picoctf general skills-easy 部门题目详解(1)
实验介绍:ctf竞赛(Capture The Flag)是网络安全技术人员代替真实攻击,比拼技术的竞赛。
又名夺旗赛,是以拿到flag为目标的比赛。picoctf上的题目比较适合新手练习。
但是注册picoctf账号须要安装插件才气有人机验证,才气正常注册。
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323101945068-2056273119.png
插件的设置如图:
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323102054020-25434875.png
一:
1. Lets Warm Up
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308213157155-216045693.png
读题:一个字符在16进制中是0x70,那么在ASCII表中是什么?
用ASCII表可以看出来0x70的字符是p
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308214844318-200403019.png
答案有固定的格式picoCTF{},这个在左边的提示中提到。
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323102520895-1593918502.png
答案是picoCTF{p}
2.strings it
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308220422892-1842160548.png
复制链接
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308222640089-101542729.png
双击右上角的picoctf自带的做题工具
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323103659764-1918946302.png
wget 黏贴链接
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308220203075-1728163665.png
picoCTF{5tRIng5_1T_d66c7bb7}
3.what's a net cat?
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308220641221-920207173.png
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323103809347-204864634.png
picoCTF{nEtCat_Mast3ry_d0c64587}
4.2Warm
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308221003620-907203634.png
将42转换成2进制即可,不须要前面的0,最终的二进制表现为101010
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308221311340-144779272.png
5.Bases
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308222357674-473714679.png
利用CyberChef得到旗帜
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250308222449395-1184477919.png
picoCTF{l3arn_th3_r0p35}
6.First Grep
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323103543179-1361688547.png
和第二题一样方法
picoCTF{grep_is_good_to_find_things_5af9d829}
7.Magikarp Ground Missio
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323105125157-488226884.png
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323105230314-1953679895.png
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323110026118-425576377.png
flag放在主机文本文件里面,分成了三段
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323110322638-497705558.png
拼起来即可:
picoCTF{xxsh_0ut_0f_//4t3r_5190b070}
8.Nice netcat...
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323110818818-1638616792.png
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323111609583-31695505.png
毗连发现一串数字,这串数字的特性是不超过127,我猜这串数字可以转换成ASCII编码。
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323112024415-985355617.png
picoCTF{g00d_k1tty!_n1c3_k1tty!_7c0821f5}
9.Obedient Cat
太简单了
picoCTF{s4n1ty_v3r1f13d_28e8376d}
10.Python Wrangling
先下载三个文件,实验执行py文件看见提示,查看py文件
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323113853108-249746702.png
按照代码和提示确定利用-d,密码打开pw文本文件获得。
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323114214831-1441058674.png
picoCTF{4p0110_1n_7h3_h0us3_aa821c16}
11.Static ain't always noise
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323122419132-1971899517.png
把两个文件下载,sh执行sh文件,发现提示,按提示执行
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323124028642-1207352567.png
picoCTF{d15a5m_t34s3r_f5aeda17}
12.Tab, Tab, Attack
下载之后解压,进入最后的目次
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323175536820-93260727.png
https://img2024.cnblogs.com/blog/3382715/202503/3382715-20250323175744992-1101107649.png
picoCTF{l3v3l_up!_t4k3_4_r35t!_524e3dc4}
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]