流量分析,dvorak键盘解码, 大小写转二进制, BIN2QRCODETags:流量分析,dvorak键盘解码,大小写转二进制,BIN2QRCODE
0x00. 题目
【天山固网——2025网络安全技能竞赛】
children of stream
附件路径:https://pan.baidu.com/s/1GyH7kitkMYywGC9YJeQLJA?pwd=Zmxh#list/path=/CTF附件
附件名称:202508_天山固网_to.zip
0x01. WP
0x01. WP
1. 一图片流量中发现hint信息
留存备用,I've heard of Dvorak
2. 一http响应包中发现乱码字符
xwsoawzfknojzwejkrmsewynkoichlsgxiduinsklf
yPZUIQGHEadEGfohHeISleDsLvqleMaryIMUPMEAIc
aOzezoevMpeIZmUABHDDQNAFwhgqynYtbAntvgbhNq
dReTZSEuOjxCVRNGDvfzDZQmTTDZPfQwwYkEIEToDu
cFrJVUCvBndOJRMFXppxMSVmYQSINrLrzUyIKPBuMv
vJfLLPIgUnhjaFaiDafXIZnWlspnBSwmbSqKNGEjJt
lEfHPSMrKmpoZlolmYamKOJARccoxlMonFrNAXUuOs
tTrknqbzUnuTZAnzYlQxAJKUXhEHbxkgxOdbzcvbPe
fLKJSSGZVsiXyIoqKgBgPBuZhXuqZpEtsJDENSSUKh
zkyintuqwjfHOYCSiFSCbfMvTjYBlhDfgzfwryxfxf
mgorlmjgqwiYEKEOcHVGzcCdKfXTwiFyyxakvffvmb
pypIOXBuYdmRHfKYkqfkJEWrcqdwCaGDTETtdTYLBc
qaOYZtXKgnqLqTvbGWFfNABIULxdzJrNFWfjqglGLa
kpifniZqGmtGcwkwTbInapWDUSndLmYCEaRwbIZQjf
zcRsskImaaktyaAEQCYwEMgfsmqowSXguEcjFUYacy
cuXfchFnhrmppjNPDIPrZMtrkjfjaGZblQmhPVIxbu
wPZJICEiALOANFwaIEgsFIMMceQFWCNOMfJvzpjtYw
dOGMXoZPwERhAronbdWtURHrKuvhzOrhqExMCncXTp
uEadoMPxWdqiqKQQydQgHIcDQSxsisEQQtBArnfWaq
yZdNMVOQiLEqkIIEsWNgNGWknoAXlrSzymkMEiloNo
jpxBPJKXTKYWuIjvvDvNqzwPShhhFYRUQcSQlRQaOf
acjTBNFPQFZMsZrjzMjZcbhIHnmmCGYNMvEHtKMvHj
aJXVLJrWbxufHmcoDjPXitiddVvrxBjtgOwjvWPqwc
tpUvbIGZJnyxhYyxwYlxMLtfMRfvgjjebtaKNmvzhq
fBfXVdAcmHHLJIKJaEHkuyJBHlOCkhUOKiDtBDMXKf
niUOLbjbYgtDYqDQadcIhqsmoiszAgTkhzRHTgrtfu
jFqyrqOtlrlBxKfoqzOlPDigEKIVowuVNtwowQTzNe
wDpqogPjgpiInPbeycJfLKnpYSQRffcQAgbiqVHaHx
zKsSVYWXDOCyxpIAPQyAXClurmQIPVRaawZlXysWwh
aVibdxPPcwlVJzpvslGfLWnshkROmZsNVDwiYVCyOz
cPdMGJHtWYDqWhhcCknGusYXZJqmVXVKRPSAsqvpKt
kdbjynqdekdZseNYrEqYLFePAJDYYwHinccQndztIh
mfsqtjkdxcsDaaUJuGfFCPiUEYOBUsKpfggIjyvuJp
tJKWKWSHHokapfecpGfuyisXziSDkZPxhOoHMukVnk
rLfpalbeTxacxFRHRpHZftGjtMXTOKYsrckHBBCCPo
sXcHKNJkOgxURfidXZthchdBoTJTqbFYRJVIZemdXm
oTbCRVEoQyhZYSQCaVrsNLpEWlckAsoXVvOPuNDGsv
yTfMQCVxBiyTvvNRMibBGFDDNltjJOChlNpjALBoos
lKoUHLBdFveKvzFPBwvLTVQHDypjNOGxrJdaDIBdnh
rSobpwjtYkmwwawtRrHrFPMgzfobhntphVbFcAJmvn
nHHKBFFGMzywuXjwZDgtqnPQRWJPQBVlhqPdJFTJcc
bpvrwdbuhrgrgackekaotpwbeclbnlamzzuhrqmwjg
3. 大小写转二进制
上述内容为42*42的表格分布,猜测可能与二维码相关,尝试识别大小写转二进制
01_Case2Bin.py
s='''
... ...'''for cc in s.split("\n"):tmpB=''for c in cc:if c.islower():tmpB=tmpB+'0'else: tmpB=tmpB+'1'print(tmpB)
4. BIN2QRCODE
02_BIN2QRCODE.py
from PIL import Image
from zlib import *MAX = 42 # 数字的长度为一个整数的平方(如36^2=1296)
pic = Image.new("RGB",(MAX,MAX))
str ="""000000000000000000000000000000000000000000011111111001100010110010100001000111111110010000001001101111111111000000100100000010010111101001111110001110111110100101111010010111101001111110001110111110100101111010010111101000010010011101000011000101111010010111101000100001001111100000100101111010010000001001110010101111101100000100000010011111111001010010101101010010100111111110000000000001111101110010101100100000000000000000000001111101110010101100100000000000000111101001101100001110000010111110011110001110110001010011101111110001011100000110000000101001000010100011110010111010011100001000100000001111101100000001100100111000001000100000001111101100000001100100111000011111101111110011001111001111111010000010011110110110100000101110100001000101100110010001101000011100101101110000111011000100010111110110011101101110001100100001100010000111111111010001010001100011111011011010000111111111010001010001100011111011011010011111010000100010110000010001000100011000001001111000010001001100110000000001100000010110100111111101100011101100111010111110001110001001101100010000000010100011100000010000100001010000101100111100011000011010010000100001010000101100111100011000011010010111111110001111011100001111100010100100010000110001100000101100001101011100111010010111101110100010010011110011111111000010000000000001001101011101111110100001000010000000000001001101011101111110100001000010011111111000000001000001001101100101100100010000001000011110110010011111100001111110010111101001100011000001011100111111100010010111101001111101001101100010011011011100010111101001001110011111100011100100111000010111101001001110011111100011100100111000010000001000000010101110000000000101011000011111111000010011000011111111100010111100000000000000000000000000000000000000000000"""i=0
for y in range(0,MAX):for x in range(0,MAX):if(str[i] == '1'):pic.putpixel([x,y],(0,0,0))else:pic.putpixel([x,y],(255,255,255))i = i+1
pic.show()
pic.save("flag.png")# ssdsahjkhsdfhhkjjhksdfjhds
5. 结合步骤1的提示,进行dvorak解码
03_dvorak_decode.py
dic={r"'":"q", r",":"w", r".":"e", "p":"4", "y":"t", "f":"y", "g":"u", "c":"i", "r":"o", "l":"p", r"/":r"[",r"/":r"[", r"=":r"]", r'"':'Q', r"<":"W", r">":"E", "P":"R","Y":"T", "F":"Y", "G":"U", "C":"I", "R":"O", "L":"P", r"?":r"{", r"+":r"}", "a":"a", "A":"A", "o":"s", "O":"S", "e":"d", "E":"D", "u":"f", "U":"F","i":"g", "I":"G", "d":"h", "D":"H", "h":"j", "H":"J", "t":"k", "T":"K", "n":"l", "N":"L", "s":";", "S":":", r"-":r"'", r'_':r'"', r";":"z", r":":"Z", "q":"x","Q":"X", "j":"c", "J":"C", "k":"v", "K":"V", "x":"b", "X":"B", "b":"n", "B":"N", "m":"m", "M":"M", "w":r",","w":r",", "W":r"<", "v":r".", "V":r">","z":r"/", "Z":r"?", r'!':"!", r"@":r"@", r"#":r"#", r"$":r"$", r"%":r"%", r"^":r"^", r"&":r"&", r"*":r"*", r"(":r"(", r")":r")", r"[":r"-", r"]":r"=", r"{":r"_",r"}":r"+"}def encode(s):return ''.join(dic.get(c, c) for c in s)def decode(s):result=''for i in s:result+=" ".join([key for key, value in dic.items() if value == i])return resultprint("Sample:")
s=r'ypau_kjg;"g;"ypau+'
print("s:",s)
print("decoded s:",decode(s))s="password"
print("s:",s)
print("encoded s:",encode(s))print("*"*32)s=r'ssdsahjkhsdfhhkjjhksdfjhds'
print("s:",s)
print("decoded s:",decode(s))# s: ssdsahjkhsdfhhkjjhksdfjhds
# decoded s: ooeoadhtdoeuddthhdtoeuhdeo
6. 找到一压缩包流量
导出后使用步骤5中解码字符串解压,得到flag
flag为DASCTF{jhughudshhjg_qiwjains_jsmka}
