apk game

import string

c=[ 0xA6,0x3F,0xC3,0xBD,0x86,0x85,0x0F,0x21,0xDE,0xE8,0x3B,0x92,0xBE,0x79,0xE2,0x32,
    0x19,0x02,0x51,0xE4,0xAB,0xB6,0x1A,0x8A,0xA9,0x61,0xAB,0x99,0x1F,0x2F,0xB8,0xFC,
    0x62,0x78,0x7A,0xE2,0x01,0x76,0xFA,0x09,0x38,0xDE,0xFF,0x4A,0x01,0x98,0xC4,0x5D,
    0x42,0xD6,0xDB]

def is_printable(s):  
    for ch in s:
        if not ch in string.printable:
            return False
    return True

def rc4(data, keyStr):     
    key=[ord(c) for c in keyStr]
    x = 0
    box= list(range(256))
    for i in range(256):
        x = (x + box[i] + key[i % len(key)]) % 256
        box[i], box[x] = box[x], box[i]
    out = []; x = 0; y = 0;
    for t in data:
        x = (x + 1) % 256
        y = (y + box[x]) % 256
        box[x], box[y] = box[y], box[x]
        out.append((t ^ box[(box[x] + box[y]) &0xff]) &0xff)
    return out

print 'Start bruting force...'      
for a in range(256):
    k=[i for i in range(a,a+51)]   
    L=[ (c[i]^(k[i]*2)) & 0xff  for i in range(51)]  
    ss=''.join( [ chr(i) for i in rc4(L,'0CTF2015') ])
    if is_printable(ss):
        print a,ss
        flag=ss
        
print 'Start checking the flag...'        
data=rc4([ord(c) for c in flag],'0CTF2015')
k=data[-1]
print 'k=%d' %(k)
cc=[]
for i in range(51): 
    cc.append((data[i]^(2*k))&0xff)
    k+=1

print 'The secret array is...'  
ss=''
for i in range(1,52):
    if i%16==15:
        ss+='0x%02x\n' %(cc[i-1])
    else:
        ss+='0x%02x ' %(cc[i-1])
print ss

import binascii
v11 ='7201160470727377'  #data from memory
s=binascii.unhexlify(v11)
print ''.join([  chr(ord(c)^0x42 ) for c in s])

v11 ='7773727004160172'  #data from fake code
s=binascii.unhexlify(v11)
print ''.join([chr(ord(c)^0x42 ) for c in s])[::-1]