b1nary
[HDCTF 2023]enc
zach0ry
  2025-07-11   2025-08-26  

链接

打开进入这个函数

image-20250711193541365

TEA

image-20250711193916614

分析之后知道

下一步核对的v7和v8都是改变后的密文

v9才是密钥

解密时注意,异或的时候从后往前异或,倒着来

脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#tea解密
def tea_decrypt(v, k):
    v0, v1 = v[0], v[1]
    delta = 0x61C88647
    sum = -(delta * 32) & 0xFFFFFFFF
    for _ in range(32):
        v1 = (v1 - ((16*v0 + k[2]) ^ (v0 + sum) ^((v0 >>5) + k[3]))) & 0xFFFFFFFF
        v0 = (v0 - ((16*v1+ k[0]) ^ (v1 + sum) ^((v1 >>5) + k[1]))) & 0xFFFFFFFF 
        sum = (sum + delta) & 0xFFFFFFFF
    return [v0, v1] 

# 给定密文v9和密钥v10
v9 = [0x60fcdef7,0x236dbec]
v10 = [0x12,0x34,0x56,0x78]
print(tea_decrypt(v9, v10))

//key=3

SMC

继续看下面的函数

sub_4113DE —>sub_414C10—>sub_411046—>sub_414B00—>sub_411221—>sub_415340

image-20250711200122360

  • (char *)a1(_BYTE *)a1 是将整数地址 a1 转换为内存指针。
  • 然后通过 *ptr ^= a3 修改该地址上的内容。

所以是SMC

那下一步就是找到它改变的地址的范围

打开x32xdbg

ctrl+g输入00415340

image-20250826164227781

F9运行后会停在这里

image-20250711202535475

image-20250711203617747

所以修改位置的位置头是0x0041D000

长度是0x600

所以在ida中运行脚本

脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# 导入 ida_bytes 模块,这是现代 IDA Python 推荐的字节操作方式
from ida_bytes import get_byte, patch_byte 

# 定义操作的起始地址、结束地址和异或密钥
start_address = 0x41d000
end_address = 0x41E600 # range函数不包含end_address
xor_key = 3 

print("开始批量异或修改...")

# 遍历指定范围内的每个字节并进行异或操作
for i in range(start_address, end_address):
    original_byte = get_byte(i)      # 使用 get_byte 从 ida_bytes 模块读取字节
    new_byte = original_byte ^ xor_key
    patch_byte(i, new_byte)          # 使用 patch_byte 从 ida_bytes 模块写入字节

print("修改完成")

之后再在函数头按U结构

再选中范围去C

image-20250711205629161

就可以了

image-20250711205652624

image-20250711205736124

发现是RC4加密

脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
key=list('you_are_master')
content=[0xf,0x94,0xae,0xf2,0xc0,0x57,0xc2,0xe0,0x9a,0x45,0x37,0x50,0xf5,0xa0,0x5e,0xcb,0x2c,0x16,0x28,0x29,0xfe,0xff,0x33,0x46,0xe,0x57,0x82,0x22,0x52,0x26,0x2b,0x6e,0xe4,0x82,0x24]
rc4number=0x100
s=[0]*rc4number
flag=''
 
 
def rc4_init(s,key,rc4number):
    for i in range(rc4number):
        s[i]=i
    j=0
    for i in range(rc4number):
        j=(j+s[i]+ord(key[i%len(key)]))%rc4number
        temp=s[i]
        s[i]=s[j]
        s[j]=temp
 
def rc4_endecode(s,content,rc4number):
    i=0
    j=0
    for k in range(len(content)):
        i=(i+1)%rc4number
        j=(j+s[i])%rc4number
        temp=s[i]
        s[i]=s[j]
        s[j]=temp
        t=(s[i]+s[j])%rc4number
        content[k]=chr(content[k]^s[t])
    content=''.join(content)
    print(content)
 
 
rc4_init(s,key,rc4number)
rc4_endecode(s,content,rc4number)
  1. 1. TEA
  2. 2. SMC
  1. 1. TEA
  2. 2. SMC