import hashlib
import string
def md5(str):
m = hashlib.md5()
m.update(str.encode("utf8"))
return m.hexdigest()
for i in string.ascii_uppercase:
for j in string.ascii_uppercase:
for k in string.ascii_uppercase:
c = 'TASC' + i + 'O3RJMV' + j + 'WDJKX' + k + 'ZM'
x = md5(c).upper()
if 'E903' in x and '4DAB' in x and '08' in x and '51' in x and '80' in x and '8A' in x:
print(x)
break
key = open("key.txt", 'rb').read()
cipher = open("密文.txt", "rb").read()
flag = []
result = ""
for i in range(len(key)):
flag.append(key[i] ^ cipher[i])
result += chr(flag[i])
print(flag)
print(result)
<?php
include('./flag.php');
show_source('./index.php');
$file=@$_POST['file'];
class hello{
public $falg='tql123';
}
$a=new hello();
$shit=serialize($a);
if(@file_get_contents($file) == $shit){
echo $flag;
}else{
echo "what are u doing? just a qian dao";
}
?>
import os
def get_file_list(dir_path):
_file_list = os.listdir(dir_path)
file_list = []
for file_str in _file_list:
new_dir_path = dir_path+'\\'+file_str
if os.path.isdir(new_dir_path):
file_list.extend(get_file_list(new_dir_path))
else:
file_list.append(new_dir_path)
return file_list
file_list = get_file_list(r'.\source_code')
for file_str in file_list:
f = open(file_str, 'r', encoding='utf-8')
try:
data = f.read()
if ' \t \t' in data:
print(file_str)
except:
pass
f_list = r'''.\source_code\elf\rtld.c
.\source_code\malloc\arena.c
.\source_code\malloc\malloc.c'''
f_list = f_list.split('\n')
result = ''
for f in f_list:
for data in open(f, 'r').readlines():
data = data[:-1]
if '}' in data:
data = data.split('}')[-1]
if '\t' in data:
data1 = data[::].replace('\t', '')
data1 = data1.replace(' ', '')
if not data1:
result += data
result = result.replace('\t', '1')
result = result.replace(' ', '0')
print(result)
from os import system
import zipfile
zipname = "0573.zip"
f = zipfile.ZipFile(zipname, 'r')
while 1:
try:
name = f.namelist()[0]
f.extractall(pwd=bytes(zipname[0:4],'utf-8'))
system('rm -rf '+ str(zipname))
f = zipfile.ZipFile(name, 'r')
zipname = name
except:
break
跑了几分钟最后得到qr.txt,可以看到是rgb的数据
把前后括号都删去,然后用下面的脚本,得到一张二维码,扫描得到flag。
from PIL import Image
x = y = 200
img = Image.new("RGB",(x,y))
file = open('./qr.txt','r')
for width in range(0,x):
for height in range(0,y):
line = file.readline()
rgb = line.split(',')
img.putpixel((width,height),(int(rgb[0]),int(rgb[1]),int(rgb[2])))
img.save('flag.jpg')