2023第二届陇剑杯决赛Misc-shiro

@Name  : shiro@Game  : 2023 第二届陇剑杯决赛@Time  : 2023/9/16 @Type  : Misc@Description：1. 请给出该应用的shiro key，如flag{kPH+bIxk5D2deZiIxcaaaA==}2. 溯源攻击者的操作，其中有flag3. 攻击者植入了内存webshell,使用这个webshell做了什么，其中有flag@Flag：1. 4AvVhmFLUs0KTA3Kprsdag==2. flag{6dfdc384d6025b2ab9b71ec15971aa11}3. flag{1198be3b489ae0ddf88d0e6733e88fa6}

def get_shiro_key():    with open("shiro_key.txt",'r',encoding='utf-8') as f:        content = [i.strip() for i in f.readlines()]    res = []    for k in content:            try:                key = base64.b64decode(k)                msg = b'PAYLOAD_HERE'                msg = base64.decodebytes(msg)                iv = msg[:16]                en_pd = msg[16:]                aes = AES.new(key, AES.MODE_CBC, iv)                data = aes.decrypt(en_pd)                print(k,data)                res.append('{}t{}n'.format(k,data))            except:                pass    with open("shiro_out.txt",'w',encoding='utf-8') as f:        f.writelines(res)

def get_class():    key = '4AvVhmFLUs0KTA3Kprsdag=='    key = base64.b64decode(key)    msg = b'Iz28dfd1Q2KBHV3bp493g/dIgDRG87zOZl7rAKQJSM+ptHCQIeGzILfiHlXhnPqei3MiKPERiwUH1TglxC4iS5dG+nbDJGPvtfi5Dr4Dj9hLVlRB/FRqE10l7FdauaHDJlXNtOvevfswEwkvjYD45nYqccCF9hEBrsiVUlHzV1RWJUZsjbm7boWY/4betAffdCDIlPC7faMyMVM13GCp8ItIU+QfaALIiAK0L/xZNzgSJ9YIuPgz3V0dQ+1LHR8AV+zfTaQx9ks1CY+VJA5Q77g7M1DEqUeH8lWXDKJENxwdgjRhZI1dJb4jg6domlvqYDYfvY8t6Zf4NVXSirj8Fk8huuV/UQQUt3Xh6iels+zb7O+zA6RQZMoDKSrkFhcvJTCfWsVjQypMsYyEx5A10a1A2TPgp1t/b9DYfbLuCkGvUVKHatMMNuvkNfzoGKiWu76AKPVV3xPzBpKh6iCCgu7LC78SURz+h59SNS3984CbV2aoAzwookmHCxLG0OJ+8w76qEiMyuYmnrGxdRyANkT6zYxUTa84reXX8fVVb3L1IeMa7Jt2vc8vY1bG1yMaplDiA9Cy3M/jnHCi+D63RHXAAxyxXAOA4N2OPXUWSjfG4ZL+bwWryc70sx+Jvc2kvnEkK1bpFTGhxwzDjkiZ1FSXa1L3jMu896yF3YJ9pWQXdAkzgX/DAfifNhww6Mot/Zl3q7FxNRVzH1zm3VHpRex+hrhO1qs30eOZ/OGEq9OLleV8oBT11/pGD3BZz9UXPNEWFCXVVb9+a+UIrjwzSMqDuvalGlgHyjGhtfQi3m50Ii2mbJkaUrZwuWTlulydij03o0DeJ3KaXt+3qaLJgFU47dwLT8NXuBb7mUIH7+QqrktcinQ4ZlvPrQOiFy7CZnL06eBDcyxvL4tOsBQIbHNReRBSDq1MtMdKnJ6a8MBI/xYy+xQ+OWCffJOdrVcxwPgnKedOJdjtl45RTATXMg/UUJihgeDjKId2aTfVgiucrdS46HkQVcOFyCePgd3Dq7NcmhSDn5Was6rRdBjR8+ihIDPsczi0ABJPHD3l/hJj9aW4I5i8TYD4EwE6r7iSlnpGrL9IgZt8RtxAQm0jnutclkJKMC7D+Ye4udNpfRHhYjisrYDfuzy/r+UGjG0oSvBPtoTMTdva9yaizMuA7hDiARKTABNuEdtPv772KU333F29tpBqO+It6rib1EqwAAlOdNWQ2mzjCXs6gYdJrIjSmbJ7Aevqhy7I2yNIvOBerriN3r0rwEeQo1yO6uMGzDXVHtHyt8u0wsWMi3EOMaGmFbVpmP0MzbTNudFbJqCiwLBFAKI2SVyKII5lYaDCemuuReueY/gVT1UiQhLjVJiCcP3xfc0yImEIMjyviVKKDb4ajfKMjRxLJAzDTqhZ3mA9XdGij5zQZQetxBBRBfve3vWRVMElPswuQnvNSDDfqX/gq6aelpC3ls60uzfq9UZiQC4HclJwT+ziqEqMgSLsrK05Kvz9gK7eKlqG/KBDrzWJGn04GFZXWf1JeFY6snTjfFJHxDA9UO0NrBCtkaWTwnkmufrKmULdgwpKbzu3ho2fW57UoDEAVJZcydeC4IZ0tf1LZdCIJzWXcH4Jey7/1j9cfKGZDqcDdeOpN3Sp0272iGLiHX3GtO2hXsXlpkULlMo9uFYIWkGCbVcKlCSC51ud1TK7JrNDKwREueV2wIsFjYQBusippVz2wH/+T/Cg/9DiPb/NgLVzsj+LREj6ymMXhCDzYEq+gnaMNa1NWpJWdVhi+Q4IndIwS3LZzFYGGt6VKy/9g5mgmjarhzjTW5tK44SOhVl6RrGUt3Sa5mQixidvyvljaI8Ml7v2cKF/wr2GN+zm1ccb47U8VjZU/YmOb15dYNRUUaiGIIBoLxmD7o3VEa7bBKUymXbsUSfv5H3/cmLnFo6fJVnhTYtq7fq3tLxEDE6SHBE+yTlUDLpCdP6tHksr/dGE4zxCrLYUTCUALVH92SnmTh8nIIcVRWzuwaVY2rCEedqZJOI4Yd4LdKngXRHBzq8TK8frMD/3Y6V5DbiuWY1HvvNbdb87FiTaWdT5OrR7cvg2ar8QQrapKnctTwLgf5ThYHksx9WS5VzLipE+VqAllKrJ6VYV7CfeCRNP5iiGAKkt/tTx3DDTlojIgVEPce70oLuka1rUrjQaIvKkz0PSWJAf7iRHB+hZRRZWDUwIc8nRLj0tOiZzdW+D/DNyk61uQVp/n4sgiOUgg9ebjpmqUgAW5dqOyjvWQfb8j+FSZ8ajC0OpXpIK+qmnFruTXN6ttw8kafIECdGgyoxnGwN3QHwpIJNftbDxY6+O0fCyRtqz9WoeVCNff3JGo+1ijTvjtvXBNGbf3zVtdDwsfIL31VQCe/LULiuJ074i3vuGtG2DJPcyoZxkIlePI5tj+JDq921+ZdeS4pXry3r2gxIDXrapKZaNAvvZpqvyvj+J3gqaM0XW5d5Bdha/mUt3rGeJe8KFbkcJpKon6zjVxf54jamZjjqGcJvgxA3C/Uk3zjeRTGrTut9sthU1A7uzerEv0qTuEXVCgwcdjXKm9CP4hzMY+iMn6c5G2DL8yk87mOU389sgnfUBsiw77a6u7S7sSlNUl5mLiPIWqh2YH2Sp0HixS5KT0fefUWDfwErEHrhdKPxRAa211urqUPhPC9l8uh99Yfwe0pbn+99LDAAtoWvGzJayebgKiWCi6oBPK/kOz20sLLDRV7haqeBKa8aqhAFP17rpu/VfQctQRgPgeVJkVTN7XZd4UNWRZVNRotyctZGmFAO9K2VBGjamBiwyZwsO0/+NF62nbIeK3I19W0L4xKOEw+1gPzFypmKbv5H/IXVU5AvGKBnn/TxchsWxb55pCf9zJYTksV+8ANNImd/4coDKqoUF4UWNVCsS8jzM+d3GGVThooMC0XKdSt5J+ErAIJZOejvIJmEpmPzmYwX4AReBhnthCt+9djItzO1RLGwLLc2IKO/QWSplV7971brfIpQmZFN1zzgs6yUOOpRomR+0G9yDAiWijezNqKLtnvJJ/w8AJiiK76bVePU3zLfgMQ85hgIA/RnUjYsWoix0zAHjTVFf/9GhVkL4BFkNzbTaVvXNCIWEANN2d5/MkMOGpqG+zg/SyHA19+bVFvkQ9IX/e1E3ihPriEvnvdiB4hip1qFzQubUwWevHE5IfHbTUscNfExENik6te47BkEdujeJEAku3b5l5fbKy3tih8m+zODi9a0FBIYMOIBEfMZKBb3DV/sALMjoPY8okS88vbalSnccIKwGvv3S3CpFYQoLwtpJuNaoN9jCAizi/ym30QFFX7fGLdD3NE59cHQW3oChmNlq2ZVy2s09hVcPmc/tAGA+n6Bm20YCSOx4nkqZVU6Fo5+FD0AacuXhBeQ5OD0pnTsv+rnwFGU6Wfn+n6VQDRwuG+jEWLK7JbVe1ocHIQZwPFswvrNsXTqyUHzCjFmPuvolygVIG7b/WxFl/rR4vEwNHfN5bHRcLncFqlf38wbB5KSPqJtnDyMcP1ZBuuoJHYFIaSNzwaRmrVDf+euT2kV54ZoL1bsLYTT8BU8r3HAcT+iwr2/Oc9DwKVV+73JvBuwlU2CGBllZSPz/+HJSQKlx3cHW1USM5pcuGU9OzMFLPWBHzdU8uMICCmVbRZfQnChB65fDKjLKwYQYyOPM2Mu/o6N857mLQ3REaUuw74y7VXvGlNLUdVCUDF3nRyaWt7baqk3HsxSu82zjmWnhoQe/m+sReAEU5BCuZc3XLjNv5ITvkFhzUzU1lfmzD0hvpcJxywHq9FFCd1ER6wqHKN8tI4Wxb5PI2JxOSB0MZezxxZT9ebkEnJFeYweUfKpYATU5MQ6qsPaTF3WqtPRZOjBZjogUi0mly3U/0jAkth2Dq644rBB14hmiMFh2THNPV+7vDiJ8Cr0BuSf8572cxU1X2FFUOOH7xC12aMsy3mL2kn9WRqA2b1ChaE/uHDwS+xa7LcFKIwma0+C1z4Sncy4ALpap1/p1a3A0wj9kizBFmpjZm2cYTMcTv9nv2YgLtT8ABtom0YcJiDiR3P5ZjFfPVA4ShApD12a3Fs+Kkj7FX3QSJHr5E/+lceDSTuTK6hu35ZfxLp7WovSWyLGNnch8ofNLX3DHp72crkdoKeqTfsLjUIkw0MMBw+MKUPXmcOY3plH1cCxmfh/cDN4fkCbHKL5Rg3LHxQCKcn7wsyHjntvHgdAAmFa0RnKMBUaPdxGcv3OGelZHeA3dWdEHdPkIIQe8lwSWOMx5Az3Ab9m5s4e7kXNNqXP40okPRULyF1RjmXZXw23bqj8ql/AeCkCRgVpbI8PkJEPJc4QoFZPH2DubLn3EwHQdy9/L3TvWJHmXJZBLeBtyOa6Zr8WwD5dbb2f+f6lbTQrAY+aUOGbi3u7rBLx6IAq+K7LHH+wtDVX1v/xs4wcML5/9EhGSA8lPQj+Zu2zFzt6H/tuQybXp01Z/r38kegOVxbHtY7Dm+wuXr8/I1DFQxrLjGctkVp3KZVXAp4imNXnLaDAW9dHW7Ql7P4yIwgU9Gkk809jkL17uttWCf5qNKPbXmfCQPf+M6UvsE6M48RbaY9ls0yGa7Pa9ArpQOtz9pUXwbysvGwHs7Mfnlr8CdQlhuDQqO+AqO8zfMMq5uphI/unzn61M87b6oHasf1yxaAmW0HG0prFLVyxUYC1M1iypg1yAc/tlbCxS6NwlU6VfZHqBsoPRV68RiTGk/+lWMujrnzCAl+6toyXGm/4N6aJrWM/cv4twDMYAsxz3jLfzdA6CoYvPKak4gkFWCVDKdRuFb//fcPE64BCPWXSIq/dn61wDCMinNjbdgIz/tFvG+mmeJGpm7yLhzmVnMm4qgyaoAUURHgiuydSGLXowxmbAGlizxiWgqLWcCfKNmucXl+J62SC/AEEu9iMh75ve3oEHruVVTW2HOGo36rLLV26m30aGz35cXOeI02+Uxtll44VDUTKy/uTWBQKDqxeFQUb2f5QTF0t9fTfT0fFPczLvmwEEycLdS38OYm1mVBE65L87A9p7WSf0vHGRYbe3nMMBYMIwCjt95HAiDr+xqB+jUgmiY2q2V+85cBWy8LJohps/VkdPtRJ5IriDLpAKNwvS43+Zmi5o9Zht40TTAY9fB7LrxrTK+bw42TbdPhC30Y9EQEJ3J6G86F6rQFQFUcfaO0BqW/kf7ZyjhXAje3xLN/E9wD5LIEkS4yjCE2yS/UmR7mKb9wz4rWtSbYbceeAA3RSO95P/oF40Hm3h7pgTZk2cP+MdzlhRFyOaxfRll2xFuTmdyb65LAMs+7kYSNtwzq4ijuY9+gOI/0ulQQT97pzOLAW6Lp9SqFFKzUDkif3MU80XfhuL4eamhQtI3ve5UguV8oJhjCBHBlubC2ZdkG72+uJlj3DdnpS4Y/kw64kGYjbUY/zjugoUKQNCXGs0X2hUkVXvfg67/IerQ+l3oKQjdkX6o3FCNHk38VbycsFEWT+DJkAeMfGf410i/wdWQ53rjaskK7/nklhvAc5C2gxFQIZXCzwJrwFk7fMLH6uoJqIF3kRIrwnTN6Hot/o2H6dZ9lSnfYUumwIOwdNozIlvvM4TpgYWKqJUQp6jK9Ef45oZvqgg8RTEW+h0crI7TuRJqr1V+Ij3lNd+x+qMB7mqHpg9xzT1ii7nnVSuQdi8UNTeALphjsLtDUMcTWm0ewJEDlr++GFu23u2DgwnACH1xbTfAqMd+wGuI4f43Y4ZEc1sey4ip3TT4Bzjbz9YMZIoyT2OPBp8NS3Zz15dEwQPSxKedzigwwpeEGVdF02H5EF60Jc29znINdHpFzsiUX4/m52tmPTd0K59Q6eEWL8gtodueeIaqB6aYSV82wcLn1oTUjezvmaZDhB2QmIlboPAkB/x6fdI3o5s8NONXVDRhP8tcpmZ51xd90v2ySNbm8SHj6ERPbz7u9t+B/IxE7/rUsAYBsS0GOx4ZYkXfpBidS9U8IbHhYSzLXPQ2ZjRdVQL9FKuJihMaSVE/5E4tXQhm1X8OYz/w4cbqoSYbJdVQR2JYetJeCU2+5GylXkQToJl0n+KWjsbPxhUZlhw9IoBPWQmgh9Mbg2pniainMFeob1TJlsQ8c9IJ42e3lL4+DJfwCMCBZyKdTHWvZGzxqTDwZF4QTvwt5jcAr5+TG19QrGyjBCFy45zGTHPN1Ltos8TqSpeZd6sjcUFda3b64fbxhD7fTx8JEilazPwXdU3h59JFD3NZT1qfMALUUdeRtVO4BhWUw3H63mrlzCR8smD6crEXqKQkrdtVLQf4BF7KwvqWtAUCZCJVHITPORfJtCfj4YblKCJ+kmFvqkOJIPpMBDMKQ942ULnqto/Fk19MIyjQtPIdGQPoezDADYRqfgfXlWzcmwTprsfqXB9cpjeihBjSc0+PIB46P7DImz7dvTfHPty9OC9yMMYQp+36HdMi7EIOOa6FTNoWcgvMMFfkKQ/97QqWDAEz1t2Uw2yjKVLaksD/HmbP5kxgNsJjM4y6gClCNxoad3hU1c/iT3SJtxxrgAP6JINKa3IF4fpst86asTF+t8Evud/g8hHU1y5W04lfHoKkhZ83kr/r6FGPYbA5y6nN+lnvJr7ecmOVG0J5gj0nnamedc6l0Dar/r8S/ngjay+BMvv90LCIuIOXpWfgphCblsXJM4AytfsOXAe5s+K+YF8yNB5LOlPhoPu5bhZtZ1U1M+puip2Vz0L0zt20XIqdDAz4mCT/oBVSxNH7z6ygqhGT8RxhplmuU2bWp4zxc+0bH2VZZQ5Qg=='    msg = base64.decodebytes(msg)    iv = msg[:16]    en_pd = msg[16:]    aes = AES.new(key, AES.MODE_CBC, iv)    data = aes.decrypt(en_pd)    print(data)    open('1.class', 'wb').write(data)

int[] arrayOfInt = {     118, 120, 113, 59, 112, 109, 112, 53, 58, 86,     53, 55, 112, 118, 125, 122, 53, 115, 121, 116,     114, 110, 35, 113, 115, 113, 118, 38, 45, 33,     113, 35, 37, 39, 32, 119, 39, 116, 119, 44,     119, 34, 36, 112, 118, 36, 32, 44, 34, 36,     116, 116, 36, 36, 104, 55 };byte[] arrayOfByte = new byte[arrayOfInt.length];for (byte b3 = 0; b3 < arrayOfInt.length; b3++)  arrayOfByte[b3] = (byte)(arrayOfInt[b3] ^ 0x15);

arr = [    118, 120, 113, 59, 112, 109, 112, 53, 58, 86,     53, 55, 112, 118, 125, 122, 53, 115, 121, 116,     114, 110, 35, 113, 115, 113, 118, 38, 45, 33,     113, 35, 37, 39, 32, 119, 39, 116, 119, 44,     119, 34, 36, 112, 118, 36, 32, 44, 34, 36,     116, 116, 36, 36, 104, 55]
if __name__ == '__main__':    flag = []    for i in arr:        res = i ^ 0x15        flag.append(chr(res))    print(''.join(flag))

cmd.exe /C "echo flag{6dfdc384d6025b2ab9b71ec15971aa11}"

32位md5：eac9fa38330a7535c13ee43608811b5f前16位：eac9fa38330a7535

"requestBody":"KCbAGC/zgT89mb2V4KzcXve4eFWfU1z3gLKDA8p6/bfBx8vemcqVszDSQgmQtxcNQSZJexIUOGNlAnOMC9stD32MhhwYdx+NLjRV2Ysxe7KXb8iAMmF+QgnJnnxaZVI...（省略）"

import base64from Crypto.Cipher import AES
def aes_decode(data, key):    try:        aes = AES.new(str.encode(key), AES.MODE_ECB)        decrypted_text = aes.decrypt(data)        decrypted_text = decrypted_text[:-(decrypted_text[-1])]    except Exception as e:        print(e)    return decrypted_text
if __name__ == '__main__':    key = 'eac9fa38330a7535'    data = b"KCbAGC/zgT89mb2V4KzcXve4eFWfU1z3gLKDA8p6/bfBx8vemcqVszDSQgmQtxcNQSZJexIUOGNlAnOMC9stD32MhhwYdx+NLjRV2Ysxe7KXb8iAMmF+QgnJnnxaZVI+4pXsNh2GpJCB6RkVEogPLJCs3cIETUtmQxjI1uFv4eZw1m+33Qe4wCcx8bDzHMY4w06htbAOOCBA2X+fwjG1ZHf5u2poP7agAHdgbE14bIcDS+2tJMtQclJ2K/OPaSZ5gwa2KgXixBko0sD4+q5KQRMIrLkFovvt1plWsN9ZLoVOlTatnMYHdoO5nu4abNuJeGprOODpXyLHSUfj3/mCGXpvQCMr3zuDhmBVv/v5pQ9YsnqNO8oFD2J2CTGrGTqvbqfJK7zr+Z1NsGjCDK53oQvAF2kbxZhjOxrzcVdVIicLu0VpDomF16xthNIpxLTFRXizLmeX8GSzdiiw6GQssqwIjkiJqEePAbxnTKGWwLaAHuVUADx65OBR0a0mtsBDs72Hfju/tU26Sr/rgU1Dgl2VVneVKdPQtTNtSBgmOJNzZf+Z4JRJluU1jmwRqSCMFU3pbohwsgMIY75eKdUGQdU3bqV/BACH+qZ8upj1Tl3BdS4ptLcOjlvw4WB3o7YLWO0ndTIVUwTGQTTvvWYyeCy//98S/fbtjT8y+xsEnIVL6Klu/Mp5LJMKQjp5WuAnBvdo6Nhbs582syRxsDF3Gdysq58nMfjnTnQ8NLVIAqlhpFX8cUNhIN597Lne2pSFf4sE2NgGPGwWeG6JhyWW/rr2F4sn7ry7Wy562q01hBUE5Y4FZRRCxkbqReqBUq2+FK5y1IdzAsMKGVV9BOtI6cuhJ9D5oyqqOCjWvxa9atFaRPXzHrkDRbY3bOUfezn9cfhMwVfWgD9joow/sWPWI2F5gN02BvmH5g6LJ3mRvqJPKpHy/gt9cU5MrUPfcSz+0wmOgA6DMfbGRFqguA4g3VQpznE0WbbqnCRZTCun5N90Oj8c+hf3jspAcshygPn04q1Em35kfj3wwLnCdmpYkZ3YpGHQSNFODy1PYwchVoC3Vwpi1XvrHr+bYf+mDDva//8rurhyXxtkGXGFQk6a5LC0tM8RWGo5gwKJfCbmcaiGOOXX+hbVEyld581vpr6d9L9G5pRPOKqsPcAZJdqfmfJq4KvdVdabp2jXSFvQaXAyiYbfqYd9MCxjsAZ1dTN91QkBuenoK3ta/whDYaanzKFheKcXLNgz0mPZHJC+B3Y21hSSe2LkHrjPZAsxLqX+HsXQDKyB8poHqHED9gnP/MR4G0rpr2Fiy0fHhQVGODbKA451eK/C1bGFoskCYMYV0mDuNMm3q4pzgARzDpaSB1s+9euZyIaH3xaK0K34N2J5Gziu2rOnUGwvVqY+D7Hzp+i6t+3HQoHJaDs6hdf21SF5aUkF3RZsCPf9a78O8jXQDcay8muoE+/GB51dYImhbtrajuVL4E7SLr3Msky4gjS/yBCCJSY4GPsnN/ZQ34J9SYnx7DDfXc9mWl5Rgd6cDpp+tV7/7CFH2LS1aaCDG1seUntWbw1BlbuiYDRfyeTELfPtycz9ppbPOeFAH2jUb2NGqzUKTkdgE3JKj0Pq7IF7PsQhyTyhNBAmpFUEQwVbkn1UWE1ajwItSYRqnnNEVlgZTuHLjIP6m7fhKPjNd5/jJZl3J4CL/YipGPP/c5XbGOloxtj1H4+/sqjNOJkw+NGe4qn/PrIUC++l4qDt5FV4ypw3H1SPlBDK5Ujp/TW3i1IVzWDgp+eNw1qMpOK9SkG1unH3w22a3Auvqp4RYv8ZcQ08aDAUTXpu0tsTGfT10vD4jmmzGCMHg5ZsGcnLN5R6ks/bG8a4tZWlmnXJXlvXHAfsgql8yINbXnE4MvtR5NBdimr+rFczxHW7j54042BU5dW54woNQz+DjPLAGDbIWX5W71SCGySdzDTOn6/fSrhM47kOjLZclLuLmtomiAdmo1t4hOMjkoRF9c0QdxORfhqMtKVNbpSG6f4qkhGd2KRh0EjRTg8tT2MHIVaAFlc1IenRWyLjC/daEE9zXXLNVy3bpyByofh7p+FEcwJvjjn1TglO4u0/tDZUJOYvru2LMTmqy9F9Mf9ya3RKCXtYbJdbf25Hqds3KM824xfEzsj5bTdLx6UQ8BK80cUTLh+Srpq8UgHnXBzhLJ0dzawQxCzCaD9y+m4XGD7W9K4lpFgHrztStBTMm0VpRXtGroBCmjNGQS9VhTwcq64tNutXOPFrp7gS9AOWCbG8rdu2wtQDinNxnT51MEZ4gwWptoz6SyVCgpXkaaSqNyMAXnOzxxn1iw4WGn+w8a2dAURBBtrA2Nw4tt3U8QCD/x7hCVxv9scHO81xe2Qtbb+QHAY3mqP4fsy+TkOb/LHgN633u06pUpXg/TibBeuJtFKVaCayfqyM60+n3ivF7G4I1mp4I1oLttVhgjQpAVhddcEU0lyxTDfZWZrXHnrGTPAzf12Gr9IEcwBqCY/HdKnvoWwW9OXNUR46Lfdi7d2bctIxHBbEZrxTv3fIIDOicy3VvrxGPuEn9zNhpPSiZu9ZtzjSxVRcHP+4Z7S8nwyOKDfpcuq0/g6/OS2LJVf0BcqkCoSf4FQJSXVSmZHPScLbFYKjXiXkeAJCTC8s381LvrveWGixBYmwqLUlpfNKdj8/cNL6fiYKla73FjzOXTJOdiFPjmE44iS8auRyslgTcovsNwFCSorOxIJRGx9M52GHc+zVI1TmrbZXOdgY5UjbAHJn5gAkYw41FIWZKddU2Dwe51EUHzlSLQbhOh31lL98ne0PJzr92Wl47e7TnWwmTAB3tlIq4vgkqYeItlUlGuQ48891fQsph/scKZrw92CvFkDK0AkvM51IvQLX0c/iBHvYUV4+EDX0aAk9foEqM4mNxI7fH2pNa066h4W680R62OjQs0Inza8IwZDVfRdrkV9IAN+TSJkHSGw/7Av+2OsZ4TLmNc2V+gwet15//q6QIc4VI3cMqNmMIFxX2u1NMbi5nCy6RP/+7DeNdaD61fv+6esigiSy0QPEDDoDFOV9z5j1mrSXfP4mzWZCFEOBobYE3mP3TNTL5TzGGyrhJ1GAiU97au3om23hb25i449/liTflh10MrZUC0Tx6rpO/XmOhqztZNU1Z/cH2k9u8FTiZeVWllbboRCH1EhFae2/i/Cycsobb9yCrdXJrTMDQuD29D9aPJ20Mm54XtoLQl3je6L5skfu0hJIU0ahhqtEFbB1ekQecYcVLrQsJiX9Z0+IWNSnEGQvxWRr/l8AepQJUuS35jiDe0/yD/MpGQFmnYZZ9xB7+QDm7FG6fzlMdBer3KYTjbvim1mjmC9p+Cq3uoS4iQsPdxx4oCSE/WkZw/AbomgkZvRhvjCtWb4XYIz2oSvpnIsen6x3n9Jdv/bS5SNUS3/7vmKOkhqPu+oSD/wL95pW48rtnFxVoBi0P+6RUYhhruzhCa1WSdoh28xnnU8kMSy1aeWdB2gkqOxXlm2bAzJLPEH7CscyMoyARnRVFwNldpP01dsKocoTDcvpNsfY9nT+rlgmvKmHe5rk5v9EqnfH0k2z/LOd9XpeGMRE5W+IaPEc0BGc6JzXF58p2wE+y6NKNEAEAsh581EhVFeA0P8iBbv6/qwnZbfFHmGAynHzUeUWWT9aSIeD2qEmw0+4qWU8XliDUT2MOb+0MunDg469RlNcHPGxe3lVD6QNdNt4Qd3T64kFYRoN63AkX7Q3v3e28YOJJQ70jR3iZi5f1Q9YrPPL9D2WJxMzN7Vkgjk2+En99qRwMbrFICkIbd9FjJkySG80NMnFAJt4uhBGtxq4kdYGczEm8pFt9ula8sZ4UFBWbPadxC5YQVvbhAMdHK592IgX+Xwd+wtBluBHNG7eEn3n6SOhpXnseXYTu8CTCaeeiw13yuFIngRzFoIalBeMLemig3jssDOF3Ft6xpZG8Z9t7DrICXXQGJfavusmNneg9skgAJYoW54KCGyRKSPW6y52a6s07ZOqw5sDMvYUgVESqHMgKxSGHXnXMdktfG5hWfPkDiBQt8060lkRaHxer2Jl+3xn6Dd0T4kbRd797bOdRKbwC64BDisJCHFJ8rO59w46cPgsH/vdHIJulNdW1Bw95khAd3YMv+IWF/Zi73335H9t3+nzQoUJzt3APmWZO+RI3zcHmC8Nuob8osNZTlkKMeq3ckCYNn4KccM1lQb/IOD7TgP6vRUYwieEEFng4gBzCaA8Z7nHu3ual7BJ1HUqwX0u/5GFjMv8zaiJ1Y9ojexTbKZLv4QBvSLq3BQ4um+mu6faTNgG92jo2FuznzazJHGwMXcZClzKqyYXgKcXk2M4fHC8ulO8AwdIFEQRHEsZ1j5W478fPQVOBwvLuxP4gH1bR9Ih+J6yvJWJsdnap7Cl0T2GqFscCwdc4YdEYoLch3DAI6i/av/AjQVMzTXlFY0bwdVEBggpaBI1UAzNpXh/PEDHlHBOlkfzlCX3M4pjOHoYSZKI9OdOWuhPTtRTa2oMhHiXR5Ustwz69nCTZMxJKDcC70Rwuw4jCsDxZCB6eRu3JotBqt3w+eRcVnT2HasQ0hsikpk6RM8ETwmdoeQrSqyVjbiv5u/I30jtXyfdjihpYd7TED0+MrV6nxKihCzAiG6aeuvIRAZuUQqASeT3FI1BKL0lXjFn1OUxOYcLv1gZsZO0GNysceSSdVkKy6ih9PM/e55FjljMAsVfLH792xKX/RtWXwjZLAnqlbUHNzBwEmOWZmAFsqeoy39MQruPujUU700eqjAB/Pn66ZiRCIq3Dz6IpjDB+mIDYYvyMFqBcD/PO5xLFQgESqds6li02Z17hK7RkIvlHGgSq1AkloTeIA2ZM0BmT4Q5niNJQO6kJboDKrH7B4yhPLVNGQBLy0yakMk2lsJABaM5tgW081vzjQCKKqzkZjuUAqGRPjyJ3VLkxoWNYdhnJN60ApmqlLMY9hMNs3fYi/TrEySMOlp028+ODRoC0Ntpj4spwd2v95U+p6DubyybBrieYmq4Lw8xMX3jgDx6jT6s+TYdRXBJoX0nau3o9ogzvpKc60UDGYZw1cKgeHG0206/kfyrTxwJhZBOvolv6sGOvwFGsijN7SU/HIUCgzcG+nd0sZF9SAPEw7JfsyYVAm5t/ZGJoaCS+JaqgRMrmA5OcmisgFU5VJ1tr6erm5FpUq7G7X/frzNlM0sbmZNW+lWcvdzz3RKD6ANi/KFPe7fPOdQ+VeuOHEq5Gn6KvOAOgkRdaHDBhxtsCTYE2Qu69u5e8+yOBQkYGo7bGMcFke7y7h+Tj2txoeGjVxhOsQDUDIUHnKZf39behFEZvySGcl0JS2FMNzQqN9OMLyEMv+iWxZMseXpoLcbjl7E9fJQmvv9tf9cYwFnLpUo142ZrTUC9xv9cW1cZz5SEKm4+W0NQLQaMMSwhBvCbShYIHn2BAIx8yNodTnn5/zC8IDkbyWfAaVQ12eVP4bP7C308Fk5PwGmc9k2En+yru+7BS80tx/ae7dK+y/2bMb9lGklyinxig9ztHAoq6u4eUI3J03gVre50XPm4wjll5PW0TJ7Te1P8QllB40XUUJw8+q4PsTliHICMyn8KmeIUZq12QLl9UzqOJlUzLEqGPuAQqtXaOlc2bcwYoi5HzVU5oUL4BZcZVNjCXlcn48RpS8FFGpt9PTUxkW79enhXNmwn6nibODHag/WbGDyy2iquaEWl7wN/rZZBkACyHgq1pZugagRdI2JJVX4wGA//3PQapivgkLUeoRgxBPnxfHDNPKobFKB4UtDUHE9rVSmwi3lpoYwbtrzdI8PJAN1cvs1nq6j9i0rgVAk28/Yf120E2zO8saOk5IH859MNs6V/+VUdPYBX7puooW5SYg45bLNrYrY3baxX/9eut1Y36Ye9pUY0dxxulecPvjveUWStFUbxcej71uTWfgxdH0/SZ5D0kvJCNczXc0LqvJ9qCcGzl2dCdGFMywsFANv8o4/tgtWGkV+KPbseTj3xrbX2QSRatk0XScil+w941DtaQl648HPAZI7TqcKTYz/eY37nIkjastc280H05hpsporqchcEopHMh0eGGJo0rmz/gD0QrbA1yCVN/7dG7n96jGANMCpYjIbwpR6xaYbJXsSjt0HLFA/HuVzHbrAQJGfLDMT3P1+EIyrTaitxpunGRDq0QIGi32251T9k1HwWkv30u159Ckodej8I705wCkfc4nRCF6iVCOHZfDfoDh+nF31sFOeMaRD1UmVUm0u2gsvoCXDVwCrz9SSGrV4MowRIM2tCsZB7/VzvidPNkgYvCX+X1n23T8WMur/3YNJbBa2x1R1O6RwN2Cx/rc249bKJq4gCur7XAb5/Fwxmk6H1eFbUeuYswfK4vAbp35ebogntw9JFHTj58ZDE44HHHVrNTNwk/8ousIDFwagI8oQusLzKK2ahPfmPTyMsu6K/ItERFPiiWQKBSWdtOcWY7uQfnOwTRt83ss6lYmST+uEChm1HResRiFtwDvTFfZmyUIW5CrPueCNtYt2xyM1c/uSIJ25DoKjzwMAjKA28SRfwLLhuPH2ILpWYqkTLyVm0I+JLtNB8lcstV2zwG1z7uME0BLPHI6ndyDHf0Copo1DK9rQfhw9tUMmYEmkOyJICDvyoBwFWhZ6gOfRMyFWaUxKrSPBLhyDNqZFx6B2z6+F8j3ZGonwUbcw5/DMgaLLSucM3S2ly4xPr6jxxNN1B7ONBLTcvTdWMhusR+JxuFKeTGP02F1F8u1twaeQMcGa5oH/mC1XZZ43ifHMUNmk4Rz5l6lZ7Cl6mP5CjwepItr10/pkJ0qoEXwzBWR2TQQb00d8Abfkn6xz2hoJLAMSe0VwoalayHFOe8X7me0OLEGBxtPkBkMyH8g2XHkGE5vfTcfMDvidFm1IGsE2jBbApaGfnvEOVeGYP1QnWYsUYbAOesjSIkqJAgasnZQdAH3bR1PgyQO8PGmVfE0RBadCfL5Qc8Q/q4lUkgd9grCnHfZziq7BoOOvoY4QSzvnU1ZWV9roAf+znE6g9GLwEpXjjDmqyQ5FPqRrkR26VNi67QOkOXGmn9GsKatulXztdmsPR8RT0ERiG9CO7RpqLmBIiDGWiwFk9T9+X5wB+lb/xfA8LB3MxqwqvnTxc+8TRF4z+kpWBxX1TX1NlfzoF/hMKrkYhddMM3keJBYiGmMDZqP3yKQOpeS2cFMcyRbGa7beL8VKNJfGw4f8iuyrr4SMXWO6sPwtYeNDoQLIjzWOGx1VQOPKPKaMVxPQbGhGwB8aFULTwhccmh4sBimhghZUSDaw9j8uvgifecKrex2O8PduxuW63Fk6c4NvTIlvNSgZDc6nvVDI5c8O3VhTZ3qF4gy2HGk+9ZKdELNfxhYaK0s0ARbpQ0PZFfWLoZFUdMUtPr5cFKjtJpOvJ1Cv5V9S4CE0fa9/qH2pMWvNG8bS/OH8+TBkI+j+7Pu3R9jhZITSV9Wms2SIFAwq7VtuPvbd7VSHCMIfRsycbjw+J0hihPb7c55i8YMFCBf9jkbCYJyeKib+R+rd3MCifvIpB9Vpl5sXl0rUG1kFxYq/QH6bqbF75zFUXUko/VEQXs00cQe9B7YeimWqCzwCBA/BAD6xmh+l8ePYjhrSOf+1KyYDcKC2gHXU+myY+P16Er7LdxR1oEnx85Ed/RLEAjeS8ljKHYpFIHB3iodLXpjkld0AAgCetZY0mdurCPCGBYQbq2LJBTriBh0aFS0pfdLUKE8gvXZRZ8uokQgVc10gkQaWiWgQJum5y8HaUP/9nr7ST6fFE+kFYzxqlvUDiQhyWMJIKnoUD5+ZDedULdQZxboFmtsNHR7fJJZlRpTdZX9+l+xBD7SUEg9sbjdxn3xGb5hRqJtJhMtrJ3uo8szYVgZUeDaThGoNj1hB/2M/K6KKXe9pxRuv15bGQjZkW6YcCJxKbNLBxVccsuWcbWyB1WNWVwowDpDY+IMTfgHoUaTavE04TEiqHg6gZFscePO+Y+P88cXyhm08l94jq3Wypejq8YQOM7p3d3fYg7fTklYmxoOG7TpbPVUeBM1QQXPA+6Zmso6dVkswcSdlNggbvp1/GzfF6/DJt+YNIm5WV+65wSeayr3ayOODdt0bGhABDBfu2s0yXrJfkJXi9ERQU8Naiago3oMU1SeQxb+IY2MKh21nbm+/OrSIdGYMgz/8OWaW+RlP8s1QdywNG0N8UhhsgzpGijuFCtCG83oXTTzok9B/9KuAHpQlAhKfTIeiAT3Lf+KzTGb7dWolP3oXruL7ZUiqhe7pM95g9O19kxXzOXMk/8wV/VvTRVExhybs5McqdTeRwMRBiI067i9mburZ1ZCBRH9HGLh3yg/Dfl2L3vb60RQmCo4xvzAk8ytUb+vts3H962cxp2XaM5oKm9rN3eVTgd+kwdVu6perc8884QfKxXaPlazQGZZkpZSLl/U2UOs87Qds0EDac2KLHbPAtE/YXr+LXsbjisJVqk/5khiKmaFTqLfrahVkDq88YE+D0vKyyFJaxxgkFPCU6vvbb81jYj917Jr56XgtZ2dmHRelXi+CWJ/y89TEcES4H03pwX3Efja9dmy+rX9hUEen2jqrg1d2JAJHJ6gGPg7vujYfJcG/OS6TEp074wuLpwqWdc59EpgpHeGWX5DXgCFZPep0XYMWe065vHWyT+va0S84pPu6OyBR5Pkc6P3MxCRiNLMAazXprCImozeWHTaj2Sp+tUxlyL+pECSGuB3G/uAUolyrSajj3JSaPc9cSxhBhTUcfNTEcm9DLzYBK/gtp2h3G8VvlsCcDipCAWoyCyKPXuQM2bkl2R6f9XwFDdrFbXYdKhki6AoIS9bzhDX795HNVxHhF6f9NOAo0qu2chFeBVniJ8IFJMZ21NKBxKpbWP+et/+UsmGLGF+YvDwDJGrlGX7HquP30kKK3bBukAyrDB1ZWMx2pF1w6DvdFwxdc2BiY9BslSSmRcbQ56CoEBsLtFKP3SHsXhRgX90LAO6OneHJSKLV7ViJHlTTE/79iMAxQbmKTPc+CCzvUK6hogGExPJrNIJeO5Z9XSw4NC3G8Od4ivrXXryz83dpVI+LyabyrO3QOXuAemCXJolr9U3psjj8rWq0G7qABhddA+woOkZPcBQmBmV4NRRX4B/9c33CAcO4FRA/8DsWNJ/eFjfk2/41Od52c1BCoM6gsDo6h0gzqRyeQK7l2nnoXdnxWbb7nvgl6lDxUsWqhpz4yW99x"    data = base64.b64decode(data)    a = aes_decode(data, key)    print(a)

cd /d "D:\ctfChallenge\shiro-spring\"&echo "flag{1198be3b489ae0ddf88d0e6733e88fa6}"