盘古石2025晋级赛复盘
贾韦码电脑
N0tep@d++
1
1-1 分析安卓手机检材,手机的IMSI是?[答案格式:660336842291717]
Analyze the Android phone: What is the IMSI? [Answer format: 660336842291717] 1.0
答案:460036641292715
1-2 养鱼诈骗投资1000,五天后收益是?[答案格式:123]
Invest 1000 in "Fish farming" scam, what is return after 5 days? [Answer format: 123] 1.0
175
1-3 分析苹果手机检材,手机的IDFA是?[答案格式:E377D1D7-BA02-4A79-BB9A-5C2DE5BD1F17]
答案:
E477D4C7-BD02-4979-BC9D-5C5DE7BD1F17
Analyze the iPhone: What is the IDFA? [Answer format: E377D1D7-BA02-4A79-BB9A-5C2DE5BD1F17] 2.0
1-4 Telegram应用的卸载时间是?[答案格式:2023-01-22-17:37:50]
When was uninstall time of Telegram App? [Answer format: 2023-01-22-17:37:50] 2.0
卸载时间:2025-04-17 10:51:39
1-5 机主hotmail邮箱地址是?[答案格式:123345@hotmail.com]
What is the user’s Hotmail email address? [Answer format: 123345@hotmail.com] 2.0
1-6 苹果电脑开机密码是?[答案格式:12345]
What is the mac’s power-on password? [Answer format: 12345] 4.0
密码:12345678
1-7 Telegram加密通讯中,加密聊天信息用到的第二个解密载体是?[答案格式:123.zip]
The second decryption vector used to encrypt chat messages in Telegram encrypted messaging is? [Answer format: 123.zip] 4.0
1-8 贾韦码的内部代号是?[答案格式:77]
What is Jia Wei Ma(贾韦码)’s internal code name? [Answer format: 77] 5.0
1-9 特快专递的收货地址是?[标准格式:老牛市快速路11号ADE公司]
What is the delivery address for the express package? [Answer format: 老牛市快速路11号ADE公司] 5.0
2
2-1 分析安卓检材,远控工具包名是?[标准格式:com.app.cpp]
Analyze the Android device: What is the package name of the remote control tool? [Answer format: com.app.cpp] 2.0
2-2 远控工具中继服务器IP是?[标准格式:192.168.11.11]
What is the IP of the relay server in the remote control tool? [Answer format: 192.168.11.11] 2.0
2-3 远控工具ID服务器端口是?[标准格式:8088]
What is the “ID server”‘s open port in the remote control tool? [Answer format: 8088] 2.0
端口:21116
2-4 远控工具中继服务器Key是?[标准格式:HoTwGxUuV9OxSSEWRFsr1DVxQBkbbFRe0ImYMTlzyec=]
What is the relay server key in the remote control tool? [Answer format: HoTwGxUuV9OxSSEWRFsr1DVxQBkbbFRe0ImYMTlzyec=] 2.0
2-5 远控工具中收藏的远程ID是?[标准格式:123456]
What is the saved remote ID in the remote control tool? [Answer format: 123456] 2.0
2-6 远程控制该手机的手机型号是?[标准格式:huawei-Hot]
What is the model of the phone controlling this phone? [Answer format: huawei-Hot] 2.0
2-7 监听工具包名是?[标准格式:com.app.cpp]
What is the package name of the eavesdropping tool? [Answer format: com.app.cpp] 2.0
com.example.liekai
2-8 监听工具代码主入口是?[标准格式:com.app.cpp.MainActidddy]
What is the main entry point in the eavesdropping tool’s code? [Answer format: com.app.cpp.MainActidddy] 2.0
2-9 监听工具的签名算法是?[标准格式:AES123RSA ]
What signing algorithm does the eavesdropping tool use? [Answer format: AES123RSA] 1.0
2-10 监听工具运行多少秒后会跳转成黑色幕布?[标准格式:3.000]
How many seconds after running does the eavesdropping tool display a black screen? [Answer format: 3.000] 3.0
2-11 监听工具运行后,黑色幕布上字符串是?[标准格式:aes取证平台]
What string appears on the black screen? [Answer format: aes取证平台] 4.0
2-12 监听工具检测到多少分贝开始录音?[标准格式:30]
At what decibel level does the eavesdropping tool start recording? [Answer format: 30] 4.0
2-13 监听工具录音连续几秒没有检测到声音停止录音?[标准格式:3]
How many consecutive seconds of silence trigger the eavesdropping tool to stop recording? [Answer format: 3] 4.0
2-14 监听工具保存文件存储路径的数据库名称是?[标准格式:sqlite.db]
What is the database name storing file paths in the eavesdropping tool? [Answer format: sqlite.db] 2.0
2-15 监听工具保存录像文件的文件夹是?[标准格式:file]
What folder stores the eavesdropping tool’s video files? [Answer format: file] 4.0
2-16 监听工具数据库中保存音视频文件的路径使用什么加密?[标准格式:Rsa]
What encryption algorithm is used for the paths of audio and video files saved in the eavesdropping tool’s database? [Answer format: Rsa] 5.0
2-17 录音的文件采用什么加密方式?[标准格式:RC4-123]
What encryption method is used for audio files? [Answer format: RC4-123] 5.0
2-18 录像文件加密秘钥的最后一位是?[标准格式:0x6A]
What is the last byte of the encryption key for video files? [Answer format: 0x6A] 5.0
2-19 原始文件md5为3b4d****55ae的创建时间是?[标准格式:2024-2-14-16:32:8]
When was the original file with MD5 "3b4d****55ae" created? [Answer format: 2024-2-14-16:32:8] 5.0
3
3-1 分析贾韦码计算机检材,计算机系统Build版本为?【标准格式:19000】
Analyze Jia Wei Ma(贾韦码)’s computer sample: What is the system Build number? [Answer format: 19000] 1.0
3-2 计算机最后一次正常关机的时间为?UTC +0【标准格式:2025-05-06 09:00:00】
When was the computer last shut down normally (UTC +0)? [Answer format: 2025-05-06 09:00:00] 1.0
3-3 计算机网卡的MAC地址为?【标准格式:00-0B-00-A0-00-00】
What is the MAC address of the computer’s network interface card? [Answer format: 00-0B-00-A0-00-00] 1.0
3-4 计算机用户“贾韦码” 安全标识符SID为?【标准格式:S-X-X-X-X-X-X-X】
What is the SID of user "贾韦码"? [Answer format: S-X-X-X-X-X-X-X] 1.0
3-5 计算机默认浏览器为?【标准格式:Mozilla Firefox】
What is the default browser on the computer? [Answer example: Mozilla Firefox] 1.0
3-6 计算机默认浏览器版本为?【标准格式:000.0.0000.00】
What is the version of the default browser? [Answer format: 000.0.0000.00] 1.0
3-7 机主通过浏览器搜索国外社交软件为?【标准格式:Whatsapp】
What international social app did the owner search for? [Answer example: Whatsapp] 1.0
3-8 机主的邮箱账号为?【标准格式:pgscup@pgs.com】
What is the owner‘s email account? [Answer format: pgscup@pgs.com] 3.0
3-9 计算机装过一款反取证软件为?【标准格式:EnCrypt.exe】
What anti-forensic software was installed on the computer? [Answer example: EnCrypt.exe] 1.0
3-10 计算机通过Xshell远程连接的ip地址为?【标准格式:127.0.0.1】
What IP address did the computer connect to via Xshell? [Answer format: 127.0.0.1] 1.0
3-11 机主曾买过一个美国的TG账号,请给该账号的原两步验证密码?【标准格式:8位数字】
The owner purchased an US Telegram account. Provide its original two-step verification password. [Answer format: 8 digits] 2.0
3-12 给出其电脑内加密容器的解密密码?【标准格式:Abc@123】
What is the decryption password for the encrypted container on the computer. [Answer format: Abc@123] 5.0
3-13 给出其电脑内加密容器挂载的盘符?【标准格式:C】
What drive letter is assigned to the mounted encrypted container? [Answer format: C] 3.0
3-14 给出其电脑内存放了多少张伪造身份证?【标准格式:10】
How many forged ID cards are stored on the computer? [Answer format: 10] 4.0
1023
3-15 找出任敏的身份证编号?【标准格式:18位】
Find the ID number of "Ren Min(任敏)". [Answer format: 18 digits] 4.0
3-16 找出其电脑内存放的密钥文件,计算其MD5?【标准格式:字母小写】
Find the MD5 hash of the key file stored on the computer. [Answer format: lowercase letters] 5.0
3-17 找出其电脑内存放的密钥文件,解密此密钥文件,给出其内容?【标准格式:第3届pgscup】
Decrypt the key file stored on the computer and give the content. [Answer format: 第3届pgscup] 5.0
3-18 对macOS系统进行解析,登陆的电子邮件服务是谁提供的?【标准格式:pgscup】
Analyze the macOS system. Who provides the email service you log in to? [Standard format: pgscup] 1.0
3-19 系统备忘录的包名是什么?【标准格式:com.dfefef.note】
What is the package name of the system’s Notes app? [Answer format: com.dfefef.note] 2.0
3-20 图片中隐藏的内容是什么?【标准格式:隐藏内容 厨子戏子痞子】
What is the hidden content in the image? [Answer format: 隐藏内容 厨子戏子痞子] 4.0
3-21 被加密文件的扩展名是什么?【标准格式:123】
What is the file extension of the encrypted files? [Answer format: 123] 1.0
3-22 被加密的文件总共有几个?【标准格式:5】
How many encrypted files are there? [Answer format: 5] 5.0
3-23 贾韦码家使用的智能门锁品牌型号是什么?【标准格式:小米X号】
What is the brand and model of the smart lock used in Jia Wei Ma(贾韦码)’s home? [Answer example: 小米X号] 5.0
4
4-1 分析Windows木马,其控制端ip是?[标准格式:192.168.1.11]
Analyze the Windows trojan virus: What is its controller IP? [Answer format: 192.168.1.11] 2.0
4-2 软件会复制自身到哪个文件夹下?[标准格式:DaTa]
Which folder does the malware copy itself to? [Answer format: DaTa] 2.0
4-3 接上题,复制后软件名称是?[标准格式:AppTmp.exe]
Continuing last question, What is the copied filename? [Answer format: AppTmp.exe] 3.0
4-4 软件一共可以窃取多少种浏览器的信息?[标准格式:3]
How many types of browsers can the malware extract data from? [Answer format: 3] 4.0
4-5 软件查询安装的杀毒软件出错或异常会返回什么字符串?[标准格式:Apps]
What error message is returned when the malware fails to detect antivirus software? [Answer format: Apps] 3.0
5
5-1 对mac电脑中的加密程序进行分析,使用了一个特定的数作为密钥生成的种子,请问这个数是什么?【标准格式:1234】
Analyze the macOS encryption app: What encryption seed is used for key generation? [Answer format: 1234] 4.0
5-2 分析文件头部元素并确定它们的正确顺序。将字段名称按顺序连接并提交?【标准格式:字段1_字段2_字段3...】
Analyze file headers and determine the correct field order. Submit concatenated field names. [Answer format: Field1_Field2_Field3...] 5.0
5-3 密钥派生过程中使用了几个算法步骤。其中一个函数使用了与其实际功能不符的名称。找出这个函数名并提交?【标准格式:函数名】
A misleadingly named function is used in the key derivation process. Submit the function name [Answer format: FunctionName] 5.0
5-4 程序中实现了一个故意减慢加密过程的机制,延迟值是多少?【标准格式:1.1】
What is the delay value in the encryption slowdown mechanism? [Answer format: 1.1] 5.0
5-5 程序中隐藏了一个版本标识符,请找出版本号?【标准格式:v1.1.1】
Find the hidden version identifier in the program. [Answer format: v1.1.1] 5.0
6
6-1 分析服务器检材,找出服务器系统启动盘的GUID?【标准格式:数字、字母、-的组合,字母大写】
Analyze the server sample to find out the GUID of the server‘s boot disk? [Standard format: a combination of numbers, letters, and -, with the letters capitalized] 1.0
6-2 找出服务器网关IP?【标准格式:1.1.1.1】
Find the server's gateway IP. [Answer format: 1.1.1.1] 1.0
6-3 找出服务器数据盘的文件系统格式?【标准格式:ntfs】
Find the server's data volume's filesystem. [Answer example: ntfs] 1.0
6-4 找出服务器数据盘的解密密钥文件名?【标准格式:abcd】
Find the server's data volume's decryption key filename.[Answer format: abcd] 1.0
6-5 找出服务器密码?【标准格式:key@123】
Find the server's password. [Answer format: key@123] 3.0
6-6 找出服务器版本号?【标准格式:0.0.0】
Find the version of the server‘s opertating system. [Answer format: 0.0.0] 1.0
6-7 找出服务器内Docker虚拟硬盘位置?【标准格式:/home/abc/adc.raw】
Find the virtual disk of Docker on the server. [Answer format: /home/abc/adc.raw] 2.0
6-8 找出服务器启动盘的启动标识?【标准格式:D100,写出型号即可】
Find the boot id of the server's boot disk. [Answer format: D100 (model number only)] 3.0
6-9 找出服务器内共有多少个容器镜像?【标准格式:10】
Find the total number of container images on the server. [Answer format: 10] 2.0
6-10 找出服务器内网站服务器所用数据库运行的容器名?【标准格式:abc-abc-1】
Find the container name of the database used by the website server on the server. [Answer format: abc-abc-1] 3.0
6-11 找出服务器内虚拟币容器对外暴露的端口号?【标准格式:8000】
Find the open port of the virtual currency container. [Answer format: 8000] 3.0
6-12 找出投资理财网站的域名?【标准格式:3w.baidu.com】
Find the domain name of the investment website. [Answer format: 3w.baidu.com] 3.0
6-13 找出投资理财网站内连接数据库的密码?【标准格式:password】
Find the database connection password for the investment website. [Answer format: password] 3.0
6-14 找出投资理财网站后台访问地址?【标准格式:http://www.baidu.com/login.html】
Find the access URL of the investment website's backend. [Answer format: http://www.baidu.com/login.html] 4.0
6-15 找出投资理财网站会员等级设置存放在那个数据库表内?【标准格式:user】
Find the database table storing the investment website's membership levels. [Answer format: user] 3.0
6-16 找出投资理财网站提现成功的金额?【标准格式:10000】
Find the total amount of successful withdrawals on the investment website. [Answer format: 10000] 4.0
6-17 找出投资理财网站内用户王欣的银行卡号?【标准格式:16位数字】
Find the bank card number of user "Wang Xin"(王欣) of the investment website. [Answer format: 16 digits] 4.0
6-18 找出投资理财网站用户的最低提现金额?【标准格式:10000】
Find the minimum cash withdrawal amount for users of the investment website?. [Answer format: 10000] 5.0
6-19 给出存放投资理财用户表内clock为0表示用户处于那种状态?【标准格式:核实】
What status does a clock value of 0 indicate for users in the investment website’s user table? [Answer format: 核实] 5.0
6-20 找出投资理财网站内通过支付宝支付充值状态为未支付的金额?【标准格式:10000】
Find the total amount of unpaid Alipay recharges on the investment website. [Answer format: 10000] 5.0
6-21 对贾韦码计算机进行分析,账本系统使用的web框架是什么?【标准格式:Django】
Analyze Jia Wei Ma(贾韦码)’s computer: What web framework does the ledger system use? [Answer example: Django] 2.0
6-22 对账本系统进行分析,账本使用的数据库版本是多少?【标准格式:1.1.1】
Analyze the ledger system: What is the database version? [Answer format: 1.1.1] 1.0
6-23 对账本系统进行分析,使用的数据库名称是?【标准格式:test】
Analyze the ledger system: What is the database name? [Answer example: test] 2.0
6-24 对账本系统进行分析,用户手机号码在数据库中的加密方法是?【标准格式:xor-325-dfg】
Analyze the ledger system: What encryption method is used for user phone numbers? [Answer format: xor-325-dfg] 4.0
6-25 分析`crypto.js`中的`_0x3ad7`函数,找出返回加密数据的编码格式?【标准格式:ascii】
Analyze the _0x3ad7 function in crypto.js: What encoding format is used for encrypted data? [Answer example: ascii] 5.0
6-26 分析`crypto.js`中的`_0x3ad7`函数,找出使用异常作为控制流的触发语句?【标准格式:Test:connec】
Analyze the _0x3ad7 function in crypto.js: Find the trigger statement using exceptions for control flow. [Answer example: Test:connec] 5.0
6-27 分析keyManager.js`中`initializeKeys`函数的密钥获取优先级是什么?【标准格式:我是谁>我是谁>我是谁】
Analyze the initializeKeys function in keyManager.js: What is the priority order for key retrieval? [Answer format: Priority1>Priority2>Priority3] 5.0
6-28 对账本系统进行分析,账本记录的用户总数是多少?【标准格式:1234】
Analyze the ledger system: What is total number of user records? [Answer format: 1234] 5.0
6-29 对账本系统进行分析,身份证号“430014197812200986”用户的投资金额是多少?【标准格式:111111】
Analyze the ledger system: what is investment amount for user with ID "430014197812200986". [Answer format: 111111] 5.0
6-30 对账本系统进行分析,姓名为明凤英的客户共有几人?【标准格式:1】
Analyze the ledger system: How many customers named "Ming Fengying" (明凤英) exist? [Answer format: 1] 3.0
7
7-1 分析冰箱,请问智能冰箱的品牌?【标准格式:xiaomi】
Analyze the smart refrigerator: What is its brand? [Answer format: xiaomi] 2.0
Panasonic
7-2 请问智能冰箱的型号?【标准格式:MiFridge2024】
What is the model of the smart refrigerator? [Answer format: MiFridge2024] 1.0
NR-E46CV1
7-3 请找智能冰箱的uuid?【标准格式:34567890-12cd-efab-3456-789012cdefab】
Find the UUID of the smart refrigerator. [Answer format: 34567890-12cd-efab-3456-789012cdefab] 4.0
hexdump -C your_file.bin | grep -iE "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
7-4 请问智能冰箱默认保存几张图片?【标准格式:1】
How many images are saved by default in the smart refrigerator? [Answer format: 1] 5.0
7-5 请问冰箱中已存的第一张图片上的内容是什么?【标准格式:满城尽带黄金甲】
What is the content of the first saved image? [Answer format: 满城尽带黄金甲] 4.0
7-6 请问冰箱中已存的第二张图片的名称是什么?【标准格式:123.jpg】
What is the filename of the second saved image? [Answer format: 123.jpg] 4.0
7-7 请找冰箱中隐藏的内容?【标准格式:chuzixizipizi】
Find the hidden content in the refrigerator. [Answer format: chuzixizipizi] 5.0
7-8 请找出冰箱中嫌疑人图片MD5值的后六位?【标准格式:1a2b3d】
What are the last six chars of the MD5 hash for the suspect’s image in the refrigerator? [Answer format: 1a2b3d] 5.0
7-9 请找出冰箱最后一次开门时间?【标准格式:10:11】
When was the refrigerator last opened? [Answer format: 10:11] 5.0
7-10 默认图片的存储限制大小是多少?【标准格式:1KB】
What is the default size limit for saved images? [Answer format: 1KB] 5.0
7-11 分析video.E01,被修改的录像md5前5位是?【标准格式:1a2b3】
Analyze video.ex01: What are the first five chars of the MD5 hash for the modified video? [Answer format: 1a2b3] 4.0
8
8-1 对贾韦码计算机检材进行解析,该诈骗集团的最高层领导者的id 和姓名?【标准格式:M000001 姓名】
Analyze Jia Wei Ma(贾韦码)’s computer: Provide the ID and name of the scam group’s top leader. [Answer format: M000001 Name] 1.0
8-2 找出最高领导的所有下线中提现总额最高的成员ID?【标准格式:M0000001】
Find the ID of the member with the highest withdrawal amount among all subordinates of the top leader.. [Answer format: M0000001] 4.0
8-3 找出从直接下线获得平均佣金最高的成员ID及其平均佣金金额?【标准格式:M0000001,123.12】
Find the member ID and their average commission amount from direct referrals, where the average is the highest. [Answer format: M0000001,123.12] 4.0
8-4 找出注册时间最早的前 10% 成员中,交易次数最少的 5 位成员的 id?【标准格式:M000001,M000002,M000003,M000004,M000005】
List IDs of the 5 least active members among the earliest 10% registered user. [Answer format: M000001,M000002,M000003,M000004,M000005] 4.0
8-5 找出交易次数增长率最高的成员ID及其增长率?【标准格式:M000001,24.44%】
Find the member ID with the highest transaction growth rate and calculate their growth rate. [Answer format: M000001,24.44%] 4.0
8-6 统计状态 'active'、90天无交易、历史交易额前20%的成员数?【标准格式:111】
Count active members, no transactions in 90 days, top 20% by total transaction amount. [Answer format: 111] 5.0
8-7 找出有上线且直接下线最多的成员ID及下线数?【标准格式:M000001:数量】
Find the member ID with the most direct subordinates who also has an upline.? [Answer format: M000001:Count] 5.0
ENj5MWKOu7tN80uDnRbzb2C409gWpdI#@zLutPdqGGtt-XRt$_$%7i=)5xlbFzF*
8-8 比较最早年份Q1与Q4注册成员的总交易额,指出哪个更高及具体金额?【标准格式:Q1:123.12】
Compare Q1 vs Q4 total transactions in the earliest year. Indicate which is higher and the amount. [Answer example: Q1:123.12] 5.0
8-9 找出成员地址中最常出现的省份,并计算居住在该省份的所有成员的总提现金额?【标准格式:省份,123.12】
Find the most common province in member addresses and calculate its total withdrawals. [Answer format: Province,123.12] 5.0
8-10 计算最高层领导者的净资金流?【标准格式:123.12】
Calculate the financial flow for the top leader. [Answer Format: 123.12] 5.0
浙公网安备 33010602011771号