ASM逆向

例题

例题1

16位DOS不能进行反编译，只能放入32位看汇编

开头载入了两个数据dseg、seg001
往上翻可以找到
一个是提示字符

一个是密文

把每个数前四位和后四位交换，再与23异或
构建解密脚本（注意还原后的结果%256，不然打不出来正确的结果）

#easyasm
#0x91, 0x61, 0x01, 0xC1, 0x41,
#0xA0, 0x60, 0x41, 0xD1, 0x21,
#0x14, 0xC1, 0x41, 0xE2, 0x50,
#0xE1, 0xE2, 0x54, 0x20, 0xC1,
#0xE2, 0x60, 0x14, 0x30, 0xD1,
#0x51, 0xC0, 0x17
from Crypto.Util.number import *
enc=[0x91, 0x61, 0x01, 0xC1, 0x41,
     0xA0, 0x60, 0x41, 0xD1, 0x21,
     0x14, 0xC1, 0x41, 0xE2, 0x50,
     0xE1, 0xE2, 0x54, 0x20, 0xC1,
     0xE2, 0x60, 0x14, 0x30, 0xD1,
     0x51, 0xC0, 0x17]
flag=b''
for i in enc:
    flag += long_to_bytes((((i^23)<<4)+((i^23)>>4))%256)
print(flag)

例题2

还是放入32位看汇编

看到一串可疑的数据,打印发现不是flag,再仔细观察一下

发现他进行了异或,这里将0x10赋给了cl,然后跟al里面的元素异或

exp

# include<stdio.h>
# include<string.h>
int
main()
{

    unsigned
char
num[] =
{
    0x4E, 0x6F, 0x74, 0x20, 0x65, 0x71, 0x75, 0x61, 0x6C, 0x21,
    0x24, 0x45, 0x71, 0x75, 0x61, 0x6C, 0x21, 0x24, 0x58, 0x54,
    0x53, 0x44, 0x56, 0x6B, 0x5A, 0x65, 0x63, 0x64, 0x4F, 0x71,
    0x4F, 0x75, 0x23, 0x63, 0x69, 0x4F, 0x71, 0x43, 0x7D, 0x6D,
    0x24
};

for (int i=0;i < 41;i++)
{
    num[i] = num[i] ^ 0x10;
printf("%c", num[i]);
}
return 0;
}

例题3

给了一个txt文件，发现数据和xor，编写脚本

a=[0x5b,0x54,0x52,0x5e,0x56,0x48,0x44,0x56,0x5f,0x50,0x3,0x5e,0x56,0x6c,0x47,0x3,0x6c,0x41,0x56,0x6c,0x44,0x5c,0x41,0x2,0x57,0x12,0x4e]
for i in range(len(a)):
    a[i]^=0x33
    print(chr(a[i]),end='')