MoeCTF 2024 ---Misc方向WP
安全杂项
signin
题目描述:
-
xdsec的小伙伴们和参赛者来上课,碰巧这一天签到系统坏了,作为老师的你,要帮他们
教师代签。
- 特殊提醒:luo同学今天好像在宿舍打游戏,不想来上课,这是严重的缺勤行为!!
-
签到完成后点击左下角的完成按钮并点击完成,如果你做的是正确的,等待几秒钟就会出现flag!
-
要是没正确签到,就无法拿到真正的flag哦。
-
flag 格式 moectf{[\da-zA-Z_!]+}
题解:
按照要求给学生进行教师代签,luo同学给缺勤,即可得到flag
moectf{Thanks_For_You_signing_in_4ND_W3l0c0me_T0_M0ecTf_2024!!!}
罗小黑战记
题目描述:
小黑祝大家中秋快乐(拜个早秋)
题解:
将给的gif图片进行分离得到很多图片,发现其中有二维码,扫描后得到flag
moectf{y0uu6r3th3m0st3r1nth1sf13ld}
杂项入门指北
题目描述:
什么?!还没有看到flag?快去欣赏海报吧
推荐新生使用并尝试掌握赛博厨师——CTFer的瑞士军刀:https://gchq.github.io/CyberChef/
海报得到的内容以 moectf{}包裹提交
题解:
在图的右半部分发现一串摩斯密码
.... ....- ...- . ..--.- .- ..--.- --. ----- ----- -.. ..--.- - .---- -- .
解密后得到:H4VE_A_G00D_T1ME
即flag为 moectf{H4VE_A_G00D_T1ME}
ez_Forensics
题目描述:
某天,ubw亲眼看着npm在cmd中输入命令,将flag写入了flag.txt,然后删除了flag.txt。npm自信地认为没有人能够获取这道题的flag。然而,npm并没有料到,在他关闭cmd前,ubw及时保存了电脑的内存镜像。
题解:
根据提示直接使用vol2的cmdscan命令查看cmd,即可得到flag
moectf{WWBGY-TLVC5-XKYBZ}
so many ‘m’
题目描述:
不是,怎么这么乱啊,这让我怎么做题
题解:
给了很多字符,直接猜测字符统计,可以得到flag
moectf{C0MpuTaskingD4rE}
Abnormal lag
题目描述:
某天,npm正欣赏着刚从某网站上下载的歌曲,却发现这首歌的开头与结尾都有不正常卡顿,聪明的你能发现这其中的问题吗
flag格式:moectf{[\da-f-]+}
题解:
根据提示将音频放入Audacity中查看其频谱图的开头和结尾,拼接在一起即可得到flag
moectf{09e3f7f8-c970-4c71-92b0-6f03a677421a}
ez_F5
题目描述:
这天,妙蛙种子还在因为该如何藏flag而头疼,直到他不小心触碰了刷新键,瞬间flag和妙蛙种子都消失了,只留下了一张照片,你能救出妙蛙种子吗。
flag格式:moectf{[\da-zA-Z_]+}
题解:
使用工具F5-steganography(需要java8环境),用其解密还需要key
在给定jpg图片的属性中发现一串base32编码:NZXV64DBONZXO33SMQ======
解密后得到key:no_password
F5解密后得到flag为 moectf{F5_15_s0_lntere5t1n9}
The upside and down
题目描述:
Stranger things看入迷了,不知道从哪里潜入the upside and down(异世界)来拯救霍金斯小镇,入口就在此题!
flag 格式 以moectf{}包裹
题解:
将给定文件放入winhex中查看,发现是倒置的png格式的16进制数,直接写个python脚本进行倒置
def reverse_hex_string(hex_string):
# 将输入的16进制字符串进行切片,获取每个16进制字符
hex_digits = [hex_string[i:i+1] for i in range(0, len(hex_string), 1)]
# 将切片后的列表进行倒序排序
hex_digits.reverse()
# 拼接倒序排序后的16进制字符列表,并返回结果
return ''.join(hex_digits)
# 测试功能实现
hex_str = "280624EA44E45494000000002393B7521148E9FCF0FF10E6081F8FB04770F80CB5AA50CFE7D1FF9F7CF95DFFEF7A0AEEDF9F7D1EDD933F7F47FEEC282E7E4650D9333F6FE6B67E9E9E79F979D7103E0D05EF2A55D31FBB4A0BF7E0CE851F73F10FE73337BBCF64FFDB23D54C29945055AFE05037372742387575558FBE11E2F2FDFE7FD31A924DAE173B3B2B000E078300404D4D0D7030186CECEC8C966A28A6A686C0810310101050CFFB790FADADBD6B7AEA60A8CD4700298BAAAACA7478B9D66B8D0070969FBDBAD74CBBD5EA8DEB1FCE05CCCD33DAED543E3E2EE0CE831965DAA535352D04C7F4FCFCEC483A2B04CBF2B06EC69D6AC69D0AE571582F94C0C4C406C86432470D6FE0E0C0C08143D8A143E5FA753B707040A4EECB58B1B53EDAEE929595D57BABA881D90DE1D33F457BE3E3E3E3702B2727E61F522D9E8738140A9F2E565656A33D1D241162C4892216222A2AFD21F8646C6C8C8D8DAD39322B74B1D87C0040B3574E090303B38F18141426D1E078B6ABB55CDD3F65FBAF28696FBBD5CAF6F6F650BC7970B9DC6ED0D4D404ED73D83E767646414949289BC5EA717979DBE52E944218E575596F62D68F535F7E7F41CACA8AE3E3E3707C7C1C7FD7FDF7CA9443A9C4541FC7E581858564F9F47A303232125D5D4DD6BFE7EDF2FAFA78FE7FBF402B95C2A5ADAD5E80A457A3C9C0C8C83FAF438D058BC5C2B4DF13D7BCFD266CE6E5BC6A3391E800434D5F5F4FD3698E061CB92BB9A85C267BD2E09CE03FCBFEA3BD7EA4EABE1885BA7DEDE2F3F1F823BC82F0380EAF7BE9791391CC6E97B6B6A65C98FE586F6B4E2B2AC2850BC49963DA8AD9D5D5F5964400945F0100606868080D0D6D778B9B9797E43B2A63E2E5E505851B06851B16381C0E0C00212929D8E3F9E473BBDD8EEFFFF72A606040646C6C181515D54251E07834D1BB67E1F7F3C9444C4C0AA9B8F87C3EC8CDCD1D4226BF7DEB91CDAD85CD6916C7EFF713BB671E77DD7F877C1FCFC756690469B452585151013DD4D72697CBED265BA61C52524265BE571B238B8ED12851F3F43D0EF9729C0F155460B5D269B163C623BC127FDFFF8794949411131302FDB93FE712161664E2E2823D9E4FFFDB72C6B2B1B11131312172379BADAC577679D88DEBCFF13B97BE8C441A60C081A3FA2D7D1D7DD41E078BC594424A2965BE578B299453DD06BF4FAFD2E3F9F45B7EF73607CD75476CD3783C1E8DEB5EFD14B44732EA6BEFE3E3327272523F9ED34F0F4E04D0DC22BCC2285FA7DB9043A9C4070F0FB8B9B9193A3A2A23272714EBF6B91E6AA9E1F7F3C9E2C5BBB250373727239FC78BC08103EDFE771A7FD7FD072994309DCE6F31964B8D6C58A14396C241CCCC8C1D8E4F26BFB0727242C4CCCC28212111D7D7C7DEEA89EBCEF1FF300C020273F784E0D3741D4FB7A72B24C37C361B9D069823463D0C090505262F2F4F984C2EB7A7744A096DB6535F7275AE764A797D7D7D9CE6DABEA7FDA2AA9AB9B9B931AFF7F48ECB54743A1DCC679EB8FE1CAFF211A45E27BBCC1513132394606464165451CF802AA8D9BB67292449138BC782CE29703018ACA1A141E9933D0E97E07834ACD3E1E8587AB34A7B656654B2B2B2A0828AB3D1E84E097A49153A645C75C4F537F3EFF7F97E5CDCDCBC82CAF61FAAC22B8CC5EE771331984C8DCDB8757545070F0FD8BD7BA0AA8A61BC560B1554C0E9F46230160B8DE5E5E510CFF3784FF915A7AFAF4DA49861B854B8B5B535EBD3059951F37A4FCF824DA6133F9FCF1C909080BAAEAFCB663F970BBFD7EB5CDCDC8CF37ECFFFD8FBF6BD4DC5B8F5BEDFE7DA7FD85ECA5FF75F05122E2929197C1FCFB771EDD3261D73F0B376952E171717D8434D969696A9BC4A4A4A1B3B66DC8E7541643B95EA0032BABACA3B9DCE7F87F87A3D8E47506747B0A32E14114E97F14239783C1ED8D5D529E07C363BF915A2AAAA5BD72F76E27F2BAED1E07851BA65212323228472E4C951555554A65D58D0D0B0B719A0A8A8A8A5A50500A053A1C8E38878E0C122262624A8A8885656562D57ECDFDF839751554523BC32CAA4A2A2225BA63C71714195CE6F17A55B163030209FA442A1D060B367CEB061C242464634B2B2D29C825A565604C5E2711B4F3EAEF07DAAD0E5E8D654BCBCAC03DF029347A35131C3005B5B5B91939312F1741D1F795E9F8700CDF4FCFC2C616141336FE7FCBC8D88462381D8A163D78A2BBC12A14316A14316701C0F87B82E8FCB411534F57D5F1F3D9E4F5CD2D2829A9A9A000202327BBDDEC8E5F26171B65B8DEBEBEBD1D3D302F6B16C0F3D964B1D05A5A3A3227BB5DA081C38E0F9F46A83CFE783DD7FD7CD444C4C68EFFDBD8F7B6FEFFDF8FEFE1EA3470EBBD5EA0C00F1F47A0D3DD490C9EC6691C66B95F482BBB7B7B5500D6011F5F5F5024AB7E97AB98C7D57B8FCE5049ED343ABD018EE085877DD7F8776460B252B2B0B1061675750A3A88F7FF67BBDEA347DC3A778341A881EBE92BC2A2A2A3B7575655024181818D8434D5FAFDF8692E638D37310101071B3D9CC555514F9769DFF0A22C08103381C0EFF2A1D1D1D9043A9C4E2C58BA2AAAA68A986C7CFCF183C7860A986B651DCDCBC1E821A161644E9F472805811C46A35913B66603391C843ADD603299400050515B9DC6ECE0B4FCAB87D00140E0F07B2ABC3365D942CFEDFFFFB58595919A3470E2994001C38C02B8CC6CECE686161113399CC0C007CF8143D6137CBEA75B2999B9B2B943397CBCD822AF88F4FEBDD5D0CE57B1FC3EDF693A143D6CAA75BA68CB747ED685F54B1B1B1C1C5C50600103F0AF1BE344D94396245387D61727E7E8E1554B4D3E9FCC26FB7C3003495CA6D91BD57D307627FB7DB09030333BFDFEF1B76735B54E62020305F7E2799B42B540EB7F47A3D3C3535859923B6CBD5DBDB3B7E7E6E62C4A9F2F2F241DED92E016FC69D6AEAEACA565656943ED920397D2067DEADE2C5ABC6714AFE330C64B3D1F8909494165451626673535321D06038191B1B1B5B5B6B0A1E9D32DA6DBE14B4674BAEF67C3E1F0CC261B0B1B3B3226C6C7C50D20F4DD19FCFEF165D5D4D603C16AB4521ACAC8CEBFDF61AFDBB7FE7A1961ABD7B067E9BEE8729E0EDED0D9B272ED978FA77BB8D944268FEBBEE3EF83E8F0F795A9E870060DBFAB62C944290949404C261B04B2362B5D269B367CE50261B85822A38B8B898DD8A4B474764F271B8616B6B0A8F8F8F4229145959495669247FB7DB88CDE663A2AFEBFAB079E241ABD5C24115044C4C4CC1C9C9BAB04A41F8852BDE3F289ECC6E3708600EA76464748771F67BBD2C34D950327D20B6D18DC2EC891FAE6CB2D5EA7D50585DA9DC66D97EA3FC41C2C2C200138667E409138EE170184E953D61741A67AEC074F8F8F858A65D08C86432808A8A2AAAAAD1DBDB0A1B262C606040E3FDF61BBD7B0671B0582C5EBC18989888180C0E36F0783C282D2D1DA3471EBB670E202020018E47833B9DCE2E656545433D34C22B903962808A8A0AEC7633D8BD7B93214F940B3962C4B061D27FB87BE60CEA75B2285CB8D0DEDE1E361B8D2CA2A2823F9FCF3EC22B50B861C1E3F1C064D881E2C58BF3F3F320212111DFEFFF245EBC386AC2BD67E022E7FBF50B1B260D071E1D65BA55FF20964BAD27616161B49FF7F25EA65D3AB8B8C8D57D57EDB8243F9FCF0F1B262D606060B970CA67B3C1EFEFEF1509CE1873A07FDBFE973C3C3CA0828ABDD66B0E64D129239DC68B262636EF4EAB2E2E3EB163D6000FC3F0B8BCBC2D94E3E7E7363BFA7A7846482B95E28088886CDCB994EBF6B94EC8C8C81B1B1BD9E3F9E4242C2C2C2525652D159D62ECECBC6137ABE3F83A2F94C1746A8798949405DFA776A8F1781E8F155444454595422C1C566935C22BA8DFF5BA9F42080381E0060F8713C2E2AE5FA7CB5B32DC430D4778BE6D61B3CA8282CDE6733671F0F0806F3C2B13068BEFF3F8901463C69D4FB767DE0D63B1D07D12760783C1E083CFE7839E9E9E707272024545758F51554533373754D6D6862950A1D8743242E5EBEB1A683C1688C9E462C0C4C434D44391959504828282999999B17BE601CFF3F0D8BD7B202D2D1DB0582C6CF07038505252226E6E4EA7AFAF585E5E0E155440298464D88181CC661331984C6CE6E686555555113A64CA01EBFFFBFEB0B2B202603010482984522D9E17F5BEDFF7913B6671DBFEB7D8E9FC66E3E7E774F9FC7ED1D3D302484848F3F3F340298437CFFFE332178B8D14141401030382B374CA85E9DDD04D01E18B21696969944E2F87992386B5D269AD671154513162D4B367DE020F87C300F561EEFBFABE0FEC763388830F8A8ACAD2D2D229842E2E3EC2C6C656555571E2D530343426E8E13A1D8E1E2DF3E1485B0DD589CDD05F42120062F1F078482793D18EE6CB193447385CD1EDCBA894B2B6B62473345BD83EE3D12985CE6753D1ABEC336B7C90E078344A138E9024D57D57EDF275BA8D2828383060D0C3E7F391A2B0F279BC2CA8B24FC4C2C2034444447E88FBFBFB0A20C0C8C8791B11C1E874993B66F9F7FD7F1C80B453A9ECE4D9A3422D9693303020581FCEE1F070F1F9F96AF94AE1F2F6B1D86C6CFE77BB51ABDDC6038DC6033190486C9546180B098E47835E5E5E21042222222217838911884C16585848100E87E110141474F2F2829E9E9E113A64904209178BCD266161410060FC763B502399C4C26DB603CBCBCBC3A065654557DFF7E5F1F67B8D53535391C7EBC5222A2AB8B9B9093613892C9442B163C6A3A7A764E4E4849393931187CBC591CC6E07B3D1E83CB0B080DEBD0B979797B1DBEDCEE7FFFBEE73B7DB8D979797D0B96350B8612104B9D46A0CC1E070A1DBE5CA64D8A115E65910D66D6C5E26E2EAC5ABA45E276B4F3A6B67B05073DC3FC700F4F5F585A9A9B96377E594DBDBCB3E61E2E2C22964BBD5EA57989F9F9F0FD8EB5D1F221FBE9C3366DCFB884D4D6DA2AAAAC91FE929D3FEB7FD0011E47A355CA3D9E451999D33784BA7D38191E9A9E97E9A76575E5E1E39392901050574E6DD38B6B6861E499E61E0494949489C39221F01061CBA182E93C1E8402E17A36CAB928BC5E3F1C0404848BAB64A3215562F9F17BD7B16BEBEAE23BC0278341A4CC2C282545454317AE450279BC57F881915152640B87BE60C424242838B8BE8DDBBB0B5B505B922EFFFF72A5BA61C59594937CFFFE3038FC783715C1FC767DE8D433D052E96BB37DBCEA779B45AACA5A5857030181E9A9AFAB92C1616163878E0098BC5E2838B8B7CBDDE7FC1EE77C329E4F9F47AF037CD7F3878E0E9EBEB4B3AE09C31964BCD822A5AE0783488A7E1781A66577488299492699574B1D87C422979B45A5C5151913E1F8F2EA4A4C4DAA54B3E1F8F0FC615EFF37C9FA55B862A2A3A9247ABC529D4D1D1810058B86169BBD5EA232B2B5C51519133333312161666DEBD6AEAEACA1B8DCE27F7FC9FFF4219595969259E476B4E9EB813CDA81E55552562626200C35D2D513C0A84E3F0385E55552EEAA8EAE2AC5E278B00A8AAAA2B845767678554BDB1B101652F24F845A653C111884C5776F49472379BCD00848585859B276E16905D5D6DF5F5F5506657B8D25DCAF82594029B271EDBDBCB3366CC01050524A6A686505050202A2A3A7A7A4A272F2F88C3E1E03162C4F07A3D8EDD7FD7CDC7CFCF282121012B2B2B83878754D4D4849D9D9D909A9A1A5656464115246B6B4BB16E9FEBA2AA1AFB7FEFFF919B9B0A434343E7FFF74BEE2237CD7FC3F2F2F2D026C49903111111B0B2B2327C7C4C566934B7B787E6DD8B114E97F1494C35333302434343C7CFCF7871711131984C2C944271BA5D8EE7E7E7C428C3A1A1A1A25FA7BB6174CAAD6A7E7C7C0D2AA879B3D9EC646C6C6CB1D078402613C129646D6D9DA347FECE419E3D3AD0683C2822222394816FD3F8BFAF2F1C018C4683D7E3F956555510060BC5141414F721429C39545555957C3E1FCE36ADABAB2B479E2D636363E4D9A3B02E8FFB0001FEB3EC9F555573A39A7E7A1AAB2F0401017181F8763BCDD2D2D25955254911030B0B7C7E7E2E736D09D90DF7527BDCB943BCC2A9E98A8C2597C3D937E114141428CFF5B89F5555D4D1D1913A1D8E1F05A5ABAB0B404060201C062B41EC2AD73D6DEE7B8C95CBEDE60624822A4A861DABC9ABC7C7D733373766FA75BA14BDA3F712676F6F4C4D4D8DB251A84F58E00E6065651542B1DBEDCEA45E275B6F1283C9F4FFAFEDA3C58D944209542A1DC72831DC6E3FB079E25155056E22CBFAB23CDA6DBE40CFF9391F4221CFFBF2F8F5FA6DE1E5E514C06834B0B2B20241A79D8704504961DEBD28ACAC8CD0D0D0201B85CAF5F5F5A21C21D5E27948B35A0922BCC2787F7F0F944218C1E874E1FFFDBF0F81031642E93CD92D71B36BBDD6EB87BBD7EBCD822A6A95562397C3A97DE1FE77BB8DDFE7FB84EAE2CCCCCC0B7AC41FA25DA68B3DD4545E5E2EB23B5B8C7404261C94812BDD9E9E9EE6477CE638A3FC8EB0245E5E5E68713520BEA9F0C495D45D4179D4D4D474FAFA8A00E0F1F068F3FBFDBEC8C467B3D17AE6E86361DEBD38D44397A8AAAAE077B3C961C28520282898C3E9F4931A118C4E0700201783C961C285411574C8442A2A2A876CFD6C14E1D7B19EE25E69347070403B24545454909A9A0A8F8F8F61C285F1F47A1D42F0FCFC2C646444433D14275ECD3D8003068DF6E0085C88FE314FA7851B86851B9636363600217DB65BACAAAA848C8C4CDBF2B44E29B6AFEFFB708FFFF11F5C5C6CD2BEA7FDB163D6A0A4A406C06030088083078EAAAABAA0829AB85C2E3E66DC5AD2D2C25F5F5F29943E3E2EB112555FD7F5422F97C31D1D1D99E7F5792B1C61E2E2C2151515281B85EA252D2D9B308CA7E178ACA9A9899D3B9633333341454506EBF2B82FF8743A6C656595B5B5B5423967DE1D275E3D7D7D6D87CFE793343434219482299413467B9DB477FC3FCF0FBEFE71FCFC9C6DD51C1C1C88828223946237938929784689EFF3F8CC2BAC502C1E87A2A2B2532F8ECC6633D8434D1389CC37C22BAB5CD7D7D7A25FA78BA8B5FBF3F9EC0042C6C6C6966A3AB6B6F60178BA57ABCD29343E3EBE81F9F67BCDDDBB47966AE9EBC32F2F3F41DF02CE6BEEB3804E4E4EA4ACAC389DCE6F9A0BAA57A3899D9D9D0103032284737B7B18C46A35301389CC9440EE77B350525212643A1558A5DA6543A7D3819C9C9CD1EBFDC6818989A8D9E46A71E2D5C30349AE578330180C0E2AA8111B1B2A479E0C2AA8D0DADA3A737343636B6B98919111BDBDAD23BC12425153533278784893CDEE17383828F0F8F868DEBD68C69D78FEBFEF3E7E7E4EF5F67B1D3D3D2D3060C092969674FCFC8CD0D0D0B05DAE4F5669044A4A4AC3EDF613699596A0B90AC3A77FDBFEC729A4A1A1818103668749454507F32D6D3299CC7EA2AA7A81BBB7B727C1040202134229993B66089032198C3C4A68523DCD7FD34EC0C0C0822A1A1F1F4FEFFFF72B94E0E4E4B57DB33CCDC3C3034D4D6D656D6DDCBD7BC4EBF5F232363675085F3611E976992F9472E4D9D03FC7FD5955453C0FCFE300525555D3E7FBA5307C8AB3749A4BADD6FE21DA65BA0880299424292959D1487E379BEF1B1E11119136363642B9287B8647A3C1140A0D2794C3FFF3FC080202031010060BC529249BC5FAF0763B9DE02C2964A9A653ADDE97A3478E292939A0828A155454A5DA753135350620434B4B9C429A9A9A983962BAB3FA623179C667B3B19D2C822A0AFB2DF0E177DBEDFE3667DE0CAFD7E368616101781A8E87DCDCDCD1F7F57DB8DDEE6F52565664FA75BA909A9A2A6565454048489802525252C47DC582D33A1D8E1C54515FB87C3E1F88CDE663201E078B55555551ABDDC6058E4703A4A4A4E3E7E764FE77BB81EFF3F84ECAA300795E9FC7424A4A9802919191F0F2F2125E5E4EE7FFF71B37372781CE67831A0D8E0667B3D1E8E5E50571B0585CA65D48861DC926DADADA818B8B1A5A5A4A402C16032B2B2B2016038996969622363D0321EEB7B5E7E9E999422993C1C86CC2FFF93FCF966A68EABE4FA5ABABFA4CB77E3F9F5EDADA9AC88583832394B1D66BCD00949595957A3D9EEE0587EA75B28DC172B1D87C83078E116DBE5789BC1A1212237432199C4295CA6D0710CD585DD7F575BD39D61CDDF23CD500F5F67B0D3211881C1F1F0F966A189A9AFA6DE0185F5FEC1A666E6EE8DDBB00050515BD7B061554505E5E1EBD7B16B5B5A5804623A16DE2DDBBC09D3B40A1D060A0821AA143163C1E0F7CE6DD58EE7FB7404A4A3A7D7D4D454D4D285CB8F0FEFE0E7432195C554542464654A65D18265C088888881B1B1BFF1C61C285F5F67B1DBCBCACD1C68AE5E3E382AD31D4536C92E6081F8E061C6A6F6F4F822A4AEC7633D8B963C867B3E1E0C1A3E0C1A3262E2E8C8585859D3B86B8542A0E20904C2E87AAAABAB061D292AFE7F92994B8B8B8221F87CB29C4F3F03C1E9898C81F8FCF076C3613FCF1F1310E975858684048482C5CB854ADDE674D03A85623C9C69D4B9A4DAE177FD7FD8783078E3D964B0E2063C6AD279FC79B32323221252546E874320880B452290E1E3C2AA2A2B2449D3B867432190E1E3C1AE174190F2AA83878E0D8B7E57D0C50B1EA5BA3E7BCFD381C0EFE3A1D1B1B0B1063B7D3C9AAAA18DDC97C8A4FA79363F0A5ADADDCEE7FB7FB98EC7E377CB3D9FCC70B0F20C5EE77E34E71E6DD6A95461D7FCE56ED7FD9A1BBBA35DA8F375BAB810306A5A5B5CFB07D7D4D020D86032D2D2DC0C4C464DEBD28A6A686966A28469C0800C5EE770381030639944A3CE17C1B0E4B4B4B314E9FE3A1960AAEAEAE02078381969696101212129F9F8FF6F6F650A3D9E4E3E7E70400140FC7E1E3E7E774F2F282C081039F9F9F317AE431333332B7DBED686D6D0D00F1FBFDCEE6DD9BB1700405AF73F98355A7DBC533CEBFF3C0D9131A47D1FD2ED9FE0B4710743A1D1CCA6DB69042095FAFDF16275E3C787848944E2F17A3470EDFE7FB74FAFA8A966A78F4F4841C1C1C504105180C0E062AA8A0AFEBFA78797919303020C1E67381DCDCDCB079E2703399CCE4D983050D0D0881C0604228F4394E0F00317AE4C1EBF5C2433D1442293E058E20AFAF8F411504EC763368BBD5EA1D9E02B65BAD0EEC7633BC72A524F8C74DDCFF2877DF21A4A4D40E7839353576F279BCDF71F8F898E52CD8D8D859554551A85C66134048489C3D7A64696939D7B82ABBB39A3962F9FDFD0D2AA8494B4B0B071E0D10E0E4E4C75DFA8F76F738F77F13A2AAAAE8F5F269A0820A3DD4707979093190480C8C8C8CDEDEDE317AE4717373126DBE57A8A9A919699580C9E46263B7D3C90E48BC562B0CE972982E7A359A68D3F8364C096C7275750581030623232371AFFFF55E8552BC7960675C86DD8C541D191909FC3BCE8F822A09E1B578F51C77BF45D3B96316DFDFCFC26FB7B3C815131312E279B40800C183071A1A1A515505354D5FC3A3DDE65BECDD701C0FC755550400A05E278BEFEFEF000022222250545444F3F03C0E003264C8B1B5B544861D689546C0DDF91DCA78F9F9F909D1D63DBDB74F4B4B0A03060C424242F5F5F5C02B8C67DE8D65DA85858D8D9802EFEFEF111313D38D222D2D9DCC65B3D1C8F3F3F3F0FEFE1EA55B16353525C3C7C734D5EA7D0000A8A8A8B2B6B664E4E484C2850BEDFE770A00505454048A8AEA23B0C22B20FE1B46A7E0FE0FFA9F989888C183077ECFFFF90800585858C0C2C232747444239DC61BB5DA6D0C00916E97E9434747874DD3313121401FC3F4010B0B2A7FDBFE17BEBEAE3366CCA0823A49315FAFDFD0B963301389CCF6F6F60089C4629247AB852940ABD5E2323636C556ADDBE5EAA1960AADADADB1B5B534D443A25FA7CBE169DD5032BDB9B9F92EB9281C06FB3EA3577934160BFD8E696565462961C2B5F741EE77B3CFAF251CA3ABAB4CABD5E2AF22212181AEAEBEA2AA9A5555343131F1EC732A1C422925F271B88CCBE5F200115E5E6E94022096AFE7F9C358DDF3F43D0EEB028DC66328698EB35AA4ECFF11DED4D4841C0E0FF77C150CD8D4D40400C1C9C9C8C1C111729C2F87515151F07BBDCE902E87E93366CCB0B4B4048282825C5C5C61D7F976881D3A00050515BDDE6F6C954660361389AAAA5855452194B210E008A3D7E389E3F9F45A8562A986623D960B1554D0BD7B60BDD66B4228F83A8E9F14802AA8A1ABAB2A7FB7DB081C38F3022B97C38912098C16E279B428A8825669A524F805E1D35FAFDFF76CBDC9C9C90A9357F4354D8F00193A6476B8B7B7A7F7F7F74429A40022EFE09C37372793F8040C0C8C1D3A44414191B2B2B2323636068686C6966A4918AEAAAA676F6FFCF5FA7D3162C4AFD33B3B3BA2AA9A3434347179792A2FAE2F2F4F1A1A1A5955459D9D9D04874F973EF71EB37FD7FD770C40565656A77C3B373766C69D0A061C1A5451402E17C35A5A5A08906995841D3A449C39343E3E9E699524A8A265DAA59442CCCCCC94421A9090C0DCB9431212120903033372399C9C423BCEBFE362C4896CD339393977886BB5D2EB4F90CEC59B4729249DC67B00012AA8E6677075C5F6CF72D7FAB6AD0FA6A6A63060C0A2AA1AD7D7C7601FCBF6F0FCFC0C001387CB8500A0EBFABA2FF10A8E8361EAEA8AB2AC2FCB434B4B48A9D4629779C7EFF783562B9D26F4394E0F292929C17FD3FC51A7DBC5E6DD8B221D860B2C2C2C00006BB5D2080505F5728EB44FCD4A4A4AC1EC7613BB670E81034641E208F9BF303B77F144E0E9EFF84229A5C69742292D61701E02D8FFC8FEEAC58B9420CD1F04F6EA9B27BEFC0ABE5FB5CBA8BB02C59B276E62A9964F95560994420800E6DD8BE6DD9B9FEDCD03068103164D4F0A618EF0F1087B0487CFA3FF0E64FD8F06F824F3010019EEBFBFEDD7EEDFCEBF9D8CF2B6D52F6DDF7FFDBA719012397688EFCF3F33C9484862D48CB64889096204180366405C2C11A5855BD6AA0514542C8424016102DA4BBBA59227CABB556D6D822834400D15867155285A71B4880102C4901812C548628BB5686224D79CC96E37EF9D5D4547B7C7DEC987451444942AE10000743BDE550000006080840000008400000025448494D0000000A0A1A0D074E40598"
reversed_hex_str = reverse_hex_string(hex_str)
print("倒置后的16进制字符串:", reversed_hex_str)
#运行结果
'''
89504E470D0A1A0A0000000D494844520000004800000048080600000055EDB34700001EA249444154789CED7C7B7454D5D9FE73E69CC97D4226865BB826845C2181094C2010884B17A58255176851D004438228D6D655BBAC72295ABBB4AD2016104248C2454150AA6DB5585A11C2C50466308140269098846BC84D2684849C33F3FCFE886793210917ABDFF7FDD6F25D6B2FC8D9FBECFDEE7DDEFBFBEE9100103F428F60F8DF46E0FF3AFC7840B7801F0FE816A0F4D46130186030DCDEF9B9DD6EB8DD6E00802449906559F4699A26E672B95C20BB8ABC5BF5EBA0CFEB72B9AE6F40F1DC0249B85CAEEF8CFF8D20E10716D29224796C5A92248FFE9E0E441F77B303FB9F802E14643018E076BB3167CE1CA4A4A4DCF44BE8275F5050802D5BB60000C2C2C2B068D122B8DD6E5CBD7A15CF3DF71C929292F0E4934F62D9B265387FFE7C9779264D9A84B4B434BCF2CA2BA8AEAE1638E8A01FF2ABAFBE0A0058BC783100C0CFCF0F6FBCF1067C7D7DA1AA2A0C06036A6A6AF0DA6BAF7D27FC6F5C5707766E8AA21000B76CD9429274B95CEC09F4BE2D5BB688779393933DC6984C263EFBECB324C9C9932733303090212121349BCD0C0909A12449CCCCCC24495AAD562A8A425996E9E3E34393C944A3D14859960980A5A5A53C71E2041545A1C160A0D96C667373B3C77A65656504C077DF7DF73BE17FE379F47840D9D9D9545595A1A1A1F4F2F2EAF2A2979717434343A9AA2AB3B3B33DFA4C2613D7AF5FCFF6F676AAAAEA8194A6696C6868606363232B2B2B19141444A3D1C8C0C0408F39727373C90EFE22004A92447F7F7F7A7B7B8B6746A39100F8D4534F7539A09C9C9CDBC67FFDFAF53D1E508F425A9665288A824B972E61C89021983C79B2203F83C180BD7BF7A2BABA1A8AA20841F9E8A38F8224B66DDB06B7DB0D4551B069D326689A2658A54F9F3E983E7D3A800E012B4912545585AAAA983163066459C6F6EDDB51505000A3D188679F7D16C5C5C5282828404B4B0BCC66339E78E209ECDBB70F15151578F2C927111C1C8C9C9C1C00404D4D8DC051C77FF0E0C1484D4DED11FFCE4AA53BE89682366CD820BEE0D34F3FDD853C9F7EFA69022049E6E5E511002F5EBCC88B172F529224C1A237CE1F1313435555A9AA2AEBEAEA18121222FA2E5DBAC4BABA3AC152FAFC3B77EE147F5B2C169264565696E8DFB0614397753AE3BF60C1829BE29F9B9BDB2305DD961EBC7AF52A344D435B5B1BDADADAA0691AAE5EBDDA655C6363232E5DBA049258BA7429264C98006F6F6FCC983103369B0DFDFAF51394A3280ACC6633EAEBEB71EFBDF7A2B0B0104F3CF1041213133DD4787474349E79E61900C0D6AD5BB16CD932444747232C2C0C85858500809FFFFCE770381C888989F9AFF0EF0E7A64B1EF02B22C0B32AEA8A84045450500A077EFDEB0582C484E4E466B6B2B8A8A8A0000D7AE5D437C7C3C52535361B55AE1EFEF0F3F3F3F8C1D3B56CCD9D2D222D83D313111FEFEFE2089D8D85858AD56D8ED76C8B20C5F5F5F242424C06030A0B4B4F47BDBD36D1D909F9F9F87ACD19FDD0C645986D168445B5B1B8C462300E0C30F3F444545052222220000FEFEFEB872E50A004055557CF0C107DDCEB56EDD3A3CF5D453505515A1A1A170381C00804B972E213131518C3B7BF62CFCFDFD61369B3D54FB77C15F875B1E90A228F8ECB3CF909191D145C8DD68C5760697CB2558E55FFFFA1732323260301850575727C690C4638F3D86A953A7E289279EC0B265CB84E09C3D7B36264E9C085996919A9A8A75EBD6213737174EA713EDEDEDC8C8C8C0840913909797074DD3A0280A962F5F8EAAAA2A31F77F837F67F8AFD57C4E4E0E01D0E170B0B4B4948AA2D0DFDF9F2693A93BBBA28B7D93969646A7D3C98484043166C58A155455958D8D8DC25E898F8F17FDCB972F6753539387E04D4A4A12FD7782FFCDD47C8F425A27CB3367CEE0DAB56B20E9D1AE5DBB863367CE405114F8FAFA02E850E3922441D3342C5FBE1C4EA71300F0E4934F8224060C1880D0D050389D4ECC9933072E970BCDCDCD18376E1C02030391979787AFBEFA0A8AA260E0C081501405C1C1C1484F4F87A669A8AFAF47BF7EFDE0743A71F2E449848787C3E57261FDFAF59024096BD6ACC1D1A3470174B0EF9DE2DF1D74A1319D0C3FFBEC335CBD7A55389F37FA5040071BB9DD6EECDFBF1F00D0D6D686DEBD7B233333134EA713F9F9F930180C282F2F477E7E3E1E7CF04100407E7E3E4E9D3A056F6F6FF8F9F92121210169696918387020EAEAEAA0691A3EF9E413B4B4B4E0B1C71EC3A449936030183077EE5C0080C96482A669686A6A82DBED464C4C0CD2D2D23068D020D4D7D70BFC5B5A5A603018BAB573F8AD53ABBB1A9DF7DE65ECF7D16459A6DD6E17E43E77EE5C02F0B07CCF9D3BC773E7CE89BF7BF7EECDDADA5A0F36397AF4A8C79CDD81AAAA9C3D7B3601B0B1B1D1A3EFE0C183DFCB7E3AB5AE1B05C0D75E7B8D0E87838AA2F091471EA1C3E1E091234768B3D9442B2A2AA2C3E1E092254B088023478E64525212232323B97CF972DA6C3602E0B469D3E8703878DF7DF771EAD4A9B4D96C9C32658A30D476EDDA458BC5C284840486858579E0131F1FCF3163C670FCF8F18C8989E1C30F3F4C92BC78F1228B8B8B49929F7EFA292D160BABAAAA78E2C40902E0A2458B68B3D9585858C8E2E2623A1C0E3A1C0E1E3B768C369B8D3367CEA4A228F4F6F6A6C160E8F1806E29C6354D13DA283E3E5EA86C1DCACBCBD1B76F5F582C16C1FFB1B1B188888880C56281D56A456464245455C5912347E0EFEF0F8BC582D4D454D4D7D7A3A4A4047BF7EE85DD6EC7F0E1C361341AA1280A060D1A04B3D90CBBDD2ED61A3264085A5B5B61B7DBE1E5E505455160B7DB51505000BBDD8EE6E666A1CEF5F5810ED6AFA9A981A669F0F1F1C1881123D0B76F5F005DC32FDDC16D93DB575F7DD585DC0170D6AC5924C9912347322121A1CB9875EBD611E87038C78D1B271CD82B57AE7850EEE9D3A75959594900DCB66D1B49323838588CA9ADADE5F9F3E77BC4AFBABA5AF4EBAE86A669FCF39FFF2CC68C1C399224999E9E7E5B7BEE1230D3632269696998306102B2B2B23061C204A4A5A5A1B8B818ADADAD629CD16884D56AC5850B17505E5E8E1D3B7660E8D0A13876EC18727373B17FFF7EE4E5E5212F2F0F1919192089A4A4247CF9E597003AACE48F3FFE18BB77EF467E7E3E4A4A4A3074E8506CDDBA15555555B870E102366EDC88F1E3C78BF51545C1E8D1A33D285CD74C2525252089848404545656A2A9A909AB57AF46656525F6EEDD8BD75F7F1DCDCDCD78E8A187101616863E7DFAC0ED7663EFDEBD771E0FD2BFA0A228C2D91B3B766C971326AF3BAB269389A9A9A924C9B4B434026053531357AD5A454551A8280A939292E8743A79EDDA356A9A4692C20ED9B3670FAF5CB942925CB060010130202080CF3FFF3C4972D0A0411C3A7468B7829B24636363191111E1B1FEB973E7841D9592924249920880AB56AD12EF6DDAB4A9473BA8C7035ABF7E3D555525003EFCF0C3545595DF7CF30D9D4E2749F299679E1163F580576363232F5FBE4CB7DBCDD6D656D6D4D4303C3CDCC33BD75B4E4E0E49B27FFFFEF4F1F1A1A2280C0C0CE43DF7DCD32586A4C3C89123098066B3999224312020401C727B7BBB18A7AA2AE7CC9923D6D23F7054549478663018181A1A4A927CEFBDF77A3CA09B0A695996316FDE3CA4A4A4409665F4EAD50B0D0D0DC8CFCF476969290C0603D2D3D3D1B76F5FE4E7E7E3FEFBEF87D96C86DBED868F8F0F82838371EEDC39848787233535152421CB32DADBDB11191989B6B636343737A3ADAD0D8AA2C0E974A2B1B1118AA2E0C081033875EA94303C5D2E17A64E9D8A9898186CDFBE1DC9C9C9183D7A3456AD5A8551A346212525053B77EE0449CC98310353A64C81B7B7374822303010D9D9D9983A75AAB0A9F6ECD983CACA4AE4E4E4083BEEB6EC20FD14F3F2F23CBE9EA66974BBDDDCB76F9F18EBE3E34392DCBA75AB87106F6B6BA3A6696C6C6C2400CE9F3FBF5B8AB87AF52A7D7D7DC5BAB22C73CC9831D4348D3366CCE8F2352B2A2A78E1C205CAB2CC8F3FFE98648792983973264932282888C1C1C15DD6C9CFCF17EFEBF0FCF3CF774BD9B764314992284912434343397EFC78D6D7D7D3E572D1ED7693245B5B5B595656C6A3478FF28B2FBE6054541433333369B3D9989A9ACA871E7AC803B9D2D252AE58B1825151512C2E2E16C1B2975F7E99D1D1D13C79F2245F7DF555211BE2E3E34992F5F5F52C2D2DA5CD66E3E2C58BA9280AABAAAAE87038088003060C604A4A0A6D361BDF7AEB2DC6C5C5F11FFFF807BFFEFA6B92E44B2FBDC4C8C848AAAACAB56BD7120063636369B15868B1587AF413EF88C5800E6FD8603008D3DCE57241D334444646C2CFCF0F24D1A74F1F582C16F8F8F8A0A9A90945454542B30407074396E52EE91B7D1E41C6DFC678A2A2A2448C475114582C169C3871020070E4C811A1394F9E3C89828202582C169C3B770EAAAA8A79344D83DBED16368E6EA71D3B764C8CEBDFBF3F860F1F0E00A8AFAF474D4D4D9714D54D594C0F9AEB02531786E5E5E5420BE8CF3A836EC7746EE9E9E9DDB21849C1624047C8B5B32BE2E5E5454DD3B86AD52AF14CA7B0CCCCCC2EAE48BF7EFDD8BB77EF1ED79A3C79326559A6A228DCBE7DBB78BE6DDBB63B17D29DC39E24613018F0FBDFFF1E478E1C812449F0F7F7872CCB2290A53B84972E5D12C12A5F5F5FAC58B1020D0D0DC8CACA82DBED1694054078D97A14202B2B0B43860C415E5E1ED6AF5F8F2FBFFC1224F1939FFC04EBD6ADC32BAFBC22E65055152E970BF3E6CD13827CD1A245902449D85C3ADEFAFF4F9C3821F6B572E54AECDEBD1B2451565606E00E85F48A152BD8D4D4C4F6F676217F3ADB41AB57AF667373337D7C7CBA9CBAD168A4A22842606EDEBC59C8B7EED6D37DA2CE14B260C102060404B0BABA5A50F1E8D1A3191D1D4D5555F98B5FFC824141411E739D3C7952C8A89E9A2CCB349BCDB7257FD09D90D637E2E7E7C7B0B03011945255952D2D2DDCB3678F1817101040F2BAA1A7E7A93A375555F9CE3BEF1000BFF8E20B3A9D4E363636D2E974B2BABADA63ECF1E3C75955554593C924127F4141415CB060015555659F3E7D3864C810C1F2FAFB8F3DF6184932222282C3860DA3D3E914ECEF743AD9D6D646921C316204870D1BC6C6C646CE9D3B978AA2D0C7C7E7A6DAAC4716BB7AF52A1A1A1A3C824C7E7E7EE8D5AB172449C2C4891311171787FCFC7C34343420333353C4941F79E411B8DD6E787B7B439665C4C7C7232B2B0B11111130994C620D2F2F2F3CF7DC7322EEB47FFF7E343434A0B9B919FFFEF7BFA1AA2ABEF9E61BB4B6B6425114646565A1A9A909D9D9D9484D4D45787838B2B2B210121282FCFC7CDC7DF7DDE8D3A70F4C26130E1E3C88F2F272A4A7A7A3A2A202050505686A6A42505010CC6633BCBDBDE172B92049528FACD52D8B7566055F5F5FD6D5D50961E672B95858584800DCB97327494F6775C488111C356A548F42F256101B1BDB455876767548B2AAAA8A00B872E5CA2EAE8AAEE25555E5830F3E48A0C315D2D53C00262626525555E18ADC318BE9E4B674E9529695959124FFF9CF7F72ECD8B1ACAEAEA6DBED66616121333333191515C5B2B232AE5DBB96168B8500181D1D4D925CBA7429A3A2A268B55AF9C73FFE516CF0F8F1E3B45AAD4C4A4AE2F8F1E3191515C5A54B979224C78D1B47599629499288477566A1871E7A8843870EA5A228DCB46913C90EA3B4BEBE9E0E8783F7DC730FA74F9F4E923C77EE1CF7EDDBC7B8B8382E5CB8900E8783616161C29BAFA9A9E1810307585A5ACAA54B977AECBD73BB69E250D334D8ED767CF1C517387CF8303EFFFC73949595C16AB5A27FFFFE229B505B5B0BBBDD8EB8B838242424C06EB78B046251519188F75CB972054EA713454545282C2CC4A1438720CB32EAEBEB61B7DB71F9F2655123A46BAB8484040C1F3E5CB829BAC63A71E2048E1C39E281ABC16010F12293C9849494940E16E994E1686B6B83DD6E47505010929393E1E5E57567A9E79E9A9E19183D7AB48733D999154E9D3AC553A74E1100DF7BEF3D929EF19CAAAA2AD6D4D488BFCD6633C9EBF122F1D5BE8DF0F9F9F98975AE5DBB46922C2E2E16E3BCBDBD495E77369B9A9A585F5F4F007CF3CD37050B76B6A3F4B672E54ABA5CAE2E62E5C6D66D01956E511A8D46AC5EBD1A070E1CC0A64D9B4012168B05369B0D797979D8BD7B37EEBFFF7EECDEBD1B797979B0DBED080B0BC38E1D3B70E6CC195CBC7811393939484E4E467A7A3A6C361B2449C2983163909B9B8BA2A2225CBE7C19353535D8B76F1F5E7FFD755456560A3CBCBCBC306BD62C4C993205B367CF060014161662DCB87190240946A311E9E9E9282F2F474141011E78E00184858561C48811983871222222224012E5E5E53874E890B0816459C6840913306CD8306CDDBA15BB77EFC6C68D1B6F2F1EA49FA69F9F1F070F1EECF1850203033969D2243A9D4ECE9A354B08C1F7DF7F9F66B399478E1C11B1978C8C0C02A0BFBFBF88E7444444302C2C4CF42B8AC2CB972F0B2A193F7E3C0D0603838282D8AB572FDE75D75D4209E831A443870E09C7B633CEBA1D3576EC58921D3EE38DB54337426B6B2B498ABCDE1DC583744391BC6EE81D397284870F1F26002124F50DDC985DD0B5841E3FD2E1E8D1A31E8E624343035D2E175555656C6C2CE3E2E248922D2D2DACA8A8F038883367CEF0EBAFBFEE165F003C78F020ED763B4D261315451176DA962D5B68329978F2E44996969612B81E10D40DDD9E58AC473B28303010414141D8B871233EFFFC734892043F3F3F848484203D3D1DE7CF9F477E7E3E66CF9E8D7BEFBD1766B3197FFDEB5F71E9D225489284010306202B2B0BEFBFFFBE10AC46A311555555686E6EC6C489133166CC18188D464892044551E0E5E585FAFA7AE4E6E62225250583070FC6C2850BD1D2D202B7DB8D0F3FFC106EB71B99999928282840595919344D434C4C0C264E9C8861C386A1BEBE5E2423478D1A0592686D6D45737333545515F857545420272707E9E9E9387EFC380E1C38706721D70D1B36D0ED767BF4D96C3641098F3FFEB86031B2C3F6080F0F1763376EDC2828AC3B16D6EB8774D034CD23B5BC7AF5EA2E2C3178F0600E18308024F9AB5FFD8AB22C539665C1C224595454444551F8E1871F8A677AFD5049498978A6471C49F2A38F3EBA7316CBCECE26D951D2565252C2C2C2424E9F3E9DB1B1B18C8C8CE49B6FBE499BCDC68888082E59B2846487A7AFB3637E7E3E49D2CBCB8B0F3CF0006D361BE3E2E2BAE4FE636262B86CD932921D46E0B66DDBA8280AC3C3C379EFBDF70A3781EC9051FEFEFE1C3B76AC079B060606D262B1F0FCF9F3428BDE75D75D8C8B8BA3D56AE52F7FF94B16161672DAB46902FF55AB56D1E170D062B1B05FBF7E220E76DB2CA683CBE542FFFEFD111212023F3F3FB85C2E188D460C1F3E1C168B05B22CE3FCF9F3282A2AC2D8B163E1EDED0D8BC5822B57AEC06EB78BF72D160B4C2693B049F41239B7DB8D3367CEA0A8A808269309B22C43D334545656E2ECD9B33874E810020202E076BBE1743AD1D2D282C3870F63E0C08188898981CBE5C2850B1760B7DBB16FDF3E040606C262B1A0BDBD1DAAAAA2A8A80823468C80D56A858F8F8F470CEA76A14716D359E481071EE831904E766831002C2C2C14CF3AE79D66CD9AD58505D7AE5D2BC6EAF198CE2CD81D6B02D723059D43C2DBB76F17784746467AE0068073E6CCE982F3EDB2588F14A40BAB9C9C1CC4C4C44051142C5DBA142E970BAFBEFA2A366EDC88BD7BF7429665949595419224F8F8F8A0B6B6168B172F467474B4A8DD898B8B83A22858B16205EC763B962D5B2632B40B162C404949092449C26BAFBD060078E9A597F0F8E38FE3EEBBEF862449D8BB77AF879DE272B9D0DEDE0E9278EEB9E760B7DBA1691A7EF7BBDFA16FDFBEC8CACA1254BA61C306D4D5D561FEFCF91DD4F02D05C7C6C6223B3B1B0B162CC0F1E3C76FEAB4764B41EBD6AD23D9E1A0B6B5B5B1B1B19183060D1235353766261545614949098F1D3B46C033EFA4176CBA5C2EDAED7602D793029DE349656565ACAEAEA6D96CF610E29DED142F2F2F9A4C26E6E7E7B3BDBD5DBC6B3299585353C3D3A74F7BE045B24B9972E7F50302026E45B53767B1FEFDFB33303090BD7BF726703D75DB19D6AC5943003C7BF62CCF9E3D4B4551E8E7E72716D78354269349D443EB1FA0F30100605C5C1C1B1B1B45F586DE747BC86AB57AAC6D341A396FDE3CF1B75EC0D5DDBEF4F88FA228DCBC793349B2B9B9992B57AEBC7316D3418FC700C0CC993311161686ECEC6CC8B20C83C1004992E0743A91959585BFFFFDEFC249D5633CBA2B70F0E04100D78BACF4B0ECE6CD9B515050004992306DDA348C19330666B31953A64C118508274F9E446161A128E1CBCDCD156B689A0687C381FCFC7C689A86AAAA2AB85C2E4C9A3409D1D1D1A2FFE0C18330180C22A0FFD9679F415555CC9D3B17010101373D836E2968FDFAF5D4348D8181814205565757B3A2A2A2CB29EBE188A143877A3CD743AEDBB76FF7F88A3A0575761601B0B2B252B0646778F7DD778580EE810DBA343DE9405ECF8B75D7C89BA79E7BA4205F5F5F1106D0055B7B7BBB284F59B66C1966CE9C094DD3D0A74F1F00C0AE5DBBE0743AE1EFEF8FDFFEF6B7F8DBDFFE86C4C444DC7DF7DD387EFC38A64F9F0E83C180AD5BB7223A3A5A50D1B469D3F0C61B6F203D3D1DBEBEBED8B56B17162F5E8CEDDBB723202000A9A9A9282D2DC5F4E9D3F1F5D75F435114BCF8E28B78F0C10761341A61341A21CBB2A87D361A8D18326488D8CBCF7EF633141616C2CFCF4FDC0078F9E597F1D1471F21393919B5B5B5003C13153A743920FD30CACBCB456D8E5E0DAAD70FEAE3F4B1172E5C406565A528C92D2B2B436464242C160BEC763B060D1A244AF902030361B55A71F6EC59141717C36AB5222A2A4AAC23CB325455157938FDFDCE75D2656565888A8A426262221C0E87883E8C1A350A00505A5A8A8A8A0A917B0B0D0D85D56A455555159C4E27482232321256AB15870E1DEAB2F72E67F27DB5AAAA2A519FB363C70E925D5D8DE1C38793241F79E41141E23A0B74760574E8D3A78F78F7ECD9B3ACABAB2300AE59B3461457E8CD66B3B1A4A4A4CB9A696969D4348D717171E259673B0F37D1623DDE177BFCF1C7919292E22150F57FF5ACE58DF7AD7EFDEB5F8B5CD4DB6FBF8DFFFCE73FC8CDCDC5BE7DFBB079F366BCFAEAAB080909C1FCF9F3316AD428FCF4A73F1599503DBE535B5B8B458B16894AD4FAFA7A519FF4873FFC015E5E5ED8B06103264F9E0C4551B065CB16A8AA0AB7DB8DF0F0705457578BDCD8C489133177EE5CC8B22CAAF16FAC28CBCDCDC5E79F7FFE3F735F4C57C546A35194A790E48E1D3BA8280A2B2B2B456656B7A43BA7858E1E3DCA43870E79E0D3399E141A1ACA81030792EC287CB83194429276BB9D8AA208FC1545614646064932313151CCBB72E54A112FFAC1EF8BE976CCD1A34745BCE84F7FFA139B9B9BA9AA2ADF7AEBAD6EC9D7D7D797A467EA5727F5356BD690A4477A7BE2C489F4F2F262505090C0D364328960D9B163C73C42B27A7BF4D1473D0E487F372020C003FF1FECBE98AEED7C7D7D11121282CCCC4C2427270BFB62F4E8D1C8CCCC142C69341A85C6D8B46913F6ECD903499270DF7DF7A177EFDE30180CB87CF932727373052BBB5C2E9C3F7F1E9AA6E19B6FBE41727232A2A3A3919B9B8BF0F0704C9A3409BD7AF5822CCB22CD0D40E4F0F43DE9F3252727233E3EFEB6AE23744B41DFE5BED8E1C3873DC67457DC70637FE7B54F9F3E2DFAF4FB60DD354992B875EB5692A424495CB870E14DD7D1D7D2AF3A180C06A144C8EB79B31FFCBED88D976775CADAB97327121313111B1B2B6C27BDFFF4E9D3282E2E466161217EF39BDF2031311149494978FFFDF721CB326C361B962D5B064551F0C9279FE0D34F3F15821DE8B832B175EB56242525C16AB562DEBC79627D4DD310151585254B964096657CFCF1C778F7DD77E176BB317FFE7C6196DC58DADC19BED7FB6224D1DCDC8CE3C78F8B9AA0C4C4449C3F7F1E76BB1D43870E15245D515181C6C646040606A27FFFFEE8DDBB374E9F3E8D92921200C0E0C18361B15860B158505E5E2E36A2B34E7979B9B877D6D0D0808686060010F5490044695F5D5D9DA8AD36994CB0582CA2B2E4B6F685EF89C56A6B6B79E6CC1931979EB7FAE0830F28CB328F1F3F2EDED7AB5881EBAE4AE7DB3AEFBCF30EC90E2DB762C58A9BB29BC160E8963DF4F5F5D434008E1933A6CB5E6EC662DFCB7D31FD4B2C5CB850D834FAF38C8C0C9C3A754A08E5DADA5A2C59B204FBF7EF87AFAF2FDE7EFB6DD4D5D521232303A74F9F465858185E7CF1454C9A3449AC7FDF7DF7C1C7C7073E3E3EA8ACAC14F7E7F535F86D26F695575E812449E25EBD979717AE5CB982949414646767E38D37DE404D4D0DE6CD9B0797CB056F6F6FAC5DBBF69682FABF56F3DDC55BBA6B870E1D62414181F83B303090E4753B0400C78D1B47B22393DAD8D8C8C6C6468F12DFA2A2226122984C261142D1D33A656565E2F9A0418378E9D225F16E7272B2073E3E3E3EB754F33D1ED09D188ABAB75D595929EEADE35B1B85BCEE4A040707B357AF5E341A8D34180C0C0E0EF6D07423468C604C4C0C49F285175EA0D96CA6D96CE60B2FBC40B2A384CECFCF4F7C40D253535AAD569138EC0EE2E3E345DEAD33DCCC50ECF1BED8AE5DBBC47DABDBF9690700D8B66D9B8747ACAAAAB8920074DC8A06AEA7B6DBDADAF097BFFC0501010130180C686A6A82A669C8CECEC6810307D0D4D404003870E000B2B3B371EAD429A13DF7EFDF2F2E11EBF85557578324727373050EFA55054992C45D32BDFF46FCBB73337EF01F37F158EC0E7FB0A4BBF13D55A2FE50D0E3017D979F97E9E9E76B6EF6F3339D0564E7E282CEEF74F7F339DDE1D7F9FDEEA0A7FEFFD59FC7F9FF1D7EFC05AA5BC08F07740BF8F1806E01FF0FCF9E8411257B39320000000049454E44AE426082
'''
然后得到一个新图片,是张二维码,扫描后得到flag
moectf{Fri3nds_d0n’t_lie!}
ctfer2077①
题目描述:
某天晚上,你在通宵速通荒坂大楼,然后你猝死了(
再睁眼你发现你坐在一辆车中,正在被公司的人追杀,正当你不知道怎么办时,脑海里突然出现一道声音"欢迎来到ctfer2077,请开始解决你的第一题",说着你的脑子连入了一张图片
注:flag格式:moectf{[\da-z-]+}
题解:
给了张二维码,扫描后得到Do you want to get the flag?Please enjoy the video:BV1hThreMEyT,没发现什么用处,后来使用zsteg秒了,得到flag为
moectf{84d7f247-3cba-4077-ba25-079f3ac7bb8a}
捂住一只耳
题目描述:
一只手捂住耳朵 另一只手搓得键盘生火 不小心按到了caps键
flag 形式以moectf{}包裹提交
题解:
键盘坐标解密,根据音频中的数字,找到对应键盘上的坐标,即可得到flag
63 31 43 31 41 52 31 51 71 101 对应 nevergetup
则flag为 moectf{nevergetup}
每人至少300份
题目描述:
npm本在愉快地度过暑假,然而天降300份社会实践问卷必须完成,与朋友们互帮互助同时,他的手机被黑阔小子盯上了,发出去的二维码被大切四块,打乱顺序,npm在手机中终于找到了侵入程序的编码,然deadline就在眼前,快来帮他恢复一下吧!
题解:
#加密脚本
def self_encoding(input_text):
code_setting_first="doanythingfryuienbcjklmqpsw"
encoded_text=" "
for x in input_text:
if x in code_setting_first:
if ord(x) < 104 :
num = ord(x) + 19
x = chr(num)
encoded_text += x + " "
elif ord(x) > 115:
num = ord(x) - 19
x = chr(num)
encoded_text += x + " "
elif 104 <= ord(x) <= 115:
num = 219 - ord(x)
x = chr(num)
encoded_text += x + " "
number_setting = "0123456789"
for i in range(len(input_text)):
if input_text[i] in number_setting:
if i != len(input_text) -1:
x = int(input_text[i]) ^ int(input_text[i+1])
encoded_text += str(x) + " "
elif i == len(input_text) - 1:
encoded_text += input_text[-1]
return encoded_text
def reverse_encoding(input_text):
output_text = input_text[::-1]
return output_text
"main函数看个大概流程奥 uu们"
if __name__=="__main__":
input_text = "balabalabala"
print(reverse_encoding(self_encoding(input_text)))
先根据加密脚本,写出解密脚本如下
#解密脚本
def decode(input_text):
code_setting_first = "fdbahijklmnopqrszyxwvut"
input_text1=""
decode_text=""
for x in input_text:
if x==" ":
continue
else:
input_text1+=x
input_text=input_text1
print(input_text)
for x in input_text:
if x in code_setting_first:
if ord(x)> 115:
num = ord(x) - 19
x = chr(num)
# print(num,x)
decode_text += x
elif ord(x) <103:
num = ord(x) + 19
x = chr(num)
decode_text += x
# print(num, x)
else:
num = 219 - ord(x)
x = chr(num)
decode_text += x
# print(num, x)
number_setting = "0123456789"
for i in range(len(input_text)):
if input_text[i] in number_setting:
if i != 0:
x = int(input_text[i]) ^ int(decode_text[-1])
decode_text+= str(x)
elif i == 0:
decode_text += input_text[0]
return decode_text
def reverse_encoding(input_text):
output_text = input_text[::-1]
return output_text
if __name__=="__main__":
miwen=""
print(reverse_encoding(decode(miwen)))
得到二维码的排列方式
735dliahiry-firstrow147
651dliwmIvxh-secondrow236
9131dliwirsa-thirdrow589(最后一个的数字是手算的)
拼图后扫描得到balabalballablblablbalablbalballbase58lblblblblllblblblblbalblbdjshjshduieyrfdrpieuufghdjhgfjhdsgfsjhdgfhjdsghjgfdshjgfhjdgfhgdh///key{3FgQG9ZFteHzw7W42}??
base58解密后得到flag
moectf{we1rd_qrc0d3}
the_secret_of_snowball
题目描述:
啊哦,captain rabbit被抓走了,最后留下的下机密就在图片里,怎么打不开,是被家宠破坏了吗,复仇计划无法进行?no way!想尽办法恢复图片,找到前一半flag,前往下水道王国 。
captain rabbit留下的最后一张图片,会有后一部分遗言?(老大不会game over的(确信),快找找吧!
flag模式 moectf{机密~}
题解:
将jpg图片放入010查看,发现其开头不符合jpg文件开头的格式,将FF D6修改为FF D8
打开图片即可发现 {Welc0me_t0_the_sec
又在末尾处发现一串base64字符 cmV0X2xpZmVfMGZfTWlzYyE=
解密后得到 ret_life_0f_Misc!
则flag为 moectf{Welc0me_t0_the_secret_life_0f_Misc!}
我的图层在你之上
题目描述:
一片漆黑,你能看出其中的奥秘吗
flag格式:moectf{[\da-z-]+}
题解:
将pdf转为svg矢量图,然后进行图层分离(https://c.p2hp.com/more/svgeditor/#google_vignette),即可得到key:p_w_d
解压后得到一串caesar密码
zbrpgs{q751894o-rr0n-47qq-85q4-r92q0443921s}
解密后得到flag为 moectf{d751894b-ee0a-47dd-85d4-e92d0443921f} 向右偏移了13位
解不完的压缩包
题目描述:
玩过俄罗斯套娃吗,就和那一样,不过最后有一点小惊喜哦,加油吧
题解:
#递归解压压缩包,不过后面是我自己手动弄的
import zipfile
import os
def extract_nested_zip(zip_file_path, extract_path, level=1, max_level=999):
"""
递归解压缩包含压缩文件的压缩包,直到达到指定的层数。
:param zip_file_path: 初始压缩包文件路径
:param extract_path: 解压的目标路径
:param level: 当前解压缩层级
:param max_level: 最大解压缩层数
"""
if level > max_level:
print(f"达到最大解压层级:{max_level}")
return
with zipfile.ZipFile(zip_file_path, 'r') as zip_ref:
current_extract_path = os.path.join(extract_path, f"level_{level}")
os.makedirs(current_extract_path, exist_ok=True)
zip_ref.extractall(current_extract_path)
print(f"第 {level} 层解压完成。")
# 在解压缩目录中查找下一个压缩包文件
for root, _, files in os.walk(current_extract_path):
for file in files:
if file.endswith('.zip'):
next_zip_file = os.path.join(root, file)
# 递归调用解压缩函数
extract_nested_zip(next_zip_file, extract_path, level + 1, max_level)
return # 只解压缩一个找到的压缩包
# 使用示例
initial_zip = './999.zip' # 替换为你的初始压缩包路径
output_dir = ('./') # 替换为解压后的输出路径
os.makedirs(output_dir, exist_ok=True)
extract_nested_zip(initial_zip, output_dir)
得到cccccccrc.zip
一眼crc爆破,直接删除flag.txt后爆破秒出,不然速度很慢,密码为:*m:#P7j0
使用密码解压后得到flag为 moectf{af9c688e-e0b9-4900-879c-672b44c550ea}
ctfer2077②
题目描述:
为了拯救T-bug和杰克,你不得不和某个联觉信标被更改的系统达成合作,它帮你改写剧情,而你帮它拿到一个关键的key。“key在这个加密卷里,我只知道密码是’法治富强自由富强和谐平等和谐平等法治法治和谐富强法治文明公正自由’,他宝贝的,只能靠你自己解密了。” 请将得到的flag以moectf{}包裹提交
题解:
首先根据题目描述拿到加密卷的密码
法治富强自由富强和谐平等和谐平等法治法治和谐富强法治文明公正自由 解密后得到:p@55w0rd
接着使用VeraCrypt对文件进行挂载得到加密卷,发现里面只有一个文件flag?.txt,没什么用处,然后查看挂载盘的属性,发现其文件系统为NTFS
我们尝试使用工具NtfsStreamsEditor2对该磁盘进行搜索可疑数据流,可以得到一个新的txt文件A!_flag?.txt!小鹤.txt
新的txt文件内容如下(这里的密文是小鹤双拼输入法):
ulpb vfde hfyz yisi buuima
key jqui xxmm vedrhx de qrpb xnxp
ulpb ui veyh dazide
ulpb vfde hfyz yisi buuima(双拼真的很有意思不是吗)
key jqui xxmm vedrhx de qrpb xnxp(key 就是下面这段话的全拼小写)
ulpb ui veyh dazide(shuangpinshizheyangdazide双拼是这样打字的)
最后可得flag为 moectf{shuangpinshizheyangdazide}
小小套娃
题目描述:
简单套娃 轻松拿下
题解:
题目给了一个加密的7z压缩包和一张图片,经过测试发现图片为IDAT隐写,使用binwalk -e进行分离可得到新的png文件(634D4为其16进制数值)
新的文件是张二维码,扫描后可以得到key:874jfy37yf37y7
解压后得到whereisthekey.txt和flag.7z(加密的,需要key)
观察后发现txt文件为零宽隐写,我们使用https://yuanfux.github.io/zero-width-web/解密后可以得到
idon’tknowmaybeits:dhufhduh48589
再次解压flag.7z后可以得到flag.txt,内容为新佛曰
新佛曰:諸隸閦僧降吽諸閦陀摩隸僧蜜念蜜劫哆咤若嘚閦嘇缽隸所羅閦劫諸諦若心菩咒閦即所空摩僧閦彌尊羅彌所眾若彌吽尊色訶閦空空閦摩即閦嚤蜜色嚴空即斯訶彌色空嚴嚴色陀閦阿降如如囑囑
使用在线网站http://hi.pcmoe.net/buddha.html解密后得到:弗拉格是{sfdh8334r784jfx_sdjjuhreubc}
则flag为 moectf{sfdh8334r784jfx_sdjjuhreubc}
拼图羔手
题目描述:
拼图羔手申请出战!“Just do it!” flag格式以moectf{}包裹提交
enjoy it!
题解:
首先是拼二维码,然后扫一下得到
balabalbalablbalblablbalabala//nihaopintugaoshou//encoded flag{71517ysd%ryxsc!usv@ucy*wqosy*qxl&sxl*sbys^wb$syqwp$ysyw!qpw@hs}
#encode加密脚本
from base64 import b64encode as be
def self_encoding(input_text):
code_setting_first="doanythigfruebcjklmqpswvxz"
code_setting_sec="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
number_setting = "0123456789"
encoded_text=" "
for x in input_text:
if x in code_setting_first:
if ord(x) < 104 :
num = ord(x) + 19
elif ord(x) > 115:
num = ord(x) - 19
elif 104 <= ord(x) <= 115:
num = 219 - ord(x)
encoded_text += chr(num) + " "
elif x in code_setting_sec:
if 64 < ord(x) < 72:
num = ord(x) + 7
elif 71 < ord(x) < 79:
num = ord (x) - 7
elif 78 < ord(x) < 82:
num = ord(x) + 9
elif 87 < ord(x) < 91:
num = ord(x) - 9
elif 81 < ord(x) < 88:
num = 168 - ord(x)
encoded_text += chr(num) + " "
elif x not in number_setting:
encoded_text += x
for i in range(len(input_text)):
if input_text[i] in number_setting:
if i != len(input_text) -1:
x = int(input_text[i]) ^ int(input_text[i+1])
encoded_text += str(x) + " "
elif i == len(input_text) - 1:
encoded_text += input_text[-1]
return encoded_text
def reverse_encoding(input_text):
output_text = input_text[::-1]
return output_text
def strange_character_hint(key):
key = self_encoding(reverse_encoding(key))
res="".join((key).split(" "))
print(be(res.encode('utf-8')))
"""enjoy the revenge!"""
if __name__=="__main__":
input_text = "idon'tknow"
key="don'tknoweither"
print("".join((reverse_encoding(self_encoding(input_text))).split(" ")))
strange_character_hint(key)
#strange_character_hint(key)$output:b'eGl4c2R4bmxVbVhpeHVuYkdzYXJkZnRhVWl4YXZ0aXRzSnh6bXRpYVU='
根据加密脚本逆向写出解密脚本如下
from base64 import b64decode as be
def self_decoding(input_text):
code_setting_first = "doanythigfruebcjklmqpswvxz"
code_setting_sec = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
number_setting = "0123456789"
decoded_text = " "
for x in input_text:
if ord(x) - 19 < 104 and chr(ord(x) - 19) in code_setting_first:
decoded_text += chr(ord(x) - 19) + " "
if ord(x) + 19 > 115 and chr(ord(x) + 19) in code_setting_first:
decoded_text += chr(ord(x) + 19) + " "
if 104 <= 219 - ord(x) <= 115 and chr(219 - ord(x)) in code_setting_first:
decoded_text += chr(219 - ord(x)) + " "
if 64 < ord(x) - 7 < 72 and chr(ord(x) - 7) in code_setting_sec:
decoded_text += chr(ord(x) - 7) + " "
if 71 < ord(x) + 7 < 79 and chr(ord(x) + 7) in code_setting_sec:
decoded_text += chr(ord(x) + 7) + " "
if 78 < ord(x) - 9 < 82 and chr(ord(x) - 9) in code_setting_sec:
decoded_text += chr(ord(x) - 9) + " "
if 87 < ord(x) + 9 < 91 and chr(ord(x) + 9) in code_setting_sec:
decoded_text += chr(ord(x) + 9) + " "
if 81 < 168 - ord(x) < 88 and chr(168 - ord(x)) in code_setting_sec:
decoded_text += chr(168 - ord(x)) + " "
if x not in number_setting and x not in code_setting_first and x not in code_setting_sec:
decoded_text += x
return decoded_text
def reverse_decoding(input_text):
output_text = input_text[::-1]
return output_text
def strange_character_hint(key):
key = be(key)
key = self_decoding(key.decode('utf-8'))
res = "".join((key).split(" "))
print(reverse_decoding(res))
strange_character_hint(b'eGl4c2R4bmxVbVhpeHVuYkdzYXJkZnRhVWl4YXZ0aXRzSnh6bXRpYVU=')
key = reverse_decoding("ysd%ryxsc!usv@ucy*wqosy*qxl&sxl*sbys^wb$syqwp$ysyw!qpw@hs")
print("".join(self_decoding(key).split(" ")))
#StrangeCharacterStaywithNumberOnSomewhere
#hs@dkj!dfhf$kdjfh$ud^hfuh*oeh&oej*fhljd*fvb@chb!vhefi%whf
# hs@dkj!dfhf$kdjfh$ud^hfuh*oeh&oej*fhljd*fvb@chb!vhefi%whf52367
# 定义替换规则
replacement_dict = {
'!': '1',
'@': '2',
'$': '4',
'%': '5',
'^': '6',
'&': '7',
'*': '8',
}
# 替换函数
def replace_symbols(text):
for symbol, number in replacement_dict.items():
text = text.replace(symbol, number)
return text
# 输入示例
input_text = "hs@dkj!dfhf$kdjfh$ud^hfuh*oeh&oej*fhljd*fvb@chb!vhefi%whf52367"
# 调用替换函数
output_text = replace_symbols(input_text)
# 输出结果
print(output_text)
可得flag为 moectf{hs2dkj1dfhf4kdjfh4ud6hfuh8oeh7oej8fhljd8fvb2chb1vhefi5whf52367}
ctfer2077③
题目描述:
终于到最后一章了,干爆亚当·重锤,想不出文案了,开摆
狡猾的出题人因为不想让你们做出来,将附件上传到了服务器上,不过还好有Alt帮你获取了这段流量,接下来,就靠你自己了
注:请将最终结果以_分离并包上moectf{}提交
题解:
首先查看http流,发现其上传了东西,追踪http流看一下
发现PK字样,上传了一个secret.zip,导出后解压得到
将gif分帧查看发现第三十帧得到key:C5EZFsC6,用得到的key去解密MP3音频文件
解密后得到
+++++ +++[- >++++ ++++< ]>+++ +++++ .<+++ +[->- ---<] >---. <++++ +++[-
>++++ +++<] >+.<+ ++++[ ->--- --<]> ----- -.<++ +[->+ ++<]> +++++ +.<++
+[->- --<]> -.<++ ++[-> ----< ]>--- -.<++ ++++[ ->+++ +++<] >++++ +.<
brainfuck解密(https://www.splitbrain.org/services/ook)后得到新的key:H5gHWM9b
解压flag.zip后得到三个内容都是01的txt文件,直接将1画成黑色,0画成白色,得到三张图片(跳舞的小人)
from PIL import Image
def txt_to_image(input_file, output_file):
# 读取文本文件
with open(input_file, 'r') as f:
lines = f.readlines()
# 获取图像的宽度和高度
width = len(lines[0].strip())
height = len(lines)
# 创建一个新的RGB图像
image = Image.new('RGB', (width, height), "white")
pixels = image.load()
# 将文本中的字符映射到图像像素
for y, line in enumerate(lines):
for x, char in enumerate(line.strip()):
if char == '1':
pixels[x, y] = (0, 0, 0) # 黑色
elif char == '0':
pixels[x, y] = (255, 255, 255) # 白色
# 保存图像文件
image.save(output_file)
print(f"图像已保存为 {output_file}")
# 用法
input_file = 'input.txt' # 输入的txt文件路径
output_file = 'output_image.png' # 输出图像的文件名称
txt_to_image(input_file, output_file)
对照密码表得到flag为 moectf{PEOPLE_DANCING_HAPPILY}
ez_usbpcap
题目描述:
npm本在欢快地玩游戏,键盘声敲得和奏乐一样,隔壁大黑阔偷偷把usb接口换了一下,终于找到了npm奏乐如此动人的原因!
题解:
首先打开流量包flag.pacpng,发现其为usb流量,仔细观察可以发现为键盘流量
然后使用过滤器筛选出有用的键盘流量(source为2.1.1的流量)
usb.src==2.1.1
将筛选后的流量另存为新的流量包test.pacpng,接着我们使用pcap2text对其进行解密
#!/usr/bin/env python
# coding:utf-8
import argparse
import os
from tempfile import NamedTemporaryFile
BOOT_KEYBOARD_MAP = {
0x00: (None, None), # Reserved (no event indicated)
0x01: ('', ''), # ErrorRollOver
0x02: ('', ''), # POSTFail
0x03: ('', ''), # ErrorUndefined
0x04: ('a', 'A'), # a
0x05: ('b', 'B'), # b
0x06: ('c', 'C'), # c
0x07: ('d', 'D'), # d
0x08: ('e', 'E'), # e
0x09: ('f', 'F'), # f
0x0a: ('g', 'G'), # g
0x0b: ('h', 'H'), # h
0x0c: ('i', 'I'), # i
0x0d: ('j', 'J'), # j
0x0e: ('k', 'K'), # k
0x0f: ('l', 'L'), # l
0x10: ('m', 'M'), # m
0x11: ('n', 'N'), # n
0x12: ('o', 'O'), # o
0x13: ('p', 'P'), # p
0x14: ('q', 'Q'), # q
0x15: ('r', 'R'), # r
0x16: ('s', 'S'), # s
0x17: ('t', 'T'), # t
0x18: ('u', 'U'), # u
0x19: ('v', 'V'), # v
0x1a: ('w', 'W'), # w
0x1b: ('x', 'X'), # x
0x1c: ('y', 'Y'), # y
0x1d: ('z', 'Z'), # z
0x1e: ('1', '!'), # 1
0x1f: ('2', '@'), # 2
0x20: ('3', '#'), # 3
0x21: ('4', '$'), # 4
0x22: ('5', '%'), # 5
0x23: ('6', '^'), # 6
0x24: ('7', '&'), # 7
0x25: ('8', '*'), # 8
0x26: ('9', '('), # 9
0x27: ('0', ')'), # 0
0x28: ('\n', '\n'), # Return (ENTER)
0x29: ('[ESC]', '[ESC]'), # Escape
0x2a: ('\b', '\b'), # Backspace
0x2b: ('\t', '\t'), # Tab
0x2c: (' ', ' '), # Spacebar
0x2d: ('-', '_'), # -
0x2e: ('=', '+'), # =
0x2f: ('[', '{'), # [
0x30: (']', '}'), # ]
0x31: ('\\', '|'), # \
0x32: ('', ''), # Non-US # and ~
0x33: (';', ':'), # ;
0x34: ('\'', '"'), # '
0x35: ('`', '~'), # `
0x36: (',', '<'), # ,
0x37: ('.', '>'), # .
0x38: ('/', '?'), # /
0x39: ('[CAPSLOCK]', '[CAPSLOCK]'), # Caps Lock
0x3a: ('[F1]', '[F1]'), # F1
0x3b: ('[F2]', '[F2]'), # F2
0x3c: ('[F3]', '[F3]'), # F3
0x3d: ('[F4]', '[F4]'), # F4
0x3e: ('[F5]', '[F5]'), # F5
0x3f: ('[F6]', '[F6]'), # F6
0x40: ('[F7]', '[F7]'), # F7
0x41: ('[F8]', '[F8]'), # F8
0x42: ('[F9]', '[F9]'), # F9
0x43: ('[F10]', '[F10]'), # F10
0x44: ('[F11]', '[F11]'), # F11
0x45: ('[F12]', '[F12]'), # F12
0x46: ('[PRINTSCREEN]', '[PRINTSCREEN]'), # Print Screen
0x47: ('[SCROLLLOCK]', '[SCROLLLOCK]'), # Scroll Lock
0x48: ('[PAUSE]', '[PAUSE]'), # Pause
0x49: ('[INSERT]', '[INSERT]'), # Insert
0x4a: ('[HOME]', '[HOME]'), # Home
0x4b: ('[PAGEUP]', '[PAGEUP]'), # Page Up
0x4c: ('[DELETE]', '[DELETE]'), # Delete Forward
0x4d: ('[END]', '[END]'), # End
0x4e: ('[PAGEDOWN]', '[PAGEDOWN]'), # Page Down
0x4f: ('[RIGHTARROW]', '[RIGHTARROW]'), # Right Arrow
0x50: ('[LEFTARROW]', '[LEFTARROW]'), # Left Arrow
0x51: ('[DOWNARROW]', '[DOWNARROW]'), # Down Arrow
0x52: ('[UPARROW]', '[UPARROW]'), # Up Arrow
0x53: ('[NUMLOCK]', '[NUMLOCK]'), # Num Lock
0x54: ('[KEYPADSLASH]', '/'), # Keypad /
0x55: ('[KEYPADASTERISK]', '*'), # Keypad *
0x56: ('[KEYPADMINUS]', '-'), # Keypad -
0x57: ('[KEYPADPLUS]', '+'), # Keypad +
0x58: ('[KEYPADENTER]', '[KEYPADENTER]'), # Keypad ENTER
0x59: ('[KEYPAD1]', '1'), # Keypad 1 and End
0x5a: ('[KEYPAD2]', '2'), # Keypad 2 and Down Arrow
0x5b: ('[KEYPAD3]', '3'), # Keypad 3 and PageDn
0x5c: ('[KEYPAD4]', '4'), # Keypad 4 and Left Arrow
0x5d: ('[KEYPAD5]', '5'), # Keypad 5
0x5e: ('[KEYPAD6]', '6'), # Keypad 6 and Right Arrow
0x5f: ('[KEYPAD7]', '7'), # Keypad 7 and Home
0x60: ('[KEYPAD8]', '8'), # Keypad 8 and Up Arrow
0x61: ('[KEYPAD9]', '9'), # Keypad 9 and Page Up
0x62: ('[KEYPAD0]', '0'), # Keypad 0 and Insert
0x63: ('[KEYPADPERIOD]', '.'), # Keypad . and Delete
0x64: ('', ''), # Non-US \ and |
0x65: ('', ''), # Application
0x66: ('', ''), # Power
0x67: ('[KEYPADEQUALS]', '='), # Keypad =
0x68: ('[F13]', '[F13]'), # F13
0x69: ('[F14]', '[F14]'), # F14
0x6a: ('[F15]', '[F15]'), # F15
0x6b: ('[F16]', '[F16]'), # F16
0x6c: ('[F17]', '[F17]'), # F17
0x6d: ('[F18]', '[F18]'), # F18
0x6e: ('[F19]', '[F19]'), # F19
0x6f: ('[F20]', '[F20]'), # F20
0x70: ('[F21]', '[F21]'), # F21
0x71: ('[F22]', '[F22]'), # F22
0x72: ('[F23]', '[F23]'), # F23
0x73: ('[F24]', '[F24]'), # F24
0x74: ('', ''), # Execute
0x75: ('', ''), # Help
0x76: ('', ''), # Menu
0x77: ('', ''), # Select
0x78: ('', ''), # Stop
0x79: ('', ''), # Again
0x7a: ('', ''), # Undo
0x7b: ('', ''), # Cut
0x7c: ('', ''), # Copy
0x7d: ('', ''), # Paste
0x7e: ('', ''), # Find
0x7f: ('', ''), # Mute
0x80: ('', ''), # Volume Up
0x81: ('', ''), # Volume Down
0x82: ('', ''), # Locking Caps Lock
0x83: ('', ''), # Locking Num Lock
0x84: ('', ''), # Locking Scroll Lock
0x85: ('', ''), # Keypad Comma
0x86: ('', ''), # Keypad Equal Sign
0x87: ('', ''), # International1
0x88: ('', ''), # International2
0x89: ('', ''), # International3
0x8a: ('', ''), # International4
0x8b: ('', ''), # International5
0x8c: ('', ''), # International6
0x8d: ('', ''), # International7
0x8e: ('', ''), # International8
0x8f: ('', ''), # International9
0x90: ('', ''), # LANG1
0x91: ('', ''), # LANG2
0x92: ('', ''), # LANG3
0x93: ('', ''), # LANG4
0x94: ('', ''), # LANG5
0x95: ('', ''), # LANG6
0x96: ('', ''), # LANG7
0x97: ('', ''), # LANG8
0x98: ('', ''), # LANG9
0x99: ('', ''), # Alternate Erase
0x9a: ('', ''), # SysReq/Attention
0x9b: ('', ''), # Cancel
0x9c: ('', ''), # Clear
0x9d: ('', ''), # Prior
0x9e: ('', ''), # Return
0x9f: ('', ''), # Separator
0xa0: ('', ''), # Out
0xa1: ('', ''), # Oper
0xa2: ('', ''), # Clear/Again
0xa3: ('', ''), # CrSel/Props
0xa4: ('', ''), # ExSel
0xa5: ('', ''), # Reserved
0xa6: ('', ''), # Reserved
0xa7: ('', ''), # Reserved
0xa8: ('', ''), # Reserved
0xa9: ('', ''), # Reserved
0xaa: ('', ''), # Reserved
0xab: ('', ''), # Reserved
0xac: ('', ''), # Reserved
0xad: ('', ''), # Reserved
0xae: ('', ''), # Reserved
0xaf: ('', ''), # Reserved
0xb0: ('', ''), # Keypad 00
0xb1: ('', ''), # Keypad 000
0xb2: ('', ''), # Thousands Separator
0xb3: ('', ''), # Decimal Separator
0xb4: ('', ''), # Currency Unit
0xb5: ('', ''), # Currency Sub-unit
0xb6: ('', ''), # Keypad (
0xb7: ('', ''), # Keypad )
0xb8: ('', ''), # Keypad {
0xb9: ('', ''), # Keypad }
0xba: ('', ''), # Keypad Tab
0xbb: ('', ''), # Keypad Backspace
0xbc: ('', ''), # Keypad A
0xbd: ('', ''), # Keypad B
0xbe: ('', ''), # Keypad C
0xbf: ('', ''), # Keypad D
0xc0: ('', ''), # Keypad E
0xc1: ('', ''), # Keypad F
0xc2: ('', ''), # Keypad XOR
0xc3: ('', ''), # Keypad ^
0xc4: ('', ''), # Keypad %
0xc5: ('', ''), # Keypad <
0xc6: ('', ''), # Keypad >
0xc7: ('', ''), # Keypad &
0xc8: ('', ''), # Keypad &&
0xc9: ('', ''), # Keypad |
0xca: ('', ''), # Keypad ||
0xcb: ('', ''), # Keypad :
0xcc: ('', ''), # Keypad #
0xcd: ('', ''), # Keypad Space
0xce: ('', ''), # Keypad @
0xcf: ('', ''), # Keypad !
0xd0: ('', ''), # Keypad Memory Store
0xd1: ('', ''), # Keypad Memory Recall
0xd2: ('', ''), # Keypad Memory Clear
0xd3: ('', ''), # Keypad Memory Add
0xd4: ('', ''), # Keypad Memory Subtract
0xd5: ('', ''), # Keypad Memory Multiply
0xd6: ('', ''), # Keypad Memory Divide
0xd7: ('', ''), # Keypad +/-
0xd8: ('', ''), # Keypad Clear
0xd9: ('', ''), # Keypad Clear Entry
0xda: ('', ''), # Keypad Binary
0xdb: ('', ''), # Keypad Octal
0xdc: ('', ''), # Keypad Decimal
0xdd: ('', ''), # Keypad Hexadecimal
0xde: ('', ''), # Reserved
0xdf: ('', ''), # Reserved
0xe0: ('', ''), # Left Control
0xe1: ('', ''), # Left Shift
0xe2: ('', ''), # Left Alt
0xe3: ('', ''), # Left GUI
0xe4: ('', ''), # Right Control
0xe5: ('', ''), # Right Shift
0xe6: ('', ''), # Right Alt
0xe7: ('', ''), # Right GUI
}
def parse_boot_keyboard_report(data: bytearray):
# 数据解析
modifiers = data[0] # 修改键字节
keys = data[2:8] # 键码字节
# 将修改键字节中的位解码为按键修饰符
ctrl = (modifiers & 0x11) != 0
shift = (modifiers & 0x22) != 0
alt = (modifiers & 0x44) != 0
gui = (modifiers & 0x88) != 0
# 解析键码字节并将其映射为字符
characters = []
for key in keys:
if key != 0:
# 键码不为0则查询映射表
if key in BOOT_KEYBOARD_MAP:
characters.append(BOOT_KEYBOARD_MAP[key][shift])
else:
characters.append(None)
return (ctrl, shift, alt, gui, characters)
def help_formatter(prog):
return argparse.HelpFormatter(prog, max_help_position=40)
def main():
# 解析命令行参数
parser = argparse.ArgumentParser(
description='Parse keyboard report data and output as text', formatter_class=help_formatter)
parser.add_argument('pcapng_file', help='path to the pcapng file')
args = parser.parse_args()
# 通过tshark解析pcapng文件,获取键盘数据包
tmpfile = NamedTemporaryFile(delete=False)
tmpfile.close()
command = "tshark -r %s -T fields -e usbhid.data -e usb.capdata > %s" % (
args.pcapng_file, tmpfile.name)
os.system(command)
with open(tmpfile.name, 'r') as f:
lines = f.readlines()
os.unlink(tmpfile.name)
# 解析键盘数据包,获取输入字符
text = ""
last_characters_count = {}
repeat_limit = 2
for line in lines:
capdata = line.strip().replace(':', '')
if capdata:
data = bytearray.fromhex(capdata)
characters = parse_boot_keyboard_report(data)[-1]
if not characters:
last_characters_count = {}
else:
for character in characters:
if character:
last_characters_count = {character: count for character,
count in last_characters_count.items() if character in characters}
if character in last_characters_count:
last_characters_count[character] += 1
if last_characters_count[character] <= repeat_limit:
continue
else:
last_characters_count[character] = 1
text += character
else:
pass
raw_text = repr(text)
print(f'Raw output:\n{raw_text}')
print(f'Text output:\n{text}')
if __name__ == "__main__":
main()
解密后得到
[KEYPAD6]d[KEYPAD6]f[KEYPAD6][KEYPAD5][KEYPAD6][KEYPAD3][KEYPAD7][KEYPAD4][KEYPAD6][KEYPAD6][KEYPAD7]b[KEYPAD6]e[KEYPAD3][KEYPAD1][KEYPAD6][KEYPAD8][KEYPAD6][KEYPAD1][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD7][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD9][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD5][KEYPAD6][KEYPAD4][KEYPAD6][KEYPAD9][KEYPAD6][KEYPAD1][KEYPAD6]e[KEYPAD6]c[KEYPAD3][KEYPAD3][KEYPAD3][KEYPAD2][KEYPAD3][KEYPAD4][KEYPAD3][KEYPAD5][KEYPAD3][KEYPAD1][KEYPAD7]d
然后写个替换脚本如下
replacement_dict = {
'[KEYPAD0]': '0',
'[KEYPAD1]': '1',
'[KEYPAD2]': '2',
'[KEYPAD3]': '3',
'[KEYPAD4]': '4',
'[KEYPAD5]': '5',
'[KEYPAD6]': '6',
'[KEYPAD7]': '7',
'[KEYPAD8]': '8',
'[KEYPAD9]': '9',
}
# 替换函数
def replace_symbols(text):
for symbol, number in replacement_dict.items():
text = text.replace(symbol, number)
return text
# 输入示例
input_text = "[KEYPAD6]d[KEYPAD6]f[KEYPAD6][KEYPAD5][KEYPAD6][KEYPAD3][KEYPAD7][KEYPAD4][KEYPAD6][KEYPAD6][KEYPAD7]b[KEYPAD6]e[KEYPAD3][KEYPAD1][KEYPAD6][KEYPAD8][KEYPAD6][KEYPAD1][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD7][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD9][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD5][KEYPAD6][KEYPAD4][KEYPAD6][KEYPAD9][KEYPAD6][KEYPAD1][KEYPAD6]e[KEYPAD6]c[KEYPAD3][KEYPAD3][KEYPAD3][KEYPAD2][KEYPAD3][KEYPAD4][KEYPAD3][KEYPAD5][KEYPAD3][KEYPAD1][KEYPAD7]d"
# 调用替换函数
output_text = replace_symbols(input_text)
# 输出结果
print(output_text)
#6d6f656374667b6e3168613077307930756469616e6c33323435317d
将得到的字符进行base16解密后得到flag
moectf{n1ha0w0y0udianl32451}
替换脚本如下
replacement_dict = {
'[KEYPAD0]': '0',
'[KEYPAD1]': '1',
'[KEYPAD2]': '2',
'[KEYPAD3]': '3',
'[KEYPAD4]': '4',
'[KEYPAD5]': '5',
'[KEYPAD6]': '6',
'[KEYPAD7]': '7',
'[KEYPAD8]': '8',
'[KEYPAD9]': '9',
}
# 替换函数
def replace_symbols(text):
for symbol, number in replacement_dict.items():
text = text.replace(symbol, number)
return text
# 输入示例
input_text = "[KEYPAD6]d[KEYPAD6]f[KEYPAD6][KEYPAD5][KEYPAD6][KEYPAD3][KEYPAD7][KEYPAD4][KEYPAD6][KEYPAD6][KEYPAD7]b[KEYPAD6]e[KEYPAD3][KEYPAD1][KEYPAD6][KEYPAD8][KEYPAD6][KEYPAD1][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD7][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD9][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD5][KEYPAD6][KEYPAD4][KEYPAD6][KEYPAD9][KEYPAD6][KEYPAD1][KEYPAD6]e[KEYPAD6]c[KEYPAD3][KEYPAD3][KEYPAD3][KEYPAD2][KEYPAD3][KEYPAD4][KEYPAD3][KEYPAD5][KEYPAD3][KEYPAD1][KEYPAD7]d"
# 调用替换函数
output_text = replace_symbols(input_text)
# 输出结果
print(output_text)
#6d6f656374667b6e3168613077307930756469616e6c33323435317d
将得到的字符进行base16解密后得到flag
moectf{n1ha0w0y0udianl32451}
原文地址:https://blog.csdn.net/ASD830/article/details/142999985
免责声明:本站文章内容转载自网络资源,如本站内容侵犯了原著者的合法权益,可联系本站删除。更多内容请关注自学内容网(zxcms.com)!