BUUCTF-Misc(41-50)
秘密文件对ftp的数据进行追踪流找到
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223731658-732193921.png
里面被偷走了一个压缩包,然后我们暴力破解
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223731129-974576766.png
解压得到flag
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223730614-726731692.png
鸡你太美
参考:
BJDCTF2020]鸡你太美_buuctf 鸡你太美-CSDN博客
篮球的gif
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223730189-1155551939.png
篮球副本.gif
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223729525-1269286077.png
发现少了47 49 46 38
我们给文件头补全
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223729107-1071866744.png
flag{zhi_yin_you_are_beautiful}just_a_rar
暴力破解不多说了
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223728004-1733183553.png
打开是一个图片,右键属性,详细信息
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223727515-491695418.png
菜刀666
参考:
BUUCTF-菜刀666_buuctf 菜刀666-CSDN博客
我直接就是一个追踪流然后看到一个flag.txt
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223726932-473510016.png
然后说须要passwd,我也不知道在哪
然后再tcp流 7找到一个jpg,我们复制下来
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223726293-1323948847.png
010editor粘贴进去,然后生存,打开这个图片
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223725365-1659669370.png
Th1s_1s_p4sswd_!!!得到了密码,但是我们flag在哪,我们binwalkl提取一下流量包,然后有个压缩包,解压一下
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223724260-1333385243.png
一叶障目
就是png宽高改一下
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223723501-1094862205.png
神奇的二维码
binwalk提取了一下,提取出来四个,然后其中一个解压为
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223721861-1800663102.png
有一个解压为
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223721250-433302431.png
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223720632-1893830411.png
拿到它去解密 看看flag在不在里面.rar
还是flag.jpg,我没找到有什么有效的信息
然后最可疑的就是有一个flag.doc
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223720189-2083926828.png
这一大坨就是base64疯狂搞出来的,我们利用basecrack进行解密
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223719209-417855930.png
找到了密码,加压后是一段音频,应该是摩斯密码
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223718460-699521107.png
-- --- .-. ... . .. ... ...- . .-. -.-- ...- . .-. -.-- . .- ... -.--解密一下
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223718037-1873971435.png
flag{morseisveryveryeasy}纳尼
文件打不开,发现GIF文件头少了
47 49 46 38
然反面部加上这四个字节
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223717429-1367810252.png
然后给GIF分成帧
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223716628-1956839991.png
Q1RGe3dhbmdfYmFvX3FpYW5nX2lzX3NhZH0=base64解码得到flag
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223716255-778754702.png
excel破解
这道题也是我直接同流合污直接提取隐写找到的
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223715673-1877950619.png
来题中等的吧
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223715065-979290470.png
可能是摩斯密码
.- .-.. .--. .... .- .-.. .- -...https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223714367-1119375742.png
flag{alphalab}梅花香之苦寒来
提示就是图穷flag见,另有绘图
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223713906-1424944073.png
在反面发现一大堆数字
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223713058-1706480391.png
应该是16进制的,我们进行16进制转字符串在线字符串/十六进制相互转换—LZL在线工具 (lzltool.cn)
https://img2023.cnblogs.com/blog/3439569/202405/3439569-20240525223712391-1307905571.png
然后看看大佬的wp吧,脚本绘图
画完就是二维码,扫描一下就有了
flag{40fc0a979f759c8892f4dc045e28b820}
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]