CTF-rootme 题解之PYC - ByteCode

LINK:https://www.root-me.org/en/Challenges/Cracking/PYC-ByteCode

 

使用Pyc的逆向脚本uncompyle6进行反编译,该逆向脚本内容如下:

#!/usr/bin/python
# EASY-INSTALL-ENTRY-SCRIPT: 'uncompyle6==3.2.4','console_scripts','uncompyle6'
__requires__ = 'uncompyle6==3.2.4'
import re
import sys
from pkg_resources import load_entry_point

if __name__ == '__main__':
    sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0])
    sys.exit(
        load_entry_point('uncompyle6==3.2.4', 'console_scripts', 'uncompyle6')()
    )

 得到反编译结果如下:

# uncompyle6 version 3.2.4
# Python bytecode 3.1 (3151)
# Decompiled from: Python 3.7.2 (default, Jan 10 2019, 23:51:51) 
# [GCC 8.2.1 20181127]
# Embedded file name: crackme.py
# Compiled at: 2013-07-02 15:00:05
if __name__ == '__main__':
    print('Welcome to the RootMe python crackme')
    PASS = input('Enter the Flag: ')
    KEY = 'I know, you love decrypting Byte Code !'
    I = 5
    SOLUCE = [57, 73, 79, 16, 18, 26, 74, 50, 13, 38, 13, 79, 86, 86, 87]
    KEYOUT = []
    for X in PASS:
        KEYOUT.append((ord(X) + I ^ ord(KEY[I])) % 255)
        I = (I + 1) % len(KEY)

    if SOLUCE == KEYOUT:
        print('You Win')
    else:
        print('Try Again !')
# okay decompiling ch19.pyc

 介绍一个源代码涉及到的函数:ord()

描述

ord() 函数是 chr() 函数(对于8位的ASCII字符串)或 unichr() 函数(对于Unicode对象)的配对函数,它以一个字符(长度为1的字符串)作为参数,返回对应的 ASCII 数值,或者 Unicode 数值,如果所给的 Unicode 字符超出了你的 Python 定义范围,则会引发一个 TypeError 的异常。

语法

以下是 ord() 方法的语法:

ord(c)

参数

  • c -- 字符。

返回值

返回值是对应的十进制整数。

由源代码可以编写出破解脚本如下:

#!/usr/bin/env python
if __name__ == '__main__': print('Welcome to the RootMe python crackme') # PASS = input('Enter the Flag: ') KEY = 'I know, you love decrypting Byte Code !' DICT = "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%`+^&*(){}[]\";?'\/<>~=:-_. |," I = 5 SOLUCE = [57, 73, 79, 16, 18, 26, 74, 50, 13, 38, 13, 79, 86, 86, 87] KEYOUT = [] RESULT = [] for i in SOLUCE: for X in DICT: DATA=(ord(X) + I ^ ord(KEY[I])) % 255 if DATA==i: KEYOUT.append(DATA) I = (I + 1) % len(KEY) RESULT.append(X) break print(RESULT)
['I', '_', 'h', 'a', 't', 'e', '_', 'R', 'U', 'B', 'Y', '_', '!', '!', '!']

逆向运算得到password为: I_hate_RUBY_!!!



转载于:https://www.cnblogs.com/heycomputer/articles/10547410.html

你可能感兴趣的:(CTF-rootme 题解之PYC - ByteCode)