DASCTF 熟悉的猫

压缩包需要密码,不是伪加密,爆破也爆不出来,下面的kdbx文件搜了一下可以用keepass打开,但是居然还是需要密码

那这个只能是弱口令或者爆破了,但是纯手工肯定不可取,找了很久终于找到了工具passware,可以爆破绝大多数加密文件

文件名是len5,所以爆破的时候采用5位即可,最好提高全数字的优先级,毕竟要爆破的话,出题人最可能采用的就是数字了

得到结果

13152打开文件后

得到的密码无法解压文件,又看了其他两个账户的密码

都不对,这时候回过头来看passware中,给出了这两个账户的密码明文

那么上面那个只能是zipzip的密码明文了,拿来之后成功解压,得到一张图片和一个hint

hint中给出了内容,k等于很长一串

里面有零宽字节,解出来是22*160,不明所以

查了很久之后发现是塔珀自指公式,将代码中的17,106替换为22,160

k=92898203278702907929705938676672021500394791427205757369123489204565300324859717082409892641951206664564991991489354661871425872649524078000948199832659815275909285198829276929014694628110159824930931595166203271443269827449505707655085842563682060910813942504507936625555735585913273575050118552353192682955310220323463465408645422334101446471078933149287336241772448338428740302833855616421538520769267636119285948674549756604384946996184385407505456168240123319785800909933214695711828013483981731933773017336944656397583872267126767778549745087854794302808950100966582558761224454242018467578959766617176016660101690140279961968740323327369347164623746391335756442566959352876706364265509834319910419399748338894746638758652286771979896573695823608678008814861640308571256880794312652055957150464513950305355055495262375870102898500643010471425931450046440860841589302890250456138060738689526283389256801969190204127358098408264204643882520969704221896973544620102494391269663693407573658064279947688509910028257209987991480259150865283245150325813888942058
import numpy as np
import matplotlib.pyplot as plt
from PIL import Image

def Tupper_self_referential_formula(k): 
    aa = np.zeros((22,160))
    def f(x, y):
        y += k
        a1 = 2**-(-22*x - y%22)
        a2 = (y // 22) // a1
        return 1 if a2 % 2 > 0.5 else 0
    for y in range(22):
        for x in range(160):
            aa[y, x] = f(x, y) 
    return aa[:,::-1]
aa = Tupper_self_referential_formula(k)
plt.figure(figsize=(15,10))
plt.imshow(aa,origin='lower')
plt.savefig("tupper.png")
img = Image.open('tupper.png')
#翻转
dst1 = img.transpose(Image.FLIP_LEFT_RIGHT).rotate(180)   
plt.imshow(dst1)
plt.show()

得出来是倒的,但是还是能看出来是33 121 144

图片结合题目标题应该将就是猫脸变换没得跑

根据博主给出的代码,稍加修改就行

import numpy
import cv2
def dearnold(img):
    r, c = img.shape[0], img.shape[1]
    p = numpy.zeros((r, c, 3), numpy.uint8)
    a = 121
    b = 144
    for i in range(r):
        for j in range(c):
            x = ((a * b + 1) * i - b * j) % r
            y = (-a * i + j) % c
            p[x, y] = img[i, j]
    return p

img = cv2.imread("flag.png")
for i in range(1):
    img = dearnold(img)
cv2.imwrite("true_flag.png",img)

我一开始循环33,结果输出的文件跟原来没差别。。后来一想这个数字不会就是原图变换的次数吧,改成1之后就直接出结果了

结果为DASCTF{751476c0-6ctf-497f-9651-83ede0ebc5a0}

posted @ 2022-04-25 17:28  WXjzc  阅读(289)  评论(0编辑  收藏  举报