大佬教程收集整理的这篇文章主要介绍了2021 长安“战疫”网络安全卫士守护赛 WriteUp,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
麻薯星的zyz想要生猴子!!!麻薯星的zyz想要生猴子!!!麻薯星的zyz想要生猴子!!! 队友第一轮做了俩Web之后就摆烂了 寄 总体来说长安战疫基本大部分题都偏向入门c;适合大一新生练练手 少部分多百度也能做。 还有很小部分就看积累吧。
按照迷宫走然后取字的拼音即可
字是战长恙长战恙河长山山安战疫疫战疫安疫长安恙
flag是:
cazy{zhanchangyangchangzhanyanghechangshanshananzhanyiyizhanyianyichanganyang}
首先查看版本 imageinfo得到WinXPSP2x86
然后pslistc;注意到
于是:
发现目录是桌面而并非Desktopc;重新filescan一下c;导出有用信息
@H_675_99@
首先zip的密码是上面说的20211209
其次c;得到的txt是加密函数c;而密文在flag.png上。反过来写一个脚本
但是我写了几次都没写对
。。。。于是有了这个脚本
s = 'fdcb[8ldq?zloo?fhuwdlqob?vxffhhg?lq?iljkwlqj?wkh?hslghplf]'
for i in s:
if(@H_874_126@ord(i)>=@H_874_126@ord('a') and @H_874_126@ord(i)<=@H_874_126@ord('w')):
print(@H_874_126@chr(@H_874_126@ord(i)-3),end='')
elif(i == 'a'):
print('x',end='')
elif(i == 'b'):
print('y',end='')
elif(i == 'c'):
print('z',end='')
elif(i == "|"):
print('_')
else:
print(@H_874_126@chr(@H_874_126@ord(i)+32),end='')
#ca`_{Xian_šill_certainl__s˜cceed_in_fighTing_the_epidemic}
查了一下certainl后面应该还有个y
然后前面那个单词是willc;后面那个单词是succeedc;于是得到flag提交正确
cazy{Xian_will_certainly_succeed_in_fighTing_the_epidemic}
导出http流c;在导出的其中两个文件发现hex串c;都是很明显的zipc;hex–>asciic;得到zipc;打开zip得到两文件c;一个key.ws一个flag.txt
ws很明显的whitespacec;直接https://vii5ard.github.io/whitespace/得到key:XiAnWillBeSafe
然后flag.txt很明显的snoW
.snoW.EXE -p XiAnWillBeSafe -C .flag.txt
cazy{C4n_y0u_underSt4nd_th3_b0oK_With0ut_Str1ng}
查看流量包发现大量的base64串c;导出http发现secret.txtc;base64解码发现是zipc;保存后打开发现是拼图
因为不知道大小c;所以猜了一个12*4
命令montage *png -tile 12x4 -geometry 100x100+0+0 out2.png
然后用gaps
python3 gaps --image=out2.png --generations=10 --population=48 --size=100 --save 我gaps有问题c;代数太多跑一会就报错c;不加save跑完就直接报错。。。
得到flagc;X的大小写记不住了
cazy{make_XiAN_great_Again}
文件头能看出来是class文件c;直接扔jadx
数组转出来
s = [77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 65, 120, 77, 70, 120, 117, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 70, 120, 117, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 65, 120, 77, 68, 65, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 119, 77, 70, 120, 117, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 65, 120, 77, 84, 65, 120, 77, 70, 120, 117, 77, 68, 65, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 68, 69, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 120, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 86, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 65, 61, 61]
for i in s:
print(@H_874_126@chr(i),end='')
s = '0000000101110000000011111101110000000n0111110101101010111110001110110111110n0100010100001111000111010110110100010n0100010110000011000111000001010100010n0100010111011011001101101011110100010n0111110101110100000001001000010111110n0000000101010101010101010101010000000n1111111100100000000100110011111111111n1100010101010000101111110100000011000n0101101000110010010000100110101011101n1011000001001111001100011010000010010n1110111111110010101101000110101011100n1010110001110000000110100000000000010n0110101001000100011011101011101111101n0010100100111111101110000110010100010n0010001101110110110011001100110011101n1110100110001111111011010011000000010n0000111010100011100000101101111110111n1101100110101101001100010100110000100n0101001001111001000001001110010010111n0101010011000111000110010000010101000n1001101111101110110010011111101011101n1101100010111000000101110110001011010n0011001000111101100011110100100111101n0101000001110101110110101111110100010n0101011011001001000000110100010011111n0110100010001110010110011011111001100n0111001111100000010110110111001111100n0100110010110010100010111011000000000n1111111101011001110011100101011101011n0000000111000111011010110001010100100n0111110111001101010110101100011101111n0100010100110000110011010000000000010n0100010101111101100011111111110100111n0100010101101111111100000010101010110n0111110111111000101101001111000110110n0000000111111011110110000000100011000'
s = s.split('n')
from PIL import Image
pic = Image.new('RGB',(37,37),(255,255,255))
for i in @H_874_126@range(37):
for j in @H_874_126@range(37):
if(s[i][j] == '0'):
pic.putpixel((j,i),(0,0,0))
pic.show()
pic.save('fllllag.png')
扫码得到flag
flag{932b2c0070e4897ea7df0190dbf36ecE}
pyc的steg很明显是剑龙c;注意python版本号c;我用3.9没跑出来c;3.6能跑
跑出来得到key:St3g1sV3ryFuNny
当然密文更明显是emoji-aesc;解密得到flag
cazy{Em0j1s_AES_4nd_PyC_St3g_D0_yoU_l1kE}
导出之后有个web123c;是base64c;同样cyberchef解码得到zip文件c;用D盾扫
百度找一个解php混淆的c;除去广告第一个就是https://www.zhaoyuanma.com/phpjm.html
解密得到flag
cazy{php_ji4m1_1s_s00000_3aSyyyyyyyyyyy}
key = b'x5fx11x32xffx61'
s = b'<pHx86x1a&"mxcex12x00pmx97U1uAxcfx0c:NPxcfx18~l'
for i in @H_874_126@range(@H_874_126@len(s)):
print(@H_874_126@chr(key[i%5]^s[i]),end='')
cazy{y3_1s_a_h4nds0me_b0y!}
单纯的爆破key,给了key的范围是1,1<<20c;还好简单c;要不然就不会做了
from Crypto.Util.number import *
from Crypto.Cipher import AES
from tqdm import tqdm
def pad(@H_851_113@m):
tmp = 16-(@H_874_126@len(@H_851_113@m)%16)
return m + @H_874_126@bytes([tmp for _ in @H_874_126@range(tmp)])
enc=b'x9dx18Kx84nxb8b|x18xad4xc6xfcxecxfex14x0b_Txe3x1bx03Qx96ex9exb8MQxd5xc3x1c'
for i in tqdm(@H_874_126@range(1<<20)):
key=pad(long_to_bytes(i))
aes=AES.new(key,AES.@H_851_113@mODE_ECB)
s = aes.decrypt(enc)
if b'cazy{' in s:
print(s)
真就太久没学数学呗c;还有负根c;一开始都忘干净了c;果然我不适合做cryc;但还好这三道和密码学关系不是特别的大。
from Crypto.Util.number import*
import gmpy2
s = 10715086071862673209484250490600018105614048117055336074437503883703510511248211671489145400471130049712947188505612184220711949974689275316345656079538583389095869818942817127245278601695124271626668045250476877726638182396614587807925457735428719972874944279172128411500209111406507112585996098530169
s -= 0x0338470
s = gmpy2.iroot(s,2)[0]
s = -s
s += (1<<500)
print(long_to_bytes(s))
cazy{1234567890_no_m4th_n0_cRy}
jdgui打开看main就看见加密的flag了c;上面函数明显的rot13
flag{We_w11l_f1ght_t0_end_t0_end_cazy}
IDA打开ctf1.exec;搜字符串c;看见ZmxhZ3tDaDFuYV95eWRzX2Nhenl9
base64解码就是flag
flag{Ch1na_yyds_cazy}
uncompyle6 easy_py.cpython-38.pyc > easy_py.py
出来一个py文件c;看了下c;首先进encrypt1进行异或c;再进入encrypt2进行异或c;然后输出和Happy进行比较
既然是这样c;那不妨反过来c;把num从9到0改成从0到9c;把该减的地方改成加c;该执行的顺序也换一下。
# uncompyle6 version 3.7.4
# Python bytecode 3.8 (3413)
# Decompiled from: Python 3.8.7 (default, Dec 22 2020, 10:37:26)
# [GCC 10.2.1 20201207]
# Embedded file name: C:UsersAdministratorDesktopeasy_py.py
# Compiled at: 2021-12-28 15:45:17
# Size of source mod 2**32: 1099 bytes
import threading, time
def encode_1(n):
global num
while True:
if num <= 9:
flag[num] = flag[num] ^ num
num += 1
time.sleep(0.1)
if num > 9:
break
def encode_2(n):
global num
while True:
if num <= 9:
flag[num] = flag[num] ^ flag[(num + 1)]
num += 1
time.sleep(0.1)
if num > 9:
break
while True:
Happy = [
44, 100, 3, 50, 106, 90, 5, 102, 10, 112]
num = 0
f = @H_874_126@input('Please input your flag:')
if @H_874_126@len(f) == 10:
print('Your input is illegal')
else:
flag = [44, 100, 3, 50, 106, 90, 5, 102, 10, 112]
if(1 == 2):
print('crazymumuzi!')
else:
print("flag to 'ord':", flag)
t1 = threading.Thread(target=encode_1, args=(1, ))
t2 = threading.Thread(target=encode_2, args=(2,))
t2.start()
t1.start()
t1.join()
t2.join()
for i in flag:
print(@H_874_126@chr(i),end='')
if flag == Happy:
print('Good job!')
else:
print('No no no!')
# okay decompiling easy_py.cpython-38.pyc
得到flag,包上flag{}即可
flag{He110_cazy}
以上是大佬教程为你收集整理的2021 长安“战疫”网络安全卫士守护赛 WriteUp全部内容,希望文章能够帮你解决2021 长安“战疫”网络安全卫士守护赛 WriteUp所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。