2021.6.1萌新赛 re wp

比赛做了两道,剩下有道sm4加密,只不过要去平坦化控制流,本来以前做xctf环境都搭好了,可以用deflat.py去,结果现在又用不了了。。。。难受,还有两道apk题,确实apk做得少,不当做得来。

re_signin

中午放学回来做起得,还没放hint,后来放了hint,难度直接下降。

还是pyc先转py,然后看逻辑

实际上后面还有个位移量为13的凯撒

脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

#include<stdio.h>

void BubbleSort(int a[], int len)
{
int i, j, temp,n=0;
for (j = 0; j < len - 1; j++)
{
for (i = 0; i < len - 1 - j; i++)
if (a[i] > a[i + 1])
{
temp = a[i];
a[i] = a[i + 1];
a[i + 1] = temp;
n++;
}
}
printf("%c",n);
}

int main()
{
int arr[24][22] = {{73, 69, 60, 20, 64, 68, 99, 4, 36, 9, 91, 42, 75, 43, 8, 77, 55, 70, 84, 37, 3, 93},
{85, 46, 47, 99, 58, 35, 83, 3, 57, 18, 52, 17, 97, 16, 6, 51, 84, 62, 1, 41, 88, 87},
{97, 34, 31, 80, 19, 57, 10, 84, 4, 50, 43, 63, 65, 88, 30, 72, 21, 36, 27, 41, 86, 79},
{31, 23, 68, 67, 30, 47, 27, 40, 73, 63, 11, 89, 18, 5, 9, 74, 88, 38, 8, 20, 50, 83},
{88, 5, 85, 82, 36, 74, 6, 15, 40, 55, 95, 8, 84, 47, 96, 33, 25, 29, 77, 67, 26, 39},
{54, 53, 0, 37, 66, 91, 39, 38, 57, 6, 47, 28, 49, 92, 29, 85, 88, 84, 90, 13, 35, 52},
{80, 18, 26, 91, 10, 52, 11, 99, 85, 75, 60, 48, 36, 74, 55, 51, 86, 49, 89, 29, 82, 16},
{35, 70, 42, 44, 18, 65, 84, 71, 26, 14, 38, 28, 21, 86, 20, 54, 30, 11, 66, 10, 69, 77},
{71, 25, 43, 23, 29, 6, 33, 44, 5, 30, 32, 18, 47, 13, 76, 8, 83, 87, 57, 26, 16, 19},
{29, 51, 7, 62, 94, 32, 57, 1, 71, 84, 92, 16, 18, 19, 56, 52, 40, 80, 98, 44, 82, 33},
{67, 14, 93, 91, 78, 80, 7, 37, 10, 82, 38, 83, 23, 27, 17, 76, 74, 18, 66, 24, 99, 43},
{29, 56, 44, 54, 70, 31, 10, 38, 8, 85, 18, 22, 32, 49, 2, 21, 50, 5, 25, 48, 90, 84},
{23, 33, 90, 7, 42, 71, 25, 58, 5, 47, 54, 18, 97, 72, 2, 1, 68, 64, 76, 85, 69, 49},
{77, 67, 52, 31, 35, 6, 56, 94, 81, 23, 78, 50, 15, 10, 28, 69, 43, 91, 82, 72, 99, 38},
{20, 47, 52, 27, 73, 64, 9, 62, 3, 57, 2, 97, 44, 35, 89, 10, 18, 29, 58, 56, 74, 84},
{66, 11, 76, 91, 70, 9, 6, 75, 32, 71, 44, 48, 88, 20, 98, 97, 79, 63, 47, 78, 60, 81},
{43, 13, 70, 23, 31, 69, 52, 30, 2, 78, 0, 37, 73, 93, 18, 1, 51, 62, 25, 68, 65, 87},
{24, 86, 29, 0, 93, 51, 53, 47, 16, 40, 94, 98, 88, 64, 41, 83, 44, 35, 45, 75, 17, 46},
{33, 12, 63, 77, 25, 24, 47, 58, 6, 89, 97, 27, 21, 96, 92, 50, 82, 76, 5, 62, 56, 44},
{12, 36, 16, 44, 19, 62, 43, 80, 58, 98, 69, 97, 1, 7, 49, 26, 70, 34, 53, 13, 65, 48},
{51, 74, 76, 98, 33, 78, 44, 45, 4, 65, 99, 84, 80, 93, 37, 56, 77, 9, 6, 94, 52, 88},
{80, 38, 88, 66, 7, 40, 70, 24, 2, 12, 76, 18, 57, 73, 58, 83, 33, 17, 89, 69, 77, 67},
{18, 53, 14, 24, 94, 42, 61, 75, 62, 60, 73, 2, 65, 48, 80, 23, 44, 91, 7, 0, 31, 71},
{16, 54, 87, 75, 8, 23, 33, 56, 22, 63, 1, 2, 25, 6, 84, 80, 4, 49, 17, 42, 14, 43}};
int i = 0;

for(i=0;i<24;i++)
{
BubbleSort(&arr[i][0], 22);
}
return 0;
}
//synt{jrypbzr_gb_arjfpgs}

然后凯撒位移13,得到flag{welcome_to_newsctf}

1+1的签到题

考点,upx脱壳,伪随机数,变表base64,变表base58

先看伪随机数,系统不同产生的随机数也会不一样,这里我为了方便,直接就动调得到的随机数。

脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
#include<stdio.h>

int main()
{
int v2;
__int64 a1;
int i;
char ch;
v2=0xBD46588;
a1=(__int64)(0x1d7ccbb80^0xBD46588^0x235FFFA864 ^ 0x67B7940F53);

for(i=0;i<5;i++)
{
ch=a1>>((4-i)*8)&0xff;
putchar(ch);
}
}
//E4sy?

接下来就是两个secret

secret1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

import base58

code='ZoJPRqxMfvzxNqu'

table1='ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz123456789'
table2='123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
code2=''
flag=''
for i in range(len(code)):
for j in range(len(table1)):
if code[i]==table1[j]:
code2+=table2[j]
break
#print(code2)
flag=base58.b58decode(code2)
print(flag)
#_Up_t0_Y0u!

secret2

1
2
3
4
5
6
7

str1 ='ITFDNG5nejSVfUFcfGssbjVcIR=='
string1 = 'ABCDEFGHIJKMNLOPRSTUVQWYXZabefghicdjklmnopqtuvwrsxyz0123456789+/'
string2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"

print(base64.b64decode(str1.translate(str.maketrans(string1, string2))))
#!!C0ngr4Tu1atl0n5!!

得到flag{Eys4?_Up_t0_Y0u!!!C0ngr4Tu1atl0n5!!}

Qsay

文件有3个,一个key,一个dll,一个exe。根据后面分析dll可以知道key是sm4的key,exe是密文,32个字节,dll是sm4加密过程,可以用findcryto插件找到特征值。

定位到加密函数,发现。

感觉用了平坦化控制流,但是用delat.py没去掉,然后直接用sm4脚本解,解不出来,怀疑魔改了数据。去看数据,一对比,确实魔改了。

然后用自己之前写的sm4脚本解密,也可以用GitHub上的https://github.com/Leeyuxun/C-SM4

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182

#include<stdio.h>

unsigned int FK[4] = {
0xa3b1bac6,
0x56aa3350,
0x677d9197,
0xb27022dc
};

/******************************定义固定参数CK的取值****************************************/
unsigned int CK[32] = {

0x00070e15,0x1c232a31,0x383f464d,0x545b6269,
0x70777e85,0x8c939aa1,0xa8afb6bd,0xc4cbd2d9,
0xe0e7eef5,0xfc030a11,0x181f262d,0x343b4249,
0x50575e65,0x6c737a81,0x888f969d,0xa4abb2b9,
0xc0c7ced5,0xdce3eaf1,0xf8ff060d,0x141b2229,
0x30373e45,0x4c535a61,0x686f787d,0x848b9299,
0xa0a7aeb5,0xbcc3cad1,0xd8dfe6ed,0xf4fb0209,
0x10171e25,0x2c333a41,0x484f565d,0x646b7279
};

/******************************SBox参数列表****************************************/
unsigned char SBOX[256] = {

0xC6,0x90,0xe9,0xfe,0xcc,0xe1,0x3F,0xb7,0x16,0xb6,0x14,0xc2,0x28,0xfb,0x2c,0x05,
0x2b,0x67,0x9a,0x76,0x2C,0xbe,0x04,0xc3,0xaa,0x44,0x13,0x26,0x49,0x86,0x06,0x99,
0x9c,0x42,0x50,0xf4,0x91,0xef,0x98,0x7a,0x33,0x54,0x0b,0x43,0xed,0xcf,0xac,0x62,
0xe4,0xb3,0x1c,0xa9,0xc9,0x08,0xe8,0x95,0x80,0xdf,0x94,0xfa,0x75,0x8f,0x3f,0xa6,
0x47,0x07,0xa7,0xfc,0xf3,0x73,0x17,0xba,0x83,0x59,0x3c,0x19,0xe6,0x85,0x4f,0xa8,
0x68,0x6b,0x81,0xb2,0x71,0x64,0xda,0x8b,0xf8,0xeb,0x0f,0x4b,0x70,0x56,0x9d,0x35,
0x1e,0x24,0x0e,0x5e,0x63,0x58,0xd1,0xa2,0x25,0x22,0x7c,0x3b,0x01,0x21,0x78,0x87,
0xd4,0x00,0x46,0x57,0x9f,0xd3,0x27,0x52,0x4c,0x36,0x02,0xe7,0xa0,0xc4,0xc8,0x9e,
0xea,0xbf,0x8a,0xd2,0x40,0xc7,0x38,0xb5,0xa3,0xf7,0xf2,0xce,0xf9,0x61,0x15,0xa1,
0xe0,0xae,0x5d,0xa4,0x9b,0x34,0x1a,0x55,0xad,0x93,0x32,0x30,0xf5,0x8c,0xb1,0xe3,
0x1d,0xf6,0xe2,0x2e,0x82,0x66,0xca,0x60,0xc0,0x29,0x23,0xab,0x0d,0x53,0x4e,0x6f,
0xd5,0xdb,0x37,0x45,0xde,0xfd,0x8e,0x2f,0x03,0xff,0x6a,0x72,0x6d,0x6c,0x5b,0x51,
0x8d,0x1b,0xaf,0x92,0xbb,0xdd,0xbc,0x7f,0x11,0xd9,0x5c,0x41,0x1f,0x10,0x5a,0xd8,
0x0a,0xc1,0x31,0x88,0xa5,0xcd,0x7b,0xbd,0x2d,0x74,0xd0,0x12,0xb8,0xe5,0xb4,0xb0,
0x89,0x69,0x97,0x4a,0x0c,0x96,0x77,0x7e,0x65,0xb9,0xf1,0x09,0xc5,0x6e,0xc6,0x84,
0x18,0xf0,0x7d,0xec,0x3a,0xdc,0x4d,0x20,0x79,0xee,0x5f,0x3e,0xd7,0xcb,0x39,0x48
};

void long_to_char(unsigned int in ,unsigned char *out)
{
int i;

for(i=0;i<4;i++)
{
out[i]=(unsigned char)(in>>(24-i*8))&0xff;
}
}
void char_to_long(unsigned char *in , unsigned int *out)
{
int i;
*out=0;
for(i=0;i<4;i++)
{
*out = (unsigned int)in[i]<<(24-8*i)|(*out);
}
}

unsigned int left_move(unsigned int a,int lenth)
{
a=(a<<lenth) | a>>(32-lenth);
return a;
}

unsigned int date_round(unsigned int tmp)
{
int i;
unsigned char arr[4]={0};
long_to_char(tmp,arr);

for(i=0;i<4;i++)
{
arr[i]=SBOX[arr[i]];
}
char_to_long(arr,&tmp);
tmp = tmp ^ left_move(tmp, 2) ^ left_move(tmp, 10) ^ left_move(tmp, 18) ^ left_move(tmp, 24);

return tmp;
}

void sm4_encode(unsigned char *plain,unsigned int sub_key[],unsigned char out[])
{
int i;
unsigned int date[36];

for(i=0;i<4;i++)
{
char_to_long(plain+i*4,date+i);
}

for(i=0;i<32;i++)
{
date[i+4]=date[i]^date_round(date[i+1]^date[i+2]^date[i+3]^sub_key[i+4]);
}

for(i=0;i<4;i++)
{
long_to_char(date[35-i],out+i*4);
}

}

void sm4_decode(unsigned char *code,unsigned int sub_key[],unsigned char out[])
{
int i;
unsigned int date[36];

for(i=0;i<4;i++)
{
char_to_long(code+i*4,date+i);
}

for(i=0;i<32;i++)
{
date[i+4]=date[i]^date_round(date[i+1]^date[i+2]^date[i+3]^sub_key[35-i]);
}

for(i=0;i<4;i++)
{
long_to_char(date[35-i],out+i*4);
}

}

unsigned int key_round(unsigned int tmp)
{
int i;
unsigned char arr[4]={0};
long_to_char(tmp,arr);

for(i=0;i<4;i++)
{
arr[i]=SBOX[arr[i]];
}
char_to_long(arr,&tmp);
tmp = tmp ^ left_move(tmp, 13) ^ left_move(tmp, 23);
return tmp;
}

void extendkey(unsigned char key[],unsigned int sub_key[])
{
int i;

for(i=0;i<4;i++)
{
char_to_long(key+i*4,sub_key+i);
sub_key[i]^=FK[i];
}

for(i=0;i<32;i++)
{
sub_key[i+4]=sub_key[i] ^ key_round(sub_key[i+1] ^ sub_key[i+2] ^ sub_key[i+3] ^ CK[i]);
}

}

int main(void)
{
unsigned char key[16] ={0x4D, 0x4C, 0x7B, 0x4F, 0xAB, 0x6B, 0x78, 0x09, 0xE6, 0x27, 0xFA,
0x9D, 0xA6, 0xC6, 0x4E, 0x8A };
unsigned char code[32]={0xAF, 0xD3, 0xD5, 0x71, 0x1F, 0xC6, 0xA3, 0x42, 0xC5, 0x64,
0x53, 0x2E, 0xFE, 0x13, 0xF1, 0xA3,0x0F, 0x96, 0x0A, 0x0B, 0x1D, 0x3D, 0x83, 0x33, 0x2A, 0x4B,
0x71, 0x98, 0x10, 0xFF, 0x70, 0x43};
unsigned int sub_key[36]={0};
unsigned char out[32];
int i;

extendkey(key,sub_key);

sm4_decode(code,sub_key,out);
sm4_decode(&code[16],sub_key,&out[16]);
for(i=0;i<32;i++)
{
printf("%c",out[i]);
}
}
//newsctf{QSay1ts-1nTereStingObf}

开门啊-1

apk还是做少了,逻辑看起都费劲,看wp学习了一下。而且想jeb动调来着,结果不知道什么原因,程序老是闪退,也不知道是不是Android环境不对。

分析主函数

分析tom1函数

脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14

#include<stdio.h>

int main()
{
int flag[20]={0x7A, 0x74, 0x7F, 0x79, -123, 0x4F, 74, 76, 71, 72, 77, 75, 74, 73, 76, 74, 76, 77, 76, -125};
int i;
for(i=0;i<20;i++)
{
flag[i]=(flag[i]^15)-15;
printf("%c",flag[i]);
}
}
//flag{16498356746434}

开门啊-2

不知道为什么,so文件和wp的函数伪代码差距也太大了吧,不做了,杀鸡去了,嘿嘿嘿。