[长城杯 2021 院校组]funny_js
审题
根据题名提示为js,再在ida中查看,基本可以确定为quickjs题
QuickJS 是一个快速、灵活且易于嵌入的 JavaScript 引擎,适用于需要在资源受限环境下运行 JavaScript 代码的场景。
工具准备
来到Linux,先准备解题工具
git clone https://gitee.com/haloxxg/QuickJS.git -b 20200119 --depth 1
cd QuickJS
修改quickjs.c,使其能输出byte_code字节码,下面是借鉴这篇文章的内容
diff --git a/quickjs.c b/quickjs.c
index b19a4d9..9a3f483 100644
--- a/quickjs.c
+++ b/quickjs.c
@@ -82,7 +82,7 @@16: dump bytecode in hex32: dump line number table*/
-//#define DUMP_BYTECODE (1)
+#define DUMP_BYTECODE (1)/* dump the occurence of the automatic GC *///#define DUMP_GC/* dump objects freed by the garbage collector */
@@ -96,7 +96,7 @@//#define DUMP_SHAPES /* dump shapes in JS_FreeContext *///#define DUMP_MODULE_RESOLVE//#define DUMP_PROMISE
-//#define DUMP_READ_OBJECT
+#define DUMP_READ_OBJECT/* test the GC by forcing it before each object allocation *///#define FORCE_GC_AT_MALLOC
@@ -33897,6 +33897,9 @@ static JSValue JS_ReadObjectRec(BCReaderState *s)bc_read_trace(s, "}\n");}bc_read_trace(s, "}\n");
+#if DUMP_BYTECODE
+ js_dump_function_bytecode(ctx, b);
+#endif}break;case BC_TAG_MODULE:
AI的解释:
根据你提供的 diff 文件内容,这里列出了对文件
**quickjs.c**的更改:
- ** 在第 82 行:取消了之前被注释掉的
**DUMP_BYTECODE**宏定义(**//#define DUMP_BYTECODE (1)**),将其恢复为被定义的状态(**#define DUMP_BYTECODE (1)**)。 **- ** 在第 96 行:取消了之前被注释掉的
**DUMP_READ_OBJECT**宏定义(**//#define DUMP_READ_OBJECT**),将其恢复为被定义的状态(**#define DUMP_READ_OBJECT**)。 **- ** 在第 33897 行附近:在解析对象后,添加了一个新的条件判断。如果
**DUMP_BYTECODE**被定义,那么会调用**js_dump_function_bytecode(ctx, b)**函数来转储函数的字节码。 **
这我直接进行了手改,主要是执行不了上述代码(目前还没搞懂)。
来到quickjs.c文件
vim quickjs.c
显示行号
set nu
跳转到82行
根据AI的解释和上文需要修改的地方,进行修改
接下来的修改如法炮制
make编译
make
先创建一个js样本
echo "console.log('hello')" > hello.js
将 JavaScript 文件 hello.js 编译成 C 语言代码,并保存到 hello.c 文件中
./qjsc -e -o hello.c hello.js
编译并运行
cc hello.c -lm -ldl libquickjs.lto.a -o hello
./hello #输出文件内容
或
gcc -ggdb hello.c libquickjs.a -lm -ldl -lpthread
./a.out > 1.txt # 得到一个a.out,输出重定向到1.txt
cat 1.txt # 打印文件内容
解题
没问题了,开始解题
来到main,提取byte_26305A中的opcode(js字节码)
unsigned char qjsc_s[] =
{0x02, 0x1B, 0x06, 0x72, 0x63, 0x34, 0x04, 0x73, 0x6E, 0x02, 0x69, 0x02, 0x6A, 0x02, 0x6B, 0x02, 0x6C, 0x02, 0x6D, 0x02, 0x6E, 0x04, 0x75, 0x6E, 0x06, 0x61, 0x72, 0x72, 0x0C, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x2A, 0x32, 0x30, 0x32, 0x31, 0x71, 0x75, 0x69, 0x63, 0x6B, 0x6A, 0x73, 0x5F, 0x68, 0x61, 0x70, 0x70, 0x79, 0x67, 0x61, 0x6D, 0x65, 0x48, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x02, 0x73, 0x18, 0x66, 0x72, 0x6F, 0x6D, 0x43, 0x68, 0x61, 0x72, 0x43, 0x6F, 0x64, 0x65, 0x0A, 0x70, 0x72, 0x69, 0x6E, 0x74, 0x12, 0x73, 0x6F, 0x75, 0x72, 0x63, 0x65, 0x2E, 0x6A, 0x73, 0x08, 0x64, 0x61, 0x74, 0x61, 0x06, 0x6B, 0x65, 0x79, 0x06, 0x62, 0x6F, 0x78, 0x02, 0x78, 0x08, 0x74, 0x65, 0x6D, 0x70, 0x02, 0x79, 0x06, 0x6F, 0x75, 0x74, 0x08, 0x63, 0x6F, 0x64, 0x65, 0x14, 0x63, 0x68, 0x61, 0x72, 0x43, 0x6F, 0x64, 0x65, 0x41, 0x74, 0x08, 0x70, 0x75, 0x73, 0x68, 0x0E, 0x00, 0x06, 0x00, 0x9E, 0x01, 0x00, 0x01, 0x00, 0x20, 0x00, 0x08, 0xEB, 0x04, 0x01, 0xA0, 0x01, 0x00, 0x00, 0x00, 0x40, 0xDF, 0x00, 0x00, 0x00, 0x40, 0x40, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE2, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE3, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE4, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE5, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE6, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE7, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE9, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE1, 0x00, 0x00, 0x00, 0x00, 0xC2, 0x00, 0x41, 0xDF, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE2, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE3, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE4, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE5, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE6, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE7, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE9, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x04, 0xEA, 0x00, 0x00, 0x00, 0x11, 0x3A, 0xE7, 0x00, 0x00, 0x00, 0x0E, 0x04, 0xEB, 0x00, 0x00, 0x00, 0x11, 0x3A, 0xE0, 0x00, 0x00, 0x00, 0xCB, 0xC0, 0x96, 0x00, 0xC0, 0xE0, 0x00, 0xC0, 0xF4, 0x00, 0xBF, 0x44, 0xBF, 0x3D, 0xBF, 0x7D, 0xBF, 0x08, 0xC0, 0xEF, 0x00, 0xC0, 0xCB, 0x00, 0xC0, 0xFE, 0x00, 0xC0, 0xF1, 0x00, 0xBF, 0x71, 0xC0, 0xD5, 0x00, 0xC0, 0xB0, 0x00, 0xBF, 0x40, 0xBF, 0x6A, 0xBF, 0x67, 0xC0, 0xA6, 0x00, 0xC0, 0xB9, 0x00, 0xC0, 0x9F, 0x00, 0xC0, 0x9E, 0x00, 0xC0, 0xAC, 0x00, 0xBF, 0x09, 0xC0, 0xD5, 0x00, 0xC0, 0xEF, 0x00, 0xBF, 0x0C, 0xBF, 0x64, 0xC0, 0xB9, 0x00, 0xBF, 0x5A, 0xC0, 0xAE, 0x00, 0xBF, 0x6B, 0xC0, 0x83, 0x00, 0x26, 0x20, 0x00, 0xC0, 0xDF, 0x00, 0x4D, 0x20, 0x00, 0x00, 0x80, 0xBF, 0x7A, 0x4D, 0x21, 0x00, 0x00, 0x80, 0xC0, 0xE5, 0x00, 0x4D, 0x22, 0x00, 0x00, 0x80, 0xC0, 0x9D, 0x00, 0x4D, 0x23, 0x00, 0x00, 0x80, 0x11, 0x3A, 0xE8, 0x00, 0x00, 0x00, 0x0E, 0xC1, 0x01, 0x11, 0x3A, 0xE5, 0x00, 0x00, 0x00, 0xCB, 0xC1, 0x02, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE4, 0x00, 0x00, 0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE3, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xDF, 0x00, 0x00, 0x00, 0x39, 0xE0, 0x00, 0x00, 0x00, 0x39, 0xE7, 0x00, 0x00, 0x00, 0xF2, 0x11, 0x3A, 0xE9, 0x00, 0x00, 0x00, 0x0E, 0x06, 0xCB, 0xB7, 0x11, 0x3A, 0xE1, 0x00, 0x00, 0x00, 0x0E, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x39, 0xE9, 0x00, 0x00, 0x00, 0xEB, 0xA5, 0xEC, 0x6E, 0x39, 0xE9, 0x00, 0x00, 0x00, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x48, 0x11, 0x3A, 0xE2, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE2, 0x00, 0x00, 0x00, 0xBF, 0x38, 0xBF, 0x11, 0xA0, 0xB0, 0x11, 0x3A, 0xE4, 0x00, 0x00, 0x00, 0xCB, 0x06, 0xCB, 0x39, 0xE4, 0x00, 0x00, 0x00, 0x39, 0xE8, 0x00, 0x00, 0x00, 0x39, 0xE3, 0x00, 0x00, 0x00, 0x48, 0xAB, 0xEC, 0x0F, 0x39, 0xE5, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE5, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0x0D, 0x39, 0xE6, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE3, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE3, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE1, 0x00, 0x00, 0x00, 0x0E, 0xEE, 0x86, 0x06, 0xCB, 0x39, 0xE5, 0x00, 0x00, 0x00, 0x39, 0xE9, 0x00, 0x00, 0x00, 0xEB, 0xAB, 0xEC, 0x15, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xB7, 0xAB, 0xEC, 0x0C, 0xC1, 0x03, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0x0A, 0xC1, 0x04, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xC3, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00, 0xCB, 0x06, 0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x05, 0xA7, 0xEC, 0x3A, 0x39, 0xEC, 0x00, 0x00, 0x00, 0x39, 0x97, 0x00, 0x00, 0x00, 0x43, 0xED, 0x00, 0x00, 0x00, 0x39, 0x96, 0x00, 0x00, 0x00, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x06, 0x9E, 0xF1, 0x24, 0x01, 0x00, 0x9F, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x07, 0x9D, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0xBE, 0x39, 0xEE, 0x00, 0x00, 0x00, 0x39, 0xEC, 0x00, 0x00, 0x00, 0xF1, 0xCF, 0x28, 0xDE, 0x03, 0x01, 0x20, 0x00, 0x48, 0x01, 0x00, 0x4A, 0x52, 0x3F, 0x40, 0x00, 0x7C, 0x04, 0x30, 0x30, 0x2B, 0x2B, 0x77, 0x7B, 0x5D, 0x5D, 0x6C, 0x3F, 0x0E, 0x40, 0x3F, 0x4A, 0xB7, 0x30, 0x2B, 0x3F, 0xCB, 0x4E, 0x0D, 0x0E, 0x43, 0x06, 0x00, 0xBE, 0x03, 0x02, 0x08, 0x02, 0x05, 0x00, 0x00, 0xBB, 0x01, 0x0A, 0xE0, 0x03, 0x00, 0x01, 0x00, 0xE2, 0x03, 0x00, 0x01, 0x00, 0xE4, 0x03, 0x00, 0x00, 0x00, 0xC2, 0x03, 0x00, 0x01, 0x00, 0xE6, 0x03, 0x00, 0x02, 0x00, 0xE8, 0x03, 0x00, 0x03, 0x00, 0xEA, 0x03, 0x00, 0x04, 0x00, 0xEC, 0x03, 0x00, 0x05, 0x00, 0xEE, 0x03, 0x00, 0x06, 0x00, 0xC6, 0x03, 0x00, 0x07, 0x00, 0x39, 0x94, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x01, 0xF1, 0xCB, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC, 0x09, 0xC7, 0xC8, 0xC8, 0x4A, 0x95, 0x01, 0xEE, 0xF2, 0xB7, 0xCD, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC, 0x2C, 0xC9, 0xC7, 0xC8, 0x48, 0x9F, 0xD4, 0x43, 0xF8, 0x00, 0x00, 0x00, 0xC8, 0xD4, 0xEB, 0x9E, 0x24, 0x01, 0x00, 0x9F, 0xC0, 0x00, 0x01, 0x9E, 0xCD, 0xC7, 0xC8, 0x48, 0xCE, 0xC7, 0xC8, 0x72, 0xC7, 0xC9, 0x48, 0x4A, 0xC7, 0xC9, 0xCA, 0x4A, 0x95, 0x01, 0xEE, 0xCF, 0xB7, 0xCD, 0xB7, 0xC5, 0x04, 0x26, 0x00, 0x00, 0xC5, 0x05, 0xB7, 0xCC, 0xC8, 0xD3, 0xEB, 0xA5, 0xEC, 0x56, 0xD3, 0x43, 0xF8, 0x00, 0x00, 0x00, 0xC8, 0x24, 0x01, 0x00, 0xC5, 0x06, 0xC9, 0xB8, 0x9F, 0xC0, 0x00, 0x01, 0x9E, 0xCD, 0xC4, 0x04, 0xC7, 0xC9, 0x48, 0x9F, 0xC0, 0x00, 0x01, 0x9E, 0xC5, 0x04, 0xC7, 0xC9, 0x48, 0xCE, 0xC7, 0xC9, 0x72, 0xC7, 0xC4, 0x04, 0x48, 0x4A, 0xC7, 0xC4, 0x04, 0xCA, 0x4A, 0xC7, 0xC9, 0x48, 0xC7, 0xC4, 0x04, 0x48, 0x9F, 0xC0, 0x00, 0x01, 0x9E, 0xC5, 0x07, 0xC4, 0x05, 0x43, 0xF9, 0x00, 0x00, 0x00, 0xC4, 0x06, 0xC7, 0xC4, 0x07, 0x48, 0xB0, 0x24, 0x01, 0x00, 0x0E, 0x95, 0x01, 0xEE, 0xA6, 0xC4, 0x05, 0x28, 0xDE, 0x03, 0x03, 0x19, 0x04, 0x35, 0x30, 0x17, 0x18, 0x0D, 0x30, 0x7B, 0x17, 0x26, 0x17, 0x19, 0x0D, 0x12, 0x1C, 0x2C, 0x40, 0x2B, 0x3F, 0x17, 0x2B, 0x1D, 0x4A, 0x5D, 0x17, 0x0A, 0x00, 0x0A, 0x00, 0x0A, 0xE8, 0x01, 0x07, 0x44, 0xB8, 0x90, 0xB5, 0x6B, 0x67, 0x80, 0x0A, 0xE8, 0x01, 0x07, 0x34, 0xA7, 0xB8, 0x48, 0x7F, 0x8D, 0xAF, 0x0A, 0x00, 0x0A, 0x28, 0x01, 0xFE, 0x0A, 0x28, 0x01, 0xFE, 0x00, 0x00, 0x00, 0x00
};
替换hello.c中qjsc_hello数组
vim hello.c
#include "quickjs-libc.h"const uint32_t qjsc_hello_size = 1164;const uint8_t qjsc_hello[1164] = {0x02, 0x1B, 0x06, 0x72, 0x63, 0x34, 0x04, 0x73, 0x6E, 0x02,0x69, 0x02, 0x6A, 0x02, 0x6B, 0x02, 0x6C, 0x02, 0x6D, 0x02,0x6E, 0x04, 0x75, 0x6E, 0x06, 0x61, 0x72, 0x72, 0x0C, 0x63,0x69, 0x70, 0x68, 0x65, 0x72, 0x2A, 0x32, 0x30, 0x32, 0x31,0x71, 0x75, 0x69, 0x63, 0x6B, 0x6A, 0x73, 0x5F, 0x68, 0x61,0x70, 0x70, 0x79, 0x67, 0x61, 0x6D, 0x65, 0x48, 0x2A, 0x2A,0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,0x2A, 0x2A, 0x2A, 0x2A, 0x02, 0x73, 0x18, 0x66, 0x72, 0x6F,0x6D, 0x43, 0x68, 0x61, 0x72, 0x43, 0x6F, 0x64, 0x65, 0x0A,0x70, 0x72, 0x69, 0x6E, 0x74, 0x12, 0x73, 0x6F, 0x75, 0x72,0x63, 0x65, 0x2E, 0x6A, 0x73, 0x08, 0x64, 0x61, 0x74, 0x61,0x06, 0x6B, 0x65, 0x79, 0x06, 0x62, 0x6F, 0x78, 0x02, 0x78,0x08, 0x74, 0x65, 0x6D, 0x70, 0x02, 0x79, 0x06, 0x6F, 0x75,0x74, 0x08, 0x63, 0x6F, 0x64, 0x65, 0x14, 0x63, 0x68, 0x61,0x72, 0x43, 0x6F, 0x64, 0x65, 0x41, 0x74, 0x08, 0x70, 0x75,0x73, 0x68, 0x0E, 0x00, 0x06, 0x00, 0x9E, 0x01, 0x00, 0x01,0x00, 0x20, 0x00, 0x08, 0xEB, 0x04, 0x01, 0xA0, 0x01, 0x00,0x00, 0x00, 0x40, 0xDF, 0x00, 0x00, 0x00, 0x40, 0x40, 0xE0,0x00, 0x00, 0x00, 0x00, 0x40, 0xE1, 0x00, 0x00, 0x00, 0x00,0x40, 0xE2, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE3, 0x00, 0x00,0x00, 0x00, 0x40, 0xE4, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE5,0x00, 0x00, 0x00, 0x00, 0x40, 0xE6, 0x00, 0x00, 0x00, 0x00,0x40, 0xE7, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE8, 0x00, 0x00,0x00, 0x00, 0x40, 0xE9, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE1,0x00, 0x00, 0x00, 0x00, 0xC2, 0x00, 0x41, 0xDF, 0x00, 0x00,0x00, 0x00, 0x3F, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE1,0x00, 0x00, 0x00, 0x00, 0x3F, 0xE2, 0x00, 0x00, 0x00, 0x00,0x3F, 0xE3, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE4, 0x00, 0x00,0x00, 0x00, 0x3F, 0xE5, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE6,0x00, 0x00, 0x00, 0x00, 0x3F, 0xE7, 0x00, 0x00, 0x00, 0x00,0x3F, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE9, 0x00, 0x00,0x00, 0x00, 0x3F, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x04, 0xEA,0x00, 0x00, 0x00, 0x11, 0x3A, 0xE7, 0x00, 0x00, 0x00, 0x0E,0x04, 0xEB, 0x00, 0x00, 0x00, 0x11, 0x3A, 0xE0, 0x00, 0x00,0x00, 0xCB, 0xC0, 0x96, 0x00, 0xC0, 0xE0, 0x00, 0xC0, 0xF4,0x00, 0xBF, 0x44, 0xBF, 0x3D, 0xBF, 0x7D, 0xBF, 0x08, 0xC0,0xEF, 0x00, 0xC0, 0xCB, 0x00, 0xC0, 0xFE, 0x00, 0xC0, 0xF1,0x00, 0xBF, 0x71, 0xC0, 0xD5, 0x00, 0xC0, 0xB0, 0x00, 0xBF,0x40, 0xBF, 0x6A, 0xBF, 0x67, 0xC0, 0xA6, 0x00, 0xC0, 0xB9,0x00, 0xC0, 0x9F, 0x00, 0xC0, 0x9E, 0x00, 0xC0, 0xAC, 0x00,0xBF, 0x09, 0xC0, 0xD5, 0x00, 0xC0, 0xEF, 0x00, 0xBF, 0x0C,0xBF, 0x64, 0xC0, 0xB9, 0x00, 0xBF, 0x5A, 0xC0, 0xAE, 0x00,0xBF, 0x6B, 0xC0, 0x83, 0x00, 0x26, 0x20, 0x00, 0xC0, 0xDF,0x00, 0x4D, 0x20, 0x00, 0x00, 0x80, 0xBF, 0x7A, 0x4D, 0x21,0x00, 0x00, 0x80, 0xC0, 0xE5, 0x00, 0x4D, 0x22, 0x00, 0x00,0x80, 0xC0, 0x9D, 0x00, 0x4D, 0x23, 0x00, 0x00, 0x80, 0x11,0x3A, 0xE8, 0x00, 0x00, 0x00, 0x0E, 0xC1, 0x01, 0x11, 0x3A,0xE5, 0x00, 0x00, 0x00, 0xCB, 0xC1, 0x02, 0x11, 0x3A, 0xE6,0x00, 0x00, 0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE4, 0x00, 0x00,0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE3, 0x00, 0x00, 0x00, 0xCB,0x39, 0xDF, 0x00, 0x00, 0x00, 0x39, 0xE0, 0x00, 0x00, 0x00,0x39, 0xE7, 0x00, 0x00, 0x00, 0xF2, 0x11, 0x3A, 0xE9, 0x00,0x00, 0x00, 0x0E, 0x06, 0xCB, 0xB7, 0x11, 0x3A, 0xE1, 0x00,0x00, 0x00, 0x0E, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x39, 0xE9,0x00, 0x00, 0x00, 0xEB, 0xA5, 0xEC, 0x6E, 0x39, 0xE9, 0x00,0x00, 0x00, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x48, 0x11, 0x3A,0xE2, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE2, 0x00, 0x00, 0x00,0xBF, 0x38, 0xBF, 0x11, 0xA0, 0xB0, 0x11, 0x3A, 0xE4, 0x00,0x00, 0x00, 0xCB, 0x06, 0xCB, 0x39, 0xE4, 0x00, 0x00, 0x00,0x39, 0xE8, 0x00, 0x00, 0x00, 0x39, 0xE3, 0x00, 0x00, 0x00,0x48, 0xAB, 0xEC, 0x0F, 0x39, 0xE5, 0x00, 0x00, 0x00, 0x93,0x3A, 0xE5, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0x0D, 0x39, 0xE6,0x00, 0x00, 0x00, 0x93, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB,0x39, 0xE3, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE3, 0x00, 0x00,0x00, 0xCB, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE1,0x00, 0x00, 0x00, 0x0E, 0xEE, 0x86, 0x06, 0xCB, 0x39, 0xE5,0x00, 0x00, 0x00, 0x39, 0xE9, 0x00, 0x00, 0x00, 0xEB, 0xAB,0xEC, 0x15, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xB7, 0xAB, 0xEC,0x0C, 0xC1, 0x03, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB,0xEE, 0x0A, 0xC1, 0x04, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00,0xCB, 0xC3, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00, 0xCB, 0x06,0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x05, 0xA7, 0xEC,0x3A, 0x39, 0xEC, 0x00, 0x00, 0x00, 0x39, 0x97, 0x00, 0x00,0x00, 0x43, 0xED, 0x00, 0x00, 0x00, 0x39, 0x96, 0x00, 0x00,0x00, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x06, 0x9E, 0xF1,0x24, 0x01, 0x00, 0x9F, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00,0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x07, 0x9D, 0x11,0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0xBE, 0x39, 0xEE,0x00, 0x00, 0x00, 0x39, 0xEC, 0x00, 0x00, 0x00, 0xF1, 0xCF,0x28, 0xDE, 0x03, 0x01, 0x20, 0x00, 0x48, 0x01, 0x00, 0x4A,0x52, 0x3F, 0x40, 0x00, 0x7C, 0x04, 0x30, 0x30, 0x2B, 0x2B,0x77, 0x7B, 0x5D, 0x5D, 0x6C, 0x3F, 0x0E, 0x40, 0x3F, 0x4A,0xB7, 0x30, 0x2B, 0x3F, 0xCB, 0x4E, 0x0D, 0x0E, 0x43, 0x06,0x00, 0xBE, 0x03, 0x02, 0x08, 0x02, 0x05, 0x00, 0x00, 0xBB,0x01, 0x0A, 0xE0, 0x03, 0x00, 0x01, 0x00, 0xE2, 0x03, 0x00,0x01, 0x00, 0xE4, 0x03, 0x00, 0x00, 0x00, 0xC2, 0x03, 0x00,0x01, 0x00, 0xE6, 0x03, 0x00, 0x02, 0x00, 0xE8, 0x03, 0x00,0x03, 0x00, 0xEA, 0x03, 0x00, 0x04, 0x00, 0xEC, 0x03, 0x00,0x05, 0x00, 0xEE, 0x03, 0x00, 0x06, 0x00, 0xC6, 0x03, 0x00,0x07, 0x00, 0x39, 0x94, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x01,0xF1, 0xCB, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC,0x09, 0xC7, 0xC8, 0xC8, 0x4A, 0x95, 0x01, 0xEE, 0xF2, 0xB7,0xCD, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC, 0x2C,0xC9, 0xC7, 0xC8, 0x48, 0x9F, 0xD4, 0x43, 0xF8, 0x00, 0x00,0x00, 0xC8, 0xD4, 0xEB, 0x9E, 0x24, 0x01, 0x00, 0x9F, 0xC0,0x00, 0x01, 0x9E, 0xCD, 0xC7, 0xC8, 0x48, 0xCE, 0xC7, 0xC8,0x72, 0xC7, 0xC9, 0x48, 0x4A, 0xC7, 0xC9, 0xCA, 0x4A, 0x95,0x01, 0xEE, 0xCF, 0xB7, 0xCD, 0xB7, 0xC5, 0x04, 0x26, 0x00,0x00, 0xC5, 0x05, 0xB7, 0xCC, 0xC8, 0xD3, 0xEB, 0xA5, 0xEC,0x56, 0xD3, 0x43, 0xF8, 0x00, 0x00, 0x00, 0xC8, 0x24, 0x01,0x00, 0xC5, 0x06, 0xC9, 0xB8, 0x9F, 0xC0, 0x00, 0x01, 0x9E,0xCD, 0xC4, 0x04, 0xC7, 0xC9, 0x48, 0x9F, 0xC0, 0x00, 0x01,0x9E, 0xC5, 0x04, 0xC7, 0xC9, 0x48, 0xCE, 0xC7, 0xC9, 0x72,0xC7, 0xC4, 0x04, 0x48, 0x4A, 0xC7, 0xC4, 0x04, 0xCA, 0x4A,0xC7, 0xC9, 0x48, 0xC7, 0xC4, 0x04, 0x48, 0x9F, 0xC0, 0x00,0x01, 0x9E, 0xC5, 0x07, 0xC4, 0x05, 0x43, 0xF9, 0x00, 0x00,0x00, 0xC4, 0x06, 0xC7, 0xC4, 0x07, 0x48, 0xB0, 0x24, 0x01,0x00, 0x0E, 0x95, 0x01, 0xEE, 0xA6, 0xC4, 0x05, 0x28, 0xDE,0x03, 0x03, 0x19, 0x04, 0x35, 0x30, 0x17, 0x18, 0x0D, 0x30,0x7B, 0x17, 0x26, 0x17, 0x19, 0x0D, 0x12, 0x1C, 0x2C, 0x40,0x2B, 0x3F, 0x17, 0x2B, 0x1D, 0x4A, 0x5D, 0x17, 0x0A, 0x00,0x0A, 0x00, 0x0A, 0xE8, 0x01, 0x07, 0x44, 0xB8, 0x90, 0xB5,0x6B, 0x67, 0x80, 0x0A, 0xE8, 0x01, 0x07, 0x34, 0xA7, 0xB8,0x48, 0x7F, 0x8D, 0xAF, 0x0A, 0x00, 0x0A, 0x28, 0x01, 0xFE,0x0A, 0x28, 0x01,0xfe
};int main(int argc, char **argv)
{JSRuntime *rt;JSContext *ctx;rt = JS_NewRuntime();ctx = JS_NewContextRaw(rt);JS_SetModuleLoaderFunc(rt, NULL, js_module_loader, NULL);JS_AddIntrinsicBaseObjects(ctx);JS_AddIntrinsicDate(ctx);JS_AddIntrinsicEval(ctx);JS_AddIntrinsicStringNormalize(ctx);JS_AddIntrinsicRegExp(ctx);JS_AddIntrinsicJSON(ctx);JS_AddIntrinsicProxy(ctx);JS_AddIntrinsicMapSet(ctx);JS_AddIntrinsicTypedArrays(ctx);JS_AddIntrinsicPromise(ctx);JS_AddIntrinsicBigInt(ctx);js_std_add_helpers(ctx, argc, argv);js_std_eval_binary(ctx, qjsc_hello, qjsc_hello_size, 0);js_std_loop(ctx);JS_FreeContext(ctx);JS_FreeRuntime(rt);return 0;
}
重新编译并运行
cc hello.c -lm -ldl libquickjs.lto.a -o hello
./hello #输出文件内容
或
gcc -ggdb hello.c libquickjs.a -lm -ldl -lpthread
a.out > 1.txt # 得到一个a.out,输出重定向到1.txt
cat 1.txt # 打印文件内容
内容:
0000: 02 1b 27 atom indexes {
0002: 06 72 63 34 string: 1"rc4"
0006: 04 73 6e string: 1"sn"
0009: 02 69 string: 1"i"
000b: 02 6a string: 1"j"
000d: 02 6b string: 1"k"
000f: 02 6c string: 1"l"
0011: 02 6d string: 1"m"
0013: 02 6e string: 1"n"
0015: 04 75 6e string: 1"un"
0018: 06 61 72 72 string: 1"arr"
001c: 0c 63 69 70 68 65 72 string: 1"cipher"
0023: 2a 32 30 32 31 71 75 6963 6b 6a 73 5f 68 61 7070 79 67 61 6d 65 string: 1"2021quickjs_happygame"
0039: 48 2a 2a 2a 2a 2a 2a 2a2a 2a 2a 2a 2a 2a 2a 2a2a 2a 2a 2a 2a 2a 2a 2a2a 2a 2a 2a 2a 2a 2a 2a2a 2a 2a 2a 2a string: 1"************************************"
005e: 02 73 string: 1"s"
0060: 18 66 72 6f 6d 43 68 6172 43 6f 64 65 string: 1"fromCharCode"
006d: 0a 70 72 69 6e 74 string: 1"print"
0073: 12 73 6f 75 72 63 65 2e6a 73 string: 1"source.js"
007d: 08 64 61 74 61 string: 1"data"
0082: 06 6b 65 79 string: 1"key"
0086: 06 62 6f 78 string: 1"box"
008a: 02 78 string: 1"x"
008c: 08 74 65 6d 70 string: 1"temp"
0091: 02 79 string: 1"y"
0093: 06 6f 75 74 string: 1"out"
0097: 08 63 6f 64 65 string: 1"code"
009c: 14 63 68 61 72 43 6f 6465 41 74 string: 1"charCodeAt"
00a7: 08 70 75 73 68 string: 1"push"}
00ac: 0e function {
00ad: 00 06 00 9e 01 00 01 0020 00 08 eb 04 01 name: "<eval>"args=0 vars=1 defargs=0 closures=0 cpool=8stack=32 bclen=619 locals=1vars {
00bb: a0 01 00 00 00 name: "<ret>"}bytecode {
00c0: 40 df 00 00 00 40 40 e000 00 00 00 40 e1 00 0000 00 40 e2 00 00 00 0040 e3 00 00 00 00 40 e400 00 00 00 40 e5 00 0000 00 40 e6 00 00 00 0040 e7 00 00 00 00 40 e800 00 00 00 40 e9 00 0000 00 40 e1 00 00 00 00c2 00 41 df 00 00 00 003f e0 00 00 00 00 3f e100 00 00 00 3f e2 00 0000 00 3f e3 00 00 00 003f e4 00 00 00 00 3f e500 00 00 00 3f e6 00 0000 00 3f e7 00 00 00 003f e8 00 00 00 00 3f e900 00 00 00 3f e1 00 0000 00 04 ea 00 00 00 113a e7 00 00 00 0e 04 eb00 00 00 11 3a e0 00 0000 cb c0 96 00 c0 e0 00c0 f4 00 bf 44 bf 3d bf7d bf 08 c0 ef 00 c0 cb00 c0 fe 00 c0 f1 00 bf71 c0 d5 00 c0 b0 00 bf40 bf 6a bf 67 c0 a6 00c0 b9 00 c0 9f 00 c0 9e00 c0 ac 00 bf 09 c0 d500 c0 ef 00 bf 0c bf 64c0 b9 00 bf 5a c0 ae 00bf 6b c0 83 00 26 20 00c0 df 00 4d 20 00 00 80bf 7a 4d 21 00 00 80 c0e5 00 4d 22 00 00 80 c09d 00 4d 23 00 00 80 113a e8 00 00 00 0e c1 0111 3a e5 00 00 00 cb c102 11 3a e6 00 00 00 cbb7 11 3a e4 00 00 00 cbb7 11 3a e3 00 00 00 cb39 df 00 00 00 39 e0 0000 00 39 e7 00 00 00 f211 3a e9 00 00 00 0e 06cb b7 11 3a e1 00 00 000e 39 e1 00 00 00 39 e900 00 00 eb a5 ec 6e 39e9 00 00 00 39 e1 00 0000 48 11 3a e2 00 00 00cb 39 e2 00 00 00 bf 38bf 11 a0 b0 11 3a e4 0000 00 cb 06 cb 39 e4 0000 00 39 e8 00 00 00 39e3 00 00 00 48 ab ec 0f39 e5 00 00 00 93 3a e500 00 00 cb ee 0d 39 e600 00 00 93 3a e6 00 0000 cb 39 e3 00 00 00 933a e3 00 00 00 cb 39 e100 00 00 93 3a e1 00 0000 0e ee 86 06 cb 39 e500 00 00 39 e9 00 00 00eb ab ec 15 39 e6 00 0000 b7 ab ec 0c c1 03 113a e6 00 00 00 cb ee 0ac1 04 11 3a e6 00 00 00cb c3 11 3a ec 00 00 00cb 06 cb 39 e6 00 00 00c1 05 a7 ec 3a 39 ec 0000 00 39 97 00 00 00 43ed 00 00 00 39 96 00 0000 39 e6 00 00 00 c1 069e f1 24 01 00 9f 11 3aec 00 00 00 cb 39 e6 0000 00 c1 07 9d 11 3a e600 00 00 cb ee be 39 ee00 00 00 39 ec 00 00 00f1 cf 28 at 1, fixup atom: rc4at 7, fixup atom: snat 13, fixup atom: iat 19, fixup atom: jat 25, fixup atom: kat 31, fixup atom: lat 37, fixup atom: mat 43, fixup atom: nat 49, fixup atom: unat 55, fixup atom: arrat 61, fixup atom: cipherat 67, fixup atom: iat 75, fixup atom: rc4at 81, fixup atom: snat 87, fixup atom: iat 93, fixup atom: jat 99, fixup atom: kat 105, fixup atom: lat 111, fixup atom: mat 117, fixup atom: nat 123, fixup atom: unat 129, fixup atom: arrat 135, fixup atom: cipherat 141, fixup atom: iat 147, fixup atom: "2021quickjs_happygame"at 153, fixup atom: unat 159, fixup atom: "************************************"at 165, fixup atom: snat 260, fixup atom: "32"at 267, fixup atom: "33"at 275, fixup atom: "34"at 283, fixup atom: "35"at 289, fixup atom: arrat 298, fixup atom: mat 307, fixup atom: nat 315, fixup atom: lat 323, fixup atom: kat 329, fixup atom: rc4at 334, fixup atom: snat 339, fixup atom: unat 346, fixup atom: cipherat 356, fixup atom: iat 362, fixup atom: iat 367, fixup atom: cipherat 376, fixup atom: cipherat 381, fixup atom: iat 388, fixup atom: jat 394, fixup atom: jat 406, fixup atom: lat 414, fixup atom: lat 419, fixup atom: arrat 424, fixup atom: kat 433, fixup atom: mat 439, fixup atom: mat 447, fixup atom: nat 453, fixup atom: nat 459, fixup atom: kat 465, fixup atom: kat 471, fixup atom: iat 477, fixup atom: iat 487, fixup atom: mat 492, fixup atom: cipherat 501, fixup atom: nat 513, fixup atom: nat 524, fixup atom: nat 532, fixup atom: sat 540, fixup atom: nat 550, fixup atom: sat 555, fixup atom: Stringat 560, fixup atom: fromCharCodeat 565, fixup atom: Numberat 570, fixup atom: nat 584, fixup atom: sat 590, fixup atom: nat 599, fixup atom: nat 607, fixup atom: printat 612, fixup atom: s}debug {
032b: de 03 01 20 00 48 01 004a 52 3f 40 00 7c 04 3030 2b 2b 77 7b 5d 5d 6c3f 0e 40 3f 4a b7 30 2b3f cb 4e 0d filename: "source.js"}cpool {
034f: 0e function {
0350: 43 06 00 be 03 02 08 0205 00 00 bb 01 0a name: rc4args=2 vars=8 defargs=2 closures=0 cpool=0stack=5 bclen=187 locals=10vars {
035e: e0 03 00 01 00 name: data
0363: e2 03 00 01 00 name: key
0368: e4 03 00 00 00 name: box
036d: c2 03 00 01 00 name: i
0372: e6 03 00 02 00 name: x
0377: e8 03 00 03 00 name: temp
037c: ea 03 00 04 00 name: y
0381: ec 03 00 05 00 name: out
0386: ee 03 00 06 00 name: code
038b: c6 03 00 07 00 name: k}bytecode {
0390: 39 94 00 00 00 c0 00 01f1 cb b7 cc c8 c0 00 01a5 ec 09 c7 c8 c8 4a 9501 ee f2 b7 cd b7 cc c8c0 00 01 a5 ec 2c c9 c7c8 48 9f d4 43 f8 00 0000 c8 d4 eb 9e 24 01 009f c0 00 01 9e cd c7 c848 ce c7 c8 72 c7 c9 484a c7 c9 ca 4a 95 01 eecf b7 cd b7 c5 04 26 0000 c5 05 b7 cc c8 d3 eba5 ec 56 d3 43 f8 00 0000 c8 24 01 00 c5 06 c9b8 9f c0 00 01 9e cd c404 c7 c9 48 9f c0 00 019e c5 04 c7 c9 48 ce c7c9 72 c7 c4 04 48 4a c7c4 04 ca 4a c7 c9 48 c7c4 04 48 9f c0 00 01 9ec5 07 c4 05 43 f9 00 0000 c4 06 c7 c4 07 48 b024 01 00 0e 95 01 ee a6c4 05 28 at 1, fixup atom: Arrayat 45, fixup atom: charCodeAtat 101, fixup atom: charCodeAtat 165, fixup atom: push}debug {
044b: de 03 03 19 04 35 30 1718 0d 30 7b 17 26 17 190d 12 1c 2c 40 2b 3f 172b 1d 4a 5d 17 filename: "source.js"}}
source.js:3: function: rc4args: data keylocals:0: var box1: var i2: var x3: var temp4: var y5: var out6: var code7: var kstack_size: 5opcodes:get_var Arraypush_i16 256call1 1put_loc0 0: boxpush_0 0put_loc1 1: i12: get_loc1 1: ipush_i16 256ltif_false8 27get_loc0 0: boxget_loc1 1: iget_loc1 1: iput_array_elinc_loc 1: igoto8 1227: push_0 0put_loc2 2: xpush_0 0put_loc1 1: i31: get_loc1 1: ipush_i16 256ltif_false8 81get_loc2 2: xget_loc0 0: boxget_loc1 1: iget_array_eladdget_arg1 1: keyget_field2 charCodeAtget_loc1 1: iget_arg1 1: keyget_lengthmodcall_method 1addpush_i16 256modput_loc2 2: xget_loc0 0: boxget_loc1 1: iget_array_elput_loc3 3: tempget_loc0 0: boxget_loc1 1: ito_propkey2get_loc0 0: boxget_loc2 2: xget_array_elput_array_elget_loc0 0: boxget_loc2 2: xget_loc3 3: tempput_array_elinc_loc 1: igoto8 3181: push_0 0put_loc2 2: xpush_0 0put_loc8 4: yarray_from 0put_loc8 5: outpush_0 0put_loc1 1: i93: get_loc1 1: iget_arg0 0: dataget_lengthltif_false8 184get_arg0 0: dataget_field2 charCodeAtget_loc1 1: icall_method 1put_loc8 6: codeget_loc2 2: xpush_1 1addpush_i16 256modput_loc2 2: xget_loc8 4: yget_loc0 0: boxget_loc2 2: xget_array_eladdpush_i16 256modput_loc8 4: yget_loc0 0: boxget_loc2 2: xget_array_elput_loc3 3: tempget_loc0 0: boxget_loc2 2: xto_propkey2get_loc0 0: boxget_loc8 4: yget_array_elput_array_elget_loc0 0: boxget_loc8 4: yget_loc3 3: tempput_array_elget_loc0 0: boxget_loc2 2: xget_array_elget_loc0 0: boxget_loc8 4: yget_array_eladdpush_i16 256modput_loc8 7: kget_loc8 5: outget_field2 pushget_loc8 6: codeget_loc0 0: boxget_loc8 7: kget_array_elxorcall_method 1dropinc_loc 1: igoto8 93184: get_loc8 5: outreturn0468: 0a bigint {
0469: 00 }
046a: 0a bigint {
046b: 00 }
046c: 0a bigint {
046d: e8 01 07 len=7
0470: 44 b8 90 b5 6b 67 80 }
0477: 0a bigint {
0478: e8 01 07 len=7
047b: 34 a7 b8 48 7f 8d af }
0482: 0a bigint {
0483: 00 }
0484: 0a bigint {
0485: 28 01 len=1
0487: fe }
0488: 0a bigint {
0489: 28 01 len=1
048b: fe }}}
source.js:1: function: <eval>locals:0: var <ret>stack_size: 32opcodes:check_define_var rc4,64check_define_var sn,0check_define_var i,0check_define_var j,0check_define_var k,0check_define_var l,0check_define_var m,0check_define_var n,0check_define_var un,0check_define_var arr,0check_define_var cipher,0check_define_var i,0fclosure8 0: [bytecode rc4]define_func rc4,0define_var sn,0define_var i,0define_var j,0define_var k,0define_var l,0define_var m,0define_var n,0define_var un,0define_var arr,0define_var cipher,0define_var i,0push_atom_value "2021quickjs_happygame"dupput_var undroppush_atom_value "************************************"dupput_var snput_loc0 0: "<ret>"push_i16 150push_i16 224push_i16 244push_i8 68push_i8 61push_i8 125push_i8 8push_i16 239push_i16 203push_i16 254push_i16 241push_i8 113push_i16 213push_i16 176push_i8 64push_i8 106push_i8 103push_i16 166push_i16 185push_i16 159push_i16 158push_i16 172push_i8 9push_i16 213push_i16 239push_i8 12push_i8 100push_i16 185push_i8 90push_i16 174push_i8 107push_i16 131array_from 32push_i16 223define_field "32"push_i8 122define_field "33"push_i16 229define_field "34"push_i16 157define_field "35"dupput_var arrdroppush_const8 1: 0ndupput_var mput_loc0 0: "<ret>"push_const8 2: 0ndupput_var nput_loc0 0: "<ret>"push_0 0dupput_var lput_loc0 0: "<ret>"push_0 0dupput_var kput_loc0 0: "<ret>"get_var rc4get_var snget_var uncall2 2dupput_var cipherdropundefinedput_loc0 0: "<ret>"push_0 0dupput_var idrop361: get_var iget_var cipherget_lengthltif_false8 484get_var cipherget_var iget_array_eldupput_var jput_loc0 0: "<ret>"get_var jpush_i8 56push_i8 17subxordupput_var lput_loc0 0: "<ret>"undefinedput_loc0 0: "<ret>"get_var lget_var arrget_var kget_array_eleqif_false8 446get_var mpost_incput_var mput_loc0 0: "<ret>"goto8 458446: get_var npost_incput_var nput_loc0 0: "<ret>"458: get_var kpost_incput_var kput_loc0 0: "<ret>"get_var ipost_incput_var idropgoto8 361484: undefinedput_loc0 0: "<ret>"get_var mget_var cipherget_lengtheqif_false8 520get_var npush_0 0eqif_false8 520push_const8 3: 18071254662143010ndupput_var nput_loc0 0: "<ret>"goto8 529520: push_const8 4: 24706849372394394ndupput_var nput_loc0 0: "<ret>"529: push_empty_stringdupput_var sput_loc0 0: "<ret>"undefinedput_loc0 0: "<ret>"539: get_var npush_const8 5: 0ngtif_false8 606get_var sget_var Stringget_field2 fromCharCodeget_var Numberget_var npush_const8 6: 127nmodcall1 1call_method 1adddupput_var sput_loc0 0: "<ret>"get_var npush_const8 7: 127ndivdupput_var nput_loc0 0: "<ret>"goto8 539606: get_var printget_var scall1 1set_loc0 0: "<ret>"returnError...审计内容:
1,rc4加密,key=“2021quickjs_happygame”
2,cipher = cipher^(56-17)
3,密文对比
提取密文:
[150, 224, 244, 68, 61, 125, 8, 239, 203, 254, 241, 113, 213, 176, 64, 106, 103, 166, 185, 159, 158, 172, 9, 213, 239, 12, 100, 185, 90, 174, 1
07, 131, 223, 122, 229, 157]
EXP:
from Crypto.Cipher import ARC4key = b'2021quickjs_happygame'
key = ARC4.new(key)
en_flag = [150, 224, 244, 68, 61, 125, 8, 239, 203, 254, 241, 113, 213, 176, 64, 106, 103, 166, 185, 159, 158, 172, 9,213, 239, 12, 100, 185, 90, 174, 107, 131, 223, 122, 229, 157]
en_flag = [i ^ (56 - 17) for i in en_flag]
en_flag = bytes(en_flag)
flag = key.decrypt(en_flag)
print(flag)
