ez_usb
usb流量题,与以前的鼠标流量和键盘流量有所区别,但大同小异
导出所有的HID数据并按照ip分类,之后脚本解码得到压缩包和密码
mappings = { "04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g",
"0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n","12":"o",
"13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u","19":"v", "1a":"w",
"1b":"x", "1c":"y", "1d":"z", "1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5",
"23":"6", "24":"7", "25":"8", "26":"9", "27":"0"}
res = ""
with open("8.txt","r") as fr:
r = fr.readlines()
for v in r:
m = v.split(":")[2]
if m in mappings:
res += mappings[m]
print(res)
res = 526172211a0700cf907300000d00000000000000c4527424943500300000002a00000002b9f9b0530778b5541d33080020000000666c61672e747874b9ba013242f3afc000b092c229d6e994167c05a78708b271ffc042ae3d251e65536f9ada87c77406b67d0e6316684766a86e844dc81aa2c72c71348d10c4c3d7b00400700e
pwd = ""
with open("10.txt","r") as fr:
r = fr.readlines()
for v in r:
m = v.split(":")[2]
if m in mappings:
pwd += mappings[m]
print(pwd)
pwd = 35c535765e50074a
结果为 <span class="ne-text">flag{20de17cc-d2c1-4b61-bebd-41159ed7172d}</span>
everlasting_night
图片alpha通道2处隐写信息
得到lsb的密码
输出得到一个bmp,实是时压缩包,解压后有一个png,解压密码就是png中最后的尾部多余的数据的解md5
采用gimp修改宽高得到
结果为 <span class="ne-text">flag{607f41da-e849-4c0b-8867-1b3c74536Cc4}</span>
babydisk
时间不够很可惜,不然就上大分了
deepsound配合脚本解密
得到deepsound密码是feedback
得到一串字符
回收站里有文件存在,经分析是容器文件,导出
使用上面的密码挂载容器,挂载出来是个压缩包,打开提示是损坏的
winhex发现异常
结合文件名的意思是螺旋,百度一下看到螺旋矩阵的java实现
找一个python的脚本螺旋矩阵,python实现—-幽幽山村一小生,螺旋矩阵针对的是n*n的矩形,因此要找出压缩包的n,winhex看到长度一共是7569,容易找到n为87
接下来针对这个压缩包写脚本
def function(n):
matrix = [[0] * n for _ in range(n)]
number = 1
left, right, up, down = 0, n - 1, 0, n - 1
while left < right and up < down:
# 从左到右
for i in range(left, right):
matrix[up][i] = number
number += 1
# 从上到下
for i in range(up, down):
matrix[i][right] = number
number += 1
# 从右向左
for i in range(right, left, -1):
matrix[down][i] = number
number += 1
for i in range(down, up, -1):
matrix[i][left] = number
number += 1
left += 1
right -= 1
up += 1
down -= 1
# n 为奇数的时候,正方形中间会有个单独的空格需要单独填充
if n % 2 != 0:
matrix[n // 2][n // 2] = number
return matrix
with open("spiral","rb") as fr:
r = fr.read()
spiral = function(87)
for i in range(87):
for j in range(87):
#保证下标的一致性 防止溢出
spiral[i][j] -= 1
res = []
for i in range(87):
for v in spiral[i]:
tmp = hex(r[v])[2:]
if len(tmp) == 1:
#补首位0
tmp = "0"+tmp
res.append(tmp)
print("".join(res))
将得到的hex利用winhex转成文件,解压后得到一张图片
先把字符都取出来,发现一共是49个字符,7的平方,那么再矩阵变换
s = "ohhhhhhf5-410f3f969bl696}6-a-1eb59ge1-4d3{f9af107"
while(True):
arr = [s[i:i+7] for i in range(0,len(s),7)]
spiral = function(7)
for i in range(7):
for j in range(7):
spiral[i][j] -= 1
flag = ""
for i in range(7):
for v in spiral[i]:
flag += s[v]
s = flag
if flag.find("hhflag") != -1:
print(s)
变一次是找不到flag的,但是我发现匹配flag后有好几个结果,挨个试试总有对的~~~~
结果为 <span class="ne-text">flag{701fa9fe-63f5-410b-93d4-119f96965be6}</span>
Original: https://www.cnblogs.com/WXjzc/p/16330745.html
Author: WXjzc
Title: CISCN2022初赛misc wp
原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/598982/
转载文章受原作者版权保护。转载请注明原作者出处!