https://buuoj.cn/challenges#[ACTF%E6%96%B0%E7%94%9F%E8%B5%9B2020]usualCrypt
32 Microsoft Visual C++ v.5-6.0 - no sec. Cab.7z.Zip - 2020-01-26
诶,能不能用 UTF 不用 GBK 啊,老是乱码……
来来来,Give me your flag:
int __cdecl main(int argc, const char **argv, const char **envp)
{
int v3; // esi
char code[12]; // [esp+8h] [ebp-74h] BYREF
__int16 v6; // [esp+14h] [ebp-68h]
char v7; // [esp+16h] [ebp-66h]
char input[100]; // [esp+18h] [ebp-64h] BYREF
print((int)&givemeyourfalg);
scanf("%s", input);
memset(code, 0, sizeof(code));
v6 = 0;
v7 = 0;
base64((int)input, strlen(input), (int)code);
v3 = 0;
while ( code[v3] == cipher[v3] )
{
if ( ++v3 > strlen(code) )
goto LABEL_6;
}
print((int)aError);
LABEL_6:
if ( v3 - 1 == strlen(cipher) )
return print((int)aAreYouHappyYes);
else
return print((int)aAreYouHappyNo);
}base64加密 有魔改两个地方:
换表:
int change_map()
{
int result; // eax
char v1; // cl
for ( result = 6; result < 15; ++result )
{
v1 = map[result + 10];
map[result + 10] = map[result];
map[result] = v1;
}
return result;
}map = map[0:6] + map[16:26] + map[6:16] + map[26:]输出变换:
int __cdecl sub_401030(const char *a1)
{
__int64 v1; // rax
char v2; // al
v1 = 0i64;
if ( strlen(a1) )
{
do
{
v2 = a1[HIDWORD(v1)];
if ( v2 < 97 || v2 > 122 )
{
if ( v2 < 65 || v2 > 90 )
goto LABEL_9;
LOBYTE(v1) = v2 + 32;
}
else
{
LOBYTE(v1) = v2 - 32;
}
a1[HIDWORD(v1)] = v1;
LABEL_9:
LODWORD(v1) = 0;
++HIDWORD(v1);
}
while ( HIDWORD(v1) < strlen(a1) );
}
return v1;
}可以看出是大小写互换,打个脚本写回去
import string
for i in range(len(cipher)):
if cipher[i] in string.ascii_lowercase:
cipher = cipher[:i] + cipher[i].upper() + cipher[i+1:]
elif cipher[i] in string.ascii_uppercase:
cipher = cipher[:i] + cipher[i].lower() + cipher[i+1:]
print(cipher)map: ABCDEFQRSTUVWXYZGHIJKLMNOPabcdefghijklmnopqrstuvwxyz0123456789+/
cipher: ZmxhZ3tiGNXlXjHfaDTzN2FfK3LycRTpc2L9
丢到在线解密里就行了 http://web.chacuo.net/netbasex
>la?{bAse64_h2s_a_Surprise}