MISC-1

提示：if you want to find the flag, this hint may be useful: the text files within each zip consist of only "printable" ASCII characters

給了53個加密壓縮包，每個包分別含有一個txt文件，首先想到暴力破解壓縮包，試過各種破解工具後發現並不能用，於是想到使用腳本。以下是py腳本：

 1 #coding:utf-8
 2 import zipfile
 3 import string
 4 import binascii
 5 
 6 def CrackCrc(crc):
 
 7     for i in dic:
 8         for j in dic:
 9             for p in dic:
10                 for q in dic:
11                     s = i + j + p + q
12                     if crc == (binascii.crc32(s) & 0xffffffff):
13                         print s
14                         f.write(s)
15                         return
 

16 
17 def CrackZip():
18     for I in range(53):
19         file = ‘chunk‘ + str(I) + ‘.zip‘
20         f = zipfile.ZipFile(file, ‘r‘)
21         GetCrc = f.getinfo(‘data.txt‘)
22         crc = GetCrc.CRC
23         #以上3行為獲取壓縮包CRC32值的步驟
24         #print hex(crc)
25         CrackCrc(crc)
26 
27 dic = string.ascii_letters + string.digits + ‘
 
+/=‘
28 
29 f = open(‘out.txt‘, ‘w‘)
30 CrackZip()
31 f.close()

運行出來後得到一串疑似base64的東西：

UEsDBBQDAQAAAJFy1kgWujyNLwAAACMAAAAIAAAAZmxhZy50eHT/xhoeSnjMRLuArw2FXUAIWn8UQblChs4AF1dA
nT4nB5hs2SkR4fTfZZRB56Bp/FBLAQI/AxQDAQAAAJFy1kgWujyNLwAAACMAAAAIAAAAAAAAAAAAIIC0gQAAAABmbGFnLnR4
dFBLBQYAAAAAAQABADYAAABVAAAAAAA=

base64在線解密後得到：

PK
r?</#flag.txt?Jx?
]@ZAB?W@>‘ l??eA砩PK
?
r?</# flag.txtPK

6U

懷疑是一個加密的壓縮包。將原來得到的一串使用notepad++打開，使用插件base64decode保存為zip

在Linux下用fcrackzip爆破，得到密碼：

解密後得到flag：flag{i_z1pp3d_a_zip_w1th_sum_zips}

Misc雜項隱寫題writeup