1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
| # 1. 定义从可执行文件中提取出的字节码数据
qword_4020 = [
0, 0xCFFB289AF4B1D1, 0, 0x83, 2, 1, 0, 0x83, 3, 4, 9, 5,
0, 0x955F7E7A2ABC09, 0, 0x82, 2, 1, 0, 0x82, 3, 4, 9, 5,
0, 0x171D0EEF6E34564, 0, 0x92, 2, 1, 0, 0x92, 3, 4, 9, 5,
0, 0x1C8C0106F982D2C, 0, 0x78, 2, 1, 0, 0x78, 3, 4, 9, 5,
0, 0x1A3DF010DB43D50, 0, 0x79, 2, 1, 0, 0x79, 3, 4, 9, 5,
0, 0x70D52B655429D4, 0, 0xA0, 2, 1, 0, 0xA0, 3, 4, 9, 5,
0, 0x86BA083DB4A00E, 0, 0x8F, 2, 1, 0, 0x8F, 3, 4, 9, 5,
0, 0x1EE6D244821E17E, 0, 0x93, 2, 1, 0, 0x93, 3, 4, 9, 5,
0, 0x21F3E25788406B2, 0, 0x8A, 2, 1, 0, 0x8A, 3, 4, 9, 5,
0, 0x13C0021E70D77B4, 0, 0xA3, 2, 1, 0, 0xA3, 3, 4, 9, 5,
0, 0x27EDD2385F658C6, 0, 0xAA, 2, 1, 0, 0xAA, 3, 4, 9, 5,
0, 0xA07DA21EF9E1B4, 0, 0x34, 2, 1, 0, 0x34, 3, 4, 9, 5,
0, 0xD00E8519E9CC06, 0, 0x41, 2, 1, 0, 0x41, 3, 4, 9, 5,
0, 0xD6DFC3F1E11375, 0, 0x78, 2, 1, 0, 0x78, 3, 4, 9, 5,
0, 0xEFAA53300DA663, 0, 0x8D, 2, 1, 0, 0x8D, 3, 4, 9, 5,
0, 0x7568123DB27DB8, 0, 0x89, 2, 1, 0, 0x89, 3, 4, 9, 5,
0, 0xF174602422164A, 0, 0x87, 2, 1, 0, 0x87, 3, 4, 9, 5,
0, 0x9B991D46E343EE, 0, 0x75, 2, 1, 0, 0x75, 3, 4, 9, 5,
0, 0x16C43FB0F9B780, 0, 0x44, 2, 1, 0, 0x44, 3, 4, 9, 5,
0, 0x10C7B1796D09C04, 0, 0x44, 2, 1, 0, 0x44, 3, 4, 9, 5,
0, 0x5F5CFCF58C8717, 0, 0x7A, 2, 1, 0, 0x7A, 3, 4, 9, 5,
0, 0xD715FDA1220CE0, 0, 0x93, 2, 1, 0, 0x93, 3, 4, 9, 5,
6 # HALT instruction
]
# 2. 初始化一个空字符串来存储flag
flag = ""
# 3. 循环遍历字节码,每次跳过一个完整的计算块(12个元素)
# 一个块的结构是 [0, 大数, 0, 小数, ..., 5]
for i in range(0, len(qword_4020) - 1, 12):
# 提取大数和小数
large_number = qword_4020[i + 1]
small_number = qword_4020[i + 3]
# 4. 用高效的取模运算直接计算结果
char_code = large_number % small_number
# 5. 将计算出的ASCII码转换为字符,并拼接到flag字符串上
flag += chr(char_code)
# 6. 打印最终结果
print("成功破解!Flag 是:")
print(flag)
|
