Reverse

题目:https://adworld.xctf.org.cn/challenges/details?hash=919a59d6-f42f-498a-a095-544eac546273_2&task_category_id=4

exp:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
v12 = [0 for i in range(25)]
v8 = 0
v5 = "1A2F943C4D8C5B6EA3C9BCAD7E"
for j in range(25):
    v2 = v5[j]
    v3 = v5[j+1]
    if ord(v2)-48 > 9: 
        v8 = ord(v2)-55
    else:
        v8 = ord(v2)
    v4 = v8 & 0xf #v2转16进制
    v51 = (ord(v3) - 55) & 0xf 
    if (ord(v3)-48) &0xff <=9:
        v51 = ord(v3) & 0xf # v51 = v3转16进制
    v12[j] = v51 | (16 * v4)

v9 = [0 for i in range(25)]
flag = [0 for i in range(25)]
v9[0] = 15
v9[1] = -121
v9[2] = 98
v9[3] = 20
v9[4] = 1
v9[5] = -58
v9[6] = -16
v9[7] = 33
v9[8] = 48
v9[9] = 17
v9[10] = 80
v9[11] = -48
v9[12] = -126
v9[13] = 35
v9[14] = -82
v9[15] = 35
v9[16] = -18
v9[17] = -87
v9[18] = -76
v9[19] = 82
v9[20] = 120
v9[21] = 87
v9[22] = 12
v9[23] = -122
v9[24] = -117
for i in range(25): # 可以简化
    if v9[i]>0:
        flag[i] = v9[i] ^ v12[i]
    elif v9[i]<0 and v12[i]<128:
        flag[i] = ((v9[i]+128)^v12[i])+2**7
    elif v9[i]<0 and v12[i]>128:
        flag[i] = (v9[i]+128)^(v12[i]-2**7)
    flag[i] = (flag[i]>>2) + (flag[i]%4 << 6)
    print(chr(flag[i]),end='')

考点是unsigned __int8和 signed __int8 在计算机中的存储方式,要考虑补码。

666

题目:https://adworld.xctf.org.cn/challenges/details?hash=b77f33bb-046b-4be9-8507-00dacd0358fc_2&task_category_id=4

exp:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
v3 = [0 for i in range(104)]
flag = [0 for i in range(18)]
enflag = 'izwhroz""w"v.K".Ni'
i = 0
v4 = 0
i = 0
key = 18

while i<key:
    v3[i + 64] = ord(enflag[i])
    v3[i + 33] = ord(enflag[i+1])
    v3[i + 2] = ord(enflag[i+2])
    flag[i] = (key ^ v3[i + 64]) - 6
    flag[i+1] = (key ^ v3[i + 33]) + 6
    flag[i+2] = v3[i + 2] ^ 6 ^ key
    i += 3

for i in range(18):
    print(chr(flag[i]),end='')

流浪者

题目:https://adworld.xctf.org.cn/challenges/details?hash=703754e8-4aef-4976-af09-25d41ecdd37d_2&task_category_id=4

exp:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
abc = "abcdefghiABCDEFGHIJKLMNjklmn0123456789opqrstuvwxyzOPQRSTUVWXYZ"
enflag = "KanXueCTF2019JustForhappy"
str1 = [ 0 for i in range(len(enflag))]
flag1 = [ 0 for i in range(len(enflag))]

v4 = 0
v3 = 0
for i in range(len(enflag)):
    for j in range(len(abc)):
        if enflag[i] == abc[j]:
            flag1[i] = j

for i in range(len(flag1)):
    if 0<=flag1[i]<=9:
        flag1[i] += 48
    elif 10<=flag1[i]<=35:
        flag1[i] += 87
    else:
        flag1[i]+= 29

for i in range(len(flag1)):
    print(chr(flag1[i]),end='')

Signin

题目:https://adworld.xctf.org.cn/challenges/details?hash=b9b2c51c-a545-4d2f-ba34-a58d8d040115_2&task_category_id=4

一眼RSA。