Heavy Blue Writeup
Posted 末初mochu7
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Heavy Blue Writeup相关的知识,希望对你有一定的参考价值。
一位师傅发的、来源不知、但是觉得这题可以记录一下
链接:https://pan.baidu.com/s/1GoPtUU4uqa4yYMfetRRZuQ
提取码:v87q
flag.bmp
读取RGB数据,只有Blue通道有数据,而且看起来都在32-126的ASCII可显示字符范围
将Blue通道的数据提取出来转换成字符,然后拼接起来,以一行一行的方式读取
from PIL import Image
from base64 import *
img = Image.open('flag.bmp')
width, height = img.size
blue_data = ''
for h in range(height):
for w in range(width):
pix = img.getpixel((w, h))
blue_data += chr(int(pix[2]))
with open('flag', 'wb') as f:
f.write(b64decode(blue_data))
XZ的压缩文件,接下来就是套娃解压,只不过这里混合了xz、gz、zip三种压缩格式的套娃压缩
通过识别它们的文件头进行进一步解压
.xz FD 37 7A 58
.gz 1F 8B 08 08
.zip 50 4B 03 04
Python简单处理
import lzma
import zipfile
import gzip
import os
def dec_xz(current_file, count_num):
with open(current_file, 'rb') as f:
next_file = 'flag'.format(count_num)
with open(next_file, 'wb') as f1:
f1.write(lzma.decompress(f.read()))
count_num += 1
return next_file, count_num
def dec_zip(current_file, count_num):
zf = zipfile.ZipFile(current_file, 'r')
zf.extractall('./')
next_file = 'flag'.format(count_num)
os.rename(zf.namelist()[0], next_file)
count_num += 1
return next_file, count_num
def dec_gz(current_file, count_num):
with open(current_file, 'rb') as f:
next_file = 'flag'.format(count_num)
with open(next_file, 'wb') as f1:
f1.write(gzip.decompress(f.read()))
count_num += 1
return next_file, count_num
current_file = 'flag.xz'
count_num = 1
while True:
try:
with open(current_file, 'rb') as f:
file_header = f.read(4).hex().upper()
if file_header == 'FD377A58':
current_file, count_num = dec_xz(current_file, count_num)
elif file_header == '1F8B0808':
current_file, count_num = dec_gz(current_file, count_num)
elif file_header == '504B0304':
current_file, count_num = dec_zip(current_file, count_num)
else:
with open(current_file, 'r') as f:
print(f.read())
break
except Exception as ex:
print(ex)
flag1d3ca261-82e7-4710-a6d5-d6878176aab0
以上是关于Heavy Blue Writeup的主要内容,如果未能解决你的问题,请参考以下文章