OverTheWire crypto

Behemoth0

Posted by rk700 on July 4, 2014

先用ida反编译,发现输入的密码要与一段字符串比较,而字符串是memfrob作用在几个数拼接起来的,即
0x475e4b4f,0x45425953,0x00595e58。先获取拼接得到的字符串:

echo -e "475e4b4f\n45425953\n595e58" | tac | xxd -r -p | rev

是OK^GSYBEX^Y

于是可获取密码:

print(''.join([chr(y) for y in [ord(x)^42 for x in 'OK^GSYBEX^Y']]))

密码是…。登陆后获得shell,可以读答案

或者把用hex

print(''.join(['\\x{:02x}'.format(y) for y in [ord(x)^42 for x in 'OK^GSYBEX^Y']]))

然后用perl输入

FEATURED TAGS
HTTP wechall PHP linux sql exploit crypto OverTheWire reverse how-to binary pwnable.kr ksnctf misc android webhacking.kr fuzzing