题目
题目给了一个txt,内容如下
504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000
分析
- 看到开头的504B0304,显然这是一个zip文件的16进制形式数据,将其恢复成原格式(注意write只能写入bytes类型数据)
from Crypto.Util.number import *
f = open("guess.zip","wb")
s = 0x504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E00000012000000080024000000000000002000000000000000666C61672E7478740A0020000000000001001800AF150210CAF2D1015CAEAA05CAF2D1015CAEAA05CAF2D101504B050600000000010001005A000000440000000000
f.write(long_to_bytes(s))
f.close()
- 得到zip文件后解压发现需要密码,从16进制中也没看到伪加密的痕迹
- 利用Ziperello爆破得到密码123456
- 解压并打开flag.txt,结果为
daczcasdqwdcsdzasd