1 签到题
2welcome
下载文件,发现是一个BMP图片文件。
于是使用Stegsolve工具分离,发现,得到flag
3 streamgame1
上脚本1
#! /usr/bin/env python3
# coding:utf8
def lfsr(R,mask):
output = (R << 1) & 0xffffff
i=(R&mask)&0xffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
output^=lastbit
return (output,lastbit)
mask = 0b1010011000100011100
f=open("./key","rb")
c=f.read()
f.close()
count = -1
while count <= 0b1111111111111111111:
count += 1
print(count)
R = count
for i in range(12):
tmp=0
for j in range(8):
(R,out)=lfsr(R,mask)
tmp=(tmp << 1)^out
if tmp != c[i]:
break
if i == 11:
print('succeed')
print('flag{%s}' % bin(count)[2:])
exit(0)
4 streamgame2
上脚本2
#! /usr/bin/env python3
# coding:utf8
def lfsr(R,mask):
output = (R << 1) & 0xffffff
i=(R&mask)&0xffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
output^=lastbit
return (output,lastbit)
mask = 0x100002
f=open("./key","rb")
c=f.read()
f.close()
count = -1
while count <= 0b111111111111111111111:
count += 1
if count % 10000 == 0:
print(count)
R = count
for i in range(12):
tmp=0
for j in range(8):
(R,out)=lfsr(R,mask)
tmp=(tmp << 1)^out
if tmp != c[i]:
break
if i == 11:
print('succeed')
print('flag{%s}' % bin(count)[2:])
exit(0)
5 streamgame4
上脚本3
#! /usr/bin/env python3
# coding:utf8
def lfsr(R,mask):
output = (R << 1) & 0xffffff
i=(R&mask)&0xffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
output^=lastbit
return (output,lastbit)
mask = 0b1010011000100011100
f=open("./key","rb")
c=f.read()
f.close()
count = -1
while count <= 0b1111111111111111111:
count += 1
#print(count)
R = count
for i in range(12):
tmp=0
for j in range(8):
(R,out)=lfsr(R,mask)
tmp=(tmp << 1)^out
if tmp != c[i]:
break
if i == 11:
print('succeed')
print('flag{%s}' % bin(count)[2:])
exit(0)
6 web签到题
因为每次在网页里,都有网页代码的提示,三次都是绕过。
第一次绕过是利用php,==的弱等于
240610708 和 QNKCDZO
第二次:传递数组,越过
第三次:利用碰撞试验,
d131dd02c5e6eec4693d9a0698aff95c2fcab58712467eab4004583eb8fb7f89
55ad340609f4b30283e488832571415a085125e8f7cdc99fd91dbdf280373c5b
d8823e3156348f5bae6dacd436c919c6dd53e2b487da03fd02396306d248cda0
e99f33420f577ee8ce54b67080a80d1ec69821bcb6a8839396f9652b6ff72a70
AND
d131dd02c5e6eec4693d9a0698aff95c2fcab50712467eab4004583eb8fb7f89