强网杯2023个人解题报告

Babyre

Tls回调式反调机制，找到检测函数，并更改跳转条件绕过。得基础TEA解密：

#include <cstdio>
using namespace std;
const unsigned int key[4]={0x62,0x6F,0x6D,0x62},delta=0x77BF7F99;
unsigned int enc[8]={0x9523F2E0, 0x8ED8C293, 0x8668C393, 0xDDF250BC, 0x510E4499, 0x8C60BD44, 0x34DCABF2, 0xC10FD260};
void TEA_decrypt(unsigned int enc1,unsigned int enc2){
    unsigned int v0=enc1,v1=enc2,sum=0x90508D47-0x77BF7F99*33*4;
    for(int i=0;i<33*4;i++){
        sum+=delta,
        v1-=(((v0<<5)^(v0>>4))+v0)^(sum+key[(sum>>11)&3]),
        v0-=(((v1<<5)^(v1>>4))+v1)^(sum+key[sum&3])^sum;
    };
    printf("%8x%8x",v0,v1);
    return;
};
int main(void){
    for(int i=0;i<8;i+=2)
        TEA_decrypt(enc[i],enc[i+1]);
    return 0;
};