ciscn2024 dump

测试程序可以发现前五位为'flag{'和对应的flag是一样的，所以可以直接爆破

点击查看代码

import subprocess
from string import printable

encodings = ["23" ,"29 ","1e" ,"24" ,"38", "0e", "15", "20" ,"37", "0e", "05", "20", "00" ,"0e" ,"37" ,"12","1d", "0f", "24" ,"01", "01", "39"]  #大写字母不行，要用小写
current_index = 5
flag='flag{'
for i in range(17): #还需验证17个字符
    for char in printable:
        result = subprocess.run(["E:/ciscn/666/bin/re.exe",flag+char],capture_output=True,text=True)
        output = result.stdout
        print(output)
        output_pairs = [output[j:j+2] for j in range(0, len(output), 2)]
        print(output_pairs)
        if output_pairs[current_index] == encodings[current_index]:
            flag +=char
            current_index+=1
            break
print(flag)

小细节：010查看的字母是大写的，但是大写爆不出来，要换成小写 修改第13位为4