NEKO

思路脚本代码什么的

2018/01/09

看看人家写的脚本

题目:http://ctf5.shiyanbar.com/qwctf/flag-checker.html

看看别人写的多么精炼的脚本:

1
2
3
4
5
6
7
8
9
10
11
12
f=open('C:/Users/kuraraneko/Desktop/js.txt').read()
x=f.split('&&')
# x.sort(key=lambda i:i.count('a'))
x.sort(key=lambda i:len(i))
a=list(range(47))
for i in range(47):
for j in range(32,127):
a[i]=j
if eval(x[i].strip(')')):
break
flag=''.join(map(chr,a))
print(flag)

排序:x.sort(key=lambda i:len(i))
生成序列:a=list(range(47))

base64隐写

1
2
3
4
5
6
7
8
9
10
11
12
13
14
b64chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
with open('1.txt', 'rb') as f:
bin_str = ''
for line in f.readlines():
stegb64 = ''.join(line.split())
rowb64 = ''.join(stegb64.decode('base64').encode('base64').split())

offset = abs(b64chars.index(stegb64.replace('=', '')[-1]) - b64chars.index(rowb64.replace('=', '')[-1]))
equalnum = stegb64.count('=') # no equalnum no offset

if equalnum:
bin_str += bin(offset)[2:].zfill(equalnum * 2)

print ''.join([chr(int(bin_str[i:i + 8], 2)) for i in xrange(0, len(bin_str), 8)])

waf

1
2
3
4
5
6
7
8
9
10
11
function stop_hack($value) {
$pattern = "insert|delete|or|concat|concat_ws|group_concat|join|floor|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile|dumpfile|sub|hex|file_put_contents|fwrite|curl|system|eval";
$back_list = explode("|", $pattern);
foreach ($back_list as $hack) {
if (preg_match("/$hack/i", $value)) {
die("$hack detected!");
}

}
return $value;
}

BCEL加解密

encode:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
import com.sun.org.apache.bcel.internal.classfile.Utility;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;

public class BCELencode {
public static void main(String []args) throws Exception{
//There also should be compiled class file,not java file
Path path = Paths.get("/Users/n3k0/IdeaProjects/java_code/src/data.class");
byte[] data = Files.readAllBytes(path);
String s = Utility.encode(data,true);
System.out.print(s);
}
}

decode:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
import com.sun.org.apache.bcel.internal.classfile.Utility;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;

public class BCELencode {
public static void main(String []args) throws Exception{
//There also should be compiled class file,not java file
String cryptdata="$l$8b$I$A$A$A$A$A$A$A$xOO$zQ$c8$u$v$v$b0$d2$d77$b44$d234$b3$d03$d03$b4$b4$b24$b04$d07$d4$x$a8T$d0$f5W$d0$_$c9$z$As$AqZ$b7$d6$_$A$A$A";

byte[] s = Utility.decode(cryptdata,true);
String value = new String(s, "UTF-8");
System.out.print(value);
}
}

原文作者: n3k0

发表日期: January 9th 2018, 9:36:55

发出嘶吼: 没有魔夜2玩我要死了

CATALOG
  1. 1. 看看人家写的脚本
  2. 2. base64隐写
  3. 3. waf
  4. 4. BCEL加解密