我们先来了解一下什么是ReverseMe
[color=]
[color=]ReverseMe 要求别人把一个程序做出逆向分析,比如程序的运行机理,系统领空的界定等等。
[color=]ReverseMe 要求别人把一个程序做出逆向分析,比如程序的运行机理,系统领空的界定等等。 reverseme 一词常被Cracker【破解爱好者】使用 是指在无源码的情况下二次开发 DLL【动态链接库】.等接口【API】参看CrackME。
以上是我从Baidu挖来的定义,可能不太全面,但并不耽误我们做题。(
reverseme_百度百科 (baidu.com))
接下来我们来看一道题[SWPU2019]
要求解出Flag,下面是解题方法:
我输入的是32个1,进行运算后得到了
['0x62', '0x66', '0x61', '0x64', '0x6e', '0x3', '0x1', '0x0', '0x8', '0x6e', '0x72', '0x65', '0x77', '0x62', '0x66', '0x61', '0x64', '0x6e', '0x3', '0x1', '0x0', '0x8', '0x6e', '0x72', '0x65', '0x77', '0x62', '0x66', '0x61', '0x64', '0x6e', '0x3']
edx里的值
eax里的值
f7步入,f8看看
ecx里的值是
经过这个步骤之后就得到了用来跟eax里比较的值。
result=[0xB3,0x37,0x0F,0xF8,0xBC,0xBC,0xAE,0x5D, 0xBA,0x5A,0x4D,0x86,0x44,0x97,0x62,0xD3, 0x4F,0xBA,0x24,0x16,0x0B,0x9F,0x72,0x1A, 0x65,0x68,0x6D,0x26,0xBA,0x6B,0xC8,0x67]str="SWPU_2019_CTF"a=[0x86,0x0C,0x3E,0xCA,0x98,0xD7,0xAE,0x19, 0xE2,0x77,0x6B,0xA6,0x6A,0xA1,0x77,0xB0, 0x69,0x91,0x37,0x05,0x7A,0xF9,0x7B,0x30, 0x43,0x5A,0x4B,0x10,0x86,0x7D,0xD4,0x28]b=[0]*32for i in range(32): b=result^aflag=""for i in range(32): flag+=chr(b^ord(str[i%len(str)]))print(flag)
flag{Y0uaretheB3st!#@_VirtualCC}