题目链接:https://pan.baidu.com/s/1ihUShawo9-21IwSYhq7NiA 密码:jrou
题目逻辑很简单,将输入在函数sub_4005B6()进行处理,然后和dword_601060数组中的数据比较。
看一下,sub_4005B6函数,逻辑也很简单。
我们把byte_6010C0处存放的15000个数据dump下来,然后写脚本即可得到flag。
arr = open("E://data","rb").read() flag = [0xc4,0x34,0x22,0xb1,0xd3,0x11, 0x97,0x07,0xdb,0x37,0xc4,0x06, 0x1d,0xfc,0x5b,0xed,0x98,0xdf, 0x94,0xd8,0xb3,0x84,0xcc,0x08] for i in range(14997,-1,-3): a = arr[i] b = arr[i+1] c = arr[i+2] if(a == 1): flag[b] -= c flag[b] = flag[b]&0xff if(a == 2): flag[b] += c flag[b] = flag[b] & 0xff if(a == 3): flag[b] ^= c flag[b] = flag[b] & 0xff if(a == 4): flag[b] /= c flag[b] = flag[b] & 0xff if(a == 5): flag[b] ^= flag[c] flag[b] = flag[b] & 0xff print(''.join(map(chr,flag)))