Tags: dynamic reverse-engineering pseudorandom 

Rating: 1.0

I have no time to write more specific details, so I just put my scripts here:
```python
#/usr/bin/env python3

input = 'aaaaabbbbbcccccdddddeeeee' # test input for encryption correctly.
rand_num = [0x3748ef4e,0x75344ee3,0x66c59057,0x7650cdd6,0x48349e25,0x4341479a,0x67f6c1e0,0x61ae12fc, 0x27e31966, 0x62a67e76]
encrypt_table1 = [0x0e, 0x4a, 0x79, 0x05, 0x66] # You can get this table by dynamic debugging in gdb.
encrypt_table2 = [0x17,0x0E,0x2,0x15,0x0B,0x3,0x4,0x10,0x16,0x5,0x12, 0x6,0x0C,0x7,0x13,1,8,0x14,0x9,0x0A,0x0D,0x18,0,0x11,0x0F]

output = ''
encry = ''
for i in range(len(input)):
output = output + input[encrypt_table2[i]]
print (output)
for j in range(len(input)):
encry = encry + str(hex(ord(output[j])^encrypt_table1[j//5])[2:])

print (encry)

encry_text = [0x6B,0x6D,0x6F,0x6B,0x6D,0x2B,0x2B,0x2E,0x2F,0x28,0x1D,0x1B,0x1A,0x1B,0x1D,0x64,0x67,0x60,0x67,0x66,0x05,0x03,0x07,0x02,0x02]
encry_text2 = [0x63,0x51,0x48,0x6A,0x40,0x09,0x1E,0x7A,0x7A,0x0C,0x0B,0x02,0x49,0x48,0x4D,0x43,0x71,0x6B,0x30,0x5A,0x12,0x1B,0x27,0x39,0x53]
flag = ''
for k in range(len(encry_text2)):
print (hex(encry_text2[k]^encrypt_table1[k//5]))
flag = flag + chr(encry_text2[k]^encrypt_table1[k//5])

print (flag)

rever_table = []
for i in range(len(encrypt_table2)):
rever_table.append(encrypt_table2.index(i))

f = ''
for i in range(len(flag)):
f = f + flag[rever_table[i]]

print (f)

```

Original writeup (https://github.com/spwpun/AFFCTF-Lite-2020-writeups/tree/main/RE).