攻防世界 Reverse Mysterious

攻防世界 Reverse Mysterious"/>

攻防世界 Reverse Mysterious

Mysterious
打开要输入password，随机输入123没有反应

拖进ida查看字符串

双击查看well done，交叉引用再反汇编，关键代码是几个if语句

if ( a2 == 16 ){DestroyWindow(hWnd);PostQuitMessage(0);}else if ( a2 == 273 ){if ( a3 == 1000 ){GetDlgItemTextA(hWnd, 1002, String, 260);//获取字符串strlen(String);if ( strlen(String) > 6 )//字符串长度要小于等于6ExitProcess(0);v4 = atoi(String);//字符串转整形Value = v4 + 1;//转成整形后再+1，也就是得到flag中会有123if ( v4 == 122 && String[3] == 120 && String[5] == 122 && String[4] == 121 ) //120,122,121转ASCII码分别为'x','y','z'{strcpy(Text, "flag");memset(v8, 0, sizeof(v8));v9 = 0;v10 = 0;_itoa(Value, Source, 10);strcat(Text, "{");strcat(Text, Source);strcat(Text, "_");strcat(Text, "Buff3r_0v3rf|0w");strcat(Text, "}");MessageBoxA(0, Text, "well done", 0);}SetTimer(hWnd, 1u, 0x3E8u, TimerFunc);}if ( a3 == 1001 )KillTimer(hWnd, 1u);}return 0;
}

分析后得到在程序中输入122xyz可以得到flag