buuctf misc wp 01

1、金三胖

root@kali:~/下载/CTF题目# unzip 77edf3b9-3ef9-4ead-9c81-ffdaf7a08414.zip

Archive:  77edf3b9-3ef9-4ead-9c81-ffdaf7a08414.zip

   creating: 金三胖/

  inflating: 金三胖/aaa.gif

root@kali:~/下载/CTF题目# ls

379140b0-c2aa-4aa6-b372-031beb2007f0.zip

77edf3b9-3ef9-4ead-9c81-ffdaf7a08414.zip

金三胖

dabai.png

f4571698-e6e4-41b6--2aab17cef02a.zip

f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

root@kali:~/下载/CTF题目# cd 金三胖/

root@kali:~/下载/CTF题目/金三胖# ls

aaa.gif

root@kali:~/下载/CTF题目/金三胖# eog aaa.gif

先找到题目,解压后,通过eog命令打开图片,

这是一个GIF动图。然后将gif图全部转换为png图片。

root@kali:~/下载/CTF题目/金三胖# convert aaa.gif .png

root@kali:~/下载/CTF题目/金三胖# ls

-.png   -.png  -.png  -.png  -.png  -.png  -.png  -.png

-.png  -.png  -.png  -.png  -.png  -.png  -.png  -.png

-.png  -.png  -.png  -.png  -.png  -.png  -.png  -.png

-.png  -.png  -.png  -.png  -.png  -.png  -.png  -.png

-.png  -.png  -.png  -.png  -.png  -.png  -.png  -.png

-.png  -.png  -.png  -.png  -.png  -.png  -.png   aaa.gif

-.png  -.png  -.png  -.png  -.png  -.png   -.png

-.png  -.png  -.png  -.png  -.png   -.png  -.png

-.png  -.png  -.png  -.png   -.png  -.png  -.png

-.png  -.png  -.png   -.png  -.png  -.png  -.png

-.png  -.png   -.png  -.png  -.png  -.png  -.png

-.png   -.png  -.png  -.png  -.png  -.png  -.png

root@kali:~/下载/CTF题目/金三胖#

通过查看解出来的图片即可获得flag

2、二维码

解开这个题目后,打开看,是一个二维码,扫二维码得出。

然后,继续检查图片。

root@kali:~/下载/CTF题目# binwalk QR_code.png 

DECIMAL       HEXADECIMAL     DESCRIPTION

--------------------------------------------------------------------------------

             0x0             PNG image,  x , -bit colormap, non-interlaced

           0x1D7           Zip archive data, encrypted at least v2. to extract, compressed size: , uncompressed size: , name: 4number.txt

           0x28A           End of Zip archive, footer length: 

root@kali:~/下载/CTF题目# foremost QR_code.png

Processing: QR_code.png

�foundat=4number.txtn

Qjxu�J����[����OPF4L�

*|

root@kali:~/下载/CTF题目# cd output/

root@kali:~/下载/CTF题目/output# ls

audit.txt  png  zip

root@kali:~/下载/CTF题目/output# cd zip/

root@kali:~/下载/CTF题目/output/zip# ls

.zip

root@kali:~/下载/CTF题目/output/zip# unzip .zip

Archive:  .zip

[.zip] 4number.txt password:

用binwalk查看图片,发现有个压缩包。解压后发现,这个压缩包需要密码。这里显示说是4位数字密码。
而题目没有其它提示,显然,是想让我们暴力破解密码。

root@kali:~/下载/CTF题目/output/zip# ls

.zip

root@kali:~/下载/CTF题目/output/zip# fcrackzip -b -c '' -l  -u .zip 

PASSWORD FOUND!!!!: pw ==

root@kali:~/下载/CTF题目/output/zip# ls

.zip

root@kali:~/下载/CTF题目/output/zip# unzip .zip

Archive:  .zip

[.zip] 4number.txt password:

  inflating: 4number.txt

root@kali:~/下载/CTF题目/output/zip# ls

.zip  4number.txt

root@kali:~/下载/CTF题目/output/zip# bat 4number.txt

───────┬────────────────────────────────────────────────────────────────────────

       │ File: 4number.txt

───────┼────────────────────────────────────────────────────────────────────────

      │ CTF{vjpw_wnoei}

───────┴────────────────────────────────────────────────────────────────────────

root@kali:~/下载/CTF题目/output/zip#

解出来后,用密码打开得到flag

3、N种方法解决

先看题目

root@kali:~/下载/CTF题目# unzip f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

Archive:  f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

  inflating: KEY.exe

root@kali:~/下载/CTF题目# ls

379140b0-c2aa-4aa6-b372-031beb2007f0.zip

dabai.png

f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

KEY.exe

root@kali:~/下载/CTF题目#

题目下载解出来后,是一个KEY.exe程序。
先运行程序看看。

root@kali:~/下载/CTF题目# ls

379140b0-c2aa-4aa6-b372-031beb2007f0.zip

dabai.png

f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

KEY.exe

root@kali:~/下载/CTF题目# mv KEY.exe KEY.sh

root@kali:~/下载/CTF题目# ls

379140b0-c2aa-4aa6-b372-031beb2007f0.zip

dabai.png

f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

KEY.sh

root@kali:~/下载/CTF题目# chmod o+x KEY.sh

root@kali:~/下载/CTF题目# ./KEY.sh

./KEY.sh:行1: data:image/jpg: 没有那个文件或目录

./KEY.sh:行1: base64,iVBORw0KGgoAAAANSUhEUgAAAIUAAACFCAYAAAB12js8AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAArZSURBVHhe7ZKBitxIFgTv/396Tx564G1UouicKg19hwPCDcrMJ9m7/7n45zfdxe5Z3sJ7prHbf9rXO3P4lLvYPctbeM80dvtP+3pnDp9yF7tneQvvmcZu/2lf78zhU+5i9yxv4T3T2O0/7eud68OT2H3LCft0l/ae9ZlTo+23pPvX7/rwJHbfcsI+3aW9Z33m1Gj7Len+9bs+PIndt5ywT3dp71mfOTXafku6f/2uD09i9y0n7NNd2nvWZ06Ntt+S7l+/68MJc5O0OSWpcyexnFjfcsI+JW1ukpRfv+vDCXOTtDklqXMnsZxY33LCPiVtbpKUX7/rwwlzk7Q5JalzJ7GcWN9ywj4lbW6SlF+/68MJc5O0OSWpcyexnFjfcsI+JW1ukpRfv+vDCXOTWE7a/i72PstJ2zfsHnOTpPz6XR9OmJvEctL2d7H3WU7avmH3mJsk5dfv+nDC3CSWk7a/i73PctL2DbvH3CQpv37XhxPmJrGctP1d7H2Wk7Zv2D3mJkn59bs+nDA3ieWEfdNImylJnelp7H6bmyTl1+/6cMLcJJYT9k0jbaYkdaansfttbpKUX7/rwwlzk1hO2DeNtJmS1Jmexu63uUlSfv2uDyfMTWI5Yd800mZKUmd6Grvf5iZJ+fW7PjzJ7v12b33LSdtvsfuW75LuX7/rw5Ps3m/31rectP0Wu2/5Lun+9bs+PMnu/XZvfctJ22+x+5bvku5fv+vDk+zeb/fWt5y0/Ra7b/ku6f71+++HT0v+5l3+tK935vApyd+8y5/29c4cPiX5m3f5077emcOnJH/zLn/ar3d+/flBpI+cMDeNtJkSywn79BP5uK+yfzTmppE2U2I5YZ9+Ih/3VfaPxtw00mZKLCfs00/k477K/tGYm0baTInlhH36iSxflT78TpI605bdPbF7lhvct54mvWOaWJ6m4Z0kdaYtu3ti9yw3uG89TXrHNLE8TcM7SepMW3b3xO5ZbnDfepr0jmlieZqGd5LUmbbs7onds9zgvvU06R3TxPXcSxPrW07YpyR1pqTNKUmdKUmdk5LUaXzdWB/eYX3LCfuUpM6UtDklqTMlqXNSkjqNrxvrwzusbzlhn5LUmZI2pyR1piR1TkpSp/F1Y314h/UtJ+xTkjpT0uaUpM6UpM5JSeo0ft34+vOGNLqDfUosN7inhvUtJ+ybRtpMd0n39Goa3cE+JZYb3FPD+pYT9k0jbaa7pHt6NY3uYJ8Syw3uqWF9ywn7ppE2013SPb2aRnewT4nlBvfUsL7lhH3TSJvpLunecjWV7mCftqQbjSR1puR03tqSbkx/wrJqj7JPW9KNRpI6U3I6b21JN6Y/YVm1R9mnLelGI0mdKTmdt7akG9OfsKzao+zTlnSjkaTOlJzOW1vSjelPWFbp8NRImylJnWnL7r6F7zN3STcb32FppUNTI22mJHWmLbv7Fr7P3CXdbHyHpZUOTY20mZLUmbbs7lv4PnOXdLPxHZZWOjQ10mZKUmfasrtv4fvMXdLNxndYWunQlFhutHv2W42n+4bds7wl3VuuskSJ5Ua7Z7/VeLpv2D3LW9K95SpLlFhutHv2W42n+4bds7wl3VuuskSJ5Ua7Z7/VeLpv2D3LW9K97avp6GQ334X3KWlz+tukb5j+hO2/hX3Ebr4L71PS5vS3Sd8w/Qnbfwv7iN18F96npM3pb5O+YfoTtv8W9hG7+S68T0mb098mfcP0Jxz/W+x+FPethvUtN2y/m7fwnvm1+frzIOklDdy3Gta33LD9bt7Ce+bX5uvPg6SXNHDfaljfcsP2u3kL75lfm68/D5Je0sB9q2F9yw3b7+YtvGd+bb7+vCEN7ySpMzXSZrqL3bOcsN9Kns4T2uJRk6TO1Eib6S52z3LCfit5Ok9oi0dNkjpTI22mu9g9ywn7reTpPKEtHjVJ6kyNtJnuYvcsJ+y3kqfzxNLiEUosJ+xTYvkudt9yg3tqpM2d5Cf50mKJEssJ+5RYvovdt9zgnhppcyf5Sb60WKLEcsI+JZbvYvctN7inRtrcSX6SLy2WKLGcsE+J5bvYfcsN7qmRNneSn+RLK5UmbW4Sywn7lOzmhH3a0u7ZN99hadmRNjeJ5YR9SnZzwj5taffsm++wtOxIm5vEcsI+Jbs5YZ+2tHv2zXdYWnakzU1iOWGfkt2csE9b2j375jtcvTz+tuX0vrXF9sxNkjrTT+T6rvyx37ac3re22J65SVJn+olc35U/9tuW0/vWFtszN0nqTD+R67vyx37bcnrf2mJ75iZJneknUn+V/aWYUyNtpqTNqZE2UyNtGlvSjTsT9VvtKHNqpM2UtDk10mZqpE1jS7pxZ6J+qx1lTo20mZI2p0baTI20aWxJN+5M1G+1o8ypkTZT0ubUSJupkTaNLenGnYnl6TujO2zP3DTSZkp2c8L+0xppM32HpfWTIxPbMzeNtJmS3Zyw/7RG2kzfYWn95MjE9sxNI22mZDcn7D+tkTbTd1haPzkysT1z00ibKdnNCftPa6TN9B2uXh5/S9rcbEk37jR2+5SkzpSkzo4kdaavTg6/JW1utqQbdxq7fUpSZ0pSZ0eSOtNXJ4ffkjY3W9KNO43dPiWpMyWpsyNJnemrk8NvSZubLenGncZun5LUmZLU2ZGkzvTVWR/e0faJ7Xdzw/bMKbGc7PbNE1x3uqNtn9h+Nzdsz5wSy8lu3zzBdac72vaJ7Xdzw/bMKbGc7PbNE1x3uqNtn9h+Nzdsz5wSy8lu3zzBcsVewpyS1LmTWG7Y3nLCPm1JN05KLP/D8tRGzClJnTuJ5YbtLSfs05Z046TE8j8sT23EnJLUuZNYbtjecsI+bUk3Tkos/8Py1EbMKUmdO4nlhu0tJ+zTlnTjpMTyP/R/i8PwI//fJZYb3Jvv8Pd/il+WWG5wb77D3/8pflliucG9+Q5//6f4ZYnlBvfmO1y9PH7KFttbfhq+zySpMyVtbr7D1cvjp2yxveWn4ftMkjpT0ubmO1y9PH7KFttbfhq+zySpMyVtbr7D1cvjp2yxveWn4ftMkjpT0ubmO1y9ftRg9y0n7FPD+paTtk9O71sT13Mv7WD3LSfsU8P6lpO2T07vWxPXcy/tYPctJ+xTw/qWk7ZPTu9bE9dzL+1g9y0n7FPD+paTtk9O71sT1/P7EnOTWG5wb5LUmRptn3D/6b6+eX04YW4Syw3uTZI6U6PtE+4/3dc3rw8nzE1iucG9SVJnarR9wv2n+/rm9eGEuUksN7g3SepMjbZPuP90X9+8PpwwN0mb72pYfzcn1rf8NHwffXXWhxPmJmnzXQ3r7+bE+pafhu+jr876cMLcJG2+q2H93ZxY3/LT8H301VkfTpibpM13Nay/mxPrW34avo++OuvDCXOT7OZGu7e+5YT9XYnlhH36DlfvfsTcJLu50e6tbzlhf1diOWGfvsPVux8xN8lubrR761tO2N+VWE7Yp+9w9e5HzE2ymxvt3vqWE/Z3JZYT9uk7XL1+1GD3LX8avt8klhu2t5yc6F+/68OT2H3Ln4bvN4nlhu0tJyf61+/68CR23/Kn4ftNYrlhe8vJif71uz48id23/Gn4fpNYbtjecnKif/3+++HTnub0fd4zieUtvLfrO1y9PH7K05y+z3smsbyF93Z9h6uXx095mtP3ec8klrfw3q7vcPXy+ClPc/o+75nE8hbe2/Udzv9X+sv/OP/881/SqtvcdpBh+wAAAABJRU5ErkJggg==: 没有那个文件或目录

root@kali:~/下载/CTF题目#

看到一个base64,而这串密文也疑似base64,前面的data:image说明这base64可能是图片数据。
然后,先用base64解码试试看。

root@kali:~/下载/CTF题目# echo iVBORw0KGgoAAAANSUhEUgAAAIUAAACFCAYAAAB12js8AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAArZSURBVHhe7ZKBitxIFgTv/396Tx564G1UouicKg19hwPCDcrMJ9m7/7n45zfdxe5Z3sJ7prHbf9rXO3P4lLvYPctbeM80dvtP+3pnDp9yF7tneQvvmcZu/2lf78zhU+5i9yxv4T3T2O0/7eud68OT2H3LCft0l/ae9ZlTo+23pPvX7/rwJHbfcsI+3aW9Z33m1Gj7Len+9bs+PIndt5ywT3dp71mfOTXafku6f/2uD09i9y0n7NNd2nvWZ06Ntt+S7l+/68MJc5O0OSWpcyexnFjfcsI+JW1ukpRfv+vDCXOTtDklqXMnsZxY33LCPiVtbpKUX7/rwwlzk7Q5JalzJ7GcWN9ywj4lbW6SlF+/68MJc5O0OSWpcyexnFjfcsI+JW1ukpRfv+vDCXOTWE7a/i72PstJ2zfsHnOTpPz6XR9OmJvEctL2d7H3WU7avmH3mJsk5dfv+nDC3CSWk7a/i73PctL2DbvH3CQpv37XhxPmJrGctP1d7H2Wk7Zv2D3mJkn59bs+nDA3ieWEfdNImylJnelp7H6bmyTl1+/6cMLcJJYT9k0jbaYkdaansfttbpKUX7/rwwlzk1hO2DeNtJmS1Jmexu63uUlSfv2uDyfMTWI5Yd800mZKUmd6Grvf5iZJ+fW7PjzJ7v12b33LSdtvsfuW75LuX7/rw5Ps3m/31rectP0Wu2/5Lun+9bs+PMnu/XZvfctJ22+x+5bvku5fv+vDk+zeb/fWt5y0/Ra7b/ku6f71+++HT0v+5l3+tK935vApyd+8y5/29c4cPiX5m3f5077emcOnJH/zLn/ar3d+/flBpI+cMDeNtJkSywn79BP5uK+yfzTmppE2U2I5YZ9+Ih/3VfaPxtw00mZKLCfs00/k477K/tGYm0baTInlhH36iSxflT78TpI605bdPbF7lhvct54mvWOaWJ6m4Z0kdaYtu3ti9yw3uG89TXrHNLE8TcM7SepMW3b3xO5ZbnDfepr0jmlieZqGd5LUmbbs7onds9zgvvU06R3TxPXcSxPrW07YpyR1pqTNKUmdKUmdk5LUaXzdWB/eYX3LCfuUpM6UtDklqTMlqXNSkjqNrxvrwzusbzlhn5LUmZI2pyR1piR1TkpSp/F1Y314h/UtJ+xTkjpT0uaUpM6UpM5JSeo0ft34+vOGNLqDfUosN7inhvUtJ+ybRtpMd0n39Goa3cE+JZYb3FPD+pYT9k0jbaa7pHt6NY3uYJ8Syw3uqWF9ywn7ppE2013SPb2aRnewT4nlBvfUsL7lhH3TSJvpLunecjWV7mCftqQbjSR1puR03tqSbkx/wrJqj7JPW9KNRpI6U3I6b21JN6Y/YVm1R9mnLelGI0mdKTmdt7akG9OfsKzao+zTlnSjkaTOlJzOW1vSjelPWFbp8NRImylJnWnL7r6F7zN3STcb32FppUNTI22mJHWmLbv7Fr7P3CXdbHyHpZUOTY20mZLUmbbs7lv4PnOXdLPxHZZWOjQ10mZKUmfasrtv4fvMXdLNxndYWunQlFhutHv2W42n+4bds7wl3VuuskSJ5Ua7Z7/VeLpv2D3LW9K95SpLlFhutHv2W42n+4bds7wl3VuuskSJ5Ua7Z7/VeLpv2D3LW9K97avp6GQ334X3KWlz+tukb5j+hO2/hX3Ebr4L71PS5vS3Sd8w/Qnbfwv7iN18F96npM3pb5O+YfoTtv8W9hG7+S68T0mb098mfcP0Jxz/W+x+FPethvUtN2y/m7fwnvm1+frzIOklDdy3Gta33LD9bt7Ce+bX5uvPg6SXNHDfaljfcsP2u3kL75lfm68/D5Je0sB9q2F9yw3b7+YtvGd+bb7+vCEN7ySpMzXSZrqL3bOcsN9Kns4T2uJRk6TO1Eib6S52z3LCfit5Ok9oi0dNkjpTI22mu9g9ywn7reTpPKEtHjVJ6kyNtJnuYvcsJ+y3kqfzxNLiEUosJ+xTYvkudt9yg3tqpM2d5Cf50mKJEssJ+5RYvovdt9zgnhppcyf5Sb60WKLEcsI+JZbvYvctN7inRtrcSX6SLy2WKLGcsE+J5bvYfcsN7qmRNneSn+RLK5UmbW4Sywn7lOzmhH3a0u7ZN99hadmRNjeJ5YR9SnZzwj5taffsm++wtOxIm5vEcsI+Jbs5YZ+2tHv2zXdYWnakzU1iOWGfkt2csE9b2j375jtcvTz+tuX0vrXF9sxNkjrTT+T6rvyx37ac3re22J65SVJn+olc35U/9tuW0/vWFtszN0nqTD+R67vyx37bcnrf2mJ75iZJneknUn+V/aWYUyNtpqTNqZE2UyNtGlvSjTsT9VvtKHNqpM2UtDk10mZqpE1jS7pxZ6J+qx1lTo20mZI2p0baTI20aWxJN+5M1G+1o8ypkTZT0ubUSJupkTaNLenGnYnl6TujO2zP3DTSZkp2c8L+0xppM32HpfWTIxPbMzeNtJmS3Zyw/7RG2kzfYWn95MjE9sxNI22mZDcn7D+tkTbTd1haPzkysT1z00ibKdnNCftPa6TN9B2uXh5/S9rcbEk37jR2+5SkzpSkzo4kdaavTg6/JW1utqQbdxq7fUpSZ0pSZ0eSOtNXJ4ffkjY3W9KNO43dPiWpMyWpsyNJnemrk8NvSZubLenGncZun5LUmZLU2ZGkzvTVWR/e0faJ7Xdzw/bMKbGc7PbNE1x3uqNtn9h+Nzdsz5wSy8lu3zzBdac72vaJ7Xdzw/bMKbGc7PbNE1x3uqNtn9h+Nzdsz5wSy8lu3zzBcsVewpyS1LmTWG7Y3nLCPm1JN05KLP/D8tRGzClJnTuJ5YbtLSfs05Z046TE8j8sT23EnJLUuZNYbtjecsI+bUk3Tkos/8Py1EbMKUmdO4nlhu0tJ+zTlnTjpMTyP/R/i8PwI//fJZYb3Jvv8Pd/il+WWG5wb77D3/8pflliucG9+Q5//6f4ZYnlBvfmO1y9PH7KFttbfhq+zySpMyVtbr7D1cvjp2yxveWn4ftMkjpT0ubmO1y9PH7KFttbfhq+zySpMyVtbr7D1cvjp2yxveWn4ftMkjpT0ubmO1y9ftRg9y0n7FPD+paTtk9O71sT13Mv7WD3LSfsU8P6lpO2T07vWxPXcy/tYPctJ+xTw/qWk7ZPTu9bE9dzL+1g9y0n7FPD+paTtk9O71sT1/P7EnOTWG5wb5LUmRptn3D/6b6+eX04YW4Syw3uTZI6U6PtE+4/3dc3rw8nzE1iucG9SVJnarR9wv2n+/rm9eGEuUksN7g3SepMjbZPuP90X9+8PpwwN0mb72pYfzcn1rf8NHwffXXWhxPmJmnzXQ3r7+bE+pafhu+jr876cMLcJG2+q2H93ZxY3/LT8H301VkfTpibpM13Nay/mxPrW34avo++OuvDCXOT7OZGu7e+5YT9XYnlhH36DlfvfsTcJLu50e6tbzlhf1diOWGfvsPVux8xN8lubrR761tO2N+VWE7Yp+9w9e5HzE2ymxvt3vqWE/Z3JZYT9uk7XL1+1GD3LX8avt8klhu2t5yc6F+/68OT2H3Ln4bvN4nlhu0tJyf61+/68CR23/Kn4ftNYrlhe8vJif71uz48id23/Gn4fpNYbtjecnKif/3+++HTnub0fd4zieUtvLfrO1y9PH7K05y+z3smsbyF93Z9h6uXx095mtP3ec8klrfw3q7vcPXy+ClPc/o+75nE8hbe2/Udzv9X+sv/OP/881/SqtvcdpBh+wAAAABJRU5ErkJggg== | base64 -d

�PNG


IHDR�u�;<sRGB���gAMA��

                      �a    pHYs���o�d

��'ٻ����7���Y��{�����;s����=�[x�4v�O�zg�r�gy

                                            ��n�i_���S�b�,o�=���?���Ó�}�    �t�����S���������$v�r�>ݥ�g}��h�-����><�ݷ��Owi�Y��~K���Ob�-'��]�{�gN��ߒ�_���    s��9%�s'��X�r�>%mn��_���    s��%�s'��X�r�>%mn��_���    s��9%�s'��X�r�>%mn��_���s��%�s'��X�r�>%mn��_���    s�XN��.�>�I�7�s����]N���r��w��YNھa���$����p��$�����$)�~ׇ�&����]�}���o�=�&I���>�07��}�H�)I��i�~��$����p��$��M#m�$u����mn��_���    s�XN�7����ԙ��IR~��'�Mb9a��fJRgz����&I���><���vo}�I�o�����_��Ó��o�ַ����o�.����><���vo}�I�o�����_��Ó��o�ַ����o�.�����OK��]���w��)�߼˟���>%��w�Ӿޙç$�.گw~��A�������������4榑6Sb9a�~"�U����4�fJ,'��O����ј�F�L��}��,_�>�N�:Ӗ�=�{��&�c�X���$u�-�{b�,7�o=Mz�4�<M�;I�L[v���Ynp�z��iby��w�ԙ���ݳ���4�����K�[Nا$u���)I�)I����i|�X�a}�    ���Δ�9%�3%�sR�:���;�o9a��ԙ�6�$u�$uNJR��uc}x��-'�S�:S�攤Δ��II�4~����4��}J,7����-'��a}�I��j���6�]�=��Fw�O���԰��}�H��.��r5��`���$u��t�ڒnL²j��O[ҍF�:Sr:omI7�?aY�G٧-�F#I�)9������ڣ�Ӗt���Δ��[[ҍ�OXV���H�)I�i��3wI7ai�CS#m�$u�-�����%�l|���M����ԙ���[�>s�t���V:45�fJRgڲ�o���]���wXZ�ДXn�{�[����ݳ�%�[��D��F�g��x�o�=�[ҽ�*K�Xn�{�[����ݳ�%�[��D��F�g��x�o�=�[ҽ����d7߅�)is�ۤo������}�n�

                                           �S����I��    �

                                                         ���|ާ���o��a������.�OI��ܷ�ַܰ�n��{����σ��4p�jX�r���y�� �%

�$��f��ݳ���J����Q����H��.v�r�~+y:Oh�GM�:S#m���=�    ����<�-5I�L����b�,'췒�����J,'�Sb�.v�r�{j�͝�'��b��    ��X��ݷ����is'�I��X��r�>%��b�-��F��I~�/-�(���O��6w���K+�&mn�    ����}�����aiّ��}Jvs�>mi��ﰴ�H���r�>%�9a���{��wXZv��Mb9a��ݜ�O[�=��;\�<���������M�:�O�����߶�޷�؞�IRg��\ߕ?�ۖ����37I�L?����~�rz��b{�&I��'R����S#m��ͩ�6S#m�[ҍ;�[�(sj�͔�95�fj�McK�qg�~�eN����6�F�L��ilI7�L�o��̩�6S���H���6�-�Ɲ���;�;l��4�fJvs����i3}����#�37����ݜ���F�L�ai������M#m�d7'�?���wXZ?�=s�H�)��    �Ok����^K��lI7�4v���Δ�Ύ$u��N�%mn����}JRgJRgG�:�W'�ߒ67[ҍ;��>%�3%��#I�髓�oI��-�Ɲ�n��ԙ��ّ����Y�����ws���)�����\w��m��~77lϜ��n�<�u�;����ws���)�����\w��m��~77lϜ��n�<�r�^�Թ�Xn��r�>mI7NJ,����F�)I�;���-'�Ӗt���?,OmĜ�Թ�Xn��r�>mI7NJ,����F�)I�;���-'�Ӗt���?����#��%�����_�Xnpo����)~Yb�������e����;\�<~��[~���$�3%mn�����l�����L�:S���;\�<~��[~���$�3%mn�����l�����L�:S���;\�~�`�-'�S�����ON�[�s/�`�-'�S�����ON�[�s/�`�-'�S���������������p��$m��a�ݜX����}��YN����w5����[~����:��߼>�07Is���F�����]��}�W�~��$����o9aWb9a���ջ17�nn�{�[N�ߕXNا�p��G�M������w%���;\�~�`�-���$�����_��Ó�}˟�����-''�����$v����Mb�a{�ɉ���><�ݷ�i�~�Xn��rr�����Ӟ��}���-���;\�<~�Ӝ��{&����v}����Oy���y�$���ޮ�p���)Os�>��������W������_Ҫ��v�a�IEND�B`�

解码之后发现,好像是一堆乱码。但是根据前面的提示,这是一个image数据。我们把这写base64解出来的数据写入一张图片试试。

root@kali:~/下载/CTF题目# echo iVBORw0KGgoAAAANSUhEUgAAAIUAAACFCAYAAAB12js8AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAArZSURBVHhe7ZKBitxIFgTv/396Tx564G1UouicKg19hwPCDcrMJ9m7/7n45zfdxe5Z3sJ7prHbf9rXO3P4lLvYPctbeM80dvtP+3pnDp9yF7tneQvvmcZu/2lf78zhU+5i9yxv4T3T2O0/7eud68OT2H3LCft0l/ae9ZlTo+23pPvX7/rwJHbfcsI+3aW9Z33m1Gj7Len+9bs+PIndt5ywT3dp71mfOTXafku6f/2uD09i9y0n7NNd2nvWZ06Ntt+S7l+/68MJc5O0OSWpcyexnFjfcsI+JW1ukpRfv+vDCXOTtDklqXMnsZxY33LCPiVtbpKUX7/rwwlzk7Q5JalzJ7GcWN9ywj4lbW6SlF+/68MJc5O0OSWpcyexnFjfcsI+JW1ukpRfv+vDCXOTWE7a/i72PstJ2zfsHnOTpPz6XR9OmJvEctL2d7H3WU7avmH3mJsk5dfv+nDC3CSWk7a/i73PctL2DbvH3CQpv37XhxPmJrGctP1d7H2Wk7Zv2D3mJkn59bs+nDA3ieWEfdNImylJnelp7H6bmyTl1+/6cMLcJJYT9k0jbaYkdaansfttbpKUX7/rwwlzk1hO2DeNtJmS1Jmexu63uUlSfv2uDyfMTWI5Yd800mZKUmd6Grvf5iZJ+fW7PjzJ7v12b33LSdtvsfuW75LuX7/rw5Ps3m/31rectP0Wu2/5Lun+9bs+PMnu/XZvfctJ22+x+5bvku5fv+vDk+zeb/fWt5y0/Ra7b/ku6f71+++HT0v+5l3+tK935vApyd+8y5/29c4cPiX5m3f5077emcOnJH/zLn/ar3d+/flBpI+cMDeNtJkSywn79BP5uK+yfzTmppE2U2I5YZ9+Ih/3VfaPxtw00mZKLCfs00/k477K/tGYm0baTInlhH36iSxflT78TpI605bdPbF7lhvct54mvWOaWJ6m4Z0kdaYtu3ti9yw3uG89TXrHNLE8TcM7SepMW3b3xO5ZbnDfepr0jmlieZqGd5LUmbbs7onds9zgvvU06R3TxPXcSxPrW07YpyR1pqTNKUmdKUmdk5LUaXzdWB/eYX3LCfuUpM6UtDklqTMlqXNSkjqNrxvrwzusbzlhn5LUmZI2pyR1piR1TkpSp/F1Y314h/UtJ+xTkjpT0uaUpM6UpM5JSeo0ft34+vOGNLqDfUosN7inhvUtJ+ybRtpMd0n39Goa3cE+JZYb3FPD+pYT9k0jbaa7pHt6NY3uYJ8Syw3uqWF9ywn7ppE2013SPb2aRnewT4nlBvfUsL7lhH3TSJvpLunecjWV7mCftqQbjSR1puR03tqSbkx/wrJqj7JPW9KNRpI6U3I6b21JN6Y/YVm1R9mnLelGI0mdKTmdt7akG9OfsKzao+zTlnSjkaTOlJzOW1vSjelPWFbp8NRImylJnWnL7r6F7zN3STcb32FppUNTI22mJHWmLbv7Fr7P3CXdbHyHpZUOTY20mZLUmbbs7lv4PnOXdLPxHZZWOjQ10mZKUmfasrtv4fvMXdLNxndYWunQlFhutHv2W42n+4bds7wl3VuuskSJ5Ua7Z7/VeLpv2D3LW9K95SpLlFhutHv2W42n+4bds7wl3VuuskSJ5Ua7Z7/VeLpv2D3LW9K97avp6GQ334X3KWlz+tukb5j+hO2/hX3Ebr4L71PS5vS3Sd8w/Qnbfwv7iN18F96npM3pb5O+YfoTtv8W9hG7+S68T0mb098mfcP0Jxz/W+x+FPethvUtN2y/m7fwnvm1+frzIOklDdy3Gta33LD9bt7Ce+bX5uvPg6SXNHDfaljfcsP2u3kL75lfm68/D5Je0sB9q2F9yw3b7+YtvGd+bb7+vCEN7ySpMzXSZrqL3bOcsN9Kns4T2uJRk6TO1Eib6S52z3LCfit5Ok9oi0dNkjpTI22mu9g9ywn7reTpPKEtHjVJ6kyNtJnuYvcsJ+y3kqfzxNLiEUosJ+xTYvkudt9yg3tqpM2d5Cf50mKJEssJ+5RYvovdt9zgnhppcyf5Sb60WKLEcsI+JZbvYvctN7inRtrcSX6SLy2WKLGcsE+J5bvYfcsN7qmRNneSn+RLK5UmbW4Sywn7lOzmhH3a0u7ZN99hadmRNjeJ5YR9SnZzwj5taffsm++wtOxIm5vEcsI+Jbs5YZ+2tHv2zXdYWnakzU1iOWGfkt2csE9b2j375jtcvTz+tuX0vrXF9sxNkjrTT+T6rvyx37ac3re22J65SVJn+olc35U/9tuW0/vWFtszN0nqTD+R67vyx37bcnrf2mJ75iZJneknUn+V/aWYUyNtpqTNqZE2UyNtGlvSjTsT9VvtKHNqpM2UtDk10mZqpE1jS7pxZ6J+qx1lTo20mZI2p0baTI20aWxJN+5M1G+1o8ypkTZT0ubUSJupkTaNLenGnYnl6TujO2zP3DTSZkp2c8L+0xppM32HpfWTIxPbMzeNtJmS3Zyw/7RG2kzfYWn95MjE9sxNI22mZDcn7D+tkTbTd1haPzkysT1z00ibKdnNCftPa6TN9B2uXh5/S9rcbEk37jR2+5SkzpSkzo4kdaavTg6/JW1utqQbdxq7fUpSZ0pSZ0eSOtNXJ4ffkjY3W9KNO43dPiWpMyWpsyNJnemrk8NvSZubLenGncZun5LUmZLU2ZGkzvTVWR/e0faJ7Xdzw/bMKbGc7PbNE1x3uqNtn9h+Nzdsz5wSy8lu3zzBdac72vaJ7Xdzw/bMKbGc7PbNE1x3uqNtn9h+Nzdsz5wSy8lu3zzBcsVewpyS1LmTWG7Y3nLCPm1JN05KLP/D8tRGzClJnTuJ5YbtLSfs05Z046TE8j8sT23EnJLUuZNYbtjecsI+bUk3Tkos/8Py1EbMKUmdO4nlhu0tJ+zTlnTjpMTyP/R/i8PwI//fJZYb3Jvv8Pd/il+WWG5wb77D3/8pflliucG9+Q5//6f4ZYnlBvfmO1y9PH7KFttbfhq+zySpMyVtbr7D1cvjp2yxveWn4ftMkjpT0ubmO1y9PH7KFttbfhq+zySpMyVtbr7D1cvjp2yxveWn4ftMkjpT0ubmO1y9ftRg9y0n7FPD+paTtk9O71sT13Mv7WD3LSfsU8P6lpO2T07vWxPXcy/tYPctJ+xTw/qWk7ZPTu9bE9dzL+1g9y0n7FPD+paTtk9O71sT1/P7EnOTWG5wb5LUmRptn3D/6b6+eX04YW4Syw3uTZI6U6PtE+4/3dc3rw8nzE1iucG9SVJnarR9wv2n+/rm9eGEuUksN7g3SepMjbZPuP90X9+8PpwwN0mb72pYfzcn1rf8NHwffXXWhxPmJmnzXQ3r7+bE+pafhu+jr876cMLcJG2+q2H93ZxY3/LT8H301VkfTpibpM13Nay/mxPrW34avo++OuvDCXOT7OZGu7e+5YT9XYnlhH36DlfvfsTcJLu50e6tbzlhf1diOWGfvsPVux8xN8lubrR761tO2N+VWE7Yp+9w9e5HzE2ymxvt3vqWE/Z3JZYT9uk7XL1+1GD3LX8avt8klhu2t5yc6F+/68OT2H3Ln4bvN4nlhu0tJyf61+/68CR23/Kn4ftNYrlhe8vJif71uz48id23/Gn4fpNYbtjecnKif/3+++HTnub0fd4zieUtvLfrO1y9PH7K05y+z3smsbyF93Z9h6uXx095mtP3ec8klrfw3q7vcPXy+ClPc/o+75nE8hbe2/Udzv9X+sv/OP/881/SqtvcdpBh+wAAAABJRU5ErkJggg== | base64 -d > 1.jpg

root@kali:~/下载/CTF题目# ls

.jpg

379140b0-c2aa-4aa6-b372-031beb2007f0.zip

dabai.png

f64ca6fa--4ebe-8dbe-5e2d2db41ae1.zip

KEY.sh

root@kali:~/下载/CTF题目#

虽然,查看图片无法载入(可能是kali系统的原因),但是在文件夹下,已经显示出图片,是一张二维码。扫码之后,即可得flag。

4、大白

先下载题目
解压后是一张图片,没办法,kali上查看图片又有毛病,我打开了我的虚拟机,在win7上查看这张图片

在下载这道题目的时候,题目曾说道,是不是屏幕太小了

可能得从图片的大小上找问题了。由于我是新手,所以,我也不知道是宽上面有问题,还是高上面有问题,所以我都尝试了一下,最后得知是高上面做了修改。具体方法如下:

root@kali:~/下载/CTF题目# file dabai.png

dabai.png: PNG image data,  x , -bit/color RGBA, non-interlaced

查看图片属性。然后,找对应的宽和高是否有问题。

通过对应的进制转换得出,左边的是宽,右边是高。
然后我用hexedit打开图片。把高度修改了一下。

然后保存。查看图片得flag。

5、基础破解

这题下载下来解压后,名字乱码,我改了一下名字。发现解压需要密码。然后又开始了快乐的暴力破解之旅。

root@kali:~/下载/CTF题目# ls

 5e46643e-be69-4c63-86ac-c009251f2287.zip

 d6541cef--441c-82fa-426cc37e79b0.zip

'+'$'\250\246\355\343\343\242\324''.rar'

root@kali:~/下载/CTF题目# unrar x '+'$'\250\246\355\343\343\242\324''.rar'

UNRAR 5.61 beta  freeware      Copyright (c) - Alexander Roshal

Cannot open +￾.ra

没有那个文件或目录

No files to extract

root@kali:~/下载/CTF题目# mv '+'$'\250\246\355\343\343\242\324''.rar'

mv: 在'+'$'\250\246\355\343\343\242\324''.rar' 后缺少了要操作的目标文件

请尝试执行 "mv --help" 来获取更多信息。

root@kali:~/下载/CTF题目# mv '+'$'\250\246\355\343\343\242\324''.rar' .rar

root@kali:~/下载/CTF题目# unrar x .rar 

UNRAR 5.61 beta  freeware      Copyright (c) - Alexander Roshal

Extracting from .rar

Enter password (will not be echoed) for flag.txt:

解出密码得到:2563

root@kali:~/下载/CTF题目# unrar x .rar 

UNRAR 5.61 beta  freeware      Copyright (c) - Alexander Roshal

Extracting from .rar

Enter password (will not be echoed) for flag.txt: 

Extracting  flag.txt                                                  %

Checksum error in the encrypted file flag.txt. Corrupt file or wrong password.

Total errors:

root@kali:~/下载/CTF题目# rar2john .rar > mima.txt

! file name: flag.txt

root@kali:~/下载/CTF题目# ls

.rar

5e46643e-be69-4c63-86ac-c009251f2287.zip

d6541cef--441c-82fa-426cc37e79b0.zip

mima.txt

root@kali:~/下载/CTF题目# john mima.txt

Using default input encoding: UTF-

Loaded  password hash (rar, RAR3 [SHA1 / AVX2 8x AES])

Will run  OpenMP threads

Proceeding with single, rules:Single

Press 'q' or Ctrl-C to abort, almost any other key for status

0g ::: 5.04% / (ETA: ::) 0g/s .6p/s .6c/s .6C/s R.rar12..rflagrflag

0g ::: 19.73% / (ETA: ::) 0g/s .6p/s .6c/s .6C/s Trar"..R1$

Almost done: Processing the remaining buffered candidate passwords, if any.

Warning: Only  candidates buffered for the current salt, minimum  needed for performance.

Proceeding with wordlist:/usr/share/john/password.lst, rules:Wordlist

Proceeding with incremental:ASCII

0g :::  / 0g/s .1p/s .1c/s .1C/s ..molday

0g :::  / 0g/s .9p/s .9c/s .9C/s asilor..searix

0g :::  / 0g/s .1p/s .1c/s .1C/s bicca..

             (.rar)

1g ::: DONE / (-- :) .000804g/s .3p/s .3c/s .3C/s amokees..mccia

Use the "--show" option to display all of the cracked passwords reliably

Session completed

root@kali:~/下载/CTF题目#

输入密码后得到:

root@kali:~/下载/CTF题目# unrar x .rar 

UNRAR 5.61 beta  freeware      Copyright (c) - Alexander Roshal

Extracting from .rar

Enter password (will not be echoed) for flag.txt: 

Extracting  flag.txt                                                  OK

All OK

root@kali:~/下载/CTF题目# ls

.rar

.rar.xml

5e46643e-be69-4c63-86ac-c009251f2287.zip

你竟然赶我走

d6541cef--441c-82fa-426cc37e79b0.zip

flag.txt

mima.txt

root@kali:~/下载/CTF题目# bat flag.txt

───────┬────────────────────────────────────────────────────────────────────────

       │ File: flag.txt

───────┼────────────────────────────────────────────────────────────────────────

      │ ZmxhZ3s3MDM1NDMwMGE1MTAwYmE3ODA2ODgwNTY2MWI5M2E1Y30=

───────┴────────────────────────────────────────────────────────────────────────

root@kali:~/下载/CTF题目#

看到解出来是一个base64密文
再解一下得flag

root@kali:~/下载/CTF题目# bat flag.txt

───────┬────────────────────────────────────────────────────────────────────────

       │ File: flag.txt

───────┼────────────────────────────────────────────────────────────────────────

      │ ZmxhZ3s3MDM1NDMwMGE1MTAwYmE3ODA2ODgwNTY2MWI5M2E1Y30=

───────┴────────────────────────────────────────────────────────────────────────

root@kali:~/下载/CTF题目# base64 -d flag.txt

flag{70354300a5100ba78068805661b93a5c}

root@kali:~/下载/CTF题目#

6、你竟然赶我走

下载题目解压后,检查图片。

貌似没有问题。
binwalk查看:

root@kali:~/下载/CTF题目/你竟然赶我走# binwalk biubiu.jpg 

DECIMAL       HEXADECIMAL     DESCRIPTION

--------------------------------------------------------------------------------

             0x0             JPEG image data, JFIF standard 1.01

貌似也没问题。继续检查,检查十六禁止文件(我习惯用hexedit)。

搜索flag等关键字。

得到flag。

最新文章

  1. 复利计算--结对项目&lt;04-11-2016&gt; 1.0.0 lastest 阶段性完工~
  2. ACM 国王的魔镜
  3. (转) Graph-powered Machine Learning at Google
  4. for循环进阶
  5. 对Delphi控件作用的新理解(控件本身的源代码就是一个很强的工业级源码)
  6. HTML5中的Range对象的研究(转载)
  7. WebMagic的设计参考了业界最优秀的爬虫Scrapy
  8. HTML 学习网站
  9. (step8.2.6)hdu 1848(Fibonacci again and again——组合博弈)
  10. E2195 cannot evaluate function call
  11. Effective Java 第三版——8. 避免使用Finalizer和Cleaner机制
  12. Python配置文件实现
  13. 什么是spool系统,什么是预输入,什么是缓输出?
  14. Win10系列:C#应用控件进阶6
  15. 不同路径II(一个机器人位于一个 m x n 网格的左上角 (起始点在下图中标记为“Start” )。 机器人每次只能向下或者向右移动一步。机器人试图达到网格的右下角(在下图中标记为“Finish”)。 现在考虑网格中有障碍物。那么从左上角到右下角将会有多少条不同的路径?网格中的障碍物和空位置分别用 1 和 0 来表示。)
  16. ps/kill/pkill简单应用
  17. linux令普通用户拥有root权限
  18. JAVA面向对象编程之购物车界面的设计与功能的实现
  19. swig的语法和用法
  20. Android开发小问题解决汇总

热门文章

  1. 【Weiss】【第03章】练习3.9:大整数运算包
  2. No compiler is provided in this environment报错解决方案
  3. pytorch tensor的索引与切片
  4. hdu1224SPFA求最长路加上打印路径
  5. Trie树-0/1字典树-DFS-1624. 最大距离
  6. MySql最左匹配原则解析
  7. Mybatis详解系列(一)--持久层框架解决了什么及如何使用Mybatis
  8. Python 聊天界面编写
  9. 使用Python+OpenCV进行图像处理(三)| 视觉入门
  10. 比CNN表现更好,CV领域全新卷积操作OctConv厉害在哪里?