CTF Center part writeup

东南大学的学生办了一场线上CTF,时间为2015年5月17日(周日)10:00至2015年5月24日(周日)10:00
然后呢,当时花了两天答了一些题,趁者官方还没发出完整writeup, 总结下我 PASS 的题目。
题型有五大类,如下:

  • Misc
    • 签到题(PASS)
    • 大海捞针(PASS)
    • 娱乐~娱乐~(PASS)
  • Crypto
    • 困在栅栏中的凯撒(PASS)
    • 神奇的数字13(PASS)
    • 盲人摸象(PASS)
    • bright?
    • 加密系统
  • Forensics
    • 纯色(PASS)
    • Fate!!!(PASS)
    • 脑洞
  • Reverse
    • Hello World
    • 论数学的重要性
    • Ingres
    • 十万火急(PASS)
  • Web
    • 城市查询系统
    • 又一个任务
    • 小黑的烦恼
    • Discuz?
    • Flag你在哪里?(PASS)
    • 源码中的乾坤(PASS)

Misc


签到题

来熟悉一下提交Flag的流程吧,flag隐藏在下面的字符串中:
ZmxhZ3tjaGVja18xbn0=

Tips:据说黑阔们特别喜欢用 Base64 或者 Base32~

答:python base64 decode

1
2
3
>>> import base64
>>> base64.b64decode("ZmxhZ3tjaGVja18xbn0=")
'flag{check_1n}'

大海捞针

小黑发现南京市雨花台区龙西路10号住着一位叫龚宇亿的妹子,你能帮小黑找到她的身份证号么?

本题Flag为:flag{身份证号}

答:社工题,随便找个社工库查询一下,我就知道了
flag{32068419861130366X}

一开始以为和身份证的结构有关,特地了解了下 xxxxxx-xxxxxxxx-xxx-x 每段的含义
分别是:出生地区编号-出生日期-序号-校验码,其中序号为奇数为男,偶数为女


娱乐~娱乐~

做题那么累,不如咱们来玩会游戏吧!

c7bfc1675666cffc4df9ef77ad57e7cb.susteam.org:25565

据说在沙漠大山的后面,有一座神秘的钻石宫殿!

注:本题Flag为 FLAG{可见字符} 的形式。

答:由端口为25565猜得这是个minecraft服务器。
连接,找进入地图,找到一个迷宫,迷宫里看到FLAG

FLAG{2348768761574}

Crypto


困在栅栏中的凯撒

小黑发现了一段神奇的字符:a\vEnZZpZ)ZgbZpo/ai++x

答:题目提示,加密方式有栏栅加密和凯撒加密
观察字符串,字符不仅仅有字母,观察ASCII表,猜测字符串最后的’x’对应’{‘
位移为5,解出以下字符串

fa{Js__u_._lg_ut4fn00}

字符串长度为22,尝试分为2组

fa{Js__u_._
lg_ut4fn00}

得到FLAG:

flag{_Just_4_fun_0.0_}

神奇的数字13

Attach:20150511213312.zip

据说老外很喜欢13这个数字。
本题Flag形式为: flag:{可见字符}

答:下载压缩包解压得到文件crackme

1
qngn:vzntr/cat;onfr64,vIOBEj0XTtbNNNNAFHuRHtNNNJtNNNQjPNVNNNPvkJxLNNNDtHyRDIE4Nr3Os0mI97xU8CqGQOkdqKIY/oKOnvKc3OY7KFYqoHqJQRGE/eUCEYbE3StT6x6vxLNTwuAKg3FSNtWv67SYgqJBLeBMsIcYzN50aXvE7b99gjFx1vOMhheFnuTI4fQaWvpkJHCifhph1+2n9+fyVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWXP73oMg22Xk2ThiiIMrKd6d3aiaUBlrsiecJPl2nqBzrQjBDSJ99845/ZqDIr+9pj7/IeAam25bnSv2oAyaC/iM4rUuK/mvSm/96H9i3odydit7LEtTDDONIpZjQVVNFnbnuzRDOCwadTbLuxhKYe1l5DehSNUq7HMTEg5///2vbdV//ryCdhd9q87O7ie162+88pozmMisr+89NXediKsB4G/T008/ssof2L6BQikoUGylMZJXSp8///mj8UOODHS+si6zGMg27qdydcphKLeU40v6rCSvCO4UbXcuTNMOtPEIQpZjPNY8p7797J93qUE873isB3wjVB4HNq3IiiPSY/m5m3/+mJ9+H1WF8hTUU6dd9379+iHiiiwvR088VFVaG54fXlg7//33H1WFTufol8eXExqUg23ogz/sCh+9pj63dJb0Tb3U40uFIr+9p2737g3EnUGIdyIqKI0gYF1SEHKKey2een09rCNttYF0gWnJydXvbziKegKJ1u48rOOWdgeo2mg9+iFZwVl6heez5zM8zcFHyZoTkeXlfgUE0J3ogh3og897K1uLhUam5iYl8eym5/o392/qheJ7hkhNdaeiaKBdrim48L8//wt3A/sgg99+6dzaCiwtt8oTkeXlfgUE0J3ogh3og89775mQSPxcXMf3ol4iY587q25/s//JeIh7h7fOdBek48p//iww3Ampg99++6zaaec06EV+moIe186pBMBKyjptYF1g7qd1M8+r/r1is6hdLEtTDLOCHgHjQVZtDWXduzRLORSnJycYF0gEHqT1n9qdn2fCUwlVWSKg7BjpUE1AGH1qgJbINSJAEdCkrOk3vbQhnddXWB+9p05IisqKe179mar+H1go+7aCsJ7Yyv27q+/rhUSwEHISp3Cm0nAUR4yRAOdqC3++9945q+YRvKsssor8iSkIb9SbCO5Uxdc673/1d18qBUPtcdnzie5+k44q27qie6ddNgQD0WPGx3C69BxqB3Mf3769ddbXDRAQD05BmhaGcjTbXbP9r/p+8ftw/5I05fjMGSSEHqUp3Um06ASRVuTAEhsCa++9GlDFwL2Ao775Maq394LATmVmZkpiKwj4BXvd3aiaaPn1gYD88ZNQn9nfdn+ii3wkLaAm89TwEkBWEQDnaG9/iisrBLpcddddTufo33mmmr7h7t0oAzEzMv5riUujpSPGJycnUawttGIe1gGK19sH1BQGaQ9/sf6pBGH1AI1qKrsCa1qIWXadcHhK4iR4xv5riOvCkjTbnuvTDENtFIKQZNlPLZrBUqh3o6+ddtYD0APDx5Am+iEcNXb6ZGSk9BwEj4pCi/GFFjOHAEdAkhAk3PxPhghcdisrBDqNIo33+/ogzmMg2fQNjOACCYSam55s//eK3/eJg/e7+2sZzYStjLXWvLzpaWkRVhT9q86cnuvTSEHIk48sYlxcnJ9iE5XdQtjZsCTYK0jxRtHSODQBaGg38+oA5phKNmul5RuKI1qAGp25p+qh3el5sCylNRrBUBad6ddcdDTtdtZQN1/+8cpKYIeH39/s3AkpJIzWXse7+2sZzYStjLXWvLzpaWkRVhT9K7EbHFDFrrvuulLaW7Bmf/i6+hed6zXkzXc6751mdaevkVzyF5qTVcTkfoUQuj8iJeEbkbjMPkLfzWvLlZaWFFDF3aiaUXLLUOlZEPVCCsGD5BExqaM2K19sKI1qYOMG1EZaGvkqhwDFvLlAwE0+sYvjfOPsMfJXSF+//CYf2oZOKYyl5Mr//TIIIqKb6Xvd4h+RLEtRNDOIQpZjPNVxdJbLuxRDaQg37hoAz8hKYjqj5ZvEed6hzcbnNXbnuzRDOYwg6gJe+/si37c16/Ke13SUPBuhc6err+ppNSK13er3g7/jjthcdny9sK15rKarr+spwEf3rag7PjbXNXFzcb6Cw3iiaKAVzcvLrBrqq77+9n9shKVSFnbXDSH//CQQuDfKKe16qJkfYOXW4YnBwb7v4hXkfoSVWVYoBwb6vbhYNnudM2sax08+zMdnBw4+3gUEHIkpwPyh3YwE29goHSNNVQH1qKk83Uh/oAzl3g7rtbVPNWSVMTkfeY29inFxESJ99845IsKrB+pNdXe3sgzlMo29iDHSODOFH1CUk8r99845GUUwkb3r3g6PttVNxHuxoTlfio29cXERIo33mwxNdhd9q87usmOg2eDyFpKSkL8//ivmmm67qrgJID3QZNtPsWXduzRLONTFICHCs/wQI7/61oTkfHtxtgf6BwdXv4fOdXe33wzU23of2SSoJ/hQU/mt5Mqsku0ubYhqdaeiaKZNIAI7/9uww/31e39qfzGWsssq98RUU3wiaKAQD0ZNfeXlWvpaf7Bm+/e6iCsBBFEyMzLBQj+KycLrBUNNFne6mwiiAQL2iiwvvm/72p9+9XZsQD8CQj0A5rozNyvlMRy6rabvxEtrUu4nTfeAmDJjMZzF9CG0EPVODSK7+/h/8cJisByYKkbLTTuhod6feZDHD0AQNYXlfvLaW7Bmf/i6+em3vkLgFxgYJ7uj4rGx5XBCCaezmWa6+idnzucI9q4751GIr++pN6Pd3igUUaxRDSMJ1hGxMUM2qy9sa/srBLpcOtpU09YFSv5pBQx5+rvww545p6n+ie6zcxMIissBBDPd6e13mzTXTGAzyWnJQt4BUwg2QZOaCiBMwm766WIKKia+97+idzRLOxTNG/eYK/4loqd0m3/+83/7298rsCQObnTumf7BW598pau4rTubXQp3S8PFWHiF09ZGvDDNIsKrB+qj240oA1544LHgJ7nbXh4VNq3gIAI775jQbXer+8prr+lrr+559gya8/CmI6kL8pLoo3mmz9+fd6heed7h7Bj8qreH+iKeZmVliCsBhEZaGem77eiy5rJdTb1T4/R4xyGIr79d1nb//iTCPkLflZeXddlfeXvbdXlfOYOm5879+/riJ7rhbnTubdXvfeVFjZ6qB/si379h3GbNdtbtUb8iKem48pps/9eKigoK14pc6hedddheBmf7G506gK79+blZQB/9lMZaa3ihBr99G0/Ckb0oZmZmtlNLTOuDIr+9p05IissBBDPd6e0/r/MfqKI1M2sadIBa1d9sa5TE4o13mzTXYIh2CCspp977ac6rwEf3MzMzOxRjZQPtdg575kjNIsKrB+pjkG333UC+/Cz5p+sh3og3rUt4Cm9/5pdIkpKSUE0qdaec0dI4CV6xvkpikhAkNT1goEf2oQu16gGis//75phKC/mjj+Ky5F+99SWQD0ASEHIyMFJNaGg37g+/s926qDOH1KiiaZAgdudAEhCkBB4HNq3gIAI775jQbXer+9qrr23Key23og3nh3siQ3/4j1h3ow344VZcXFzgen2eI68rUE1goJ1gnzel3wiaIQHZjlNVIQHnwpowpFFcdisrBIqHICG666///Bp/e6vbnTcdXvjfSWSQuj5IIIJAw4/sr++9GH1AuLJSVaYb0XTdddek8KRNdid73/3hiiihl8wVrBnMM3og2bICx56r3genhae16gUE0qoJ1dnzWh99LJSuqKI1JIaMaQym+ii7L7SLq3p3NSK13wiaIAI775jQbXer++Yv4goJ1gJeI4+Bwen2gwL1AKaiaKBLVvHycod6hdlfoZ6pBs39/oSLeYh7T4Pdrh+qpjOH1KiiaZBalpeXrhnMM77kwJ/ZzwIerUu49+7qoJ1gNSDIslpZjlNVNXFac//4km9rf2oA7Azmu4nTqvrc6e333giH1SELJPtvuj4qddddTu8sO6Pd3aiaUT5G1Jt0Tb/UpnpVvWWzmMbyVcpiKjLjp+oZxMTE9io2xcVF3Uo9+iKQuj/K1AF89957+WrcdisrBLq/nAnfJFWl+sWyNQAamujMTJyiol8cXLUEeSzmEBGl5pfNMf6pBGVl0g7rKyWFti//FxcXKa311r9+97hiiibd7uDOHqWoo721phKX8iYlac6rJPl2qh3n0gYFNjpB4Yns/BDa1qKIzmMgvfsw+WrcdisrBLrx/Cm8L8rB4MATExMBawl5phKX8iYlac6rJPl2qh3n0gYFNjpBjBvgg95nhKWyrKy5G09CYOMoh3MgnJacX6+8tx8nTEz5//778H/Vm88/qhjLCzyxMBG+++/UanJdLEwz5hM+9ASUhSZRERam5f1eoz7Bl8hoCa36uDfK9hmM09oJui8mdhd9q87uU5b3o15mp3ArKg706qZiKYvjM8+rgeL22Z2oA6+5hGxiY2/69BxKYymLf2qCJ1fo6U9YDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZOREREtVvVvZORMTEtVwVFRORMPDtVwVFRORMPLvVwNERERLPVvVwNETExLPVlRuNETDxVPVlRuNETDzVvVjRERETNvVvVjRExMTNvZuVDRExWPNvZuVDRExWvVvZ/ugtbCSYb5N2eDNNNNOWEH5RexWttt==

先用rot13解密

1
2
3
$ tr 'a-zA-Z' 'n-za-mN-ZA-M' < crackme > rot13crackme
$ cat rot13crackme
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAWgAAADwCAIAAACixWkYAAAQgUlEQVR4Ae3Bf0zV97kH8PdTDBxqdXVL/bXBaiXp3BL7XSLdbUdWDETR/rHPRLoR3FgG6k6ikYAGjhNXt3SFAgJi67FLtdWOYrOZfVpLmA50nKiR7o99twSk1iBZuurSahGV4sDnJicxWUPvsucu1+2a9+slICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJKC73bZt22Kx2GuvvVZeXq6q3nvnHOyefvrpWCy2adOmeDwOQFW99845/MdQVe+9cw7/VrNnz25oaFi2bNlnP/vZ4eHhX/ziFz/96U9v3bqlqvg7YRgGQQBAVcMwDIIASaoahmEQBPjnqGoYhkuXLr1y5QruFAHd7UZGRt5///2ioqI//elPquq9d87B7vr162+88cbmzZvfe+89AKrqvXfO4T/G008/ffbs2Y6ODvxbHTlyZMWKFc8///zw8HBBQUF+fv6mTZt27dqlqpcuXYrH40i6ePFiPB4HoKphGAZBgCRVDcMwCAL8c7797W93dHR873vfO3jwIO4UAd3VvvCFL/z5z3/+zW9+U1JS8uGHH6qq9379+vUvvvjiE088ISInT54sKyt7//33U1JSGhsby8rKRkdHt23btm/fPu+9cw63qWo0Go3H40hSVe+9c2737t3RaHTVqlVdXV0tLS1FRUXXrl2rra09ePAggLS0tJaWlqKiomvXrtXW1h48eBBJqtrb2zt9+vSMjIy6urrm5mZ8mpSUlMbGxrKystHR0W3btu3bt897X1hYuHnz5vLy8rlz5/b392/durW7uxuAqnrvnXOqevz48Y8//jg3N/ftt99+6qmnPvjgg8bGxrKystHR0W3btu3bt89775zDFCkpKZs3by4vL587d25/f//WrVu7u7sBqOrx48c//vjj3Nzct99++6mnnrp06RI+zbVr186cOZOXlwcgLS1t7dq1Z8+e/e1vf6uqYRgGQYBPUtUwDIMgQJKqhmEYBEFaWlpLS0tRUdG1a9dqa2sPHjyIJFXt7OwcHR1NTU1dtWoVAFWNRqPxeBx3ioDuaqqKJO+9c05VvfdXr179zne+U1tb+7nPfW7Lli27d+/euHFjRUVFc3Pz0aNHE4lENBqdP3++9945d+LEiXfffbe8vFxVo9FoPB5Hkqp673/1q18dOHCgpqamvr5+x44d27dvr6qqAtDQ0JCTk3P69OkdO3Zs3769qqoKQENDQ05OzunTpwGoKoC9e/c+8sgj/5V05swZTFFRUdHc3Hz06NFEIhGNRufPn++9TyQSjY2Nb775Znd394YNGzIzMxcvXjw4OKiq3nvnnCa1tLQ88MADa9asqa+vv3jxYnNz89GjRxOJRDQanT9/vvfeOYcpqqqqGhsb33zzze7u7g0bNmRmZi5evHhwcFCTWlpaHnjggTVr1tTX19fU1ODTnD9/fs6cOTU1NV1dXefPn1dVJKnqpUuX4vE4ki5evBiPxwGoahiGQRAgSVXDMAyCYMeOHdu3b6+qqgLQ0NCQk5Nz+vRpAKo6MTFx9OjRw4cPv/TSSwBUNRqNxuNx3CkCutupqvfeOQdAVb33+/btmzZt2sDAwBNPPLFnz55f//rX3/rWt/r7+2fMmLFgwYKJiYmcnJxEIuG9d86pahiGFRUVx48fLykpaW9vR5KqDgwMfPGLX0wkEgUFBQDOnTt38+bN5cuXAzhy5EhXV1dNTc25c+du3ry5fPlyAEeOHOnq6qqpqQGgqgMDA1/+8pcXLVrU39/f3NxcWVmJKfr7+2fMmLFgwYKJiYmcnJxEIuG9X7RoUSQSeeihhyYnJ7Ozs/v6+urq6mKxmKp6751zqnrixImlS5dGIpGxsbHDhw8vWrRoxowZCxYsmJiYyMnJSSQS3nvnHKYYHByMRCIPPfTQ5ORkdnZ2X19fXV1dLBZT1RMnTixdujQSiYyNjR0+fLiwsBCfZsWKFS+//PLs2bMBXLly5Ze//GVVVdXo6Kiq4u+EYRgEAQBVDcMwCAIkqWoYhkEQnDt37ubNm8uXLwdw5MiRrq6umpoaAKoahmEQBLjt6tWr+/fv37p16/Xr13FHCOhup6ree+ccAFX13re3t7/wwgupqal9fX15eXnee+fcjRs3ent7CwoKAKSmpo6Pj3vvnXNImpiYeOedd77+9a9fuXIFSaoKQFU//PDDhQsXXr16dWxsLBKJ4LaOjo7i4uKxsbFIJILbOjo6iouLAahqZ2fnk08+mZqaOj4+3tHRUVxcjClu3LjR29tbUFAAIDU1dXx83Hu/bNmy3t7egoICAJFIZGxsrL29vaSkRFW99845VfXeO+cAqKr3ftmyZb29vQUFBQBSU1PHx8e99845THHjxo3e3t6CggIAkUhkbGysvb29pKREVb33zjkAquq9d87hfzBt2rQlScXFxY8//vizzz67detWVQ3DMAgCfJKqhmEYBAGSVPUPf/jDV7/61bGxsUgkgts6OjqKi4sBqKr33jmH23bs2FFbW/uDH/zg5Zdfxh0hoLudqnrvnXMAVNV7/9hjj/31r39dsmTJfffd98EHH3jvnXNDQ0MAsrKyJicns7Oz+/r6vPfOOSRlZmYODw+XlpYeOHAASar6zjvvNDY2vvjiiz/72c9+9KMfDQ8PDw0N5ebmAliyZEl6enoikRgeHh4aGsrNzQWwZMmS9PT0RCIBQFX7+/u/8pWvfOlLXxoYGGhubq6srMQUQ0NDALKysiYnJ7Ozs/v6+rz3ixYtSktLW7hw4eTk5KOPPnrmzJn6+vqamhpV9d4751TVe++cA6Cq3vtHHnkEQFZW1uTkZHZ2dl9fn/feOYcpBgcH09LSFi5cODk5+eijj545c6a+vr6mpkZVvffOOQCq6r13zmGKGTNmlJaWDg4OHjt2DMBnPvOZjz766JVXXvn+97+vqmEYBkGAT/rLX/4ybdq0z3/+83/7298efPDBoaGhzs7OJ598cnh4eGhoKDc3F8CSJUvS09MTiQQAVfXeO+dw240bN1544YUtW7aoKu4IAd3tVNV775wDoKre+8cee+yee+559tln8/PzV6xY8cYbb3zzm9+sq6urrq7u7Ow8derU+vXrMzIyvPfOuRMnTrz77rvl5eWqGo1G4/E4klTVe79q1ao//vGPCxYsyMrKqqysrKioqKysBLBz5879+/evW7euoaGhoqKisrISwM6dO/fv379u3ToAqgogHo8vXrz48ccf/9rXvtbX14cp6urqqqurOzs7T506tX79+oyMDO/9yZMnn3vuOe99T0/Pxo0bMzMzgyAYGBhQVe+9c05VvffOOQCq6r0/e/ZsdXV1Z2fnqVOn1q9fn5GR4b13zmGKLVu2PPfcc977np6ejRs3ZmZmBkEwMDCgqt575xwAVfXeO+cwxT333HP+/Pm5c+fu3bt3eHg4Pz9/5cqVxcXFHR0dqnrp0qV4PI6kixcvxuNxAG1tbRs2bDh16tTvf//75cuXP/zww+Xl5S+99FJDQ0NFRUVlZSWAnTt37t+/f926dQBU1XvvnMNtqhqNRuPxOO4UAd3tVNV775wDoKre+9dee23Xrl23bt3au3fvD3/4w1u3bj344IMpKSmtra2rV68eHR1tbW1tamry3jvnVDUMwyAIVDUajcbjcSSpqvfeOVdUVPT666///Oc/r6ioaGpqKiwsFJFDhw5VVVWNj4/fe++9TU1NhYWFInLo0KGqqqrx8XEAqvq73/3uvvvuy8jIeOaZZ3bt2oVPk56e3traunr16tHR0dbW1qamJu99YWFhdXV1WVnZnDlz+vv7Y7FYd3c3AFX13jvnVNV775wDoKre++Li4tbW1tWrV4+Ojra2tjY1NXnvnXOYIiUlpbq6uqysbM6cOf39/bFYrLu7G4Cqeu+dcwBU1XvvnMOnycrKeuaZZ77xjW/MmjVreHh49+7dbW1tAFQVfycMwyAIAKSnp//4xz9es2bN7Nmzh4aGdiep6r333tvU1FRYWCgihw4dqqqqGh8fB6Cq3nvnHG5T1Wg0Go/HcacIiJJmzZolIpcvXwYwc+bMkZGR9vb2kpIS3Hb9+vXDhw/X1NS89957+JepqvfeOYd/aNasWSJy+fJlADNnzhwZGWlvby8pKYHRrFmzROTy5csAZs6cOTIy0t7eXlJSgv//SkpKXn311e9+97uvvvoq7hQBUdJbb721cuXK8vLynp6eWCy2du3a0tLSAwcO4Laf/OQn1dXVmzZtisfj+JepqvfeOYek/Pz8Y8eO4ZNGRkZOnjy5cuXK8vLynp6eWCy2du3a0tLSAwcOwOitt95auXJleXl5T09PLBZbu3ZtaWnpK6+8gk8aGRm5//778U/Iz88/duwYPmlkZOT+++/HnaWqYRjm5uZ+9NFHuFMEREnz5s1rbm7Oy8ubPn36hQsX9uzZ09bWhv8zquq9d87hH5o3b15zc3NeXt706dMvXLiwZ8+etrY22M2bN6+5uTkvL2/69OkXLlzYs2dPW1sb6H9LQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiMBERERgIiIiMBEZGRgIjISEBEZCQgIjISEBEZCYiIjAREREYCIiIjARGRkYCIyEhARGQkICIyEhARGQmIiIwERERGAiIiIwERkZGAiMhIQERkJCAiMhIQERkJiIiM/htgoPFLo5A2rQAAAABJRU5ErkJggg==

可以发现这是图片的base64编码,转成图片即可看到FLAG

flag:{keep_going_on_SEUer}


盲人摸象

题目为一个二维码qrcode.png

本题Flag为非标准形式
更正:Flag中字母全为小写字母

答:解码得到一张图片,
下载图片,图片内容为百度云的标志,下方有一些奇怪的点,根据图片联想到百度云盘的URL:http://yun.baidu.com/s/1hqjERNe
,进入要求输入密码,联想题目盲人摸象可猜测图片下面的点为盲文,对比盲文表解密即可得到为密码。
进入云盘,得到一个mp3文件 mp-5551f98cf039e.mp3 查看波形为一段莫斯电码,解得FLAG

flag is l0ve5u5

Forensics


纯色

Attach:20150511215741.zip

猜猜里面有什么?

答:解压得到stego100.png
使用Stegsolve.jar可以看到FLAG

flag{e4sy_steg0_1n_red_p4ne1}


Fate!!!

Attach:20150511215941.zip

这是一张图片吗?不!这不止是一张图片!里面隐藏了一句电影的经典台词,告诉我,它是什么(要英文原版哦~)
本题Flag格式为: flag{英文台词内容}

答:解压得到stego200.jpg,该图片中隐藏一个zip压缩包
在linux下直接使用unzip可以得到6f0026e55b6f34cea97207a01c30c43e.jpeg
图片为黑客帝国一张剧照,使用百度识图找到图中被抹去的台词

flag{DO YOU BELIEVE IN FATE, NEO?}

Reverse


十万火急

Attach:20150511215132.zip

小黑拿到了一个神秘的文件,这其中究竟隐藏着什么呢???

答:解压得到reverse100

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
$ file reverse100
reverse100: python 2.7 byte-compiled
$ uncompyle2 reverse100 > reverse100_test.py
$ cat reverse100_test.py
# reverse100_test.py
if __name__ == '__main__':
baseString = '1dnckajf'
baseLen = len(baseString)
flag = [87,
8,
15,
4,
16,
4,
94,
21,
72,
59,
60,
6,
29,
4,
24,
21,
84,
59,
95,
13,
52,
17,
19,
5,
76]
pwd = raw_input('Password:')
wrongFlag = False
for i in range(len(pwd)):
if flag[i] != ord(pwd[i]) ^ ord(baseString[i % baseLen]):
wrongFlag = True
break

if wrongFlag:
print 'Wrong!'
else:
print 'Good, password is the flag.'

根据reverse100_test.py算法反推出reverse100_crack.py

1
2
3
4
5
6
7
8
9
# reverse100_crack.py
if __name__ == '__main__':
baseString = '1dnckajf'
baseLen = len(baseString)
flag = [87, 8, 15, 4, 16, 4, 94, 21, 72, 59, 60, 6, 29, 4, 24, 21, 84, 59, 95, 13, 52, 17, 19, 5, 76]
ans = ""
for i in range(len(flag)):
ans += chr(flag[i] ^ ord(baseString[i % baseLen]))
print ans

flag{e4sy_Reverse_1n_pyc}

Web


Flag你在哪里?

Flag被藏到哪里了呢?快点帮小黑找找吧
124a6e61a24d9c5baf027b35510106a9.susteam.org

答:打开目标URL,依次查看源码,脚本,网络,响应,发现FLAG藏在响应头中

Connection    keep-alive
Content-Encoding    gzip
Content-Type    text/html
Date    Thu, 21 May 2015 15:15:51 GMT
FLAG    flag{V1m_15_4n_4dv4nc3d_73x7_3d17or}
Server    nginx/1.4.6 (Ubuntu)
Transfer-Encoding    chunked
X-Powered-By    PHP/5.5.9-1ubuntu4.6

flag{V1m_15_4n_4dv4nc3d_73x7_3d17or}


源码中的乾坤

小黑发现了一个神奇页面,以他多年的经验来看,其中必有乾坤。
7a252ca47a8e691880dee2fd99092e53.susteam.org
Tip: 本题Flag为非标准形式

答:源码如下:

1
2
3
4
5
6
7
<html>
<head></head>
<body>
flag is here
<!--f6Yo34gH-->
</body>
</html>

flag: here
果然脑洞!

END

总共做了一半左右,感觉比前几次CTF好多了,不仅仅能签到了:)
Web方面只能简单的;
涉及到图片的题只要没有需要写程序解密的问题就不大;
加密方面,古典加密和基本的现代编码方式了解的差不多,当然原理不熟,AES,DES等也不熟;
逆向基本做不来;
总之还是菜,就这样吧。