baba_is_you
010看文件末尾
bilibili领flag
爷的历险记
直接看源码json串
UNCTF{WelC0me_70_UNCTF2oZ0~}
阴阳人编码
brainfk变形
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Vp0Ev3kO-1606662116606)(misc/NVV$ZU%7D49TIY3M_6KF%7BX%7DB.png)]
躲猫猫
xlsx可以用压缩包来看
然后直接看sharedstrings.xml
dW5jdGYlN0I3MzgzYjY3ZGU5MTA2YTZmMTBmZGJlNGU4ZWJjNjRjZSU3RA==
base64解密
unctf%7B7383b67de9106a6f10fdbe4e8ebc64ce%7D
YLB’s CAPTCHA - 签到题
验证码你就嗯读就可以拿到
撕坏的二维码
可以看到二维码缺了一个角补全即可
网络深处1
手机号直接爆破密码就可以得到
15975384265
之后用Audacity频谱图
可以看见我是tupper加密
脚本解密
"""
2 Copyright (c) 2012, 2013 The PyPedia Project, http://www.pypedia.com
3 <br>All rights reserved.
4
5 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
6
7 # Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
8 # Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
9
10 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
11 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
12 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
13 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
14 ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
15 (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
16 LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
17 ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
18 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
19 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
20
21 http://www.opensource.org/licenses/BSD-2-Clause
22 """
__pypdoc__ = """
25 Method: Tupper_self_referential_formula
26 Link: http://www.pypedia.com/index.php/Tupper_self_referential_formula
27 Retrieve date: Tue, 11 Mar 2014 03:15:49 +0200
28
29
30
31 Plots the [http://en.wikipedia.org/wiki/Tupper's_self-referential_formula Tupper's_self-referential_formula]:
32 : <math>{1\over 2} < \left\lfloor \mathrm{mod}\left(\left\lfloor {y \over 17} \right\rfloor 2^{-17 \lfloor x \rfloor - \mathrm{mod}(\lfloor y\rfloor, 17)},2\right)\right\rfloor</math>
33
34 The plot is the very same formula that generates the plot.
35
36 [[Category:Validated]]
37 [[Category:Algorithms]]
38 [[Category:Math]]
39 [[Category:Inequalities]]
40
41
42 """
def Tupper_self_referential_formula():
k = 636806841748368750477720528895492611039728818913495104112781919263174040060359776171712496606031373211949881779178924464798852002228370294736546700438210687486178492208471812570216381077341015321904079977773352308159585335376746026882907466893864815887274158732965185737372992697108862362061582646638841733361046086053127284900532658885220569350253383469047741742686730128763680253048883638446528421760929131783980278391556912893405214464624884824555647881352300550360161429758833657243131238478311219915449171358359616665570429230738621272988581871
#love yiran
def f(x,y):
d = ((-17 * x) - (y % 17))
e = reduce(lambda x,y: x*y, [2 for x in range(-d)]) if d else 1
f = ((y / 17) / e)
g = f % 2
return 0.5 < g
for y in range(k+16, k-1, -1):
line = ""
for x in range(0, 107):
if f(x,y):
line += "@"
else:
line += " "
print(line)
#Method name =Tupper_self_referential_formula()
if __name__ == '__main__':
returned = Tupper_self_referential_formula()
if returned:
print(str(returned))
站远处观察 就可以明显看到
base64字符串
这个就是flag
mouse_click
可以看到是一个鼠标流量
所以就要提取出来
tshark -r usb1.pcapng -T fields -e usb.capdata | sed '/^\s*$/d' > usbdata.txt
提取的数据没有冒号加一下
f=open('usbdata.txt','r')
fi=open('out.txt','w')
while 1:
a=f.readline().strip()
if a:
if len(a)==8:
out=''
for i in range(0,len(a),2):
if i+2 != len(a):
out+=a[i]+a[i+1]+":"
else:
out+=a[i]+a[i+1]
fi.write(out)
fi.write('\n')
else:
break
fi.close()
接下来就是求坐标了
nums = []
keys = open('out.txt','r')
f = open('xy.txt','w')
posx = 0
posy = 0
for line in keys:
if len(line) != 12 :
continue
x = int(line[3:5],16)
y = int(line[6:8],16)
if x > 127 :
x -= 256
if y > 127 :
y -= 256
posx += x
posy += y
btn_flag = int(line[0:2],16)
if btn_flag == 1 :
f.write(str(posx))
f.write(' ')
f.write(str(posy))
f.write('\n')
f.close()
之后用gnuplot就行
gnuplot
plot 'xy.txt'
看见是翻转的 导出png翻转一下
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-RDw0AAu8-1606662116611)(misc/image-20201114192212288.png)]
被删除的flag
打开文件
拉最下面就有
不懂这个题在干什么
你能破解我的密码吗
直接去MD5解密
https://www.cmd5.com/
密码为123456
EZ_IMAGE
montage unctf*.jpg -tile 15x15 -geometry 60x60+0+0 test.jpg
gaps拼图
可以百度一下怎么安装
安装比较复杂
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-acDW11My-1606662116613)(misc/image-20201114221624344.png)]
YLB绝密文件
拿到一个流量包
通过一些简单分析可以看见主要有三个东西
有一个加密的py,和pyc以及xor文件
下面是这个加密文件
import base64
from secret import key
file = open("YLBSB.docx", "rb")
enc = open("YLBSB.xor", "wb")
plain = base64.b64encode(file.read())
count = 0
for c in plain:
d = chr(c ^ ord(key[count % len(key)]))
enc.write(d.encode())
count = count + 1
通过这个我们可以看到密文xor文件,明文docx文件,密钥是可以从pyc中分析出来
xor提取可以用binwalk
binwalk -e filename
key是"YLBSB?YLBNB!"
接下来写脚本就行
file = open("YLBSB.xor","rb")
s = open("YLBNB.docx","wb")
cnt = 0
content = ""
key = "YLBSB?YLBNB!"
for i in file.read():
i = i.decode()
a = ord(i) ^ ord(key[cnt % len(key)])
content += chr(a)
cnt += 1
content = base64.b64decode(content)
s.write(content)
file.close()
s.close()
然后打开docx,在最后面可以发现隐藏flag
零
零宽度字符隐写
在线网站解密
http://330k.github.io/misc_tools/unicode_steganography.html