看雪论坛出的题目 很不错。
Str1是从aAbcdefghiabcde这个变量中获取到的,对应的角标是上一个程序传过来的,然后和KanXueCTF2019JustForhappy对比,正确则说明flag正确。
先获取各角标的值为[19, 0, 27, 59, 44, 4, 11, 55, 14, 30, 28, 29, 37, 18, 44, 42, 43, 14, 38, 41, 7, 0, 39, 39, 48]
之前一直看不明看 a1+4*v4,代表什么,后来才知道这个代表地址的偏移取值,每4字节取一个值,其实就相当于循环字符串的每一个值。
然后看前面的算法
逆推一下就可以得到flag
str = "KanXueCTF2019JustForhappy" code = "abcdefghiABCDEFGHIJKLMNjklmn0123456789opqrstuvwxyzOPQRSTUVWXYZ" arr = [] for i in str: for k in range(len(code)): if i == code[k]: arr.append(k) print arr flag = [] for i in arr: if i <= (57 - 48) and i >= (48 - 48): flag.append(i + 48) else: if i <= (122 - 87) and i >= (97 - 87): flag.append(i + 87) else: if i <= (90 - 29) and i >= (65 - 29): flag.append(i + 29) print flag result = '' for i in flag: result += chr(i) print result #[19, 0, 27, 59, 44, 4, 11, 55, 14, 30, 28, 29, 37, 18, 44, 42, 43, 14, 38, 41, 7, 0, 39, 39, 48] #[106, 48, 114, 88, 73, 52, 98, 84, 101, 117, 115, 116, 66, 105, 73, 71, 72, 101, 67, 70, 55, 48, 68, 68, 77] #j0rXI4bTeustBiIGHeCF70DDM #flag{j0rXI4bTeustBiIGHeCF70DDM}