下午去长城杯签到签了四个小时,浪费时间说是
badmes
手搓
prese
gogogo,看到的都是纸老虎
看的出来,确实是纸老虎
unwind
drink fake tea
SEH unwind栈回溯,moectf有一道
密文
main函数,标准XXTEA
除此之外有XTEA,在unwind部分被调用两次
则解密流程为2次XTEA,1次XXTEA
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#define xxtea_DELTA 0x9e3779b9
#define xxtea_MX (((xxtea_z>>5^xxtea_y<<2) + (xxtea_y>>3^xxtea_z<<4)) ^ ((xxtea_sum^xxtea_y) + (xxtea_key[(xxtea_p&3)^xxtea_e] ^ xxtea_z)))
void decipher(unsigned int num_rounds, uint32_t v[2], uint32_t const key[4])
{
unsigned int i;
uint32_t v1 = v[0], v2 = v[1], delta = 0x61C88647, sum = -delta * num_rounds;
for (i = 0; i < num_rounds; i++)
{
v2 -= (((v1 * 16) ^ (v1 >> 5)) + v1) ^ (sum + key[(sum >> 11) & 3]);
sum += delta;
v1 -= (((v2 * 16) ^ (v2 >> 5)) + v2) ^ (sum + key[sum & 3]);
}
v[0] = v1;
v[1] = v2;
}
void xxtea(uint32_t* xxtea_origin, int xxtea_n, uint32_t const xxtea_key[4])
{
uint32_t xxtea_y, xxtea_z, xxtea_sum;
unsigned xxtea_p, xxtea_rounds, xxtea_e;
if (xxtea_n > 1) /* Coding Part */
{
xxtea_rounds = 6 + 52 / xxtea_n;
xxtea_sum = 0;
xxtea_z = xxtea_origin[xxtea_n - 1];
do
{
xxtea_sum += xxtea_DELTA;
xxtea_e = (xxtea_sum >> 2) & 3;
for (xxtea_p = 0; xxtea_p < xxtea_n - 1; xxtea_p++)
{
xxtea_y = xxtea_origin[xxtea_p + 1];
xxtea_z = xxtea_origin[xxtea_p] += xxtea_MX;
}
xxtea_y = xxtea_origin[0];
xxtea_z = xxtea_origin[xxtea_n - 1] += xxtea_MX;
} while (--xxtea_rounds);
}
else if (xxtea_n < -1) /* Decoding Part */
{
xxtea_n = -xxtea_n;
xxtea_rounds = 6 + 52 / xxtea_n;
printf("%u\n",xxtea_rounds);
xxtea_sum = xxtea_rounds * xxtea_DELTA;
printf("%u\n",xxtea_sum);
xxtea_y = xxtea_origin[0];
do
{
xxtea_e = (xxtea_sum >> 2) & 3;
for (xxtea_p = xxtea_n - 1; xxtea_p > 0; xxtea_p--)
{
xxtea_z = xxtea_origin[xxtea_p - 1];
xxtea_y = xxtea_origin[xxtea_p] -= xxtea_MX;
}
xxtea_z = xxtea_origin[xxtea_n - 1];
xxtea_y = xxtea_origin[0] -= xxtea_MX;
xxtea_sum -= xxtea_DELTA;
} while (--xxtea_rounds);
}
}
int main()
{
uint32_t enc[] = {0x87AAA7C1,0x857321B6,0x0E71D28C,0xCADF39F2,0x58EFCA14,0xD7E7D9D8,0xF29F5C5D,0x5F5ED45E};
uint32_t const key[4] = {0x00000044,0x00000041,0x00000053,0x00000021};
int n = sizeof(enc) / sizeof(uint32_t);
decipher(36,enc,key);
decipher(36,enc,key);
decipher(36,&enc[2],key);
decipher(36,&enc[2],key);
decipher(36,&enc[4],key);
decipher(36,&enc[4],key);
decipher(36,&enc[6],key);
decipher(36,&enc[6],key);
xxtea(enc,-n,key);
for (int i = 0; i < n; i++){
printf("%x",enc[i]);
}
printf("\n");
for (int i = 0; i < n; i++)
{
//printf("0x%d ", enc[i]);
for (int j = 0; j < 4; j++)
{
printf("%c", (enc[i] >> (j * 8)) & 0xFF);
}
}
printf("\n");
return 0;
}
转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达.