长安“战疫”网络安全卫士守护赛Writeup
Posted 末 初
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了长安“战疫”网络安全卫士守护赛Writeup相关的知识,希望对你有一定的参考价值。
文章目录
misc题目附件请自取:
链接:https://pan.baidu.com/s/1fBuwvOvYLX7G-vzqbDBDtQ
提取码:259p
MISC
名称放了不给审核通过(见下图)
cazyzhanchangyangchangzhanyanghechangshanshananzhanyiyizhanyianyichanganyang
朴实无华的取证
有几个可疑进程:
360zip.exe
notepad.exe
2345PicViewer.e
将得到的文件使用010 Editor
打开,提取这一部分另存为.txt
继续查找zip
文件
得到的压缩包有密码,使用前面txt里面的日期:20211209
//幼儿园水平的加密(部分)
void Encrypt(string& str)
for(int i = 0; i < str.length(); i++)
if(str[i] >='a'&& str[i]<='w')
str[i]+=3;
else if(str[i]=='x')
str[i]='a';
else if(str[i]=='y')
str[i]='b';
else if(str[i]=='z')
str[i]='c';
else if(str[i]=='_')
str[i]='|';
str[i] -= 32;
继续查看图片文件
得到的是一张bmp图片
得到一串密文,联系之前的得到的处理密文逻辑,使用Python简单逆处理逻辑即可得到flag
flag_str = "FDCB[8LDQ?ZLOO?FHUWDLQOB?VXFFHHG?LQ?ILJKWLQJ?WKH?HSLGHPLF]"
flag_str = list(flag_str)
for i in range(len(flag_str)):
flag_str[i] = chr(ord(flag_str[i]) + 32)
if ord(flag_str[i]) >= ord('a') + 3 and ord(flag_str[i]) <= ord('w') + 3:
flag_str[i] = chr(ord(flag_str[i]) - 3)
elif flag_str[i] == 'a':
flag_str[i] = 'x'
elif flag_str[i] == 'b':
flag_str[i] = 'y'
elif flag_str[i] == 'c':
flag_str[i] = 'z'
elif flag_str[i] == '|':
flag_str[i] = '_'
print(flag_str[i],end="")
PS C:\\Users\\Administrator\\Downloads> python .\\code.py
cazyXian_will_certainly_succeed_in_fighting_the_epidemic
无字天书
多数为HTTP/TCP流量,直接导出HTTP
在线站直接将十六进制字节流转为zip文件:https://the-x.cn/encodings/Hex.aspx
key.ws
是whitespace
Whitespace: https://vii5ard.github.io/whitespace/
直接复制进去点击RUN
得到key:XiAnWillBeSafe
然后利用SNOW
隐写工具解flag.txt
PS D:\\Tools\\Misc\\snwdos32> .\\SNOW.EXE -p XiAnWillBeSafe -C .\\flag.txt
cazyC4n_y0u_underSt4nd_th3_b0oK_With0ut_Str1ng
名称放了不给审核通过(见下图)
在导出的文件中有一个secret.txt
,将其中的base64解码得到一个zip,利用在线站:https://the-x.cn/zh-cn/base64/
压缩包里面是很多碎图,需要拼图得到flag
数量不多,去掉不带有flag字符的图片则更少,直接手动拼,且从碎图种能看出是最近很火的图片,网上可直接找到原图做对比拼图,使得拼图更加容易
cazymake_XiAN_great_Again
ez_Encrypt
web123
解码得到源码的压缩包
https://the-x.cn/zh-cn/base64/
在\\app\\controller\\index.php
种发现密文
执行一遍之后得到第二部分密文,然后两部分放一起
再次执行得到flag
cazyPHP_ji4m1_1s_s00000_3aSyyyyyyyyyyy
Ez_Steg
ARCHPR
爆破即可
得到密码:220101
emoji.txt
是emoji-aes
;需要key解密
🙃💵🌿🎤🚪🌏🐎🥋🚫😆😍🌿🍴✉🍴🙃🌊🕹🖐🐍😁💵🕹🍵🏹💵😇🐎🕹✅🌊🥋👁✅✅🕹🌿😍😆🕹👁😂❓🔪🔬🔬🥋🚪☃🏹🚫🍍✉✅🤣🍌☂🛩ℹℹ☂🍎👉🚫🏹☂👌✉💵❓🕹✅👑🏹☀😡🤣✖🍌🐎😁😊😆🎤👌⌨🗒🗒
steg.pyc
存在stegosaurus
隐写
得到key:TheKey:St3g1sV3ryFuNny
emoji-aes:https://aghorler.github.io/emoji-aes/
解密得到flag
cazyEm0j1s_AES_4nd_PyC_St3g_D0_yoU_l1ke
binary
234
是java编译文件
jadx反编译:https://github.com/skylot/jadx/releases/tag/v1.3.1
flag_list = [77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77以上是关于长安“战疫”网络安全卫士守护赛Writeup的主要内容,如果未能解决你的问题,请参考以下文章