8.20

RE

hello

入口 00415890

python deflat.py -f hello.exe –addr 0x415890

找到main函数入口(一般)

1755676713256-e59b4706-ec89-4286-9ea7-143aa5355555.png

出现warning没关系

1755676836207-b97fbb28-dfed-4a50-9d8b-8d8eb8771082.png

1755677050012-86479614-0d27-42b0-a3e2-50c318c67777.png

4574a0还得去平坦化

1755677584552-d6d00264-a8e7-4b4c-848d-886c8a8a77c7.png

crackme

1755672725903-840f44f8-2492-4a7b-9229-8449f49a4c9d.png1755672730075-91599abf-d83d-41f7-99e8-3a2307eacc77.png

nsp脱壳

1755674071875-1db62aba-2db8-4f20-acf4-80295bed9014.png

1755674730136-5504cfdd-aa41-429c-b347-caf4b2311e91.png

1755674711063-f69827df-d059-4c17-a5e9-b9b1831bbf1b.png

1
2
3
4
5
a = [0x12, 0x4, 0x8, 0x14, 0x24, 0x5C, 0x4A, 0x3D, 0x56, 0xA, 0x10, 0x67, 0x0, 0x41, 0x0, 0x1, 0x46, 0x5A, 0x44, 0x42, 0x6E, 0xC, 0x44, 0x72, 0xC, 0xD, 0x40, 0x3E, 0x4B, 0x5F, 0x2, 0x1, 0x4C, 0x5E, 0x5B, 0x17, 0x6E, 0xC, 0x16, 0x68, 0x5B, 0x12]
b = 'this_is_not_flag'   #还有前面的

for i in range(42):  # 只需要前42个字符
    print(chr(ord(b[i % 16]) ^ a[i]), end='')

更新: 2025-08-20 16:13:15
原文: https://www.yuque.com/chaye-apqbl/vsc85q/enefsc3udfizhr87

http://example.com/2026/01/19/WP/2025/代练/8.20/
Author
chaye
Posted on
January 19, 2026
Licensed under