[原创] KCTF 2019 Q3 签到题 Writeup by Nu1L

14小时前 49

[原创] KCTF 2019 Q3 签到题 Writeup by Nu1L

输入用户名和大写16进制字符32位序列号,
检测格式,用户名生成一个东西,将用户名与序列号hexdecode后进行xor

【请输入您的用户名与序列号】
请输入用户名：KCTF
请输入序列号：8DA79EF3CED2B8FCCFB2BBB6CBEFBCE1
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
【验证正确！】

请按任意键继续. . .

>>> p = "F3A0FD8D8DE1FEB889808A8FF2D7FDA2".decode("hex")
>>> u = "5D78C3FDF21998AC"
>>> res = []
>>> for i in range(16):
...     res.append(ord(p[i]) ^ ord(u[i]))
...
>>> res
[198, 228, 202, 181, 206, 210, 184, 252, 207, 178, 187, 182, 203, 239, 188, 225]
>>> uu = "KCTF"
>>> for i in range(4):
...     res[i] ^= ord(uu[i])
...
>>> flag = ""
>>> for i in res:
...     flag += chr(i).encode("hex")
...
>>> flag
'8da79ef3ced2b8fccfb2bbb6cbefbce1'
>>> flag.upper()
'8DA79EF3CED2B8FCCFB2BBB6CBEFBCE1'

[培训]《安卓高级研修班》彻底搞定函数抽取型壳！现在报名得源码和安卓8.1脱壳机！10月20日深圳专场不见不散！