脱壳
这篇博客里有详细讲解:
手撕Nspack3.7(北斗)壳
拖进ida
很简单,就一次异或,分别找出两组数组
代码
#include <iostream>
int main()
{
char unsigned a[]= {
0x74, 0x68, 0x69 ,0x73 ,0x5F, 0x69 ,0x73 ,0x5F, 0x6E, 0x6F, 0x74, 0x5F ,0x66, 0x6C ,0x61 ,0x67 };
char unsigned b[] = {
0x12, 4, 8, 0x14, 0x24, 0x5c, 0x4a, 0x3d, 0x56, 0xa, 0x10, 0x67, 0,
0x41, 0, 1, 0x46, 0x5a, 0x44, 0x42, 0x6e, 0x0c,
0x44, 0x72, 0x0c, 0x0d, 0x40, 0x3e, 0x4b, 0x5f, 2, 1, 0x4c, 0x5e,
0x5b, 0x17, 0x6e, 0xc, 0x16, 0x68, 0x5b, 0x12, 0x48, 0x0e };
char flag[42];
for (int i = 0; i < 42; i++) {
flag[i] = a[i % 16] ^ b[i];
std:: cout << flag[i];
}
}
flag{
59b8ed8f-af22-11e7-bb4a-3cf862d1ee75}