python-trade
运行一下
在线pyc反编译得到
import base64
def encode(message):
s = ''
for i in message:
x = ord(i) ^ 32
x = x + 16
s += chr(x)
return base64.b64encode(s)
correct = 'XlNkVmtUI1MgXWBZXCFeKY+AaXNt'
flag = ''
print 'Input flag:'
flag = raw_input()
if encode(flag) == correct:
print 'correct'
else:
print 'wrong'
(1)倒着推,第一个if说明输入值会在for循环中
所以base64解码,刚开始用的在线base64解码,得到的错误,然后用了Python的base64解码
import base64
a='XlNkVmtUI1MgXWBZXCFeKY+AaXNt'
b=base64.b64decode(a)
print(b)
在线base64输出**^SdVkT#S ]`Y!^)ism**
Python base64输出b’^SdVkT#S ]`Y\!^)\x8f\x80ism’
现在也没证明白为什么不一样
(2)x=x+16倒推x=x-16
a="b'^SdVkT#S ]`Y\\!^)\x8f\x80ism"
b=""
for i in range(0,len(a)):
b+=chr(ord(a[i])-16)
print(b)
输出RNCTF[DCMPILNpYc]
(4)异或
a="RNCTF[DCMPILNpYc]"
b=''
for i in range(0,len(a)):
b+=chr(ord(a[i]) ^ 32)
print(b)
输出r7nctf{d3c0mpil1n9_PyC}
flag是nctf{d3c0mpil1n9_PyC},很迷r7怎么来的,明明看wp一样思路,多出来r7