首页 > 编程语言 >第二届数信杯南区wp-easyJava

第二届数信杯南区wp-easyJava

时间:2024-05-09 16:33:27浏览次数:14  
标签:2f1a aa534ac5 baf7 flag easyJava wp 字符串 466c 数信杯

writeup

easyJava

用Eclipse Memory Analyzer进行分析,利用OQL查找字符串

这里要写正则表达式:我写了\\u.*意思是找unicode字符串,因为这里的中文都做了unicode编码

搜索到这么一个字符串列表,

转码——

红色框框里的是还原后的内容。如下:

想跟你说一个小秘密:我把码表修改成了

真的旗帜怎么会这么轻易就让你拿到,但你都找到我了那我给你一个密文吧:

赵钱孙李周吴郑王冯陈褚卫蒋沈韩杨朱秦尤许何吕施张孔曹严华金魏陶姜戚谢邹喻柏水窦章云苏潘葛奚范彭郎鲁韦昌马苗凤花方俞任袁柳酆鲍史唐费
0123456789abcdefghijklmnopqrstuvwxyzBCDEFGHIJKLMNOPQRSTUVWXY

曹窦韦谢曹方范谢孔许何马沈郑吴喻沈尤苗昌曹喻吴谢卫许朱花沈窦蒋范孔窦吴窦沈昌苗韦孔施朱方曹施秦邹沈窦吴柏孔喻陈鲍

pCNxpTJxojkPd65zdiQOpz5xbjgSdCcJoC5CdOQNomgTpmhydC5oz9

0123456789abcdefghijklmnopqrstuvwxyzBCDEFGHIJKLMNOPQRSTUVWXY是base64编码表,补上AZ+/=后,对pCNxpTJxojkPd65zdiQOpz5xbjgSdCcJoC5CdOQNomgTpmhydC5oz9进行解码,结果为:

flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aX�

flag的末端必然是"}"结尾,而"}"的ASCII码为0x7d,二进制为01111101
pCNxpTJxojkPd65zdiQOpz5xbjgSdCcJoC5CdOQNomgTpmhydC5oz9长度为54,base64编码中每4个字符对应源字符串的3个字符,54除以4等于13余2,可知该字符串缺少2个字符,需要添加这两个字符并使得最后解码结果以"}"结尾。于是可以只考虑在dC5oz9添加字符

import re

def generate_all_insertions(input_string, char1, char2):

    all_insertions = []

    for i in range(len(input_string) + 1):

        for j in range(i, len(input_string) + 1):

            modified_string = input_string[:i] + char1 + input_string[i:j] + char2 + input_string[j:]

            all_insertions.append(modified_string)

    return all_insertions

  

# 获取字符串所有固定长度且不重合切片

def generate_non_overlapping_slices(input_string, slice_length):

    all_slices = []

    for i in range(0, len(input_string), slice_length):

        if i + slice_length <= len(input_string):

            all_slices.append(input_string[i:i + slice_length])

    return all_slices

# 自定义字符集

  
  

def custom_base64_decode(encoded_string):

    custom_charset = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+/"

    encoded_binary_string = ""

    for char in encoded_string:

        index = custom_charset.index(char)

        binary_index = format(index, '06b')

        encoded_binary_string += binary_index

    chs = generate_non_overlapping_slices(encoded_binary_string,8)

    # print(chs)

    decode_string = ''

    for ch in chs:

        decode_string += chr(int(ch,2))

    return decode_string

  
  

def is_only_alpha_numeric(input_string):

    # 使用正则表达式匹配只包含英文字母和数字的字符串

    return bool(re.match('^[a-zA-Z0-9]+$', input_string))

  

# 要解码的自定义base64编码字符串

encoded_string = "pCNxpTJxojkPd65zdiQOpz5xbjgSdCcJoC5CdOQNomgTpmhy"

front = custom_base64_decode(encoded_string)

print(front)

  
  

custom_charset = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+/"

str1 = "dC5oz9"

  

for i in custom_charset:

    for j in custom_charset:

        # 将生成的所有修改后的字符串逐个与原字符串连接

        for modified_str in generate_all_insertions(str1, i, j):

            result = custom_base64_decode(modified_str)

            # 判断result[:-1]是否只包含英文字母和数字

            if is_only_alpha_numeric(result[:-1]):

                # print(result)          

                if result[-1] == "}":

                    print("i=%s,j=%s" % (i,j))

                    print("拼接字符串: %s,UTF-8字符串: %s" % (modified_str,front+result))

结果:

i=1,j=Z
拼接字符串: dC51oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aAb2}
i=2,j=Z
拼接字符串: dC52oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aBb2}
i=3,j=Z
拼接字符串: dC53oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aCb2}
i=4,j=Z
拼接字符串: dC54oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aDb2}
i=5,j=Z
拼接字符串: dC55oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aEb2}
i=5,j=Z
拼接字符串: dC55oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aEb2}
i=6,j=Z
拼接字符串: dC56oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aFb2}
i=7,j=Z
拼接字符串: dC57oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aGb2}
i=8,j=Z
拼接字符串: dC58oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aHb2}
i=9,j=Z
拼接字符串: dC95oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6bEb2}
i=9,j=Z
拼接字符串: dC59oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aIb2}
i=a,j=Z
拼接字符串: dC5aoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aJb2}
i=b,j=Z
拼接字符串: dC5boz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aKb2}
i=c,j=Z
拼接字符串: dC5coz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aLb2}
i=c,j=Z
拼接字符串: dC5ocz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aX22}
i=d,j=Z
拼接字符串: dCd5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6cEb2}
i=d,j=Z
拼接字符串: dC5doz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aMb2}
i=d,j=Z
拼接字符串: dC5odz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aX62}
i=e,j=Z
拼接字符串: dC5eoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aNb2}
i=f,j=Z
拼接字符串: dC5foz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aOb2}
i=g,j=Z
拼接字符串: dC5goz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aPb2}
i=g,j=Z
拼接字符串: dC5ogz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXB2}
i=h,j=Z
拼接字符串: dCh5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6dEb2}
i=h,j=Z
拼接字符串: dC5hoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aQb2}
i=h,j=Z
拼接字符串: dC5ohz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXF2}
i=i,j=Z
拼接字符串: dC5ioz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aRb2}
i=i,j=Z
拼接字符串: dC5oiz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXJ2}
i=j,j=Z
拼接字符串: dC5joz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aSb2}
i=j,j=Z
拼接字符串: dC5ojz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXN2}
i=k,j=Z
拼接字符串: dC5koz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aTb2}
i=k,j=Z
拼接字符串: dC5okz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXR2}
i=l,j=Z
拼接字符串: dCl5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6eEb2}
i=l,j=Z
拼接字符串: dC5loz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aUb2}
i=l,j=Z
拼接字符串: dC5olz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXV2}
i=m,j=Z
拼接字符串: dC5moz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aVb2}
i=m,j=Z
拼接字符串: dC5omz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXZ2}
i=n,j=Z
拼接字符串: dC5noz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aWb2}
i=o,j=Z
拼接字符串: dC5ooz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXb2}
i=o,j=Z
拼接字符串: dC5ooz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXb2}
i=p,j=Z
拼接字符串: dCp5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6fEb2}
i=p,j=Z
拼接字符串: dC5poz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aYb2}
i=p,j=Z
拼接字符串: dC5opz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXf2}
i=q,j=Z
拼接字符串: dC5qoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aZb2}
i=q,j=Z
拼接字符串: dC5oqz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXj2}
i=r,j=Z
拼接字符串: dC5orz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXn2}
i=s,j=Z
拼接字符串: dC5osz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXr2}
i=t,j=Z
拼接字符串: dCt5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6gEb2}
i=t,j=Z
拼接字符串: dC5otz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXv2}
i=u,j=Z
拼接字符串: dC5ouz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aXz2}
i=x,j=Z
拼接字符串: dCx5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6hEb2}
i=x,j=Z
拼接字符串: dC5xoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aab2}
i=y,j=Z
拼接字符串: dC5yoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6abb2}
i=z,j=Z
拼接字符串: dC5zoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6acb2}
i=A,j=Z
拼接字符串: dC5Aoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6adb2}  # 最终的正确flag
i=B,j=Z
拼接字符串: dCB5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6iEb2}
i=B,j=Z
拼接字符串: dC5Boz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aeb2}
i=C,j=Z
拼接字符串: dC5Coz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6afb2}
i=D,j=Z
拼接字符串: dC5Doz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6agb2}
i=E,j=Z
拼接字符串: dC5Eoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6ahb2}
i=F,j=Z
拼接字符串: dCF5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6jEb2}
i=F,j=Z
拼接字符串: dC5Foz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aib2}
i=G,j=Z
拼接字符串: dC5Goz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6ajb2}
i=H,j=Z
拼接字符串: dC5Hoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6akb2}
i=I,j=Z
拼接字符串: dC5Ioz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6alb2}
i=J,j=Z
拼接字符串: dCJ5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6kEb2}
i=J,j=Z
拼接字符串: dC5Joz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6amb2}
i=K,j=Z
拼接字符串: dC5Koz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6anb2}
i=L,j=Z
拼接字符串: dC5Loz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aob2}
i=M,j=Z
拼接字符串: dC5Moz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6apb2}
i=N,j=Z
拼接字符串: dCN5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6lEb2}
i=N,j=Z
拼接字符串: dC5Noz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aqb2}
i=O,j=Z
拼接字符串: dC5Ooz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6arb2}
i=P,j=Z
拼接字符串: dC5Poz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6asb2}
i=Q,j=Z
拼接字符串: dC5Qoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6atb2}
i=R,j=Z
拼接字符串: dCR5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6mEb2}
i=R,j=Z
拼接字符串: dC5Roz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6aub2}
i=S,j=Z
拼接字符串: dC5Soz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6avb2}
i=T,j=Z
拼接字符串: dC5Toz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6awb2}
i=U,j=Z
拼接字符串: dC5Uoz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6axb2}
i=V,j=Z
拼接字符串: dCV5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6nEb2}
i=V,j=Z
拼接字符串: dC5Voz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6ayb2}
i=W,j=Z
拼接字符串: dC5Woz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6azb2}
i=Z,j=Z
拼接字符串: dCZ5oz9Z,UTF-8字符串: flag{aa534ac5-2f1a-466c-baf7-1ad7edb6oEb2}

只有拼接A、Z的才是正确的flag,不知道为什么。

标签:2f1a,aa534ac5,baf7,flag,easyJava,wp,字符串,466c,数信杯
From: https://www.cnblogs.com/liulangbxc/p/18182574

相关文章

  • dotnet 9 WPF 支持 Style 的 Setter 填充内容时可忽略 Value 标签
    本文记录WPF在dotnet9的一项XAML编写语法改进点,此改进点用于解决编写Style的Setter进行给Value赋值时,不能将Value当成默认内容,需要多写Value标签的问题。通过此改进点可减少两行XAML代码在原先的WPF版本里面,对Style的Setter填充复杂的对象内容时,大概的......
  • 2024 FIC取证比赛wp
    本次竞赛容器挂载密码为:2024Fic@杭州Powered~by~HL!2024年4月,卢某报案至警方,声称自己疑似遭受了“杀猪盘”诈骗,大量钱财被骗走。卢某透露,在与某公司交流过程中结识了员工李某。李某私下诱导卢某参与赌博游戏,起初资金出入均属正常。但随后,李某称赌博平台为提升安全性,更换了地址和......
  • WPF/C#:ProgressBar的基本使用
    前言在日常开发过程中,如果遇到需要一段时间才能完成的任务,通常需要给用户一个进度条提示。今天给大家介绍的是WPF/C#中ProgressBar的基本使用。ProgressBar的介绍在WPF(WindowsPresentationFoundation)中,ProgressBar是一个用户界面元素,用于显示一个操作的进度。ProgressBar有......
  • WPF上位机 - 实现TIA Wincc中的输入输出域
    在TIAWincc中输入输出域可以显示PLC中的变量,同时可以改变PLC中的变量,而在上位机中,使用多线程实时读取数据,在输入数据的时候可能PLC数据改变使得上位机数据同时改变。所以需要在文本框获取到焦点的时候断开绑定,失去焦点的时候重新绑定数据。//view代码<TextB......
  • WPF C# construct Grid,DataGrid,Button manually
    usingMicrosoft.Win32;usingSystem;usingSystem.Collections.Generic;usingSystem.Linq;usingSystem.Text;usingSystem.Threading.Tasks;usingSystem.Windows;usingSystem.Windows.Controls;usingSystem.Windows.Data;usingSystem.Windows.Documents;usin......
  • WPF Image open ZoomIn ZoomOut reset
    //xaml<Windowx:Class="WpfApp94.MainWindow"xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"xmlns:d="http://schemas.mic......
  • WPF Behavior Interaction Triggers EventTrigger EventName CallMethodAction Target
    //xaml<Windowx:Class="WpfApp92.MainWindow"xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"xmlns:d="http://schemas.mic......
  • WPF ErrorTemplate
    //xaml<Windowx:Class="WpfApp91.MainWindow"xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"xmlns:d="http://schemas.mic......
  • WPF ValidatesOnDataErrors IDataErrorInfo ValidationRule
    //xaml<Windowx:Class="WpfApp91.MainWindow"xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"xmlns:d="http://schemas.mic......
  • WPF datagrid datagridtemplatecolumn DataGridTemplateColumn.CellEditingTemplate D
    //xaml<Windowx:Class="WpfApp89.MainWindow"xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"xmlns:d="http://schemas.mic......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99