Shulou(Shulou.com)06/01 Report--

(1). Reasons for writing:

The purpose of writing this blog is to make it easier to use it next time or to help others in need. When typing CTF, I occasionally encounter restoring some files. When I analyze the data flow, I extract an unknown file, open it with a binary editor, search the file header, and find that it is similar to a file header, but the position of every two bytes is reversed, so I think of swapping every two bytes, like the following:

(2) Demonstration and effect:

The following figure is shown before and after the command line execution:

(III)。 Paste the code:

The code is written in C, a little bit unattractive, the function is too simple, and there is no modularization. The writing environment is windows.

# include # include # include int main (int argc, const char** argv) {/ / The pointer of input file and output file FILE* fin; FILE* fout; / / The file name of input file and output char* inFile; char* outFile; / / The pointer of single and double byte type unsigned short* pDouble = NULL; unsigned char* pSingle = NULL / / The memery buffer of header and tail pointer about input file void* fBuffStart = NULL; void* fBuffEnd = NULL; / / The size of input file (Byte) unsigned long fileSize = 0 / / Judge the count of parameter and the file name limit if (argc! = 3 | | strlen (argv [1]) > 255 | | strlen (argv [2]) > 255) {printf ("\ n [-] Usage:% s infile outfile\ n", argv [0]); printf ("[-] Filename limited: 255 Byte\ n"); exit (- 1) } inFile = argv [1]; outFile = argv [2]; / / Exception handling if (! (fin = fopen (inFile, "rb")) {printf ("Error: open% s failed!\ n", inFile); exit (- 1);} / Obtain file size fseek (fin, 0, SEEK_END) FileSize = ftell (fin); fseek (fin, 0, SEEK_SET); / / Alloc memery for input file and read its data to memery fBuffStart = (unsigned char*) malloc (fileSize); memset (fBuffStart, 0, fileSize); fread (fBuffStart, 1, fileSize, fin); fclose (fin); / / The position of start and end input file memery fBuffEnd = (unsigned char*) fBuffStart + fileSize PDouble = (unsigned short*) fBuffStart; / / Exception handling if (! (fout = fopen (outFile, "wb")) {printf ("Error: open% s failed!\ n", outFile); exit (- 1);} / Exchange position of each two byte while (pDouble! = fBuffEnd) {pSingle = pDouble Fwrite (pSingle+1, 1,1, fout); fwrite (pSingle, 1,1, fout); pDouble++;} fclose (fout); return 0;}

(4). If there are any deficiencies, please correct the axe.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.