考点
1.图片高度隐写
2.silenteye
3.空格与tab隐写
4.需要编程找到隐写内容并进行解码
复现过程
解压压缩包有三个压缩包文件。
进行解压第一个文件,发现有一张图片,使用tweakpng打开文件发现CRC报错说明高度存在问题,直接修改高度得到日记2
的密码💥,看样子是一个套题。
使用密码解压日记2,得到一个文本和一个wav文件,这里的文本其实是一个brainfuck的编程语言的隐写,在前面加上++++++即可输出内容。(brainfuck加密后应该是++++++++[开头的,与密文不符,需要在开头加上++++++++)
f0VMRgIBAQAAAAAAAAAAAAIAPgABAAAAcARAAAAAAABAAAAAAAAAAJgaAAAAAAAAAAAAAEAAOAAJAEAAHwAcAAYAAAAFAAAAQAAAAAAAAABAAEAAAAAAAEAAQAAAAAAA+AEAAAAAAAD4AQAAAAAAAAgAAAAAAAAAAwAAAAQAAAA4AgAAAAAAADgCQAAAAAAAOAJAAAAAAAAcAAAAAAAAABwAAAAAAAAAAQAAAAAAAAABAAAABQAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAPwHAAAAAAAA/AcAAAAAAAAAACAAAAAAAAEAAAAGAAAAEA4AAAAAAAAQDmAAAAAAABAOYAAAAAAAnQIAAAAAAACgAgAAAAAAAAAAIAAAAAAAAgAAAAYAAAAoDgAAAAAAACgOYAAAAAAAKA5gAAAAAADQAQAAAAAAANABAAAAAAAACAAAAAAAAAAEAAAABAAAAFQCAAAAAAAAVAJAAAAAAABUAkAAAAAAAEQAAAAAAAAARAAAAAAAAAAEAAAAAAAAAFDldGQEAAAA1AYAAAAAAADUBkAAAAAAANQGQAAAAAAANAAAAAAAAAA0AAAAAAAAAAQAAAAAAAAAUeV0ZAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAABS5XRkBAAAABAOAAAAAAAAEA5gAAAAAAAQDmAAAAAAAPABAAAAAAAA8AEAAAAAAAABAAAAAAAAAC9saWI2NC9sZC1saW51eC14ODYtNjQuc28uMgAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAAGAAAAIAAAAAQAAAAUAAAAAwAAAEdOVQBKGyxVsNKciPJwGAmlVuV44jwRVgEAAAABAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAABIAAAAAAAAAAAAAAAAAAAAAAAAAFgAAABIAAAAAAAAAAAAAAAAAAAAAAAAAKAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABIAAAAAAAAAAAAAAAAAAAAAAAAAAGxpYmMuc28uNgBwdXRzAHNsZWVwAF9fbGliY19zdGFydF9tYWluAF9fZ21vbl9zdGFydF9fAEdMSUJDXzIuMi41AAAAAAIAAgAAAAIAAAABAAEAAQAAABAAAAAAAAAAdRppCQAAAgA3AAAAAAAAAPgPYAAAAAAABgAAAAMAAAAAAAAAAAAAABgQYAAAAAAABwAAAAEAAAAAAAAAAAAAACAQYAAAAAAABwAAAAIAAAAAAAAAAAAAACgQYAAAAAAABwAAAAQAAAAAAAAAAAAAAEiD7AhIiwXtCyAASIXAdAXoSwAAAEiDxAjDAAAAAAAA/zXiCyAA/yXkCyAADx9AAP8l4gsgAGgAAAAA6eD/JdoLIABoAQAAAOnQ/yXSCyAAaAIAAADpwP8lkgsgAGaQAAAAAAAAAAAx7UmJ0V5IieJIg+TwUFRJx8BQBkAASMfB4AVAAEjHx2YFQADop/RmDx9EAAC4txBgAFVILbAQYABIg/gOSInldhu4AAAAAEiFwHQRXb+wEGAA/+BmDx+EAAAAAABdww8fQABmLg8fhAAAAAAAvrAQYABVSIHusBBgAEjB/gNIieVIifBIweg/SAHGSNH+dBW4AAAAAEiFwHQLXb+wEGAA/+APHwBdw2YPH0QAAIA9hgsgAAB1EVVIieXobv///13GBXMLIAAB88MPH0AAvyAOYABIgz8AdQXrkw8fALgAAAAASIXAdPFVSInl/9Bd6Xr///9VSInlSIPsEIl9/EiJdfC/aAZAAOix/v//vwEAAAC4AAAAAOjC/v//v3wGQADomP7//78BAAAAuAAAAADoqf7//7+KBkAA6H/+//+/AQAAALgAAAAA6JD+//+/qAZAAOhm/v//uAAAAADJw2YuDx+EAAAAAAAPH0QAAEFXQVZBif9BVUFUTI0lHgggAFVIjS0eCCAAU0mJ9kmJ1Uwp5UiD7AhIwf0D6O/9//9Ihe10IDHbDx+EAAAAAABMiepMifZEif9B/xTcSIPDAUg563XqSIPECFtdQVxBXUFeQV/DkGYuDx+EAAAAAADzwwAASIPsCEiDxAjDAAAAAQACAAAAAABoZWl+d2hhdCB5b3Ugd2FudD8/AHdhbnQgYSBmbGFnPyAAc29ycnl+dGhlcmUgaXMgbm8gZmxhZwAAAAAAAAAAYnV0IG1heWJlIHlvdXIgY2FuIGZpbmQgc29tZXRoaW5nIHVzZWZ1bCEAAAABGwM7MAAAAAUAAABM/f//fAAAAJz9//9MAAAAkv7//6QAAAAMxAAAAHz///8MAQAAFAAAAAAAAAABelIAAXgQARsMBwiQAQcQFAAAABwAAABI/f//KgAAAAAAAAAAAAAAFAAAAAAAAAABelIAAXgQARsMBwiQAQAAJAAAABwAAADI/P//QAAAAAAOEEYOGEoPC3cIgAA/GjsqMyQiAAAAABwAAABEAAAA5v3//2sAAAAAQQ4QhgJDDQYCZgwHCAAARAAAAGQAAABA/v//ZQAAAABCDhCPAkIOGI4DRQ4gjQRCDiiMBUgOMIYGSA44gwdNDkByDjhBDjBBDihCDiBCDhhCDhBCDggAFAAAAKwAAABo/v//AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAVAAAAAAAAgBUAAAAAAAAAAAAAAAAAAAQAAAAAAAAABAAAAAAAAAAwAAAAAAAAAAARAAAAAAAANAAAAAAAAAFQGQAAAAAAAGQAAAAAAAAAQDmAAAAAAABsAAAAAAAAACAAAAAAAAAAaAAAAAAAAABgOYAAAAAAAHAAAAAAAAAAIAAAAAAAAAPX+/28AAAAAmAJAAAAAAAAFAAAAAAAAADADQAAAAAAABgAAAAAAAAC4AkAAAAAAAAoAAAAAAAAAQwAAAAAAAAALAAAAAAAAABgAAAAAAAAAFQAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAABBgAAAAAAACAAAAAAAAAEgAAAAAAAAAFAAAAAAAAAAHAAAAAAAAABcAAAAAAAAAuANAAAAAAAAHAAAAAAAAAKADQAAAAAAACAAAAAAAAAAYAAAAAAAAAAkAAAAAAAAAGAAAAAAAAAD+//9vAAAAAIADQAAAAAAAbwAAAAABAAAAAAAAAPD//28AAAAAdANAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgOYAAAAAAAAAAAAAAAAAAAAAAAAAAAADYEQAAAAAAARgRAAAAAAABWBEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGlzIHRoZXJlIGFueXRoaW5nPwAA5LmfAOiuuADkvaAA6K+lAOS6hgDop6MA5LiAAOS4iwDogIEA5rapAOmAvADpmpAA5YaZAAAAAAAAR0NDOiAoVWJ1bnR1IDUuNC4wLTZ1YnVudHUxfjE2LjA0LjEwKSA1LjQuMCAyMDE2MDYwOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwABADgCQAAAAAAAAAAAAAAAAAAAAAAAAwACAFQCQAAAAAAAAAAAAAAAAAAAAAAAAwADAHQCQAAAAAAAAAAAAAAAAAAAAAAAAwAEAJgCQAAAAAAAAAAAAAAAAAAAAAAAAwAFALgCQAAAAAAAAAAAAAAAAAAAAAAAAwAGADADQAAAAAAAAAAAAAAAAAAAAAAAAwAHAHQDQAAAAAAAAAAAAAAAAAAAAAAAAwAIAIADQAAAAAAAAAAAAAAAAAAAAAAAAwAJAKADQAAAAAAAAAAAAAAAAAAAAAAAAwAKALgDQAAAAAAAAAAAAAAAAAAAAAAAAwALAAAEQAAAAAAAAAAAAAAAAAAAAAAAAwAMACAEQAAAAAAAAAAAAAAAAAAAAAAAAwANAGAEQAAAAAAAAAAAAAAAAAAAAAAAAwAOAHAEQAAAAAAAAAAAAAAAAAAAAAAAAwAPAFQGQAAAAAAAAAAAAAAAAAAAAAAAAwAQAGAGQAAAAAAAAAAAAAAAAAAAAAAAAwARANQGQAAAAAAAAAAAAAAAAAAAAAAAAwASAAgHQAAAAAAAAAAAAAAAAAAAAAAAAwATABAOYAAAAAAAAAAAAAAAAAAAAAAAAwAUABgOYAAAAAAAAAAAAAAAAAAAAAAAAwAVACAOYAAAAAAAAAAAAAAAAAAAAAAAAwAWACgOYAAAAAAAAAAAAAAAAAAAAAAAAwAXAPgPYAAAAAAAAAAAAAAAAAAAAAAAAwAYAAAQYAAAAAAAAAAAAAAAAAAAAAAAAwAZAEAQYAAAAAAAAAAAAAAAAAAAAAAAAwAaAK0QYAAAAAAAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAAAAAABAAAABADx/wAAAAAAAAAAAAAAAAAAAAAMAAAAAQAVACAOYAAAAAAAAAAAAAAAAAAZAAAAAgAOAKAEQAAAAAAAAAAAAAAAAAAbAAAAAgAOAOAEQAAAAAAAAAAAAAAAAAAuAAAAAgAOACAFQAAAAAAAAAAAAAAAAABEAAAAAQAaAK0QYAAAAAAAAQAAAAAAAABTAAAAAQAUABgOYAAAAAAAAAAAAAAAAAB6AAAAAgAOAEAFQAAAAAAAAAAAAAAAAACGAAAAAQATABAOYAAAAAAAAAAAAAAAAAClAAAABADx/wAAAAAAAAAAAAAAAAAAAACsAAAAAQAZAGAQYAAAAAAATQAAAAAAAAABAAAABADx/wAAAAAAAAAAAAAAAAAAAACyAAAAAQASAPgHQAAAAAAAAAAAAAAAAADAAAAAAQAVACAOYAAAAAAAAAAAAAAAAAAAAAAABADx/wAAAAAAAAAAAAAAAAAAAADMAAAAAAATABgOYAAAAAAAAAAAAAAAAADdAAAAAQAWACgOYAAAAAAAAAAAAAAAAADmAAAAAAATABAOYAAAAAAAAAAAAAAAAAD5AAAAAAARANQGQAAAAAAAAAAAAAAAAAAMAQAAAQAYAAAQYAAAAAAAAAAAAAAAAAAiAQAAEgAOAFAGQAAAAAAAAgAAAAAAAAAyAQAAIAAAAAAAAAAAAAAAAAAAAAAAAACIAQAAIAAZAEAQYAAAAAAAAAAAAAAAAABOAQAAEgAAAAAAAAAAAAAAAAAAAAAAAABgAQAAEAAZAK0QYAAAAAAAAAAAAAAAAAAsAQAAEgAPAFQGQAAAAAAAAAAAAAAAAABnAQAAEgAAAAAAAAAAAAAAAAAAAAAAAACGAQAAEAAZAEAQYAAAAAAAAAAAAAAAAACTAQAAIAAAAAAAAAAAAAAAAAAAAAAAAACiAQAAEQIZAEgQYAAAAAAAAAAAAAAAAACvAQAAEQAQAGAGQAAAAAAABAAAAAAAAAC+AQAAEgAOAOAFQAAAAAAAZQAAAAAAAADYAAAAEAAaALAQYAAAAAAAAAAAAAAAAACMAQAAEgAOAHAEQAAAAAAAKgAAAAAAAADOAQAAEAAaAK0QYAAAAAAAAAAAAAAAAADaAQAAEgAOAGYFQAAAAAAAawAAAAAAAADfAQAAIAAAAAAAAAAAAAAAAAAAAAAAAADzAQAAEQIZALAQYAAAAAAAAAAAAAAAAAD/AQAAIAAAAAAAAAAAAAAAAAAAAAAAAAAZAgAAEgAAAAAAAAAAAAAAAAAAAAAAAADIAQAAEgALAAAEQAAAAAAAAAAAAAAAAAAAY3J0c3R1ZmYuYwBfX0pDUl9MSVNUX18AZGVyZWdpc3Rlcl90bV9jbG9uZXMAX19kb19nbG9iYWxfZHRvcnNfYXV4AGNvbXBsZXRlZC43NTk0AF9fZG9fZ2xvYmFsX2R0b3JzX2F1eF9maW5pX2FycmF5X2VudHJ5AGZyYW1lX2R1bW15AF9fZnJhbWVfZHVtbXlfaW5pdF9hcnJheV9lbnRyeQB0ZXN0LmMAbWFnaWMAX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2luaXRfYXJyYXlfZW5kAF9EWU5BTUlDAF9faW5pdF9hcnJheV9zdGFydABfX0dOVV9FSF9GUkFNRV9IRFIAX0dMT0JBTF9PRkZTRVRfVEFCTEVfAF9fbGliY19jc3VfZmluaQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAcHV0c0BAR0xJQkNfMi4yLjUAX2VkYXRhAF9fbGliY19zdGFydF9tYWluQEBHTElCQ18yLjIuNQBfX2RhdGFfc3RhcnQAX19nbW9uX3N0YXJ0X18AX19kc29faGFuZGxlAF9JT19zdGRpbl91c2VkAF9fbGliY19jc3VfaW5pdABfX2Jzc19zdGFydABtYWluAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19UTUNfRU5EX18AX0lUTV9yZWdpc3RlclRNQ2xvbmVUYWJsZQBzbGVlcEBAR0xJQkNfMi4yLjUAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5ub3RlLmdudS5idWlsZC1pZAAuZ251Lmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsYS5keW4ALnJlbGEucGx0AC5pbml0AC5wbHQuZ290AC50ZXh0AC5maW5pAC5yb2RhdGEALmVoX2ZyYW1lX2hkcgAuZWhfZnJhbWUALmluaXRfYXJyYXkALmZpbmlfYXJyYXkALmpjcgAuZHluYW1pYwAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAAAAAAOAJAAAAAAAA4AgAAAAAAABwAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAIwAAAAcAAAACAAAAAAAAAFQCQAAAAAAAVAIAAAAAAAAgAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAADEAAAAHAAAAAgAAAAAAAAB0AkAAAAAAAHQCAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAABEAAAA9v//bwIAAAAAAAAAmAJAAAAAAACYAgAAAAAAABwAAAAAAAAABQAAAAAAAAAIAAAAAAAAAAAAAAAAAAAATgAAAAsAAAACAAAAAAAAALgCQAAAAAAAuAIAAAAAAAB4AAAAAAAAAAYAAAABAAAACAAAAAAAAAAYAAAAAAAAAFYAAAADAAAAAgAAAAAAAAAwA0AAAAAAADADAAAAAAAAQwAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAABeAAAAbwIAAAAAAAAAdANAAAAAAAB0AwAAAAAAAAoAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAawAAAP7//28CAAAAAAAAAIADQAAAAAAAgAMAAAAAAAAgAAAAAAAAAAYAAAABAAAACAAAAAAAAAAAAAAAAAAAAHoAAAAEAAAAAgAAAAAAAACgA0AAAAAAAKADAAAAAAAAGAAAAAAAAAAFAAAAAAAAAAgAAAAAAAAAGAAAAAAAAACEAAAABAAAAEIAAAAAAAAAuANAAAAAAAC4AwAAAAAAAEgAAAAAAAAABQAAABgAAAAIAAAAAAAAABgAAAAAAAAAjgAAAAEAAAAGAAAAAAAAAAAEQAAAAAAAAAQAAAAAAAAaAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAIkAAAABAAAABgAAAAAAAAAgBEAAAAAAACAEAAAAAAAAQAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAACUAAAAAQAAAAYAAAAAAAAAYARAAAAAAABgBAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAnQAAAAEAAAAGAAAAAAAAAHAEQAAAAAAAcAQAAAAAAADiAQAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAKMAAAABAAAABgAAAAAAAABUBkAAAAAAAFQGAAAAAAAACQAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACpAAAAAQAAAAIAAAAAAAAAYAZAAAAAAABgBgAAAAAAAHIAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAsQAAAAEAAAACAAAAAAAAANQGQAAAAAAA1AYAAAAAAAA0AAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAL8AAAABAAAAAgAAAAAAAAAIB0AAAAAAAAgHAAAAAAAA9AAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADJAAAADgAAAAMAAAAAAAAAEA5gAAAAAAAQDgAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAA1QAAAA8AAAADAAAAAAAAABgOYAAAAAAAGA4AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAOEAAAABAAAAAwAAAAAAAAAgDmAAAAAAACAOAAAAAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADmAAAABgAAAAMAAAAAAAAAKA5gAAAAAAAoDgAAAAAAANABAAAAAAAABgAAAAAAAAAIAAAAAAAAABAAAAAAAAAAmAAAAAEAAAADAAAAAAAAAPgPYAAAAAAA+A8AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAAO8AAAABAAAAAwAAAAAAAAAAEGAAAAAAAAAQAAAAAAAAMAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAACAAAAAAAAAD4AAAAAQAAAAMAAAAAAAAAQBBgAAAAAABAEAAAAAAAAG0AAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAA/gAAAAgAAAADAAAAAAAAAK0QYAAAAAAArRAAAAAAAAADAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAMBAAABAAAAMAAAAAAAAAAAAAAAAAAAAK0QAAAAAAAANQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAAAAAAAAAAACMGQAAAAAAAAwBAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAAAAAAAAAAAA6BAAAAAAAAB4BgAAAAAAAB4AAAAwAAAACAAAAAAAAAAYAAAAAAAAAAkAAAADAAAAAAAAAAAAAAAAAAAAAAAAAGAXAAAAAAAALAIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAA=
是base64编码,然后继续进行解码,看样子是一个可执行文件的,把数据解码后写入文件。
执行得到:
# ./flag
hei~what you want??
want a flag?
sorry~there is no flag
but maybe your can find something useful!
其实之后的内容就是反汇编过去,在里面找到一个关于WAV的音频的隐写提示。
链接:逃离东南亚
其实就是silenteye隐写,直接上工具得到第三个文件的密码。
This1sThe3rdZIPpwd
💗💗💗
继续往下走,解压第三个密压缩包密码,会得到很多源码,看文本的提示就是里面有一些隐写具体是什么,得靠大家去猜想,这里其实是tab和空格的数据隐写。
脚本讲解:
🅰️因为涉及的文件很多我们不可能去一个一个文件寻找隐写的信息,需要使用脚本来判断隐写信息所在的文件位置,再使用脚本提取出来。
🅱️既然这里是使用的tab和空格来进行隐写,为了避免提取错误我们使用 \t \t来进行隐藏数据的提取。
import os
import base64
import binascii
from numpy import binary_repr
def get_file_lists(dir_path):
_file_list = os.listdir(dir_path)
file_list = []
for file_str in _file_list:
new_dir_path = dir_path+'\\'+file_str
if(os.path.isdir(new_dir_path)):
file_list.extend(get_file_lists(new_dir_path))
else:
file_list.append(new_dir_path)
return file_list
def important_file(path):
FILE =[]
fiel_list = get_file_lists(path)
for file in fiel_list:
f =open(file,"r",encoding='utf-8')
try:
data = f.read()
if " \t \t" in data:
print(file)
FILE.append(file)
except:
pass
return FILE
def get_flag(f_list):
result = ''
for f in f_list:
for data in open(f, 'r').readlines():
data = data[:-1]
if '}' in data:
data = data.split('}')[-1]
if '\t' in data:
data1 = data[::].replace('\t', '')
data1 = data1.replace(' ', '')
if not data1:
print([data])
result += data
result = result.replace('\t', '1')
result = result.replace(' ', '0')
print(result)
data = hex(int(result,2))[2:]
data.encode('utf-8')
str_bin = binascii.unhexlify(data)
print(str_bin.decode('utf-8'))
if __name__ == "__main__":
path = "绝对路径\source_code"
FILE = important_file(path)
get_flag(FILE)
⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️