【MRCTF2020】hello_misc

 

【MRCTF2020】hello_misc

图片文件中很明显的低位隐写,先用zsteg查看一下。

 

发现除了有低位隐写外还应该有隐藏了一个压缩包。binwalk出来zip,需要密码。

使用zsteg直接提取低位的PNG出现问题,用stegsolve提取(应该是只在R通道隐藏了信息所以zsteg提不出来?)

解密压缩包,得到:一个只包含127 255 63 191的TXT文件,以前遇到过这种题,应该是转换成二进制然后取前两位重组。

with open('out.txt') as a_file:
    content = [x.strip() for x in a_file.readlines()]
bins = []
for i in content:
    bins.append(bin(int(i))[2:].zfill(8)[:2])
stringBins = ''.join(bins)
num = 0
flag = ''
for i in range(int(len(stringBins)/8)):
    flag+=chr(int(stringBins[num:num+8],2))
    num+=8

print(flag)

得到:rar-passwd:0ac1fe6b77be5dbe,才想起来还有个Rar....

 

解密之得到zip,一解压发现应该是个doc,改后缀看内容。改字体为黑色。

这里脑洞有些大,试了好久...base64逐行解密,很多工具base64转码会破坏格式,也就看不出flag了。这里将1换成空格,0换成小黑脸

flag就是flag{He1Lo_mi5c~}

 

附:

形如MTEwMTEx的base64编码由于能够直接转成01二进制,因此出过恢复成二维码的题,找到一个脚本直接生成PNG。

import base64
import numpy as np
from imageio import imwrite
//data,cXJjb2Rl是提示qrcode
s = """cXJjb2RlMTExMTExMTAxMDExMDExMDAwMDAwMDExMTExMTExMDAwMDAxMDEwMDEwMDAxMTAwMDEwMTAwMDAwMTEwMTExMDEwMTExMTAwMTAxMDEwMDAxMDExMTAxMTAxMTEwMTAwMTEwMDAwMDExMTAxMDEwMTExMDExMDExMTAxMDAxMDEwMDAxMDEwMTAwMTAxMTEwMTEwMDAwMDEwMTAwMTAxMDAwMTAwMDAxMDAwMDAxMTExMTExMTAxMDEwMTAxMDEwMTAxMDExMTExMTEwMDAwMDAwMDEwMTExMDAxMTExMTAwMDAwMDAwMDAwMTExMDEwMTAwMDAwMDEwMDAwMDExMTAwMTExMTAxMDExMDEwMTEwMTEwMDAxMTAxMDEwMTExMDEwMDEwMDAxMTEwMTEwMDAwMTAwMTAwMDExMDAxMDEwMDExMTAxMTExMTExMDExMTExMTAxMDEwMDAxMDEwMTExMTAxMDExMTAwMDAxMDExMTAxMDAxMTEwMTAxMDAwMDAxMDAxMDEwMTAwMTAxMTAxMDAxMTExMTAwMTEwMDExMTExMDAxMDAwMDEwMTAwMTEwMDEwMDAwMDEwMDExMDAxMDAxMTEwMTAxMTAwMTAxMDEwMDAxMTAwMDAwMTAwMDAwMDAxMDEwMTEwMDEwMDAxMTAxMDAxMTAxMTEwMDAwMDAxMDEwMDAwMTAxMDAwMTAwMDExMDExMDEwMDAxMDEwMTAwMDAxMDExMTAwMDAxMTExMDAxMDAwMDExMDAxMDAwMDEwMDAxMTEwMDAxMDAxMDExMTExMTExMTExMTAwMDAwMDAwMDAxMTEwMDEwMTAwMDExMDAwMTEwMDExMTExMTExMDAwMDAxMDAxMTAxMTEwMTAxMTExMDEwMDAwMDEwMDEwMDExMDExMDEwMTAwMDEwMDAxMTAxMTEwMTAxMTExMDEwMDEwMDAxMTExMTExMTAxMDExMTAxMDEwMTAxMDAwMDExMDAxMDEwMDAwMDEwMTExMDEwMTEwMTAxMTEwMTAwMDExMDEwMTEwMTAwMDAwMTAwMDExMDExMTAxMDEwMTAwMTAwMTAxMTExMTExMDAxMTAxMTEwMDAwMTAxMTAwMTEwMA=="""

code = base64.b64decode(s).decode()
code = code[6:]
num = [int(i)*255 for i in code]
n = np.array(num)
# 根据01数据长度确定二维码大小
n = n.reshape(29,29)
imwrite('a.png', n)

 

--By Wander

posted @ 2020-05-19 15:16  B216三个👎👎  阅读(812)  评论(0)    收藏  举报