[长城杯 2021 院校组]funny_js
审题
根据题名提示为js,再在ida中查看,基本可以确定为quickjs题
QuickJS 是一个快速、灵活且易于嵌入的 JavaScript 引擎,适用于需要在资源受限环境下运行 JavaScript 代码的场景。
工具准备
来到Linux,先准备解题工具
git clone https://gitee.com/haloxxg/QuickJS.git -b 20200119 --depth 1
cd QuickJS
修改quickjs.c,使其能输出byte_code字节码,下面是借鉴这篇文章的内容
diff --git a/quickjs.c b/quickjs.c
index b19a4d9..9a3f483 100644
--- a/quickjs.c
+++ b/quickjs.c
@@ -82,7 +82,7 @@
16: dump bytecode in hex
32: dump line number table
*/
-//#define DUMP_BYTECODE (1)
+#define DUMP_BYTECODE (1)
/* dump the occurence of the automatic GC */
//#define DUMP_GC
/* dump objects freed by the garbage collector */
@@ -96,7 +96,7 @@
//#define DUMP_SHAPES /* dump shapes in JS_FreeContext */
//#define DUMP_MODULE_RESOLVE
//#define DUMP_PROMISE
-//#define DUMP_READ_OBJECT
+#define DUMP_READ_OBJECT
/* test the GC by forcing it before each object allocation */
//#define FORCE_GC_AT_MALLOC
@@ -33897,6 +33897,9 @@ static JSValue JS_ReadObjectRec(BCReaderState *s)
bc_read_trace(s, "}\n");
}
bc_read_trace(s, "}\n");
+#if DUMP_BYTECODE
+ js_dump_function_bytecode(ctx, b);
+#endif
}
break;
case BC_TAG_MODULE:
AI的解释:
根据你提供的 diff 文件内容,这里列出了对文件
**quickjs.c**的更改:
- ** 在第 82 行:取消了之前被注释掉的
**DUMP_BYTECODE**宏定义(**//#define DUMP_BYTECODE (1)**),将其恢复为被定义的状态(**#define DUMP_BYTECODE (1)**)。 **- ** 在第 96 行:取消了之前被注释掉的
**DUMP_READ_OBJECT**宏定义(**//#define DUMP_READ_OBJECT**),将其恢复为被定义的状态(**#define DUMP_READ_OBJECT**)。 **- ** 在第 33897 行附近:在解析对象后,添加了一个新的条件判断。如果
**DUMP_BYTECODE**被定义,那么会调用**js_dump_function_bytecode(ctx, b)**函数来转储函数的字节码。 **
这我直接进行了手改,主要是执行不了上述代码(目前还没搞懂)。
来到quickjs.c文件
vim quickjs.c
显示行号
set nu
跳转到82行
根据AI的解释和上文需要修改的地方,进行修改
接下来的修改如法炮制
make编译
make
先创建一个js样本
echo "console.log('hello')" > hello.js
将 JavaScript 文件 hello.js 编译成 C 语言代码,并保存到 hello.c 文件中
./qjsc -e -o hello.c hello.js
编译并运行
cc hello.c -lm -ldl libquickjs.lto.a -o hello
./hello #输出文件内容
或
gcc -ggdb hello.c libquickjs.a -lm -ldl -lpthread
./a.out > 1.txt # 得到一个a.out,输出重定向到1.txt
cat 1.txt # 打印文件内容
解题
没问题了,开始解题
来到main,提取byte_26305A中的opcode(js字节码)
unsigned char qjsc_s[] =
{
0x02, 0x1B, 0x06, 0x72, 0x63, 0x34, 0x04, 0x73, 0x6E, 0x02,
0x69, 0x02, 0x6A, 0x02, 0x6B, 0x02, 0x6C, 0x02, 0x6D, 0x02,
0x6E, 0x04, 0x75, 0x6E, 0x06, 0x61, 0x72, 0x72, 0x0C, 0x63,
0x69, 0x70, 0x68, 0x65, 0x72, 0x2A, 0x32, 0x30, 0x32, 0x31,
0x71, 0x75, 0x69, 0x63, 0x6B, 0x6A, 0x73, 0x5F, 0x68, 0x61,
0x70, 0x70, 0x79, 0x67, 0x61, 0x6D, 0x65, 0x48, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x02, 0x73, 0x18, 0x66, 0x72, 0x6F,
0x6D, 0x43, 0x68, 0x61, 0x72, 0x43, 0x6F, 0x64, 0x65, 0x0A,
0x70, 0x72, 0x69, 0x6E, 0x74, 0x12, 0x73, 0x6F, 0x75, 0x72,
0x63, 0x65, 0x2E, 0x6A, 0x73, 0x08, 0x64, 0x61, 0x74, 0x61,
0x06, 0x6B, 0x65, 0x79, 0x06, 0x62, 0x6F, 0x78, 0x02, 0x78,
0x08, 0x74, 0x65, 0x6D, 0x70, 0x02, 0x79, 0x06, 0x6F, 0x75,
0x74, 0x08, 0x63, 0x6F, 0x64, 0x65, 0x14, 0x63, 0x68, 0x61,
0x72, 0x43, 0x6F, 0x64, 0x65, 0x41, 0x74, 0x08, 0x70, 0x75,
0x73, 0x68, 0x0E, 0x00, 0x06, 0x00, 0x9E, 0x01, 0x00, 0x01,
0x00, 0x20, 0x00, 0x08, 0xEB, 0x04, 0x01, 0xA0, 0x01, 0x00,
0x00, 0x00, 0x40, 0xDF, 0x00, 0x00, 0x00, 0x40, 0x40, 0xE0,
0x00, 0x00, 0x00, 0x00, 0x40, 0xE1, 0x00, 0x00, 0x00, 0x00,
0x40, 0xE2, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE3, 0x00, 0x00,
0x00, 0x00, 0x40, 0xE4, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE5,
0x00, 0x00, 0x00, 0x00, 0x40, 0xE6, 0x00, 0x00, 0x00, 0x00,
0x40, 0xE7, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE8, 0x00, 0x00,
0x00, 0x00, 0x40, 0xE9, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE1,
0x00, 0x00, 0x00, 0x00, 0xC2, 0x00, 0x41, 0xDF, 0x00, 0x00,
0x00, 0x00, 0x3F, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE1,
0x00, 0x00, 0x00, 0x00, 0x3F, 0xE2, 0x00, 0x00, 0x00, 0x00,
0x3F, 0xE3, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE4, 0x00, 0x00,
0x00, 0x00, 0x3F, 0xE5, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE6,
0x00, 0x00, 0x00, 0x00, 0x3F, 0xE7, 0x00, 0x00, 0x00, 0x00,
0x3F, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE9, 0x00, 0x00,
0x00, 0x00, 0x3F, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x04, 0xEA,
0x00, 0x00, 0x00, 0x11, 0x3A, 0xE7, 0x00, 0x00, 0x00, 0x0E,
0x04, 0xEB, 0x00, 0x00, 0x00, 0x11, 0x3A, 0xE0, 0x00, 0x00,
0x00, 0xCB, 0xC0, 0x96, 0x00, 0xC0, 0xE0, 0x00, 0xC0, 0xF4,
0x00, 0xBF, 0x44, 0xBF, 0x3D, 0xBF, 0x7D, 0xBF, 0x08, 0xC0,
0xEF, 0x00, 0xC0, 0xCB, 0x00, 0xC0, 0xFE, 0x00, 0xC0, 0xF1,
0x00, 0xBF, 0x71, 0xC0, 0xD5, 0x00, 0xC0, 0xB0, 0x00, 0xBF,
0x40, 0xBF, 0x6A, 0xBF, 0x67, 0xC0, 0xA6, 0x00, 0xC0, 0xB9,
0x00, 0xC0, 0x9F, 0x00, 0xC0, 0x9E, 0x00, 0xC0, 0xAC, 0x00,
0xBF, 0x09, 0xC0, 0xD5, 0x00, 0xC0, 0xEF, 0x00, 0xBF, 0x0C,
0xBF, 0x64, 0xC0, 0xB9, 0x00, 0xBF, 0x5A, 0xC0, 0xAE, 0x00,
0xBF, 0x6B, 0xC0, 0x83, 0x00, 0x26, 0x20, 0x00, 0xC0, 0xDF,
0x00, 0x4D, 0x20, 0x00, 0x00, 0x80, 0xBF, 0x7A, 0x4D, 0x21,
0x00, 0x00, 0x80, 0xC0, 0xE5, 0x00, 0x4D, 0x22, 0x00, 0x00,
0x80, 0xC0, 0x9D, 0x00, 0x4D, 0x23, 0x00, 0x00, 0x80, 0x11,
0x3A, 0xE8, 0x00, 0x00, 0x00, 0x0E, 0xC1, 0x01, 0x11, 0x3A,
0xE5, 0x00, 0x00, 0x00, 0xCB, 0xC1, 0x02, 0x11, 0x3A, 0xE6,
0x00, 0x00, 0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE4, 0x00, 0x00,
0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE3, 0x00, 0x00, 0x00, 0xCB,
0x39, 0xDF, 0x00, 0x00, 0x00, 0x39, 0xE0, 0x00, 0x00, 0x00,
0x39, 0xE7, 0x00, 0x00, 0x00, 0xF2, 0x11, 0x3A, 0xE9, 0x00,
0x00, 0x00, 0x0E, 0x06, 0xCB, 0xB7, 0x11, 0x3A, 0xE1, 0x00,
0x00, 0x00, 0x0E, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x39, 0xE9,
0x00, 0x00, 0x00, 0xEB, 0xA5, 0xEC, 0x6E, 0x39, 0xE9, 0x00,
0x00, 0x00, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x48, 0x11, 0x3A,
0xE2, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE2, 0x00, 0x00, 0x00,
0xBF, 0x38, 0xBF, 0x11, 0xA0, 0xB0, 0x11, 0x3A, 0xE4, 0x00,
0x00, 0x00, 0xCB, 0x06, 0xCB, 0x39, 0xE4, 0x00, 0x00, 0x00,
0x39, 0xE8, 0x00, 0x00, 0x00, 0x39, 0xE3, 0x00, 0x00, 0x00,
0x48, 0xAB, 0xEC, 0x0F, 0x39, 0xE5, 0x00, 0x00, 0x00, 0x93,
0x3A, 0xE5, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0x0D, 0x39, 0xE6,
0x00, 0x00, 0x00, 0x93, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB,
0x39, 0xE3, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE3, 0x00, 0x00,
0x00, 0xCB, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE1,
0x00, 0x00, 0x00, 0x0E, 0xEE, 0x86, 0x06, 0xCB, 0x39, 0xE5,
0x00, 0x00, 0x00, 0x39, 0xE9, 0x00, 0x00, 0x00, 0xEB, 0xAB,
0xEC, 0x15, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xB7, 0xAB, 0xEC,
0x0C, 0xC1, 0x03, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB,
0xEE, 0x0A, 0xC1, 0x04, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00,
0xCB, 0xC3, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00, 0xCB, 0x06,
0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x05, 0xA7, 0xEC,
0x3A, 0x39, 0xEC, 0x00, 0x00, 0x00, 0x39, 0x97, 0x00, 0x00,
0x00, 0x43, 0xED, 0x00, 0x00, 0x00, 0x39, 0x96, 0x00, 0x00,
0x00, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x06, 0x9E, 0xF1,
0x24, 0x01, 0x00, 0x9F, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00,
0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x07, 0x9D, 0x11,
0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0xBE, 0x39, 0xEE,
0x00, 0x00, 0x00, 0x39, 0xEC, 0x00, 0x00, 0x00, 0xF1, 0xCF,
0x28, 0xDE, 0x03, 0x01, 0x20, 0x00, 0x48, 0x01, 0x00, 0x4A,
0x52, 0x3F, 0x40, 0x00, 0x7C, 0x04, 0x30, 0x30, 0x2B, 0x2B,
0x77, 0x7B, 0x5D, 0x5D, 0x6C, 0x3F, 0x0E, 0x40, 0x3F, 0x4A,
0xB7, 0x30, 0x2B, 0x3F, 0xCB, 0x4E, 0x0D, 0x0E, 0x43, 0x06,
0x00, 0xBE, 0x03, 0x02, 0x08, 0x02, 0x05, 0x00, 0x00, 0xBB,
0x01, 0x0A, 0xE0, 0x03, 0x00, 0x01, 0x00, 0xE2, 0x03, 0x00,
0x01, 0x00, 0xE4, 0x03, 0x00, 0x00, 0x00, 0xC2, 0x03, 0x00,
0x01, 0x00, 0xE6, 0x03, 0x00, 0x02, 0x00, 0xE8, 0x03, 0x00,
0x03, 0x00, 0xEA, 0x03, 0x00, 0x04, 0x00, 0xEC, 0x03, 0x00,
0x05, 0x00, 0xEE, 0x03, 0x00, 0x06, 0x00, 0xC6, 0x03, 0x00,
0x07, 0x00, 0x39, 0x94, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x01,
0xF1, 0xCB, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC,
0x09, 0xC7, 0xC8, 0xC8, 0x4A, 0x95, 0x01, 0xEE, 0xF2, 0xB7,
0xCD, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC, 0x2C,
0xC9, 0xC7, 0xC8, 0x48, 0x9F, 0xD4, 0x43, 0xF8, 0x00, 0x00,
0x00, 0xC8, 0xD4, 0xEB, 0x9E, 0x24, 0x01, 0x00, 0x9F, 0xC0,
0x00, 0x01, 0x9E, 0xCD, 0xC7, 0xC8, 0x48, 0xCE, 0xC7, 0xC8,
0x72, 0xC7, 0xC9, 0x48, 0x4A, 0xC7, 0xC9, 0xCA, 0x4A, 0x95,
0x01, 0xEE, 0xCF, 0xB7, 0xCD, 0xB7, 0xC5, 0x04, 0x26, 0x00,
0x00, 0xC5, 0x05, 0xB7, 0xCC, 0xC8, 0xD3, 0xEB, 0xA5, 0xEC,
0x56, 0xD3, 0x43, 0xF8, 0x00, 0x00, 0x00, 0xC8, 0x24, 0x01,
0x00, 0xC5, 0x06, 0xC9, 0xB8, 0x9F, 0xC0, 0x00, 0x01, 0x9E,
0xCD, 0xC4, 0x04, 0xC7, 0xC9, 0x48, 0x9F, 0xC0, 0x00, 0x01,
0x9E, 0xC5, 0x04, 0xC7, 0xC9, 0x48, 0xCE, 0xC7, 0xC9, 0x72,
0xC7, 0xC4, 0x04, 0x48, 0x4A, 0xC7, 0xC4, 0x04, 0xCA, 0x4A,
0xC7, 0xC9, 0x48, 0xC7, 0xC4, 0x04, 0x48, 0x9F, 0xC0, 0x00,
0x01, 0x9E, 0xC5, 0x07, 0xC4, 0x05, 0x43, 0xF9, 0x00, 0x00,
0x00, 0xC4, 0x06, 0xC7, 0xC4, 0x07, 0x48, 0xB0, 0x24, 0x01,
0x00, 0x0E, 0x95, 0x01, 0xEE, 0xA6, 0xC4, 0x05, 0x28, 0xDE,
0x03, 0x03, 0x19, 0x04, 0x35, 0x30, 0x17, 0x18, 0x0D, 0x30,
0x7B, 0x17, 0x26, 0x17, 0x19, 0x0D, 0x12, 0x1C, 0x2C, 0x40,
0x2B, 0x3F, 0x17, 0x2B, 0x1D, 0x4A, 0x5D, 0x17, 0x0A, 0x00,
0x0A, 0x00, 0x0A, 0xE8, 0x01, 0x07, 0x44, 0xB8, 0x90, 0xB5,
0x6B, 0x67, 0x80, 0x0A, 0xE8, 0x01, 0x07, 0x34, 0xA7, 0xB8,
0x48, 0x7F, 0x8D, 0xAF, 0x0A, 0x00, 0x0A, 0x28, 0x01, 0xFE,
0x0A, 0x28, 0x01, 0xFE, 0x00, 0x00, 0x00, 0x00
};
替换hello.c中qjsc_hello数组
vim hello.c
#include "quickjs-libc.h"
const uint32_t qjsc_hello_size = 1164;
const uint8_t qjsc_hello[1164] = {
0x02, 0x1B, 0x06, 0x72, 0x63, 0x34, 0x04, 0x73, 0x6E, 0x02,
0x69, 0x02, 0x6A, 0x02, 0x6B, 0x02, 0x6C, 0x02, 0x6D, 0x02,
0x6E, 0x04, 0x75, 0x6E, 0x06, 0x61, 0x72, 0x72, 0x0C, 0x63,
0x69, 0x70, 0x68, 0x65, 0x72, 0x2A, 0x32, 0x30, 0x32, 0x31,
0x71, 0x75, 0x69, 0x63, 0x6B, 0x6A, 0x73, 0x5F, 0x68, 0x61,
0x70, 0x70, 0x79, 0x67, 0x61, 0x6D, 0x65, 0x48, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A, 0x2A,
0x2A, 0x2A, 0x2A, 0x2A, 0x02, 0x73, 0x18, 0x66, 0x72, 0x6F,
0x6D, 0x43, 0x68, 0x61, 0x72, 0x43, 0x6F, 0x64, 0x65, 0x0A,
0x70, 0x72, 0x69, 0x6E, 0x74, 0x12, 0x73, 0x6F, 0x75, 0x72,
0x63, 0x65, 0x2E, 0x6A, 0x73, 0x08, 0x64, 0x61, 0x74, 0x61,
0x06, 0x6B, 0x65, 0x79, 0x06, 0x62, 0x6F, 0x78, 0x02, 0x78,
0x08, 0x74, 0x65, 0x6D, 0x70, 0x02, 0x79, 0x06, 0x6F, 0x75,
0x74, 0x08, 0x63, 0x6F, 0x64, 0x65, 0x14, 0x63, 0x68, 0x61,
0x72, 0x43, 0x6F, 0x64, 0x65, 0x41, 0x74, 0x08, 0x70, 0x75,
0x73, 0x68, 0x0E, 0x00, 0x06, 0x00, 0x9E, 0x01, 0x00, 0x01,
0x00, 0x20, 0x00, 0x08, 0xEB, 0x04, 0x01, 0xA0, 0x01, 0x00,
0x00, 0x00, 0x40, 0xDF, 0x00, 0x00, 0x00, 0x40, 0x40, 0xE0,
0x00, 0x00, 0x00, 0x00, 0x40, 0xE1, 0x00, 0x00, 0x00, 0x00,
0x40, 0xE2, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE3, 0x00, 0x00,
0x00, 0x00, 0x40, 0xE4, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE5,
0x00, 0x00, 0x00, 0x00, 0x40, 0xE6, 0x00, 0x00, 0x00, 0x00,
0x40, 0xE7, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE8, 0x00, 0x00,
0x00, 0x00, 0x40, 0xE9, 0x00, 0x00, 0x00, 0x00, 0x40, 0xE1,
0x00, 0x00, 0x00, 0x00, 0xC2, 0x00, 0x41, 0xDF, 0x00, 0x00,
0x00, 0x00, 0x3F, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE1,
0x00, 0x00, 0x00, 0x00, 0x3F, 0xE2, 0x00, 0x00, 0x00, 0x00,
0x3F, 0xE3, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE4, 0x00, 0x00,
0x00, 0x00, 0x3F, 0xE5, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE6,
0x00, 0x00, 0x00, 0x00, 0x3F, 0xE7, 0x00, 0x00, 0x00, 0x00,
0x3F, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x3F, 0xE9, 0x00, 0x00,
0x00, 0x00, 0x3F, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x04, 0xEA,
0x00, 0x00, 0x00, 0x11, 0x3A, 0xE7, 0x00, 0x00, 0x00, 0x0E,
0x04, 0xEB, 0x00, 0x00, 0x00, 0x11, 0x3A, 0xE0, 0x00, 0x00,
0x00, 0xCB, 0xC0, 0x96, 0x00, 0xC0, 0xE0, 0x00, 0xC0, 0xF4,
0x00, 0xBF, 0x44, 0xBF, 0x3D, 0xBF, 0x7D, 0xBF, 0x08, 0xC0,
0xEF, 0x00, 0xC0, 0xCB, 0x00, 0xC0, 0xFE, 0x00, 0xC0, 0xF1,
0x00, 0xBF, 0x71, 0xC0, 0xD5, 0x00, 0xC0, 0xB0, 0x00, 0xBF,
0x40, 0xBF, 0x6A, 0xBF, 0x67, 0xC0, 0xA6, 0x00, 0xC0, 0xB9,
0x00, 0xC0, 0x9F, 0x00, 0xC0, 0x9E, 0x00, 0xC0, 0xAC, 0x00,
0xBF, 0x09, 0xC0, 0xD5, 0x00, 0xC0, 0xEF, 0x00, 0xBF, 0x0C,
0xBF, 0x64, 0xC0, 0xB9, 0x00, 0xBF, 0x5A, 0xC0, 0xAE, 0x00,
0xBF, 0x6B, 0xC0, 0x83, 0x00, 0x26, 0x20, 0x00, 0xC0, 0xDF,
0x00, 0x4D, 0x20, 0x00, 0x00, 0x80, 0xBF, 0x7A, 0x4D, 0x21,
0x00, 0x00, 0x80, 0xC0, 0xE5, 0x00, 0x4D, 0x22, 0x00, 0x00,
0x80, 0xC0, 0x9D, 0x00, 0x4D, 0x23, 0x00, 0x00, 0x80, 0x11,
0x3A, 0xE8, 0x00, 0x00, 0x00, 0x0E, 0xC1, 0x01, 0x11, 0x3A,
0xE5, 0x00, 0x00, 0x00, 0xCB, 0xC1, 0x02, 0x11, 0x3A, 0xE6,
0x00, 0x00, 0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE4, 0x00, 0x00,
0x00, 0xCB, 0xB7, 0x11, 0x3A, 0xE3, 0x00, 0x00, 0x00, 0xCB,
0x39, 0xDF, 0x00, 0x00, 0x00, 0x39, 0xE0, 0x00, 0x00, 0x00,
0x39, 0xE7, 0x00, 0x00, 0x00, 0xF2, 0x11, 0x3A, 0xE9, 0x00,
0x00, 0x00, 0x0E, 0x06, 0xCB, 0xB7, 0x11, 0x3A, 0xE1, 0x00,
0x00, 0x00, 0x0E, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x39, 0xE9,
0x00, 0x00, 0x00, 0xEB, 0xA5, 0xEC, 0x6E, 0x39, 0xE9, 0x00,
0x00, 0x00, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x48, 0x11, 0x3A,
0xE2, 0x00, 0x00, 0x00, 0xCB, 0x39, 0xE2, 0x00, 0x00, 0x00,
0xBF, 0x38, 0xBF, 0x11, 0xA0, 0xB0, 0x11, 0x3A, 0xE4, 0x00,
0x00, 0x00, 0xCB, 0x06, 0xCB, 0x39, 0xE4, 0x00, 0x00, 0x00,
0x39, 0xE8, 0x00, 0x00, 0x00, 0x39, 0xE3, 0x00, 0x00, 0x00,
0x48, 0xAB, 0xEC, 0x0F, 0x39, 0xE5, 0x00, 0x00, 0x00, 0x93,
0x3A, 0xE5, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0x0D, 0x39, 0xE6,
0x00, 0x00, 0x00, 0x93, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB,
0x39, 0xE3, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE3, 0x00, 0x00,
0x00, 0xCB, 0x39, 0xE1, 0x00, 0x00, 0x00, 0x93, 0x3A, 0xE1,
0x00, 0x00, 0x00, 0x0E, 0xEE, 0x86, 0x06, 0xCB, 0x39, 0xE5,
0x00, 0x00, 0x00, 0x39, 0xE9, 0x00, 0x00, 0x00, 0xEB, 0xAB,
0xEC, 0x15, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xB7, 0xAB, 0xEC,
0x0C, 0xC1, 0x03, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB,
0xEE, 0x0A, 0xC1, 0x04, 0x11, 0x3A, 0xE6, 0x00, 0x00, 0x00,
0xCB, 0xC3, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00, 0xCB, 0x06,
0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x05, 0xA7, 0xEC,
0x3A, 0x39, 0xEC, 0x00, 0x00, 0x00, 0x39, 0x97, 0x00, 0x00,
0x00, 0x43, 0xED, 0x00, 0x00, 0x00, 0x39, 0x96, 0x00, 0x00,
0x00, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x06, 0x9E, 0xF1,
0x24, 0x01, 0x00, 0x9F, 0x11, 0x3A, 0xEC, 0x00, 0x00, 0x00,
0xCB, 0x39, 0xE6, 0x00, 0x00, 0x00, 0xC1, 0x07, 0x9D, 0x11,
0x3A, 0xE6, 0x00, 0x00, 0x00, 0xCB, 0xEE, 0xBE, 0x39, 0xEE,
0x00, 0x00, 0x00, 0x39, 0xEC, 0x00, 0x00, 0x00, 0xF1, 0xCF,
0x28, 0xDE, 0x03, 0x01, 0x20, 0x00, 0x48, 0x01, 0x00, 0x4A,
0x52, 0x3F, 0x40, 0x00, 0x7C, 0x04, 0x30, 0x30, 0x2B, 0x2B,
0x77, 0x7B, 0x5D, 0x5D, 0x6C, 0x3F, 0x0E, 0x40, 0x3F, 0x4A,
0xB7, 0x30, 0x2B, 0x3F, 0xCB, 0x4E, 0x0D, 0x0E, 0x43, 0x06,
0x00, 0xBE, 0x03, 0x02, 0x08, 0x02, 0x05, 0x00, 0x00, 0xBB,
0x01, 0x0A, 0xE0, 0x03, 0x00, 0x01, 0x00, 0xE2, 0x03, 0x00,
0x01, 0x00, 0xE4, 0x03, 0x00, 0x00, 0x00, 0xC2, 0x03, 0x00,
0x01, 0x00, 0xE6, 0x03, 0x00, 0x02, 0x00, 0xE8, 0x03, 0x00,
0x03, 0x00, 0xEA, 0x03, 0x00, 0x04, 0x00, 0xEC, 0x03, 0x00,
0x05, 0x00, 0xEE, 0x03, 0x00, 0x06, 0x00, 0xC6, 0x03, 0x00,
0x07, 0x00, 0x39, 0x94, 0x00, 0x00, 0x00, 0xC0, 0x00, 0x01,
0xF1, 0xCB, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC,
0x09, 0xC7, 0xC8, 0xC8, 0x4A, 0x95, 0x01, 0xEE, 0xF2, 0xB7,
0xCD, 0xB7, 0xCC, 0xC8, 0xC0, 0x00, 0x01, 0xA5, 0xEC, 0x2C,
0xC9, 0xC7, 0xC8, 0x48, 0x9F, 0xD4, 0x43, 0xF8, 0x00, 0x00,
0x00, 0xC8, 0xD4, 0xEB, 0x9E, 0x24, 0x01, 0x00, 0x9F, 0xC0,
0x00, 0x01, 0x9E, 0xCD, 0xC7, 0xC8, 0x48, 0xCE, 0xC7, 0xC8,
0x72, 0xC7, 0xC9, 0x48, 0x4A, 0xC7, 0xC9, 0xCA, 0x4A, 0x95,
0x01, 0xEE, 0xCF, 0xB7, 0xCD, 0xB7, 0xC5, 0x04, 0x26, 0x00,
0x00, 0xC5, 0x05, 0xB7, 0xCC, 0xC8, 0xD3, 0xEB, 0xA5, 0xEC,
0x56, 0xD3, 0x43, 0xF8, 0x00, 0x00, 0x00, 0xC8, 0x24, 0x01,
0x00, 0xC5, 0x06, 0xC9, 0xB8, 0x9F, 0xC0, 0x00, 0x01, 0x9E,
0xCD, 0xC4, 0x04, 0xC7, 0xC9, 0x48, 0x9F, 0xC0, 0x00, 0x01,
0x9E, 0xC5, 0x04, 0xC7, 0xC9, 0x48, 0xCE, 0xC7, 0xC9, 0x72,
0xC7, 0xC4, 0x04, 0x48, 0x4A, 0xC7, 0xC4, 0x04, 0xCA, 0x4A,
0xC7, 0xC9, 0x48, 0xC7, 0xC4, 0x04, 0x48, 0x9F, 0xC0, 0x00,
0x01, 0x9E, 0xC5, 0x07, 0xC4, 0x05, 0x43, 0xF9, 0x00, 0x00,
0x00, 0xC4, 0x06, 0xC7, 0xC4, 0x07, 0x48, 0xB0, 0x24, 0x01,
0x00, 0x0E, 0x95, 0x01, 0xEE, 0xA6, 0xC4, 0x05, 0x28, 0xDE,
0x03, 0x03, 0x19, 0x04, 0x35, 0x30, 0x17, 0x18, 0x0D, 0x30,
0x7B, 0x17, 0x26, 0x17, 0x19, 0x0D, 0x12, 0x1C, 0x2C, 0x40,
0x2B, 0x3F, 0x17, 0x2B, 0x1D, 0x4A, 0x5D, 0x17, 0x0A, 0x00,
0x0A, 0x00, 0x0A, 0xE8, 0x01, 0x07, 0x44, 0xB8, 0x90, 0xB5,
0x6B, 0x67, 0x80, 0x0A, 0xE8, 0x01, 0x07, 0x34, 0xA7, 0xB8,
0x48, 0x7F, 0x8D, 0xAF, 0x0A, 0x00, 0x0A, 0x28, 0x01, 0xFE,
0x0A, 0x28, 0x01,0xfe
};
int main(int argc, char **argv)
{
JSRuntime *rt;
JSContext *ctx;
rt = JS_NewRuntime();
ctx = JS_NewContextRaw(rt);
JS_SetModuleLoaderFunc(rt, NULL, js_module_loader, NULL);
JS_AddIntrinsicBaseObjects(ctx);
JS_AddIntrinsicDate(ctx);
JS_AddIntrinsicEval(ctx);
JS_AddIntrinsicStringNormalize(ctx);
JS_AddIntrinsicRegExp(ctx);
JS_AddIntrinsicJSON(ctx);
JS_AddIntrinsicProxy(ctx);
JS_AddIntrinsicMapSet(ctx);
JS_AddIntrinsicTypedArrays(ctx);
JS_AddIntrinsicPromise(ctx);
JS_AddIntrinsicBigInt(ctx);
js_std_add_helpers(ctx, argc, argv);
js_std_eval_binary(ctx, qjsc_hello, qjsc_hello_size, 0);
js_std_loop(ctx);
JS_FreeContext(ctx);
JS_FreeRuntime(rt);
return 0;
}
重新编译并运行
cc hello.c -lm -ldl libquickjs.lto.a -o hello
./hello #输出文件内容
或
gcc -ggdb hello.c libquickjs.a -lm -ldl -lpthread
a.out > 1.txt # 得到一个a.out,输出重定向到1.txt
cat 1.txt # 打印文件内容
内容:
0000: 02 1b 27 atom indexes {
0002: 06 72 63 34 string: 1"rc4"
0006: 04 73 6e string: 1"sn"
0009: 02 69 string: 1"i"
000b: 02 6a string: 1"j"
000d: 02 6b string: 1"k"
000f: 02 6c string: 1"l"
0011: 02 6d string: 1"m"
0013: 02 6e string: 1"n"
0015: 04 75 6e string: 1"un"
0018: 06 61 72 72 string: 1"arr"
001c: 0c 63 69 70 68 65 72 string: 1"cipher"
0023: 2a 32 30 32 31 71 75 69
63 6b 6a 73 5f 68 61 70
70 79 67 61 6d 65 string: 1"2021quickjs_happygame"
0039: 48 2a 2a 2a 2a 2a 2a 2a
2a 2a 2a 2a 2a 2a 2a 2a
2a 2a 2a 2a 2a 2a 2a 2a
2a 2a 2a 2a 2a 2a 2a 2a
2a 2a 2a 2a 2a string: 1"************************************"
005e: 02 73 string: 1"s"
0060: 18 66 72 6f 6d 43 68 61
72 43 6f 64 65 string: 1"fromCharCode"
006d: 0a 70 72 69 6e 74 string: 1"print"
0073: 12 73 6f 75 72 63 65 2e
6a 73 string: 1"source.js"
007d: 08 64 61 74 61 string: 1"data"
0082: 06 6b 65 79 string: 1"key"
0086: 06 62 6f 78 string: 1"box"
008a: 02 78 string: 1"x"
008c: 08 74 65 6d 70 string: 1"temp"
0091: 02 79 string: 1"y"
0093: 06 6f 75 74 string: 1"out"
0097: 08 63 6f 64 65 string: 1"code"
009c: 14 63 68 61 72 43 6f 64
65 41 74 string: 1"charCodeAt"
00a7: 08 70 75 73 68 string: 1"push"
}
00ac: 0e function {
00ad: 00 06 00 9e 01 00 01 00
20 00 08 eb 04 01 name: "<eval>"
args=0 vars=1 defargs=0 closures=0 cpool=8
stack=32 bclen=619 locals=1
vars {
00bb: a0 01 00 00 00 name: "<ret>"
}
bytecode {
00c0: 40 df 00 00 00 40 40 e0
00 00 00 00 40 e1 00 00
00 00 40 e2 00 00 00 00
40 e3 00 00 00 00 40 e4
00 00 00 00 40 e5 00 00
00 00 40 e6 00 00 00 00
40 e7 00 00 00 00 40 e8
00 00 00 00 40 e9 00 00
00 00 40 e1 00 00 00 00
c2 00 41 df 00 00 00 00
3f e0 00 00 00 00 3f e1
00 00 00 00 3f e2 00 00
00 00 3f e3 00 00 00 00
3f e4 00 00 00 00 3f e5
00 00 00 00 3f e6 00 00
00 00 3f e7 00 00 00 00
3f e8 00 00 00 00 3f e9
00 00 00 00 3f e1 00 00
00 00 04 ea 00 00 00 11
3a e7 00 00 00 0e 04 eb
00 00 00 11 3a e0 00 00
00 cb c0 96 00 c0 e0 00
c0 f4 00 bf 44 bf 3d bf
7d bf 08 c0 ef 00 c0 cb
00 c0 fe 00 c0 f1 00 bf
71 c0 d5 00 c0 b0 00 bf
40 bf 6a bf 67 c0 a6 00
c0 b9 00 c0 9f 00 c0 9e
00 c0 ac 00 bf 09 c0 d5
00 c0 ef 00 bf 0c bf 64
c0 b9 00 bf 5a c0 ae 00
bf 6b c0 83 00 26 20 00
c0 df 00 4d 20 00 00 80
bf 7a 4d 21 00 00 80 c0
e5 00 4d 22 00 00 80 c0
9d 00 4d 23 00 00 80 11
3a e8 00 00 00 0e c1 01
11 3a e5 00 00 00 cb c1
02 11 3a e6 00 00 00 cb
b7 11 3a e4 00 00 00 cb
b7 11 3a e3 00 00 00 cb
39 df 00 00 00 39 e0 00
00 00 39 e7 00 00 00 f2
11 3a e9 00 00 00 0e 06
cb b7 11 3a e1 00 00 00
0e 39 e1 00 00 00 39 e9
00 00 00 eb a5 ec 6e 39
e9 00 00 00 39 e1 00 00
00 48 11 3a e2 00 00 00
cb 39 e2 00 00 00 bf 38
bf 11 a0 b0 11 3a e4 00
00 00 cb 06 cb 39 e4 00
00 00 39 e8 00 00 00 39
e3 00 00 00 48 ab ec 0f
39 e5 00 00 00 93 3a e5
00 00 00 cb ee 0d 39 e6
00 00 00 93 3a e6 00 00
00 cb 39 e3 00 00 00 93
3a e3 00 00 00 cb 39 e1
00 00 00 93 3a e1 00 00
00 0e ee 86 06 cb 39 e5
00 00 00 39 e9 00 00 00
eb ab ec 15 39 e6 00 00
00 b7 ab ec 0c c1 03 11
3a e6 00 00 00 cb ee 0a
c1 04 11 3a e6 00 00 00
cb c3 11 3a ec 00 00 00
cb 06 cb 39 e6 00 00 00
c1 05 a7 ec 3a 39 ec 00
00 00 39 97 00 00 00 43
ed 00 00 00 39 96 00 00
00 39 e6 00 00 00 c1 06
9e f1 24 01 00 9f 11 3a
ec 00 00 00 cb 39 e6 00
00 00 c1 07 9d 11 3a e6
00 00 00 cb ee be 39 ee
00 00 00 39 ec 00 00 00
f1 cf 28 at 1, fixup atom: rc4
at 7, fixup atom: sn
at 13, fixup atom: i
at 19, fixup atom: j
at 25, fixup atom: k
at 31, fixup atom: l
at 37, fixup atom: m
at 43, fixup atom: n
at 49, fixup atom: un
at 55, fixup atom: arr
at 61, fixup atom: cipher
at 67, fixup atom: i
at 75, fixup atom: rc4
at 81, fixup atom: sn
at 87, fixup atom: i
at 93, fixup atom: j
at 99, fixup atom: k
at 105, fixup atom: l
at 111, fixup atom: m
at 117, fixup atom: n
at 123, fixup atom: un
at 129, fixup atom: arr
at 135, fixup atom: cipher
at 141, fixup atom: i
at 147, fixup atom: "2021quickjs_happygame"
at 153, fixup atom: un
at 159, fixup atom: "************************************"
at 165, fixup atom: sn
at 260, fixup atom: "32"
at 267, fixup atom: "33"
at 275, fixup atom: "34"
at 283, fixup atom: "35"
at 289, fixup atom: arr
at 298, fixup atom: m
at 307, fixup atom: n
at 315, fixup atom: l
at 323, fixup atom: k
at 329, fixup atom: rc4
at 334, fixup atom: sn
at 339, fixup atom: un
at 346, fixup atom: cipher
at 356, fixup atom: i
at 362, fixup atom: i
at 367, fixup atom: cipher
at 376, fixup atom: cipher
at 381, fixup atom: i
at 388, fixup atom: j
at 394, fixup atom: j
at 406, fixup atom: l
at 414, fixup atom: l
at 419, fixup atom: arr
at 424, fixup atom: k
at 433, fixup atom: m
at 439, fixup atom: m
at 447, fixup atom: n
at 453, fixup atom: n
at 459, fixup atom: k
at 465, fixup atom: k
at 471, fixup atom: i
at 477, fixup atom: i
at 487, fixup atom: m
at 492, fixup atom: cipher
at 501, fixup atom: n
at 513, fixup atom: n
at 524, fixup atom: n
at 532, fixup atom: s
at 540, fixup atom: n
at 550, fixup atom: s
at 555, fixup atom: String
at 560, fixup atom: fromCharCode
at 565, fixup atom: Number
at 570, fixup atom: n
at 584, fixup atom: s
at 590, fixup atom: n
at 599, fixup atom: n
at 607, fixup atom: print
at 612, fixup atom: s
}
debug {
032b: de 03 01 20 00 48 01 00
4a 52 3f 40 00 7c 04 30
30 2b 2b 77 7b 5d 5d 6c
3f 0e 40 3f 4a b7 30 2b
3f cb 4e 0d filename: "source.js"
}
cpool {
034f: 0e function {
0350: 43 06 00 be 03 02 08 02
05 00 00 bb 01 0a name: rc4
args=2 vars=8 defargs=2 closures=0 cpool=0
stack=5 bclen=187 locals=10
vars {
035e: e0 03 00 01 00 name: data
0363: e2 03 00 01 00 name: key
0368: e4 03 00 00 00 name: box
036d: c2 03 00 01 00 name: i
0372: e6 03 00 02 00 name: x
0377: e8 03 00 03 00 name: temp
037c: ea 03 00 04 00 name: y
0381: ec 03 00 05 00 name: out
0386: ee 03 00 06 00 name: code
038b: c6 03 00 07 00 name: k
}
bytecode {
0390: 39 94 00 00 00 c0 00 01
f1 cb b7 cc c8 c0 00 01
a5 ec 09 c7 c8 c8 4a 95
01 ee f2 b7 cd b7 cc c8
c0 00 01 a5 ec 2c c9 c7
c8 48 9f d4 43 f8 00 00
00 c8 d4 eb 9e 24 01 00
9f c0 00 01 9e cd c7 c8
48 ce c7 c8 72 c7 c9 48
4a c7 c9 ca 4a 95 01 ee
cf b7 cd b7 c5 04 26 00
00 c5 05 b7 cc c8 d3 eb
a5 ec 56 d3 43 f8 00 00
00 c8 24 01 00 c5 06 c9
b8 9f c0 00 01 9e cd c4
04 c7 c9 48 9f c0 00 01
9e c5 04 c7 c9 48 ce c7
c9 72 c7 c4 04 48 4a c7
c4 04 ca 4a c7 c9 48 c7
c4 04 48 9f c0 00 01 9e
c5 07 c4 05 43 f9 00 00
00 c4 06 c7 c4 07 48 b0
24 01 00 0e 95 01 ee a6
c4 05 28 at 1, fixup atom: Array
at 45, fixup atom: charCodeAt
at 101, fixup atom: charCodeAt
at 165, fixup atom: push
}
debug {
044b: de 03 03 19 04 35 30 17
18 0d 30 7b 17 26 17 19
0d 12 1c 2c 40 2b 3f 17
2b 1d 4a 5d 17 filename: "source.js"
}
}
source.js:3: function: rc4
args: data key
locals:
0: var box
1: var i
2: var x
3: var temp
4: var y
5: var out
6: var code
7: var k
stack_size: 5
opcodes:
get_var Array
push_i16 256
call1 1
put_loc0 0: box
push_0 0
put_loc1 1: i
12: get_loc1 1: i
push_i16 256
lt
if_false8 27
get_loc0 0: box
get_loc1 1: i
get_loc1 1: i
put_array_el
inc_loc 1: i
goto8 12
27: push_0 0
put_loc2 2: x
push_0 0
put_loc1 1: i
31: get_loc1 1: i
push_i16 256
lt
if_false8 81
get_loc2 2: x
get_loc0 0: box
get_loc1 1: i
get_array_el
add
get_arg1 1: key
get_field2 charCodeAt
get_loc1 1: i
get_arg1 1: key
get_length
mod
call_method 1
add
push_i16 256
mod
put_loc2 2: x
get_loc0 0: box
get_loc1 1: i
get_array_el
put_loc3 3: temp
get_loc0 0: box
get_loc1 1: i
to_propkey2
get_loc0 0: box
get_loc2 2: x
get_array_el
put_array_el
get_loc0 0: box
get_loc2 2: x
get_loc3 3: temp
put_array_el
inc_loc 1: i
goto8 31
81: push_0 0
put_loc2 2: x
push_0 0
put_loc8 4: y
array_from 0
put_loc8 5: out
push_0 0
put_loc1 1: i
93: get_loc1 1: i
get_arg0 0: data
get_length
lt
if_false8 184
get_arg0 0: data
get_field2 charCodeAt
get_loc1 1: i
call_method 1
put_loc8 6: code
get_loc2 2: x
push_1 1
add
push_i16 256
mod
put_loc2 2: x
get_loc8 4: y
get_loc0 0: box
get_loc2 2: x
get_array_el
add
push_i16 256
mod
put_loc8 4: y
get_loc0 0: box
get_loc2 2: x
get_array_el
put_loc3 3: temp
get_loc0 0: box
get_loc2 2: x
to_propkey2
get_loc0 0: box
get_loc8 4: y
get_array_el
put_array_el
get_loc0 0: box
get_loc8 4: y
get_loc3 3: temp
put_array_el
get_loc0 0: box
get_loc2 2: x
get_array_el
get_loc0 0: box
get_loc8 4: y
get_array_el
add
push_i16 256
mod
put_loc8 7: k
get_loc8 5: out
get_field2 push
get_loc8 6: code
get_loc0 0: box
get_loc8 7: k
get_array_el
xor
call_method 1
drop
inc_loc 1: i
goto8 93
184: get_loc8 5: out
return
0468: 0a bigint {
0469: 00 }
046a: 0a bigint {
046b: 00 }
046c: 0a bigint {
046d: e8 01 07 len=7
0470: 44 b8 90 b5 6b 67 80 }
0477: 0a bigint {
0478: e8 01 07 len=7
047b: 34 a7 b8 48 7f 8d af }
0482: 0a bigint {
0483: 00 }
0484: 0a bigint {
0485: 28 01 len=1
0487: fe }
0488: 0a bigint {
0489: 28 01 len=1
048b: fe }
}
}
source.js:1: function: <eval>
locals:
0: var <ret>
stack_size: 32
opcodes:
check_define_var rc4,64
check_define_var sn,0
check_define_var i,0
check_define_var j,0
check_define_var k,0
check_define_var l,0
check_define_var m,0
check_define_var n,0
check_define_var un,0
check_define_var arr,0
check_define_var cipher,0
check_define_var i,0
fclosure8 0: [bytecode rc4]
define_func rc4,0
define_var sn,0
define_var i,0
define_var j,0
define_var k,0
define_var l,0
define_var m,0
define_var n,0
define_var un,0
define_var arr,0
define_var cipher,0
define_var i,0
push_atom_value "2021quickjs_happygame"
dup
put_var un
drop
push_atom_value "************************************"
dup
put_var sn
put_loc0 0: "<ret>"
push_i16 150
push_i16 224
push_i16 244
push_i8 68
push_i8 61
push_i8 125
push_i8 8
push_i16 239
push_i16 203
push_i16 254
push_i16 241
push_i8 113
push_i16 213
push_i16 176
push_i8 64
push_i8 106
push_i8 103
push_i16 166
push_i16 185
push_i16 159
push_i16 158
push_i16 172
push_i8 9
push_i16 213
push_i16 239
push_i8 12
push_i8 100
push_i16 185
push_i8 90
push_i16 174
push_i8 107
push_i16 131
array_from 32
push_i16 223
define_field "32"
push_i8 122
define_field "33"
push_i16 229
define_field "34"
push_i16 157
define_field "35"
dup
put_var arr
drop
push_const8 1: 0n
dup
put_var m
put_loc0 0: "<ret>"
push_const8 2: 0n
dup
put_var n
put_loc0 0: "<ret>"
push_0 0
dup
put_var l
put_loc0 0: "<ret>"
push_0 0
dup
put_var k
put_loc0 0: "<ret>"
get_var rc4
get_var sn
get_var un
call2 2
dup
put_var cipher
drop
undefined
put_loc0 0: "<ret>"
push_0 0
dup
put_var i
drop
361: get_var i
get_var cipher
get_length
lt
if_false8 484
get_var cipher
get_var i
get_array_el
dup
put_var j
put_loc0 0: "<ret>"
get_var j
push_i8 56
push_i8 17
sub
xor
dup
put_var l
put_loc0 0: "<ret>"
undefined
put_loc0 0: "<ret>"
get_var l
get_var arr
get_var k
get_array_el
eq
if_false8 446
get_var m
post_inc
put_var m
put_loc0 0: "<ret>"
goto8 458
446: get_var n
post_inc
put_var n
put_loc0 0: "<ret>"
458: get_var k
post_inc
put_var k
put_loc0 0: "<ret>"
get_var i
post_inc
put_var i
drop
goto8 361
484: undefined
put_loc0 0: "<ret>"
get_var m
get_var cipher
get_length
eq
if_false8 520
get_var n
push_0 0
eq
if_false8 520
push_const8 3: 18071254662143010n
dup
put_var n
put_loc0 0: "<ret>"
goto8 529
520: push_const8 4: 24706849372394394n
dup
put_var n
put_loc0 0: "<ret>"
529: push_empty_string
dup
put_var s
put_loc0 0: "<ret>"
undefined
put_loc0 0: "<ret>"
539: get_var n
push_const8 5: 0n
gt
if_false8 606
get_var s
get_var String
get_field2 fromCharCode
get_var Number
get_var n
push_const8 6: 127n
mod
call1 1
call_method 1
add
dup
put_var s
put_loc0 0: "<ret>"
get_var n
push_const8 7: 127n
div
dup
put_var n
put_loc0 0: "<ret>"
goto8 539
606: get_var print
get_var s
call1 1
set_loc0 0: "<ret>"
return
Error...
审计内容:
1,rc4加密,key=“2021quickjs_happygame”
2,cipher = cipher^(56-17)
3,密文对比
提取密文:
[150, 224, 244, 68, 61, 125, 8, 239, 203, 254, 241, 113, 213, 176, 64, 106, 103, 166, 185, 159, 158, 172, 9, 213, 239, 12, 100, 185, 90, 174, 1
07, 131, 223, 122, 229, 157]
EXP:
from Crypto.Cipher import ARC4
key = b'2021quickjs_happygame'
key = ARC4.new(key)
en_flag = [150, 224, 244, 68, 61, 125, 8, 239, 203, 254, 241, 113, 213, 176, 64, 106, 103, 166, 185, 159, 158, 172, 9,
213, 239, 12, 100, 185, 90, 174, 107, 131, 223, 122, 229, 157]
en_flag = [i ^ (56 - 17) for i in en_flag]
en_flag = bytes(en_flag)
flag = key.decrypt(en_flag)
print(flag)
