iscc-week2-re1

查壳

64位无壳，丢进ida里面看看

发现有混淆，使用d810插件去除

去除后的主函数

进入第一个函数，会把重复的字符改为2

进入第二个

有三个函数

第一个函数将一个字符拆成两个数字

第二个函数对为11的后一位进行-61的操作，或者是减48

第三个就是按表变换

EXP:

#include <stdio.h> 
int main() {
    char key[76] = "冻笔新诗懒写寒炉美酒时温醉看墨花月白恍疑雪满前村";
    char enc1[367] = "美酒恍疑时温寒炉美酒寒炉寒炉懒写墨花前村时温时温前村恍疑醉看前村醉看醉看前村时温寒炉懒写醉看前村醉看墨花懒写醉看前村醉看墨花月白墨花新诗寒炉懒写醉看前村月白墨花新诗醉看前村月白醉看前村墨花墨花时温醉看前村美酒墨花新诗墨花懒写醉看懒写墨花前村墨花";
    char enc2[367];
    int keyy[68] = {  };
    int n = 0;
    int u = 0;
    for (int i = 0; i < 133; i += 2) {
        for (int j = 0;; j += 2) {
            if (key[j * 2] == enc1[i * 2] && key[j * 2 + 2] == enc1[i * 2 + 2]) {
                keyy[u] = j / 2;
                u++;
                break;
            }
        }
    }
    for (int ii = 0; ii < 68;) {
        if (keyy[ii] == 11) {
            keyy[ii + 1] += 61;
            printf("%c", keyy[ii+1]);
            ii += 2;
        }
        else {
            keyy[ii] += 48;
            printf("%c", keyy[ii]);
            ii++;
        }
    }
}//ISC2{_lk2lrlxq2nqnmujqrb}

将为2的改为与前一个相同的字符即可

得到flag:ISCC{_lkklrlxqqnqnmujqrb}

iscc-week2-re2

查壳

32位无壳，丢进ida

有反调试，forcejump跳过。

经典的走迷宫，得到迷宫图

路线：ddssddwwdddssssssss

文件夹下面还有个压缩包，解压后是一张图片，里面的数据没什么用。

查看main函数的汇编，发现有一个函数，进入后发现了加密过程，即与后一位进行异或

#include<stdio.h>
int main() {
    int v4[100];
    v4[0] = 26;
    v4[1] = 16;
    v4[2] = 0;
    v4[3] = 67;
    v4[4] = 12;
    v4[5] = 86;
    v4[6] = 66;
    v4[7] = 99;
    v4[8] = 97;
    v4[9] = 82;
    v4[10] = 11;
    v4[11] = 120;
    v4[12] = 21;
    v4[13] = 19;
    v4[14] = 83;
    v4[15] = 97;
    v4[16] = 66;
    v4[17] = 80;
    v4[18] = 112;
    v4[19] = 67;
    v4[20] = 97;
    v4[21] = 97;
    v4[22] = 92;
    v4[23] = 125;
    for (int i = 0; i <=23; i+=4)
    {
        v4[i + 2] ^= v4[i + 3];
        v4[i + 1] ^= v4[i + 2];
        v4[i] ^= v4[i + 1];
        printf("%c%c%c%c", v4[i], v4[i + 1], v4[i + 2], v4[i + 3]);
    }
}
//ISCC{w!c@!sx4!2a!c3C!@!}

flag：ISCC{w!c@!sx4!2a!c3C!@!}

iscc-week2-re3

查壳

32位文件，丢进ida里面

二进制转字符串，得到：Leonardo_Fibonacci

可知这是斐波那契数列，字符长度为18，又因为txt文件有很多字符，猜测是根据斐波那契数列前十八位取值。

EXP：

#include<stdio.h>
int main() {
    int enc[18] = { 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144, 233, 377, 610, 987, 1597, 2584};
    char encc[3001] = "e71R0GYVrpG1gFjMlWUi7BNpXKTfBXTPns6wQELBzd0DaB6YCHFBn3KrIB4wp6Np6glr1jIBl5f5gQCF9xkaVocBgR81QghHPOM6berCIPXuP5kxede9LuunLV7y8ez8HqAb11SuWyqRAuswSmpMvLQBImfqkuICEntHQHN5RoZhpG585Z6bqrzhRG7FtnVSIo82ACRkpzY650QUc1Qwp0yWloQgVawgWqrLRy1UAoih2sH45jlKnxpgBIpXtmETRnICq3nsreGb87w0JRJ3OoHm0zeEkkpQ8wmbf8DImPpPJ1BqInSM5sqyYnsuzSz3mHPSS3NQtr5wuxSTCoMHBzXQBm688gx1jelFl8S0Wwiu557qGVgvHVnRQf57y4hKuCcPEPM8vmrBrKqT155CE0hUYOabUjzlbltx7Dm78fQ89jlM1stExRspu5PlHpmP5nvu808uTZCJbhBOqAXNwSbdYqXsxKCsOSwEMtj3KRlmqSspigr2AsEcVtSQ2lPAbG3XtqsU5AvR2BUS2c0qQBNBIVZkG6ZFB6BVHB2CJVcwD4v1jltluYQp0Xxt2izAcv4KhIEZbiRYINnGdKEzS348q7mpus39hHq3bUsK6EgboSwwUe20R2wLWV36FQLDU4tH0DzJ5TfmoWQJbNjOHnbXAfeQaXptlZpmw1OLump9s9f0c5iuWqajYD4qQmES9YpjM9lZ583wjOA5eesEBckOjeEXa139eOj2DpQwRGPYOAxkrpCaR5pGYyTlft9UlbAcvOsisJEAnq2doFa8lMkKUM66XAlvVptBkCuvEpCF7vs3laMJ1hEhSNUHlKZJeaHq4N6TFxb8nvn8Qkhc23w8rU40a00zdBRfXHovaAydApaCm9laa8vPTR5kkgO4w5VsyJ1e2jeDjVGOpjNvCKJm6bpGhwdu8JYicQhdlQxQG1YTbcKBldPK2Wmj0XcHnkjssEwDKTzUBjYJpeF10RCC3NNyF01TcBC5RTZuTPLQvPEFdqPdAoNQaghwP0NcbTHsfDuyY89S0MgaAMt3z1g1S421vw7bSu1jNK72REt2cN5Yxnwt1kdkVrdm5nE8F1YP3bIrta8fkfJxhbpTV2Gh5qO0s4Z4q5S1sD0RgJrI3xNSqHaTF3A32Z5MQtiMSeyh8ExMCKo44RV60R3BYRtJU2FIgfViEotcbtHX4eA4yq1w9PV9HvSjsN5E0Iw4Gqj4C0YFEFX05O1g1MPT3kUFN4MhRNk2B4rGE7wyeyVgQJFLENTddIbWC8OT6QpXpYWDd3fsJQhsBAgwZkFOnx31fTsLbKyH1iU8cDWHQLLp1DIIOPlFEJed5Yq5gNF8ujgH49EVVIIp8IJGOAZjkgDOR43MApASytBMMijOkR6863bDEJ5y28lzgzxvfSidBa63FTbBDYpWhP1uWEfaZQ2Abis1IfOhSJWaWdIgcqRIsBZqUKjCgJkW7xKJuwQEHBhSnvD9AqnIzWYWHzzUSENMztTkuL5uHrTJGZxo9ZyMQbdI8zVLT2jlmjo4iBGO4HDA0gu8ivoE4fZHaTcj3OdrLuzUWBnP89owlbE7diMD4hODlAftTbNgKhvMbaX6l4Am3Cpn7VkHxc2KxgEEKGT1hnOopbTxNIWvfy4k0sh72HymhB6KjOKRWKVL6hqO0rcnlDGYZPublnBR4ZzOMFMJrnoWRaZ5a0kJoetvO1wSA1udYcNQKsvQ8zKWE3C5L7yiOS6LWlMOUEbOOwJCaEiaoV8H3pK0qGQgb5l3rKLuzOgyCYcWaVVcQiiywfT2WVANFiNYwv2YQDIbFpZW3En52UE4q4ghfhDnKuCcMHuubaedbvV1Y0gGToItmK0FqmrNbwdEHVPGUKOVW8pgZQngXuGfc1JeuzwLRDD3cMtCwHL6KbTzu2Dpl8aS6JFT42I3PuiZqz67rLIBP8yHXRQ8p9oaif7OTE92e0VB64Wu2eoZyctFDnAtm4DeE2u7Apm1UxY9kkDMTroktN6qqw9SMC2zwav7PSWVZWX13KgJJcBeL1r04pYjmFupvPt6L4953RqN8SBQ4HD8S3KPlY5yYgyWnD81RJ1pv0t0a5seM8nxBk3aj1zHtAalApqeU080ppmqDr5TZVVLkvKlZPx3ShjgLXO8XAxkEMGhT5JCuBsP6i5oCdjldUdOhXIcGhnBnRsS8cHId7UrF2Xi1WCH1QdRRYJNFbGa0hDFneTuKmCTmp251TqYf2Ofidtjf9irRiOIAAnj0kE7iC9xmR3v4wWQSXms20YAbr6itviOnnCMf6pSdwPKM0EvE9laRXlB3mQVQtMCQr1i0kA3x6ZoXU08KAUEEGD8ca0mL769qfZkAK3ZFtPxDgL42YWyOe81gbkxcMVSRJPsBEYLDvGhlHa1jrjDxBzkYAnCgN0EwIiNXWpitGrRmhZiku7OIdWIfeguvGLI5Dx3R9EtFrkts6lT1rE6cZEJO9GBmYxDVOsxj9beVmL17QXqpIfacCjJt1YWCdqNKIqlVQsXstbDNZRY6WUuCYniNe9OhkQXOggmyGIB0UCUE98ok2amlIlarnnnwXCsQYkAgc32PZ8ScwZhQdm8aaEbqvATxNj8DREUuxvoBZw2hL8IJzBkFzPWtzroyxlRmwPhFobMjRRVE4vCFZfVWDLRAW2M2zTmPVpmv0UnY7sFY09kD8CmceQ9EkoTsoGYHPIiiF3dY9RziVv5rh7r34X2uviqNdKRzoY6RWeN27VKK35QQL0sMQunbXR4MJQpu96ktIWAVKjNaEKVd70P9I8jSTfDkOqkxOsfkX2pxps7JwmDSqw8kOTON3kput6o57k0sCa74iW4FcdxhvW3MHJlanZmYyu8PuxDAElJvldjM70IAehtLl0PsaBNIauHvdvfglTMw4qSSzjqXUENg48F16J04gn89lyvE7tjgWGAO7NdcDcutVP7gBkokMw0Cqeda2JBv1AIKuOpWvvmfRqJNdDDjREQiUjIPaqjfjhi";
    for (int i = 1, j=0; i < 3000;i++) {
        if (i == enc[j]) {
            printf("%c", encc[i-1]);
            j++;
            i = 0;
        }
    }
}
//ISCC{ee710Vg7sKgwAQHNbS}

ISCC{ee710Vg7sKgwAQHNbS}