UOJ Logo zhangz的博客

博客

集训队R4 消失的源代码 神奇的解法

2016-05-07 21:38:10 By zhangz

既然是交答案题,出题人还很良心地给了标准程序,只是不能用。。。

那就让它能用啦~(≧▽≦)/~

//也算另类骗分吧...

利用linux 里的xxd vim 和objdump,还有一点点汇编常识,你发现,你破解了lost

送一个破解后objdump反汇编出的diff

不过为什么破解以后的lost只能拿98分?莫非出题人写炸了?

另外,蒟蒻一只,膜各位神犇

$ diff lost2.S lost2_b.S 
2c2
< lost2:     文件格式 elf32-i386
---
> lost2_b:     文件格式 elf32-i386
290,303c290,292
<  8048b70:    90                       nop
<  8048b71:    90                       nop
<  8048b72:    90                       nop
<  8048b73:    90                       nop
<  8048b74:    90                       nop
<  8048b75:    90                       nop
<  8048b76:    90                       nop
<  8048b77:    90                       nop
<  8048b78:    90                       nop
<  8048b79:    90                       nop
<  8048b7a:    90                       nop
<  8048b7b:    90                       nop
<  8048b7c:    90                       nop
<  8048b7d:    90                       nop
---
>  8048b70:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  8048b77:    e8 44 fe ff ff           call   80489c0 <puts@plt>
>  8048b7c:    eb 49                    jmp    8048bc7 <_ZN1B2DoEv+0x97>
344,360c333,335
<  8048bfd:    90                       nop
<  8048bfe:    90                       nop
<  8048bff:    90                       nop
<  8048c00:    90                       nop
<  8048c01:    90                       nop
<  8048c02:    90                       nop
<  8048c03:    90                       nop
<  8048c04:    90                       nop
<  8048c05:    90                       nop
<  8048c06:    90                       nop
<  8048c07:    90                       nop
<  8048c08:    90                       nop
<  8048c09:    90                       nop
<  8048c0a:    90                       nop
<  8048c0b:    90                       nop
<  8048c0c:    90                       nop
<  8048c0d:    90                       nop
---
>  8048bfd:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  8048c04:    e8 b7 fd ff ff           call   80489c0 <puts@plt>
>  8048c09:    e9 86 01 00 00           jmp    8048d94 <_ZN1C2DoEv+0x1cb>
499,512c474,476
<  8048dcf:    90                       nop
<  8048dd0:    90                       nop
<  8048dd1:    90                       nop
<  8048dd2:    90                       nop
<  8048dd3:    90                       nop
<  8048dd4:    90                       nop
<  8048dd5:    90                       nop
<  8048dd6:    90                       nop
<  8048dd7:    90                       nop
<  8048dd8:    90                       nop
<  8048dd9:    90                       nop
<  8048dda:    90                       nop
<  8048ddb:    90                       nop
<  8048ddc:    90                       nop
---
>  8048dcf:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  8048dd6:    e8 e5 fb ff ff           call   80489c0 <puts@plt>
>  8048ddb:    eb 7e                    jmp    8048e5b <_ZN1D2DoEv+0xc1>
639,655c603,605
<  8048f88:    90                       nop
<  8048f89:    90                       nop
<  8048f8a:    90                       nop
<  8048f8b:    90                       nop
<  8048f8c:    90                       nop
<  8048f8d:    90                       nop
<  8048f8e:    90                       nop
<  8048f8f:    90                       nop
<  8048f90:    90                       nop
<  8048f91:    90                       nop
<  8048f92:    90                       nop
<  8048f93:    90                       nop
<  8048f94:    90                       nop
<  8048f95:    90                       nop
<  8048f96:    90                       nop
<  8048f97:    90                       nop
<  8048f98:    90                       nop
---
>  8048f88:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  8048f8f:    e8 2c fa ff ff           call   80489c0 <puts@plt>
>  8048f94:    e9 e9 00 00 00           jmp    8049082 <_ZN1E2DoEv+0x1e6>
1123,1136c1073,1075
<  8049693:    90                       nop
<  8049694:    90                       nop
<  8049695:    90                       nop
<  8049696:    90                       nop
<  8049697:    90                       nop
<  8049698:    90                       nop
<  8049699:    90                       nop
<  804969a:    90                       nop
<  804969b:    90                       nop
<  804969c:    90                       nop
<  804969d:    90                       nop
<  804969e:    90                       nop
<  804969f:    90                       nop
<  80496a0:    90                       nop
---
>  8049693:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  804969a:    e8 21 f3 ff ff           call   80489c0 <puts@plt>
>  804969f:    eb 34                    jmp    80496d5 <_ZN1F4DoItEv+0xbf>
1622,1635c1561,1563
<  8049d7f:    90                       nop
<  8049d80:    90                       nop
<  8049d81:    90                       nop
<  8049d82:    90                       nop
<  8049d83:    90                       nop
<  8049d84:    90                       nop
<  8049d85:    90                       nop
<  8049d86:    90                       nop
<  8049d87:    90                       nop
<  8049d88:    90                       nop
<  8049d89:    90                       nop
<  8049d8a:    90                       nop
<  8049d8b:    90                       nop
<  8049d8c:    90                       nop
---
>  8049d7f:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  8049d86:    e8 35 ec ff ff           call   80489c0 <puts@plt>
>  8049d8b:    eb 2d                    jmp    8049dba <_ZN1G4DoItEv+0xae>
1679,1695c1607,1609
<  8049e0a:    90                       nop
<  8049e0b:    90                       nop
<  8049e0c:    90                       nop
<  8049e0d:    90                       nop
<  8049e0e:    90                       nop
<  8049e0f:    90                       nop
<  8049e10:    90                       nop
<  8049e11:    90                       nop
<  8049e12:    90                       nop
<  8049e13:    90                       nop
<  8049e14:    90                       nop
<  8049e15:    90                       nop
<  8049e16:    90                       nop
<  8049e17:    90                       nop
<  8049e18:    90                       nop
<  8049e19:    90                       nop
<  8049e1a:    90                       nop
---
>  8049e0a:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  8049e11:    e8 aa eb ff ff           call   80489c0 <puts@plt>
>  8049e16:    e9 68 01 00 00           jmp    8049f83 <_ZN1H2DoEv+0x1b5>
1856,1872c1770,1772
<  804a029:    90                       nop
<  804a02a:    90                       nop
<  804a02b:    90                       nop
<  804a02c:    90                       nop
<  804a02d:    90                       nop
<  804a02e:    90                       nop
<  804a02f:    90                       nop
<  804a030:    90                       nop
<  804a031:    90                       nop
<  804a032:    90                       nop
<  804a033:    90                       nop
<  804a034:    90                       nop
<  804a035:    90                       nop
<  804a036:    90                       nop
<  804a037:    90                       nop
<  804a038:    90                       nop
<  804a039:    90                       nop
---
>  804a029:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  804a030:    e8 8b e9 ff ff           call   80489c0 <puts@plt>
>  804a035:    e9 57 05 00 00           jmp    804a591 <_ZN1I2DoEv+0x5ea>
2635,2651c2535,2537
<  804aac3:    90                       nop
<  804aac4:    90                       nop
<  804aac5:    90                       nop
<  804aac6:    90                       nop
<  804aac7:    90                       nop
<  804aac8:    90                       nop
<  804aac9:    90                       nop
<  804aaca:    90                       nop
<  804aacb:    90                       nop
<  804aacc:    90                       nop
<  804aacd:    90                       nop
<  804aace:    90                       nop
<  804aacf:    90                       nop
<  804aad0:    90                       nop
<  804aad1:    90                       nop
<  804aad2:    90                       nop
<  804aad3:    90                       nop
---
>  804aac3:    c7 04 24 ec c3 04 08     mov    DWORD PTR [esp],0x804c3ec
>  804aaca:    e8 f1 de ff ff           call   80489c0 <puts@plt>
>  804aacf:    e9 a5 00 00 00           jmp    804ab79 <_ZN1J2DoEv+0x138>

评论

WrongAnswer
没错,lost跑第8个点的多组数据会出bug。
sentews
汇编语言有两种写法,一种是恶心写法,一种是不恶心写法,上面的事不恶心写法

发表评论

可以用@mike来提到mike这个用户,mike会被高亮显示。如果你真的想打“@”这个字符,请用“@@”。

Server time: 2024-05-16 09:42:35