一.拖入ida,来静态分析F5大法好
要注意的点:
1._gmz_init_set_str() 这个函数,也是看师傅的wp,学到的,以后还是得多google,
本质上是这个函数:
int mpz_init_set_str (mpz_t rop, const char *str, int base) [Function]
将str以base进制送入rop的内存
2._gmpz_pown()这个函数
void mpz_powm (mpz_t rop, const mpz_t base, const mpz_t exp, const mpz_t mod) [Function]
rop的exp次方,对mod取模
已经很明显的是rsa加密,解开就好了。
import binascii
import sys
import gmpy2
import re
from Crypto.Util import number
sys.setrecursionlimit(1000000)
def ByteToHex(bins):
return ''.join(["%02X" % x for x in bins]).strip()
def n2s(num): #将数字转成字符串
t = hex(int(num))[2:-1] # python
if len(t) % 2 == 1:
t = '0' + t
return (binascii.a2b_hex(t).decode('latin1'))
#求f(n)
def egcd(a, b):
if a == 0:
return (b, 0, 1)
else:
g, y, x = egcd(b % a, a)
return (g, x - (b // a) * y, y)
def modinv(a, m):
g, x, y = egcd(a, m)
if g != 1:
raise Exception('modular inverse does not exist')
else:
return x % m
def getfn(p,q):
return (p-1)*(q-1)
#求n
def getn(p,q):
return p*q
#求d
def getd(e,fn):
k=0
while True:
if (fn*k+1)%e==0:
(d,m)=divmod(fn*k+1,e) #避免损失精度
return d
k+=1
e=65537
n=103461035900816914121390101299049044413950405173712170434161686539878160984549
p=282164587459512124844245113950593348271
q=366669102002966856876605669837014229419
c=0xad939ff59f6e70bcbfad406f2494993757eee98b91bc244184a377520d06fc35
# p=(psa+qsa)//2
# q=(psa-qsa)//2
d=gmpy2.invert(e,(p-1)*(q-1))
m=pow(c,int(d),n)
m=number.long_to_bytes(m)
print(m)
di=re.findall('\d+',str(m))
flag=""
for i in di:
flag+=chr(int(i,16))
print(flag)
