2026.1 furryCTF总结
有点偏难,我太菜了
PART1---赛前热身
1.签到+新的一年,新的开始
送的分不说了
2.IIS服务器
直接查找flag分组字节流就出来了
或者也可以导出f12g.txt那个对象,base64解密
3.passdump
纯分析
猜的hashcat
4.盲盒
菜。我只会解压,用随波逐流一个一个文件扫零宽
5.miscode
写了个脚本,思路对但解出来不对
点击查看代码
import os
import re
filelist=os.listdir("random_files")
endlist=["php","swift","scala","py","erl","c","f90","kt","rb","lua","cs","go","m","js","ex","pl","clj","vb","sh","cpp","r","ml","ts","hs","java","rs"]
hexlist=["7b","61","48","66","76","72","47","37","53","57","69","43","31","74","36","31","68","5f","46","79","21","7d","5f","6c","75","54"]
posadd=[0 for i in range(len(hexlist))]
for filename in filelist:
for pos in range(len(endlist)):
if re.findall(rf"[.]{endlist[pos]}",filename):
posadd[pos]+=1
sortlist=sorted(posadd)
result=""
print(sortlist)
for i in sortlist:
result=hexlist[posadd.index(i)]+result
print(result)
6.丢失的文档
不会
7.大家好像太无聊了
不会
PART2---正式比赛
1.学习资料
明文爆破需要自己构建一个docx头(创建一个docx,然后随便打一点内容,截取前面一部分50 4B 03 04 0A 00 00 00 00 00 87 4E E2 40 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00 64 6F
63 50 72 6F 70 73 2F 50 4B)
2.cyberchef
chef语言tio.run上面运行下
本文来自博客园,作者:HexCat,转载请注明原文链接:https://www.cnblogs.com/h3xcat/articles/19581822
浙公网安备 33010602011771号