zoukankan      html  css  js  c++  java

  • 攻防世界 你猜猜

    题目

    题目给了一个txt,内容如下

    504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000

    分析

    1. 看到开头的504B0304,显然这是一个zip文件的16进制形式数据,将其恢复成原格式(注意write只能写入bytes类型数据)
    from Crypto.Util.number import *

f = open("guess.zip","wb")
s = 0x504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000
f.write(long_to_bytes(s))
f.close()
    1. 得到zip文件后解压发现需要密码,从16进制中也没看到伪加密的痕迹
    2. 利用Ziperello爆破得到密码123456
    3. 解压并打开flag.txt,结果为

    daczcasdqwdcsdzasd
  • 相关阅读:
    Serverless
    Kubernetes
    下一代微服务-ServiceMesh
    SOA服务治理
    微服务架构
    RPC之Thrift
    【MySQL】MySQL高可用架构之MHA
    远程通信的几种选择(RPC,Webservice,RMI,JMS的区别)
    Redis与Memcached的区别
    LVS简介
  • 原文地址:https://www.cnblogs.com/vict0r/p/13550033.html
Copyright © 2011-2022 走看看