pyc文件反编译
uncompyle6 -o pcat.py attachment.pyc
pcat.py
# uncompyle6 version 3.8.0
# Python bytecode 2.7 (62211)
# Decompiled from: Python 3.10.6 (main, Aug 30 2022, 04:58:14) [Clang 13.1.6 (clang-1316.0.21.2.5)]
# Embedded file name: encode.py
# Compiled at: 2019-08-19 21:01:57
print 'Welcome to Re World!'
print 'Your input1 is your flag~'
l = len(input1)
for i in range(l):
num = ((input1[i] + i) % 128 + 128) % 128
code += num
for i in range(l - 1):
code[i] = code[i] ^ code[(i + 1)]
print code
code = ['\x1f', '\x12', '\x1d', '(', '0', '4', '\x01', '\x06', '\x14', '4', ',', '\x1b', 'U', '?', 'o', '6', '*', ':', '\x01', 'D', ';', '%', '\x13']
得到源码直接逆向即可
异或逆向:
A ^ A =0,A ^ 0 =A
13、14行使code[i]=code[i]code[i+1],i从0取到l-1-1。处理后,code[l-1]没有变,那么要逆向,则令x从l-2取到0,使code[x]=code[x]code[x+1](abb=a)。
取模逆向:
(a%c+b%c)%c=(a+b)%c
所以逆向为(input1[i] - i) % 128
脚本:
code = ['\x1f', '\x12', '\x1d', '(', '0', '4', '\x01', '\x06', '\x14', '4', ',', '\x1b', 'U', '?', 'o', '6', '*', ':', '\x01', 'D', ';', '%', '\x13']
l = len(code)
flag=''
for i in range(l - 2,-1,-1):
code[i] = chr(ord(code[i]) ^ ord(code[i + 1]))
for i in range(l):
flag += chr((ord(code[i]) - i) % 128)
print(flag)
GWHT{Just_Re_1s_Ha66y!}