1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66
| # 添加库 from Crypto.Cipher import DES, AES
byte_604100 = [ 189, 173, 180, 132, 16, 99, 179, 225, 198, 132, 45, 111, 186, 136, 116, 196, 144, 50, 234, 46, 198, 40, 101, 112, 201, 117, 120, 160, 11, 159, 166 ]
# 输出16进制 # for i in range(len(byte_604100)): # print(hex(byte_604100[i]), end=',') # input()
dec_list1 = [0] * 32 dec_list1[31] = 0xc4 possible = []
''' for ( k = 1; k <= 31; ++k ) byte_6040D0[k - 1] = (2 * (input_flag[k - 1] ^ 19) + 7) ^ ((unsigned __int8)input_flag[k - 1] % 9u + input_flag[k] + 2); '''
def dfs(idx, cur_list): if idx == -1: possible.append(cur_list[:]) print(cur_list) return _cur_list = cur_list[:] for j in range(256): test_encoded_byte = ((((2 * (j ^ 0x13)) + 7) ^ ((j % 9) + _cur_list[idx + 1] + 2)) & 0xff) if test_encoded_byte == byte_604100[idx]: _cur_list[idx] = j dfs(idx - 1, _cur_list)
dfs(30, dec_list1)
for i in possible: print(i) print(len(possible))
DES_enc_list = [10, 244, 238, 200, 66, 138, 155, 219, 162, 38, 111, 238, 238, 224, 216, 162] DES_enc = b'' for i in DES_enc_list: DES_enc += bytes([i]) print() print(DES_enc) print() DES_key = b'\xAD\x52\xF2\x4C\xE3\x2C\x20\xD6' iv = b'\x00' * 8 DES_dec = DES.new(DES_key, DES.MODE_CBC, iv).decrypt(DES_enc) AES_key = DES_dec
# iv = b'\x00' * 16 for x in possible: for i in range(31, -1, -1): for j in range(int(i / 4)): x[i] ^= x[j] res = AES.new(AES_key, AES.MODE_ECB).decrypt(bytes(x)) print(res)
|