下载链接如下所示:https://adworld.xctf.org.cn/media/task/attachments/989ca07c3f90426fa05406e4369901ff.apk
使用JEB打开apk,如下所示:
可知获得输入后进行Base64编码,并进行判断是否与特定字符编码是否一致
打开Bse64New,可知其编码位置进行了改变,需要重新设计代码进行编程
python实现代码如下所示:
def Base64Decode(str_list):
list_base = []
a = str_list[0] << 2
c = str_list[1] & 15
b = str_list[1] >> 4
a = a | b
list_base.append(a)
c = c << 4
a = str_list[2] & 3
b = str_list[2] >> 2
c = c | b
list_base.append(c)
a = a << 6
a = a | str_list[3]
list_base.append(a)
return list_base
CodingTable = 'vwxrstuopq34567ABCDEFGHIJyz012PQRSTKLMNOZabcdUVWXYefghijklmn89+/'
Ciphertext = '5rFf7E2K6rqN7Hpiyush7E6S5fJg6rsi5NBf6NGT5rs='
i = 0
flag = 'flag{'
while i <= (len(Ciphertext) - 1):
list1 = []
n = 0
for k in range(4):
if Ciphertext[i + k] == '=':
list1.append(0)
n = n + 1
else:
# 获取编码在编码表中的位置
list1.append(CodingTable.index(Ciphertext[i + k]))
print(list1)
# 将4个字节转换为3个字节
ba = Base64Decode(list1)
print(ba)
for j in range(3 - n):
ch = chr(ba[j])
flag = flag + str(ch)
i = i + 4
flag = flag + '}'
print(flag)获取最终flag:
flag{05397c42f9b6da593a3644162d36eb01}