word_sercet
文档被加密
查看图片的属性 在备注可以看到解压密码
解密成功
在选项里面把隐藏的文本显示出来
可以看到ffag
easy_encode
得到一个bmp二维码
使用qr research
得到的密文直接放瑞士军刀
base32解码+base64解码+hex解码
dir_pcap
直接搜索flag
发现flag.zip,zip_pass.txt
像是密码
从流量包下载 zip_pass.txt
导出分组字节流
flag.zip被加密了
用密码3.6*3.6进入得到flag
ezsm
# -*- coding: utf-8 -*-
import binascii
from gmssl import sm4
from secret import flag
def encode(key, data):
sm4_a = sm4.CryptSM4()
sm4_a.set_key(key.encode(), sm4.SM4_ENCRYPT)
ciphertext = sm4_a.crypt_ecb(str(data).encode()).hex()
return ciphertext
if __name__ == '__main__':
key = '4765?df?0170?44?'
ciphertext = encode(key,flag)
print("密文:",ciphertext)
#c49f4552b22f27969c07d9371d1aa093b54f97ccd44261a5fc92cd3461a38d68d20218a51686a3f9d0cc50679e36cd4fkey中存在4个不确定位,通过代码尝试所有字符,暴力检索flag关键字即可
from gmssl import sm4
from Crypto.Util.number import *
def encode(key, data):
sm4_a = sm4.CryptSM4()
sm4_a.set_key(key.encode(), sm4.SM4_ENCRYPT)
ciphertext = sm4_a.crypt_ecb(str(data).encode()).hex()
return ciphertext
def decode(key, data):
sm4_a = sm4.CryptSM4()
sm4_a.set_key(key.encode(), sm4.SM4_DECRYPT)
text = sm4_a.crypt_ecb(long_to_bytes(data))
return text
if __name__ == '__main__':
l = [0,1,2,3,4,5,6,7,8,9,'a','b','c','d','f']
for i in l:
for n in l:
for m in l:
for j in l:
key = f'4765{i}df{n}0170{m}44{j}'
ciphertext = 0xc49f4552b22f27969c07d9371d1aa093b54f97ccd44261a5fc92cd3461a38d68d20218a51686a3f9d0cc50679e36cd4f
text = decode(key,ciphertext)
if b'flag{' in text:
print(text)
