当前位置:网站首页>Jarvis OJ shell流量分析
Jarvis OJ shell流量分析
2022-07-05 16:06:00 【[mzq]】
shell流量分析
题目附件 : https://dn.jarvisoj.com/challengefiles/+_+.rar.977e2c637dc492fb9a7cf7595c852044
使用strings 查找关键字 ctf 发现里面有一个python加解密脚本
用wireshark分析 tcp流中有加密解密的python2 脚本
还找到一串base64加密字符串,尝试解密得到乱码
猜测解密后用python 脚本解密
from Crypto import Random
from Crypto.Cipher import AES
import sys
import base64
def decrypt(encrypted, passphrase):
IV = encrypted[:16]
aes = AES.new(passphrase, AES.MODE_CBC, IV)
return aes.decrypt(encrypted[16:])
def encrypt(message, passphrase):
IV = message[:16]
length = 16
count = len(message)
padding = length - (count % length)
message = message + '\0' * padding
aes = AES.new(passphrase, AES.MODE_CBC, IV)
return aes.encrypt(message)
IV = 'YUFHJKVWEASDGQDH'
message = IV + 'flag is hctf{xxxxxxxxxxxxxxx}'
#print len(message)
#example = encrypt(message, 'Qq4wdrhhyEWe4qBF')
#print example
example = "mbZoEMrhAO0WWeugNjqNw3U6Tt2C+rwpgpbdWRZgfQI3MAh0sZ9qjnziUKkV90XhAOkIs/OXoYVw5uQDjVvgNA=="
example = base64.b64decode(example)
example = decrypt(example, 'Qq4wdrhhyEWe4qBF')
print example
flag is hctf{
n0w_U_w111_n0t_f1nd_me}
边栏推荐
- 养不起真猫,就用代码吸猫 -Unity 粒子实现画猫咪
- 帮忙看看是什么问题可以吗?[ERROR] Could not execute SQL stateme
- ES6深入—async 函数 与 Symbol 类型
- 《MongoDB入门教程》第04篇 MongoDB客户端
- [js] 技巧 简化if 判空
- Explain in detail the functions and underlying implementation logic of the groups sets statement in SQL
- [echart] resize lodash to realize chart adaptation when window is zoomed
- Data access - entityframework integration
- Flet教程之 11 Row组件在水平数组中显示其子项的控件 基础入门(教程含源码)
- Seaborn绘制11个柱状图
猜你喜欢
Explain in detail the functions and underlying implementation logic of the groups sets statement in SQL
数据湖(十四):Spark与Iceberg整合查询操作
Flet教程之 09 NavigationRail 基础入门(教程含源码)
二叉树相关OJ题
新春限定丨“牛年忘烦”礼包等你来领~
Binary tree related OJ problems
《21天精通TypeScript-3》-安装搭建TypeScript开发环境.md
Domestic API management artifact used by the company
Oneforall installation and use
【组队 PK 赛】本周任务已开启 | 答题挑战,夯实商品详情知识
随机推荐
Transaction rollback exception
记一次'非常诡异'的云安全组规则问题排查过程
APICloud云调试解决方案
有序链表集合求交集 方法 总结
Detailed explanation of use scenarios and functions of polar coordinate sector diagram
【深度学习】深度学习如何影响运筹学?
Parameter type setting error during batch update in project SQL
Pspnet | semantic segmentation and scene analysis
二叉树相关OJ题
漫画:什么是蓝绿部署?
[js] 技巧 简化if 判空
文件操作--I/O
迁移/home分区
Fleet tutorial 09 basic introduction to navigationrail (tutorial includes source code)
[deep learning] how does deep learning affect operations research?
Cartoon: what is distributed transaction?
Desci: is decentralized science the new trend of Web3.0?
ES6深入—async 函数 与 Symbol 类型
ES6 drill down - ES6 generator function
[js] skill simplification if empty judgment