11 Railfence
fliglifcpooaae_hgggrnee_o{cr}
随波逐流编码工具
分为5栏时,解密结果为:flag{railfence_cipher_gogogo}
12 Caesar
rxms{kag_tmhq_xqmdzqp_omqemd_qzodkbfuaz}
mode1 #12: flag{you_have_learned_caesar_encryption}
随波逐流编码工具
13 base64
base64解码: cyberpeace{Welcome_to_new_World!}
14 re1
int __cdecl main(int argc, const char **argv, const char **envp)
{int v3; // eax__m128i v5; // [esp+0h] [ebp-44h] BYREFint v6; // [esp+1Ch] [ebp-28h]char v7[32]; // [esp+20h] [ebp-24h] BYREFv5 = _mm_loadu_si128((const __m128i *)&xmmword_413E34);LOWORD(v6) = 0;printf(&byte_413E4C, v5.m128i_i64[0], v5.m128i_i64[1], 1129600324, 8210004, 0, v6);printf(&byte_413E60);printf(&byte_413E80);scanf("%s", v7);v3 = strcmp(v5.m128i_i8, v7);if ( v3 )v3 = v3 < 0 ? -1 : 1;if ( v3 )printf(aFlag);elseprintf(aFlagGet);system("pause");return 0;
}
C 库函数 int strcmp(const char *str1, const char *str2) 把 str1 所指向的字符串和 str2 所指向的字符串进行比较
如果返回值小于 0,则表示 str1 小于 str2。
如果返回值大于 0,则表示 str1 大于 str2。
如果返回值等于 0,则表示 str1 等于 str2。
输入一个字符串给v9,v9和v5进行比较,如果他们相等则为v3等于0;
因此我们要想得到v9,先得知道v5,
查看代码我们发现v5等于后边这串代码,然后我们键入这串代码发现
有两段特别的数字,并且是16进制,接着我们按R键转换为字符串。
然后我们反向排列得到flag
DUTCTF{We1c0met0DUTCTF}
15 insanity
9447{This_is_a_flag}
16 a_good_idea
┌──(holyeyes㉿kali2023)-[~/Misc/timu/zulu]
└─$ binwalk -e a_very_good_idea.jpgDECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 JPEG image data, JFIF standard 1.01
30 0x1E TIFF image data, big-endian, offset of first image directory: 8
32286 0x7E1E Zip archive data, at least v1.0 to extract, name: misc/
32321 0x7E41 Zip archive data, at least v2.0 to extract, compressed size: 34, uncompressed size: 32, name: misc/hint.txt
32398 0x7E8E Zip archive data, at least v2.0 to extract, compressed size: 128210, uncompressed size: 128200, name: misc/to.png
160649 0x27389 Zip archive data, at least v2.0 to extract, compressed size: 177379, uncompressed size: 177368, name: misc/to_do.png
338443 0x52A0B End of Zip archive, footer length: 22┌──(holyeyes㉿kali2023)-[~/Misc/timu/zulu]
└─$
NCTF{m1sc_1s_very_funny!!!}
17 Aesop_secret
https://tu.sioe.cn/gj/fenjie/
https://www.sojson.com/encrypt_aes.html
U2FsdGVkX19QwGkcgD0fTjZxgijRzQOGbCWALh4sRDec2w6xsY/ux53Vuj/AMZBDJ87qyZL5kAf1fmAH4Oe13Iu435bfRBuZgHpnRjTBn5+xsDHONiR3t0+Oa8yG/tOKJMNUauedvMyN4v4QKiFunw==
U2FsdGVkX18OvTUlZubDnmvk2lSAkb8Jt4Zv6UWpE7Xb43f8uzeFRUKGMo6QaaNFHZriDDV0EQ/qt38Tw73tbQ==
ISCC
两次解密后得到flag
flag{DugUpADiamondADeepDarkMine}
18 normal_png
flag{B8B68DD7007B1E406F3DF624440D31E0}
19 glance-50
方法1
https://tu.sioe.cn/gj/fenjie/
TWCTF{Bliss by Charles O’Rear}
方法2
──(holyeyes㉿kali2023)-[~/Misc/timu/zulu]
└─$ convert +adjoin glance-50.gif ./glance-50/piece-%03d.gif ┌──(holyeyes㉿kali2023)-[~/Misc/timu/zulu]
└─$ cd glance-50 ┌──(holyeyes㉿kali2023)-[~/Misc/timu/zulu/glance-50]
└─$ convert +append piece-*.gif output.gif┌──(holyeyes㉿kali2023)-[~/Misc/timu/zulu/glance-50]
└─$
20 hit-the-core
文件内容里面有一串字符,发现除第一个大写字母不是隔四个小写以外,剩下的每隔四个小写字母就可以看到一个大写字母,刚好是ALEXCTF,按这个规律找下去,应该就可以得到flag,写个脚本跑一下,脚本如下:
string = 'cvqAeqacLtqazEigwiXobxrCrtuiTzahfFreqc{bnjrKwgk83kgd43j85ePgb_e_rwqr7fvbmHjklo3tews_hmkogooyf0vbnk0ii87Drfgh_n kiwutfb0ghk9ro987k5tfb_hjiouo087ptfcv}'
flag = ''
for i in range(3, len(string), 5):flag += string[i]print(flag)
ALEXCTF{K33P_7H3_g00D_w0rk_up}