Problem: [SWPUCTF 2024 秋季新生赛]动态调试
思路
import ida_bytes
import idc
patch_data = [
0xCF, 0xA0, 0xC7, 0x24, 0x93, 0xEC, 0x51, 0xFB, 0x5E, 0xA5, 0xEE, 0xC5, 0xE7, 0xEA, 0xBB, 0x4A, 0xE0, 0x6E, 0x16,
0x63, 0xF0, 0x1A, 0x91, 0x4, 0xC1, 0x7E, 0x3F, 0x2B, 0x4F, 0x53, 0xB0, 0x62, 0xA3, 0xA1, 0xCF, 0xC1, 0x73, 0x85,
0x5F, 0xEC, 0x14, 0xD8, 0xD4, 0xE2
]
def patch_array():
# 目标地址(修改为你的地址)
start_addr = 0x0000000000408040
# 验证地址有效性
if not ida_bytes.is_mapped(start_addr):
print(f"[-] 错误地址 0x{start_addr:X}")
return
# 遍历地址进行patch
for idx, byte in enumerate(patch_data):
current_addr = start_addr + idx
ida_bytes.patch_byte(current_addr, byte)
print(f"[*] 已修改地址 0x{current_addr:X} 为 0x{byte:02X}")
print(f"[+] 已完成 {len(patch_data)} 字节的写入")
ida_bytes.refresh_idaview_anyway()
if __name__ == '__main__':
patch_array()
patch进去然后运行到比对处就自解密了
EXP
- 具体攻击代码
总结
- 对该题的考点总结