0xGame 2024-Reverses-Week 3 – SeanDictionary | 折腾日记

0xGame 2024-Reverses-Week 3

2024-10-27 21:18

|

2024-10-27 21:18

|

1,034

|

0

|

[Week 3] FirstSight-Android

下载安装JEB
用JEB打开apk文件，然后找到函数入口

进入后右键解析就能显示反汇编java代码
然后根据判断语句找到secret字符串，双击后就能看见字符串内容
结合判断语句对输入进行了Base62加密
最后用CyberChef还原得到
0xGame{caff454e-2238-42aa-a75a-75e9f5f1f769}

[Week 3] BabyASM

一段汇编语言，翻译一下得到如下
在 .data 段中，定义了一个包含 44 个字节的数组，数据以字节为单位存储
对前22个字节，值+28
对后22个字节，与前22个字节一一对应并异或
手搓

data = [
    20, 92, 43, 69, 81, 73, 95, 23, 72, 22,
    24, 69, 25, 27, 22, 17, 23, 29, 24, 73,
    17, 24, 85, 27,112, 76, 15, 92, 24,  1,
    73, 84, 13, 81, 12,  0, 84, 73, 82,  8,
    82, 81, 76, 125
]
for i in range(22):
    data[i] = data[i] + 28
for i in range(22, 43):
    data[i] ^= data[i - 22]
print(bytes("".join(chr(x) for x in data).encode("utf-8")))

0xGame{3d24a572-394e-4ec7-b9c2-f9097fda1f4a}

[Week 3] LittlePuzzle

众所不周知，jar是压缩包，解压缩，把class文件用vscode打开，自动反编译
发现就是做个数度题目
手解数独（bushi
怎么可能，肯定是写脚本求解

def print_filled_numbers(board):
    for row in board:
        print(" ".join(str(num) if num != 0 else '.' for num in row))

def is_valid(board, row, col, num):
    for j in range(9):
        if board[row][j] == num:
            return False
    for i in range(9):
        if board[i][col] == num:
            return False
    box_row = row - row % 3
    box_col = col - col % 3
    for i in range(3):
        for j in range(3):
            if board[box_row + i][box_col + j] == num:
                return False
    return True

def solve_sudoku(board, filled_positions):
    for row in range(9):
        for col in range(9):
            if board[row][col] == 0:  # 找到一个空格
                for num in range(1, 10):  # 尝试填入1-9
                    if is_valid(board, row, col, num):
                        board[row][col] = num  # 填入数字
                        filled_positions.append(num)  # 记录填入的数字
                        if solve_sudoku(board, filled_positions):  # 递归调用
                            return True
                        board[row][col] = 0  # 回溯
                        filled_positions.pop()  # 移除最后填入的数字
                return False  # 无法填入任何数字，返回False
    return True  # 所有格子已填入

if __name__ == "__main__":
    board = [
        [5, 7, 0, 9, 4, 0, 8, 0, 0],
        [0, 0, 8, 0, 3, 0, 0, 0, 5],
        [0, 1, 0, 2, 0, 0, 0, 3, 7],
        [0, 0, 9, 7, 2, 0, 0, 0, 0],
        [7, 3, 4, 0, 0, 8, 0, 0, 0],
        [0, 0, 0, 0, 0, 0, 7, 5, 1],
        [3, 0, 0, 0, 1, 4, 2, 0, 0],
        [0, 6, 0, 0, 0, 2, 0, 4, 0],
        [0, 2, 7, 0, 0, 9, 5, 0, 0]
    ]

    filled_positions = []  # 用于记录填入的数字
    if solve_sudoku(board, filled_positions):
        print("填入的数字:")
        print("".join(map(str, filled_positions)))
    else:
        print("无解的数独。")

求解得到填入的数字316224671996854156384156296824939587681579343618
然后运行附件输入结果
得到0xGame{4d340a40fcd088c5dc9c48778e5643a666b53e42}

本作品采用 知识共享署名-非商业性使用-相同方式共享 4.0 国际许可协议 CC BY-NC-SA 4.0 进行许可

0xGame Reverse WriteUp

暂无评论

发送评论编辑评论