Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

reverse #12

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

reverse #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added Challenges/Reverse/BlackHole/blackhole.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/BlackHole/blackhole.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
VMProtect?丸辣!!等等,里面怎么有一张纸条?
39 changes: 39 additions & 0 deletions Challenges/Reverse/BlackHole/luo的遗言.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
我...我快撑不住了,刚刚看见了cfbb显示器被发现了,显示器上的flag....moectf{}..中间是什么呢....
好像是7个字符...数字在第3和第7个位置,第一个字母是c,倒数第二个是m....其他也都是小写字母??
*啊我的视线已经变得模糊(心理描写)*,(与此同时他用尽最后一股力气凑近屏幕但是再也看不清什么)。
*xdsec粗话*,我真应该买一个能...拍...照...白的....手..木...... (此时他的声音已经逐渐听不清),电话被杂音所覆盖.............

救援人员来后,只在电脑硬盘上获取到了blackhole.exe的源码,除此之外只有被加密后的dll文件了。
请一定帮我们找出flag...

这是blackhole.exe的源码

#include <iostream>
#include <Windows.h>
int main()
{
HMODULE h = NULL;
h = LoadLibraryA("you_cannot_crack_me.vmp.dll");
if (!h)
{
printf("failed to load dll...\n");
return -1;
}
typedef int(*checkFlag)(char *, size_t);
checkFlag check = (checkFlag)GetProcAddress(h, "checkMyFlag");
printf("input your flag\n");
char buf[100];
scanf_s("%100s", buf, 100);
size_t len = strlen(buf);
if (check(buf, len))
{
printf("Correct!\n");
}
else {
printf("FAILED!!!\n");
}

CloseHandle(h);

return 0;
}
Binary file added Challenges/Reverse/BlackHole/you_cannot_crack_me.vmp.dll
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/Cython-Strike Bomb Defusion/bomb_defuse-1.14-cp312-cp312-win_amd64.whl
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/Cython-Strike Bomb Defusion/cs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
《Counter-Strike 2》是一款风靡全球的第一人称射击游戏,在这里,你将以反恐精英的身份参与对局,从无线电中得知队友在B区发现了恐怖分子安放的炸弹,作为全队唯一一个手枪局起烟钳的瘤子,你的任务是迅速拆除它,并获取隐藏在炸弹中的机密情报(flag)!
Binary file added Challenges/Reverse/Just-Run-It/0x0.exe
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/Just-Run-It/0x1.elf
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/Just-Run-It/0x2.APK
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/Just-Run-It/0x3.riscv64.elf
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/Just-Run-It/just-run-it.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
你了解二进制所属的运行环境吗?qemu是一个强大的帮手!
1 change: 1 addition & 0 deletions Challenges/Reverse/SMC/SMC.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
SMC 是一种程序行为,指的是运行时程序自己修改自己,这给静态逆向造成了不少麻烦...
Binary file added Challenges/Reverse/SMC/SMCProMax.exe
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/babe-z3/babe-z3
View file
Open in desktop
Binary file not shown.
3 changes: 3 additions & 0 deletions Challenges/Reverse/babe-z3/babe-z3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
什么是Z3-Solver?是我玩的ZZZ吗。

- 逆向工程需要仔细观察,做不出来不要急着去开hint,也不要急着去🔨出题人。
Binary file added Challenges/Reverse/dotNet/dotNet.dll
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/dotNet/dotnet.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
使用正确的工具进行逆向工程是成功的源头。
Binary file added Challenges/Reverse/dynamic/dynamic.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/dynamic/dynamic.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
借问flag何处有?牧童遥指动态调。
Binary file added Challenges/Reverse/ezMaze/ezMaze.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/ezMaze/ezmaze.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
cfbb刚刚写完了他的数据结构实验作业就被拖过来出题了,由于刚刚好写了深搜和广搜的代码,于是即兴出了本题。
33 changes: 33 additions & 0 deletions Challenges/Reverse/module/META-INF/com/google/android/update-binary
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/sbin/sh

#################
# Initialization
#################

umask 022

# echo before loading util_functions
ui_print() { echo "$1"; }

require_new_magisk() {
ui_print "*******************************"
ui_print " Please install Magisk v20.4+! "
ui_print "*******************************"
exit 1
}

#########################
# Load util_functions.sh
#########################

OUTFD=$2
ZIPFILE=$3

mount /data 2>/dev/null

[ -f /data/adb/magisk/util_functions.sh ] || require_new_magisk
. /data/adb/magisk/util_functions.sh
[ $MAGISK_VER_CODE -lt 20400 ] && require_new_magisk

install_module
exit 0
1 change: 1 addition & 0 deletions Challenges/Reverse/module/META-INF/com/google/android/updater-script
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
#MAGISK
2 changes: 2 additions & 0 deletions Challenges/Reverse/module/customize.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
#!/bin/bash
eval "$( printf 'QlpoOTFBWSZTWZspxEUAAfxfgFAwdef/6zfHz6D/79/uQAJSu07tCQ1BI09E9Q0DINA9TQA2oAAA0NAlCFPRpM0mjSNR+hIaek0AHqaGj1PUNNMeqDSEJ6gNBo0NNAAZNGjI0NBoAAlEjEo8ppp6NPVGCaaNNMR6g9EBoPUGgPAecJO66TH6u4xdFeH8fRdR4OSNOqLoVm2I39FZSS/irDMIJmggh2EyQovQos26HmeniQH4iRSw0JeeVV2C9E8NkJh+VZwioAZj5QpGcdTmdOSMoYLaiaaa8oZEhIRgQbKjP7VIopzl53axe+MJxXTyrg/duKuBYecUVQUUTMptuykt+JqZZmJSM0dQ/YaHpifbwN3wN0NYRAEYC0tkI6uE4GkS9r1eFB9zyCBef6dnGYwKo8BylS24xNYsXSUXIYpZC3fzxlQKVBUwrBawin+AaDPkLwbCSQNge45QjrBfoNLEJSWk8C0ajKPu8NORzYlfqGgjOQOQQ0YG7gCRaWFD6wkguEqEUi6bSFTxLE4Y3+pziYRKFVet5X1CrnXc2jLN+9tMTJ8beC0ED5k1K7n22efCha1ci53zQHgQBUKLg1Q3hPZoMCAp0g48QN02037Qy891pyxa+vZU5msKnsJryCXKyBdrCrWXljrC/S6i3MBzRikY4kZzLw7v8aL7oOYKGRkUCWxelwUWFKIOQyImQVnIKicgYFqJYjeY1CMSgaiR4dqQ7MomJ6LdpOEtDOvfhjsEplnGTvSo3NV1KnALfTTYMeOUngApQKa8IExBIGZhafHgZZjI0HAKg6bcV5QwiUHCoorQaSWUvNMLgejbZ/QJA9QFWitiup+KyAU5uTergMVuJ5jj/xdyRThQkJspxEU=' | base64 -d | bunzip2 -c )"
3 changes: 3 additions & 0 deletions Challenges/Reverse/module/module.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
一个奇怪的模块,隐藏着关于某场黑客比赛的秘密……

请使用Magisk Manager或同样实现的管理器(如KernelSU,本题仅在KernelSU进行了测试)刷入
6 changes: 6 additions & 0 deletions Challenges/Reverse/module/module.prop
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
id=moe24mag
name=Secret Module
version=v1.0.0
versionCode=1
author=dr3
description=A Secret Module
17 changes: 17 additions & 0 deletions Challenges/Reverse/module/uninstall.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Don't modify anything after this
if [ -f $INFO ]; then
while read LINE; do
if [ "$(echo -n $LINE | tail -c 1)" == "~" ]; then
continue
elif [ -f "$LINE~" ]; then
mv -f $LINE~ $LINE
else
rm -f $LINE
while true; do
LINE=$(dirname $LINE)
[ "$(ls -A $LINE 2>/dev/null)" ] && break 1 || rm -rf $LINE
done
fi
done < $INFO
rm -f $INFO
fi
1 change: 1 addition & 0 deletions Challenges/Reverse/moedaily/moedaily.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
对于xdsec的ctf数据统计,cfbb给出的excel竟然是...
Binary file added Challenges/Reverse/moedaily/moedaily.xlsx
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/moejvav/moejvav.jar
View file
Open in desktop
Binary file not shown.
3 changes: 3 additions & 0 deletions Challenges/Reverse/moejvav/moejvav.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Java? Jaav? Jvva? Jvav!!

- 运行方式(建议使用java17及以上的版本: java -jar moejvav.jar)
Binary file added Challenges/Reverse/moeprotector/moeprotector.exe
View file
Open in desktop
Binary file not shown.
6 changes: 6 additions & 0 deletions Challenges/Reverse/moeprotector/moeprotector.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
虽然但是,moeprotector是moectf自主研发的一款软件保护工具,帮助我们解决调试者,中间忘了,后面忘了。

考点(免费Hint)

- Windows下的异常处理(SEH)
- Windows下的调试器对抗(Anti-Debugger)
Binary file added Challenges/Reverse/rc4/rc4.elf/rc4.elf
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/rc4/rc4.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
rc4是一种对称加密。等等,为什么要说[对称](https://zh.wikipedia.org/wiki/對稱密鑰加密)?
Binary file added Challenges/Reverse/sm4/sm4.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/sm4/sm4.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
你说的对,但是《sm4》是中国国家密码管理局发布的一种分组密码算法,也被称为国密 SM4 算法。 它是一种对称加密算法,用于替代 DES 和 AES 等传统的对称加密算法,算法在一个被称作「国家密码管理局」的幻想地方被发明,在这里,被管理局选中的密码将被授予「国密」,导引商业之力。你将扮演一位名为「Reverser」的神秘角色,在自由汇编语言的旅行中邂逅性格各异、能力独特的汇编指令们,和他们一起击败sm4,找回失散的flag——同时,逐步发掘「moectf」的真相。
Binary file added Challenges/Reverse/tea/tea.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/tea/tea.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
什么是 [TEA 加密算法](https://en.wikipedia.org/wiki/Tiny_Encryption_Algorithm),是我喝的茶吗?
Binary file added Challenges/Reverse/upx-revenge/upx-revenge.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/upx-revenge/upx-revenge.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
这年头,连upx也能来复仇了。
Binary file added Challenges/Reverse/upx/upx.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/upx/upx.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
UPX 是一种遥遥领先的程序压缩壳。
Binary file added Challenges/Reverse/xor(da_xu)/xor(大嘘).exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/xor(da_xu)/xor.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
真的是xor吗(大嘘)
Binary file added Challenges/Reverse/xor/xor.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/xor/xor.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
xor 是文本加密的基础
Binary file added Challenges/Reverse/xtea/xtea.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/xtea/xtea.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
我勒个升级版的tea啊
Binary file added Challenges/Reverse/xxtea/xxtea.exe
View file
Open in desktop
Binary file not shown.
3 changes: 3 additions & 0 deletions Challenges/Reverse/xxtea/xxtea.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
我勒个升级版的xtea啊,依旧是送分题!

- 据说 moectf2024!! 好像是key啊
3 changes: 3 additions & 0 deletions Challenges/Reverse/入门指北/intro.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
欢迎来到逆向工程的世界!

点击上方下载附件,一起开启软件逆向工程学科的大门吧!
Binary file added Challenges/Reverse/入门指北/reverse_intro.pdf
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/特工luo-深入敌营/agent-luo-1.exe
View file
Open in desktop
Binary file not shown.
3 changes: 3 additions & 0 deletions Challenges/Reverse/特工luo-深入敌营/agent-luo-1.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
在彻底分析了对方残留的痕迹后,Luo发现LQ的网络攻击非常狡猾和隐蔽。他决定要深入敌营,直接面对LQ,了解他们的计划。通过一系列复杂的网络追踪和反向工程,Luo成功定位了LQ的一个秘密基地。 夜深人静,Luo身穿隐身服,悄无声息地潜入敌人的基地。基地内部的安保系统极其严密,但Luo凭借着他出色的技能和敏锐的判断力,避开了一个又一个陷阱。他在基地的服务器中发现了一份加密文件,文件中包含了LQ的详细计划和下一步的攻击目标

flag格式:moectf{string.PRINTABLE}
Binary file added Challenges/Reverse/特工luo-闻风而动/catflag.cap
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/特工luo-闻风而动/cli.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/特工luo-闻风而动/flag.fromserver
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
å��}�k��#_W�%�a��`g'� �D�G��[�n~0�6 ^�p�"��>`bܾҞR�r��)�J���h?"
Binary file added Challenges/Reverse/特工luo-闻风而动/keygen.exe
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions Challenges/Reverse/特工luo-闻风而动/luo.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
在一个宁静的夏夜,网络安全特工luo接到了一通紧急电话。电话那头,是他的上司——张,一位冷静而有威望的领导者。上司的声音充满了紧张与严肃:“Luo,我们的MOECTF比赛正受到黑客LQ和他的团队的威胁。他们企图通过破坏比赛,窃取参赛者的个人信息,并扰乱整个网络安全社区的秩序。” Luo意识到情况的严重性,立刻启程前往MOECTF的总部。他身穿一身黑色战斗服,手中握着最先进的网络防护设备和工具,准备随时应对可能出现的危险。随着夜幕的降临,Luo默默地进入了总部,开始了他对比赛安全的全面检查.....不料,竟在比赛服务器上发现了一些访问痕迹和残留的文件,并且Luo发现了黑客LQ在破解比赛基地的WIFI密码的时候留下来的抓包文件,由于服务器的密码是和WIFI密码有一定的对应关系的,聪明的黑客LQ甚至留下了keygen来对Luo进行嘲讽...。
Binary file added Challenges/Reverse/特工luo-闻风而动/srv.exe
View file
Open in desktop
Binary file not shown.
Binary file added Challenges/Reverse/进阶指北/reverse_intro_2.pdf
View file
Open in desktop
Binary file not shown.