ASM逆向

例题

例题1

16位DOS不能进行反编译,只能放入32位看汇编

1721293331071-31d91670-4017-496f-b56c-ffc12175a49f.png

开头载入了两个数据dseg、seg001
往上翻可以找到
一个是提示字符

1721293366698-a143378b-bbd2-4024-bb4d-5c5794664a83.png

个是密文

1721293271708-b0a7b174-1e61-4197-85b4-a4e796eff90c.png

把每个数前四位和后四位交换,再与23异或
构建解密脚本(注意还原后的结果%256,不然打不出来正确的结果)

1721293547584-64f5faf0-1c49-4351-b750-1aa335770490.png

1721294425394-af55ae91-db34-453b-8e7a-0e01b3bb7dd9.png

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
#easyasm
#0x91, 0x61, 0x01, 0xC1, 0x41,
#0xA0, 0x60, 0x41, 0xD1, 0x21,
#0x14, 0xC1, 0x41, 0xE2, 0x50,
#0xE1, 0xE2, 0x54, 0x20, 0xC1,
#0xE2, 0x60, 0x14, 0x30, 0xD1,
#0x51, 0xC0, 0x17
from Crypto.Util.number import *
enc=[0x91, 0x61, 0x01, 0xC1, 0x41,
     0xA0, 0x60, 0x41, 0xD1, 0x21,
     0x14, 0xC1, 0x41, 0xE2, 0x50,
     0xE1, 0xE2, 0x54, 0x20, 0xC1,
     0xE2, 0x60, 0x14, 0x30, 0xD1,
     0x51, 0xC0, 0x17]
flag=b''
for i in enc:
    flag += long_to_bytes((((i^23)<<4)+((i^23)>>4))%256)
print(flag)

例题2

1721634069383-f7b17c35-45d1-43c1-99ec-30e0ce0fb9c4.png

还是放入32位看汇编

看到一串可疑的数据,打印发现不是flag,再仔细观察一下

1721634151878-50af2bfb-4323-461e-ba70-6ea3de5ca99f.png

1721634667266-abfebca1-e202-496c-bcfe-0d27588c9c3f.png

发现他进行了异或,这里将0x10赋给了cl,然后跟al里面的元素异或

1721634583916-a763cdb7-8c81-47db-b299-e307b1c294b3.png

1721634650814-c6ca89f2-71c1-424a-aa22-28ba18d5c321.png

exp

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# include<stdio.h>
# include<string.h>
int
main()
{

    unsigned
char
num[] =
{
    0x4E, 0x6F, 0x74, 0x20, 0x65, 0x71, 0x75, 0x61, 0x6C, 0x21,
    0x24, 0x45, 0x71, 0x75, 0x61, 0x6C, 0x21, 0x24, 0x58, 0x54,
    0x53, 0x44, 0x56, 0x6B, 0x5A, 0x65, 0x63, 0x64, 0x4F, 0x71,
    0x4F, 0x75, 0x23, 0x63, 0x69, 0x4F, 0x71, 0x43, 0x7D, 0x6D,
    0x24
};

for (int i=0;i < 41;i++)
{
    num[i] = num[i] ^ 0x10;
printf("%c", num[i]);
}
return 0;
}

例题3

给了一个txt文件,发现数据和xor,编写脚本

1721792259818-13883526-c3e6-4a2c-9b59-3297dfa17121.png

1
2
3
4
a=[0x5b,0x54,0x52,0x5e,0x56,0x48,0x44,0x56,0x5f,0x50,0x3,0x5e,0x56,0x6c,0x47,0x3,0x6c,0x41,0x56,0x6c,0x44,0x5c,0x41,0x2,0x57,0x12,0x4e]
for i in range(len(a)):
    a[i]^=0x33
    print(chr(a[i]),end='')

1721792289136-d8840be3-4701-4021-a2ab-ee280f0066c0.png

更新: 2024-07-24 11:38:13
原文: https://www.yuque.com/chaye-apqbl/vsc85q/arorgx1mgg0amcn0

http://example.com/2026/01/19/RE/其他/ASM逆向/
Author
chaye
Posted on
January 19, 2026
Licensed under