签到题
签到题由大小写字母数字和特殊字符()组成, 可以猜测为base85编码,可以用网站解密。
flag{base85_here}
抱我
cstring = 'abcdefghijklmnopqrstuvwxyz{}_0123456789' key = 'flag{********}' length = 300 def encode(): res = '' for i in range(1, length): c = random.randint(0, 36) res = cstring[c] for n in range(10): c = random.randint(0, len(key) - 1) res = key[c] return res #qdfl33{6{6gs3afa6{3}agf{}aagdf}6fl36d{dfl{6ay6gafddfg}{j3f}}6la{3}bfdf3}gla}65}lg6g6dflf0{dfgd3fdfgc{g6a}a3{6}mfa{}f}f}}}3363}}f6a6a7g{a}g66{d3xgfffg}a}3}_{lad}a33ga5fd33}{
{dl}{}f{3da}g}3egfal{a3l}3f33}dfdda{3sa{d6g{ff}6vgl33d6g333h{gd{
{lg6ldg{ad{3333a6oalf6a{33{de3{fa}ggl{abfd}6}6}}l33fa}f{
{3{3fla}a6}af}{amg}{
{d}}a6gallfg36{g3dh{
{
{a{lfg3{sll6g6gfaggid6d{3afl}3rff3gfad3d}1dlllff6}6}h3g66gla336b{6d3gf}f{30d63l}3dfl6a3llfgld3{}qg}gf}dg{6l}3gal}agdl6{lg{g}ddfaaealf{f3llgge3ad3{3adf{c}fllf6f}3at{aag}a66d3}ad{dfg{}dlz6gld}6{3flxgf{3g3ald}3g}g63f6ggf3}gfd}f3ga3efllf6}363fu6366fdlggfx6}6l3}}a{afg{
{}}3fdaluaa}al{dg3dpfga}}l}d3l4afg}f{d{lgcfgffglal}dq6l}fgflldavdad6}df{}dw}l6g}}{l3gf6fdaa66aadt}f6lg{dg33h{fa3d{}laao3l6aal{lfdv{3dlf6af36bddg}3ggad3o}{}3g3fgddyffd3lddgdd6{gdfl{
{la3ild}dg{g}dgef{a3{d6dfgq3adll{fdadt}66fdflg{3x{l3ll}3{
{g4a3af6lag3gdaf66dadg6dfglaf66l3f{2}6{afaf}3l6all}{l}lfdla6{fgff{}g13dl{a{6{l6rd6}}l3dgg3_f{66gll{f6a3d3dga6{lg}{g}d{6{d36lll3dd6{3dg3afal}d}gff26}l}al}}{a6}g66gaaff}0fga{g6dfld{
{}fglf{af}iddf6g6}l361{ag}{
{dlfak}{d3fa{6{godgg{l36a{gmllgfa3fa{}f}}3{a6{a3{nafg{l3d6}g2lf6{gg}{g}sg{ga{63g{}la6g{g6{
{63o6{l}{3}l3ag36{af33g3dw6d33f3lfdan{dddad{
{6l6}}fad63lgd1ffaa}g}3flkg3d}aalf3lbgf{g}f}}d3agf{ld{dl3l4fl{
{3fla}}r3g}{}gda{}_df3g}fa36gq}la{f{6l}66fgdg}6ag6feaal6all3{d}lfgl}}{
{6lal}gf}}gfgd4d{g36daff}l6fd63ag6}f7}l3{
{d}{al6lff66gda}f7dfaf6}fd3ldfgfl36gf337a6al663afd{dff}6}df{lt}66}ag6a3{na}3la{6daa}63fgldf3ggcl6dd{3fg{}}gfgaf{633lpfadalldgglg{l}{6}gf{agf6{3l3a366wa6l6}fdla}wfl}33}d{6d6aa}laldag}bgaa3gff}3db{gd}lfga3{}ffddd6}{la4}3{agdg3{}bf33adg3a632d}66f}dgd67}{333dfg}}mgg3all3l}fd6dd3{g}{}}v6}a6f6lgd3nfgg6aff3a}d3da{l3ldldz{}{}g3}6fdg6f{gd{g3adx{gll6{fg3dc63lf}6dl{d63f3g{3adda5f3dgfla3{6}gd{3{d6dlldal6g66}{ddp}lalafd}d{lgl}g6g33agjg}33dgf}lg0adlda6gfdlx{3g}{g3a{a76}gdf3la}lh}l{l{}}a6gm{gdd{agg}6xfgg}{336}d_a{df3}df33jgf}6d3}}f}h3l{6ga6fll2}dd{l36d66}ldafdlga3gbgd}d6df}ff1gf6a{ll3a3w{3g}allfafldal}aal}dlra33l3f}3dff{6{6}f}la}lgf}}}gd{f3z3l3{d3636dpl3fag3{faa1{3ga33l}6ll6{gg6}ddf}t6g}{gl6ggl{d}aafalf{lw6a{dad}}a3x{ada{fg6d}a3g{d{fggdawdfal{
{3dlfndl636}36alv633ada6gf6hd{3l66ddlfpglda}{g3fdogdfa3}3g}3k3d3gda33}dvd}laa{fa{a{
{}a}36}}}{r6d6{a6}}6{0laa36gd{36kf63a{3}gga4af6}f3gfgf0lf{6g}{
{6}pafg6dg}g6{b}3d36ad6d{h6f3agff}63p}{l3ag3}lf1f3dgd{66a37}}}d6gglaftaf3l6a3{
{a7{lgd3d}fl6tlfl663lgg3wa}33gl}d{3i6aaagl6{
{}n3gd}l3l6}l7a{gf{a}l}f3al{alg63fln{
{dd}3l{ll1}{3g}6{6}{u63{f3{g6lgf{3d}{636}{u3}{f6d{
{d3lg{3l6aldf{i{f366{f3l{eg{d{gll{3dhgdgfgaf{}}g}{lg3{a{flm}fa3ldf{d32fagllf{
{66q363}dl66gg2fa6af6d6g37lffl{d{3lltgl33}}{}d3o{lfld3d{}a6a663a66{fabfd6ld333g3rafa}}fddfgt{ggad3ag}lr63af6lgg}gy{6{
{6}6dd626{gl6a{ad3b3df}alf3afdaf66ll}lf6jd}3{6dldfgg}f3lg63l{lr3ff3l{gafaa}f}agl6l33xglfggg{
{
{fq66}g6lfa3{736lllflalglf}{}gf{aggdg3{a}}da{fp6fglla3l}65gf36{l6dl}g}f{la6{l{fpf{}63{f6gdfaalf6{dffgdgf{lgaf{f{56}g6af63l6a}a}{lfa{3gblda}l}{fl{s{g}}6{g6la56g6g3{f}ddfaa{l}dg6g}0glda6{6d}ff}f{6laadd6zaag{l3l}6dc}f3gg}lffgsag}l3l6d3apd3gd3fd}}aga3ga}a3{6f1f3df{
{d}}av3laf}6adf3_d{afa6f}adt{faf{d33aaol3}{l}ld}3yl3a6a{fa6}_d33gf3fll}of{6lad}}fdx}6d{f}ll63ugag66d{6f3}33}al6l{ffwf{}{fl3a36ogg3{}}g6}3hl}6dg6ld{digaa}g}{
{l}da{ddg3{
{d}w3}ld}adgg3m{lad{gd{a{7afff}{d6}fsf3{f}gflgavfldg6a6{ldqf}fd{f3f3}73ddad{666fz6}d{3{l36a1d6fal3fl6lrl{}aga{fdlsa}{6l6ag3gtgdg{6lgf3f 这是一个非常简单的脚本,它的意思是,将flag存到key然后进行一个循环结构来满足我们的要求flag分成单个字母,然后循环迭代,最后得到res,所以最后一行是最后一行flag,但是我们不知道flag里面有什么字符,试着观察每个字符的频率.
但首先,我们应该从0开始,每搁置10个字符,删除第一个字母,因为首字母可以从代码中分析cstring中间的字母,后面是flag内容,依次循环,现在可以写剧本了:
def decode(res): flag = '' for i in range(1, len(res), 11): flag = res[i:i 10] return flag res='qdfl33{6{6gs3afa6{3}agf{}aagdf}6fl36d{dfl{6ay6gafddfg}{j3f}}6la{3}bfdf3}gla}65}lg6g6dflf0{dfgd3fdfgc{g6a}a3{6}mfa{}f}f}}}3363}}f6a6a7g{a}g66{d3xgfffg}a}3}_{lad}a33ga5fd33}{ !-- -->{dl}{}f{3da}g}3egfal{a3l}3f33}dfdda{3sa{d6g{ff}6vgl33d6g333h{gd{
{lg6ldg{ad{3333a6oalf6a{33{de3{fa}ggl{abfd}6}6}}l33fa}f{
{3{3fla}a6}af}{amg}{
{d}}a6gallfg36{g3dh{
{
{a{lfg3{sll6g6gfaggid6d{3afl}3rff3gfad3d}1dlllff6}6}h3g66gla336b{6d3gf}f{30d63l}3dfl6a3llfgld3{}qg}gf}dg{6l}3gal}agdl6{lg{g}ddfaaealf{f3llgge3ad3{3adf{c}fllf6f}3at{aag}a66d3}ad{dfg{}dlz6gld}6{3flxgf{3g3ald}3g}g63f6ggf3}gfd}f3ga3efllf6}363fu6366fdlggfx6}6l3}}a{afg{
{}}3fdaluaa}al{dg3dpfga}}l}d3l4afg}f{d{lgcfgffglal}dq6l}fgflldavdad6}df{}dw}l6g}}{l3gf6fdaa66aadt}f6lg{dg33h{fa3d{}laao3l6aal{lfdv{3dlf6af36bddg}3ggad3o}{}3g3fgddyffd3lddgdd6{gdfl{
{la3ild}dg{g}dgef{a3{d6dfgq3adll{fdadt}66fdflg{3x{l3ll}3{
{g4a3af6lag3gdaf66dadg6dfglaf66l3f{2}6{afaf}3l6all}{l}lfdla6{fgff{}g13dl{a{6{l6rd6}}l3dgg3_f{66gll{f6a3d3dga6{lg}{g}d{6{d36lll3dd6{3dg3afal}d}gff26}l}al}}{a6}g66gaaff}0fga{g6dfld{
{}fglf{af}iddf6g6}l361{ag}{
{dlfak}{d3fa{6{godgg{l36a{gmllgfa3fa{}f}}3{a6{a3{nafg{l3d6}g2lf6{gg}{g}sg{ga{63g{}la6g{g6{
{63o6{l}{3}l3ag36{af33g3dw6d33f3lfdan{dddad{
{6l6}}fad63lgd1ffaa}g}3flkg3d}aalf3lbgf{g}f}}d3agf{ld{dl3l4fl{
{3fla}}r3g}{}gda{}_df3g}fa36gq}la{f{6l}66fgdg}6ag6feaal6all3{d}lfgl}}{
{6lal}gf}}gfgd4d{g36daff}l6fd63ag6}f7}l3{
{d}{al6lff66gda}f7dfaf6}fd3ldfgfl36gf337a6al663afd{dff}6}df{lt}66}ag6a3{na}3la{6daa}63fgldf3ggcl6dd{3fg{}}gfgaf{633lpfadalldgglg{l}{6}gf{agf6{3l3a366wa6l6}fdla}wfl}33}d{6d6aa}laldag}bgaa3gff}3db{gd}lfga3{}ffddd6}{la4}3{agdg3{}bf33adg3a632d}66f}dgd67}{333dfg}}mgg3all3l}fd6dd3{g}{}}v6}a6f6lgd3nfgg6aff3a}d3da{l3ldldz{}{}g3}6fdg6f{gd{g3adx{gll6{fg3dc63lf}6dl{d63f3g{3adda5f3dgfla3{6}gd{3{d6dlldal6g66}{ddp}lalafd}d{lgl}g6g33agjg}33dgf}lg0adlda6gfdlx{3g}{g3a{a76}gdf3la}lh}l{l{}}a6gm{gdd{agg}6xfgg}{336}d_a{df3}df33jgf}6d3}}f}h3l{6ga6fll2}dd{l36d66}ldafdlga3gbgd}d6df}ff1gf6a{ll3a3w{3g}allfafldal}aal}dlra33l3f}3dff{6{6}f}la}lgf}}}gd{f3z3l3{d3636dpl3fag3{faa1{3ga33l}6ll6{gg6}ddf}t6g}{gl6ggl{d}aafalf{lw6a{dad}}a3x{ada{fg6d}a3g{d{fggdawdfal{
{3dlfndl636}36alv633ada6gf6hd{3l66ddlfpglda}{g3fdogdfa3}3g}3k3d3gda33}dvd}laa{fa{a{
{}a}36}}}{r6d6{a6}}6{0laa36gd{36kf63a{3}gga4af6}f3gfgf0lf{6g}{
{6}pafg6dg}g6{b}3d36ad6d{h6f3agff}63p}{l3ag3}lf1f3dgd{66a37}}}d6gglaftaf3l6a3{
{a7{lgd3d}fl6tlfl663lgg3wa}33gl}d{3i6aaagl6{
{}n3gd}l3l6}l7a{gf{a}l}f3al{alg63fln{
{dd}3l{ll1}{3g}6{6}{u63{f3{g6lgf{3d}{636}{u3}{f6d{
{d3lg{3l6aldf{i{f366{f3l{eg{d{gll{3dhgdgfgaf{}}g}{lg3{a{flm}fa3ldf{d32fagllf{
{66q363}dl66gg2fa6af6d6g37lffl{d{3lltgl33}}{}d3o{lfld3d{}a6a663a66{fabfd6ld333g3rafa}}fddfgt{ggad3ag}lr63af6lgg}gy{6{
{6}6dd626{gl6a{ad3b3df}alf3afdaf66ll}lf6jd}3{6dldfgg}f3lg63l{lr3ff3l{gafaa}f}agl6l33xglfggg{
{
{fq66}g6lfa3{736lllflalglf}{}gf{aggdg3{a}}da{fp6fglla3l}65gf36{l6dl}g}f{la6{l{fpf{}63{f6gdfaalf6{dffgdgf{lgaf{f{56}g6af63l6a}a}{lfa{3gblda}l}{fl{s{g}}6{g6la56g6g3{f}ddfaa{l}dg6g}0glda6{6d}ff}f{6laadd6zaag{l3l}6dc}f3gg}lffgsag}l3l6d3apd3gd3fd}}aga3ga}a3{6f1f3df{
{d}}av3laf}6adf3_d{afa6f}adt{faf{d33aaol3}{l}ld}3yl3a6a{fa6}_d33gf3fll}of{6lad}}fdx}6d{f}ll63ugag66d{6f3}33}al6l{ffwf{}{fl3a36ogg3{}}g6}3hl}6dg6ld{digaa}g}{
{l}da{ddg3{
{d}w3}ld}adgg3m{lad{gd{a{7afff}{d6}fsf3{f}gflgavfldg6a6{ldqf}fd{f3f3}73ddad{666fz6}d{3{l36a1d6fal3fl6lrl{}aga{fdlsa}{6l6ag3gtgdg{6lgf3f'
print(decode(res))最后出来就是flag里的字符,再去统计频率,这里直接上代码,
res='dfl33{6{6g3afa6{3}ag{}aagdf}6f36d{dfl{6a6gafddfg}{3f}}6la{3}fdf3}gla}6}lg6g6dflf{dfgd3fdfg{g6a}a3{6}fa{}f}f}}}363}}f6a6ag{a}g66{d3gfffg}a}3}{lad}a33gafd33}{
{dl}}f{3da}g}3gfal{a3l}333}dfdda{3a{d6g{ff}6gl33d6g333{gd{
{lg6ld{ad{3333a6alf6a{33{d3{fa}ggl{afd}6}6}}l3fa}f{
{3{3fa}a6}af}{ag}{
{d}}a6gllfg36{g3d{
{
{a{lfg3{ll6g6gfaggd6d{3afl}3ff3gfad3d}dlllff6}6}3g66gla336{6d3gf}f{3d63l}3dfl63llfgld3{}g}gf}dg{6l3gal}agdl6lg{g}ddfaaalf{f3llgg3ad3{3adf{}fllf6f}3a{aag}a66d3ad{dfg{}dl6gld}6{3flgf{3g3ald}g}g63f6ggf}gfd}f3ga3fllf6}363f6366fdlggf6}6l3}}a{ag{
{}}3fdalaa}al{dg3dfga}}l}d3lafg}f{d{lgfgffglal}d6l}fgflldadad6}df{}d}l6g}}{l3g6fdaa66aad}f6lg{dg33{fa3d{}laa3l6aal{lfd{3dlf6af36ddg}3ggad3}{}3g3fgddffd3lddgdd{gdfl{
{la3ld}dg{g}dgf{a3{d6dfg3adll{fdad}66fdflg{3{l3ll}3{
{ga3af6lag3gaf66dadg6dglaf66l3f{}6{afaf}3lall}{l}lfda6{fgff{}g3dl{a{6{l6d6}}l3dgg3f{66gll{f63d3dga6{lg{g}d{6{d36ll3dd6{3dgafal}d}gff6}l}al}}{a}g66gaaff}fga{g6dfld{}fglf{af}ddf6g6}l36{ag}{
{dlfa}{d3fa{6{gdgg{l36a{gllgfa3fa{}}}3{a6{a3{afg{l3d6}glf6{gg}{g}g{ga{63g{}a6g{g6{
{636{l}{3}l3a36{af33g3d6d33f3lfda{dddad{
{6l}}fad63lgdffaa}g}3flg3d}aalf3lgf{g}f}}d3gf{ld{dl3lfl{
{3fla}}3g}{}gda{}df3g}fa36g}la{f{6l}6fgdg}6ag6faal6all3{dlfgl}}{
{6ll}gf}}gfgdd{g36daff}6fd63ag6}f}l3{
{d}{allff66gda}fdfaf6}fd3lfgfl36gf33a6al663afddff}6}df{l}66}ag6a3{a}3la{6daa63fgldf3ggl6dd{3fg{}gfgaf{633lfadalldggl{l}{6}gf{af6{3l3a366a6l6}fdla}fl}33}d{6daa}laldag}gaa3gff}3d{gd}lfga3{ffddd6}{la}3{agdg3{}f33adg3a63d}66f}dgd6}{333dfg}}gg3all3l}f6dd3{g}{}}6}a6f6lgd3fgg6aff3a}3da{l3ldld{}{}g3}6fd6f{gd{g3ad{gll6{fg3d63lf}6dl{d3f3g{3addaf3dgfla3{6gd{3{d6dllal6g66}{dd}lalafd}d{gl}g6g33agg}33dgf}lgadlda6gfdl{3g}{g3a{a6}gdf3la}l}l{l{}}a6g{gdd{agg}6fgg}{336}da{df3}df33gf}6d3}}f}3l{6ga6fll}dd{l36d66ldafdlga3ggd}d6df}ffgf6a{ll3a3{3g}allfafdal}aal}dla33l3f}3df{6{6}f}la}gf}}}gd{f33l3{d3636dl3fag3{faa{3ga33l}6l6{gg6}ddf}6g}{gl6ggld}aafalf{l6a{dad}}a3{ada{fg6d}3g{d{fggdadfal{
{3dlfdl636}36al633ada6gf6d{3l66ddlfglda}{g3fdgdfa3}3g}33d3gda33}dd}laa{fa{a{}a}36}}}{6d6{a6}}6{laa36gd{36f63a{3}ggaaf6}f3gfgflf{6g}{
{6}afg6dg}g6{}3d36ad6d{6f3agff}63}{l3ag3}lff3dgd{66a3}}}d6gglafaf3l6a3{
{a{lgd3d}fl6lfl663lgg3a}33gl}d{36aaagl6{
{}3gd}l3l6}la{gf{a}l}fal{alg63fl{
{dd}3l{ll}{3g}6{6}{63{f3{g6lg{3d}{636}{3}{f6d{
{d3g{3l6aldf{
{f366{f3l{g{d{gll{3dgdgfgaf{}}}{lg3{a{fl}fa3ldf{d3fagllf{
{66363}dl66ggfa6af6d6g3lffl{d{3llgl33}}{}d3{lfld3d{}aa663a66{fafd6ld333g3afa}}fddfg{ggad3ag}l63af6lgg}g{6{
{6}6dd66{gl6a{ad33df}alf3afaf66ll}lf6d}3{6dldfg}f3lg63l{l3ff3l{gafa}f}agl6l33glfggg{
{
{f66}g6lfa3{36lllflalgf}{}gf{aggg3{a}}da{f6fglla3l}6gf36{l6dl}}f{la6{l{ff{}63{f6gdaalf6{dffggf{lgaf{f{6}g6af63l6}a}{lfa{3glda}l}{fl{
{g}}6{g6la6g6g3{f}ddaa{l}dg6g}glda6{6d}f}f{6laadd6aag{l3l}6d}f3gg}lffgag}l3l6d3ad3gd3fd}}aa3ga}a3{6ff3df{
{d}}a3laf}6adf3d{afa6f}ad{faf{d33aal3}{l}ld}3l3a6a{fa6}d33gf3fll}f{6lad}}fd}6d{f}ll63gag66d{6f333}al6l{fff{}{fl3a36gg3{}}g6}3l}6dg6ld{dgaa}g}{
{l}a{ddg3{
{d}3}ld}adgg3{lad{gd{a{afff}{d6}ff3{f}gflgafldg6a6{ldf}fd{f3f3}3ddad{666f6}d{3{l36ad6fal3fl6ll{}aga{fdla}{6l6ag3ggdg{6lgf3f'
flag='abcdefghijklmnopqrstuvwxyz{}_0123456789'
for m in range(len(flag)):
num=0
for i in range(len(res)):
if flag[m] in res[i]:
num += 1
print(num)但是这个脚本出来的结果是这样的
是的,它没有前缀只有个数,所以这是一个比较失败的脚本,但可以做题,日后再慢慢修改吧(主要因为我懒),最后一共有9个字符,按出现频率大小排序就好,flag为flag{36d}.
妈呀,完了
还有一个附件png文件,但是我用wps打不开,以为又想之前的题一样,要用winhex,结果我试了试画图工具,出来一个
这不妥妥的玛雅文字,所以这道题应该和玛雅有关。
接下来先把上面给出的二进制文件转换成字符,就有
a='01000100010100110111100100110011010010100111100101001011011101100101000001000011010100000110110101001000001101000101011101000011011110100010101101010100011010000101011101101001001100100100011001100111010010110110111100111001011001010101001101010000010101010011010001100101001101010110011100101011011010100101101001010101001100110100011001110010010101110100111001110110010011000100110100110101001101010110101101000101011001100011000101101000010001010110110101001110011100100111010100101011010011100100010100110011'
for i in range (0,len(a),8):
b=''.join(str(int(a[i:i+8],2)))
print(b)这个脚本运行出来,得到的是类似与68等等的ASCLL值,因此我们还需要再转换ASCLL值,这里我用的是笨办法,一个一个对应着转换,如果有简便一些的方法求推荐,最后得到的是,
DSy3JyKvPCPmH4WCz+ThWi2FgKo9eSPU4e5g+jZU3FrWNvLM55kEf1hEmNru+NE3,64位且有加号,可以去试着向非对称加密方向想想,但转念一想“玛雅”这个信息不是还没用么,研究了半天玛雅文字,还是没有结果最后也是问了别人才知道,妈呀完了的意思是玛雅完了,然而玛雅人预言世界末日那天是2012年12月21日,对应着题目的“完了”,所以这道题的密钥就是20121221,然后AES解密就好了。
最后为flag{第13个伯克盾将会结束}.