BUUCTF—Misc—[ACTF新生赛2020]base64隐写
文件打开有一个未知名的文件,用记事本打开也没什么,接着用Hex打开,发现稍微 后面一点有其他文件,试着binwalk分离文件:
def get_base64_diff_value(s1, s2): base64chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' res = 0 for i in xrange(len(s2)): if s1[i] != s2[i]: return abs(base64chars.index(s1[i]) - base64chars.index(s2[i])) return res def solve_stego(): with open('ComeOn!.txt', 'rb') as f: file_lines = f.readlines() bin_str = '' for line in file_lines: steg_line = line.replace('\n', '') norm_line = line.replace('\n', '').decode('base64').encode('base64').replace('\n', '') diff = get_base64_diff_value(steg_line, norm_line) print diff pads_num = steg_line.count('=') if diff: bin_str += bin(diff)[2:].zfill(pads_num * 2) else: bin_str += '0' * pads_num * 2 print goflag(bin_str) def goflag(bin_str): res_str = '' for i in xrange(0, len(bin_str), 8): res_str += chr(int(bin_str[i:i + 8], 2)) return res_str if __name__ == '__main__': solve_stego()
周赛base64隐写脚本:
import base64 b64chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' with open('1.txt', 'rb') as f: flag = '' bin_str = '' for line in f.readlines(): stegb64 = str(line, "utf-8").strip("\n") rowb64 = str(base64.b64encode(base64.b64decode(stegb64)), "utf-8").strip("\n") offset = abs(b64chars.index(stegb64.replace('=', '')[-1]) - b64chars.index(rowb64.replace('=', '')[-1])) equalnum = stegb64.count('=') # no equalnum no offset if equalnum: bin_str += bin(offset)[2:].zfill(equalnum * 2) # flag += chr(int(bin(offset)[2:].zfill(equalnum * 2), 2)) # print(flag) 这样写得不出正确结果 print([chr(int(bin_str[i:i + 8], 2)) for i in range(0, len(bin_str), 8)])
得到一串base64字符,题目是base64隐写,直接上脚本解;
解出来;就是flag:flag{6aseb4_f33!}
