2022 长安“战疫”网络安全卫士守护赛 WriteUp
麻薯星的zyz想要生猴子!!!麻薯星的zyz想要生猴子!!!麻薯星的zyz想要生猴子!!!
队友第一轮做了俩Web之后就摆烂了 寄
总体来说长安战疫基本大部分题都偏向入门,适合大一新生练练手
少部分多百度也能做。
还有很小部分就看积累吧。
文章目录
- Misc
- 八卦迷宫
- 朴实无华的取证
- 无字天书
- 西安加油
- binary
- Ez_Steg
- ez_Encrypt
- pipicc(赛后)
- Crypto
- no_cry_no_can
- no_can_no_bb
- no_math_no_cry
- Reverse
- combat_slogan
- cute_doge
- hello_py
Misc
八卦迷宫
按照迷宫走然后取字的拼音即可
字是战长恙长战恙河长山山安战疫疫战疫安疫长安恙
flag是:
cazy{zhanchangyangchangzhanyanghechangshanshananzhanyiyizhanyianyichanganyang}
朴实无华的取证
首先查看版本 imageinfo得到WinXPSP2x86
然后pslist,注意到
于是:
发现目录是桌面而并非Desktop,重新filescan一下,导出有用信息
首先zip的密码是上面说的20211209
其次,得到的txt是加密函数,而密文在flag.png上。反过来写一个脚本
但是我写了几次都没写对
。。。。于是有了这个脚本
s = 'fdcb[8ldq?zloo?fhuwdlqob?vxffhhg?lq?iljkwlqj?wkh?hslghplf]'
for i in s:if(ord(i)>=ord('a') and ord(i)<=ord('w')):print(chr(ord(i)-3),end='')elif(i == 'a'):print('x',end='')elif(i == 'b'):print('y',end='')elif(i == 'c'):print('z',end='')elif(i == "|"):print('_')else:print(chr(ord(i)+32),end='')#ca`_{Xian_šill_certainl__s˜cceed_in_fighting_the_epidemic}
查了一下certainl后面应该还有个y
然后前面那个单词是will,后面那个单词是succeed,于是得到flag提交正确
cazy{Xian_will_certainly_succeed_in_fighting_the_epidemic}
无字天书
导出HTTP流,在导出的其中两个文件发现hex串,都是很明显的zip,hex–>ascii,得到zip,打开zip得到两文件,一个key.ws一个flag.txt
ws很明显的whitespace,直接https://vii5ard.github.io/whitespace/得到key:XiAnWillBeSafe
然后flag.txt很明显的SNOW
.\SNOW.EXE -p XiAnWillBeSafe -C .\flag.txt
cazy{C4n_y0u_underSt4nd_th3_b0oK_With0ut_Str1ng}
西安加油
查看流量包发现大量的base64串,导出http发现secret.txt,base64解码发现是zip,保存后打开发现是拼图
因为不知道大小,所以猜了一个12*4
命令montage *png -tile 12x4 -geometry 100x100+0+0 out2.png
然后用gaps
python3 gaps --image=out2.png --generations=10 --population=48 --size=100 --save
我gaps有问题,代数太多跑一会就报错,不加save跑完就直接报错。。。
得到flag,X的大小写记不住了
cazy{make_XiAN_great_Again}
binary
文件头能看出来是class文件,直接扔jadx
数组转出来
s = [77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 65, 120, 77, 70, 120, 117, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 70, 120, 117, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 65, 120, 77, 68, 65, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 119, 77, 70, 120, 117, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 65, 120, 77, 84, 65, 120, 77, 70, 120, 117, 77, 68, 65, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 68, 69, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 120, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 86, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 65, 61, 61]
for i in s:print(chr(i),end='')
得到base64,解码是01串,明显的二维码
s = '0000000101110000000011111101110000000\n0111110101101010111110001110110111110\n0100010100001111000111010110110100010\n0100010110000011000111000001010100010\n0100010111011011001101101011110100010\n0111110101110100000001001000010111110\n0000000101010101010101010101010000000\n1111111100100000000100110011111111111\n1100010101010000101111110100000011000\n0101101000110010010000100110101011101\n1011000001001111001100011010000010010\n1110111111110010101101000110101011100\n1010110001110000000110100000000000010\n0110101001000100011011101011101111101\n0010100100111111101110000110010100010\n0010001101110110110011001100110011101\n1110100110001111111011010011000000010\n0000111010100011100000101101111110111\n1101100110101101001100010100110000100\n0101001001111001000001001110010010111\n0101010011000111000110010000010101000\n1001101111101110110010011111101011101\n1101100010111000000101110110001011010\n0011001000111101100011110100100111101\n0101000001110101110110101111110100010\n0101011011001001000000110100010011111\n0110100010001110010110011011111001100\n0111001111100000010110110111001111100\n0100110010110010100010111011000000000\n1111111101011001110011100101011101011\n0000000111000111011010110001010100100\n0111110111001101010110101100011101111\n0100010100110000110011010000000000010\n0100010101111101100011111111110100111\n0100010101101111111100000010101010110\n0111110111111000101101001111000110110\n0000000111111011110110000000100011000'
s = s.split('\n')from PIL import Image
pic = Image.new('RGB',(37,37),(255,255,255))
for i in range(37):for j in range(37):if(s[i][j] == '0'):pic.putpixel((j,i),(0,0,0))
pic.show()
pic.save('fllllag.png')
扫码得到flag
flag{932b2c0070e4897ea7df0190dbf36ece}
Ez_Steg
pyc的steg很明显是剑龙,注意python版本号,我用3.9没跑出来,3.6能跑
跑出来得到key:St3g1sV3ryFuNny
当然密文更明显是emoji-aes,解密得到flag
cazy{Em0j1s_AES_4nd_PyC_St3g_D0_yoU_l1ke}
ez_Encrypt
这次题目的流量包都只需要导出HTTP就能做了
导出之后有个web123,是base64,同样cyberchef解码得到zip文件,用D盾扫
百度找一个解php混淆的,除去广告第一个就是https://www.zhaoyuanma.com/phpjm.html
解密得到flag
cazy{PHP_ji4m1_1s_s00000_3aSyyyyyyyyyyy}
pipicc(赛后)
chal.bmp,但是呢图片的下面部分是很明显有问题的
其次,用010打开就能看见熟悉的东西
于是乎,我搜索了IEND
能够确信bmp中插入了一个png,补齐png的头且删除掉多余的数据,得到一张png
用stegsolve查看通道,能在b0看到很明显的线条
导出b0,发现开头俩字节是D9 FF,正好是jpg文件尾反过来的字节
于是搜索FFD8FF
删除掉后面的无关数据
然后写脚本反转一下字节即可
f = open('flag.jpg','wb').write(open('flag','rb').read()[::-1])
当然,如果不想打开python还有别的方法
选择脚本,脚本存储库
搜索reverse,下载stringreverse即可
运行脚本只需要点击脚本–Text–StringReverse即可
得到flag
flag{e0ca4ccd3586700e59eb87a4bd3527b5}
Crypto
no_cry_no_can
就单纯的异或,通过格式cazy{找出key的值
key = b'\x5f\x11\x32\xff\x61'
s = b'<pH\x86\x1a&"m\xce\x12\x00pm\x97U1uA\xcf\x0c:NP\xcf\x18~l'
for i in range(len(s)):print(chr(key[i%5]^s[i]),end='')
cazy{y3_1s_a_h4nds0me_b0y!}
no_can_no_bb
单纯的爆破key,给了key的范围是1,1<<20,还好简单,要不然就不会做了
from Crypto.Util.number import *
from Crypto.Cipher import AES
from tqdm import tqdmdef pad(m):tmp = 16-(len(m)%16)return m + bytes([tmp for _ in range(tmp)])enc=b'\x9d\x18K\x84n\xb8b|\x18\xad4\xc6\xfc\xec\xfe\x14\x0b_T\xe3\x1b\x03Q\x96e\x9e\xb8MQ\xd5\xc3\x1c'
for i in tqdm(range(1<<20)):key=pad(long_to_bytes(i))aes=AES.new(key,AES.MODE_ECB)s = aes.decrypt(enc)if b'cazy{' in s:print(s)
no_math_no_cry
真就太久没学数学呗,还有负根,一开始都忘干净了,果然我不适合做cry,但还好这三道和密码学关系不是特别的大。
from Crypto.Util.number import*import gmpy2
s = 10715086071862673209484250490600018105614048117055336074437503883703510511248211671489145400471130049712947188505612184220711949974689275316345656079538583389095869818942817127245278601695124271626668045250476877726638182396614587807925457735428719972874944279172128411500209111406507112585996098530169
s -= 0x0338470
s = gmpy2.iroot(s,2)[0]
s = -s
s += (1<<500)
print(long_to_bytes(s))
cazy{1234567890_no_m4th_n0_cRy}
Reverse
combat_slogan
jdgui打开看main就看见加密的flag了,上面函数明显的rot13
在线rot13解一下就行了,然后套上flag{}
flag{We_w11l_f1ght_t0_end_t0_end_cazy}
cute_doge
IDA打开ctf1.exe,搜字符串,看见ZmxhZ3tDaDFuYV95eWRzX2Nhenl9
base64解码就是flag
flag{Ch1na_yyds_cazy}
hello_py
uncompyle6 easy_py.cpython-38.pyc > easy_py.py
出来一个py文件,看了下,首先进encrypt1进行异或,再进入encrypt2进行异或,然后输出和Happy进行比较
既然是这样,那不妨反过来,把num从9到0改成从0到9,把该减的地方改成加,该执行的顺序也换一下。
# uncompyle6 version 3.7.4
# Python bytecode 3.8 (3413)
# Decompiled from: Python 3.8.7 (default, Dec 22 2020, 10:37:26)
# [GCC 10.2.1 20201207]
# Embedded file name: C:\Users\Administrator\Desktop\easy_py.py
# Compiled at: 2021-12-28 15:45:17
# Size of source mod 2**32: 1099 bytes
import threading, timedef encode_1(n):global numwhile True:if num <= 9:flag[num] = flag[num] ^ numnum += 1time.sleep(0.1)if num > 9:breakdef encode_2(n):global numwhile True:if num <= 9:flag[num] = flag[num] ^ flag[(num + 1)]num += 1time.sleep(0.1)if num > 9:breakwhile True:Happy = [44, 100, 3, 50, 106, 90, 5, 102, 10, 112]num = 0f = input('Please input your flag:')if len(f) == 10:print('Your input is illegal')else:flag = [44, 100, 3, 50, 106, 90, 5, 102, 10, 112]if(1 == 2):print('crazymumuzi!')else:print("flag to 'ord':", flag)t1 = threading.Thread(target=encode_1, args=(1, ))t2 = threading.Thread(target=encode_2, args=(2,))t2.start()t1.start()t1.join()t2.join()for i in flag:print(chr(i),end='')if flag == Happy:print('Good job!')else:print('No no no!')
# okay decompiling easy_py.cpython-38.pyc
得到flag,包上flag{}即可
flag{He110_cazy}
2022 长安“战疫”网络安全卫士守护赛 WriteUp相关推荐
- 长安“战疫”网络安全卫士守护赛writeup
长安"战疫"网络安全卫士守护赛writeup misc 八卦迷宫 得到flag cazy{zhanchangyangchangzhanyanghechangshanshananzh ...
- 长安“战疫”网络安全卫士守护赛 WriteUp
1.RCE_No_Para 参考一篇比较详细的bloghttps://skysec.top/2019/03/29/PHP-Parametric-Function-RCE/#%E6%B3%951%EF% ...
- 长安“战疫”网络安全卫士守护赛_crypto_复现
长安"战疫"网络安全卫士守护赛_Crypto math 涉及的知识点:RSA加密未知模数,已知p对q的逆元以及q对p的逆元求RSA的模数N 题目描述 题目没有描述,只有已知量c,e ...
- 2021长安“战疫”网络安全卫士守护赛 misc部分writeup
2021长安"战疫"网络安全卫士守护赛 misc部分writeup 八卦迷宫 朴实无华的取证 西安加油 ez_Encrypt 一百多名,我觉得还行欸,多亏了队里的crypto手 八 ...
- 长安“战疫”网络安全卫士守护赛部分wp
摘要:长安"战疫"网络安全卫士守护赛部分wp 然后就是朴实无华的取证那个题 不知道是大小写的原因还是啥交不上,无字天书卡到最后那个长得好像摩斯密码的地方,收获 ...
- 2021---长安“战疫”网络安全卫士守护赛 Writeup
文章目录 Misc 八gua迷宫 无字天书 西安加油 steg binary Crypto no_cry_no_bb no_cry_no_can no_math_no_cry Reverse comb ...
- 长安“战疫”网络安全卫士守护赛部分writeup
解题过程 题目一 八卦迷宫 用画图工具手工连接,然后将路上的图表和字相对应 按顺序打出,然后根据题目要求换成全拼,加上图片里的前缀cazy{}提交 flag为: cazy{zhanchangyangc ...
- 长安“战疫”网络安全卫士守护赛crypto
cry1 题目如下,就是一个脚本: from Crypto.Util.number import* from secret import flag,keyassert len(key) <= 5 ...
- 长安战疫网络安全卫士守护赛 Shiro?
赛题:Shiro? 需要准备的环境: 反弹shell需要准备VPS.JNDI-Injection-Exploit工具启动rmi和ldap服务 JNDI-Injection-Exploit 需要jdk. ...
最新文章
- 希捷发布CORTX对象存储软件与开源社区,普惠超大规模数据存储
- 如何将重复的数据标红_python如何处理重复值数据?
- 如何在 Linux 中创建一个共享目录
- 源码阅读心得11-13
- dat关闭某进程_超详细解析!工程师必会的Linux进程间通信方式和原理
- [网站链接]Debbie博客上的链接: [求职网站][博客链接][信息资源]……
- 数据库:数据库死机和掉电时如何让恢复数据
- java嵌套类型 无法隐藏外层类型_java内部类深入详解 内部类的分类 特点 定义方式 使用...
- oracle虚拟机配置,虚拟机安装和配置Oracle PDF 下载
- 03bash特性详解
- EditPlus配置Python环境
- 将某一列转换为字符类型_还在为数据清洗抓狂?这里有一个简单实用的清洗代码集...
- 非极大值抑制(Non-Maximum Suppression)
- tracert命令查询服务器位置,服务器管理中tracert命令常用原理和命令行详解
- Python 标准库 xml 详解
- B站视频缓存 音频和视频批量合并
- python Beautiful Soup解析html页面table标签
- 中国农业机械融资租赁市场预测与投资战略报告(2023版)
- Win11任务栏修改方法(更新中)
- Elasticsearch牛逼了! 这份携程、滴滴、今日头条、饿了么、360、小米、Vivo 应用实践合集都在这儿了...