网安周报 WEEK1 第一次校赛re复现

1. welcome.exe

程序拖入die中查看架构发现是64位 无壳程序

程序拖入64位IDA中直接发现假flag

再次查看decrypt_flag(); 查看反编译代码发现正确flag

QLNUCTF{We1come_to_Re_184}

1. 2.exe

查看程序架构，发现是64位无壳程序

把程序拖入64位IDA中，主函数下图可见

得到 base64_cipher = “UUxOVUNURntFYXN5eXl5eXlfUkM0XzByX0Jhc2U2NF9EZWNvZGVkfQ==”;

可以得知base64加密后呈现的，找的在线解密工具即可得出flag

1. maze.exe

打开程序发现是一个走迷宫游戏

1.通关游戏

#代表起点 @代表终点

得到flag为QLNUCTF{dssddssdssdddwwdddsdsdsd}

2.进入IDA64

查看反编译代码，写出走迷宫的py脚本

from collections import deque
maze_rows = [
    "1111111111111111",  # row 0
    "1#01000100000011",  # row 1
    "1101110101101011",  # row 2
    "1100010001001011",  # row 3
    "1111011101100011",  # row 4
    "1100000100001111",  # row 5
    "1111101101100111",  # row 6
    "1100000000010011",  # row 7
    "11000000001010@1",  # row 8
    "1111111111111111",  # row 9
]
# 构建 grid[10][16]
grid = [list(row) for row in maze_rows]
# 参数
START = (1, 1)
END = (8, 14)
MAX_STEPS = 24
ROWS, COLS = 10, 16
# 方向映射
DIRS = {
    'w': (-1, 0),
    's': (1, 0),
    'a': (0, -1),
    'd': (0, 1)
}

# DFS 搜索（因为步数固定且迷宫小，DFS 更易记录路径）
def dfs(r, c, steps, path):
    # 剪枝：步数超过 24
    if steps > MAX_STEPS:
        return None
    # 到达终点
    if (r, c) == END and steps == MAX_STEPS:
        return path
    # 提前到达终点但步数不足 → 失败（不能停留）
    if (r, c) == END:
        return None
    # 尝试四个方向
    for move, (dr, dc) in DIRS.items():
        nr, nc = r + dr, c + dc
        
        # 边界检查
        if not (0 <= nr < ROWS and 0 <= nc < COLS):
            continue
        
        # 墙检查
        if grid[nr][nc] == '1':
            continue
        
        # 递归
        res = dfs(nr, nc, steps + 1, path + move)
        if res is not None:
            return res
    
    return None

# 开始搜索
print("[*] Searching for path...")
solution = dfs(START[0], START[1], 0, "")

if solution:
    print(f"[+] Found path: {solution}")
    print(f"[+] Length: {len(solution)}")
    print(f"\n🏁 FLAG: QLNUCTF{{{solution}}}")
else:
    print("[-] No valid path found.")

运行后得到flag