当前位置:网站首页>Jarvis OJ shell traffic analysis
Jarvis OJ shell traffic analysis
2022-07-05 16:46:00 【[mzq]】
shell Flow analysis
Title Attachment : https://dn.jarvisoj.com/challengefiles/+_+.rar.977e2c637dc492fb9a7cf7595c852044
Use strings Find keywords ctf I found one of them python Encryption and decryption script
use wireshark analysis tcp There are encrypted and decrypted in the stream python2 Script
Also found a string base64 Encrypted string , Try to decrypt and get garbled code
Guess after decryption python Script decryption
from Crypto import Random
from Crypto.Cipher import AES
import sys
import base64
def decrypt(encrypted, passphrase):
IV = encrypted[:16]
aes = AES.new(passphrase, AES.MODE_CBC, IV)
return aes.decrypt(encrypted[16:])
def encrypt(message, passphrase):
IV = message[:16]
length = 16
count = len(message)
padding = length - (count % length)
message = message + '\0' * padding
aes = AES.new(passphrase, AES.MODE_CBC, IV)
return aes.encrypt(message)
IV = 'YUFHJKVWEASDGQDH'
message = IV + 'flag is hctf{xxxxxxxxxxxxxxx}'
#print len(message)
#example = encrypt(message, 'Qq4wdrhhyEWe4qBF')
#print example
example = "mbZoEMrhAO0WWeugNjqNw3U6Tt2C+rwpgpbdWRZgfQI3MAh0sZ9qjnziUKkV90XhAOkIs/OXoYVw5uQDjVvgNA=="
example = base64.b64decode(example)
example = decrypt(example, 'Qq4wdrhhyEWe4qBF')
print example
flag is hctf{
n0w_U_w111_n0t_f1nd_me}
边栏推荐
- 【组队 PK 赛】本周任务已开启 | 答题挑战,夯实商品详情知识
- [js] 技巧 简化if 判空
- Binary tree related OJ problems
- PHP strict mode
- 详解SQL中Groupings Sets 语句的功能和底层实现逻辑
- [echart] resize lodash to realize chart adaptation when window is zoomed
- How to uninstall MySQL cleanly
- 漫画:什么是服务熔断?
- Data Lake (XIV): spark and iceberg integrated query operation
- Solve the Hanoi Tower problem [modified version]
猜你喜欢
Seaborn draws 11 histograms
2020-2022 two-year anniversary of creation
數據訪問 - EntityFramework集成
Bs-xx-042 implementation of personnel management system based on SSM
解决CMakeList find_package找不到Qt5,找不到ECM
降本40%!Redis多租户集群的容器化实践
HiEngine:可媲美本地的云原生内存数据库引擎
Migrate /home partition
OneForAll安装使用
Fleet tutorial 09 basic introduction to navigationrail (tutorial includes source code)
随机推荐
tf.sequence_mask函数讲解案例
《21天精通TypeScript-3》-安装搭建TypeScript开发环境.md
迁移/home分区
深潜Kotlin协程(二十一):Flow 生命周期函数
Facing new challenges and becoming a better self -- attacking technology er
Cartoon: what is blue-green deployment?
Apple has abandoned navigationview and used navigationstack and navigationsplitview to implement swiftui navigation
Quelques réflexions cognitives
面对新的挑战,成为更好的自己--进击的技术er
Summary of methods for finding intersection of ordered linked list sets
公司自用的国产API管理神器
清晰还原31年前现场,火山引擎超清修复Beyond经典演唱会
How to uninstall MySQL cleanly
Flet教程之 09 NavigationRail 基础入门(教程含源码)
解决CMakeList find_package找不到Qt5,找不到ECM
Pspnet | semantic segmentation and scene analysis
降本40%!Redis多租户集群的容器化实践
Desci: is decentralized science the new trend of Web3.0?
搜索 正排索引 和 倒排索引 区别
【 brosser le titre 】 chemise culturelle de l'usine d'oies