XCTF：适合作为桌面[WriteUP]

使用StegSolve打开1.png文件

点几下反相换几个颜色，把二维码换到稍微清晰一点的

使用QRresearch扫描

下面是扫描得到的内容：

03F30D0A79CB05586300000000000000000100000040000000730D0000006400008400005A000064010053280200000063000000000300000016000000430000007378000000640100640200640300640400640500640600640700640300640800640900640A00640600640B00640A00640700640800640C00640C00640D00640E00640900640F006716007D00006410007D0100781E007C0000445D16007D02007C01007400007C0200830100377D0100715500577C010047486400005328110000004E6966000000696C00000069610000006967000000697B000000693300000069380000006935000000693700000069300000006932000000693400000069310000006965000000697D000000740000000028010000007403000000636872280300000074030000007374727404000000666C6167740100000069280000000028000000007304000000312E7079520300000001000000730A0000000001480106010D0114014E280100000052030000002800000000280000000028000000007304000000312E707974080000003C6D6F64756C653E010000007300000000

很明显是一些十六进制的字串

Ctrl+Shift+v以十六进制的格式复制进010editor中

可以从ASCII这边看到有.py和.pyt等字样

猜测是python的编译解释文件，这里直接另存为.pyc

接下来对这个文件进行反编译(没有代码混淆的情况下)

uncompyle6 -o out.py 2.pyc

 直接就拿到了python的伪代码

# uncompyle6 version 3.9.0
# Python bytecode version base 2.7 (62211)
# Decompiled from: Python 2.7.18 (default, Aug  1 2022, 06:23:55) 
# [GCC 12.1.0]
# Embedded file name: 1.py
# Compiled at: 2016-10-18 15:12:57


def flag():
    str = [
     102, 108, 97, 103, 123, 51, 56, 97, 53, 55, 48, 51, 50, 
     48, 56, 53, 52, 52, 49, 101, 55, 125]
    flag = ''
    for i in str:
        flag += chr(i)

    print flag

这里直接用python去运行是会报错的

需要修改一下

flag{38a57032085441e7}