新手一枚,如有错误(不足)请指正,谢谢!!
题目下载:下载地址
先用peid查壳
nsp1的壳,exe可执行文件,打开od,F8单步一下,发现可以使用esp定律脱壳
然后下硬件断点
F9运行程序
F8单步
在这里对代码进行分析,删除分析
来到这里,继续单步
来到OEP
右键用od自带的脱壳工具脱壳
IDA载入脱壳后的程序
字符串中找到right,双击
交叉引用
F5伪代码之后
写脚本
#include <stdio.h>
int main(void)
{
int i;
char str1[] = "this_is_not_flag";
char str2[] = {0x12,0x4,0x8,0x14,0x24,0x5C,0x4A,0x3D,0x56,0x0A,0x10,0x67,0x0,0x41,0x0,0x1,0x46,0x5A,0x44,0x42,0x6E,0x0C,0x44,0x72,0x0C,0x0D,0x40,0x3E,0x4B,0x5F,0x2,0x1,0x4C,0x5E,0x5B,0x17,0x6E,0x0C,0x16,0x68,0x5B,0x12};
char flag[43] = {0};
for(i=0;i<42;i++)
flag[i] = str2[i] ^ str1[i%16];
puts(flag);
return 0;
}
得到flag
flag{59b8ed8f-af22-11e7-bb4a-3cf862d1ee75}
