美文网首页Ethical HackersCTF
[XDCTF](Stego)Base64

[XDCTF](Stego)Base64

作者: 王一航 | 来源:发表于2017-10-03 00:50 被阅读282次

Base64 隐写 :
可以参考这篇文章

https://www.tr0y.wang/2017/06/14/Base64steg/
https://github.com/ctfs/write-ups-2016/tree/master/open-ctf-2016/steganography/ultra-encryption-100

给出本题的脚本 :

https://gist.github.com/WangYihang/cc8d922ae4eb5b03069c14915607f65b

#!/usr/bin/env python

encoded_data = ["bWFpbigpe2ludCBpLG5bXT17KCgoMSA8PDEpPDwgKDE8PDEpPDwoMTw8Cm==",
                "ICAgICAgIDEpPDwoMTw8KDE+PjEpKSkrKCgxPDwxKTw8KDE8PDEpKSksKCgoMQp=",
                "ICAgICAgIDw8ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAxKQq=",
                "ICAgICAgIDw8ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAoMQp=",
                "ICAgICAgIDw8MSk8PCgxPDwxKTw8ICAgICAgICAgKDE8PDEpKS0oKDE8PDEpPDwoCr==",
                "ICAgIAkxPDwxKTw8KDE8PDEpKSsgICAgICAgICgoMTw8MSk8PCgxPDwoMT4+Ch==",
                "ICAgICAgIDEpKSkrKDE8PCgxPj4xKSkpICAgICAgICAgICAgICAgICAgICAgICAgLAq=",
                "ICAgICAgICgoKDE8PDEpPDwoMTw8MSkgICAgICAgICAgICAgICAgICAgICAgICA8PAo=",
                "ICAgICAgICgxPDwxKTw8KDE8PDEpKS0oKDEgPDwxKTw8KDE8PDEpIDw8KDE8PCgxCl==",
                "ICAgICAgID4+MSkpKS0oKDE8PDEpPDwoMTw8KDE+PjEpKSkpLCgoKDE8PDEpCp==",
                "ICAgICAgIDw8KCAgICAxPDwgICAgICAgICAgICAgICAgICAgICAgICAgIDEpCt==",
                "ICAgICAgIDw8KCAgICAxPDwgICAgICAgICAgICAgICAgICAgICAgICAgIDEpCu==",
                "ICAgICAgIDw8KCAxPDwxKSktKCgxIDw8MSk8PCAoMSA8PDEpPDwoMSA8PAr=",
                "ICAgICAgICgxPj4xKSkpLSgoMTw8MSk8PCgxPDwoMT4+MSkpKSksKCgoMTw8MSk8PAo=",
                "ICAgICAgICgxPDwxKTw8KDE8PDEpPDwoMTw8MSkpLSgoMTw8MSk8PCgxPDwxKTw8KAr=",
                "ICAgICAgIDE8PCgxPj4xKSkpLSgxPDwoMT4+ICAgICAgICAgIDEpKSksKCgoMTw8MSk8PAq=",
                "ICAgICAgICgxPDwxKTw8KDE8PDEpKSsgICAgKCgxPDwxKSAgICA8PCgxPDwxKTw8Ch==",
                "ICAgICAgICgxPDwoMT4+MSkpKS0oKCAgICAgMTw8MSk8PCggICAgICAxPDwoMT4+Co==",
                "ICAgICAgIDEpKSkpLCgoMTw8MSk8PCAgICAgICgxPDwxKSAgICAgICAgPDwoMTw8MSkpCl==",
                "ICAgICAgICwoKCgxPDwxKTw8KDE8PCAgICAgIDEpPDwoICAgICAgIDE8PDEpPDwoMTw8MSkpLQr=",
                "ICAgICAgICgoMTw8MSk8PCgxPDwxKSAgICAgKS0oMTw8KDE+PjEpICAgICAgKSksKCgoCj==",
                "ICAgICAgIDE8PDEpPDwoMTw8MSk8PCggICAgMTw8MSk8PCgxPDwxKSktICAgICgoMQp=",
                "ICAgICAgIDw8ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgMQq=",
                "ICAgICAgICkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8PAp=",
                "ICAgICAgICgxPDwxKTw8KDE8PCgxPj4xKSkpLSgxPDwoMT4+MSkpKSwgKCgoMTw8MQp=",
                "ICAgICAgICk8PCgxPDwxKTw8KDE8PDEpPDwoMTw8MSkpLSgoMTw8MSk8PCAoMSAgCk==",
                "ICAgICAgIDw8ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAxCp==",
                "ICAgICAgICkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDw8Cn==",
                "ICAgICAgICggICAgIDE8PCgxPj4xKSkpKyAgICAoMTw8MSkpLCgoKDEgICAgIDw8Cj==",
                "ICAgICAgIDEpICAgIDw8KDE8PDEpPDwgICAgICAoMTw8MSk8PCgxICAgICAgIDw8Ck==",
                "ICAgICAgIDEgICAgICkpLSgoMTw8MSk8PCAgICAoMTw8MSk8PCgxICAgICAgIDw8Cj==",
                "ICAgICAgICggICAgIDE+PjEpKSktKCgxICAgICAgPDwxKTw8KDE8PCAgICAgICAoCj==",
                "ICAgICAgIDEgICAgID4+MSkpKSksKCgoMSAgICAgPDwxKTw8KDEgICAgICAgIDw8Cg==",
                "ICAgICAgIDEgICAgICk8PCgxPDwxKTw8KCAgICAgMTw8MSkpLSgoMSAgICAgIDw8Cm==",
                "ICAgICAgIDEgICAgICk8PCgxPDwxKTw8ICAgICAoMTw8MSkpKygoICAgICAgICAxCv==",
                "ICAgICAgIDw8MSk8PCgxPDwoMT4+MSkpKSksKCgoMTw8MSk8PCgxPDwxKSA8PCgxCm==",
                "ICAgICAgIDw8MSkpKygxPDwoMT4+MSkpKSwoKCgxPDwxKTw8KDE8PDEpKSArKCgxCs==",
                "ICAgICAgIDw8MSk8PCAoMTw8KDE+PjEpKSkgKyAoMTw8ICgxPj4xKSkpfSA7Zm9yCn==",
                "ICAgICAgIChpPSgxPj4xKTtpPCgoKDE8PDEpPDwoMSA8PDEpKSsoKDEgPDwxKTw8KAr=",
                "ICAgICAgIDE8PCgxPj4xKSkpKygxPDwxKSk7aSsrKSAgcHJpbnRmKCIlYyIsbltpXSk7fQp=", ]

normal_data = [e.decode("base64").encode("base64").rstrip()
               for e in encoded_data]
base64chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
flag = ""

for e, n in zip(encoded_data, normal_data):
    diff = base64chars.index(e[e.index("=") - 1]) - \
        base64chars.index(n[n.index("=") - 1])
    equalnum = e.count('=')  # no equalnum no offset
    if equalnum:
        flag += bin(diff)[2:].zfill(equalnum * 2)
    print "%x" % (int(flag, 2))

print "[+] Flag: %s" % (("%x" % int(flag, 2)).decode("hex"))

相关文章

  • [XDCTF](Stego)Base64

    Base64 隐写 :可以参考这篇文章 https://www.tr0y.wang/2017/06/14/Base...

  • [XDCTF]MISC

    OWASP http://ctf.xidian.edu.cn/challenges文件下载 下载是一个pdf文件,...

  • [XDCTF](Web)Upload

    首先题目存在文件包含漏洞 , 可以通过 : 读取到目标服务器源码例如 : 可以看到 upload.php 的上传的...

  • [XDCTF](MISC)OWASP

    题目链接:http://ctf.xidian.edu.cn/challenges (由于官网在比赛结束后已经关闭 ...

  • Mp3stego

    首先打开windows的命令行cmd 在我的电脑那里输入cmd按回车即可进入 如图: 这个是进入的图: 将下载好的...

  • 现在位置: 首页 > 独家 > 正文 XDCTF20

    现在位置:首页>独家> 正文 XDCTF2014 Writeup之Web和Crack篇 2014 /10/7 11...

  • 2.1第八条咸鱼

    家里断网了也要摸鱼哭唧唧 base64stego 打开zip 发现是有密码的 考虑伪加密 把这里0900 改成00...

  • [XDCTF](Misc)ntfs流

    题目链接: hint : ntfs流文件下载地址 分析:下载题目提供文件 : 发现是一个RAR文件 , 打开后发现...

  • dl_runtime_resolve利用

    利用_dl_runtime_resolve来解析特定的函数 这里以这里以XDCTF 2015的pwn200为例基础...

  • nodejs 图片base64处理

    一、base64转图片 二、图片url转base64 三、图片转base64

网友评论

    本文标题:[XDCTF](Stego)Base64

    本文链接:https://www.haomeiwen.com/subject/vjrxyxtx.html

    延伸阅读

    深度阅读

    • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

    栏目导航

    热点阅读

    Ethical Hackers

    CTF

    关于我们|服务条款|联系我们|[XDCTF](Stego)Base64|投稿指南|网站地图|RSS订阅|排版工具|手机版

    提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

    Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

    备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

    本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

    所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!