BUUCTF--[ACTF新生赛2020]Oruga

测试文件：https://lanzous.com/iPyvcddmqsh

 

 

代码分析

前22行代码实际就是告诉我们输入的前5个字符为"actf{"

主要分析sub_78A函数

byte_201020为：

00 00 00 00 23 00 00 00 00 00 00 00 23 23 23 23
00 00 00 23 23 00 00 00 4F 4F 00 00 00 00 00 00
00 00 00 00 00 00 00 00 4F 4F 00 50 50 00 00 00
00 00 00 4C 00 4F 4F 00 4F 4F 00 50 50 00 00 00
00 00 00 4C 00 4F 4F 00 4F 4F 00 50 00 00 00 00
00 00 4C 4C 00 4F 4F 00 00 00 00 50 00 00 00 00
00 00 00 00 00 4F 4F 00 00 00 00 50 00 00 00 00
23 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 23 00 00 00
00 00 00 00 00 00 4D 4D 4D 00 00 00 23 00 00 00
00 00 00 00 00 00 00 4D 4D 4D 00 00 00 00 45 45
00 00 00 30 00 4D 00 4D 00 4D 00 00 00 00 45 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 45 45
54 54 54 49 00 4D 00 4D 00 4D 00 00 00 00 45 00
00 54 00 49 00 4D 00 4D 00 4D 00 00 00 00 45 00
00 54 00 49 00 4D 00 4D 00 4D 21 00 00 00 45 45

 

这实际也是个迷宫题

外层while循环，就是到0x21时停止，v2为当前位置，v3从输入的第六个字符开始遍历数组，v4实际是对v2位置的移动。

W 向上移动

E 向右移动

M 向下移动

J 向左移动

第二处，用了个循环，if条件判断的是位置是否到达边界，越界退出。

 

整个迷宫就是用WEMJ控制移动，0可以移动（一直移动），到达非0位置停止，返回上一位置。左上角为起点，0x21为终点。手动解迷宫

MEWEMEWJMEWJM

 

get flag！

flag{MEWEMEWJMEWJM}