本文已参与「新人创作礼」活动,一起开启掘金创作之路。
[羊城杯 2020]逃离东南亚
解压的三个日记,先看第一个,解压发现图片与MD,看图片发现CRC错误,改宽高发现提示
zip_pwd:wdnmd
看日记二
发现里面test内容疑似brainfuck加密,直接解解不出来,需要在头上加++++++++
之后base64解码,发现是elf开头,放kali里去运行
发现没有权限
chmod u+x 1
运行发现没有东西,换思路,发现wav文件放slienteye里看看,果然有东西
This1sThe3rdZIPpwd
解压第三个日记,发现elf文件下的rtld.c、malloc文件夹下的malloc.c、malloc文件夹下的arena.c发现有空格和tab组成的信息
到这不会了,网上找了一个脚本
def f_read(name):
f=open(name,"r")
flag=""
useless=r"abcdefghijklmnopqrstuvw\xyz;,)"
for line in f.readlines():
line=line.replace("\n","")
if "}" in line:
t = line.split("}")
if len(t[1]) != 0:
x = 1
for i in useless:
if i in t[1]:
x = 0
break
if x:
for s in t[1]:
if s == '\t':
flag += "1"
else:
flag += "0"
f.close()
print(flag)
print("*****")
f_read("rtld.c")
f_read("arena.c")
f_read("malloc.c")
转码
01010011010011110101001100100001001000000111000001101100011001010110000101110011011001010010000001101000011001010110110001110000001000000110110101100101001000000010110100111110001000000111001001110100011011000110010000101110011000110111100101101111011101010111001000100000011001100110110001100001011001110010000001101001011100110010000001101001011011100010000001101101011000010110110001101100011011110110001100101110011000110100011101010111010000110101010001000110011110110110001101101111011001000110010101011111011100110111010001100101011001110110000101101110011011110110011101110010011000010111000001101000011110010101111100110001011100110101111101100110011101010110111001101110011110010010000101111101
直接ciphey一把梭
GWCTF{code_steganography_1s_funny!}
[INSHack2018]42.tar.xz
This file is very deep. Will you dare dig in it ?
压缩包里有很多分支,单点爆破42.tar
import tarfile
import os
current_path = r"C:/Users/XINO/Desktop/attachment/"
if __name__ == "__main__":
i = 0
target = "42.tar.xz"
tarname = current_path + target
while True:
i += 1
print("当前层数:{0}".format(i))
tar = tarfile.open(tarname)
filenames = tar.getnames()
if target not in filenames: break
tar.extract(target,current_path)
tar.close()
print("最后一层:{}".format(filenames),"\n正在解压……")
tar.extractall(current_path)
tar.close()
文件太大,type命令直接出
INSA{04ebb0d6a87f9771f2eea4dce5b91a85e7623c13301a8007914085a91b3ca6d9}
[XMAN2018排位赛]AutoKey
看别人解题发现了一个新思路,对于usb流量有专门的工具来破解
UsbKeyboardDataHacker工具破解
贴一个链接
kali@kali:~/桌面/UsbKeyboardDataHacker-master$ python2 /home/kali/桌面/UsbKeyboardDataHacker-master/UsbKeyboardDataHacker.py /home/kali/桌面/attachment.pcapng
[+] Found : <CAP>a<CAP>utokey('****').decipheer('<CAP>mplrvffczeyoujfjkybxgzvdgqaurkxzolkolvtufblrnjesqitwahxnsijxpnmplshcjbtyhzealogviaaissplfhlfswfehjncrwhtinsmambvexo<DEL>pze<DEL>iz')
找到加密字符
mplrvffczeyoujfjkybxgzvdgqaurkxzolkolvtufblrnjesqitwahxnsijxpnmplshcjbtyhzealogviaaissplfhlfswfehjncrwhtinsmambvexopzeiz
根据题目,猜测是Autokey加密,我们需要爆破密钥
autokey, klen 8 :"FLAGHERE", HELLOBOYSANDGIRLSYOUARESOSMARTTHATYOUCANFINDTHEFLAGTHATIHIDEINTHEKEYBOARDPACKAGEFLAGISJHAWLZKEWXHNCDHSLWBAQJTUQZDXYGGKSA
找到flag
[BSidesSF2019]diskimage
png图片zsteg一把梭
zsteg -e 'b8,rgb,lsb,xy' attachment.png > disk.dat
用testdisk看,发现存在额外内容,根据方式复制导出
发现是flAG图片
flag{FAT12_FTW}
考察就是工具的使用吧,对于我这种没用过testdisk的人来说,第一次还是不太会弄的
