[羊城杯 2020]逃离东南亚

已于 2022-05-03 21:54:18 修改
阅读量1.2k 收藏 2
点赞数 1
分类专栏: MISC 文章标签: MISC 羊城杯
于 2022-05-03 21:45:20 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_49422880/article/details/124561838
版权
该博客详细介绍了CTF竞赛中关于‘逃离东南亚’的解题过程,涉及到图片高度隐写、silenteye、空格与tab隐写等技术。通过解压文件、解码图片、执行脚本等一系列步骤,揭示了隐写信息,并提供了相关工具的使用。最终,从源代码中利用脚本定位并提取出隐藏数据,解码得到最终信息。
摘要由CSDN通过智能技术生成

[羊城杯 2020]逃离东南亚

考点

1.图片高度隐写
2.silenteye
3.空格与tab隐写
4.需要编程找到隐写内容并进行解码

复现过程

解压压缩包有三个压缩包文件。
在这里插入图片描述
进行解压第一个文件,发现有一张图片,使用tweakpng打开文件发现CRC报错说明高度存在问题,直接修改高度得到日记2 的密码💥,看样子是一个套题。
使用密码解压日记2,得到一个文本和一个wav文件,这里的文本其实是一个brainfuck的编程语言的隐写,在前面加上++++++即可输出内容。(brainfuck加密后应该是++++++++[开头的,与密文不符,需要在开头加上++++++++)

f0VMRgIBAQAAAAAAAAAAAAIAPgABAAAAcARAAAAAAABAAAAAAAAAAJgaAAAAAAAAAAAAAEAAOAAJAEAAHwAcAAYAAAAFAAAAQAAAAAAAAABAAEAAAAAAAEAAQAAAAAAA+AEAAAAAAAD4AQAAAAAAAAgAAAAAAAAAAwAAAAQAAAA4AgAAAAAAADgCQAAAAAAAOAJAAAAAAAAcAAAAAAAAABwAAAAAAAAAAQAAAAAAAAABAAAABQAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAPwHAAAAAAAA/AcAAAAAAAAAACAAAAAAAAEAAAAGAAAAEA4AAAAAAAAQDmAAAAAAABAOYAAAAAAAnQIAAAAAAACgAgAAAAAAAAAAIAAAAAAAAgAAAAYAAAAoDgAAAAAAACgOYAAAAAAAKA5gAAAAAADQAQAAAAAAANABAAAAAAAACAAAAAAAAAAEAAAABAAAAFQCAAAAAAAAVAJAAAAAAABUAkAAAAAAAEQAAAAAAAAARAAAAAAAAAAEAAAAAAAAAFDldGQEAAAA1AYAAAAAAADUBkAAAAAAANQGQAAAAAAANAAAAAAAAAA0AAAAAAAAAAQAAAAAAAAAUeV0ZAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAABS5XRkBAAAABAOAAAAAAAAEA5gAAAAAAAQDmAAAAAAAPABAAAAAAAA8AEAAAAAAAABAAAAAAAAAC9saWI2NC9sZC1saW51eC14ODYtNjQuc28uMgAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAAGAAAAIAAAAAQAAAAUAAAAAwAAAEdOVQBKGyxVsNKciPJwGAmlVuV44jwRVgEAAAABAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAABIAAAAAAAAAAAAAAAAAAAAAAAAAFgAAABIAAAAAAAAAAAAAAAAAAAAAAAAAKAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABIAAAAAAAAAAAAAAAAAAAAAAAAAAGxpYmMuc28uNgBwdXRzAHNsZWVwAF9fbGliY19zdGFydF9tYWluAF9fZ21vbl9zdGFydF9fAEdMSUJDXzIuMi41AAAAAAIAAgAAAAIAAAABAAEAAQAAABAAAAAAAAAAdRppCQAAAgA3AAAAAAAAAPgPYAAAAAAABgAAAAMAAAAAAAAAAAAAABgQYAAAAAAABwAAAAEAAAAAAAAAAAAAACAQYAAAAAAABwAAAAIAAAAAAAAAAAAAACgQYAAAAAAABwAAAAQAAAAAAAAAAAAAAEiD7AhIiwXtCyAASIXAdAXoSwAAAEiDxAjDAAAAAAAA/zXiCyAA/yXkCyAADx9AAP8l4gsgAGgAAAAA6eD/JdoLIABoAQAAAOnQ/yXSCyAAaAIAAADpwP8lkgsgAGaQAAAAAAAAAAAx7UmJ0V5IieJIg+TwUFRJx8BQBkAASMfB4AVAAEjHx2YFQADop/RmDx9EAAC4txBgAFVILbAQYABIg/gOSInldhu4AAAAAEiFwHQRXb+wEGAA/+BmDx+EAAAAAABdww8fQABmLg8fhAAAAAAAvrAQYABVSIHusBBgAEjB/gNIieVIifBIweg/SAHGSNH+dBW4AAAAAEiFwHQLXb+wEGAA/+APHwBdw2YPH0QAAIA9hgsgAAB1EVVIieXobv///13GBXMLIAAB88MPH0AAvyAOYABIgz8AdQXrkw8fALgAAAAASIXAdPFVSInl/9Bd6Xr///9VSInlSIPsEIl9/EiJdfC/aAZAAOix/v//vwEAAAC4AAAAAOjC/v//v3wGQADomP7//78BAAAAuAAAAADoqf7//7+KBkAA6H/+//+/AQAAALgAAAAA6JD+//+/qAZAAOhm/v//uAAAAADJw2YuDx+EAAAAAAAPH0QAAEFXQVZBif9BVUFUTI0lHgggAFVIjS0eCCAAU0mJ9kmJ1Uwp5UiD7AhIwf0D6O/9//9Ihe10IDHbDx+EAAAAAABMiepMifZEif9B/xTcSIPDAUg563XqSIPECFtdQVxBXUFeQV/DkGYuDx+EAAAAAADzwwAASIPsCEiDxAjDAAAAAQACAAAAAABoZWl+d2hhdCB5b3Ugd2FudD8/AHdhbnQgYSBmbGFnPyAAc29ycnl+dGhlcmUgaXMgbm8gZmxhZwAAAAAAAAAAYnV0IG1heWJlIHlvdXIgY2FuIGZpbmQgc29tZXRoaW5nIHVzZWZ1bCEAAAABGwM7MAAAAAUAAABM/f//fAAAAJz9//9MAAAAkv7//6QAAAAMxAAAAHz///8MAQAAFAAAAAAAAAABelIAAXgQARsMBwiQAQcQFAAAABwAAABI/f//KgAAAAAAAAAAAAAAFAAAAAAAAAABelIAAXgQARsMBwiQAQAAJAAAABwAAADI/P//QAAAAAAOEEYOGEoPC3cIgAA/GjsqMyQiAAAAABwAAABEAAAA5v3//2sAAAAAQQ4QhgJDDQYCZgwHCAAARAAAAGQAAABA/v//ZQAAAABCDhCPAkIOGI4DRQ4gjQRCDiiMBUgOMIYGSA44gwdNDkByDjhBDjBBDihCDiBCDhhCDhBCDggAFAAAAKwAAABo/v//AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAVAAAAAAAAgBUAAAAAAAAAAAAAAAAAAAQAAAAAAAAABAAAAAAAAAAwAAAAAAAAAAARAAAAAAAANAAAAAAAAAFQGQAAAAAAAGQAAAAAAAAAQDmAAAAAAABsAAAAAAAAACAAAAAAAAAAaAAAAAAAAABgOYAAAAAAAHAAAAAAAAAAIAAAAAAAAAPX+/28AAAAAmAJAAAAAAAAFAAAAAAAAADADQAAAAAAABgAAAAAAAAC4AkAAAAAAAAoAAAAAAAAAQwAAAAAAAAALAAAAAAAAABgAAAAAAAAAFQAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAABBgAAAAAAACAAAAAAAAAEgAAAAAAAAAFAAAAAAAAAAHAAAAAAAAABcAAAAAAAAAuANAAAAAAAAHAAAAAAAAAKADQAAAAAAACAAAAAAAAAAYAAAAAAAAAAkAAAAAAAAAGAAAAAAAAAD+//9vAAAAAIADQAAAAAAAbwAAAAABAAAAAAAAAPD//28AAAAAdANAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgOYAAAAAAAAAAAAAAAAAAAAAAAAAAAADYEQAAAAAAARgRAAAAAAABWBEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGlzIHRoZXJlIGFueXRoaW5nPwAA5LmfAOiuuADkvaAA6K+lAOS6hgDop6MA5LiAAOS4iwDogIEA5rapAOmAvADpmpAA5YaZAAAAAAAAR0NDOiAoVWJ1bnR1IDUuNC4wLTZ1YnVudHUxfjE2LjA0LjEwKSA1LjQuMCAyMDE2MDYwOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwABADgCQAAAAAAAAAAAAAAAAAAAAAAAAwACAFQCQAAAAAAAAAAAAAAAAAAAAAAAAwADAHQCQAAAAAAAAAAAAAAAAAAAAAAAAwAEAJgCQAAAAAAAAAAAAAAAAAAAAAAAAwAFALgCQAAAAAAAAAAAAAAAAAAAAAAAAwAGADADQAAAAAAAAAAAAAAAAAAAAAAAAwAHAHQDQAAAAAAAAAAAAAAAAAAAAAAAAwAIAIADQAAAAAAAAAAAAAAAAAAAAAAAAwAJAKADQAAAAAAAAAAAAAAAAAAAAAAAAwAKALgDQAAAAAAAAAAAAAAAAAAAAAAAAwALAAAEQAAAAAAAAAAAAAAAAAAAAAAAAwAMACAEQAAAAAAAAAAAAAAAAAAAAAAAAwANAGAEQAAAAAAAAAAAAAAAAAAAAAAAAwAOAHAEQAAAAAAAAAAAAAAAAAAAAAAAAwAPAFQGQAAAAAAAAAAAAAAAAAAAAAAAAwAQAGAGQAAAAAAAAAAAAAAAAAAAAAAAAwARANQGQAAAAAAAAAAAAAAAAAAAAAAAAwASAAgHQAAAAAAAAAAAAAAAAAAAAAAAAwATABAOYAAAAAAAAAAAAAAAAAAAAAAAAwAUABgOYAAAAAAAAAAAAAAAAAAAAAAAAwAVACAOYAAAAAAAAAAAAAAAAAAAAAAAAwAWACgOYAAAAAAAAAAAAAAAAAAAAAAAAwAXAPgPYAAAAAAAAAAAAAAAAAAAAAAAAwAYAAAQYAAAAAAAAAAAAAAAAAAAAAAAAwAZAEAQYAAAAAAAAAAAAAAAAAAAAAAAAwAaAK0QYAAAAAAAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAAAAAABAAAABADx/wAAAAAAAAAAAAAAAAAAAAAMAAAAAQAVACAOYAAAAAAAAAAAAAAAAAAZAAAAAgAOAKAEQAAAAAAAAAAAAAAAAAAbAAAAAgAOAOAEQAAAAAAAAAAAAAAAAAAuAAAAAgAOACAFQAAAAAAAAAAAAAAAAABEAAAAAQAaAK0QYAAAAAAAAQAAAAAAAABTAAAAAQAUABgOYAAAAAAAAAAAAAAAAAB6AAAAAgAOAEAFQAAAAAAAAAAAAAAAAACGAAAAAQATABAOYAAAAAAAAAAAAAAAAAClAAAABADx/wAAAAAAAAAAAAAAAAAAAACsAAAAAQAZAGAQYAAAAAAATQAAAAAAAAABAAAABADx/wAAAAAAAAAAAAAAAAAAAACyAAAAAQASAPgHQAAAAAAAAAAAAAAAAADAAAAAAQAVACAOYAAAAAAAAAAAAAAAAAAAAAAABADx/wAAAAAAAAAAAAAAAAAAAADMAAAAAAATABgOYAAAAAAAAAAAAAAAAADdAAAAAQAWACgOYAAAAAAAAAAAAAAAAADmAAAAAAATABAOYAAAAAAAAAAAAAAAAAD5AAAAAAARANQGQAAAAAAAAAAAAAAAAAAMAQAAAQAYAAAQYAAAAAAAAAAAAAAAAAAiAQAAEgAOAFAGQAAAAAAAAgAAAAAAAAAyAQAAIAAAAAAAAAAAAAAAAAAAAAAAAACIAQAAIAAZAEAQYAAAAAAAAAAAAAAAAABOAQAAEgAAAAAAAAAAAAAAAAAAAAAAAABgAQAAEAAZAK0QYAAAAAAAAAAAAAAAAAAsAQAAEgAPAFQGQAAAAAAAAAAAAAAAAABnAQAAEgAAAAAAAAAAAAAAAAAAAAAAAACGAQAAEAAZAEAQYAAAAAAAAAAAAAAAAACTAQAAIAAAAAAAAAAAAAAAAAAAAAAAAACiAQAAEQIZAEgQYAAAAAAAAAAAAAAAAACvAQAAEQAQAGAGQAAAAAAABAAAAAAAAAC+AQAAEgAOAOAFQAAAAAAAZQAAAAAAAADYAAAAEAAaALAQYAAAAAAAAAAAAAAAAACMAQAAEgAOAHAEQAAAAAAAKgAAAAAAAADOAQAAEAAaAK0QYAAAAAAAAAAAAAAAAADaAQAAEgAOAGYFQAAAAAAAawAAAAAAAADfAQAAIAAAAAAAAAAAAAAAAAAAAAAAAADzAQAAEQIZALAQYAAAAAAAAAAAAAAAAAD/AQAAIAAAAAAAAAAAAAAAAAAAAAAAAAAZAgAAEgAAAAAAAAAAAAAAAAAAAAAAAADIAQAAEgALAAAEQAAAAAAAAAAAAAAAAAAAY3J0c3R1ZmYuYwBfX0pDUl9MSVNUX18AZGVyZWdpc3Rlcl90bV9jbG9uZXMAX19kb19nbG9iYWxfZHRvcnNfYXV4AGNvbXBsZXRlZC43NTk0AF9fZG9fZ2xvYmFsX2R0b3JzX2F1eF9maW5pX2FycmF5X2VudHJ5AGZyYW1lX2R1bW15AF9fZnJhbWVfZHVtbXlfaW5pdF9hcnJheV9lbnRyeQB0ZXN0LmMAbWFnaWMAX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2luaXRfYXJyYXlfZW5kAF9EWU5BTUlDAF9faW5pdF9hcnJheV9zdGFydABfX0dOVV9FSF9GUkFNRV9IRFIAX0dMT0JBTF9PRkZTRVRfVEFCTEVfAF9fbGliY19jc3VfZmluaQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAcHV0c0BAR0xJQkNfMi4yLjUAX2VkYXRhAF9fbGliY19zdGFydF9tYWluQEBHTElCQ18yLjIuNQBfX2RhdGFfc3RhcnQAX19nbW9uX3N0YXJ0X18AX19kc29faGFuZGxlAF9JT19zdGRpbl91c2VkAF9fbGliY19jc3VfaW5pdABfX2Jzc19zdGFydABtYWluAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19UTUNfRU5EX18AX0lUTV9yZWdpc3RlclRNQ2xvbmVUYWJsZQBzbGVlcEBAR0xJQkNfMi4yLjUAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5ub3RlLmdudS5idWlsZC1pZAAuZ251Lmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsYS5keW4ALnJlbGEucGx0AC5pbml0AC5wbHQuZ290AC50ZXh0AC5maW5pAC5yb2RhdGEALmVoX2ZyYW1lX2hkcgAuZWhfZnJhbWUALmluaXRfYXJyYXkALmZpbmlfYXJyYXkALmpjcgAuZHluYW1pYwAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAAAAAAOAJAAAAAAAA4AgAAAAAAABwAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAIwAAAAcAAAACAAAAAAAAAFQCQAAAAAAAVAIAAAAAAAAgAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAADEAAAAHAAAAAgAAAAAAAAB0AkAAAAAAAHQCAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAABEAAAA9v//bwIAAAAAAAAAmAJAAAAAAACYAgAAAAAAABwAAAAAAAAABQAAAAAAAAAIAAAAAAAAAAAAAAAAAAAATgAAAAsAAAACAAAAAAAAALgCQAAAAAAAuAIAAAAAAAB4AAAAAAAAAAYAAAABAAAACAAAAAAAAAAYAAAAAAAAAFYAAAADAAAAAgAAAAAAAAAwA0AAAAAAADADAAAAAAAAQwAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAABeAAAAbwIAAAAAAAAAdANAAAAAAAB0AwAAAAAAAAoAAAAAAAAABQAAAAAAAAACAAAAAAAAAAIAAAAAAAAAawAAAP7//28CAAAAAAAAAIADQAAAAAAAgAMAAAAAAAAgAAAAAAAAAAYAAAABAAAACAAAAAAAAAAAAAAAAAAAAHoAAAAEAAAAAgAAAAAAAACgA0AAAAAAAKADAAAAAAAAGAAAAAAAAAAFAAAAAAAAAAgAAAAAAAAAGAAAAAAAAACEAAAABAAAAEIAAAAAAAAAuANAAAAAAAC4AwAAAAAAAEgAAAAAAAAABQAAABgAAAAIAAAAAAAAABgAAAAAAAAAjgAAAAEAAAAGAAAAAAAAAAAEQAAAAAAAAAQAAAAAAAAaAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAIkAAAABAAAABgAAAAAAAAAgBEAAAAAAACAEAAAAAAAAQAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAACUAAAAAQAAAAYAAAAAAAAAYARAAAAAAABgBAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAnQAAAAEAAAAGAAAAAAAAAHAEQAAAAAAAcAQAAAAAAADiAQAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAKMAAAABAAAABgAAAAAAAABUBkAAAAAAAFQGAAAAAAAACQAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACpAAAAAQAAAAIAAAAAAAAAYAZAAAAAAABgBgAAAAAAAHIAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAsQAAAAEAAAACAAAAAAAAANQGQAAAAAAA1AYAAAAAAAA0AAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAL8AAAABAAAAAgAAAAAAAAAIB0AAAAAAAAgHAAAAAAAA9AAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADJAAAADgAAAAMAAAAAAAAAEA5gAAAAAAAQDgAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAA1QAAAA8AAAADAAAAAAAAABgOYAAAAAAAGA4AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAOEAAAABAAAAAwAAAAAAAAAgDmAAAAAAACAOAAAAAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADmAAAABgAAAAMAAAAAAAAAKA5gAAAAAAAoDgAAAAAAANABAAAAAAAABgAAAAAAAAAIAAAAAAAAABAAAAAAAAAAmAAAAAEAAAADAAAAAAAAAPgPYAAAAAAA+A8AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAAO8AAAABAAAAAwAAAAAAAAAAEGAAAAAAAAAQAAAAAAAAMAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAACAAAAAAAAAD4AAAAAQAAAAMAAAAAAAAAQBBgAAAAAABAEAAAAAAAAG0AAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAA/gAAAAgAAAADAAAAAAAAAK0QYAAAAAAArRAAAAAAAAADAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAMBAAABAAAAMAAAAAAAAAAAAAAAAAAAAK0QAAAAAAAANQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAAAAAAAAAAACMGQAAAAAAAAwBAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAAAAAAAAAAAA6BAAAAAAAAB4BgAAAAAAAB4AAAAwAAAACAAAAAAAAAAYAAAAAAAAAAkAAAADAAAAAAAAAAAAAAAAAAAAAAAAAGAXAAAAAAAALAIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAA=

是base64编码,然后继续进行解码,看样子是一个可执行文件的,把数据解码后写入文件。
在这里插入图片描述

执行得到:

# ./flag
hei~what you want??
want a flag?
sorry~there is no flag
but maybe your can find something useful!

其实之后的内容就是反汇编过去,在里面找到一个关于WAV的音频的隐写提示。
链接逃离东南亚
其实就是silenteye隐写,直接上工具得到第三个文件的密码。
在这里插入图片描述

This1sThe3rdZIPpwd
💗💗💗

继续往下走,解压第三个密压缩包密码,会得到很多源码,看文本的提示就是里面有一些隐写具体是什么,得靠大家去猜想,这里其实是tab和空格的数据隐写。

脚本讲解

🅰️因为涉及的文件很多我们不可能去一个一个文件寻找隐写的信息,需要使用脚本来判断隐写信息所在的文件位置,再使用脚本提取出来。
🅱️既然这里是使用的tab和空格来进行隐写,为了避免提取错误我们使用 \t \t来进行隐藏数据的提取。

import os
import base64
import binascii

from numpy import binary_repr

def get_file_lists(dir_path):
    _file_list = os.listdir(dir_path)
    file_list = []
    for file_str in _file_list:
        new_dir_path = dir_path+'\\'+file_str
        if(os.path.isdir(new_dir_path)):
            file_list.extend(get_file_lists(new_dir_path))
        else:
            file_list.append(new_dir_path)
    return file_list

def important_file(path):
    FILE  =[]
    fiel_list = get_file_lists(path)
    for file in fiel_list:
        f =open(file,"r",encoding='utf-8')
        try:
            data = f.read()
            if " \t \t" in data:
                print(file)
                FILE.append(file)
        except:
            pass
    return FILE

def get_flag(f_list):
    result = ''
    for f in f_list:
        for data in open(f, 'r').readlines():
            data = data[:-1]
            if '}' in data:
                data = data.split('}')[-1]
                if '\t' in data:
                    data1 = data[::].replace('\t', '')
                    data1 = data1.replace(' ', '')
                    if not data1:
                        print([data])
                        result += data

    result = result.replace('\t', '1')
    result = result.replace(' ', '0')
    print(result)
    data = hex(int(result,2))[2:]
    data.encode('utf-8')
    str_bin = binascii.unhexlify(data)
    print(str_bin.decode('utf-8'))

if __name__ == "__main__":
    path = "绝对路径\source_code"
    FILE = important_file(path)
    get_flag(FILE)

在这里插入图片描述
⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️⭐️

参考链接

CTF刷题记录-MISC- [羊城杯 2020]逃离东南亚

小蓝同学`
关注
专栏目录
[羊城 2020]easyser - 反序列化+SSRF+伪协议(绕过死亡die)
oZuoShen123的博客
10-08 985
F12看提示: 小胖说用个不安全的协议从我家才能进ser.php呢! ! 意思就是http协议就能进ser.php,回顾一下http协议咋用的?……
BUUCTF[羊城2020]easyphp
snowlyzz的博客
08-21 782
刷题记录
2020YCBCTF:2020羊城官方writeup及
03-24
20202020羊城官方writeup及源码 各个过渡的分散的writeup后续会逐步上传,所有转移的writeup已经汇总在wp文件夹下的writeup文件里面了!
NSSCTF刷题wp——常用编码
YougerXen的博客
04-10 4384
NSSCTF Crypto 探索 常用编码 前两个题ID303,287在入门时做过了,详见另一篇wp链接 [AFCTF 2018]BASE ID:463 打开文件直接麻了,如果人工解码,估计黄花菜都要凉了,这就需要用到拥有强大数据处理能力的python了,下面是我借鉴得几个大佬的脚本。 首先是大佬xenny的,NSSCTF这个题的wp也有 import re, base64 s = open('/Users/x3nny/Downloads/flag_encode.txt', 'rb').read() bas
RCTF crypto100(1)
weixin_33814685的博客
11-17 1902
题面是一个文件,里面是用base64加密的字符串,如下所示: IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyN= IyAJCQkJRG9jdW1lbnRhdGlvbgkJCQkgICAgI0== IyMjIyMj...
由空格等不可见字符组成的隐写
M3ng@L的博客
01-10 3982
由空格等不可见字符组成的隐写_部分 这里的不可见字符是由空格,制表符,回车组成的信息 Sublime Text 一个软件:Sublime Text - Text Editing, Done Right 将由空格,制表符,回车组成的不可见放入该软件可以看到空格,制表符,换行符的区别 White_space white_space是一种编程语言 由“空格”,“回车”,“tab”组成 IMP(指令修改参数) Meaning [Space] Stack Manipulation(栈控制) [T
BUU MISC(5_10-5_14)
XINO
05-14 796
[羊城 2020]image_rar binwalk发现有很多压缩包,改文件后缀为zip,得到一大堆图片,发现图片65不显示,怀疑有东西 发现好像是个压缩包,文件头被改了,我们将其改回来Rar!(52 61 72 21) 得到压缩包,但是需要密码,可能遗漏了什么,回头看,发现上一个压缩包有信息 压缩包密码(6位):GWxxxx 后面可能会用到的哦 用AR爆破发现似乎爆破不了,换一种思路,利用rar2john提取hash ,然后利用hashcat爆破hash step1: kali@kali:~$ /u
2020YCBCTF羊城官方Writeup.pdf
10-28
标题《2020YCBCTF羊城官方Writeup.pdf》中的“YCBCTF”指的是一种名为“羊城”的网络安全竞赛(CTF),这是一个以网络安全为主题的竞赛,CTF全称Capture The Flag,即“夺旗赛”,是一种信息安全竞赛活动。...
羊城_2020_babyre 题解
lifanxin的博客
09-09 1203
babyre题目信息考查知识题目分析WP脚本总结 题目信息   本题目来自于2020羊城的逆向题,可以在buuoj上找到题目复现。 考查知识   本题目考查的知识点有:DES/AES算法,SMC自修改代码,以及合理利用动态调试来快速解题。   关于动态调试,这里很多人可能会遇到环境问题,主要是因为题目调用了openssl的动态加密算法库,所以本地也得有一个。同时还需要注意openssl加密算法库的版本问题,该题目必须使用libcrypto.so.1.0.0。这里我给出该算法库文件 – libcrypto
前端实现Base64图片压缩(可直接复制使用)
热门推荐
陈坚泓的博客
07-29 5万+
前端实现Base64图片压缩
BUUCTF MISC刷题笔记(六)
volcano的博客
05-20 5292
BUUOJMisc[DDCTF2018]第四扩展FS[INSHack2018]42.tar.xz Misc [DDCTF2018]第四扩展FS 图片exif信息中有提示:Pactera foremost分离出一个加密的压缩包,使用上面得到的密码解压,得到一个文本 词频统计: f = open("file.txt","r") txt=f.read().replace(" ","") f.close() d={} for i in txt: d[i] = d.get(i,0)+1 ls=list(d
2020羊城CTF随缘Writeup
sash1mi
01-09 3678
2020羊城CTF随缘Writeup docker源码链接: https://github.com/k3vin-3/YCBCTF2020 Web部分 a_piece_of_java 考点:源码审计、java反序列化 PS:这道题没整明白,直接给出官方WP 第一步,serialkiller 白名单过滤,构造动态代理触发 JDBC 连接: DatabaseInfo databaseInfo = new DatabaseInfo(); databaseInfo.setHost("x.x.x.x"); datab
BUUCTF--[羊城 2020]Blackcat
qq_46263951的博客
08-19 1115
进入后查看源码发现提示都说听听歌了! 下载Hei_Mao_Jing_Chang.mp3文件,使用命令strings Hei_Mao_Jing_Chang.mp3查看文件 在文末看到一段PHP代码 if(empty($_POST['Black-Cat-Sheriff']) || empty($_POST['One-ear'])){ die(' $clandestine = getenv("clandestine"); if(isset($_POST['White-cat-monitor'..
BUUCTF:[羊城 2020]signin
末初的CSDN博客
04-23 1773
https://buuoj.cn/challenges#[%E7%BE%8A%E5%9F%8E%E6%9D%AF%202020]signin signin.txt BCEHACEIBDEIBDEHBDEHADEIACEGACFIBDFHACEGBCEHBCFIBDEGBDEGADFGBDEHBDEGBDFHBCEGACFIBCFGADEIADEIADFH Toy Cipher: https://eprint.iacr.org/2020/301.pdf 先将密文四个一组对照第二张表转换,简单Pytho
BUUCTF:[羊城 2020]image_rar
末初的CSDN博客
07-02 3269
binwalk分析xiao_mi2.mp4发现很多压缩包,压缩了很多图片 将xiao_mi2.mp4修改后缀改为xiao_mi2.zip 得到一个hint,但这个压缩包密码并不是指当前的zip压缩包 继续往后看,解压这些图片之后发现里面只有65.jpg显示不正常 010 Editor打开65.jpg 文件头ara!,非常类似rar压缩包的文件头Rar!,修改文件头为Rar!(52 61 72 21) 并修改后缀为.rar,即可打开 有密码,hint的密码指的是rar的密码 压缩包密码(6位).
BUUCTF:[WUSTCTF2020]爬
末初的CSDN博客
11-11 2624
https://buuoj.cn/challenges#[WUSTCTF2020]%E7%88%AC PDF文件,修改后缀为PDF,打开 删除掉这张图片,图片下面还有张图片 右键识别图片内容 77637466323032307b746831735f31735f405f7064665f616e645f7930755f63616e5f7573655f70686f7430736830707d >>> import binascii >>> binascii.unhe
BUUCTF:[极客大挑战 2019]Knife
末初的CSDN博客
10-20 666
题目地址:https://buuoj.cn/challenges#[%E6%9E%81%E5%AE%A2%E5%A4%A7%E6%8C%91%E6%88%98%202019]Knife 蚁剑连接,根目录发现flag
隐写术总结篇幅之(一)
weixin_43721621的博客
02-23 1842
#ctf隐写术总结篇幅之(一) 关于隐写,强烈推荐《数据隐藏技术揭秘〉一书。多刷博客,多看视频,多看书,多实践,相信终能达成目标。 --大曲,蛐蛐。 隐写常用工具 binwalk 固件...
羊城2020 wp
最新发布
08-18
羊城2020是一场年度的电子竞技赛事,为广大电竞爱好者提供了一个展示技术和激发激情的舞台。今年的羊城聚集了来自全国各地的顶尖电竞选手,他们在各个游戏项目中展现了高水平的操作和战术。 在比赛的文化氛围方面,羊城2020鼓励团队协作和竞争精神,这对于参赛选手来说是一个很好的机会展现自己的技术能力和团队合作能力。此外,组委会还积极倡导公平竞赛,严禁使用任何形式的作弊或不正当手段来获取胜利,从而保证了比赛的公正性。 羊城2020不仅是一场竞技比赛,还提供了丰厚的奖金和荣誉,吸引了众多顶尖选手参与其中。参赛选手们通过紧张刺激的比赛,展现了他们的技术实力和战术策略。同时,比赛也为电竞爱好者们提供了一个观赏比赛和学习经验的机会,让他们更好地了解电竞运动,提高自己的技术水平。 此外,羊城2020还注重了普及电竞文化的意义。比赛在各个媒体平台上进行直播,使更多的观众能够通过网络或电视观看比赛,增加了电竞的曝光度。通过各种推广活动,羊城2020吸引了更多非电竞爱好者的关注,提高了电竞在社会中的认可度和影响力。 总的来说,羊城2020是一场令人期待的电竞盛事,它不仅展示了顶尖选手们的实力和技巧,也推广了电竞文化并吸引了更多人的关注。这样的比赛将继续推动电竞行业的发展和壮大,为电竞爱好者们带来更多的精彩赛事和娱乐体验。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值