We just found a dead robot. It seems there is some useful data left but somehow it got confused with other data and now we don’t know what’s useful and what’s junk. We just know there is only one way to go but there are many dead ends.
Announcements:
Think outside the box - being several types at once like an animal that can change its color. Excuse the inaccuracy, but that’s what you’re searching for.
题目文件:附件
给定的压缩文件看起来像三个不同的文件连接在一起:一个PDF文件、一些加密文本和一个opendocument (base64编码)。第一个和第三个文件并不有趣,第二个文件实际上是一个rot-13编码的Python脚本……
通过不断的试验得知中间的部分进行rot-13解密,得到的内容如下所示,下面的程序可以看到应该其实就是一个python脚本了,ROT13(回转13位)是一种简易的替换式密码算法,它是一种在英文网络论坛用作隐藏八卦、妙句、谜题解答以及某些脏话的工具,目的是逃过版主或管理员的匆匆一瞥,.decode('mvc’)指的其实就是zlib压缩字符串
cipher="H51\\\'Ux2J&+(3Z;Uxcx0Xxs\x13h\x014$V!R($R>\t/)R!\x01<.\x13,N-aP4M4aRuG1-VuU0 GuH+a@0W=3R9\x01>(_0\x01,8C0Rx GuN6\"V|\x1ezKZ3\x014$]}R!2\x1d4S?7\x1au\x1fxs\t_\x01xa\x13D!s\x13
n =0 ;import hashlib ,sys ;
try :key =sys .argv [1 ]
except IndexError :sys.exit ("x\x9c\xf3N\xadT0T\xc8\xcd,.\xce\xccKW\xc8\xccSH,J/\x03\x00M\x97\x07\\".decode ("mvc"))
f =getattr (hashlib ,"x\x9c\xcbM1\x05\x00\x02G\x01\x07".decode ("mvc"))
while n <(5 *10 **6 ):key =(f (key ).digest ());n =n +1
key =key [:5 ].upper ()
while len (key )<len (cipher ):key =key *2
plain ="".join (map (chr ,[ord (a )^ord (b )for a ,b in zip (cipher ,key )]))
try :exec plain
except :print "x\x9c\x0b/\xca\xcfKW\xf0N\xadT\x04\x00\x14d\x03x".decode ("mvc"), repr(plain)
zlib压缩字符串的意思就比如说上面显示为x\x1au的这些值就可以进行转换,我们可以利用下面的python程序来进行转换
import zlib
zlib_s = b'x\x9c\xf3N\xadT0T\xc8\xcd,.\xce\xccKW\xc8\xccSH,J/\x03\x00M\x97\x07\\'
print(zlib.decompress(zlib_s))
整理上面的程序,如下所示
import hashlib, sys
cipher="H51\\'Ux2J&+(3Z;Uxcx0Xxs\x13h\x014$V!R($R>\t/)R!\x01<.\x13,N-aP4M4aRuG1-VuU0 GuH+a@0W=3R9\x01>(_0\x01,8C0Rx GuN6\"V|\x1ezKZ3\x014$]}R!2\x1d4S?7\x1au\x1fxs\t_\x01xa\x13D!s\x13
try: key = sys.argv[1]
except: sys.exit('Key 1 missing in argv')
f = hashlib.md5
n = 0
while n < 5000000:
key = f(key).digest()
n += 1
key = key[:5].upper()
while len(key) < len(cipher):
key = key * 2
#zip函数返回的是列表当的元素形式,进行a和b的ord,然后进行chr转换为字符串连接起来
plain = "".join(map(chr, [ord(a) ^ ord(b) for a, b in zip(cipher, key)]))
try: exec plain
except: print "Wrong Key!"
代码的内容非常容易理解。我们有一个编码字符串,密码。该程序接受argv中的密码,并在md5中散列它5000000次(我们可以忘记强制蛮力,它可能比简单的md5蛮力慢5000000次)。结果的前5个字节的被变成了大写,并用作解密密码的xor键。然后执行解密字符串,所以我们知道它应该是有效的python代码:)
我们可以通过经典分析来检索xor的key。xortool就是一个很好的工具,xortool 就是拿来猜测异或密钥和密钥的长度
xortool [-h|–help] [OPTIONS] []
Options:
-l,–key-length length of the key (integer)
-c,–char most possible char (one char or hex code)
-m,–max-keylen=32 maximum key length to probe (integer)
-x,–hex input is hex-encoded str
-b,–brute-chars brute-force all possible characters
-o,–brute-printable same as -b but will only use printable
characters for keys
我们先将密文给写入到我们的一个文件当中
cipher = "H51\\\'Ux2J&+(3Z;Uxcx0Xxs\x13h\x014$V!R($R>\t/)R!\x01<.\x13,N-aP4M4aRuG1-VuU0 GuH+a@0W=3R9\x01>(_0\x01,8C0Rx GuN6\"V|\x1ezKZ3\x014$]}R!2\x1d4S?7\x1au\x1fxs\t_\x01xa\x13D!s\x13
file = open('cipher','w')
file.write(cipher)
file.close()
然后利用xortool来进行操作,-l是指定key的长度,-c指定的是最可能的字字符,16进制的20换算为10进制就是32,然后就可以遍历出来了,32是空格,之后就是可以显示的字符了
python xortool.py -l 5 -c 20 cipher
输出的内容如下所示
得到的内容如下所示
import sys
print "Key 2 = leetspeak(what do you call a file that is several file types at once)?"
if len(sys.argv) > 2:
if hash(sys.argv[2])%2**32 == 2824849251:
print "Coooooooool. Your flag is argv2(i.e. key2) concat _3peQKyRHBjsZ0TNpu"
else:
print "argv2/key2 is missing"
搜索一下leetspeak(what do you call a file that is several file types at once),可以得到这样的结果The answer to the question is Chameleon which translates into ch4m3l30n in leetspeak(leetspeak黑客体,将字母换成数字或字符)然后再将两个字符串联合起来就可以得到flag了