GKCTF 2020 re

周末打了两场比赛 bjd GK,bjd我打自闭了，赛中只做出了两道题，赛后又才又做出一道。。。不得不说按道理我四道题都看懂了，知道方法怎么做，可是我不会写脚本啊。。。得加强python的编程能力了。。。
来说说GKCTF，（虽然还是只做出了3道题。。。。啥时能做到ak啊！！！！）

1. checkin
   密码HelloWorld,之后砖块游戏好了

2. Chelly’s identity
   老二次元了。。。。
   方法：动态调试，比较简单

a = [0x2,0x3,0x5,0x7,0xb,0xd,0x11,0x13,0x17,0x1d,0x1f,0x25,0x29,0x2b,0x2f,0x35,0x3b,0x3d,0x43,0x47,0x49,0x4f,0x53,0x59,0x61,0x65,0x67,0x6b,0x6d,0x71,0x7f]

b = [0x1b6,0x498,0x441,0x179,0x179,0x640,0x39c,0x179,0x64a,0x39c,0x27d,0x27f,0x178,0x236,0x344,0x33e]

c = [0]*16;

d = 0


for i in range(16):
    for e in range(0,0x7f):
        for q in range(len(a)):
            if a[q]<e:
                d +=a[q]
            else :
                break

        if d^e==b[i]:
            c[i]=e
            break
        d = 0
print(c)
f = ''.join(chr(c[i]) for i in range(16))
print(f)

3. EzMachine
   一个虚拟机，得调试个10多次，才知道程序逻辑
   小写字母 xor 0x47后-1 又除 和取余 把数分开（比如0x47 变4 7）
   大写 xor 0x4b后+1 把数分开
   其他得单纯把数分开
   a[i]是校验数据
   b[i]是flag a[i]的数据忘保存了。。。。。

>>> for i in range(17):
...    d = a[i]
...    d = (a[i]-1)^0x47
...    if(d>=ord('a') and  d<=ord('z')):
...          b[i]=d
...    elif ((a[i]+1)^0x4b)>=ord('A') and ((a[i]+1)^0x4b)<=ord('Z'):
...          b[i] = (a[i]+1)^0x4b
...    else :
...          b[i] = a[i]
...
>>> "".join(chr(b[i]) for i in range(17))
'flag{Such_A_EZVM}'

老司机迷宫题
DbgIsFun smc 反调试 还没看完 明天看看能不能复现一下