[61dctf]bbencode

题目

flag = open("flag", "r").read().strip()
assert len(flag) == 32
def str2num(s):
    return int(s.encode('hex'), 16)
def bbencode(n):
    a = 0
    for i in bin(n)[2:]:
        a = a << 1
        if (int(i)):
            a = a ^ n
        if a >> 256:
            a = a ^ 0x10000000000000000000000000000000000000000000000000000000000000223L
    return a

print bbencode(str2num(flag))

#result:61406787709715709430385495960238216763226399960658358000016620560764164045692

  

可以看到算法是异或然后位移,当a长度为257bits时,结束并异或一个key

可以理解为在 2^(256) 下的一个环,遍历2^256一定可以找到原文

但是实际上并不需要遍历2^256这么多次

类似于流密码生成器一样,并不是256位就会生成2**256的密钥流

简单爆破就出来了

#flag = open("flag", "r").read().strip()
#assert len(flag) == 32
def str2num(s):
	return int(s.encode('hex'), 16)
def num2str(n):
	return str(hex(n)[2:-1])
def bbencode(n):
	a = 0
	for i in bin(n)[2:]:
		a = a << 1
		if (int(i)):
			a = a ^ n
		if a >> 256:
			a = a ^ 0x10000000000000000000000000000000000000000000000000000000000000223L
	return a


#print bbencode(str2num(flag))

#result:61406787709715709430385495960238216763226399960658358000016620560764164045692
flag = 61406787709715709430385495960238216763226399960658358000016620560764164045692
for i in range(2**16):
	flag = bbencode(flag)
	if 'flag'.encode('hex') in num2str(flag):
		print num2str(flag).decode('hex')

  

 

posted @ 2020-04-21 17:37  S4tan  阅读(834)  评论(3编辑  收藏  举报