Misc雜項隱寫題writeup
阿新 • • 發佈:2018-08-05
lose inux mis color clas -s chunk div 壓縮包
MISC-1
提示:if you want to find the flag, this hint may be useful: the text files within each zip consist of only "printable" ASCII characters
給了53個加密壓縮包,每個包分別含有一個txt文件,首先想到暴力破解壓縮包,試過各種破解工具後發現並不能用,於是想到使用腳本。以下是py腳本:
1 #coding:utf-8 2 import zipfile 3 import string 4 import binascii 5 6 def CrackCrc(crc):7 for i in dic: 8 for j in dic: 9 for p in dic: 10 for q in dic: 11 s = i + j + p + q 12 if crc == (binascii.crc32(s) & 0xffffffff): 13 print s 14 f.write(s) 15 return16 17 def CrackZip(): 18 for I in range(53): 19 file = ‘chunk‘ + str(I) + ‘.zip‘ 20 f = zipfile.ZipFile(file, ‘r‘) 21 GetCrc = f.getinfo(‘data.txt‘) 22 crc = GetCrc.CRC 23 #以上3行為獲取壓縮包CRC32值的步驟 24 #print hex(crc) 25 CrackCrc(crc) 26 27 dic = string.ascii_letters + string.digits + ‘+/=‘ 28 29 f = open(‘out.txt‘, ‘w‘) 30 CrackZip() 31 f.close()
運行出來後得到一串疑似base64的東西:
UEsDBBQDAQAAAJFy1kgWujyNLwAAACMAAAAIAAAAZmxhZy50eHT/xhoeSnjMRLuArw2FXUAIWn8UQblChs4AF1dA nT4nB5hs2SkR4fTfZZRB56Bp/FBLAQI/AxQDAQAAAJFy1kgWujyNLwAAACMAAAAIAAAAAAAAAAAAIIC0gQAAAABmbGFnLnR4 dFBLBQYAAAAAAQABADYAAABVAAAAAAA=
base64在線解密後得到:
PKr?</#flag.txt?Jx? ]@ZAB?W@>‘ l??eA砩PK?r?</# flag.txtPK6U
懷疑是一個加密的壓縮包。將原來得到的一串使用notepad++打開,使用插件base64decode保存為zip
在Linux下用fcrackzip爆破,得到密碼:
解密後得到flag:flag{i_z1pp3d_a_zip_w1th_sum_zips}
Misc雜項隱寫題writeup