misc签到
直接strings
flag为
ctfshow{a62b0b55682d81f7f652b26147c49040}、
损坏的压缩包
file一下发现并不是损坏的压缩包
于是修改文件后缀名为.png
谜之栅栏
10比较文件找到
cfhwfaab2cb4af5a5820}
tso{06071f997b5bdd1a
你会数数吗
strings出来发现是一堆字符串,根据提示发现是频率统计
# -*- coding:utf-8 -*-
import re
from collections import Counter
#定义一个函数,用于统计字母的个数
def analyze_letter_count(text):
# 从文本中提取出所有字母
letters = re.findall(r'\S', text)
# 统计所有字母的个数
counter = Counter(letters)
return counter
# 将文本存入变量
# 调用函数分析字母个数
def re_letter(s):
regex = r'\'(.*?)\''
new_string = re.findall(regex,s)
return new_string
text=input("输入文本:")
letter_count = analyze_letter_count(text)
strings=str(letter_count)
#print(letter_count)
print(''.join(re_letter(strings)))
ctfshow{a1b2d3e4g56i7j8k9l0}
你会异或吗
读取文件16进制并且异或0x50
path = 'misc5.png'
# 新文件路径
new_path = 'new.png'
# 异或运算
def xor(file_path):
# 以二进制读取图片
with open(file_path, 'rb') as f:
data = f.read()
# 十六进制异或
data = bytes([c ^ 0x50 for c in data])
# 写入新的图片
with open(new_path, 'wb') as f:
f.write(data)
# 调用
xor(path)
生成图片为
flag一分为二
waterMark盲水印工具提取
ctfshow{FirstP@RT
修改图片长宽高
左边表示宽,右边表示高
修改高度
SecondP@rTMikumiku~}
合起来
ctfshow{FirstP@RTSecondP@rTMikumiku~}
我是谁?
这里直接附上官方WP脚本
import requests
from lxml import html
import cv2
import numpy as np
import json
url="http://xxxxxxxxxxxxxxxxxxxx.challenge.ctf.show"
sess=requests.session()
all_girl=sess.get(url+'/static/all_girl.png').content
with open('all_girl.png','wb')as f:
f.write(all_girl)
big_pic=cv2.imdecode(np.fromfile('all_girl.png', dtype=np.uint8), cv2.IMREAD_UNCHANGED)
big_pic=big_pic[50:,50:,:]
image_alpha = big_pic[:, :, 3]
mask_img=np.zeros((big_pic.shape[0],big_pic.shape[1]), np.uint8)
mask_img[np.where(image_alpha == 0)] = 255
cv2.imwrite('big.png',mask_img)
def answer_one(sess):
#获取视频文件
response=sess.get(url+'/check')
if 'ctfshow{' in response.text:
print(response.text)
exit(0)
tree=html.fromstring(response.text)
element=tree.xpath('//source[@id="vsource"]')
video_path=element[0].get('src')
video_bin=sess.get(url+video_path).content
with open('Question.mp4','wb')as f:
f.write(video_bin)
#获取有效帧
video = cv2.VideoCapture('Question.mp4')
frame=0
while frame<=55:
res, image = video.read()
frame+=1
#cv2.imwrite('temp.png',image)
video.release()
#获取剪影
image=image[100:400,250:500]
gray_image=cv2.cvtColor(image,cv2.COLOR_BGR2GRAY)
#cv2.imwrite('gray_image.png',gray_image)
temp = np.zeros((300, 250), np.uint8)
temp[np.where(gray_image>=128)]=255
#去白边
temp = temp[[not np.all(temp[i] == 255) for i in range(temp.shape[0])], :]
temp = temp[:, [not np.all(temp[:, i] == 255) for i in range(temp.shape[1])]]
#缩放至合适大小,肉眼大致判断是1.2倍,不一定准
temp = cv2.resize(temp,None,fx=1.2,fy=1.2)
#查找位置
res =cv2.matchTemplate( mask_img,temp,cv2.TM_CCOEFF_NORMED)
min_val, max_val, min_loc, max_loc = cv2.minMaxLoc(res)
x,y=int(max_loc[0]/192),int(max_loc[1]/288)#为什么是192和288,因为大图去掉标题栏就是1920*2880
guess='ABCDEFGHIJ'[y]+'0123456789'[x]
print(f'guess:{guess}')
#传答案
response=sess.get(url+'/submit?guess='+guess)
r=json.loads(response.text)
if r['result']:
print('guess right!')
return True
else:
print('guess wrong!')
return False
i=1
while i<=31:
print(f'Round:{i}')
if answer_one(sess):
i+=1
else:
i=1
You and me
两个图片一样猜测盲水印
用python2的没显出来了,用python3
ctfshow{CDEASEFFR8846}