暑假集训7.04
宁波赛
BlackAndWhite
336张黑白照片,应该是写成二进制再转成字符串
写脚本处理一下,得到flag
from PIL import Image result = "" for i in range(336): img = Image.open(f"C:\\Users\\LEGION-Y7000P\\Desktop\\11\\宁波赛\\1\\target\\{i}.png") im_RGB = img.convert("RGB") # 将图片转换为RGB模式 r,g,b =im_RGB.getpixel((1,1)) #获得x,y坐标的rgb值 print(r,g,b)# 这题中白色图片rgb值:255,255,255 黑色图片rgb值:12,12,0 if r !=255: #255是白色 result +="1" else: result +="0" #将二进制转换为ascii码 for i in range(0,len(result),8): byte = result[i:i+8] print(chr(int(byte,2)),end="")
Analyze
pdf里得到一串密文,解码得到提示
pdf里还可以分离一个加密的压缩包,以及和压缩包里面一样的一个png和一个txt,应该是明文爆破,将解密内容写进txt里,进行爆破
用Stegsolve打开,lsb隐写,得到flag
DocDocDoc
docx文件,没什么信息,改成zip后缀找信息
一般文字信息存在document.xml,但也没找到什么信息,然后找到了png文件,png文件被修改了宽高,用脚本爆破一下,得到了密文
解码得到flag
Digtal_plate
usb流量分析,前三位是088,后8位是八个0,是数位板数据
提取数据
用脚本整理数据
f = open('1.txt','r') fi = open('result.txt','w') while 1: a = f.readline() if not a: break a = a.strip('\n') if a[3] == '1': x = int(a[4:6],16) + int(a[6:8],16)*256 fi.write(str(x)) fi.write(' ') y = int(a[8:10],16) + int(a[10:12],16)*256 fi.write(str(-y)) fi.write('\n') fi.close()
用gnuplot画图,得到key
binwalk分析一下流量包发现还存在zip,分离出来,用key打开压缩包,得到jpg
放进SilentEye,发现还要密码,在jpg备注找到提示
用脚本整理数位板的压感数据
f = open('1.txt','r') fi = open('3.txt','w') while 1: a = f.readline() if not a: break a = a.strip('\n') # a[3] == '1': if a[3] == '1' and int(a[12], 16) < 15: x = int(a[4:6],16) + int(a[6:8],16)*256 fi.write(str(x)) fi.write(' ') y = int(a[8:10],16) + int(a[10:12],16)*256 fi.write(str(-y)) fi.write('\n') fi.close()
用gnuplot画图,得到key
再放进SilentEye,得到flag
国赛
ez_usb
usb键盘流量,提取数据
跑一下usb键盘的脚本
import os # os.system("tshark -r test.pcapng -T fields -e usb.capdata > usbdata.txt") normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"} shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"} nums = [] keys = open('281.txt') for line in keys: if len(line)!=17: #首先过滤掉鼠标等其他设备的USB流量 continue nums.append(line[0:2]+line[4:6]) #取一、三字节 keys.close() output = "" for n in nums: if n[2:4] == "00" : continue if n[2:4] in normalKeys: if n[0:2]=="02": #表示按下了shift output += shiftKeys [n[2:4]] else : output += normalKeys [n[2:4]] else: output += '[unknown]' print('output :n' + output)
得到一串rar的十六进制和一个密码,把十六进制整理好用010写成rar文件
用密码打开rar,得到flag
everlasting_night
A2通道有数据,RGB的各个0通道也有数据,但提不出来
用lsb.py提取
提出来的是zip文件,改一下后缀,zip需要密码,在png末尾找到多余的十六进制,md5得到密码
得到一个文本,开头是png数据,后面是data数据,把文件头删除,加上后缀.data
把data文件放进gimp进行修复,处理一下得到flag
