长安“战疫”网络安全卫士守护赛Writeup

Posted 末 初

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了长安“战疫”网络安全卫士守护赛Writeup相关的知识,希望对你有一定的参考价值。

文章目录


misc题目附件请自取:
链接:https://pan.baidu.com/s/1fBuwvOvYLX7G-vzqbDBDtQ 
提取码:259p

MISC

名称放了不给审核通过(见下图)


cazyzhanchangyangchangzhanyanghechangshanshananzhanyiyizhanyianyichanganyang

朴实无华的取证



有几个可疑进程:

  • 360zip.exe
  • notepad.exe
  • 2345PicViewer.e


将得到的文件使用010 Editor打开,提取这一部分另存为.txt


继续查找zip文件

得到的压缩包有密码,使用前面txt里面的日期:20211209

//幼儿园水平的加密(部分)
void Encrypt(string& str)

	for(int i = 0; i < str.length(); i++)
	
		if(str[i] >='a'&& str[i]<='w')
			str[i]+=3;
		else if(str[i]=='x')
			str[i]='a';
		else if(str[i]=='y')
			str[i]='b';
		else if(str[i]=='z')
			str[i]='c';	
		else if(str[i]=='_')
			str[i]='|';
		str[i] -= 32;
	

继续查看图片文件

得到的是一张bmp图片

得到一串密文,联系之前的得到的处理密文逻辑,使用Python简单逆处理逻辑即可得到flag

flag_str = "FDCB[8LDQ?ZLOO?FHUWDLQOB?VXFFHHG?LQ?ILJKWLQJ?WKH?HSLGHPLF]"
flag_str = list(flag_str)
for i in range(len(flag_str)):
	flag_str[i] = chr(ord(flag_str[i]) + 32)
	if ord(flag_str[i]) >= ord('a') + 3 and ord(flag_str[i]) <= ord('w') + 3:
		flag_str[i] = chr(ord(flag_str[i]) - 3)
	elif flag_str[i] == 'a':
		flag_str[i] = 'x'
	elif flag_str[i] == 'b':
		flag_str[i] = 'y'
	elif flag_str[i] == 'c':
		flag_str[i] = 'z'
	elif flag_str[i] == '|':
		flag_str[i] = '_'
	print(flag_str[i],end="")
PS C:\\Users\\Administrator\\Downloads> python .\\code.py
cazyXian_will_certainly_succeed_in_fighting_the_epidemic

无字天书



多数为HTTP/TCP流量,直接导出HTTP

在线站直接将十六进制字节流转为zip文件:https://the-x.cn/encodings/Hex.aspx

key.wswhitespace

Whitespace: https://vii5ard.github.io/whitespace/
直接复制进去点击RUN

得到key:XiAnWillBeSafe
然后利用SNOW隐写工具解flag.txt

PS D:\\Tools\\Misc\\snwdos32> .\\SNOW.EXE -p XiAnWillBeSafe -C .\\flag.txt
cazyC4n_y0u_underSt4nd_th3_b0oK_With0ut_Str1ng

名称放了不给审核通过(见下图)



在导出的文件中有一个secret.txt,将其中的base64解码得到一个zip,利用在线站:https://the-x.cn/zh-cn/base64/

压缩包里面是很多碎图,需要拼图得到flag

数量不多,去掉不带有flag字符的图片则更少,直接手动拼,且从碎图种能看出是最近很火的图片,网上可直接找到原图做对比拼图,使得拼图更加容易

cazymake_XiAN_great_Again

ez_Encrypt



web123解码得到源码的压缩包

https://the-x.cn/zh-cn/base64/


\\app\\controller\\index.php种发现密文

执行一遍之后得到第二部分密文,然后两部分放一起

再次执行得到flag

cazyPHP_ji4m1_1s_s00000_3aSyyyyyyyyyyy

Ez_Steg



ARCHPR爆破即可

得到密码:220101
emoji.txtemoji-aes;需要key解密

🙃💵🌿🎤🚪🌏🐎🥋🚫😆😍🌿🍴✉🍴🙃🌊🕹🖐🐍😁💵🕹🍵🏹💵😇🐎🕹✅🌊🥋👁✅✅🕹🌿😍😆🕹👁😂❓🔪🔬🔬🥋🚪☃🏹🚫🍍✉✅🤣🍌☂🛩ℹℹ☂🍎👉🚫🏹☂👌✉💵❓🕹✅👑🏹☀😡🤣✖🍌🐎😁😊😆🎤👌⌨🗒🗒

steg.pyc存在stegosaurus隐写


得到key:TheKey:St3g1sV3ryFuNny

emoji-aes:https://aghorler.github.io/emoji-aes/

解密得到flag

cazyEm0j1s_AES_4nd_PyC_St3g_D0_yoU_l1ke

binary


234是java编译文件

jadx反编译:https://github.com/skylot/jadx/releases/tag/v1.3.1

flag_list = [77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77以上是关于长安“战疫”网络安全卫士守护赛Writeup的主要内容,如果未能解决你的问题,请参考以下文章

长安“战疫”网络安全卫士守护赛Writeup

2021 长安“战疫”网络安全卫士守护赛 WriteUp

云上守护20余省超10亿国人!移动云硬核战疫

信息安全铁人三项赛--资质赛writeup

2020新春战疫公益赛 misc

[ CTF ] WriteUp-2022年春秋杯网络安全联赛-冬季赛