Shulou(Shulou.com)05/31 Report--

This article will explain in detail the implementation and reverse example analysis of BASE64 coding principle analysis script. The content of the article is of high quality, so the editor shares it for you as a reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

You may be enjoying the convenience of Base64 every moment in the Internet, but how much do you know about the basics of Base64? Today, the editor will take you to understand the Base64 coding principle analysis script implementation and reverse case related content.

01 the origin of coding

Data transfer does not support all characters, and in many cases only visible characters are supported. But it is impossible for data transmission to transmit only visible characters. In order to solve this problem, base64 coding was born. Base64 encoding converts all characters to be encoded into characters in the 64 visible character table.

02 coding principle

All the characters encoded by Base64 are in the following table.

There are a total of 64 characters in the above table, 2 ^ 6 = 64, so only 6 bit bits are enough to describe all the characters in the table. In the computer, there are 1 byte and 8 bit, and one ASCII code occupies 1 byte. So the extra two are filled with zeros. For example, I use 00000110 to represent the character in the table with a value of 6, that is, G.

So how to use the characters in the above table to express all the characters?

When coding, Base64 first converts all the characters to be converted into binary form.

For example, adding 00 to each 6-bit bit after converting "abc" to 110000111000101100011 translates three 8-bit bytes into four 6-bit bytes.

Because base64 encoding changes three 8-bit bytes into four 6-bit bytes, the resulting number of bytes must be a multiple of 4, if not a multiple of 4, filled with =.

Let's take a look at the conversion process from an example.

Suppose the character to be converted is "example"

After conversion to binary, you get:

01100101 01111000 01100001 01101101 01110000 01101100 01100101

The length of example is 7, so in order to make the final character a multiple of 4, we need to add two more characters.

01100101 01111000 01100001 01101101 01110000 01101100 01100101 00000000 00000000

And then we arrange it according to the 6-digit 1 character.

011001 010111 100001 100001 011011 010111 000001 101100 011001 010000 000000 000000

Get it after filling 00.

00011001 00010111 00100001 00100001 00011011 00010111 00000001 00101100 00011001 00010000 00000000 00000000

And then convert these binaries to decimal.

25 23 33 33 27 23 1 44 25 16 0 0

After replacing the table with characters, you get

ZXhhbXBsZQAA

Then replace the last AA with =

ZXhhbXBsZQ==

Put it into python to decode it and verify it.

03Python script implementation

The decoding function here only supports ASCII. If you need to support all characters, you can learn about the relationship of UTF-8 UTF-16 unicode.

04 reverse case analysis

This is a reverse question seen on Bugku. Let's take a look at the execution:

Prompt to enter flag. Generally speaking, this problem depends on the algorithm.

Open the analysis with IDA after confirming that there is no shell

Open the strings window first

Find right flag Jump

View Cross referenc

Find the main execution section

View pseudo code directly from F5

Notice that you need to make Dest and Str2 the same before you output right flag

And Str2 is known, so you can probably speculate that you need to do some kind of inverse operation of Str2 to know flag.

If you look up, you can see:

Shift each bit of the Dest, and then move on to a function.

Follow up and check.

I have renamed some variable names for ease of understanding.

Where input is the string we entered and length is the length of the input string.

You can see that v9 first divides the total length by 3. Then after a careful analysis of v9room4, you will find that the value saved by v10 is the length of the last Dst variable. This is very similar to the relationship between the length of Base64 before and after coding.

The v11 variable holds the value of length as a condition variable for the loop, and then initializes the threeChar array.

I characters are stored in the threeChar array after a loop.

The three case are in three cases respectively. In the case of case 3, threeChar takes exactly three characters.

In the case of case 2, threeChar takes only two characters. When case 1 is iTun1, threeChar takes only one character.

Let's analyze case 3 first.

First, move the threeChar [0] character to the right by 2 bits, which is equivalent to taking only the first 6 bits of the character and adding 2 zeros before the 6 bits. After completion, it is converted to signed int, which becomes the location in the character table. CharTable is the character table encoded by Base64.

By the same token, let's move on.

Since the first 6 bits of the threeChar [0] character have just been taken, we should take the last two bits of threeChar [0] and the first 4 bits of threeChar [1] to form a 6 bit and then complete 0 into 8 bits.

Here, first of all, threeChar [1] is calculated with 0xF0. The conversion of 0xF0 to binary is 11110000, that is, only the first 4 bits of threeChar [1] are retained and the last 4 bits are set to 0. The next move to the right moves the four bits of data to the lowest bit of the binary. The following threeChar [0] & 3 operation retains the last 2 bits of threeChar [0] and the front 6 position 0.

If you look at this, you will find that it corresponds to the principle of Base64 coding. The other two cases are similar, except that a completion = code is added at the end.

At this point, you can write a problem-solving script.

On the BASE64 coding principle analysis script implementation and reverse example analysis is shared here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.