CTF "One question per day 20160630" PYTHON byte code

Source: http://ctf.idf.cn/index.php?g=game&m=article&a=index&id=45
Python bytecode
Please look here: Http://pan.baidu.com/s/1jGpB8DS
After downloading is a file named Crackme.pyc

Python reverse infrastructure: Using Python to decompile python software: http://bbs.pediy.com/archive/index.php?t-111428.html tools uncompyle2:https:// Github.com/wibiti/uncompyle2

The analysis of the subject:
1. In the words of the DIS module in python, you can compile a reverse-compiler program, but I'm not going to do it now. After downloading the uncompyle2, you can run the following command to perform the installation after the terminal enters the Uncompyle2 directory and finds setup.py:

Python setup.py Install

If you want to decompile the *.PYC program, you can run the following command:

Python C:\Python27\Scripts\uncompyle2 crackme.pyc  > crackme.py

Other usage

Examples:
  uncompyle2      foo.pyc bar.pyc       # decompile Foo.pyc, bar.pyc to stdout Uncompyle2-o
  . Foo.pyc BAR.PYC       # decompile to./foo.pyc_dis and./bar.pyc_dis
  uncompyle2-o/tmp/usr/lib/python1.5 # decompile Whole Lib Rary

Then open the generated crackme.py in the same directory
I decompile the contents as follows:

# 2016.06.30 18:21:49 China Standard Time
#Embedded file name:d:/idf.py
def encrypt (key, Seed, string):
    rst = [] for
    V In string:
        Rst.append ((Ord (v) + Seed ^ ord (key[seed))% 255)
        seed = (seed + 1)% Len (key) return

    rst
if __name__ = = ' __main__ ':
    print ' Welcome to IDF ' s Python crackme '
    flag = input (' Enter the flag: ')
    KEY1 = ' Mayb E are good at Decryptint Byte Code, have a try! '
    KEY2 = [124,
     m,
     6, 164, Panax, Notoginseng, X,
     1,
     122,
     3,
     232,
     1,
     1,,,,
    en_out = Encrypt (KEY1, 5, flag)
    if KEY2 = = en_out:
        print ' You Win '
    else:
        print ' Try Again! '
+++ Okay decompyling crackme.pyc 
# decompiled 1 files:1 Okay, 0 failed, 0 verify failed
# 2016.06.30 18:21:50 National Standard Time

2. From the procedure, the integer in the KEY2 seems to be like an ASCII value, but the number and the English characters are few, the direct conversion is not very meaningful. The key is to analyze Encrypt (KEY1, 5, flag).

3. Analysis of the Encrypt function: The user enters a string (the ASCII value must be less than 128), and then takes out each character for its ASCII value, plus seed, and then uses it with the ASCII of one character in the KEY1 or (operator ^, note + + ^ precedence), And then to 255 for the remainder.
4. Write the decryption procedure. Obviously the correct password string is encrypted after the result is KEY2, then the reverse analysis code can be. The procedure is as follows:

#python script
KEY2 = [124,
     m,
     48, 164, Panax, Notoginseng,
     6,
     1,
     122,
     3,
     1,
     1, MB,
     232]
KEY1 = ' Maybe you are good at Decryptint Byte Code, have a try! '

def encrypt (key, Seed, string):
    rst = [] for
    v in string:
        rst.append (Ord (v) + Seed ^ ord (key[seed))% 255
        seed = (seed + 1)% Len (key) return

    rst

def decrypt (key,seed,en_out):
    string = ' for I in
    En_ Out:               
        v = (i ^ ord (key[seed]))-seed                   
        seed = (seed + 1)% len (key)
        if v > 0:
            string + chr (v)    
    re Turn string   

if __name__ = = ' __main__ ':
    print decrypt (key1,5,key2)

Answer: Wctf{ilovepythonsomuch}