逆向攻防世界CTF系列36-re4-unvm-me

逆向攻防世界CTF系列36-re4-unvm-me

pyc文件反编译

发现自己用uncompyle6的结果不太对，转而用在线网站反编译：

https://tool.lu/pyc/

#!/usr/bin/env python
# visit https://tool.lu/pyc/ for more information
# Version: Python 2.7

import md5
md5s = [
    0x831DAA3C843BA8B087C895F0ED305CE7L,
    0x6722F7A07246C6AF20662B855846C2C8L,
    0x5F04850FEC81A27AB5FC98BEFA4EB40CL,
    0xECF8DCAC7503E63A6A3667C5FB94F610L,
    0xC0FD15AE2C3931BC1E140523AE934722L,
    0x569F606FD6DA5D612F10CFB95C0BDE6DL,
    0x68CB5A1CF54C078BF0E7E89584C1A4EL,
    0xC11E2CD82D1F9FBD7E4D6EE9581FF3BDL,
    0x1DF4C637D625313720F45706A48FF20FL,
    0x3122EF3A001AAECDB8DD9D843C029E06L,
    0xADB778A0F729293E7E0B19B96A4C5A61L,
    0x938C747C6A051B3E163EB802A325148EL,
    0x38543C5E820DD9403B57BEFF6020596DL]
print 'Can you turn me back to python ? ...'
flag = raw_input('well as you wish.. what is the flag: ')
if len(flag) > 69:
    print 'nice try'
    exit()
if len(flag) % 5 != 0:
    print 'nice try'
    exit()
for i in range(0, len(flag), 5):
    s = flag[i:i + 5]
    if int('0x' + md5.new(s).hexdigest(), 16) != md5s[i / 5]:
        print 'nice try'
        exit()
        continue
print 'Congratz now you have the flag'

分析一下就是flag长度是5的倍数且要小于等于69，数组长度13，五倍是65，flag长度65

可以爆破，但是太慢了，这种题目可能可以在线解密

中间有一个不够长度，补一个0

831DAA3C843BA8B087C895F0ED305CE7L
6722F7A07246C6AF20662B855846C2C8L
5F04850FEC81A27AB5FC98BEFA4EB40CL
ECF8DCAC7503E63A6A3667C5FB94F610L
C0FD15AE2C3931BC1E140523AE934722L
569F606FD6DA5D612F10CFB95C0BDE6DL
068CB5A1CF54C078BF0E7E89584C1A4EL
C11E2CD82D1F9FBD7E4D6EE9581FF3BDL
1DF4C637D625313720F45706A48FF20FL
3122EF3A001AAECDB8DD9D843C029E06L
ADB778A0F729293E7E0B19B96A4C5A61L
938C747C6A051B3E163EB802A325148EL
38543C5E820DD9403B57BEFF6020596DL

md5解密,md5在线查询,md5 crack online-充值/charge好用，要钱

SOMD5 - MD5免费批量破解 - Batch Crack不好用

我只解了前5个，不想花钱和费时间了ALEXC

tch Crack](https://www.somd5.com/batch.html)不好用

我只解了前5个，不想花钱和费时间了ALEXC

贴上flag：ALEXCTF{dv5d4s2vj8nk43s8d8l6m1n5l67ds9v41n52nv37j481h3d28n4b6v3k}