{"id":328,"date":"2022-01-10T19:36:31","date_gmt":"2022-01-10T11:36:31","guid":{"rendered":"http:\/\/101.34.19.194\/?p=328"},"modified":"2022-01-11T23:06:21","modified_gmt":"2022-01-11T15:06:21","slug":"%e9%95%bf%e5%ae%89%e6%88%98%e7%96%ab%e8%b5%9b2021-misc","status":"publish","type":"post","link":"http:\/\/101.34.19.194\/?p=328","title":{"rendered":"\u957f\u5b89\u201c\u6218\u75ab\u201d\u8d5b2021-Misc"},"content":{"rendered":"\n<p>\u9898\u76ee\u590d\u73b0\u73af\u5883\uff1a<a href=\"https:\/\/www.yunyansec.com\/#\/experiment\/expdetail\/3\">\u3010\u4e91\u6f14\u3011&#8211;\u5728\u7ebf\u4fe1\u606f\u5b89\u5168\u6559\u80b2\u5e73\u53f0\uff0c\u8ba9\u653b\u9632\u66f4\u7b80\u5355\uff01 (yunyansec.com)<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u897f\u5b89\u52a0\u6cb9<\/strong><\/h2>\n\n\n\n<p>wireshark\u6253\u5f00\u538b\u7f29\u5305\u91cc\u7684<code>secret.pcap<\/code>\uff0c\u5bfc\u51faHTTP\u5bf9\u8c61\u4fdd\u5b58\u5230\u4e00\u4e2a\u6587\u4ef6\u5939\u91cc<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108183809.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108183809.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220108183802244\"\/><\/div><\/figure>\n\n\n\n<p>\u7528<code>Sublime<\/code>\u6253\u5f00\u6587\u4ef6\u5939\u4e00\u4e2a\u4e2a\u67e5\u770b\u6587\u4ef6\uff0c\u53d1\u73b0<code>hint.txt\u3001secret.txt<\/code>\u91cc\u542b\u6709\u7f16\u7801\u540e\u7684\u5b57\u7b26\u4e32<\/p>\n\n\n\n<p>\u7528base64\u89e3\u7801secret.txt\uff0c\u53d1\u73b0\u538b\u7f29\u5305\u6587\u4ef6\u5934<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108184017.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108184017.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220108184017758\"\/><\/div><\/figure>\n\n\n\n<p>\u5bfc\u51fa\u4e3a\u6587\u4ef6\uff0c\u6539\u540e\u7f00\u4e3azip\uff0c\u53d1\u73b0\u91cc\u9762\u6709\u8bb8\u591a\u56fe\u7247\uff0c\u662f\u62fc\u56fe\u7c7b\u578b<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108184112.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108184112.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220108184112359\"\/><\/div><\/figure>\n\n\n\n<p>\u7528base32\u89e3\u7801hint.txt\uff0c\u53d1\u73b0\u6709\u63d0\u793a\u54ea\u5f20\u56fe\u7247\u662f\u6570\u5b57\uff0c\u731c\u60f3\u5c31\u662f\u62fc\u56fe\u7684\u987a\u5e8f<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108183833.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimagee\/raw\/master\/20220108183833.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220108183833616\"\/><\/div><\/figure>\n\n\n\n<p>\u4f9d\u6b21\u6309\u7167hint\u63d0\u793a\u7684\u987a\u5e8f\u62fc\u56fe\uff0c\u62fc\u51fa\u6765\u5927\u81f4\u5982\u6b64<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/71bb5e1957852441085e9615fce126e.jpg'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/71bb5e1957852441085e9615fce126e.jpg\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"71bb5e1957852441085e9615fce126e\"\/><\/div><\/figure>\n\n\n\n<p><strong>cazy{make_XiAN_great_Again}<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u6734\u5b9e\u65e0\u534e\u7684\u53d6\u8bc1<\/strong><\/h2>\n\n\n\n<p>\u89e3\u538b\u5f97\u5230<code>xp_sp3.raw<\/code>\u955c\u50cf\uff0c\u731c\u60f3\u662f\u5185\u5b58\u53d6\u8bc1\uff0c\u7528volatility\u8fdb\u884c\u53d6\u8bc1<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\u250c\u2500\u2500(kali\u327fkali)-&#91;~\/Desktop]<br>\u2514\u2500$ volatility -f xp_sp3.raw imageinfo<br>Volatility Foundation Volatility Framework 2.6<br>INFO &nbsp;  : volatility.debug &nbsp;  : Determining profile based on KDBG search...<br> &nbsp; &nbsp; &nbsp; &nbsp;  Suggested Profile(s) : WinXPSP2x86, WinXPSP3x86 (Instantiated with WinXPSP2x86)<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; AS Layer1 : IA32PagedMemoryPae (Kernel AS)<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; AS Layer2 : FileAddressSpace (\/home\/kali\/Desktop\/xp_sp3.raw)<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  PAE type : PAE<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; DTB : 0x764000L<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  KDBG : 0x8054e2e0L<br> &nbsp; &nbsp; &nbsp; &nbsp;  Number of Processors : 2<br> &nbsp; &nbsp; Image Type (Service Pack) : 3<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  KPCR for CPU 0 : 0xffdff000L<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  KPCR for CPU 1 : 0xf8757000L<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; KUSER_SHARED_DATA : 0xffdf0000L<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Image date and time : 2021-12-27 02:37:41 UTC+0000<br> &nbsp; &nbsp; Image local date and time : 2021-12-27 10:37:41 +0800<\/code><\/pre>\n\n\n\n<p>\u5bf9\u955c\u50cf\u8fdb\u884c\u57fa\u672c\u4fe1\u606f\u7684\u53d6\u8bc1\uff0c\u968f\u540e\u67e5\u770b\u662f\u5426\u6709\u5173\u952e\u8bcd\u4e3a<code>flag<\/code>\u7684\u6587\u4ef6<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\u250c\u2500\u2500(kali\u327fkali)-&#91;~\/Desktop]<br>\u2514\u2500$ volatility -f xp_sp3.raw --profile=WinXPSP2x86 filescan | grep 'flag' &nbsp;<br>Volatility Foundation Volatility Framework 2.6<br>0x00000000017ad6a8 &nbsp; &nbsp;  2 &nbsp; &nbsp;  0 R--rw- \\Device\\HarddiskVolume1\\Documents and Settings\\Administrator\\\u684c\u9762\\flag.zip<br>0x00000000018efcb8 &nbsp; &nbsp;  1 &nbsp; &nbsp;  0 RW-rw- \\Device\\HarddiskVolume1\\Documents and Settings\\Administrator\\Recent\\flag.lnk<br>0x0000000001b34f90 &nbsp; &nbsp;  1 &nbsp; &nbsp;  1 R--r-- \\Device\\HarddiskVolume1\\Documents and Settings\\Administrator\\\u684c\u9762\\flag.zip<br>0x0000000001e65028 &nbsp; &nbsp;  1 &nbsp; &nbsp;  0 R--rw- \\Device\\HarddiskVolume1\\Documents and Settings\\Administrator\\\u684c\u9762\\flag.png<\/code><\/pre>\n\n\n\n<p>\u53d1\u73b0\u6709\u540e\u7f00\u540d\u4e3a<code>png<\/code>\u548c<code>zip<\/code>\u7684flag\u6587\u4ef6\uff0c\u5c06\u5176\u5bfc\u51fa<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>volatility -f xp_sp3.raw --profile=WinXPSP2x86 dumpfiles -D .\/ -Q 0x0000000001e65028 -n<br>volatility -f xp_sp3.raw --profile=WinXPSP2x86 dumpfiles -D .\/ -Q 0x0000000001b34f90 -n<\/code><\/pre>\n\n\n\n<p>\u5c06png\u56fe\u7247\u91cc\u9762\u7684\u7c7b\u4f3cflag\u7684\u5b57\u7b26\u63d0\u53d6\uff0c\u4e3a<code>FDCB[8LDQ?ZL00?FHUWDLQOB?VXFFHHG?LQ?ILJKWLQJ?WKH?HSLGHPLF]<\/code><\/p>\n\n\n\n<p>\u538b\u7f29\u5305\u6709\u5bc6\u7801\uff0c\u5728\u5bf9\u955c\u50cf\u7684\u8bb0\u4e8b\u672c\u53d6\u8bc1\u65f6\u53d1\u73b0\u5bc6\u7801<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\u250c\u2500\u2500(kali\u327fkali)-&#91;~\/Desktop]<br>\u2514\u2500$ volatility -f xp_sp3.raw --profile=WinXPSP2x86 notepad &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<br>Volatility Foundation Volatility Framework 2.6<br>Process: 2976<br>Text:<br>?<br>\u200b<br>Text:<br>?<br>\u200b<br>Text:<br>\u200b<br>\u200b<br>Text:<br>?<br>\u200b<br>Text:<br>??????????????<br>20211209(encrypt)<br>???????????????????????<br>????!?????<br>????!???<\/code><\/pre>\n\n\n\n<p>\u89e3\u538b\u540e\u6253\u5f00\u6587\u672c\u53d1\u73b0\u91cc\u9762\u6709\u6bb5\u52a0\u5bc6\u7684\u811a\u672c<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\/\/\u5e7c\u513f\u56ed\u6c34\u5e73\u7684\u52a0\u5bc6\uff08\u90e8\u5206\uff09<br>void Encrypt(string&amp; str)<br>{<br>    for(int i = 0; i &lt; str.length(); i++)<br>    {<br>        if(str&#91;i] &gt;='a'&amp;&amp; str&#91;i]&lt;='w')<br>            str&#91;i]+=3;<br>        else if(str&#91;i]=='x')<br>            str&#91;i]='a';<br>        else if(str&#91;i]=='y')<br>            str&#91;i]='b';<br>        else if(str&#91;i]=='z')<br>            str&#91;i]='c'; <br>        else if(str&#91;i]=='_')<br>            str&#91;i]='|';<br>        str&#91;i] -= 32;<br>    }<br>}<\/code><\/pre>\n\n\n\n<p>\u7efc\u5408\u4ee5\u4e0a\u5bf9\u5176\u8f6c\u6362\u6210python\u89e3\u5bc6flag<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>def Encrypt(str):<br> &nbsp;  for i in range(len(str)):<br> &nbsp; &nbsp; &nbsp;  str&#91;i] = chr(ord(str&#91;i]) + 32)<br> &nbsp; &nbsp; &nbsp;  if ((ord(str&#91;i]) &gt;= ord('d')) and (ord(str&#91;i]) &lt;= ord('z'))):<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  str&#91;i] = chr(ord(str&#91;i]) - 3)<br> &nbsp; &nbsp; &nbsp;  elif (str&#91;i] == 'a'):<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  str&#91;i] = 'x'<br> &nbsp; &nbsp; &nbsp;  elif (str&#91;i] == 'b'):<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  str&#91;i] = 'y'<br> &nbsp; &nbsp; &nbsp;  elif (str&#91;i] == 'c'):<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  str&#91;i] = 'z'<br> &nbsp; &nbsp; &nbsp;  elif (str&#91;i] == '|'):<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;  str&#91;i] = '_'<br>\u200b<br> &nbsp;  print(''.join(str))<br>\u200b<br>\u200b<br>Encrypt(list('FDCB&#91;8LDQ?ZL00?FHUWDLQOB?VXFFHHG?LQ?ILJKWLQJ?WKH?HSLGHPLF]'))<br>\u200b<\/code><\/pre>\n\n\n\n<p><strong>cazy{Xian_will_certainly_succeed_in_fighting_the_epidemic}<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u65e0\u5b57\u5929\u4e66<\/h2>\n\n\n\n<p>\u89e3\u538b\u538b\u7f29\u5305\u5f97\u5230\u6d41\u91cf\u6355\u83b7\u5305\uff0c\u5bfc\u51fahttp\u5bf9\u8c61\u5230\u4e00\u4e2a\u6587\u4ef6\u5939<\/p>\n\n\n\n<p>\u7528<code>sublime text<\/code>\u4e00\u4e2a\u4e2a\u67e5\u770b\u5bfc\u51fa\u7684\u6587\u4ef6\uff0c\u5728\u4e00\u4e2a\u6587\u4ef6\u53d1\u73b0<code>504B<\/code>\u5f00\u5934\uff0c\u660e\u663ezip\u538b\u7f29\u5305\uff0c\u5c06\u5176\u590d\u5236\u621016\u8fdb\u5236\u5bfc\u51fa\u6210\u538b\u7f29\u5305<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110211204919.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110211204919.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220110211204919\"\/><\/div><\/figure>\n\n\n\n<p>\u89e3\u538b\u540e\u6709\u4e24\u4e2a\uff0c<code>flag.txt\u548ckey.ws<\/code>\uff0c\u6253\u5f00\u5168\u662f\u7a7a\u767d\uff0c\u5168\u9009\u590d\u5236\u6709\u4e1c\u897f\u4f46\u662f\u770b\u4e0d\u89c1<\/p>\n\n\n\n<p>\u4ee5\u4e3a\u662f\u96f6\u5bbd\u5b57\u7b26\u9690\u5199\uff0c\u4f46\u590d\u5236\u5230\u5728\u7ebf\u7f51\u7ad9\u89e3\u4e0d\u51fa\uff0c\u5728kali\u91cc\u6253\u5f00\u5e76\u6ca1\u6709<code>200C<\/code>\u4e4b\u7c7b\u7684<\/p>\n\n\n\n<p>\u752816\u8fdb\u5236\u67e5\u770b\uff0c\u53d1\u73b0\u5168\u662f<code>20 09 0A<\/code>\u4e4b\u7c7b<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110211814446.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110211814446.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220110211814446\"\/><\/div><\/figure>\n\n\n\n<p>\u5728\u6bd4\u8d5b\u65f6\u505a\u5230\u8fd9\u5c31\u4e0d\u4f1a\u4e86<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\u590d\u73b0<\/h3>\n\n\n\n<p>ws\u6587\u4ef6\u5728\u6bd4\u8d5b\u65f6\u600e\u4e48\u60f3\u90fd\u4e0d\u77e5\u662f\u4ec0\u4e48<\/p>\n\n\n\n<p>\u770bwp\u624d\u77e5\u9053\u662f<code>whitespace<\/code>\uff0c\u50a8\u5907\u91cf\u4e0d\u591f<\/p>\n\n\n\n<p><a href=\"https:\/\/vii5ard.github.io\/whitespace\/\">Whitelips the Whitespace IDE (vii5ard.github.io)<\/a><\/p>\n\n\n\n<p>\u5c06<code>key.ws<\/code>\u5185\u5bb9\u5168\u9009\u590d\u5236\u4e0a\u53bb\uff0crun\u4e00\u4e0b\u5f97\u5230<code>XiAnWillBeSafe<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110212059339.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110212059339.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220110212059339\"\/><\/div><\/figure>\n\n\n\n<p>\u7136\u540e<code>flag.txt<\/code>\u662fsnow\uff0c\u7528snow\u5de5\u5177<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>D:\\CTF\\ctftool\\\u56fe\u7247\u9690\u5199\\snow&gt;SNOW.EXE -p XiAnWillBeSafe -C flag.txt<br>cazy{C4n_y0u_underSt4nd_th3_b0oK_With0ut_Str1ng}<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">binary<\/h2>\n\n\n\n<p>\u89e3\u538b\u5f97\u5230\u540d\u4e3a<code>234<\/code>\u7684\u6587\u4ef6\uff0c\u6ca1\u6709\u540e\u7f00\u540d<\/p>\n\n\n\n<p>\u7528<code>010editor<\/code>\u67e5\u770b\uff0c\u53d1\u73b0\u6587\u4ef6\u5934\u4e3a<code>CA FE BA BE<\/code>\uff0cclass\u6587\u4ef6\u7684\u9b54\u6570<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110213609858.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110213609858.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220110213609858\"\/><\/div><\/figure>\n\n\n\n<p>\u7528jadx\u53cd\u7f16\u8bd1<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110214142689.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220110214142689.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220110214142689\"\/><\/div><\/figure>\n\n\n\n<p>\u5c06\u6e90\u7801\u590d\u5236\u51fa\u6765\uff0c\u8f6cpython<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>s = &#91;77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 65, 120, 77, 70, 120, 117, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 70, 120, 117, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 65, 120, 77, 68, 65, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 86, 120, 117, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 69, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 65, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 119, 77, 70, 120, 117, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 65, 120, 77, 84, 65, 120, 77, 70, 120, 117, 77, 68, 65, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 68, 69, 120, 77, 84, 69, 119, 77, 86, 120, 117, 77, 68, 69, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 65, 119, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 65, 120, 77, 84, 69, 120, 77, 86, 120, 117, 77, 68, 69, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 120, 77, 84, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 120, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 70, 120, 117, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 84, 65, 119, 77, 84, 69, 120, 77, 68, 65, 120, 77, 84, 69, 119, 77, 68, 69, 119, 77, 84, 65, 120, 77, 84, 69, 119, 77, 84, 65, 120, 77, 86, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 84, 65, 120, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 84, 65, 120, 77, 68, 69, 119, 77, 68, 69, 119, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 65, 119, 77, 84, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 119, 77, 84, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 69, 120, 77, 68, 65, 120, 77, 84, 65, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 70, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 120, 77, 84, 69, 119, 77, 84, 69, 119, 77, 68, 65, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 120, 77, 68, 69, 119, 77, 68, 69, 120, 77, 86, 120, 117, 77, 68, 69, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 69, 120, 77, 84, 69, 120, 77, 84, 69, 119, 77, 68, 65, 119, 77, 68, 65, 120, 77, 68, 69, 119, 77, 84, 65, 120, 77, 68, 69, 120, 77, 70, 120, 117, 77, 68, 69, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 119, 77, 84, 69, 119, 77, 84, 65, 119, 77, 84, 69, 120, 77, 84, 65, 119, 77, 68, 69, 120, 77, 68, 69, 120, 77, 70, 120, 117, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 120, 77, 84, 69, 120, 77, 84, 65, 120, 77, 84, 69, 120, 77, 68, 69, 120, 77, 68, 65, 119, 77, 68, 65, 119, 77, 68, 69, 119, 77, 68, 65, 120, 77, 84, 65, 119, 77, 65, 61, 61]<br>for i in s:<br>    print(chr(i),end='')<\/code><\/pre>\n\n\n\n<p>\u5f97\u5230\u4e00\u4e32\u5b57\u7b26\u4e32\uff0c\u770b\u5230\u6700\u540e\u6709\u4e24\u4e2a=\uff0c\u8f6cbase64<\/p>\n\n\n\n<p>\u5f97\u5230\u4e00\u4e3201\uff0c\u662f\u4e8c\u7ef4\u7801<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>0000000101110000000011111101110000000\\n0111110101101010111110001110110111110\\n0100010100001111000111010110110100010\\n0100010110000011000111000001010100010\\n0100010111011011001101101011110100010\\n0111110101110100000001001000010111110\\n0000000101010101010101010101010000000\\n1111111100100000000100110011111111111\\n1100010101010000101111110100000011000\\n0101101000110010010000100110101011101\\n1011000001001111001100011010000010010\\n1110111111110010101101000110101011100\\n1010110001110000000110100000000000010\\n0110101001000100011011101011101111101\\n0010100100111111101110000110010100010\\n0010001101110110110011001100110011101\\n1110100110001111111011010011000000010\\n0000111010100011100000101101111110111\\n1101100110101101001100010100110000100\\n0101001001111001000001001110010010111\\n0101010011000111000110010000010101000\\n1001101111101110110010011111101011101\\n1101100010111000000101110110001011010\\n0011001000111101100011110100100111101\\n0101000001110101110110101111110100010\\n0101011011001001000000110100010011111\\n0110100010001110010110011011111001100\\n0111001111100000010110110111001111100\\n0100110010110010100010111011000000000\\n1111111101011001110011100101011101011\\n0000000111000111011010110001010100100\\n0111110111001101010110101100011101111\\n0100010100110000110011010000000000010\\n0100010101111101100011111111110100111\\n0100010101101111111100000010101010110\\n0111110111111000101101001111000110110\\n0000000111111011110110000000100011000<\/code><\/pre>\n\n\n\n<p>\u6bcf\u4e00\u4e2a<code>\\n<\/code>\u4e4b\u95f4\u662f37\u4e2a01\u5b57\u7b26\uff0c\u660e\u663e\u6bcf\u4e00\u4e2a<code>\\n<\/code>\u5c31\u6362\u884c\uff0c\u517136\u4e2a<code>\\n<\/code>\uff0c\u537337\u884c<\/p>\n\n\n\n<p>\u6240\u4ee5\u53ef\u4ee5\u5f62\u6210\u6b63\u65b9\u5f62\uff0c\u4e3a\u4e8c\u7ef4\u7801\uff0c\u7528\u811a\u672c\u8f6c<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>s = '0000000101110000000011111101110000000\\n0111110101101010111110001110110111110\\n0100010100001111000111010110110100010\\n0100010110000011000111000001010100010\\n0100010111011011001101101011110100010\\n0111110101110100000001001000010111110\\n0000000101010101010101010101010000000\\n1111111100100000000100110011111111111\\n1100010101010000101111110100000011000\\n0101101000110010010000100110101011101\\n1011000001001111001100011010000010010\\n1110111111110010101101000110101011100\\n1010110001110000000110100000000000010\\n0110101001000100011011101011101111101\\n0010100100111111101110000110010100010\\n0010001101110110110011001100110011101\\n1110100110001111111011010011000000010\\n0000111010100011100000101101111110111\\n1101100110101101001100010100110000100\\n0101001001111001000001001110010010111\\n0101010011000111000110010000010101000\\n1001101111101110110010011111101011101\\n1101100010111000000101110110001011010\\n0011001000111101100011110100100111101\\n0101000001110101110110101111110100010\\n0101011011001001000000110100010011111\\n0110100010001110010110011011111001100\\n0111001111100000010110110111001111100\\n0100110010110010100010111011000000000\\n1111111101011001110011100101011101011\\n0000000111000111011010110001010100100\\n0111110111001101010110101100011101111\\n0100010100110000110011010000000000010\\n0100010101111101100011111111110100111\\n0100010101101111111100000010101010110\\n0111110111111000101101001111000110110\\n0000000111111011110110000000100011000'<br>s = s.split('\\n')<br>\u200b<br>from PIL import Image<br>pic = Image.new('RGB',(37,37),(255,255,255))<br>for i in range(37):<br> &nbsp; &nbsp;for j in range(37):<br> &nbsp; &nbsp; &nbsp; &nbsp;if(s&#91;i]&#91;j] == '0'):<br> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;pic.putpixel((j,i),(0,0,0))<br>pic.show()<br>pic.save('fllllag.png')<\/code><\/pre>\n\n\n\n<p>\u626b\u63cf\u4e8c\u7ef4\u7801\u5f97\u5230flag<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">ez_Encrypt<\/h2>\n\n\n\n<p>\u5bf9\u6d41\u91cf\u5305\u5206\u6790\u8ffd\u8e2a\u6d41\u65f6\uff0c\u53d1\u73b0\u7b2c10\u4e2a\u6d41\u6709\u5199\u5165\u4e00\u4e32\u5b57\u7b26\u5230<code>web123<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111225229433.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111225229433.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220111225229433\"\/><\/div><\/figure>\n\n\n\n<p>\u590d\u5236\u8fd9\u4e32\u5b57\u7b26base64\u89e3\u7801\u53d1\u73b0zip\u6587\u4ef6\u5934\uff0c\u5bfc\u51fa\u4e3a\u538b\u7f29\u5305\uff0c\u53d1\u73b0\u91cc\u9762\u6709ThinkPHP\u6e90\u7801<\/p>\n\n\n\n<p>\u7528D\u76fe\u626b\u63cf\u53d1\u73b0\u5176\u6709base64_decode\u52a0\u5bc6\u7684PHP\u6587\u4ef6\uff0c\u5728<code>app\/controller\/Index.php<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111225731346.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111225731346.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220111225731346\"\/><\/div><\/figure>\n\n\n\n<p>\u67e5\u770b\u53d1\u73b0\u4e00\u5927\u4e32base64\u52a0\u5bc6\u5b57\u7b26\u4ee5\u53ca\u6709\u6df7\u6dc6\u5b57\u7b26\uff0c\u7528\u5728\u7ebf\u7f51\u7ad9\u89e3<\/p>\n\n\n\n<p><a href=\"https:\/\/www.zhaoyuanma.com\/phpjm.html\">php\u89e3\u5bc6\u52a0\u5bc6|php\u6df7\u6dc6\u7834\u89e3|phpjm\u7834\u89e3|phpdp\u795e\u76fe\u7834\u89e3|php\u5a01\u76fe\u7834\u89e3|php\u5fae\u76fe\u7834\u89e3|tianyiw\u7834\u89e3|php\u6e90\u7801\u7834\u89e3|php\u5728\u7ebf\u7834\u89e3|php\u53cd\u7f16\u8bd1|zend6\u89e3\u5bc6|Zend Guard 6 \u7834\u89e3 (zhaoyuanma.com)<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111230302264.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111230302264.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220111230302264\"\/><\/div><\/figure>\n\n\n\n<p>\u89e3\u5bc6\u5b8c\u4e0b\u8f7d\u7684php\u6709flag<\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111230401618.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111230401618.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220111230401618\"\/><\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Ez_Steg<\/h2>\n\n\n\n<p>\u538b\u7f29\u5305\u6ce8\u91ca\u63d0\u793a\u516d\u4e2a\u6570\u5b57\uff0c\u7528\u5de5\u5177\u8dd1\u4e00\u4e0b\u5c31\u51fa\u6765\uff0c<code>220101<\/code><\/p>\n\n\n\n<figure class=\"wp-block-image\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111214653894.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/gitee.com\/Hermitaria\/blogimageee\/raw\/master\/image-20220111214653894.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20220111214653894\"\/><\/div><\/figure>\n\n\n\n<p>pyc\u6587\u4ef6\u63d0\u793asteg\uff0c\u662fPyc\u5b57\u8282\u7801\u9690\u5199\uff0c\u7528\u5de5\u5177<\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/AngelKitty\/stegosaurus\">AngelKitty\/stegosaurus: A steganography tool for embedding payloads within Python bytecode. (github.com)<\/a><\/p>\n\n\n\n<p>\u8fd9\u4e2a\u5de5\u5177\u4e0d\u77e5\u4e3a\u4ec0\u4e48python3.9\u8dd1\u4e0d\u51fa\u6765\uff0c\u7528\u670d\u52a1\u5668\u7684python3.6\u53ef\u4ee5\u8dd1\u7684\u51fa\u6765<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@VM-4-17-centos stegosaurus]# python3 -m stegosaurus steg.pyc -x<br>Extracted payload: TheKey:St3g1sV3ryFuNny<\/code><\/pre>\n\n\n\n<p>\u53e6\u4e00\u4e2a<code>emoji.txt<\/code>\u5168\u662femoji\uff0c\u90a3\u4e48\u5c31\u53ea\u80fd\u662f<code>emoji-aes<\/code>\u4e86<\/p>\n\n\n\n<p><a href=\"https:\/\/aghorler.github.io\/emoji-aes\/\">emoji-aes (aghorler.github.io)<\/a><\/p>\n\n\n\n<p>flag\uff1a<strong>cazy{Em0j1s_AES_4nd_PyC_St3g_D0_yoU_l1ke}<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9898\u76ee\u590d\u73b0\u73af\u5883\uff1a\u3010\u4e91\u6f14\u3011&#8211;\u5728\u7ebf\u4fe1\u606f\u5b89\u5168\u6559\u80b2\u5e73\u53f0\uff0c\u8ba9\u653b\u9632\u66f4\u7b80\u5355\uff01 (yunyansec.com) \u897f\u5b89 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[17],"tags":[],"_links":{"self":[{"href":"http:\/\/101.34.19.194\/index.php?rest_route=\/wp\/v2\/posts\/328"}],"collection":[{"href":"http:\/\/101.34.19.194\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/101.34.19.194\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/101.34.19.194\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/101.34.19.194\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=328"}],"version-history":[{"count":3,"href":"http:\/\/101.34.19.194\/index.php?rest_route=\/wp\/v2\/posts\/328\/revisions"}],"predecessor-version":[{"id":332,"href":"http:\/\/101.34.19.194\/index.php?rest_route=\/wp\/v2\/posts\/328\/revisions\/332"}],"wp:attachment":[{"href":"http:\/\/101.34.19.194\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=328"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/101.34.19.194\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=328"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/101.34.19.194\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=328"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}