[Reverse] RE123 - Cew xp0int Posted on Apr 29 2021 re文件偏移0x375e开始为一大段base64 encode后的字串,decode得到的dll文件开头几个字节为C7 1C 71 C7 1C 71,修改成4D 5A就能拖进ida分析。 给了密钥和密文,AES ECB解密即可得到flag。 ``` from Crypto.Cipher import AES s = 0xE799D643453FF4B5.to_bytes(8, 'little') + 0x46C42084AA2A1B56.to_bytes(8, 'little') key = 0x16157E2B.to_bytes(4, 'little') + 0xA6D2AE28.to_bytes(4, 'little') + 0x8815F7AB.to_bytes(4, 'little') + 0x3C4FCF09.to_bytes(4, 'little') helper = AES.new(key, AES.MODE_ECB) print(helper.decrypt(s)) b'flag{youcangues}' ``` flag{youcangues} 打赏还是打残,这是个问题 赏 Wechat Pay Alipay [Pwn] pwn1 - cpt.shao [Reverse] PE - Cew
没有帐号? 立即注册