DosSnake

8086汇编代码编写的一个贪吃蛇小游戏
使用DosBox运行一下：

直接拖进IDA查看汇编代码算了，由于这个程序只给了一个数据段，通过它找到代码加密逻辑(前面一大段的汇编代码都是为了实现贪吃蛇这个小游戏没啥用，我们直接看加密部分即可)：


逻辑非常简单，aDasctf的前6部分作为key，后面的26位数据作为密文，进行简单的异或加密：

enc = [0x3F, 0x09, 0x63, 0x34, 0x32, 0x13, 0x2A, 0x2F, 0x2A, 0x37, 0x3C, 0x23, 0x00, 0x2E, 0x20, 0x10, 0x3A, 0x27, 0x2F,0x24, 0x3A, 0x30, 0x75, 0x67, 0x65, 0x3C]
key = [0x44, 0x41, 0x53, 0x43, 0x54, 0x46]

def decrypt(enc, key):
    decrypted_chars = []
    for i in range(len(enc)):
        decrypted_char = enc[i] ^ key[i % len(key)]
        decrypted_chars.append(chr(decrypted_char))
    decrypted_text = ''.join(decrypted_chars)
    return decrypted_text

decrypted_text = decrypt(enc, key)
print("Decrypted text:", decrypted_text)

得到：DASCTF{H0wfUnnytheDosSnakeis!!!}

Strangeprograme

文件中的内容比较多，我们只分析Strangeprograme_ok.exe即可：

一个32位程序，查看字符串找到有一个假flag,推测存在Hook

找到_DASCTF段

进行溯源，找到sub_413D50()函数，但是存在一个反调试

进入sub_4111BD()函数->sub_414E30()->sub_411046()->sub_414B90()：

处理一下就可以看见加密逻辑是魔改的TEA：

exp：

#include <stdio.h>
#include <stdint.h>

void TEA_decrypt(uint32_t* enc, uint32_t* key);

int main() {
    unsigned int enc[] = { 0xBC2B4DF9, 0x6213DD13, 0x89FFFCC9, 0x0FC94F7D, 0x526D1D63, 0xE341FD50, 0x97287633, 0x6BF93638, 0x83143990, 0x1F2CE22C };
    unsigned int key[] = { 0x12345678, 0x09101112, 0x13141516, 0x15161718 };
    for (size_t i = 9; i >= 2; i -= 2)
    {
        enc[i] ^= enc[1];
        enc[i - 1] ^= enc[0];
        TEA_decrypt(enc, key);
    }
    TEA_decrypt(enc, key);

    printf("%s", enc);
}

void TEA_decrypt(uint32_t* enc, uint32_t* key)
{
    uint32_t v0 = enc[0], v1 = enc[1], i;
    uint32_t delta = 0x9e3779b9;
    uint32_t sum = delta * 16;
    uint32_t k0 = key[0], k1 = key[1], k2 = key[2], k3 = key[3];
    for (i = 0; i < 16; i++)
    {
        sum -= delta;
        v1 -= ((v0 << 4) + k2) ^ (v0 + sum) ^ ((v0 >> 5) + k3);
        v0 -= ((v1 << 4) + k0) ^ (v1 + sum) ^ ((v1 >> 5) + k1);

    }
    enc[0] = v0;
    enc[1] = v1;
}

DASCTF{I4TH0ok_I5S0ooFunny_Isnotit?????}

BabyAndroid

不是很喜欢安卓逆向，但这次还是尝试了一下
使用JADX打开，搜索DASCTF

找到一个RC4加密：

key就是我们的DASCTF，而enc来自于Sex.jpg，我们通过010读取十六进制作为密文进行解密RC4

def rc4_decrypt(key, enc):
    S = list(range(256))
    j = 0
    for i in range(256):
        j = (j + S[i] + key[i % len(key)]) % 256
        S[i], S[j] = S[j], S[i]

    i = 0
    j = 0
    plaintext = bytearray()

    for byte in enc:
        i = (i + 1) % 256
        j = (j + S[i]) % 256
        S[i], S[j] = S[j], S[i]
        K = S[(S[i] + S[j]) % 256]
        plaintext.append(byte ^ K)

    return plaintext

key = [0x44,0x41,0x53,0x43,0x54,0x46] #DASCTF
enc = [0xb5,0xfc,0xd6,0xc1,0xb0,0x94,0xbf,0x2f,0x05,0x31,0xec,0x0e,0x81,0x34,0xe0,0x9a,0xb3,0xdb,0xd1,0x86,0x3e,0x01,0x4f,0xa9,0x9c,0x15,0x7c,0x4f,0xad,0xef,0x6c,0xcf,0xcb,0xe2,0x0e,0xaa,0xb7,0x99,0xac,0x92,0xd9,0x46,0x5c,0xb1,0x9e,0x68,0xbd,0x7f,0x89,0x28,0xe3,0xcc,0xda,0x97,0xce,0x37,0x17,0xed,0x24,0x5f,0x35,0xf2,0xc0,0x96,0xf7,0x20,0xd3,0x3e,0x36,0xb0,0x18,0xda,0x7b,0x49,0x7a,0x90,0xb6,0xcc,0xe6,0x63,0x57,0x6f,0x46,0x6d,0x34,0x1e,0x44,0x08,0x60,0x19,0x03,0x9a,0x30,0x8e,0x9e,0x28,0x1e,0x7e,0xb3,0x22,0xbc,0x0b,0x13,0xac,0x1a,0x23,0xb5,0x6f,0xe7,0xf4,0x71,0x08,0xef,0xcd,0xcd,0x17,0x82,0x99,0x53,0x4d,0x35,0xa8,0xe8,0x62,0xc8,0x7b,0x59,0x96,0xf2,0x10,0x53,0x84,0xf3,0xa6,0x1a,0x3d,0x1f,0x54,0x64,0xbd,0x5a,0x15,0xc5,0x76,0x1c,0xc1,0xfe,0x56,0x1f,0xde,0x56,0x49,0x1d,0xec,0x92,0xf1,0x3f,0x19,0xb5,0x1e,0xe6,0x9c,0x14,0x2b,0xa6,0xd7,0x7c,0x45,0xf1,0xd3,0x3c,0x17,0x69,0x9b,0x57,0xf4,0x1f,0x2e,0xa5,0x3d,0x7c,0x10,0xec,0xf5,0x03,0x9c,0x2f,0x29,0x3a,0x38,0x4c,0x6f,0x32,0xe8,0xce,0x3f,0x2e,0xf0,0x21,0xaf,0x8b,0x99,0xa3,0x62,0x43,0x43,0x15,0xde,0xf9,0xd8,0xea,0x30,0x21,0x22,0x21,0x0a,0x3f,0x94,0x1e,0x3e,0x69,0x55,0x0a,0x8d,0x31,0x88,0x0a,0xcf,0xd3,0x5b,0x4a,0x16,0x23,0x5c,0x35,0xfe,0xef,0x17,0xc7,0xff,0xaf,0x40,0x2e,0x1c,0xb1,0x77,0x9e,0x4c,0x42,0x28,0xc9,0x33,0x79,0x9b,0xb9,0xf8,0xe9,0xf2,0xec,0x3f,0x41,0x49,0x5e,0x9d,0x72,0x83,0xcc,0xcd,0xd8,0xb6,0xdf,0x53,0xfd,0x74,0x74,0x64,0xe9,0x49,0x26,0x22,0x92,0x95,0xb4,0x30,0x1f,0xac,0x2c,0xab,0x13,0xfa,0x99,0xa4,0x22,0x27,0xf0,0x41,0xd2,0xa1,0x03,0xbe,0xdb,0x7a,0x25,0xfe,0x99,0x73,0x6f,0x65,0x8c,0x35,0x40,0x4f,0xbb,0x79,0x4a,0x2d,0xce,0xd0,0xa0,0x80,0xf7,0x3f,0xa9,0xdc,0xd2,0xfb,0x70,0xb4,0xb0,0x87,0x3f,0x6e,0xe0,0x84,0x75,0xe9,0xc7,0x10,0x88,0xa2,0xa4,0x58,0x7f,0x8b,0xa0,0x84,0xbb,0x4d,0x0b,0x96,0x37,0x9d,0xcd,0xad,0x2e,0x1c,0x03,0x88,0x3e,0x87,0x8c,0x1c,0x4b,0x59,0x77,0x9c,0x46,0x51,0x95,0x4b,0x77,0xef,0x70,0x29,0x5c,0xad,0x1e,0x11,0x21,0x44,0xd7,0x39,0x63,0xf8,0x3a,0x61,0x6e,0xdd,0x01,0x2a,0x96,0x26,0xec,0xbf,0x79,0x63,0x30,0x83,0x13,0x76,0x48,0x4c,0xe3,0x20,0x43,0x09,0xce,0x4c,0x1c,0xe3,0x4d,0x6a,0x3b,0xc4,0x83,0x3f,0x72,0x60,0xc3,0xeb,0xa5,0x52,0x97,0x69,0xdf,0xe6,0xe8,0xc0,0x87,0x2b,0x55,0x08,0x25,0xcc,0xb5,0xd3,0x6f,0xdf,0xce,0x27,0xc6,0x18,0x6b,0x86,0x49,0x51,0xe9,0x8d,0x38,0xed,0x71,0x9c,0xcc,0x1a,0xac,0x00,0x5f,0x6e,0xed,0x27,0x00,0xb4,0xc4,0x1e,0xba,0xd1,0x87,0x22,0xce,0x5c,0x23,0xc7,0x3f,0x46,0xaa,0x25,0x15,0x62,0xa9,0x43,0x41,0xb1,0x32,0xae,0x8d,0x07,0x1f,0xe8,0x3b,0x70,0xd2,0x22,0x7b,0x3e,0xc3,0x4b,0x20,0x34,0x14,0xe8,0x89,0x99,0x23,0x25,0x1e,0x92,0x91,0x96,0xf5,0x22,0xb9,0x9c,0x1c,0x3d,0x02,0xa1,0xb9,0xb0,0x9b,0x86,0x5c,0x9a,0x29,0x80,0x2f,0xd9,0x93,0x7d,0xe3,0xd7,0xee,0x8d,0x42,0xeb,0x5a,0xc1,0xab,0x7f,0x19,0xe0,0x87,0xbf,0x4e,0x8c,0x39,0xb6,0x96,0x45,0x2e,0xa2,0x12,0xb0,0xe1,0x7a,0xc4,0xf3,0x67,0xd8,0x0f,0x1d,0x83,0x11,0xaf,0x5b,0x0a,0x98,0x69,0x06,0x7f,0xfd,0xdb,0xc1,0x0c,0x44,0xed,0x62,0x75,0xf5,0xe3,0x70,0x5d,0x19,0x55,0x15,0x5f,0xb7,0xdf,0x92,0xfe,0x28,0xeb,0x9c,0x1a,0x22,0xdf,0xec,0x98,0xd6,0xc2,0x62,0x5e,0x74,0xd3,0x47,0x16,0xf4,0x4f,0xa3,0xdb,0x22,0x41,0xe8,0x7e,0x46,0x23,0x16,0xab,0x2c,0x74,0x47,0x67,0xcd,0x08,0x27,0x87,0x07,0xb3,0x3f,0xe5,0x32,0x11,0x05,0xeb,0x67,0xa7,0x64,0xd1,0x30,0xca,0x8e,0xe9,0x7f,0x38,0x81,0x7a,0x5f,0x2b,0x2b,0x11,0x29,0xb9,0x8d,0x9a,0xc7,0x90,0xaf,0xcd,0x5c,0xef,0x1b,0x1a,0xf9,0x5b,0xb5,0x5a,0xf6,0xc3,0x09,0x3c,0x71,0x30,0x2e,0x3a,0x06,0xda,0xaf,0x05,0x36,0x73,0xa1,0x19,0xcf,0x51,0xb2,0x15,0x39,0xe2,0x02,0xa5,0x76,0xb4,0x4a,0xba,0x69,0x5a,0x3e,0x89,0xc7,0x73,0xb3,0x3e,0x64,0xbb,0xd0,0xb1,0x8a,0xd1,0x17,0x0d,0x0c,0xf2,0x1b,0xf8,0x26,0xa1,0xc7,0xd6,0x83,0xe1,0x2b,0xf5,0x7c,0x4e,0x3e,0x5f,0x91,0x8c,0xa2,0x2d,0xc6,0x96,0xf2,0xd8,0x4a,0x52,0x58,0x25,0x2d,0x83,0x3c,0xd2,0x5e,0xf5,0xe2,0x1c,0xc0,0x93,0x06,0x4d,0x2c,0x38,0x02,0x66,0x56,0xd9,0x92,0x85,0x32,0x38,0xff,0xb8,0xaf,0x0b,0x35,0xad,0x28,0x80,0x7e,0xf0,0x8d,0x11,0xec,0x5b,0xfc,0x92,0xa1,0x17,0x35,0x1a,0x29,0x37,0x58,0x28,0x3c,0x0a,0xad,0xbc,0x6b,0xad,0x73,0xe0,0xa0,0xa4,0x11,0xbb,0x59,0xef,0x4a,0x48,0x49,0x09,0x9f,0x8c,0xb3,0xb8,0x70,0x95,0x1d,0x82,0x90,0x74,0xfe,0x57,0xd3,0xb4,0xce,0xd8,0xe0,0x20,0xb6,0x67,0x34,0x40,0x55,0x58,0x27,0x5f,0x3a,0x48,0xf6,0x52,0x6c,0xc3,0x29,0x20,0xe7,0xd3,0xef,0x4f,0x5a,0x50,0xa0,0x40,0x87,0x3e,0xcb,0xbd,0xce,0x8b,0x67,0x35,0x4f,0x34,0x74,0xb4,0x73,0x82,0x11,0x3c,0x75,0xb5,0x1d,0x2e,0xdd,0x4d,0x18,0xf3,0x48,0x10,0x4c,0x24,0x22,0x68,0x82,0xd6,0xb0,0xc3,0x72,0x74,0x1a,0xff,0x45,0x3e,0x30,0x84,0x14,0xea,0x43,0x64,0x93,0x83,0x85,0x10,0x92,0x6f,0x0d,0xda,0x8e,0xc1,0xde,0x08,0xdd,0x91,0xae,0xc1,0x76,0x17,0x69,0x46,0x5b,0xdc,0xc7,0x38,0x85,0x35,0xe6,0x43,0x01,0xf3,0x73,0xda,0xf5,0xe3,0xf3,0xa5,0x7f,0xa9,0xa6,0x6f,0xb6,0xa2,0x7c,0x1d,0x9c,0xf1,0xc7,0x09,0x43,0x39,0xf8,0x66,0x4e,0x4a,0xba,0x2d,0x64,0x69,0x40,0x62,0xa0,0x35,0x39,0xac,0xec,0x74,0xf5,0x2b,0xb0,0xde,0x30,0x52,0x69,0xf9,0x87,0xe0,0xf5,0xf1,0x47,0xe2,0xc4,0x28,0x06,0x10,0x3d,0x96,0x70,0xab,0xd7,0x7a,0x8e,0x0f,0x5c,0x2f,0x3d,0x73,0xe0,0x20,0x01,0xea,0x7b,0xd6,0xc2,0x5a,0x9e,0xaf,0x52,0xb9,0x60,0xc5,0xbb,0xc4,0xde,0x99,0xbd,0xc9,0x18,0xa4,0x60,0xe9,0x00,0x86,0x41,0xda,0x85,0x46,0x0d,0x4a,0x9a,0xf0,0x93,0x9c,0x18,0x27,0xeb,0xf7,0x4d,0x46,0x00,0xe1,0xfd,0x64,0xc3,0x96,0xbc,0x60,0x68,0x29,0x14,0xb6,0xba,0xfc,0xfc,0xe9,0xac,0x65,0x82,0x47,0xb3,0x65,0x15,0xca,0xfd,0x8d,0x19,0x8c,0xfe,0xd9,0x83,0x2e,0x11,0xe7,0x42,0x53,0xb0,0xa2,0x61,0xbb,0xc5,0x70,0x3d,0xa8,0xbc,0x3b,0x65,0x4a,0x50,0xc2,0x5a,0x0d,0xd5,0xf2,0x84,0x0d,0x17,0x15,0x64,0x3d,0x82,0x7a,0x75,0x4e,0xa8,0xe1,0xf4,0x54,0x54,0x19,0xf6,0x99,0x42,0x97,0x93,0xce,0x78,0x2c,0x1e,0xf4,0x87,0x90,0xbf,0x72,0x60,0x01,0x0a,0x35,0x66,0xfa,0xcd,0x64,0x16,0x42,0x58,0x32,0xa5,0x4a,0xe4,0x6d,0x18,0x72,0xe1,0x5f,0x3c,0xe5,0x41,0x9d,0xba,0xdc,0x1e,0xe7,0x67,0x90,0x9d,0xfa,0xce,0x05,0x50,0x7b,0x85,0x32,0xd7,0x21,0x8c,0x78,0xcb,0x13,0x8a,0x92,0x55,0x56,0xf2,0x85,0xa4,0xac,0xcd,0x17,0xd3,0x27,0xd4,0x0a,0xd9,0x83,0xcf,0xfa,0x6d,0x6d,0x87,0xe8,0x9a,0xeb,0xaa,0x51,0x10,0xb4,0x9c,0x16,0xc5,0xaa,0x82,0x5c,0xfa,0x41,0x52,0x51,0xff,0x02,0xbe,0xb6,0xe7,0x0c,0xb3,0x9e,0x43,0xd4,0x2b,0x27,0x81,0xdb,0xcd,0x6f,0x4b,0xb7,0x5e,0x17,0x6a,0xd8,0x56,0xdc,0x34,0x9a,0x25,0x1b,0x7c,0x3a,0xb6,0x06,0x8e,0xc5,0x44,0x92,0x2a,0xbe,0xf2,0x3e,0xe5,0x7a,0x2b,0x20,0x36,0x4d,0x42,0xc2,0x08,0x05,0xf3,0x95,0x2f,0xfd,0x59,0xfe,0x31,0x71,0x2c,0x98,0xc7,0x3c,0x55,0xc9,0x9e,0xab,0x8e,0x35,0xd3,0x9f,0x2b,0x7f,0xf8,0x64,0x5a,0x19,0xf3,0xf7,0x46,0xb3,0xac,0xe8,0x2e,0x7f,0x30,0x85,0xd8,0x54,0xe2,0xbf,0x64,0xd6,0xff,0x97,0x80,0xe4,0xb8,0x4c,0xb4,0x97,0x2f,0x78,0x27,0x70,0xc6,0xbf,0x9a,0x53,0x33,0x19,0xfa,0xb0,0x14,0x3e,0x66,0xc3,0x21,0x16,0x81,0xe7,0xbc,0x05,0x12,0x83,0x59,0xe8,0x50,0xa9,0x0e,0x56,0x56,0xcd,0x68,0x37,0x60,0x67,0x13,0x27,0x30,0x2c,0x36,0xcd,0x53,0xde,0x13,0xd4,0xaf,0x70,0x74,0x41,0x83,0xbd,0xc4,0x0e,0x3c,0xac,0x54,0xe1,0xb1,0x2f,0x0c,0x54,0x95,0x90,0x6c,0xd7,0x08,0xb6,0x0e,0x41,0x76,0x6e,0xa4,0xab,0x91,0xd0,0x86,0xcb,0x02,0xca,0x29,0x1a,0xdc,0x10,0x7b,0x44,0x3f,0x5d,0xf2,0xc7,0xf3,0x0d,0x0f,0x12,0x40,0x16,0xf7,0x0d,0x77,0xb4,0x30,0xa3,0x7a,0xa7,0x4d,0xf1,0xb0,0x22,0x03,0xe5,0x76,0x0c,0xa2,0xc6,0x29,0x81,0xba,0x80,0x0a,0x8f,0x29,0x41,0x7c,0xb6,0x05,0x3d,0x18,0x84,0x66,0xe9,0x62,0x13,0x77,0x65,0x3a,0x26,0xf4,0xcf,0x26,0xbf,0x96,0xd7,0x4d,0x47,0xb4,0x03,0x5b,0x39,0x17,0x9e,0x33,0xce,0xc1,0xd6,0x24,0x2c,0x9c,0xfa,0x30,0xd8,0xa4,0xc8,0x80,0x50,0xb5,0xc4,0x33,0x62,0xac,0xe1,0x87,0x42,0xfa,0x11,0xc6,0xec,0x7b,0x3e,0x05,0x6a,0x5f,0xc2,0x27,0x3b,0x01,0x52,0xf4,0x5a,0xef,0xa8,0xee,0xa9,0x23,0xd4,0x0b,0x30,0xd2,0xeb,0x0c,0x40,0x69,0xdd,0x9b,0x91,0x85,0x64,0x9e,0x4e,0x6a,0x39,0xe9,0xea,0xc9,0x55,0xa5,0xd4,0x58,0xeb,0x3d,0x8e,0x8f,0x24,0x39,0x9e,0x8d,0xf3,0x19,0xfa,0x8c,0xad,0x39,0x18,0xde,0x11,0x34,0x05,0x4a,0xa3,0x58,0xba,0x84,0x46,0x67,0x30,0x86,0xb8,0x59,0x25,0xa8,0x24,0xec,0x9d,0xad,0x94,0xab,0xee,0xda,0xce,0x74,0xe9,0xc9,0x53,0x18,0x28,0x28,0x22,0x86,0x89,0x3d,0x39,0xe8,0xb5,0x0e,0xa3,0xa3,0xc4,0xa7,0x26,0x65,0xf2,0x98,0x5b,0x63,0x43,0x90,0x23,0xe0,0x95,0x59,0xcf,0x21,0xb5,0xd7,0x81,0xb3,0xdb,0x39,0xaa,0x63,0x46,0xdb,0x2a,0x56,0x64,0x56,0xa5,0x9a,0x39,0x60,0xea,0x59,0x8c,0xe8,0xa6,0x15,0x8a,0x70,0x28,0xd4,0x3c,0xdd,0xee,0x98,0x14,0x77,0xd8,0x50,0x43,0x05,0x39,0x1a,0x5a,0xfa,0x94,0x01,0x62,0xc3,0x24,0xf4,0xab,0x42,0xd9,0xe4,0x03,0x4d,0x4f,0xf7,0x9b,0xee,0x96,0xe2,0x7f,0xb4,0x60,0xdf,0x54,0x54,0x22,0x8c,0xb4,0xb5,0xa9,0x20,0xe9,0x43,0xcd,0x85,0x3a,0x86,0x3e,0xb6,0xcd,0x99,0xaa,0x9e,0x2d,0x69,0x9d,0xae,0x70,0xb3,0xb7,0x07,0x6e,0x5e,0x56,0x1f,0xa0,0x3d,0x65,0xa7,0x72,0x46,0xf9,0x94,0xe4,0xac,0x45,0x83,0x5d,0xa6,0x4b,0x03,0x68,0xb0,0xf8,0xed,0x37,0x30,0xbe,0xe5,0x84,0x6b,0xd4,0xbc,0x8c,0x79,0x43,0x08,0x20,0x4f,0x6b,0x5a,0x3c,0xcd,0x7d,0x99,0x80,0xe4,0xcb,0xda,0x2b,0x99,0x5d,0x39,0x14,0x1c,0x07,0xab,0x2a,0xd9,0x39,0x50,0xc0,0x04,0x48,0x35,0xd2,0x10,0xe5,0x67,0x7d,0x61,0xa1,0x68,0xbd,0x57,0x40,0xa1,0xd1,0xc8,0x9c,0x31,0x49,0x2d,0xe6,0x37,0x0f,0xaf,0x67,0x96,0xfa,0xb7,0xdd,0xfc,0xeb,0x56,0xd3,0x80,0x53,0xfc,0x09,0xe0,0x2d,0x2b,0x7a,0xed,0x7c,0x64,0x05,0xb0,0xd1,0x21,0x8f,0x85,0xcd,0x06,0x58,0x98,0x1e,0xe1,0xd5,0x71,0xc1,0x96,0x96,0xb9,0x3f,0xef,0x33,0xac,0x23,0xfa,0x7c,0x89,0xd7,0xc6,0xb7,0xe3,0x1c,0x51,0xb7,0xef,0xcf,0x6d,0x2a,0x74,0x21,0x13,0xa7,0xc3,0x7b,0x24,0xea,0x25,0xc4,0xe5,0x13,0x2d,0xa6,0x6f,0xe8,0xd0,0x8c,0xbb,0x75,0x1f,0x24,0x1d,0xd2,0x75,0xc4,0x62,0x46,0x95,0x4c,0xb9,0xe1,0x68,0x6a,0x69,0xfa,0x51,0xf2,0x4d,0x92,0x52,0xa7,0x83,0x9c,0x34,0x22,0x65,0xc8,0x43,0xba,0x8d,0xb9,0xcb,0x69,0x04,0xe8,0xd2,0xf6,0xe4,0xa7,0x15,0xc9,0x5b,0x79,0x65,0xe1,0xf2,0x06,0x06,0x0f,0xac,0x3b,0xe0,0x40,0x8d,0x45,0x34,0x22,0xa8,0x68,0xda,0xe2,0xe8,0x2e,0xc1,0x3c,0xd3,0x32,0xb8,0x25,0x98,0x1f,0x9f,0xcf,0xe0,0xd3,0xf4,0x11,0x19,0x15,0x9e,0x1a,0xb8,0xa3,0xb2,0x4c,0x8a,0x04,0x80,0x39,0x52,0x85,0xb7,0xec,0xab,0x57,0x4f,0xcb,0xa9,0x63,0x46,0x94,0xb0,0xfe,0x21,0x96,0xa0,0xeb,0x31,0xc7,0xdd,0xd5,0xcd,0xfe,0x48,0x7b,0x84,0xc2,0x77,0x8c,0x21,0x0d,0x8f,0x16,0xe4]  # Replace with your ciphertext as a byte array

plaintext = rc4_decrypt(key, enc)
print(plaintext.hex())

得到的结果再通过厨子编译得到dex文件：

或者直接使用厨子：

JADX反编译：

解密：

没有思路了，IDA查看一下so文件：
通过GPT得知cos((j + 0.5) * (i * pi) / v10)是逆离散余弦变换，写个脚本运行一下：

import numpy as np
from scipy.fftpack import idct

# 输入数据数组
data = np.array([
    458.853181, -18.325492, -18.251911, -2.097520, -21.198660, -22.304648,
    21.103162, -5.786284, -15.248906, 15.329286, 16.919499, -19.669045,
    30.928253, -37.588034, -16.593954, -5.505211, 3.014744, 6.553616,
    31.131491, 16.472500, 6.802400, -78.278577, 15.280099, 3.893073,
    56.493581, -34.576344, 30.146729, 4.445671, 6.732204
])

def inverse_dct(data):
    """计算逆离散余弦变换（IDCT）"""
    return idct(data, norm='ortho')

# 计算恢复后的信号
recovered_signal = inverse_dct(data)

# 对结果进行四舍五入并转换为字符
# 将四舍五入的数值限制在0到255之间，再转换为字符
recovered_signal_chars = [chr(int(round(value)) % 256) for value in recovered_signal]

# 组合成 CTF flag 的格式
flag = ''.join(recovered_signal_chars)

# 打印恢复后的信号
print("恢复后的信号:", flag)

恢复后的信号: DASCTF{Y0u_Ar3Re4lly_H@ck3r!}