第一层smc的秘钥经测试在大部分在线工具站都可以查到
第二层秘钥用了flag前5位`SCTF{`做秘钥

然后进行常规的rc4算法对flag进行加密,rc4秘钥是`syclover`并用其他逻辑运算代替异或来完成数据交换
```cpp
{
i = (i + 1) % 256;
j = (j + s[i]) % 256;
s[i] = (s[i] & ~s[j]) | (~s[i] & s[j]);
s[j] = (s[i] & ~s[j]) | (~s[i] & s[j]);
s[i] = (s[i] & ~s[j]) | (~s[i] & s[j]);
t = (s[i] + s[j]) % 256;
data[k] ^= s[t];
//printf("%2.2x,", data[k]);
}
```

解密只要输入格式符合的字符串再拿到该字符串的密文就可写脚本了

```python
d=[128, 85, 126, 45, 209, 9, 37, 171, 60, 86, 149, 196, 54, 19, 237, 114, 36, 147, 178, 200, 69, 236, 22, 107, 103, 29, 249, 163, 150, 217]
s=[128, 85, 126, 45, 209, 18, 62, 176, 35, 31, 136, 150, 12, 45, 211, 76, 24, 173, 161, 202, 16, 210, 66, 101, 89, 25, 172, 177, 142, 197]
s1='SCTF{aaaaaaaaaaaaaaaaaaaaaaaaa'#输入的flag
for i in range(len(s)):
print(chr(d[i]^s[i]^ord(s1[i])),end='')
# SCTF{zzz~(|3[___]_rc4_5o_e4sy}

```