20220216-MISC-BUUCTF-另外一个世界-winhex,ASCII转换-FLAG- ZIP文件提取并修复-假如给我三天光明-ZIP改RAR，摩丝电码波形转换-神秘龙卷风brainfuck

第一题—MISC-BUUCTF-另外一个世界

注意：得到的 flag 请包上 flag{} 提交

【1】下载附件并解压，得到monster.jpg

【2】分析这张图片：
（1）binwalk

这应该是一张纯正的JPG图片
（2）将图片放到winhex中：
直接查找文本flag，没有找到什么

但是看到最后有一串01

01101011011011110110010101101011011010100011001101110011
一共56个数字：

如果八位为一组转变成ASCII：
网站：https://www.qqxiuzi.cn/bianma/ascii.htm

尝试flag{koekj3s}
居然正确了

另外一个世界-题目总结

仔细看winhex，发现结尾有01，就尝试ASCII

第二题—MISC-BUUCTF- FLAG

感谢 牌森 同学提供题目~

注意：请将 hctf 替换为 flag 提交，格式 flag{}

【1】下载附件，是一张图片：

【2】图片分析：
（1）binwalk

发现有zlib,偏移量是0x29,然后用脚本解压，发现不成功：

（2）winhex

(3)stegaolve
用Data Extract

发现ZIP的文件头
save Bin—保存为1.zip
如果winRAR直接打开：

尝试用修复软件修复：（修复软件如果没有的话，我在这篇博客最后提供给大家）

修复后的ZIP文件：

解压：


将修复后的文件改为1.txt，然后记事本查看：

得到的flag就是：hctf{dd0gf4c3tok3yb0ard4g41n~~~}
将hctf换成flag

flag{dd0gf4c3tok3yb0ard4g41n~~~}

flag正确

FLAG-解题总结

【1】下载文件，使用stegsolve打开，然后Data Extract ，然后存为ZIP文件（一定要熟悉ZIP的文件头，ZIP Archive (zip)，文件头：504B0304），然后解压（不能成功解压的用修复软件修复）。

【2】常见文件头补充：
JPEG (jpg)，文件头：FFD8FFE1
PNG (png)，文件头：89504E47
GIF (gif)，文件头：47494638
TIFF (tif)，文件头：49492A00
Windows Bitmap (bmp)，文件头：424DC001
CAD (dwg)，文件头：41433130
Adobe Photoshop (psd)，文件头：38425053
Rich Text Format (rtf)，文件头：7B5C727466
XML (xml)，文件头：3C3F786D6C
HTML (html)，文件头：68746D6C3E
Email [thorough only] (eml)，文件头：44656C69766572792D646174653A
Outlook Express (dbx)，文件头：CFAD12FEC5FD746F
Outlook (pst)，文件头：2142444E
MS Word/Excel (xls.or.doc)，文件头：D0CF11E0
MS Access (mdb)，文件头：5374616E64617264204A
WordPerfect (wpd)，文件头：FF575043
Adobe Acrobat (pdf)，文件头：255044462D312E
Quicken (qdf)，文件头：AC9EBD8F
Windows Password (pwl)，文件头：E3828596
ZIP Archive (zip)，文件头：504B0304
RAR Archive (rar)，文件头：52617221
Wave (wav)，文件头：57415645
AVI (avi)，文件头：41564920
Real Audio (ram)，文件头：2E7261FD
Real Media (rm)，文件头：2E524D46
MPEG (mpg)，文件头：000001BA
MPEG (mpg)，文件头：000001B3
Quicktime (mov)，文件头：6D6F6F76
Windows Media (asf)，文件头：3026B2758E66CF11
MIDI (mid)，文件头：4D546864

【3】修复软件：（百度网盘链接）
链接: https://pan.baidu.com/s/1Lo5ZVKxF6JhqVFkYe_A_Gg 提取码: 67du
–来自百度网盘超级会员v4的分享

第三题—MISC-BUUCTF-假如给我三天光明

注意：得到的 flag 请包上 flag{} 提交

【1】下载附件并解压：


但是music.zip无法打开：

【2】先简单分析music.zip：

原来是一个RAR文件，将后缀改成RAR，可以成功打开：

但是打开这个music.wav需要密码：

密码估计是从图片中寻找

感觉就是和下方的这几张小图有关，但是没什么思路，后来百度知道，原来是跟盲文有关：

对照着上面的表，得到 kmdonowg
将kmdonowg作为密码,能打开music.wav，听上去像电报。

用库乐队打开：

转换为摩斯密码（长的是- 短的是. 空格记为 空格）
就是:

-.-. - …-. .-- .–. . … ----- —… --… …-- …— …–… …— …-- -… --…
在线解密：
https://www.ip138.com/mosi/

猜测flag{CTFWPEI08732?23DZ}
显示错误。
如果尝试小写：
flag{ctfwpei08732?23dz}
又不对
猜测是flag{wpei08732?23dz}
成功：

假如给我三天光明-做题总结

【1】得到的文件（ZIP）经过binwalk发现是RAR，改后缀
【2】然后发现打开music.wav需要密码，估计是从图片中来的，居然是盲文（做题要结合情景灵活变通）
【3】解出盲文，打开wav，猜测是电报类型的密码，看波形转为摩丝密码，在线解密，最后得到flag也要灵活变通的尝试

第四题—MISC-BUUCTF-神秘龙卷风

神秘龙卷风转转转，科学家用四位数字为它命名，但是发现解密后居然是一串外星人代码！！好可怕！ 注意：得到的 flag 请包上 flag{} 提交

【1】下载附件ZIP，并解压：

神秘龙卷风.rar再解压，发现需要输入密码：

【2】ARCHPR暴力解压：
根据题目信息“科学家用四位数字为它命名”，尝试解压：

暴力破解得到：

密码是：5463
里面有一个txt文件：

内容如下：
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++
+++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++
++++++.>++++++++++++++++++++++
++++++++++++++++++++++++++
++++++++++++++++++++++++
++++++++++++++++++++++
+++++++++.>+++++++++
++++++++++++++++++
++++++++++++++++++
++++++++++++++++++
++++++++++++++++++
++++++++++++++++++++
++++++++++++++++++++++.>
+++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++
++++++.>++++++++++++++++++++++++++++++++++
++++++++++++++++++.>+++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.>

毫无头绪，后来百度才知道：
这是brainfuck代码，使用在线执行网站运行即可得到flag
网站：http://bf.doleczek.pl/

flag{e4bbef8bdf9743f8bf5b727a9f6332a8}

神秘龙卷风–题目总结

【1】下载附件，提示四位数暴力破解解压密码
【2】破解后看到一堆+++++++.>++++，需要有积累，是Brainfuck，在线运行得到结果，网站是：http://bf.doleczek.pl/