Welcome
- 公众号签到
flag{ausjnhjajfjakjw45}
easy_crypto
- 这道题iv直接给了 直接推就行
#!usr/bin/python
#_*_ coding=UTF-8 _*_
from Crypto.Cipher import AES
from binascii import b2a_hex, a2b_hex
from Crypto import Random
import sys,base64
#from FLAG import flag
class CryptoError(Exception):
pass
class aesdemo:
#aes = AES.new(key,mode)
def __init__(self,key):
self.key = key
#self.BS=BS
def pad(self,msg):
#BS = AES.block_size
# aes数据分组长度为128 bit
byte = 16 - len(msg) % 16
return msg + chr(byte) * byte
def unpad(msg):
if not msg:
return ''
return msg[:-ord(msg[-1])]
def xor(self,a, b):
#assert len(a) == len(b)
return ''.join([chr(ord(ai)^ord(bi)) for ai, bi in zip(a,b)])
def split_by(self,data,step):
return [data[i : i+step] for i in xrange(0, len(data), step)]
def encrypt(self, plaintext):
# 生成随机初始向量IV
iv = Random.new().read(16)
aes = AES.new(self.key,AES.MODE_CBC,iv)
prev_pt = iv
prev_ct = iv
ct=""
msg=self.pad(plaintext)
print(msg)
for block in self.split_by(msg, 16):
ct_block = self.xor(block, prev_pt)
ct_block = aes.encrypt(ct_block)
ct_block = self.xor(ct_block, prev_ct)
ct += ct_block
# print(b2a_hex(ct))
return b2a_hex(iv + ct)
def tsb_decrypt(self, msg):
#1
msg = a2b_hex(msg)
print(msg)
iv, msg = msg[:16], msg[16:]
prev_pt = iv
prev_ct = iv
pt = ''
aes = AES.new(self.key, AES.MODE_CBC, iv)
for block in self.split_by(msg, 16):
pt_block = self.xor(block, prev_ct)
pt_block = aes.decrypt(pt_block)
pt_block = self.xor(pt_block, prev_pt)
pt += pt_block
# prev_pt = pt_block
# prev_ct = block
# pt, mac = pt[:-16], pt[-16:]
# if mac != iv:
# print(1)
# print pt.encode('hex')
return (pt)
def decrypt(self, ciphertext,iv):
ciphertext = a2b_hex(ciphertext)
# iv = ciphertext[0:AES.block_size]
ciphertext = ciphertext[AES.block_size:len(ciphertext)]
cryptor = AES.new(self.key, AES.MODE_CBC, iv)
plaintext = cryptor.decrypt(ciphertext)
return plaintext.rstrip(chr(0))
# 测试模块
if __name__ == '__main__':
BS = AES.block_size # aes数据分组长度为128 bit
# 524160f3d098ad937e252494f827f8cf26cc549e432ff4b11ccbe2d8bfa76e5c6606aad5ba17488f11189d41bca45baa
key="asdfghjkl1234567890qwertyuiopzxc"
demo = aesdemo(key)
# e = demo.encrypt("flag{}")
# print("加密:", e)
e= '524160f3d098ad937e252494f827f8cf26cc549e432ff4b11ccbe2d8bfa76e5c6606aad5ba17488f11189d41bca45baa'
a=demo.tsb_decrypt(e)
print(a)
exit()
得到flag pcbctf{345f3_asss3_loasd_aswew}
Traffic Light
-
这个题目有 1168 张图片
提取出后将图片划分为012
import os
from PIL import Image
def main(gif_file):
png_dir = gif_file[:-4] + '/'
os.mkdir(png_dir)
img = Image.open(gif_file)
try:
while True:
current = img.tell()
print(current)
img.save(png_dir+str(current)+'.png')
img.seek(current+1)
except:
pass
import time
# gif_file = 'Traffic_Light.gif'
# main(gif_file)
def getf(word):
dict = {'.-': 'A', '-...': 'B', '-.-.': 'C', '-..': 'D', '.': 'E', '..-.': 'F', '--.': 'G', '....': 'H', '..': 'I',
'.---': 'J', '-.-': 'K', '.-..': 'L', '--': 'M', '-.': 'N', '---': 'O', '.--.': 'P', '--.-': 'Q',
'.-.': 'R', '...': 'S', '-': 'T', '..-': 'U', '...-': 'V', '.--': 'W', '-..-': 'X', '-.--': 'Y',
'--..': 'Z', '.----': '1', '..---': '2', '...--': '3', '....-': '4', '.....': '5', '-....': '6',
'--...': '7', '---..': '8', '----.': '9', '-----': '0', '..--..': '?', '-..-.': '/', '-.--.-': '()',
'-....-': '-', '.-.-.-': '.'}
word=word.split(' ')
for i in word:
try:
print(dict[i],end='')
except:
a =1
print('')
if __name__ == '__main__':
gif_file = 'Traffic_Light.gif'
main(gif_file)
imgs = './Traffic_Light/{png}.png'
word = ''
k=0
for i in range(0,1168,2):
# print(imgs.format(png=str(i)))
img = Image.open(imgs.format(png=str(i)))
# img = img.convert('RGBA')
data = (img.getpixel((100, 50)))# 100 50 1 00 150
if data != 14 and data != 69:
k=k+1
word+='0'
print('.',end='')
continue
# print('data', data)
data = (img.getpixel((100, 100)))# 100 50 1 00 150
# print(data)
if data != 14 and data != 69:
k = k + 1
word += '1'
print('-',end='')
continue
# print('data', data)
data = (img.getpixel((100, 150)))# 100 50 1 00 150
if data != 14 and data != 69:
k = k + 1
word += '2'
print('/',end='')
continue
# word += '/'
# print('/', end='')
# print('data',data)
# img.show()
# time.sleep(1)
# img.close()
# cropImg = img.crop((0,0,100,50))
# cropImg.show()
# exit()
print()
print(k)
# exit()
print()
print(word)
word1=word.replace('1','.')
word1=word1.replace('0','-')
word1=word1.replace('2','/')
print(word1)
getf(word1)
word1=word.replace('1','-')
word1=word1.replace('0','.')
word1=word1.replace('2','/')
print(word1)
getf(word1)
word1=word.replace('1','-')
word1=word1.replace('0','/')
word1=word1.replace('2','.')
print(word1)
getf(word1)
word1=word.replace('1','.')
word1=word1.replace('0','/')
word1=word1.replace('2','-')
print(word1)
getf(word1)
word1=word.replace('1','/')
word1=word1.replace('0','.')
word1=word1.replace('2','-')
print(word1)
getf(word1)
word1=word.replace('1','/')
word1=word1.replace('0','-')
word1=word1.replace('2','.')
print(word1)
getf(word1)
.--..--./.--.--../.--....-/.--..---/.----.--/.-.-..../.--.--../..--..--/..--.-../.---..--/..--..--/.-.-----/.---..../..--.-../.----..-/.-.-----/..--.-../.---.-../.---.-../..--..--/.--.---./.---.-../..--...-/..--..../.--.---./.-.-----/.---.-../..--..../.-.-----/.---.-../.---..-./..--.-../.--..--./.--..--./..--...-/.--...--/.-.-----/.---..--/..--.-../.--..--./..--..--/.---.-../.----..-/.-.-----/.---.---/.--.-.../..--..--/.--.---./.-.-----/.----..-/..--..../.---.-.-/.-.-----/..--.-../.---..-./..--..--/.-.-----/..--..../.---.-.-/.---.-../.---..--/..--...-/.--..-../..--..--/.-----.-
- 经过网站 www.atool.org/morse.php 解密
%u66%u6c%u61%u67%u7b%u50%u6c%u33%u34%u73%u33%u5f%u70%u34%u79%u5f%u34%u74%u74%u33%u6e%u74%u31%u30%u6e%u5f%u74%u30%u5f%u74%u72%u34%u66%u66%u31%u63%u5f%u73%u34%u66%u33%u74%u79%u5f%u77%u68%u33%u6e%u5f%u79%u30%u75%u5f%u34%u72%u33%u5f%u30%u75%u74%u73%u31%u64%u33%u7d
进行unicode 解码
image-20181201225128863.pngflag{Pl34s3_p4y_4tt3nt10n_t0_tr4ff1c_s4f3ty_wh3n_y0u_4r3_0uts1d3}
### WEB three-body1
-
这道题非预期解:
-
直接dirsearch扫目录 扫到了.bash_history .bash_logout 等等在home目录下的文件
-
.bash_history 里面有flag的操作记录,于是直接下载flag.txt 直接读取到(顺手将flag.txt加入字典中)
flag{Three_b0dy_1s_AMAZ1NG}
Quotes
Maya Angelou的名言
My+mission+in+life+is+not+mer ely+to+survive+but to+thrive+and+to+do+so+w ith+s ome+pass i on+some+compass ion+so me+humor+and+some+style
多次测试后发现 将+号去除,以空格分割字符串,每组字符串长度对应a-z
X = []
Y = {}
for i in range(27):
X.append(i + 1)
# Y.append(chr(97 + i))
Y[i]=chr(96 +i)
print(X)
print(Y)
word='My+mission+in+life+is+not+mer ely+to+survive+but to+thrive+and+to+do+so+w ith+s ome+pass i on+some+compass ion+so me+humor+and+some+style'
nu = 0
word =word.replace('+','')
word =word.split(' ')
print(word)
for i in word:
# print(len(i))
print(Y[len(i)],end='')
#word`games
Flag 为flag{word games}
网友评论