('K'),ord('I'),ord('7'),ord(' '),30,20,
ord('I'),ord('\n'),2,ord('\f'),ord('>'),ord('('),ord('@'),11,ord('\''),
ord('K'),ord('Y'),25,ord('A'),ord('\r')]
ans = ""
for i in range (0, 25):
charAt = chr(cArr[i]^ord(str2[i%7]))
ans += charAt
print(ans)
#flag{3z_And0r1d_X0r_x1x1}
lazy_activity
进flagactivity
直接搜就找到了
flag{Act1v1ty_!s_so00oo0o_Impor#an#}
week2
PZthon
py逆向
先进行pyinstxtractor解开exe
然后反汇编得到源码
flag{Y0uMade1tThr0ughT2eSec0ndPZGALAXY1eve1T2at1sC001}
enc = [115,121,116,114,110,76,37,96,88,116,113,112,36,97,65,125,103,37,96,114,125,65,39,112,70,112,118,37,123,113,69,79,82,84,89,84,77,76,36,112,99,112,36,65,39,116,97,36,102,86,37,37,36,104,]
for i in enc:
print(chr(i^21),end="")
#flag{Y0uMade1tThr0ughT2eSec0ndPZGALAXY1eve1T2at1sC001}
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 25岁的心里话
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· 零经验选手,Compose 一天开发一款小游戏!
· 一起来玩mcp_server_sqlite,让AI帮你做增删改查!!