简单的python逆向分析

52lxw 发表于 2018-3-30 23:23

拿到一个findkey.txt文件，但不上纯文本的，于是放进010 editor里面看

看到是03 F3 0D 0A开头，可以确定是python的可执行文件

改后缀名为findkey.pyc放到https://tool.lu/pyc/里反编译:
#!/usr/bin/env python
# visit http://tool.lu/pyc/ for more information
import sys
lookup = [196,153,149,206,17,221,10,217,167,18,36,135,103,61,111,31,92,152,21,228,105,191,173,41,2,245,23,144,1,246,89,178,182,119,38,85,48,226,165,241,166,214,71,90,151,3,109,169,150,224,69,156,158,57,181,29,200,37,51,252,227,93,65,82,66,80,170,77,49,177,81,94,202,107,25,73,148,98,129,231,212,14,84,121,174,171,64,180,233,74,140,242,75,104,253,44,39,87,86,27,68,22,55,76,35,248,96,5,56,20,161,213,238,220,72,100,247,8,63,249,145,243,155,222,12,32,43,186,0,102,216,126,15,42,115,138,240,147,229,204,117,223,141,159,131,232,124,254,60,116,46,113,79,16,128,6,251,40,205,137,199,83,54,188,19,
184,
201,
110,
255,
26,
91,
211,
132,
160,
168,
154,
185,
183,
244,
78,
33,
123,
28,
59,
12,
210,
218,
47,
163,
215,
209,
108,
235,
237,
118,
101,
24,
234,
106,
143,
88,
9,
136,
95,
30,
193,
176,
225,
198,
197,
194,
239,
134,
162,
192,
11,
70,
58,
187,
50,
67,
236,
230,
13,
99,
190,
208,
207,
7,
53,
219,
203,
62,
114,
127,
125,
164,
179,
175,
112,
172,
250,
133,
130,
52,
189,
97,
146,
34,
157,
120,
195,
45,
4,
142,
139]
pwda = [
188,
155,
11,
58,
251,
208,
204,
202,
150,
120,
206,
237,
114,
92,
126,
6,
42]
pwdb = [
53,
222,
230,
35,
67,
248,
226,
216,
17,
209,
32,
2,
181,
200,
171,
60,
108]
flag = raw_input('Input your Key:').strip()
if len(flag) != 17:
print 'Wrong Key!!'
sys.exit(1)
flag = flag[::-1]
for i in range(0, len(flag)):
if ord(flag) + pwda & 255 != lookup]:
   print 'Wrong Key!!'
   sys.exit(1)

print 'Congratulations!!'

看到flag必须为17位了，得到以下破解脚本:
#!/usr/bin/env python
# visit http://tool.lu/pyc/ for more information
import sys,string
lookup = [
196,
153,
149,
206,
17,
221,
10,
217,
167,
18,
36,
135,
103,
61,
111,
31,
92,
152,
21,
228,
105,
191,
173,
41,
2,
245,
23,
144,
1,
246,
89,
178,
182,
119,
38,
85,
48,
226,
165,
241,
166,
214,
71,
90,
151,
3,
109,
169,
150,
224,
69,
156,
158,
57,
181,
29,
200,
37,
51,
252,
227,
93,
65,
82,
66,
80,
170,
77,
49,
177,
81,
94,
202,
107,
25,
73,
148,
98,
129,
231,
212,
14,
84,
121,
174,
171,
64,
180,
233,
74,
140,
242,
75,
104,
253,
44,
39,
87,
86,
27,
68,
22,
55,
76,
35,
248,
96,
5,
56,
20,
161,
213,
238,
220,
72,
100,
247,
8,
63,
249,
145,
243,
155,
222,
122,
32,
43,
186,
0,
102,
216,
126,
15,
42,
115,
138,
240,
147,
229,
204,
117,
223,
141,
159,
131,
232,
124,
254,
60,
116,
46,
113,
79,
16,
128,
6,
251,
40,
205,
137,
199,
83,
54,
188,
19,
184,
201,
110,
255,
26,
91,
211,
132,
160,
168,
154,
185,
183,
244,
78,
33,
123,
28,
59,
12,
210,
218,
47,
163,
215,
209,
108,
235,
237,
118,
101,
24,
234,
106,
143,
88,
9,
136,
95,
30,
193,
176,
225,
198,
197,
194,
239,
134,
162,
192,
11,
70,
58,
187,
50,
67,
236,
230,
13,
99,
190,
208,
207,
7,
53,
219,
203,
62,
114,
127,
125,
164,
179,
175,
112,
172,
250,
133,
130,
52,
189,
97,
146,
34,
157,
120,
195,
45,
4,
142,
139]
pwda = [
188,
155,
11,
58,
251,
208,
204,
202,
150,
120,
206,
237,
114,
92,
126,
6,
42]
pwdb = [
53,
222,
230,
35,
67,
248,
226,
216,
17,
209,
32,
2,
181,
200,
171,
60,
108]
'''
flag = raw_input('Input your Key:').strip()
if len(flag) != 17:
print 'Wrong Key!!'
sys.exit(1)
flag = flag[::-1]
'''
result = []
for i in range(17):
for flag in string.printable:
   if ord(flag) + pwda & 255 == lookup]:
         result.append(flag)
         break
result.reverse()
print len(result),''.join(result)
print 'Congratulations!!'

jhsunnyshine 发表于 2018-3-31 00:27

强啊懒猪

hcl909 发表于 2018-3-31 11:49

本以为pyhtone 编译好了基本上很难破解了没有想到和当年的VB一样稍稍复杂了点，不过也是楼主比较厉害

ss8651twtw 发表于 2018-3-31 00:18

感谢简单的 python 逆向分析赞!

丑到变态 发表于 2018-3-31 06:10

感谢分享

chen4321 发表于 2018-3-31 07:53

666，很给力

kernel 发表于 2018-3-31 08:34

不是很明白。。。。

Heln 发表于 2018-3-31 09:06

学习了，赞

sitiger 发表于 2018-3-31 09:39

赞一个，不错不错

Caesar93 发表于 2018-3-31 09:39

逆向出直接有加密算法

sh1ner 发表于 2018-3-31 10:49

666学习了

页: [1] 2 3 4 5

吾爱破解 - 52pojie.cn's Archiver

简单的python逆向分析