avatar

CISCN 2019 REVERSE 复现

CISCN 2019 REVERSE

easyGo

1.checksec

1-1

2.IDA

  • 1,IDA动态调试看字符串
    • ida->字符串引用->找到函数->运行过后->得到flag
    • 1-2
  • 2,使用IDAGolangHelper
    • 导入脚本文件->恢复函数名称
    • main函数逆向
    • 1-4
    • 发现貌似是换表的base64,gdb下断点单步

bbvvmm

1.checksec

2-1

2.IDA

IDA Signsrch识别有SM4算法,变种的AES

2-2

发现下面有一个变种base64

2-3

2-4

img

解密得badrer12

可以patch后angr执行得到password:xyz{|}

where_u_are

没找到题

https://shimo.im/docs/RcFy1DWUUK0F9nOh/read

Author: Joe1sn
Link: http://blog.joe1sn.top/2021/CISCN2019REWriteup/
Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stating additionally.
Donate
  • 微信
    微信