XYCTF2025wp
首先看题目描述是一道信息搜集题,上网搜XGCTF的wp在一篇wp里看到了原题描述接着找师傅博客直接url栏输入dragonkeeep.top进入博客查看这道题的wp看完解题过程和评论区没找到wp,ctrl+u查看源代码成功找到base64解码。
MISC
XGCTF
首先看题目描述是一道信息搜集题,上网搜XGCTF的wp在一篇wp里看到了原题描述
接着找师傅博客直接url栏输入dragonkeeep.top进入博客查看这道题的wp看完解题过程和评论区没找到wp,ctrl+u查看源代码成功找到
base64解码
签个到吧
题目内容:最小的,具有图灵完备性的语言是?上网搜索得到brainfuck,去在线网站直接解码发现提示错误,看了看是少了,.这两种操作符问ai写脚本解
import re
code = """>+++++++++++++++++[<++++++>-+-+-+-]<[-]>++++++++++++[<+++++++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++[<+++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++[<+++>-+-+-+-]<[-]>+++++++++++++++++[<+++>-+-+-+-]<[-]>++++++++++++[<+++++++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>++++++++[<++++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>+++++++++++++++++++[<+++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++[<++++>-+-+-+-]<[-]>++++++++[<++++++>-+-+-+-]<[-]>+++++++++++++++++++[<+++++>-+-+-+-]<[-]>+++++++++++[<++++++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>++++++++++++[<+++++++>-+-+-+-]<[-]>++++++++++[<+++++++>-+-+-+-]<[-]>+++++++++++++++++++[<+++++>-+-+-+-]<[-]>++++++++++[<+++++>-+-+-+-]<[-]>++++++++[<++++++>-+-+-+-]<[-]>++++++++++[<+++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++[<+>-+-+-+-]<[-]>+++++++++++++++++++[<+++++>-+-+-+-]<[-]>+++++++++++++++++++++++[<+++>-+-+-+-]<[-]>+++++++++++[<++++++++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++++++++++++++++++++++++++[<++>-+-+-+-]<[-]>++++++++[<++++++>-+-+-+-]<[-]>+++++++++++[<+++++>-+-+-+-]<[-]>+++++++++++++++++++[<+++++>-+-+-+-]<[-]>+++++++[<+++++++>-+-+-+-]<[-]>+++++++++++++++++++++++++++++[<++++>-+-+-+-]<[-]>+++++++++++[<+++>-+-+-+-]<[-]>+++++++++++++++++++++++++[<+++++>-+-+-+-]<[-]>"""
# 修正后的解析逻辑
flag = []
for segment in code.split("]<[-]>")[:-1]: # 按结构分段
if not segment: continue
parts = segment.split("[<")
init = parts[0].count("+") # 初始加号数
ops = parts[1].split(">")[0].count("+") # 循环内加号数
flag.append(chr(init * ops))
# 关键修正点:手动调整偏移异常的字符
flag[2] = 'a' # 修正第三个字符的计算误差
print("Flag:", "".join(flag).replace("XIITF", "XYCTF"))#Flag: flag{W3lC0me_t0_XYCTF_2025_Enj07_1t!}
MADer也要当CTFer
mkv文件显示的是五分钟但是只能看十几秒,搜一下导出字幕的工具工具得到信息然后将得到⽂件记事本打开可以看到text数据将⾥的text数据导出来
import re
def extract_ass_text(input_file, output_file):
try:
with open(input_file, 'r', encoding='utf-8') as f:
ass_content = f.readlines()
except UnicodeDecodeError:
with open(input_file, 'r', encoding='gbk') as f:
ass_content = f.readlines()
dialogues = [] # 这个列表现在是函数的局部变量
for line in ass_content:
line = line.strip()
if line.startswith('Dialogue:'):
parts = line.split(',', 9)
if len(parts) < 10:
continue
text = parts[9]
text = re.sub(r'\{.*?\}', '', text)
text = re.sub(r'\\[nNhH]', ' ', text)
text = text.strip()
if text:
dialogues.append(text)
with open(output_file, 'w', encoding='utf-8') as f:
f.write('\n'.join(dialogues))
return dialogues # 添加返回值
if __name__ == '__main__':
input_path = '1.ass'
output_path = '1.txt'
dialogues = extract_ass_text(input_path, output_path) # 接收返回值
print(f'成功提取 {len(dialogues)} 条字幕到 {output_path}')
然后将⼗六进制解码得到⼀个⽂件然后记事本打开看着很乱但是ctrl+f可以搜到flag字段说明没问题仔
细寻找找到了flag
flag{l_re@IIy_w@nn@_2_Ie@rn_AE}
会飞的雷克萨斯
看题目名字和图片就直接秒了过年期间的顶级小孩哥
flag{四川省内江市资中县春岚北路城市中心内}
曼波曼波曼波
有一个smn.txt和一个假的flag二维码,看文档跟base64很像就有可能是base转图片但是=后再最前面应该是要先逆序。
去厨子上试试逆序再base解码果真得到了一个文件jpg
不用想010打开发现里面有一个压缩包提取出来得到一个加密的压缩包和一张图片一个密码提示比赛名字和日期那就是XYCTF2025了解压得到跟之前的图片一样的图片,那就是双图隐写了,再试了异或这些操作没用之后尝试盲水印
re
WARMUP
vbs文件右键记事本或者vs打开看到源码
可以写脚本直接计算但是有些是溢出了的,vbs语言把开头的execute改成msgbox参照链接查看这个函数的用法具体用法得到
利用密钥rc4key进行rc4解码得到
然后根据题目提示将flag内的内容在进行md5加密得到flag
division
这个题直接丢给ai直接出了
from pwn import *
from randcrack import RandCrack
r = remote('ip', port)
p = RandCrack() # 替换预测器类型
# 收集624个32位原始随机数(分⺟必须为1)
for _ in range(624):
r.sendlineafter(b'>>> ', b'1')
r.sendlineafter(b'>>> ', b'1')
line = r.recvline().decode().strip()
nominator = int(line.split('//')[0])
p.submit(nominator) # 提交⽅式保持不变
# ⽣成超⼤随机数时需要特殊处理(与MT19937Predictor不同)
rand1 = p.predict_getrandbits(11000) # 直接⽣成特定位数
rand2 = p.predict_getrandbits(10000)
answer = rand1 // rand2
r.sendlineafter(b'>>> ', b'2')
r.sendlineafter(b'>>> ', str(answer).encode())
r.interactive()
中国智能体开发者社区,聚焦智能体与大模型开发,提供前沿资讯、实用工具链、开源项目及行业案例。通过技术沙龙、开发者大赛等活动,促进经验交流与协作,助力开发者快速构建创新智能应用。
更多推荐
8
0- 0
已为社区贡献1条内容
所有评论(0)