【dasctf】easy_log

base解码可得压缩包密码

二分法盲注 

import urllib.parse,re
with open(r'access.log','r') as f:
    log=f.readlines()
dict1={}
count=0
#判断逻辑，最后一个fasle则取自身；最后一个为true则加1；
for each in log:
    res=re.findall(r'flag\),(\d+),1\)\)>(\d+) HTTP/1.1\" (\d+) (\d+)',urllib.parse.unquote(each))
    if res and res[0][3]=='699' :#last 404 ,the char will add to dict
        dict1[res[0][0]]=chr(int(res[0][1])+1)
    if res and res[0][3]=='704' :#last 404 ,the char will add to dict
        dict1[res[0][0]]=chr(int(res[0][1]))
        count+=1
print(dict1,len(dict1)) 
print(''.join(dict1.values()))

其实是个zip 文件

DASCTF{fd67c1798e9cb29e8fc467e9dcefbd7f}