MISC中常用python脚本

  • A+
所属分类:CTF专场

作者:Crazy  编辑:白帽子社区运营团队




    "白帽子社区在线CTF靶场BMZCTF,欢迎各位在这里练习、学习,BMZCTF全身心为网络安全赛手提供优质学习环境,链接(http://www.bmzclub.cn/)

"    



栅栏密码

#!/usr/bin/env python# -*- encoding: utf-8 -*-  string = input("输入:")frequency = [] # 获得栅栏的栏数result_len = len(string)        # 栅栏密码的总长度  25for i in range(2, result_len):   # 最小栅栏长度为2   逐个测试2,3,4....    if(result_len % i == 0):        # 当栅栏密码的总长度 模 i 余数为0  则这个i就是栅栏密码的长度        frequency.append(i) for numberOfColumn in frequency:   # 循环可能分的栏数    RESULT = []                 #  保存各栏数的结果    for i in range(numberOfColumn):     #   i : 开始取值的位置        for j in range(i, result_len, numberOfColumn):  # 开始取值, 隔栏数取一个值, 起始位置是i            RESULT.append(string[j])    print("".join(RESULT))

凯撒密码:

#!/usr/bin/env python# -*- encoding: utf-8 -*- import string inputStr = input("输入:").lower()caseS1 = string.ascii_lowercase * 2 for j in range(26):    result_list = []    for i, num in zip(inputStr, range(len(inputStr))):        status = caseS1.find(i)        if status != -1:            result_list.append(caseS1[status + j])        else:            result_list.append(inputStr[num])    print("".join(result_list), "向右偏移了{}位".format(j))

ROT13

#!/usr/bin/env python# -*- coding: utf-8 -*-  import strings1 = ""rot13_1 = string.ascii_lowercase[:13]rot13_2 = string.ascii_lowercase[13:]result = []for i in s1:    find_1 = rot13_1.find(i.lower())    if find_1 != -1:        if i.isupper():            result.append(rot13_2[find_1].upper())            continue        result.append(rot13_2[find_1])    find_2 = rot13_2.find(i.lower())    if find_2 != -1:        if i.isupper():            result.append(rot13_1[find_2].upper())            continue        result.append(rot13_1[find_2])    if find_1 == -1 and find_2 == -1:        result.append(i)     print("". join(result))

4进制

s='1212 1230 1201 1213 1323 1012 1233 1311 1302 1202 1201 1303 1211 301 302 303 1331'l=s.split(' ')for i in l:    tmp=0    for j in range(len(i)):        tmp+=(4**j)*int(i[-j-1])print (chr(int(tmp)),end='')

小数转字符串

import structimport binascii s=[72065910510177138000000000000000.000000,71863209670811371000000.000000,18489682625412760000000000000000.000000,72723257588050687000000.000000,4674659167469766200000000.000000,19061698837499292000000000000000000000.000000]a=''b=''for i in s:    i=float(i)    tmp=struct.pack('<f', i).hex()#小端    a+=tmpfor j in s:    j=float(j)    tmp=struct.pack('>f', j).hex()#大端    b+=tmp print (binascii.a2b_hex(a))print (binascii.a2b_hex(b))

培根密码

letters1 = [

'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',]letters2 = [ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',]cipher1 = [ "aaaaa", "aaaab", "aaaba", "aaabb", "aabaa", "aabab", "aabba", "aabbb", "abaaa", "abaab", "ababa", "ababb", "abbaa", "abbab", "abbba", "abbbb", "baaaa", "baaab", "baaba", "baabb", "babaa", "babab", "babba", "babbb", "bbaaa", "bbaab",]cipher2 = [ "AAAAA", "AAAAB", "AAABA", "AAABB", "AABAA", "AABAB", "AABBA", "AABBB", "ABAAA", "ABAAA", "ABAAB", "ABABA", "ABABB", "ABBAA", "ABBAB", "ABBBA", "ABBBB", "BAAAA", "BAAAB", "BAABA", "BAABB", "BAABB", "BABAA", "BABAB", "BABBA", "BABBB",] def bacon1(string): lists = [] # 分割,五个一组 for i in range(0, len(string), 5): lists.append(string[i:i+5]) # print(lists) # 循环匹配,得到下标,对应下标即可 for i in range(0, len(lists)): for j in range(0, 26): if lists[i] == cipher1[j]: # print(j) print(letters1[j], end="") print("") def bacon2(string): lists = [] # 分割,五个一组 for i in range(0, len(string), 5): lists.append(string[i:i+5]) # print(lists) # 循环匹配,得到下标,对应下标即可 for i in range(0, len(lists)): for j in range(0, 26): if lists[i] == cipher2[j]: # print(j) print(letters2[j], end="") print("")

在流量包中查找sql注入语句

#请先将pcapng包另存为pcapkeystr=r'.php?id=1%27and%20(select%20ascii(substr((select%20skyflag_is_here2333%20from%20flag%20limit%200,1),{0}' l=[None]*33 with open(r'C:UsersCrazyDesktop2.pcap','r',encoding='ISO-8859-1') as f:    for i in f.readlines():        for j in range(1,34,1):            if keystr.format(j)+',' in i:                    tmp=i                l[j-1]=tmp.split("=")[-1]for i in l:    tmp=i.split(r'%23')[0]    print (chr(int(tmp)),end='')

将十六进制写入文件

s = '68656C6C6F20776F726C64'a = bytes.fromhex(s)with open('123.txt','wb') as f:    f.write(hex(s))

往期精彩文章




第五空间网络安全大赛 WHT WRITEUP
羊城杯-WP
工作中最常用的Linux命令,排查问题必备
Python脚本统计每个字符的次数/频数(字频统计)




MISC中常用python脚本
技术支持:白帽子社区团队
— 扫码关注我们 


相关推荐: 破解压缩包的几种方式(zip伪加密 爆破 CRC32碰撞 已知明文攻击)

zip伪加密  zip文件是由3部分组成,详见文末 压缩源文件数据区+压缩源文件目录区+压缩源文件目录结束标志 在压缩源文件数据区有个2字节的 全局方式位标记 ,在压缩源文件目录区也有个2字节的 全局方式位标记 ,都用以标记是否加密,如下图…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: