【逆向分析】BUUCTF 逆向题目 Java逆向解密
2023-12-3 00:3:4 Author: 利刃信安攻防实验室(查看原文) 阅读量:8 收藏

BUUCTF 逆向题目 Java逆向解密

题目地址:

https://buuoj.cn/challenges#Java%E9%80%86%E5%90%91%E8%A7%A3%E5%AF%86

https://files.buuoj.cn/files/22ddfaaeadab32fe72719e254a0b127e/818a93f3-78b6-4e8d-a5b5-4c492695cef4.zip

class文件,先转换成java代码

https://github.com/abc123info/BlueTeamTools/releases

import java.util.ArrayList;import java.util.Scanner;
public class Reverse { public static void main(String[] args) { Scanner s = new Scanner(System.in); System.out.println("Please input the flag \uff1a"); String str = s.next(); System.out.println("Your input is \uff1a"); System.out.println(str); char[] stringArr = str.toCharArray(); Encrypt(stringArr); }
public static void Encrypt(char[] arr) { ArrayList<Integer> Resultlist = new ArrayList();
for(int i = 0; i < arr.length; ++i) { int result = arr[i] + 64 ^ 32; Resultlist.add(result); }
int[] KEY = new int[]{180, 136, 137, 147, 191, 137, 147, 191, 148, 136, 133, 191, 134, 140, 129, 135, 191, 65}; ArrayList<Integer> KEYList = new ArrayList();
for(int j = 0; j < KEY.length; ++j) { KEYList.add(KEY[j]); }
System.out.println("Result:"); if (Resultlist.equals(KEYList)) { System.out.println("Congratulations\uff01"); } else { System.err.println("Error\uff01"); }
}}

分析代码可知,用户输入flag后,flag中每一位都加64 ^ 32得到KEY

KEY = 180, 136, 137, 147, 191, 137, 147, 191, 148, 136, 133, 191, 134, 140, 129, 135, 191, 65

用python3写代码反推flag

import sys
def decrypt(KEY): original_flag = ''.join(chr(key_value - 64 ^ 32) for key_value in KEY) return original_flag
def main(): KEY = [180, 136, 137, 147, 191, 137, 147, 191, 148, 136, 133, 191, 134, 140, 129, 135, 191, 65]
decrypted_flag = decrypt(KEY)
sys.stdout.buffer.write(f"Decrypted flag:\n{decrypted_flag}\n".encode('utf-8'))
if __name__ == "__main__": main()

用C++代码反推flag

#include <iostream>#include <vector>
void decrypt(const std::vector<int>& KEY) { std::string originalFlag;
for (int j = 0; j < KEY.size(); ++j) { int original = KEY[j] - 64 ^ 32; originalFlag += static_cast<char>(original); }
std::cout << "Decrypted flag:\n" << originalFlag << std::endl;}
int main() { std::vector<int> KEY = {180, 136, 137, 147, 191, 137, 147, 191, 148, 136, 133, 191, 134, 140, 129, 135, 191, 65}; decrypt(KEY);
return 0;}

flag{This_is_the_flag_!}

文章来源: http://mp.weixin.qq.com/s?__biz=MzU1Mjk3MDY1OA==&mid=2247508371&idx=2&sn=2cab9a102aa2cf9c7de4c7e9143b40cb&chksm=fbfb115ecc8c98486d1bd0f4a26393976d0da8ad12fc74bf606832979828e9c1a4b08699f5db&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh