A. Check shell
Found to be 64-bit Linux file (ELF file can be seen to linux)
two drag ida64, static analysis.
Note that two pits:
1.strcpy copy string meaning defined above v8 only 8 array, but behind the string is more than 8, so it is possible to define the v8 is decompiled wrong (Well again, really wrong, do not control the array, the direct use of the original string like)
2._int 64 v7
first v7 into a string, it is understood that the individual steps bYTE is a byte pointer, just corresponds to a character, while the character to be reversed, because the memory is little-endian.
three. Algorithm analysis, write script
v7="harambe"
v6=7
v8=":\"AL_RT^L*.?+6/46"
str=""
for i in range(0,len(v8)):
str+=chr(ord((v7[i%7]))^ord(v8[i]))
print(str)
Get flag
