我已经过了ctf challange,我知道如何解决
但我需要在z3中完全解决它而不使用除z3以外的任何工具,
我试图将user_input用作 public void updateButtonVisibility(LinearLayout layout) {
for (int i = 0; i < layout.getChildCount(); i++) {
View v = layout.getChildAt(i);
if (view instanceof Button) {
//Hide Button
view.Visibility = View.Gone;
}
}
}
的数组,但是z3未能找到解决方案的目标,使最终的v3等于FLAG [i]
最终标志为BitVec
round_r0und ....答案 0 :(得分:1)
这是我的解决方案:D
from z3 import *
flag_en = [0x726F756E, 0xCABEE660, 0xDDC1997D, 0xAA93C38B, 0x87E21216]
def toStr(h):
hex_str = []
while h != 0x0:
hex_str.append(chr(h & 0xFF))
h = h >> 8
hex_str.reverse()
return ''.join(hex_str)
def rotate(txt, key):
def cipher(i, low=range(97, 123), upper=range(65, 91)):
if i in low or i in upper:
s = 65 if i in upper else 97
i = (i - s - key) % 26 + s
return chr(i)
return ''.join([cipher(ord(s)) for s in txt])
Flag = ''
s = Solver()
a = BitVec('a', 32)
s = Solver()
for i in range(0, 5):
s.reset()
s.add(RotateLeft(a, i) == flag_en[i])
s.check()
m = s.model()
x = toStr(m[a].as_long())
Flag += rotate(x, i)
print 'flag{' + Flag + '}'