查看题目信息

下载re3.pyc文件

使用uncompyle把re3.pyc反编译为re3.py

uncompyle6 re3.pyc > re3.py

查看re3.py文件

# uncompyle6 version 3.6.4

Python bytecode 2.7 (62211)

Decompiled from: Python 2.7.15 (v2.7.15:ca079a3ea3, Apr 30 2018, 16:30:26) [MSC v.1500 64 bit (AMD64)]

Embedded file name: re3.py

Compiled at: 2020-03-06 17:43:28

import string
c_charset = string.ascii_uppercase + string.ascii_lowercase + string.digits + '()'
flag = 'BozjB3vlZ3ThBn9bZ2jhOH93ZaH9'　　　　#这个是最后输出的密文

def encode(origin_bytes):　　　　#这个函数是base64加密
c_bytes = [ ('{:0>8}').format(str(bin(b)).replace('0b', '')) for b in origin_bytes ]
resp = ''
nums = len(c_bytes) // 3
remain = len(c_bytes) % 3
integral_part = c_bytes[0:3 * nums]
while integral_part:
tmp_unit = ('').join(integral_part[0:3])
tmp_unit = [ int(tmp_unit[x:x + 6], 2) for x in [0, 6, 12, 18] ]
resp += ('').join([ c_charset[i] for i in tmp_unit ])
integral_part = integral_part[3:]

if remain:  
    remain\_part = ('').join(c\_bytes\[3 \* nums:\]) + (3 - remain) \* '0' \* 8  
    tmp\_unit = \[ int(remain\_part\[x:x + 6\], 2) for x in \[0, 6, 12, 18\] \]\[:remain + 1\]  
    resp += ('').join(\[ c\_charset\[i\] for i in tmp\_unit \]) + (3 - remain) \* '.'  
return rend(resp)　　　　#这个代码说明先进行base64加密，然后进行凯撒加密

def rend(s):

def encodeCh(ch):　　　　#这个函数是凯撒加密  
    f = lambda x: chr((ord(ch) - x + 2) % 26 + x)  
    if ch.islower():  
        return f(97)  
    if ch.isupper():  
        return f(65)  
    return ch

return ('').join(encodeCh(c) for c in s)  

okay decompiling re3.pyc

文件分析在如上

首先使用凯撒密码进行解密

把解密后的密文写入base.txt文件中

使用脚本进行解密

成功拿到flag

附上解密脚本

#! /usr/bin/env python

_*_ coding:utf-8 _*_

import base64

filename = "base64.txt"
f = open(filename,'r')
while True:
text_base =f.readline()
if not text_base:
break
else:
text_str = str(base64.b64decode(text_base))
if "flag" in text_str:
text_str =text_str.replace("'","").replace("b","")
print(text_str)