龙岩网站建设要多久,wordpress仿人人网,沃噻网站建设流程,云游戏网页文章目录 前言题目分析and复习过程exp 前言
羊城杯题目复现#xff1a; 第一题 知识点 #xff1a;DES算法 #xff1a; 链接#xff1a;Ez加密器 第二题 知识点 #xff1a;动态调试 #xff1a; 链接#xff1a;CSGO
这一题的查缺补漏#xff1a; 虚假控制流的去除… 文章目录 前言题目分析and复习过程exp 前言
羊城杯题目复现 第一题 知识点 DES算法 链接Ez加密器 第二题 知识点 动态调试 链接CSGO
这一题的查缺补漏 虚假控制流的去除还没学习 MD5加密算法的原理链接MD5加密算法原理 python 字典的使用刚学点
题目分析and复习过程 ida打开到main函数里面发现都是虚假控制流的混淆还不知道怎么去除先Shift F12 搜索字符串 看到success的同时还看到下面一大堆相同长度的十六进制字符串想到哈希hash
用插件Findcrypt看看 可以看到的确是使用了MD5加密算法同时看看这个md5是被谁调用了可以看到调用了俩次。 修改一下名字依次查看下 第一次调用是在main 函数的 第 112 行 第二次调用是在sub_402370函数的第61行
而sub_402370函数是main函数的最后一行sub_402370函数执行的最后就是比较并且输出success或error。
这里可以猜测 就是 进行了 俩次md5 的 加密。
exp
编写exp的思路就是对单字节进行俩次md5加密然后和enc进行验证如果验证通过就将字节存入字典中。
import hashlib
import itertoolsenc [14d89c38cd0fb23a14be2798d449c182, a94837b18f8f43f29448b40a6e7386ba, af85d512594fc84a5c65ec9970956ea5,af85d512594fc84a5c65ec9970956ea5, 10e21da237a4a1491e769df6f4c3b419, a705e8280082f93f07e3486636f3827a,297e7ca127d2eef674c119331fe30dff, b5d2099e49bdb07b8176dff5e23b3c14, 83be264eb452fcf0a1c322f2c7cbf987,a94837b18f8f43f29448b40a6e7386ba, 71b0438bf46aa26928c7f5a371d619e1, a705e8280082f93f07e3486636f3827a,ac49073a7165f41c57eb2c1806a7092e, a94837b18f8f43f29448b40a6e7386ba, af85d512594fc84a5c65ec9970956ea5,ed108f6919ebadc8e809f8b86ef40b05, 10e21da237a4a1491e769df6f4c3b419, 3cfd436919bc3107d68b912ee647f341,a705e8280082f93f07e3486636f3827a, 65c162f7c43612ba1bdf4d0f2912bbc0, 10e21da237a4a1491e769df6f4c3b419,a705e8280082f93f07e3486636f3827a, 3cfd436919bc3107d68b912ee647f341, 557460d317ae874c924e9be336a83cbe,a705e8280082f93f07e3486636f3827a, 9203d8a26e241e63e4b35b3527440998, 10e21da237a4a1491e769df6f4c3b419,f91b2663febba8a884487f7de5e1d249, a705e8280082f93f07e3486636f3827a, d7afde3e7059cd0a0fe09eec4b0008cd,488c428cd4a8d916deee7c1613c8b2fd, 39abe4bca904bca5a11121955a2996bf, a705e8280082f93f07e3486636f3827a,3cfd436919bc3107d68b912ee647f341, 39abe4bca904bca5a11121955a2996bf, 4e44f1ac85cd60e3caa56bfd4afb675e,45cf8ddfae1d78741d8f1c622689e4af, 3cfd436919bc3107d68b912ee647f341, 39abe4bca904bca5a11121955a2996bf,4e44f1ac85cd60e3caa56bfd4afb675e, 37327bb06c83cb29cefde1963ea588aa, a705e8280082f93f07e3486636f3827a,23e65a679105b85c5dc7034fded4fb5f, 10e21da237a4a1491e769df6f4c3b419, 71b0438bf46aa26928c7f5a371d619e1,af85d512594fc84a5c65ec9970956ea5, 39abe4bca904bca5a11121955a2996bf]# 生成所有ASCII可见字符
characters abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 !#$%\()*,-./:;?[\\]^_{|}~
combinations itertools.product(characters, repeat1)
# 创建一个字典以存储已知哈希值和对应的原始字符
hashes_dict {hash_val: None for hash_val in enc}
# 遍历所有组合计算哈希值并与已知的哈希值进行比较
for combo in combinations:plaintext .join(combo)hash0 hashlib.md5(hashlib.md5(plaintext.encode()).hexdigest().encode()).hexdigest()if hash0 in enc:hashes_dict[hash0] plaintext
flag
for i in enc:flag hashes_dict[i]print(fOriginal Text for Hash {i}: {hashes_dict[i]})
print(flag)
Original Text for Hash 14d89c38cd0fb23a14be2798d449c182: H
Original Text for Hash a94837b18f8f43f29448b40a6e7386ba: e
Original Text for Hash af85d512594fc84a5c65ec9970956ea5: l
Original Text for Hash af85d512594fc84a5c65ec9970956ea5: l
Original Text for Hash 10e21da237a4a1491e769df6f4c3b419: o
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash 297e7ca127d2eef674c119331fe30dff: C
Original Text for Hash b5d2099e49bdb07b8176dff5e23b3c14: t
Original Text for Hash 83be264eb452fcf0a1c322f2c7cbf987: f
Original Text for Hash a94837b18f8f43f29448b40a6e7386ba: e
Original Text for Hash 71b0438bf46aa26928c7f5a371d619e1: r
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash ac49073a7165f41c57eb2c1806a7092e: V
Original Text for Hash a94837b18f8f43f29448b40a6e7386ba: e
Original Text for Hash af85d512594fc84a5c65ec9970956ea5: l
Original Text for Hash ed108f6919ebadc8e809f8b86ef40b05: c
Original Text for Hash 10e21da237a4a1491e769df6f4c3b419: o
Original Text for Hash 3cfd436919bc3107d68b912ee647f341: m
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash 65c162f7c43612ba1bdf4d0f2912bbc0: T
Original Text for Hash 10e21da237a4a1491e769df6f4c3b419: o
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash 3cfd436919bc3107d68b912ee647f341: m
Original Text for Hash 557460d317ae874c924e9be336a83cbe: y
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash 9203d8a26e241e63e4b35b3527440998: M
Original Text for Hash 10e21da237a4a1491e769df6f4c3b419: o
Original Text for Hash f91b2663febba8a884487f7de5e1d249: v
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash d7afde3e7059cd0a0fe09eec4b0008cd: a
Original Text for Hash 488c428cd4a8d916deee7c1613c8b2fd: n
Original Text for Hash 39abe4bca904bca5a11121955a2996bf: d
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash 3cfd436919bc3107d68b912ee647f341: m
Original Text for Hash 39abe4bca904bca5a11121955a2996bf: d
Original Text for Hash 4e44f1ac85cd60e3caa56bfd4afb675e: 5
Original Text for Hash 45cf8ddfae1d78741d8f1c622689e4af: (
Original Text for Hash 3cfd436919bc3107d68b912ee647f341: m
Original Text for Hash 39abe4bca904bca5a11121955a2996bf: d
Original Text for Hash 4e44f1ac85cd60e3caa56bfd4afb675e: 5
Original Text for Hash 37327bb06c83cb29cefde1963ea588aa: )
Original Text for Hash a705e8280082f93f07e3486636f3827a: _
Original Text for Hash 23e65a679105b85c5dc7034fded4fb5f: w
Original Text for Hash 10e21da237a4a1491e769df6f4c3b419: o
Original Text for Hash 71b0438bf46aa26928c7f5a371d619e1: r
Original Text for Hash af85d512594fc84a5c65ec9970956ea5: l
Original Text for Hash 39abe4bca904bca5a11121955a2996bf: d
Hello_Ctfer_Velcom_To_my_Mov_and_md5(md5)_world
