64位,进ida
没啥重要的,主要是check函数等于1才能跳出
后面是一个函数
可以看到都是数组,后面还有几个这样的函数,就不都截图了,直接上EXP吧
a1 = 33*[0]
a1[1] = 99
a1[25] = 64
a1[27] = 101
a1[4] = 50
a1[17] = 114
a1[29] = 102
a1[17] = 114
a1[24] = 95
a1[2] = 116
a1[9] = 99
a1[32] = 125
a1[19] = 118
a1[5] = 48
a1[14] = 110
a1[15] = 100
a1[8] = 123
a1[18] = 51
a1[28] = 95
a1[21] = 114
a1[0] = 119
a1[6] = 50
a1[22] = 115
a1[31] = 110
a1[12] = 95
a1[7] = 48
a1[16] = 95
a1[11] = 112
a1[23] = 101
a1[30] = 117
a1[10] = 112
a1[13] = 64
a1[3] = 102
a1[26] = 114
a1[20] = 101
flag = ''
for i in range(0,len(a1)):
flag += chr(a1[i])
print(flag)
得到结果wctf2020{cpp_@nd_r3verse_@re_fun},提交记得外圈改成flag
标签:WUSTCTF2020,Cr0ssfun,a1,114,flag,64,101,95 From: https://www.cnblogs.com/yee-l/p/18306930