攻防世界 elrond32

拖进IDA看伪代码，找到main函数

进到这个函数看一下

大概意思就是顺序遍历传进去的a1数组并更新a2的值直到a2=2或8为止，要使result返回1，所以能倒推出a1数组
然后看这里

就是普通的异或，把刚求出来的数组和unk_8048760位置的数组异或一下即可

#include<iostream>
#include<cstdio>
#include<cstring>
using namespace std;
int a[15]={105,115,101,110,103,97,114,100};
int b[35]={0x0F,0x1F,0x04,0x09,0x1C,0x12,0x42,0x09,0x0C,0x44,0x0D,0x07,0x09,0x06,0x2D,0x37,0x59,0x1E,0x00,0x59,0x0F,0x08,0x1C,0x23,0x36,0x07,0x55,0x02,0x0C,0x08,0x41,0x0A,0x14};
int main()
{
    for(int i=0;i<=32;i++)
        printf("%c",b[i]^a[i%8]);
    putchar(10);
    return 0;
}

踩了个坑，查看unk_8048760值删除多余0的时候把一个值为0的数值也删了……要一组一组的删