hvv中级笔试题
注入分析
上脚本:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
| #!/usr/bin/env python
# -*- encoding: utf-8 -*-
'''
# @Time : 2023/04/10 20:51:52
# @Author: wd-2711
'''
import re
pattern_1 = r'\[(.*?)\]'
pattern_2 = r"binary\('(.+?)'\)"
pattern_3 = r"IF\(.+?="
flag = ""
with open("log", "r") as f:
for i in range(1845):
d = f.readline()
matches_1 = re.findall(pattern_1, d)
matches_2 = re.findall(pattern_2, d)
matches_3 = re.findall(pattern_3, d)
if i == 0:
pre_matches_1 = matches_1
pre_matches_2 = matches_2
pre_matches_3 = matches_3
continue
else:
if pre_matches_1 == matches_1:
print(i, pre_matches_2, pre_matches_3)
if len(pre_matches_2) == 1:
flag += pre_matches_2[0]
pre_matches_1 = matches_1
pre_matches_2 = matches_2
pre_matches_3 = matches_3
continue
print(flag)
print()
|
最后第28位是空的,爆破出来为4,最终flag{62f4ca6cf1654106e3555c4cc2cf4087}。
Shell
将下图红框16进制数复制到flag.zip中,就差2分钟就做出来了:
解压密码为:
最终flag为flag{acaff8cb-d1c1-7724-ba9d-e0e59a64323e}。