攻防世界 你猜猜

题目

题目给了一个txt,内容如下

504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000

分析

  1. 看到开头的504B0304,显然这是一个zip文件的16进制形式数据,将其恢复成原格式(注意write只能写入bytes类型数据)
from Crypto.Util.number import *

f = open("guess.zip","wb")
s = 0x504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000
f.write(long_to_bytes(s))
f.close()
  1. 得到zip文件后解压发现需要密码,从16进制中也没看到伪加密的痕迹
  2. 利用Ziperello爆破得到密码123456
  3. 解压并打开flag.txt,结果为

daczcasdqwdcsdzasd

posted @ 2020-08-23 18:38  vict0r  阅读(651)  评论(0编辑  收藏  举报