CUIT CTF WriteUp-最简单的题目

首先这是一道Android逆向，Down下apk文件后，果断进行反编译（dex2jar）

反编译处jar后，使用jd-gui.exe打开可以清晰的看到整个程序的运行流程

在MainActivity类中，有OnMySelfClick()方法

简单地说，就是将用户名当作DES.encode()的参数算出密文，取密文的前6位作为注册码

ok，直接复制源码拷贝进Ecplise，处理一番后，直接运行，得到flag：uynvo4

package com.syclover.crackme001;
 
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
 
import com.sun.org.apache.xml.internal.security.utils.Base64;
 
 
public class DES {
    public static final String ALGORITHM_DES = "DES/CBC/PKCS5Padding";
 
    public static void main(String args[]) {
        String user = "syclover";
        try {
            String key = DES.encode(user, user).substring(0, 6).toLowerCase();
            System.out.println(key);        
        }
        catch(Exception localException) {
        }
    }
    
    public static String encode(String paramString1, String paramString2)
            throws Exception {
        return encode(paramString1, paramString2.getBytes());
    }
 
    private static String encode(String paramString, byte[] paramArrayOfByte)
            throws Exception {
        try {
            DESKeySpec localDESKeySpec = new DESKeySpec(paramString.getBytes());
            SecretKey localSecretKey = SecretKeyFactory.getInstance("DES")
                    .generateSecret(localDESKeySpec);
            Cipher localCipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
            localCipher.init(1, localSecretKey,
                    new IvParameterSpec("JoyChou ".getBytes()));
            String str = Base64.encode(
                    localCipher.doFinal(paramArrayOfByte), 0);
            return str;
        } catch (Exception localException) {
        }
        String localException = "";
        throw new Exception(localException);
    }
}