当前位置:网站首页>[VNCTF 2022]ezmath wp
[VNCTF 2022]ezmath wp
2022-07-06 09:33:00 【bestkasscn】
[VNCTF 2022]ezmath wp
一个sha256爆破+一个数学问题,可以去百度一下,得到答案就是num * 4,但是查看源码可以发现要提交777次答案,所以只能写脚本来解决,这类交互题一般是去nc服务器,也可以使用python中的第三方库pwntools。
exp
from hashlib import sha256
import random
from pwn import *
import string
# 创建由大小写字母和数字组成的字典
dir = string.ascii_letters + string.digits
# 自己改环境
p = remote("node4.buuoj.cn", 27166)
p.recvuntil('[+] sha256(XXXX+')
salt = p.recv(16).strip().decode()
p.recvuntil(') == ')
hash = p.recv(64).strip().decode()
print('salt: %s' % salt)
print('target hash: %s' % hash)
# 爆破四位字符串
while True:
rand_str = (''.join([random.choice(dir) for _ in range(4)])) + salt
if sha256(rand_str.encode()).hexdigest() == hash:
print(rand_str[:4])
p.sendlineafter('[+] Plz Tell Me XXXX :', rand_str[:4])
break
# 数学题解密
for i in range(777):
p.recvuntil("plz give me the ")
count = p.recv(10).strip().decode()
count = int(count)
res = str(count*4)
p.recvuntil('th (n) that satisfying (2^n-1) % 15 == 0 (the 1st 2^n-1 is 15):')
p.sendline(res)
p.recvuntil('You get flag!')
print(p.recvlines(2))
边栏推荐
- Only learning C can live up to expectations top5 S1E8 | S1E9: characters and strings & arithmetic operators
- SQL tuning notes
- Login to verify the simple use of KOA passport Middleware
- High performance mysql (Third Edition) notes
- On the clever use of stream and map
- The QT program compiled on CentOS lacks a MySQL driven solution
- Activiti directory (III) deployment process and initiation process
- 【MMdetection】一文解决安装问题
- Akamai 反混淆篇
- 服务器端渲染(SSR)和客户端渲染(CSR)的区别
猜你喜欢
8086 CPU 内部结构
汇编课后作业
Take you hand-in-hand to do intensive learning experiments -- knock the level in detail
吴军三部曲见识(五) 拒绝伪工作者
JVM 垃圾回收器之Garbage First
Activiti目录(四)查询代办/已办、审核
Prototype chain inheritance
JVM 垃圾回收器之Serial SerialOld ParNew
Wu Jun trilogy insight (IV) everyone's wisdom
Install docker under windows10 (through Oracle VM VirtualBox)
随机推荐
DOS function call
Flink parsing (VI): savepoints
在 vi 编辑器中的命令模式下,删除当前光标处的字符使用 __ 命 令。
Mongodb learning notes
Idea breakpoint debugging skills, multiple dynamic diagram package teaching package meeting.
字节跳动春招攻略:学长学姐笔经面经,还有出题人「锦囊」
Activiti目录(一)重点介绍
唯有学C不负众望 TOP3 Demo练习
The "advertising maniacs" in this group of programmers turned Tiktok advertisements into ar games
Yao BanZhi and his team came together, and the competition experts gathered together. What fairy programming competition is this?
MySQL字符串函数
Install docker under windows10 (through Oracle VM VirtualBox)
Wu Jun's trilogy experience (VII) the essence of Commerce
Flink 解析(一):基础概念解析
手把手带你做强化学习实验--敲级详细
Learn the wisdom of investment Masters
Take you hand-in-hand to do intensive learning experiments -- knock the level in detail
[graduation project] QT from introduction to practice: realize imitation of QQ communication, which is also the last blog post in school.
JVM class loading subsystem
The daemon thread starts redis and modifies the configuration file