BUUCTF:蜘蛛侠呀

题目来源：https://buuoj.cn/challenges#%E8%9C%98%E8%9B%9B%E4%BE%A0%E5%91%80

这题太难了，跟着末初大大的wp做的

题给了out.pcap

所有ICMP后面都跟了字符串

tshark -r out.pcap -T fields -e data > data.txt

 得到

去重

with open('data.txt', 'r') as file:
    res_list = []
    lines = file.readlines()
    print('[+]去重之前一共{0}行'.format(len(lines)))
    print('[+]开始去重，请稍等.....')
    for i in lines:
        if i not in res_list:
            res_list.append(i)
    print('[+]去重后一共{0}行'.format(len(res_list)))
    print(res_list)

with open('out.txt', 'w') as new_file:
    for j in res_list:
        new_file.write(j)

16进制转字符

import binascii

with open('data.txt','r') as file:
    with open('out.txt','wb') as data:
        for i in file.readlines():
            data.write(binascii.unhexlify(i[:-1]))

去掉首位两行和$$START$$

base64解码，以字节流形式写成zip


import base64

with open('data.txt','rb') as file:
    with open('out.zip','wb') as new_file:
        new_file.write(base64.b64decode(file.read()))

 一张gif

时间隐写

identify -format "%T" flag.gif

将20替换为0，50替换为1，去掉末尾的6

011011010100010000110101010111110011000101110100

每八位转字符(汉字二进制转换器

将这段字符md5加密（32位小写MD5在线加密

f0f1003afe4ae8ce4aa8e8487a8ab3b6

flag{f0f1003afe4ae8ce4aa8e8487a8ab3b6}