用JEB反编译出来找到关键函数check2
public void check2(String arg15) {
String v5;
int v4 = 0;
int[] v7 = new int[16];
int v3 = 16;
int v1 = 5;
v7[2] = 3;
v7[7] = 4;
v7[3] = 8;
v7[1] = 10;
v7[10] = 11;
v7[0] = 15;
v7[11] = 20;
v7[6] = 20;
v7[8] = 21;
v7[15] = 24;
v7[12] = 30;
v7[13] = v3;
v7[4] = 3;
v7[14] = v3;
v7[9] = 3;
v7[5] = 89;
if(arg15.length() != 16) {
throw new RuntimeException();
}
try {
v5 = this.getKey();
}
catch(Exception v0) {
v5 = this.getKey();
System.arraycopy(v5, 0, arg15, v1, v1);
}
while(v4 < arg15.length()) {
if((v7[v4] & 255) != ((arg15.charAt(v4) ^ v5.charAt(v4 % v5.length())) & 255)) {
throw new RuntimeException();
}
++v4;
}
}
public String getKey() {
return "goodluck";
}
其实就只有一个异或操作,直接写脚本
#include <iostream>
using namespace std;
int main()
{
int v4 = 0;
int v3 = 16;
int v1 = 5;
int v7[16];
v7[2] = 3;
v7[7] = 4;
v7[3] = 8;
v7[1] = 10;
v7[10] = 11;
v7[0] = 15;
v7[11] = 20;
v7[6] = 20;
v7[8] = 21;
v7[15] = 24;
v7[12] = 30;
v7[13] = 16;
v7[4] = 3;
v7[14] = 16;
v7[9] = 3;
v7[5] = 89;
string v5 = "goodluck";
string flag="";
while(v4<16){
flag+=(char)(v7[v4]^((int)v5[v4%v5.length()]));
v4++;
}
cout<<flag<<endl;
return 0;
}