[FlareOn3]Challenge1 题解

简介: [FlareOn3]Challenge1 题解

Str1和Str2相同的话就是正确的flag

查看sub_401360函数,看做了什么修改

_BYTE *__cdecl sub_401260(int a1, unsigned int a2)
{
  int v3; // [esp+Ch] [ebp-24h]
  int v4; // [esp+10h] [ebp-20h]
  int v5; // [esp+14h] [ebp-1Ch]
  int i; // [esp+1Ch] [ebp-14h]
  unsigned int v7; // [esp+20h] [ebp-10h]
  _BYTE *v8; // [esp+24h] [ebp-Ch]
  int v9; // [esp+28h] [ebp-8h]
  int v10; // [esp+28h] [ebp-8h]
  unsigned int v11; // [esp+2Ch] [ebp-4h]
  v8 = malloc(4 * ((a2 + 2) / 3) + 1);
  if ( !v8 )
    return 0;
  v11 = 0;
  v9 = 0;
  while ( v11 < a2 )
  {
    v5 = *(unsigned __int8 *)(v11 + a1);
    if ( ++v11 >= a2 )
    {
      v4 = 0;
    }
    else
    {
      v4 = *(unsigned __int8 *)(v11 + a1);
      ++v11;
    }
    if ( v11 >= a2 )
    {
      v3 = 0;
    }
    else
    {
      v3 = *(unsigned __int8 *)(v11 + a1);
      ++v11;
    }
    v7 = v3 + (v5 << 16) + (v4 << 8);
    v8[v9] = byte_413000[(v7 >> 18) & 0x3F];
    v10 = v9 + 1;
    v8[v10] = byte_413000[(v7 >> 12) & 0x3F];
    v8[++v10] = byte_413000[(v7 >> 6) & 0x3F];
    v8[++v10] = byte_413000[v3 & 0x3F];
    v9 = v10 + 1;
  }
  for ( i = 0; i < dword_413040[a2 % 3]; ++i )
    v8[4 * ((a2 + 2) / 3) - i - 1] = 61;
  v8[4 * ((a2 + 2) / 3)] = 0;
  return v8;
}

观察,是一个base64加密

获取编码表

base64_data=[0x5a,0x59,0x58,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f,0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x7a,0x79,0x78,0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,0x6e,0x6f,0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x2b,0x2f]
base64_table=''
for i in range(len(base64_data)):
    base64_table+=chr(base64_data[i])
print(base64_table)

WP

import base64
str1 = "x2dtJEOmyjacxDemx2eczT5cVS9fVUGvWTuZWjuexjRqy24rV29q"
base64_table = "ZYXABCDEFGHIJKLMNOPQRSTUVWzyxabcdefghijklmnopqrstuvw0123456789+/"
base64_str = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
decoded_str = base64.b64decode(str1.translate(str.maketrans(base64_table, base64_str)))
print(decoded_str)

flag{sh00ting_phish_in_a_barrel@flare-on.com}

相关文章
[WMCTF2020]easy_re 题解
[WMCTF2020]easy_re 题解
111 0
|
3月前
|
算法 C++
POJ 3740 Easy Finding题解
这篇文章提供了一个使用舞蹈链(Dancing Links)算法解决POJ 3740 "Easy Finding" 问题的C++代码实现,该问题要求找出矩阵中能够使每一列都恰好包含一个1的行集合。
|
5月前
【洛谷 P1219】[USACO1.5]八皇后 Checker Challenge 题解(深度优先搜索+回溯法)
**USACO1.5八皇后挑战**是关于在$n\times n$棋盘上放置棋子的,确保每行、每列及两条主对角线上各有一个且仅有一个棋子。给定$6$作为输入,输出前$3$个解及解的总数。例如,对于$6\times6$棋盘,正确输出应包括解的序列和总数。代码使用DFS解决,通过跟踪对角线占用状态避免冲突。当找到所有解时,显示前三个并计数。样例输入$6$产生输出为解的前三个排列和总数$4$。
37 0
|
存储 算法 Linux
[GUET-CTF2019]encrypt 题解
[GUET-CTF2019]encrypt 题解
149 0
|
数据安全/隐私保护
[BJDCTF2020]BJD hamburger competition 题解
[BJDCTF2020]BJD hamburger competition 题解
53 0
|
机器学习/深度学习 Java
【Java每日一题,dfs】[USACO1.5]八皇后 Checker Challenge
【Java每日一题,dfs】[USACO1.5]八皇后 Checker Challenge
|
文件存储
Easy Number Challenge(埃式筛思想+优雅暴力)
Easy Number Challenge(埃式筛思想+优雅暴力)
83 0
|
vr&ar 数据安全/隐私保护
old-fashion1题解
old-fashion1题解
145 0
old-fashion1题解
【算法题解】Codeforces Round #817 (Div. 4)题解
【算法题解】Codeforces Round #817 (Div. 4)题解
【算法题解】Codeforces Round #817 (Div. 4)题解
LeetCode contest 177 5170. 验证二叉树
LeetCode contest 177 5170. 验证二叉树