202404_BUGKU_英雄联盟

Tags:LOLCODE,文件分离,PNGLSB

0x00. 题目

这是一张平平无奇的战绩图，刚入坑的$2zz用寒冰打出了0-14的逆天战绩，但其中好像还藏着什么秘密。好的题目，爱来自瓷器，英雄联盟

附件路径：https://pan.baidu.com/s/1GyH7kitkMYywGC9YJeQLJA?pwd=Zmxh#list/path=/CTF附件

附件名称：202404_BUGKU_英雄联盟.zip

0x01. WP1

01 foremost分离，得到zip文件

文件解压后得到PNG图片，尝试foremost分离发现有隐藏的zip文件

02 LSB隐写分析，发现解压密码

密码为League_of_Legends_is_s0oo_hard

03 得到新的LOL加密密文

HAI NUAACTF code
VISIBLE "HERE IS YOUR FLAG:)"
I HAS A CODE ITZ "LSBBDRGyJmjD1b4]2q]dsl6w{"
I HAS A MSG ITZ ""
I HAS A INDEX ITZ 0 BTW ITZ INDEX
I HAS A NUM ITZ
IM IN YR CYCLE UPPIN YR INDEX WILE INDEX SMALLR THAN LEN OF CODE
I HAS A C ITZ CODE!INDEX
NUM R ORD OF C
NUM R SUM OF NUM AN -3
I HAS A TEMP
NUM BIGGER THAN 69, O RLY?
YA RLY
NUM R SUM OF NUM AN 5
NO WAI
NUM R SUM OF NUM AN 2
OIC
TEMP R CHR OF NUM
OBTW NUM R CHR OF NUM
ITZ JUST A COMMENT
TLDR
MSG R SMOOSH MSG AN TEMP
IM OUTTA YR CYCLE
VISIBLE MSG
KTHXBYE

04 根据LOLCODE语法解读，编写exp

# 加密后的信息
CODE = 'LSBBDRGyJmjD1b4]2q]dsl6w{'
# 初始化空消息字符串
MSG = ""
# 初始化遍历索引为0
INDEX = 0

# 循环遍历加密信息
while INDEX < len(CODE):
    # 获取当前字符
    C = CODE[INDEX]
    # 获取当前字符的ASCII值
    NUM = ord(C)
    # 减去3，进行解密操作
    NUM -= 3
    # 根据条件进一步调整NUM值
    if NUM > 69:
        NUM += 5
    else:
        NUM += 2
    # 将解密后的ASCII值转换为字符串
    TEMP = chr(NUM)
    # 将解密后的字符添加到消息字符串中
    MSG += TEMP
    INDEX += 1
    
# 打印解密后的消息
print(MSG)

# NUAACTF{LolC0d3_1s_fun5y}

0x02. WP2

01.文件拖入使用随波逐流编码工具，识别出zip文件和LSB隐写内容

02.使用文件-FOREMOST文件分离

03.使用一键解码得到flag

flag为NUAACTF{LolC0d3_1s_fun5y}