BUUCTF [ACTF新生赛2020]base64隐写 1

简介: BUUCTF [ACTF新生赛2020]base64隐写 1

BUUCTF:https://buuoj.cn/challenges

题目描述:

得到的 flag 请包上 flag{} 提交。

密文:

下载附件,解压得到.zip文件,再次解压得到两个文件。


解题思路:

1、打开ComeOn!.txt文件,发现一大串经过Base64加密的密文,如下图。

STJsdVkyeDFaR1U4YVc5emRISmxZVzArQ2c9PQ1=
STJsdVkyeDFaR1U4YzNSeWFXNW5QZ289DQ==
STJsdVkyeDFaR1U4WTNOMGNtbHVaejRLDV==
STJsdVkyeDFaR1U4WTNOMFpHbHZQZ289DQ==
STJSbFptbHVaU0J0WVhodUlEazVPUW89Dd==
Q2c9PQ1=
ZFhOcGJtY2dibUZ1WlhOd1lXTmxJSE4wWkRzSw1=
Q2c9PQ0=
WTJoaGNpUmpZVnR0WVhodVhTd2dZMkpiYldGNGJsMDdDZz09DU==
Q2c9PQ1=
YVc1MElHTnRjQ2h6ZEhKcGJtY2dZU3dnYzNSeWFXNW5JR2lwQ2c9PQ2=
ZXdvPQ1=
SUNBZ3lHbG1LR3V1YzJsNlpTZ3BJRDRnWWk1emFYcGxLQ2twQ2c9PQ3=
SUNBZ0lDbWdJb0J5WlhSMWNtNGdNVHNLDb==
SUNBZ0lHVnNjMlVnYVdZb1lTNXphWHBsS0NrZ1BDQmlMbk5wZW1Vb0tTa0sN
SUNBZ0lDQWdJQ0J5WlhSMWNtNGdMVEU3Q2c9PQ0=
SUNBZ0lHVnNjMlVLDd==
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0JtYjNJb2FXNTBJR2tnUFNBd095QnBJRHdnWVM1emFYcGxLQ2s3SUdrckt5a0sN
SUNBZ2lDQWdJQ2I3Q2c9PQ2=
SUNBZ1lDQWdJQ1FnSUNBZ2FXWW9ZVnRwWFNBOElHSmJhVjBwQ2c9PQ1=
SUNBZ0lDYWdJY0FnSUNBZ0lDYWdJSEpsZEhWeWJpYXRNVHNLDY==
SUNBZ1lDQWdJQ1FnSUNBZ2FXWW9ZVnRwWFNBK1lHSmJhVjBwQ2c9PQ1=
SUNBZ0lDXWdJX0FnSUNBZ0lDXWdJSEpsZEhWeWJpXXhPd289DX==
SUNBZ0lDQWdJQ0I5Q2c9PQ0=
SUNBZ0lDdWdJd0J5WlhSMWNtNGdNRHNLDd==
SUNBZ0lIMEsN
ZlFvPQ2=
Q2c9PQ1=
ZG05cFpDQnlaWE5sZEdFb2MzUnlhVzVuSUdFcENnPT0N
ZXdvPQ1=
SUNBZ1lHMWxiWE5sZENoallTd3dMSE5wZW1WdlppaGpZU2twT3dvPQ1=
SUNBZ2lHWnZjaWhwYm5RZ2FTQTlJREE3SUdrZ1BDQmhMbk5wZW1Vb2tUc2dhU3NyS1FvPQ2=
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0JqWVZ0cFhTQTlJR0ZiWVM1emFYcGxLQ2t0TVMxcFhTQXRJQ2N3SnpzSw0=
SUNBZ0lIMEsN
ZlFvPQ2=
Q2c9PQ0=
ZG05cFpDQnlaWE5sZEdJb2MzUnlhVzVuSUdJcENnPT0N
ZXdvPQ3=
SUNBZ1lHMWxiWE5sZENoallpd3dMSE5wZW1WdlppaGpZaWtwT3dvPQ1=
SUNBZ0lHWnZjaWhwYm5RZ2FTQTlJREE3SUdrZ1BDQmlMbk5wZW1Vb0tUc2dhU3NyS1FvPQ0=
SUNBZ0lIc0sN
SUNBZ1lDQWdJQ1JqWWx1cFhTQTlJR1piWWk1emFYcGxLQ2t1TVMxcFhTQXRJQ2N3SnpzSw1=
SUNBZ1lDQWdJQ1F2TDNCeWFXNTBaaWdpSldRaUxHTmlXMmxkS1RzSw1=
SUNBZ0lIMEsN
ZlFvPQ3=
Q2c9PQ3=
YzNSeWFXNW5JR1ZrWkNoemRISnBibWNnWVN3Z2MzUnlhVzVuSUdJcEx5L2xpcURtczVVSw1=
ZXdvPQ2=
SUNBZ0lISmxjMlYwWVNoaEtUc3ZMK2FLaXVhdmorUzRnT1M5amVXdG1PZWFoT1d0bCtlc3B1V1BtT2FJa09hVnNPV3RseXpsdWJia3VKVG1pb3JtbGJEbnU0VGxqNDNvdjRmbW5hWGt2ci9rdW83bGtJN3BuYUxrdUkzbGtJemt2WTNtbGJEbm03amxpcUFLDW==
SUNBZ0lISmxjMlYwWWloaUtUc0sN
SUNBZ0lHWnZjaWhwYm5RZ2FTTTlJREE3SUdrZ1BDTnRZWGh1T3lCcEt5c3BDZz09DT==
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0JqWVZ0cFhTQTlJR05oVzJsZElDc2dZMkpiYVYwN0NnPT0N
SUNBZ0lDQWdJQ0JwWmloallWdHBYU0ErUFNBeUtYc0sN
SUNBZ0lDTWdJT0FnSUNBZ1kyRmJhU3N4WFNBclBTTXhPd289DT==
SUNBZ0lDQWdJQ0FnSUNBZ1kyRmJhVjBnTFQwZ01qc0sN
SUNBZ0lDQWdJQ0I5Q2c9PQ0=
SUNBZ0lIMEsN
SUNBZ0lHSnZiMndnWm14aFp5QTlJSFJ5ZFdVN0NnPT0N
SUNBZ3lITjBjbWx1WnlCaklEMGdJaUk3Q2c9PQ3=
SUNBZ0lHWnZjaWhwYm5RZ2FTQTlJRzFoZUc0Z0xTQXhPeUJwSUQ0OUlEQTdJR2t0TFNrSw0=
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0JwWmlobWJHRm5JQ1ltSUdOaFcybGRJRDA5SURBcENnPT0N
SUNBZ0lDQWdJQ0FnSUNBZ1kyOXVkR2x1ZFdVN0NnPT0N
SUNBZ0lDQWdJQ0JwWmloallWdHBYU0FoUFNBd0tRbz0N
SUNBZ0lDcWdJc0FnSUNBZ1pteGhaeUE5SUdaaGJITmxPd289Dc==
SUNBZ2lDQWdJQ2JqSUNzOUlDaGpZVnRwWFNBcklDY3dKeWs3Q2c9PQ2=
SUNBZ0lDQWdJQ0F2TDNCeWFXNTBaaWdpSldRaUxHTmhXMmxkS1RzSw0=
SUNBZ0lIMEsN
SUNBZ0lHbG1LR1pzWVdjcENnPT0N
SUNBZ1lDQWdJQ1J5WlhSMWNtNGdJakFpT3dvPQ1=
SUNBZ0lHVnNjMlVLDX==
SUNBZ0lDdWdJd0J5WlhSMWNtNGdZenNLDd==
ZlFvPQ0=
Q2c9PQ0=
YzNSeWFXNW5JRzFwYm5Vb2MzUnlhVzVuSUdFc0lITjBjbWx1WnlCaUtTOHY1WWVQNXJPVkNnPT0N
ZXdvPQ0=
SUNBZ0lHbHVkQ0J6YVdkdUlEMGdNRHNLDQ==
SUNBZ0lHbG1LR050Y0NoaExDQmlLU0E5UFNBdE1Ta3ZMMkhrdUszbHVwVG9yNlhsclpqb3ZvUGxwS2ZubW9UcGdxUGt1S3JtbGJBSw0=
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0J6YVdkdUlEMGdNVHNLDQ==
SUNBZ0lDQWdJQ0J6ZEhKcGJtY2dkR1Z0Y0NBOUlHRTdDZz09DQ==
SUNBZ0lDQWdJQ0JoSUQwZ1lqc0sN
SUNBZ0lDQWdJQ0JpSUQwZ2RHVnRjRHNLDQ==
SUNBZ0lIMEsN
SUNBZ0lISmxjMlYwWVNoaEtUc0sN
SUNBZ0lISmxjMlYwWWloaUtUc0sN
SUNBZ0lHWnZjaWhwYm5RZ2FTQTlJREE3SUdrZ1BDQnRZWGh1T3lCcEt5c3BDZz09DQ==
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0JwWmloallWdHBYU0E4SUdOaVcybGRLWHNLDQ==
SUNBZ0lDQWdJQ0FnSUNBZ1kyRmJhU3N4WFNBdFBTQXhPd289DQ==
SUNBZ0lDQWdJQ0FnSUNBZ1kyRmJhVjBnS3owZ01qc0sN
SUNBZ0lDQWdJQ0I5Q2c9PQ0=
SUNBZ0lDQWdJQ0JqWVZ0cFhTQTlJR05oVzJsZElDMGdZMkpiYVYwN0NnPT0N
SUNBZ0lIMEsN
SUNBZ0lHSnZiMndnWm14aFp5QTlJSFJ5ZFdVN0NnPT0N
SUNBZ0lITjBjbWx1WnlCa0lEMGdJaUk3Q2c9PQ0=
SUNBZ0lHWnZjaWhwYm5RZ2FTQTlJRzFoZUc0Z0xTQXhPeUJwSUQ0OUlEQTdJR2t0TFNrSw0=
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0JwWmlobWJHRm5JQ1ltSUdOaFcybGRJRDA5SURBcENnPT0N
SUNBZ0lDQWdJQ0FnSUNBZ1kyOXVkR2x1ZFdVN0NnPT0N
SUNBZ0lDQWdJQ0JwWmloallWdHBYU0FoUFNBd0tRbz0N
SUNBZ0lDQWdJQ0FnSUNBZ1pteGhaeUE5SUdaaGJITmxPd289DQ==
SUNBZ0lDQWdJQ0JrSUNzOUlDaGpZVnRwWFNBcklDY3dKeWs3Q2c9PQ0=
SUNBZ0lDQWdJQ0F2TDNCeWFXNTBaaWdpSldRaUxHTmhXMmxkS1RzSw0=
SUNBZ0lIMEsN
SUNBZ0lHbG1LR1pzWVdjcENnPT0N
SUNBZ0lDQWdJQ0J5WlhSMWNtNGdJakFpT3dvPQ0=
SUNBZ0lHVnNjMlVLDQ==
SUNBZ0lDQWdJQ0J5WlhSMWNtNGdaRHNLDQ==
ZlFvPQ0=
Q2c9PQ0=
YzNSeWFXNW5JRzExYkNoemRISnBibWNnZUN3Z2MzUnlhVzVuSUhrcEx5OXo1TGk2NTZ5bTVZKzM1TDJOQ2c9PQ0=
ZXdvPQ0=
SUNBZ0lHbHVkQ0JzWlc1NElEMGdlQzV6YVhwbEtDazdDZz09DQ==
SUNBZ0lHbHVkQ0JzWlc1NUlEMGdlUzV6YVhwbEtDazdDZz09DQ==
SUNBZ0lHbG1LR3hsYm5nZ1BUMGdNU2tLDQ==
SUNBZ0lIc0sN
SUNBZ0lDQWdJQ0F2TDJOdmRYUThQSGc4UENJZ0lDQWlQRHg1UER4bGJtUnNPd289DQ==
SUNBZ0lDQWdJQ0JwWmloNElEMDlJQ0l4SWlBbUppQjVJRDA5SUNJeElpa0sN
SUNBZ0lDQWdJQ0FnSUNBZ2NtVjBkWEp1SUNJeElqc0sN
SUNBZ0lDQWdJQ0JsYkhObENnPT0N
SUNBZ0lDQWdJQ0FnSUNBZ2NtVjBkWEp1SUNJd0lpQTdDZz09DQ==
SUNBZ0lIMEsN
Q2c9PQ0=
SUNBZ0lDOHZjSEpwYm5SbUtDSWxaQzB0SldSY2JpSXNiR1Z1ZUN4c1pXNTVLVHNLDQ==
Q2c9PQ0=
SUNBZ0lITjBjbWx1WnlCaExDQmlMQ0JqTEdRN0NnPT0N
SUNBZ0lHRWdQU0I0TG5OMVluTjBjaWd3TENCc1pXNTRMeklwT3dvPQ0=
SUNBZ0lHSWdQU0I0TG5OMVluTjBjaWhzWlc1NEx6SXNJR3hsYm5ndk1pazdDZz09DQ==
SUNBZ0lHTWdQU0I1TG5OMVluTjBjaWd3TENCc1pXNTVMeklwT3dvPQ0=
SUNBZ0lHUWdQU0I1TG5OMVluTjBjaWhzWlc1NUx6SXNJR3hsYm5rdk1pazdDZz09DQ==
SUNBZ0lIQnlhVzUwWmlnaUpXUXRMU1ZrTFMwbFpDMHRKV1F0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMU1ZrTFNWa1hHNGlMR0V1YzJsNlpTZ3BMQ0JpTG5OcGVtVW9LU3dnWXk1emFYcGxLQ2tzSUdRdWMybDZaU2dwTENCNExuTnBlbVVvS1N3Z2VTNXphWHBsS0NrcE93bz0N
SUNBZ0lDOHZZMjkxZER3OGVEdzhJam9pUER4aFBEd2lJQ0k4UEdJOFBDSWdJanc4WXp3OElpQWlQRHhrUER4bGJtUnNPd289DQ==
SUNBZ0lITjBjbWx1WnlCaFl5QTlJRzExYkNoaExDQmpLVHNLDQ==
SUNBZ0lITjBjbWx1WnlCaVpDQTlJRzExYkNoaUxDQmtLVHNLDQ==
SUNBZ0lDOHZZMjkxZER3OGVEdzhJam9pUER4aFl6dzhJaUFpUER4aVpEdzhaVzVrYkRzSw0=
Q2c9PQ0=
SUNBZ0lITjBjbWx1WnlCaFlpQTlJRzFwYm5Vb1lTd2dZaWs3THk5aExXSUsN
SUNBZ0lITjBjbWx1WnlCalpDQTlJRzFwYm5Vb1pDd2dZeWs3Q2c9PQ0=
SUNBZ0lDOHZZMjkxZER3OGVEdzhJam9pUER4aFlqdzhJaUFpUER4alpEdzhaVzVrYkRzSw0=
Q2c9PQ0=
SUNBZ0lITjBjbWx1WnlCaFltTmtJRDBnYlhWc0tHRmlMQ0JqWkNrN0NnPT0N
SUNBZ0lDOHZZMjkxZER3OGVEdzhJam9pUER4aFltTmtQRHhsYm1Sc093bz0N
Q2c9PQ0=
SUNBZ0lITjBjbWx1WnlCbWFYSnpkQ0E5SUdGak93bz0N
SUNBZ0lHWnZjaWhwYm5RZ2FTQTlJREE3SUdrZ1BDQW9iR1Z1ZUNrN0lHa3JLeWtLDQ==
SUNBZ0lDQWdJQ0JtYVhKemRDQXJQU0FpTUNJN0NnPT0N
SUNBZ0lDOHZZMjkxZER3OFlXTThQQ0lnTFMwdExTMWhZeTB0TFMwZ0lqdzhabWx5YzNROFBHVnVaR3c3Q2c9PQ0=
Q2c9PQ0=
SUNBZ0lITjBjbWx1WnlCelpXTnZibVFnUFNCaFpHUW9ZV0pqWkN3Z1lXTXBPd289DQ==
SUNBZ0lITmxZMjl1WkNBOUlHRmtaQ2h6WldOdmJtUXNJR0prS1RzSw0=
SUNBZ0lHWnZjaWhwYm5RZ2FTQTlJREE3SUdrZ1BDQW9iR1Z1ZUM4eUtUc2dhU3NyS1FvPQ0=
SUNBZ0lDQWdJQ0J6WldOdmJtUWdLejBnSWpBaU93bz0N
Q2c9PQ0=
SUNBZ0lITjBjbWx1WnlCbWFXNGdQU0JoWkdRb1ptbHljM1FzSUhObFkyOXVaQ2s3Q2c9PQ0=
SUNBZ0lISmxkSFZ5YmlCaFpHUW9abWx1TENCaVpDazdDZz09DQ==
Q2c9PQ0=
ZlFvPQ0=
Q2c9PQ0=
YVc1MElHMWhhVzRvZG05cFpDa0sN
ZXdvPQ0=
SUNBZ0lITjBjbWx1WnlCNExDQjVPd289DQ==
SUNBZ0lIQnlhVzUwWmlnaTZLKzM2TDZUNVlXbDVMaWs1TGlxNUxxTTZMK2I1WWkyNXBXdzVhMlhPaUFpS1RzSw0=
SUNBZ0lHTnBiajQrZUQ0K2VUc0sN
SUNBZ0lITjBjbWx1WnlCaGJuTWdQU0J0ZFd3b2VDd2dlU2s3Q2c9PQ0=
SUNBZ0lHTnZkWFE4UEdGdWN6c0sN
ZlFvPQ0=

2、结合题目提示和密文特征,猜测为Base64隐写,使用如下Python脚本进行解密。

base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
binstr=""
strings = open('./base64.txt').read()
e = strings.splitlines()
for i in e:
    if i.find("==") > 0:
        temp = bin((base64.find(i[-3]) & 15))[2:]
        # 取倒数第3个字符,在base64找到对应的索引数(就是编码数),取低4位,再转换为二进制字符
        binstr = binstr + "0" * (4 - len(temp)) + temp  # 二进制字符补高位0后,连接字符到binstr
    elif i.find("=") > 0:
        temp = bin((base64.find(i[-2]) & 3))[2:]  # 取倒数第2个字符,在base64找到对应的索引数(就是编码数),取低2位,再转换为二进制字符
        binstr = binstr + "0" * (2 - len(temp)) + temp  # 二进制字符补高位0后,连接字符到binstr
str = ""
for i in range(0, len(binstr), 8):
    str = str + chr(int(binstr[i:i + 8], 2))  # 从左到右,每取8位转换为ascii字符,连接字符到字符串
print(str)

运行脚本,得到flag。

flag:

flag{6aseb4_f33!}
目录
相关文章
|
6月前
BUUCTF [BJDCTF2020]藏藏藏 1
BUUCTF [BJDCTF2020]藏藏藏 1
74 0
|
3月前
[SWPUCTF 2022 新生赛]base64
[SWPUCTF 2022 新生赛]base64
57 0
BUUCTF[ACTF2020 新生赛]Exec1
BUUCTF[ACTF2020 新生赛]Exec1
|
3月前
日更[ACTF新生赛2020]Oruga wp
日更[ACTF新生赛2020]Oruga wp
29 0
|
3月前
|
数据安全/隐私保护
NSS [SWPUCTF 2022 新生赛]奇妙的MD5
NSS [SWPUCTF 2022 新生赛]奇妙的MD5
36 0
|
6月前
|
PHP
BUUCTF---[ACTF2020 新生赛]BackupFile1
BUUCTF---[ACTF2020 新生赛]BackupFile1
|
6月前
|
Python
BUUCTF---misc---[ACTF新生赛2020]base64隐写
BUUCTF---misc---[ACTF新生赛2020]base64隐写
|
6月前
|
数据安全/隐私保护
BUUCTF [ACTF新生赛2020]swp 1
BUUCTF [ACTF新生赛2020]swp 1
139 1
|
6月前
BUUCTF [ACTF新生赛2020]NTFS数据流 1
BUUCTF [ACTF新生赛2020]NTFS数据流 1
207 1
|
6月前
|
数据安全/隐私保护
BUUCTF [ACTF新生赛2020]outguess 1
BUUCTF [ACTF新生赛2020]outguess 1
107 0
BUUCTF [ACTF新生赛2020]outguess 1