一道用z3约束器求解的题目
这里赋值 弄过来弄过去 可以化解成如下
s.add((ss3 & ~ss2) & ss1 | ss3 & (((ss2 & ss1) | ss2 & ~ss1 | ~(ss2 | ss1))) == 577031497978884115) s.add(4483974544037412639 ^ ss4 == 4483974543195470111) s.add((ss3 & ~ss1) == 1176889593874) s.add(4483974544037412639 == (ss3 & ~ss1) | (ss2 & ss1) | (ss3 & ~ss2) | (ss1 & ~ss2))
尝试后多解 百度后发现给出了hint 第二位的值为 e!P0or_a 写脚本加条件
b = 'i_will_check_is_debug_or_noi_wil' c = 'e!P0or_a' d = 0 for i in range(8): d = (d << 8) + (ord(c[i]) ^ ord(b[i+8])) s.add(ss2 == d)
最后出来只有一个解 得到答案
import z3 ss1 = z3.BitVec('ss1',64) ss2 = z3.BitVec('ss2',64) ss3 = z3.BitVec('ss3',64) ss4 = z3.BitVec('ss4',64) s = z3.Solver() s.add((ss3 & ~ss2) & ss1 | ss3 & (((ss2 & ss1) | ss2 & ~ss1 | ~(ss2 | ss1))) == 577031497978884115) s.add(4483974544037412639 ^ ss4 == 4483974543195470111) s.add((ss3 & ~ss1) == 1176889593874) s.add(4483974544037412639 == (ss3 & ~ss1) | (ss2 & ss1) | (ss3 & ~ss2) | (ss1 & ~ss2)) b = 'i_will_check_is_debug_or_noi_wil' c = 'e!P0or_a' d = 0 for i in range(8): d = (d << 8) + (ord(c[i]) ^ ord(b[i+8])) s.add(ss2 == d) while s.check() == z3.sat: m = s.model() print hex(m[ss1].as_long()) print hex(m[ss2].as_long()) print hex(m[ss3].as_long()) print hex(m[ss4].as_long()) print '___________________' s.add(z3.Or(ss1 != m[ss1], ss2 != m[ss2], ss3 != m[ss3], ss4 != m[ss4])) k = [0x3e,0x3a,0x46,0x05,0x33,0x28,0x6f,0x0d,0x0d,0x44,0x33,0x5b,0x30,0x1b,0x2c,0x3e,0x08,0x02,0x07,0x17,0x15,0x3e,0x30,0x13,0x32,0x31,0x06,0x00] flag = 'flag{' for i in range(len(k)-1): flag += chr(ord(b[i]) ^ k[i]) flag += '}' print flag # flag{We1l_D0ne!P0or_algebra_am_i}