def rc4(key, data):
s = list(range(256))
j = 0
out = []

# KSA (Key Scheduling Algorithm)
for i in range(256):
j = (j + s[i] + key[i % len(key)]) % 256
s[i], s[j] = s[j], s[i]

# PRGA (Pseudo-Random Generation Algorithm)
i = j = 0
for byte in data:
i = (i + 1) % 256
j = (j + s[i]) % 256
s[i], s[j] = s[j], s[i]
k = s[(s[i] + s[j]) % 256]
out.append(byte ^ k)

return out

def solve():
# 真正的密文（从字节码中提取的十进制值）
# 来源：题目字节码中的 push_i16 / push_i8 指令序列
cipher_bytes = [
150, 224, 244, 68, 61, 125, 8, 239, 203, 254, 241, 113, 213, 176, 64,
106, 103, 166, 185, 159, 158, 172, 9, 213, 239, 12, 100, 185, 90, 174,
107, 131, 223, 122, 229, 157
]

key_str = "2021quickjs_happygame"
key = [ord(c) for c in key_str]

print("[*] 开始解密...")

# 第一步：RC4 解密
rc4_output = rc4(key, cipher_bytes)

# 第二步：异或 39 (Decimal)
# 题目逻辑是：RC4(flag) ^ 39 = cipher
# 解密逻辑是：RC4(cipher) ^ 39 = flag (因为异或和RC4都是对称的)
flag_chars = [chr(b ^ 39) for b in rc4_output]

flag = "".join(flag_chars)
print(f"[+] 最终 Flag: {flag}")

if __name__ == "__main__":
solve()