攻防世界 Reverse simple-unpack

1.upx解压（脱壳）

使用upx -d simple-unpack命令解压

root@ubuntu:~/Desktop/git/ctf-reverse# upx -d simple-unpac 
                       Ultimate Packer for eXecutables
                          Copyright (C) 1996 - 2017
UPX 3.94        Markus Oberhumer, Laszlo Molnar & John Reiser   May 12th 2017

        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
    912808 <-    352624   38.63%   linux/amd64   simple-unpac

Unpacked 1 file.

2.strings ｜ xxd

使用xxd查看

root@ubuntu:~/Desktop/git/ctf-reverse# xxd simple-unpac | grep "flag"
000b2dc0: 732d 3e5f 666c 6167 7332 2026 205f 494f  s->_flags2 & _IO
000b5ff0: 3d3d 204e 554c 4c20 7c7c 2028 666c 6167  == NULL || (flag
000ca0a0: 666c 6167 7b55 7078 5f31 735f 6e30 745f  flag{Upx_1s_n0t_
000db2c0: 6b75 705f 646f 6e65 0066 6c61 6700 5f64  kup_done.flag._d
000dd330: 6163 6b5f 666c 6167 7300 5f6e 6c5f 6361  ack_flags._nl_ca

使用string查看

root@ubuntu:~/Desktop/git/ctf-reverse# strings simple-unpac | grep "flag"
WARNING: Unsupported flag value(s) of 0x%x in DT_FLAGS_1.
s->_flags2 & _IO_FLAGS2_FORTIFY
version == NULL || (flags & ~(DL_LOOKUP_ADD_DEPENDENCY | DL_LOOKUP_GSCOPE_LOCK)) == 0
imap->l_type == lt_loaded && (imap->l_flags_1 & DF_1_NODELETE) == 0
flag{Upx_1s_n0t_a_d3liv3r_c0mp4ny}
flag
_dl_stack_flags

得到flag

flag{Upx_1s_n0t_a_d3liv3r_c0mp4ny}