buu reverse xor

xor

首先把xor后缀改为exe，查看一下，64位
拉入64位ida，找到main函数，F5查看伪代码

memset(v6, 0, 0x100uLL);
  v3 = (char *)256;
  printf("Input your flag:\n", 0LL);
  get_line(v6, 256LL);
  if ( strlen(v6) != 33 )
    goto LABEL_12;
  for ( i = 1; i < 33; ++i )
    v6[i] ^= v6[i - 1];
  v3 = global;
  if ( !strncmp(v6, global, 0x21uLL) )
    printf("Success", v3);
  else
LABEL_12:
    printf("Failed", v3);
  result = __stack_chk_guard;
  if ( __stack_chk_guard == v7 )
    result = 0;
  return result;

第一个if，表示flag长度为33
第二个if，表示v3是flag，直接点进去查看，Shift+e提取

写脚本

flag=""
a=[102,  10, 107,  12, 119,  38,  79,  46,  64,  17, 
  120,  13,  90,  59,  85,  17, 112,  25,  70,  31, 
  118,  34,  77,  35,  68,  14, 103,   6, 104,  15, 
   71,  50,  79,   0]
for i in range(1,33):
    flag +=chr(a[i]^a[i-1])

print(flag)

输出lag{QianQiuWanDai_YiTongJiangHu}
后来在ida中发现没看到一个f