1. 程式人生 > >Misc雜項隱寫題writeup

Misc雜項隱寫題writeup

lose inux mis color clas -s chunk div 壓縮包

MISC-1

提示:if you want to find the flag, this hint may be useful: the text files within each zip consist of only "printable" ASCII characters

給了53個加密壓縮包,每個包分別含有一個txt文件,首先想到暴力破解壓縮包,試過各種破解工具後發現並不能用,於是想到使用腳本。以下是py腳本:

 1 #coding:utf-8
 2 import zipfile
 3 import string
 4 import binascii
 5 
 6 def CrackCrc(crc):
7 for i in dic: 8 for j in dic: 9 for p in dic: 10 for q in dic: 11 s = i + j + p + q 12 if crc == (binascii.crc32(s) & 0xffffffff): 13 print s 14 f.write(s) 15 return
16 17 def CrackZip(): 18 for I in range(53): 19 file = chunk + str(I) + .zip 20 f = zipfile.ZipFile(file, r) 21 GetCrc = f.getinfo(data.txt) 22 crc = GetCrc.CRC 23 #以上3行為獲取壓縮包CRC32值的步驟 24 #print hex(crc) 25 CrackCrc(crc) 26 27 dic = string.ascii_letters + string.digits +
+/= 28 29 f = open(out.txt, w) 30 CrackZip() 31 f.close()

運行出來後得到一串疑似base64的東西:

UEsDBBQDAQAAAJFy1kgWujyNLwAAACMAAAAIAAAAZmxhZy50eHT/xhoeSnjMRLuArw2FXUAIWn8UQblChs4AF1dA
nT4nB5hs2SkR4fTfZZRB56Bp/FBLAQI/AxQDAQAAAJFy1kgWujyNLwAAACMAAAAIAAAAAAAAAAAAIIC0gQAAAABmbGFnLnR4
dFBLBQYAAAAAAQABADYAAABVAAAAAAA=

base64在線解密後得到:

PKr?</#flag.txt?Jx?
]@ZAB?W@> l??eA砩PK?r?</# flag.txtPK6U

懷疑是一個加密的壓縮包。將原來得到的一串使用notepad++打開,使用插件base64decode保存為zip

在Linux下用fcrackzip爆破,得到密碼:

技術分享圖片

解密後得到flag:flag{i_z1pp3d_a_zip_w1th_sum_zips}

技術分享圖片

技術分享圖片

Misc雜項隱寫題writeup