目录
题目链接
https://buuoj.cn/challenges#[INSHack2017]remote-multimedia-controller
解题过程
题目是道流量题。有提示,好像没什么用 ,
打开流量包。搜索flag,发现有flag.txt信息,
追踪TCP流 ,在stream 2发现base64加密信息,
Vmxkd1NrNVhVbk5qUlZKU1ltdGFjRlJYZEhOaWJFNVhWR3RPV0dKVmJEWldiR1JyV1ZkS1ZXRXphRnBpVkVaVFYycEtVMU5IUmtobFJYQlRUVmhDTmxZeFdtdGhhelZ5WWtWYWFWSlViRmRVVlZaYVRURmFjbFpyT1ZaV2JXUTJWa1pvYTFkck1YVlVhbHBoVWxack1GUlZaRXRqVmxaMVZHMTRXRkpVUlRCWFdIQkdUbGRHY2s1VmFFOVdNWEJoV1Zkek1XSldaSFJPVm1SclZsZDRXbFJWVm5wUVVUMDk=
用BurpSuite工具解码,多次解码后等到明文,
这步用代码解码也可以,代码如下:
import base64 cipher_text = 'Vmxkd1NrNVhVbk5qUlZKU1ltdGFjRlJYZEhOaWJFNVhWR3RPV0dKVmJEWldi' \ 'R1JyV1ZkS1ZXRXphRnBpVkVaVFYycEtVMU5IUmtobFJYQlRUVmhDTmxZeFdt' \ 'dGhhelZ5WWtWYWFWSlViRmRVVlZaYVRURmFjbFpyT1ZaV2JXUTJWa1pvYTFk' \ 'ck1YVlVhbHBoVWxack1GUlZaRXRqVmxaMVZHMTRXRkpVUlRCWFdIQkdUbGRH' \ 'Y2s1VmFFOVdNWEJoV1Zkek1XSldaSFJPVm1SclZsZDRXbFJWVm5wUVVUMDk=' plain_text = '' while 'flag' not in plain_text: cipher_text, plain_text = plain_text, base64.b64decode(cipher_text).decode() print(plain_text)
解出明文:Good job ! You found the flag: INSA{TCP_s0ck3t_4n4lys1s_c4n_b3_fun!}
flag{TCP_s0ck3t_4n4lys1s_c4n_b3_fun!}
总结
1.思路:流量分析搜索关键字、追踪流。
2.知识点:base64解码。