BUUCTF：蜘蛛侠呀

原创

末初mochu7 2023-06-19 15:56:29 ©著作权

©著作权归作者所有：来自51CTO博客作者末初mochu7的原创作品，请联系作者获取转载授权，否则将追究法律责任

https://buuoj.cn/challenges#%E8%9C%98%E8%9B%9B%E4%BE%A0%E5%91%80

BUUCTF：蜘蛛侠呀_Python

out.pcap

BUUCTF：蜘蛛侠呀_ci_02

所有的icmp包后面都跟了一串数据，使用tshark把这些全部提取出来

tshark -r out.pcap -T fields -e data > data.txt

BUUCTF：蜘蛛侠呀_Python_03

有重复，Python去重

with open('data.txt', 'r') as file:
    res_list = []
    lines = file.readlines()
    print('[+]去重之前一共{0}行'.format(len(lines)))
    print('[+]开始去重，请稍等.....')
    for i in lines:
        if i not in res_list:
            res_list.append(i)
    print('[+]去重后一共{0}行'.format(len(res_list)))
    print(res_list)

with open('data1.txt', 'w') as new_file:
    for j in res_list:
        new_file.write(j)

BUUCTF：蜘蛛侠呀_Python_04

将十六进制数据转为字符

import binascii

with open('data1.txt','r') as file:
    with open('data2.txt','wb') as data:
        for i in file.readlines():
            data.write(binascii.unhexlify(i[:-1]))

BUUCTF：蜘蛛侠呀_ci_05

去掉首尾两行，再去掉$$START$$和换行，Python将base64解码以字节流形式写成zip

import base64

with open('data3.txt','rb') as file:
    with open('res.zip','wb') as new_file:
        new_file.write(base64.b64decode(file.read()))

BUUCTF：蜘蛛侠呀_Python_06

flag.gif

BUUCTF：蜘蛛侠呀_ci_07

时间隐写，真是我见过最骚的隐写，Ubuntu下使用identify

identify -format "%T" flag.gif
2050502050502050205020202050202020205050205020502050205050505050202050502020205020505050205020206666

20替换为050替换为1

011011010100010000110101010111110011000101110100

>>>int('011011010100010000110101010111110011000101110100',2)
120139720634740

>>> hex(120139720634740)
'0x6d44355f3174'

>>> binascii.unhexlify('6d44355f3174')
b'mD5_1t'

>>> hashlib.md5('mD5_1t'.encode('utf-8')).hexdigest()
'f0f1003afe4ae8ce4aa8e8487a8ab3b6'

flag{f0f1003afe4ae8ce4aa8e8487a8ab3b6}

上一篇：BUUCTF：[GXYCTF2019]gakki

下一篇：BUUCTF：喵喵喵

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯