网站导航
> 文档中心 > [WMCTF2020]行为艺术

[WMCTF2020]行为艺术

网友: 文档中心 2022-03-21 20:30:39

目录

题目链接

解题过程

小结

题目链接

https://buuoj.cn/challenges#[WMCTF2020]%E8%A1%8C%E4%B8%BA%E8%89%BA%E6%9C%AF

解题过程

附件是张png图片和txt文件:

 hint.txt:

        计算flag.zip的MD5值,好像没有什么用。png图片是zip数据,用010Editor修改高度显示全部内容:

 

 手动输入吧:

504B0304140000000800DB93C55086A39007D8000000DF01000008000000666C61672E74787475504B0E823010DD93708771DDCCB0270D5BBD0371815A9148AC6951C2ED9D271F89C62E2693D7F76BB7DE9FC80D2E6E68E782A326D2E01F81CE6D55E76972E9BA7BCCB3ACEF7B89F7B6E90EA16A6EE2439D45179ECDD1C5CCFB6B9AA489C1218C92B898779D765FCCBB58CC920B6662C5F91749931132258F32BBA7C288C5AE103133106608409DAC419F77241A3412907814AB7A922106B8DED0D25AEC8A634929025C46A33FE5A1D3167A100323B1ABEE4A7A0708413A19E17718165F5D3E73D577798E36D5144B66315AAE315078F5E51A29246AF402504B01021F00140009000800DB93C55086A39007D8000000DF010000080024000000000000002000000000000000666C61672E7478740A00200000000000010018004A0A9A64243BD601F9D8AB39243BD6012D00CA13223BD601504B050600000000010001005A000000FE00000000000000

 用python脚本保存为flag.zip压缩包

import binasciis = '504B0304140000000800DB93C55086A3' \    '9007D8000000DF01000008000000666C' \    '61672E74787475504B0E823010DD9370' \    '8771DDCCB0270D5BBD0371815A9148AC' \    '6951C2ED9D271F89C62E2693D7F76BB7' \    'DE9FC80D2E6E68E782A326D2E01F81CE' \    '6D55E76972E9BA7BCCB3ACEF7B89F7B6' \    'E90EA16A6EE2439D45179ECDD1C5CCFB' \    '6B9AA489C1218C92B898779D765FCCBB' \    '58CC920B6662C5F91749931132258F32' \    'BBA7C288C5AE103133106608409DAC41' \    '9F77241A3412907814AB7A922106B8DE' \    'D0D25AEC8A634929025C46A33FE5A1D3' \    '167A100323B1ABEE4A7A0708413A19E1' \    '7718165F5D3E73D577798E36D5144B66' \    '315AAE315078F5E51A29246AF402504B' \    '01021F00140009000800DB93C55086A3' \    '9007D8000000DF010000080024000000' \    '000000002000000000000000666C6167' \    '2E7478740A0020000000000001001800' \    '4A0A9A64243BD601F9D8AB39243BD601' \    '2D00CA13223BD601504B050600000000' \    '010001005A000000FE00000000000000'with open('flag.zip', 'wb') as f:    f.write(binascii.unhexlify(s))

打开压缩包有密码,用010Editor分析是伪密码:

把字节09改为00后,保存:

打开flag.txt:

根据提示打开网站:

 选“Brainfuck to Text”,得到flag:

WMCTF{wai_bi_baaaa_bo!2333~~~}

小结

zip伪加密也可以使用ZipCenOp.jar工具破解:

java -jar ZipCenOp.jar r flag.zip

 png图片的识别,没有好办法。只有用笨方法手动录入了。

知识点:png图片修改、zip伪加密。

网络标签:

相关问题