选择题大赛
-
签到,warn
-
Covertchannel2,warn
-
ezudp,randark_JMT
想要复现题目的师傅可以到:
https://github.com/CTF-Archives/2023-fjgys
签到
题目内容:有一段密文是 U2FsdGVkX19tOHd3WJ7Fl6oBWeyy6gF4Y755Jsu/A/qhKplZNmmJgL8DTkXkdwGw7v2to6rYJ2PCHYjjr n4weQ==
它的密码为aes-256-cbc
得到flag:flag{0ddd6003-0c67-4093-8dab-8660b57f8289}
Covertchannel2
下载下来后通过分析wireshark 发现了rsa.key secrect.txt data.zip
将里面内容提取出来,通过脚本去掉不要的字符 exp.py
s="....MQTT...<..python-mqtt-611 ...0?../python/mqttid:S-1-5-21-2314408138-2934419717-3527998845-10050.../python/mqttrsa.key0.../python/mqttLS0tLS1CRUdJTiBQ0.../python/mqttUklWQVRFIEtFWS0t0.../python/mqttLS0tCk1JSUV2UUlC0.../python/mqttQURBTkJna3Foa2lH0.../python/mqttOXcwQkFRRUZBQVND0.../python/mqttQktjd2dnU2pBZ0VB0.../python/mqttQW9JQkFRQzFZYU150.../python/mqttUnVoRDlQdTUKdzZH0.../python/mqttTmhmWVRRMFZvLzBP0.../python/mqttalpQS3lEUzN2aUNa0.../python/mqttSXVYVXNVbi92UXhN0.../python/mqttSlBXbENRcTdyUnYy0.../python/mqttYzcrejhQVHhlaXJW0.../python/mqttNwoxZlBUL3NGeGd40.../python/mqttSGJqWmVGRFJDdlU30.../python/mqttUGM0WmtuVDhyVHlt0.../python/mqttR1dSOVdCNlhFaThz0.../python/mqttMDZnV1FlZ3hPS2dx0.../python/mqttN3NtREpzClFvdys30.../python/mqttT0dlczFYbThIeGdl0.../python/mqttRGpqZ2h6ZU4yZFM30.../python/mqttNWtzd28rSEY2aHpa0.../python/mqttVktpSkdvanUvanlw0.../python/mqttMmhxZGp1TVl5U3YK0.../python/mqttQkh6bExvSDVyMVly0.../python/mqttZGcvaEVJT2F1YTJo0.../python/mqttN3M1cDV5YkorOGFJ0.../python/mqttcVRFRno1US9GdU000.../python/mqttejlMRTBPOHlzSnhv0.../python/mqttNFdSVgorY2J0V0NE0.../python/mqttMTdrR0lqUnhIVzV00.../python/mqttVFRzenFyd0hNSVNW0.../python/mqtteVpxKzVJYjFLN0RH0.../python/mqttRTNhL0VrL3dlWXA10.../python/mqttRmg4Ylg4TGJIClJT0.../python/mqttd0Jzb3BYQWdNQkFB0.../python/mqttRUNnZ0VBRHczeERT0.../python/mqttbThlbk41ZHpRcEV30.../python/mqttV0U1SmxuUiswejhI0.../python/mqttcGUrRzlHbWtSN0pQ0.../python/mqttc2IKb2hlZzNidDc50.../python/mqttMzdjM3k2SXRTZDV30.../python/mqttazVacFoveGhFbFFB0.../python/mqttZHpDdFp4Rjh3VjFk0.../python/mqttSHNla2VFQk93UWdB0.../python/mqttQnZMYWV0aQpBczBm0.../python/mqttNTJqRDdGbnpWWHJB0.../python/mqttbFBRTFdzcjNVcjVC0.../python/mqttQllzbVdEejN4ZnRF0.../python/mqttU0xkSzBIV3laUkZs0.../python/mqttYTJDdnc3UG1oQWdT0.../python/mqttCkNEWXZqNVMwcWsw0.../python/mqttaDdLck5HSk1mTThv0.../python/mqttK2o3bEUzWkt2NXBU0.../python/mqttVFZRKy9HVXdGMHEr0.../python/mqttVWprNzVaZzNXTWZH0.../python/mqttUVFWT1QKbk0wa09h0.../python/mqttOTcwWWZiN1YyVUhj0.../python/mqttUW45SEN4SFkwd2Mr0.../python/mqttL1BLNGp0bjJoNGh00.../python/mqttVHJOQkJUYTRCNnpU0.../python/mqttRFk4c2ZZZzBYQgor0.../python/mqttTTJINTdXZTByN2F60.../python/mqttV21kZVZBTTN3b29j0.../python/mqttcWJOWU1VRlVCL1BW0.../python/mqttUjM2Q1FLQmdRREQ10.../python/mqttT3hCY01lcElEbldY0.../python/mqttYjBjCmljdDUvTzY30.../python/mqttVmhrV1ViNjR2QTY50.../python/mqttNVA5bHVCdENLeGZu0.../python/mqttaGxTblBqUHQzb2xD0.../python/mqtteTVLSW5CMDJNbk5K0.../python/mqttTUhWNGhhcVkKR3R40.../python/mqttYisxR2VYSzNwSm840.../python/mqttMzdzN3c3Ym5WQUUz0.../python/mqttZVAzT21ZSGs0YXE40.../python/mqttTE10eGFjZDhXWjBV0.../python/mqtteVVIMTYrNGhLYnJo0.../python/mqttKwpKb3dTd1p2TGl40.../python/mqttV2FKcTBYYVNJT2tt0.../python/mqttTzgzd0tCZ1FEdENN0.../python/mqttTWpNemhpTkVoTkRI0.../python/mqttdGMrU2xWenFsWEt00.../python/mqttSXA2MWFnCnBhdnVm0.../python/mqttaVVVRUt5Um9HOGkx0.../python/mqttR29JSVBuN3UyaEVC0.../python/mqttRjhSbTNldXVXTGwx0.../python/mqttU0hBaldzd05FVUpu0.../python/mqttcDJyTzVzRkdKQksK0.../python/mqttc2dwSXl4RmtpU1lG0.../python/mqttb1hXS1ZkMHI3ay9L0.../python/mqttTlBrMVNocEhaaFNK0.../python/mqttcUVzWXFtRGpiVEZG0.../python/mqttVnhVQ2ozeGVyZlps0.../python/mqttcUxRVApkemRPbm9W0.../python/mqttcGlRS0JnUUNHM1JE0.../python/mqttbUVMMzBxdElHeWl40.../python/mqttSy9IYlFlaGpsY21Y0.../python/mqttOUhyUWVQS0l0aS8x0.../python/mqtta3l6WkEvS2dOClpr0.../python/mqttYmJpUkI1UUE3aHBJ0.../python/mqttTXlkOEFJc3Z6NXMx0.../python/mqttbjhhcEhDL0NNZlZF0.../python/mqttdWhxZzYxQ0MzcmhR0.../python/mqttYUZpalM0OXVlbERh0.../python/mqttd1MKTERMb2ExSXRk0.../python/mqttSXVOM1AySVQvcXNw0.../python/mqttQXR2WXNJMjlEa2g20.../python/mqttR25nODlmTmJ1aWxZ0.../python/mqttdUVoeitoNWZjRWFv0.../python/mqttd0tCZ0JsYwphcVNG0.../python/mqttZ203ZmNTenRQUFhC0.../python/mqttb3U2UFlnYjFpZTc20.../python/mqttUXhhRkkxUXRJd0oy0.../python/mqttbGtBdWpqV0h6S0I20.../python/mqttQnNVc1ZBZVRBQ2or0.../python/mqttCkhWd1FjY2h0ZVdN0.../python/mqttRXZvYzEwSDBxLzJ10.../python/mqttbXdQdFdtWG1rZXYw0.../python/mqttMjNQR0l5d3luTGRC0.../python/mqttVFI0cS93TUc5MFR30.../python/mqttbVpaRm0KRnFSejRU0.../python/mqttVU9aYmR2bzJucjIw0.../python/mqttK2Uwb3UreVRJdlRy0.../python/mqttVVdlRkJ0SFpFaEFv0.../python/mqttR0FDdWFsUE1wMStE0.../python/mqttS09uR1JLcXBCQQpj0.../python/mqttL1cvT2JrQkJnUXNW0.../python/mqttMTFrK3d5MUFaMFNW0.../python/mqttVWpZMERrRUtkS0FN0.../python/mqtteFE2djArRVJDcmJn0.../python/mqttVk91eDB4R1I3TUY30.../python/mqttUkdZCk93dVZORHlD0.../python/mqttVVQvZ2Jxa3hVM2FV0.../python/mqttbVQ5b2Era2JueEh00.../python/mqttZFVzYnFlemlFSjl40.../python/mqttTUxXbER5Z1ZmdjRh0.../python/mqttZStJbktiUzAKTW5a0.../python/mqttQUFYVU5EUUl1NWR40.../python/mqttWUNHUGxyZkE9Ci0t0.../python/mqttLS0tRU5EIFBSSVZB0.../python/mqttVEUgS0VZLS0tLS0K0.../python/mqttsecrets.txt:0.../python/mqttbFBkNlE3SDF1ZjRT0.../python/mqttTkVLSDRJRTFLZzJp0.../python/mqttREZrMERCaEp3Q0Jz0.../python/mqttZEkyV2h6T0dhcDA40.../python/mqtta2RQWVFGcjZhcFN20.../python/mqttWmlUSHZqaVgydG1V0.../python/mqttbEk5aTJ3aC8xZ2h30.../python/mqttSUs5N1BiSERxMStT0.../python/mqtteEUxbnI0Nm0wUC9D0.../python/mqttMXpna0IyMit1M1Yy0.../python/mqttcTE5SU9BYXRuYXNy0.../python/mqtta1BESkxQaW0reG540.../python/mqttN3QxTnlBN1ZKTHdz0.../python/mqttUk5DUG9xRWdMbWZR0.../python/mqttQnd1elBCalhDdHVm0.../python/mqttUVkva0FpaDdLdTRP0.../python/mqttblVXa0pYRHlkSWxP0.../python/mqttTnplamVJK21RRy840.../python/mqttVVFITTRQYnNjam9v0.../python/mqttdlJ2ZWMrYUpSMWxq0.../python/mqttODAzMXFjbSsyWnZJ0.../python/mqttZFIrZElEYkNXMmtZ0.../python/mqttam1OYm1XK0w2UG5L0.../python/mqttQ2Uvc3VKSjRBZVI00.../python/mqttSm1NbGVRRVJMemlt0.../python/mqttZ1huV25GUnY4Wnpp0.../python/mqttVXNyS1lVVXRNb2w50.../python/mqttV1hKazg4VjdRSE1y0.../python/mqttL0wzRkVnPT0=0.../python/mqttdata.zip:0.../python/mqttVUVzREJBb0FBQUFB0.../python/mqttQUdxRVpGWUFBQUFB0.../python/mqttQUFBQUFBQUFBQUFG0.../python/mqttQUJ3QVpHRjBZUzlW0.../python/mqttVkFrQUE4Y0NBMlFW0.../python/mqttQXdOa2RYZ0xBQUVF0.../python/mqttCjlRRUFBQVFVQUFB0.../python/mqttQVVFc0RCQlFBQ1FB0.../python/mqttSUFCMkNaRllEQXQ10.../python/mqttLzJnRUFBTklCQUFB0.../python/mqttbEFCd0FaR0YwWVM50.../python/mqttR056Z3lPVGc0UlRN0.../python/mqttMApSVGhETnpsQ1Fr0.../python/mqttTXhPVVV5TXpsQk9V0.../python/mqttSkJNVEJEUlZWVUNR0.../python/mqttQURldjRDWkJnREEy0.../python/mqttUjFlQXNBQVFUMUFR0.../python/mqttQUFCQlFBQUFDRjBE0.../python/mqttNmQKUytTWDYzalZl0.../python/mqttMFcrVWs3R3J3cmU00.../python/mqttQk1qODRmdW95dVV30.../python/mqttZExyaDU5dUtIbEZQ0.../python/mqttUlFXS3Q1L0xINkls0.../python/mqttc1JKNkIvRGU2WFNV0.../python/mqttZXg5CjRRMW1ROXBm0.../python/mqttaCtuQm9EV2wzUXFz0.../python/mqttQUVOK2VNRmJVS2JR0.../python/mqtteXRTR3lMZzBpdEdF0.../python/mqttMitSdXJnN3A0S2hs0.../python/mqttd2Z4OUlNbXRtSXNJ0.../python/mqttL0ZIZQp0SGphNzR50.../python/mqttM3hZekpuRHZwa2pN0.../python/mqttalhtL2E2VjdiNVB40.../python/mqttTFQ1eTBLL3Foc0k50.../python/mqttRC81eSt4bURTam810.../python/mqttMmRxZ0hxU0FrWWU20.../python/mqttcFMzZlEKb25qcmxa0.../python/mqttRWx5dzl6Sk9kb1dO0.../python/mqttY05OUEJ4L1R6WU1F0.../python/mqttUVIwWm1FT0M2Ykds0.../python/mqttUnBYdWE2ekhtSGNi0.../python/mqttSllWWk5uZFhlbXVi0.../python/mqttQno4OGlkCnZ1dnBo0.../python/mqttTkFEbkVZNHd1bHBv0.../python/mqttbVdrNW5JTGQrd1lT0.../python/mqttUUptc1M3Z29DZlpv0.../python/mqttalRNbytrZXpuUHRk0.../python/mqttZHlLVDk5Yi9rNkYr0.../python/mqttcTNxQmw0WgpHMzdY0.../python/mqttd09CQnJueVl1MS950.../python/mqttMU1lRU12S0dUVzdq0.../python/mqttSXBwNC8vZjVlWGlt0.../python/mqttaTArSWFjNjlyZjdQ0.../python/mqttdUFkWkpNdlhFWGZt0.../python/mqttZ3hJMUE1MGUKeElN0.../python/mqttODkrbVYvYTlzMDZ30.../python/mqttSHg4R0R5Mml5VGx10.../python/mqttbkF6VnRkdUFVcXRI0.../python/mqttKzgzVUk3VktoRlBJ0.../python/mqttTk05MVBYdm1tY01G0.../python/mqttNGJFZUdIZHVWCkZp0.../python/mqttVmh2OGNSc1NkaDFT0.../python/mqttdWFnQ2Q5N1VwQ2dt0.../python/mqttQXcxSXpRWldwUkRq0.../python/mqttWXJXQnZEUzlyS09w0.../python/mqttUDhMSVRmTVgxdTg40.../python/mqttNHQxL3cwUUcrYgpW0.../python/mqttejAvc1RxVFZ6c2JK0.../python/mqttT2d1QUNBVm9JOHNi0.../python/mqttWEFGejVnS0ZIc0ta0.../python/mqttY0ExKzNTVEQyd2lK0.../python/mqttZE5RU3djSUF3TGVm0.../python/mqttOW9CQUFEU0FRQUEK0.../python/mqttVUVzREJCUUFDUUFJ0.../python/mqttQUlDRVpGYTBlWUlB0.../python/mqttL3dNQUFFOE9BQUFL0.../python/mqttQUJ3QVpHRjBZUzh40.../python/mqttTG5SNGRGVlVDUUFE0.../python/mqttN3dJRFpONExBMlIx0.../python/mqttCmVBc0FBUVQxQVFB0.../python/mqttQUJCUUFBQUErdzNI0.../python/mqttczdZMWlMZjhQN2xa0.../python/mqttZCtUWStxNzhJOWw00.../python/mqttYy9ycXBFQTRmRnUx0.../python/mqttVU12NHZUSHBMRnEx0.../python/mqttMgpLbXllVENYZS9s0.../python/mqttQnhQQ3ZtS05YZFlC0.../python/mqttYVN6Rkh3YkV0d1p40.../python/mqttWlp4L3Nqa1JJVVk20.../python/mqttc2NmQ0RYNmcwcVhB0.../python/mqttOW9tVWtBOU5ZVE5T0.../python/mqttUnkKb2NUWEhHaURy0.../python/mqttdVRVcWVFM0hVNHVy0.../python/mqttbXJnMFA0WkdUb0Vq0.../python/mqttdTZFUkIzalN5bGth0.../python/mqttMXhPbGlkQkxsWjZo0.../python/mqtteUxMcHE5Z0FTd2VL0.../python/mqttQndzClJoUmZPUzJi0.../python/mqttK2RidHJVc21JMzA20.../python/mqttODk5UUZIR1djSUdt0.../python/mqttTXpZSXg5cHhSak1v0.../python/mqttWXhKWWJ2Ri9wL0hF....0.../python/mqttMWMrMHVnUFZGQ2tO0.../python/mqttSXgzRwpvVkFmaDE10.../python/mqttSnBwVWF6Y29ra2FS0.../python/mqttYzJacmZTcGR2YnM10.../python/mqttZkgzN3p2cFBCTGU40.../python/mqttS1BiWTZXZXFBc1Iw0.../python/mqttalRoTHZlQUE4Umx50.../python/mqttcmZWZE8KcU9iVHRY0.../python/mqttNERybS9jUDBVb1d60.../python/mqttSkMrcXNSOTVLNGJU0.../python/mqttcUpOaFdGdDc0UWVX0.../python/mqttdktVb2pSelJLaUk00.../python/mqttUGhTVWdqYzY3OVpJ0.../python/mqttYTdXYUE2Ckx1eEVF0.../python/mqttczBNUVFid2s3bmJB0.../python/mqttVTNnbGZpcnJmT21h0.../python/mqttUkVQeDRsb2VuMjN40.../python/mqttM2dBazk1TWxlV2dT0.../python/mqttSUx0TmlWYnRzMFdj0.../python/mqttSktsUnRUUwp5VWs50.../python/mqttYUF2d0dvbFJxdTM10.../python/mqttbWs0S0p0eUkyRnNW0.../python/mqttY0ZMaGVsUExvWnJM0.../python/mqttbWVtaUt6MEhMVm9s0.../python/mqttcG9RaWZNeStUeWxp0.../python/mqttdjAwLzJlR3AKMTVa0.../python/mqttQkRJdm50MFNUYUdk0.../python/mqttVE8wYlU3dkpSUlZP0.../python/mqttRHhYTlBBMHJwUERU0.../python/mqttNjUzUjlJMUNrS21G0.../python/mqttQkxTZzk4VG1FZCt40.../python/mqttVTkrOEc1S2pCCjBY0.../python/mqttNS8vd0tlWTZqYTZF0.../python/mqttVnZDTjIybkQ5ZEhF0.../python/mqttUDRSQ3M5dTBvWlFU0.../python/mqttVnlWRFMvcGl0UHgr0.../python/mqttYkgvMkw5bEp3TnU00.../python/mqttZmVCb2pQOEZvbwpG0.../python/mqttSzN3VXNGdlY0YVh50.../python/mqttVGUyekg2WVI3Q21m0.../python/mqttZXJBcFQ4ODNucWNM0.../python/mqttL1dsU2dBK1NjdVEw0.../python/mqttbDZKdDU4MVpOWnN60.../python/mqttcDBsOTA1N3I1V3QK0.../python/mqttbkM4ODdBNzIrU2920.../python/mqttRG1RMzJZaTlLcUJK0.../python/mqttRUxUWTlLVzZvQ3Bj0.../python/mqttcFJFT3pYd3BsK1Y20.../python/mqttVlduOFFUZGhQbmxz0.../python/mqttVG1qdUFYWS8vaVBD0.../python/mqttCnQxOFRQSlBmZWJV0.../python/mqttYjlDSjRFREl1aG820.../python/mqttekw1MkJ3eUFpSmlM0.../python/mqttdXA5d3Z0WmpqQWhq0.../python/mqttcUVGdVVPQ1VyOXcz0.../python/mqttdzRDeXNvUXc5U29a0.../python/mqttMwpVS1RrY2VhSEJk0.../python/mqttWW03dFRjSjNKZXdY0.../python/mqttbGZnLzRCL0kzR3Fm0.../python/mqttT2pEMTk2dkFLbG5Y0.../python/mqttTmt6QzYvUlhnU3lY0.../python/mqttZm9aVXNuUXNGOXFq0.../python/mqttaW4KcnR5Y0dQeEo20.../python/mqttUmVrUURRbWl5NmZT0.../python/mqttNmVTdGp4OGk2OXZn0.../python/mqttTldkNSs4NHpUTFBV0.../python/mqttTzIvYXFCVWVobVBT0.../python/mqttQWFENWJvdjArcTRj0.../python/mqttNnE0CkFaQlkwNE050.../python/mqttZnZkK1duN0xYbnM20.../python/mqttd2lJYW5rNEVVZlk40.../python/mqttdllabFB1aGZBY0tj0.../python/mqttQU9QcVJQaUlCcnNL0.../python/mqttdzVFeG0ySTNJRjRI0.../python/mqttdzlBcApCUXNPT29x0.../python/mqttK3pNcmFKRE9leTlY0.../python/mqttTkhIWTE0RzdpU1Q40.../python/mqttMTUxZU9xdUx1b0Za0.../python/mqttVnFzQUhxR212V0dB0.../python/mqttenVKS3hFSVd5S25r0.../python/mqttTnBrZFMKQmFKM04v0.../python/mqttL25FUGtvKzloYVlu0.../python/mqttYUk2a1QrYnhabEY50.../python/mqttcmdoNUhzMUtuVG5l0.../python/mqttMS9JU25LY3dQazRu0.../python/mqttci82WktuY2VyVTdV0.../python/mqttWm02L3FHClIvb2tX0.../python/mqttM1VmRnhrLy91N0040.../python/mqttOXZidks5cGd6aWZR0.../python/mqttNTgyWFVKcXdnWHBE0.../python/mqttbllKd1JPTS9pTFJo0.../python/mqttZHFWUFF5UTBHTWx40.../python/mqttcWVPNDhoQQpKdXNp0.../python/mqttRVhkSEZqNDJiZXBR0.../python/mqttU3djSXRIbUNBUDhE0.../python/mqttQUFCUERnQUFVRXNE0.../python/mqttQkJRQUNRQUlBT0dC0.../python/mqttWkZab25qQWVxd0VB0.../python/mqttQU5RQkFBQXAKQUJ30.../python/mqttQVpHRjBZUzlpTnps0.../python/mqtta01Ua3dNQzFrTnpZ0.../python/mqtteUxUUmlaamN0WVdZ0.../python/mqtteU1DMDJZalpsTURN0.../python/mqttek9Ea3paVGhWVkFr0.../python/mqttQUF3YitBbVFZCkF30.../python/mqttTmtkWGdMQUFFRTlR0.../python/mqttRUFBQVFVQUFBQXRn0.../python/mqttbzEwcjNNaDV1RkNv0.../python/mqttN3JGUzluRmdsb05X0.../python/mqttaTJjTlFkb3lOMW1Y0.../python/mqttaXM4UUh0R0FwUQp60.../python/mqttZk1IZUhRRWVLZzBj0.../python/mqttQ2t0RG9XUWRNSW1O0.../python/mqttcmZQQkZjQzMySlha0.../python/mqttQnlaUjliV1N1N0Yz0.../python/mqttRUxXVHY0SDg2ajk30.../python/mqttWXM2K1R1RXRUK0oK0.../python/mqttQnZDNXZadVFjN3d20.../python/mqttVWtVZVZxV1g1cmt30.../python/mqttWXVyWjVXd1JidVkw0.../python/mqttbmpzT1ZubGdBM0xK0.../python/mqttWjEwRUlmbDdxZFpF0.../python/mqttNUtQaGllY0RLSVpj0.../python/mqttCjFCR25ZTUFtSkx30.../python/mqtteU9ZWVk4TS9FdTU10.../python/mqttNmRVOEpFMUQ3bGp00.../python/mqttbnN2WlpSWStQWDln0.../python/mqttQzBFaDN0ZFpZSCt50.../python/mqttZFZuczgzanFaRTRk0.../python/mqttVwozTk51d3N6L2RB0.../python/mqttaW9wSGJZelh1VHVz0.../python/mqttcGd0MlovQ25ETlR20.../python/mqttdUNvZC9KSXdVSS9Z0.../python/mqtteFlGSjhsaUhlSTJ60.../python/mqttdVNiQjJRWnVEcWli0.../python/mqttRVkKMnJzWFBvTVMz0.../python/mqttSzVhbW5Wa0loaU9q0.../python/mqttKzRrZnpFb2VkV1Fl0.../python/mqttM3grbHlwTWVLYjZ50.../python/mqttemkxNTZKUnpCK3Qr0.../python/mqttajkzSXlMWi8wbmZv0.../python/mqttRDJQCnloVlZqaFJM0.../python/mqttY1ZDUlcrQjA5K1Ux0.../python/mqttcFB4dkcwWHQ0Z1hr0.../python/mqttTkhPV0hxYmd2bStx0.../python/mqttT3hNVlowTW1QQ2VC0.../python/mqttN3FFZHJMZWlLNXM40.../python/mqttRHp6WAo2NU9yWCtU0.../python/mqttd0EzSXZsM09uMjI40.../python/mqttMlJZcFZETUNtRzRI0.../python/mqttSEVDSnVMMkx5Y2xv0.../python/mqttazE4S1hzV1JNVHZz0.../python/mqttQTE0NFhXSW1BdHdB0.../python/mqtta2VFNSsKU0ZTZGpG0.../python/mqttQ1VEanNPMWpCQmMx0.../python/mqttQkxCd2hvbmpBZXF30.../python/mqttRUFBTlFCQUFCUVN30.../python/mqttRUNIZ01LQUFBQUFB0.../python/mqttQnFoR1JXQUFBQUFB0.../python/mqttQUFBQUFBCkFBQUFC0.../python/mqttUUFZQUFBQUFBQUFB0.../python/mqttQkFBN1VFQUFBQUFa0.../python/mqttR0YwWVM5VlZBVUFB0.../python/mqttOGNDQTJSMWVBc0FB0.../python/mqttUVQxQVFBQUJCUUFB0.../python/mqttQUJRU3dFQwpIZ01V0.../python/mqttQUFrQUNBQWRnbVJX0.../python/mqttQXdMZWY5b0JBQURT0.../python/mqttQVFBQUpRQVlBQUFB0.../python/mqttQUFBQUFBQUF0SUUv0.../python/mqttQUFBQVpHRjBZUzlH0.../python/mqttTnpneU9UZzQKUlRN0.../python/mqttMFJUaEROemxDUWtN0.../python/mqtteE9VVXlNemxCT1VK0.../python/mqttQk1UQkRSVlZVQlFB0.../python/mqttRGV2NENaSFY0Q3dB0.../python/mqttQkJQVUJBQUFFRkFB0.../python/mqttQUFGQkxBUUllCkF40.../python/mqttUUFDUUFJQUlDRVpG0.../python/mqttYTBlWUlBL3dNQUFF0.../python/mqttOE9BQUFLQUJnQUFB0.../python/mqttQUFBQUVBQUFDMGdZ0.../python/mqttZ0NBQUJrWVhSaEx60.../python/mqttRXVkSGgwVlZRRgpB0.../python/mqttQVB2QWdOa2RYZ0xB0.../python/mqttQUVFOVFFQUFBUVVB0.../python/mqttQUFBVUVzQkFoNERG0.../python/mqttQUFKQUFnQTRZRmtW0.../python/mqttbWllTUI2ckFRQUEx0.../python/mqttQUVBQUNrQUdBQUEK0.../python/mqttQUFBQUFBQUFBTFNC0.../python/mqttMndZQUFHUmhkR0V20.../python/mqttWWpjNVpERTVNREF00.../python/mqttWkRjMk1pMDBZbVkz0.../python/mqttTFdGbU1qQXRObUky0.../python/mqttWlRBek16ZzVNMlU00.../python/mqttClZWUUZBQU1HL2dK0.../python/mqtta2RYZ0xBQUVFOVFF0.../python/mqttQUFBUVVBQUFBVUVz0.../python/mqttRkJnQUFBQUFFQUFR0.../python/mqttQWRRRUFBUGtJQUFB0.../python/mqttQUFBPT0K"f=open("MQTT.txt","w")s=s.replace("0.../python/mqtt","")print(s)
提取出来后得到数据 将rsa.key的数据放入cyber里解 得到private_key 将scerect.txt放入cyber解一下后 将两个一起放入网上RSA解密得到 key
将data.zip放入cyber里解两次base64得到PK头,保存导出为zip
将key放入解开zip 在里面得到flag
flag{a3e0f096-17ed-4c0b-8895-4dd0cbabafaf}
ezudp
给了server和client
本地起服务端抓包一下得到十六进制的img数据
保存后会发现有chunk段为,删掉多出来的字段即可
然后pngcheck跑一下
没问题后,写个脚本进行反混淆
from PIL import Image, ImageOpsimport randomimg = Image.open("./final.png").convert("L")W, H = img.sizeimg_pixels = img.load()res = []for i in range(W * H):res.append((i))random.seed(114514)random.shuffle(res)a = [0 for i in range(W * H)]for i in range(len(a)):j = res.index(i)a[i] = img_pixels[j % 200, j // 200]inm = Image.new(img.mode, img.size)inm_pixels = inm.load()for i in range(W * H):inm_pixels[i % 200, i // 200] = a[i]# inm.show()ImageOps.flip(inm).rotate(-90, expand=True).show()
得到flag如下
以下是自己搓的本题动态flag出题脚本,可用作新生赛题目(
import os, randomfrom PIL import Image, ImageDraw, ImageFont# Loading FLAG from environment variables# flag = str(os.environ.get('FLAG'))# Load from /flagflag = open('/flag').read().strip()flag = flag[:13] + "n" + flag[13:26] + "n" + flag[26:37] + "n" + flag[37:]seed = 114514res = []W, H = 200, 200for i in range(W * H):res.append((i))random.seed(seed)random.shuffle(res)a = [0 for i in range(W * H)]# Drawingbackground_color = (255, 255, 255)image = Image.new("RGB", (W, H), background_color)img = ImageDraw.Draw(image)text_color = (0, 0, 0)text_width, text_height = img.textsize(flag)x = (W - text_width) / 2y = (H - text_height) / 2font = ImageFont.truetype(font="consola.ttf", size=15)img.text((x, y), flag, fill=text_color, font=font)image_pixels = image.load()image = Image.new(image.mode, image.size)inm_pixels = image.load()for i in range(W * H):inx = res.index(i)x, y = inx % W, inx // Winm_pixels[x, y] = image_pixels[i % W, i // W]image.show()image.save("flag.png")
如果一切顺利的话,会生成下面这张图
原文始发于微信公众号(Gh0xE9):2023 年全国工业和信息化技术技能大赛(工业互联网安全福建省选拔赛)暨福建省第三届工业互联网创新大赛初赛部分Writeup
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论