攻防世界-Crypto-easychallenge

题目描述:将文件下载下来,只有一个pyc文件 

攻防世界-Crypto-easychallenge_第1张图片

1. 思路分析

先向chatgpt问下什么是pyc文件:

攻防世界-Crypto-easychallenge_第2张图片

攻防世界-Crypto-easychallenge_第3张图片

OK,这里简单总结下:

1. pyc文件是python源码编译后的生成的二进制文件

2. 通过一些库可以逆向出pyc的源代码

那么我们需要做的就是先将源代码还原,还原后再根据具体代码实现找出flag

2. 解题过程

2.1 先逆向出pyc的源代码

我们使用uncompyle6试试(先pip install uncompyle6安装该工具)

然后执行命令:uncompyle6 "42aa1a89e3ae48c38e8b713051557020.pyc" > source.py

这样我们将源代码输出到了source.py中,源代码如下:

# uncompyle6 version 3.9.0
# Python bytecode version base 2.7 (62211)
# Decompiled from: Python 3.10.8 (main, Nov  4 2022, 09:21:25) [GCC 12.2.0]
# Embedded file name: ans.py
# Compiled at: 2018-08-08 23:29:44
import base64

def encode1(ans):
    s = ''
    for i in ans:
        x = ord(i) ^ 36
        x = x + 25
        s += chr(x)

    return s


def encode2(ans):
    s = ''
    for i in ans:
        x = ord(i) + 36
        x = x ^ 36
        s += chr(x)

    return s


def encode3(ans):
    return base64.b32encode(ans)


flag = ' '
print 'Please Input your flag:'
flag = raw_input()
final = 'UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E==='
if encode3(encode2(encode1(flag))) == final:
    print 'correct'
else:
    print 'wrong'
# okay decompiling 42aa1a89e3ae48c38e8b713051557020.pyc

 2.2 解码出flag

从代码中分析,代码对flag进行了三层编码,那么我们需要对这三层编码一一进行解码,我们按照编码的顺序反着进行解码即可,调整下代码如下:

import base64

def decode1(ans):
    s = ''
    for i in ans:
        # x = ord(i) ^ 36
        x = ord(i) - 25
        x = x ^ 36
        s += chr(x)

    return s


def decode2(ans):
    s = ''
    for i in ans:
        # x = ord(i) + 36
        x = i ^ 36
        x = x - 36
        s += chr(x)

    return s


def decode3(ans):
    return base64.b32decode(ans)


#flag = ' '
#print 'Please Input your flag:'
#flag = raw_input()
final = 'UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E==='
flag = decode1(decode2(decode3(final)))
print(flag)

 执行该脚本获取flag即可:cyberpeace{interestinghhhhh}

总结:这里主要考察的是pyc文件的逆向,还有一些编码和解码的基本操作,将源代码解出来后,进行反向解码即可

 

你可能感兴趣的:(python,开发语言,安全)