就是这个图,用到了cloacked-pixel这个工具
盲猜一手密码123456 命令如下
lsb.py extract 4.png 1.txt 123456
解压之后 很明显这是一个pyc文件
进行逆向还原之后,得到代码
import random
rand = random.randint(1, 10)
flag = '???'
k = []
for i in range(len(flag)):
k.append(ord(flag[i]) & 15 ^ rand)
k.append(ord(flag[i]) & 240)
print k
real_k = [0, 96, 10, 96, 7, 96, 1, 96, 13, 112, 14, 48, 7, 48, 3, 48, 14, 48, 4, 96, 5, 96, 4, 96, 0, 48, 11, 32, 3, 96, 4, 96, 6, 48, 14, 48, 11, 32, 2, 48, 7, 96, 14, 48, 15, 48, 11, 32, 14, 48, 6, 48, 2, 96, 15, 48, 11, 32, 0, 96, 14, 48, 4, 48, 0, 48, 5, 96, 0, 48, 3, 96, 5, 48, 3, 48, 14, 48, 1, 48, 3, 96, 11, 112]
编写 逆向爆破代码1(@mumuzi)
import re
k = [0, 96, 10, 96, 7, 96, 1, 96, 13, 112, 14, 48, 7, 48, 3, 48, 14, 48, 4, 96, 5, 96, 4, 96, 0, 48, 11, 32, 3, 96, 4, 96, 6, 48, 14, 48, 11, 32, 2, 48, 7, 96, 14, 48, 15, 48, 11, 32, 14, 48, 6, 48, 2, 96, 15, 48, 11, 32, 0, 96, 14, 48, 4, 48, 0, 48, 5, 96, 0, 48, 3, 96, 5, 48, 3, 48, 14, 48, 1, 48, 3, 96, 11, 112]
flag = ''
for count in range(10):
for i in range(len(k)/2):
for j in range(32,128):
if((j & 15 ^ count) == k[i*2]) and ((j&240) == k[i*2+1]):
flag += chr(j)
break
if(re.search('flag',flag)):
print(flag)
break
flag = ''
代码2 (@8神)
k = [0, 96, 10, 96, 7, 96, 1, 96, 13, 112, 14, 48, 7, 48, 3, 48, 14, 48, 4, 96, 5, 96, 4, 96, 0, 48, 11, 32, 3, 96, 4, 96, 6, 48, 14, 48, 11, 32, 2, 48, 7, 96, 14, 48, 15, 48, 11, 32, 14, 48, 6, 48, 2, 96, 15, 48, 11, 32, 0, 96, 14, 48, 4, 48, 0, 48, 5, 96, 0, 48, 3, 96, 5, 48, 3, 48, 14, 48, 1, 48, 3, 96, 11, 112]
for i in range(1, 11):
flag = ''
for j in range(0, len(k), 2):
flag += chr(k[j] ^ i + k[j+1])
if 'flag' in flag:
print(flag)
得到flag
flag{8158bcb6-eb08-4a89-80d9-f826c6e3587e}