题目:
<?php
$miwen="a1zLbgQsCESEIqRLwuQAyMwLyq2L5VwBxqGA3RQAyumZ0tmMvSGM2ZwB4tws";
function encode($str){
$_o=strrev($str); //反转字符串
// echo $_o;
for($_0=0;$_0<strlen($_o);$_0++){
$_c=substr($_o,$_0,1); //循环获取字符串中的每个字符
$__=ord($_c)+1; //将获取到的字符串进行ASCII编码并+1
$_c=chr($__); //将+1后的ASCII解码为字符
$_=$_.$_c; //将每次解码后的字符拼接起来
}
return str_rot13(strrev(base64_encode($_)));
//将$_先base64加密,然后反转字符串,最后rot13加密
}
highlight_file(__FILE__);
/*
逆向加密算法,解密$miwen就是flag
*/
?>
由题可知,这是根据加密代码,进行解密获得flag
加密过程:
(1)使用strrev函数反转字符串
(2)将(1)获得到的字符串进行循环,获取每一位字符进行ASCII编码并+1,最后拼接
(3)将循环获得到的最后的值base64_encode
(4)再字符转反转
(5)最后进行rot13解密
解密过程就反过来
解密过程:
(1)先将已经被rot13加密的字符串解密
(2)将获得的结果反转字符串
(3)再进行base64_decode解密
(4)再将(3)获得到的字符串进行循环,获取字符串中的每个字符串并ASCII编码-1,最后拼接
(5)最后将(4)获得到的字符串进行反转字符串
解密代码:
<?php
function decode(){
$a="a1zLbgQsCESEIqRLwuQAyMwLyq2L5VwBxqGA3RQAyumZ0tmMvSGM2ZwB4tws";
$b=str_rot13($a);
echo $b."\n";
//n1mYotDfPRFRVdEYjhDNlZjYld2Y5IjOkdTN3EDNlhzM0gzZiFTZ2MjO4gjf
$fanzhuan=strrev($b);
echo $fanzhuan."\n";
//fjg4OjM2ZTFiZzg0MzhlNDE3NTdkOjI5Y2dlYjZlNDhjYEdVRFRPfDtoYm1n
$jiema=base64_decode($fanzhuan);
echo $jiema."\n";
//~88:36e1bg8438e41757d:29cgeb6e48c`GUDTO|;hbmg
for($_0=0;$_0<strlen($jiema);$_0++){
$_c=substr($jiema,$_0,1);
$__=ord($_c)-1;
$_c=chr($__);
$_=$_.$_c;
}
$result=strrev($_);
echo($result);
}
decode();
?>
输出:
n1mYotDfPRFRVdEYjhDNlZjYld2Y5IjOkdTN3EDNlhzM0gzZiFTZ2MjO4gjf
fjg4OjM2ZTFiZzg0MzhlNDE3NTdkOjI5Y2dlYjZlNDhjYEdVRFRPfDtoYm1n
~88:36e1bg8438e41757d:29cgeb6e48c`GUDTO|;hbmg
flag:{NSCTF_b73d5adfb819c64603d7237fa0d52977}
PHP Notice: Undefined variable: _ in /usercode/file.php on line 18
