题目复现
题目:[可爱的冰墩墩]
- 题目来源:polarctf-misc-[可爱的冰墩墩]
- 解题:
点开图片,图片上显示一个flag,提交显示错误
用binwalk进行分离,得到一个加密的压缩包
提示密码全是小写字母,但爆破半天没爆破出来
联想到刚才假的flag,应该为密码,输入解压成功
在线反编译pyc文件
代码审计
python
# Visit https://www.lddgo.net/string/pyc-compile-decompile for more information
# Version : Python 3.7
ciphertext = ''
flag = ''
for i in range(len(flag)):
i = ord(flag[i]) + 10
ciphertext.append(str(i))
print(ciphertext[::-1])
ciphertext = [
'62',
'60',
'65',
'108',
'111',
'60',
'109',
'111',
'59',
'109',
'107',
'107',
'107',
'107',
'63',
'64',
'111',
'60',
'64',
'109',
'60',
'108',
'59',
'60',
'109',
'64',
'66',
'61',
'111',
'109',
'65',
'61']代码逻辑:原flag值ascii值减10然后拼接得到ciphertext,再将ciphertext进行倒序输出
解题脚本:
python
ciphertext = [
'62',
'60',
'65',
'108',
'111',
'60',
'109',
'111',
'59',
'109',
'107',
'107',
'107',
'107',
'63',
'64',
'111',
'60',
'64',
'109',
'60',
'108',
'59',
'60',
'109',
'64',
'66',
'61',
'111',
'109',
'65',
'61']
ciphertext = ciphertext[::-1]
flag = ''
for i in range(len(ciphertext)):
i = int(ciphertext[i])-10
flag=flag+chr(i)
print(flag)运行得到flag
