Preface There were some wrong in my previous way of learning.
It’s difficult to consolidate knowledge only by learning knowledge without practice.
So I decide to solve some ctf-subject to consolidate my konwledge.
Why I using English to write this project?
It’s easily to find the reason.
MISC Title : something_in_image
Source : XCTF
File : click here
The file-name is “badimage”,so drop it into 010editor.
Obvious, so much zero ,and only a little informations are normal.
文章图片
文章图片
Look up “flag”:
It’s easy ,but i want to know hows it work in the real way;
文章图片
Look carefully you can find the RAR’s file-header.
Rename the suffix(后缀名) to RAR ,get these files:
文章图片
TODO :
文章图片
Nothing get ,but i solve it .
RE Title : Hello, CTF
Source : XCTF
File : click me
Hint : 菜鸡发现Flag似乎并不一定是明文比较的
文章图片
Drop in IDA:
文章图片
Combined with hint , is compare with the encryoted text .
In addtion, the string is HEX ,decrypt result is “CrackMeJustForFun”
It’s very much like flag.
flag get!!
CRYPTO Title : flag_in_your_hand
source : XCTF
File : click me
It’s a website :
文章图片
Open the js file with vs ,find this string:
文章图片
Intuition tells me this is Base64 encrypto , because it’s the same as encrypted tables.
the first part is encrypto by ASCII tables.
文章图片
When the number == 3 , the ascii is right ,so the right num is:
[115,101,99,117,114,105,116,121,45,120,98,117]
文章图片
Enter it to the website:
文章图片
【每日刷题|每日刷题记录1】falg get!!!
推荐阅读
- d的破坏与安全
- 知识总结|【杂记】数字签名概述
- 知识总结|【Shell】编程之文本处理工具awk(8)
- 融云通信“三板斧”,“砍”到了银行的心坎上
- 百度安全亮相国际顶会SC2022 (用fuzzing技术防范高性能计算风险)
- 靶场实战|【Vulnhub靶场】Web Machine: (N7)
- 谷粒商城笔记|10.认证服务,单点登录
- 网络安全|网络安全——黑客的技术操作原来是这样的
- 4G智能安全帽(记录仪)应用分析