前言

比赛时间:2025.1.25 - 2025.1.26

启航杯2025的 WriteUP,reverse crypto ak了

刚到9点服务器就炸了,本来两天的赛事又临时缩短到了一天。题目上,原来有一道rsa,做不了一点,后来又换了一道送分题,3道reverse全是送分题。

差评:(

Reverse

Checker

1
2
3
4
5
6
7
8
encrypted_flag = "726B607765584646154014411A400E461445160E174542410E1A4147450E4642131446131017451542165E"

flag = ""
for i in range(0, len(encrypted_flag), 2):
    flag += chr(int(encrypted_flag[i : i + 2], 16) ^ 0x23)

print(flag)  # QHCTF{ee6c7b9c-e7f5-4fab-9bdf-ea07e034f6a5}

Rainbow

1
2
3
4
5
6
7
encrypted_flag = "0B12190E1C213B6268686C6B6A69776F3B633B776E3C3B6D773B38393C773E3F3B6E69623B6D393F6D6227"

flag = ""
for i in range(0, len(encrypted_flag), 2):
    flag += chr(int(encrypted_flag[i : i + 2], 16) ^ 90)

print(flag)  # QHCTF{a8226103-5a9a-4fa7-abcf-dea438a7ce78}

小明的note

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define _BYTE unsigned char

void decrypt_flag(char *src, char *trg)
{
    unsigned char v6[] = {0x42, 0x37, 0xA1, 0x7C};
    int length = strlen(src);
    int i;

    for (i = 0; i < length; i++)
    {
        trg[i] = v6[i % 4] ^ src[i];
        trg[i] ^= i + 1;
    }
    trg[i] = 0;
}

int main()
{
    char Decrypted_flag[64];
    char flag[100] = "\x12\x7D\xE1\x2C\x01\x4A\xC4\x45\x78\x5E\xC9\x46\x78\x5D\x83\x0F\x37\x12\xD0\x45\x63\x42\xD5\x57\x76\x14\xDE\x06\x6E\x04\x8F\x3E\x50\x21\xE1\x3B\x53\x72\xB7\x6C\x5D\x79\xF7\x00";

    decrypt_flag(flag, Decrypted_flag);
    printf("Decrypted flag: %s\n", Decrypted_flag);    // Decrypted flag: QHCTF{b13cc67d-cd7b-4cc3-9df1-1b34cc4c186d}
    return 0;
}