安全杂项

signin

题目描述:

  • xdsec的小伙伴们和参赛者来上课,碰巧这一天签到系统坏了,作为老师的你,要帮他们

    教师代签。

    • 特殊提醒:luo同学今天好像在宿舍打游戏,不想来上课,这是严重的缺勤行为!!
  • 签到完成后点击左下角的完成按钮并点击完成,如果你做的是正确的,等待几秒钟就会出现flag!

  • 要是没正确签到,就无法拿到真正的flag哦。

  • flag 格式 moectf{[\da-zA-Z_!]+}

题解:

按照要求给学生进行教师代签,luo同学给缺勤,即可得到flag

moectf{Thanks_For_You_signing_in_4ND_W3l0c0me_T0_M0ecTf_2024!!!}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

罗小黑战记

题目描述:

小黑祝大家中秋快乐(拜个早秋)

题解:

将给的gif图片进行分离得到很多图片,发现其中有二维码,扫描后得到flag

moectf{y0uu6r3th3m0st3r1nth1sf13ld}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

杂项入门指北

题目描述:

什么?!还没有看到flag?快去欣赏海报吧

推荐新生使用并尝试掌握赛博厨师——CTFer的瑞士军刀:https://gchq.github.io/CyberChef/

海报得到的内容以 moectf{}包裹提交

题解:

在图的右半部分发现一串摩斯密码

.... ....- ...- . ..--.- .- ..--.- --. ----- ----- -.. ..--.- - .---- -- .

解密后得到:H4VE_A_G00D_T1ME

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

即flag为 moectf{H4VE_A_G00D_T1ME}

ez_Forensics

题目描述:

某天,ubw亲眼看着npm在cmd中输入命令,将flag写入了flag.txt,然后删除了flag.txt。npm自信地认为没有人能够获取这道题的flag。然而,npm并没有料到,在他关闭cmd前,ubw及时保存了电脑的内存镜像。

题解:

根据提示直接使用vol2的cmdscan命令查看cmd,即可得到flag

moectf{WWBGY-TLVC5-XKYBZ}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

so many ‘m’

题目描述:

不是,怎么这么乱啊,这让我怎么做题

题解:

给了很多字符,直接猜测字符统计,可以得到flag

moectf{C0MpuTaskingD4rE}

Abnormal lag

题目描述:

某天,npm正欣赏着刚从某网站上下载的歌曲,却发现这首歌的开头与结尾都有不正常卡顿,聪明的你能发现这其中的问题吗

flag格式:moectf{[\da-f-]+}

题解:

根据提示将音频放入Audacity中查看其频谱图的开头和结尾,拼接在一起即可得到flag

moectf{09e3f7f8-c970-4c71-92b0-6f03a677421a}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

ez_F5

题目描述:

这天,妙蛙种子还在因为该如何藏flag而头疼,直到他不小心触碰了刷新键,瞬间flag和妙蛙种子都消失了,只留下了一张照片,你能救出妙蛙种子吗。

flag格式:moectf{[\da-zA-Z_]+}

题解:

使用工具F5-steganography(需要java8环境),用其解密还需要key

在给定jpg图片的属性中发现一串base32编码:NZXV64DBONZXO33SMQ======

解密后得到key:no_password

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

F5解密后得到flag为 moectf{F5_15_s0_lntere5t1n9}

The upside and down

题目描述:

Stranger things看入迷了,不知道从哪里潜入the upside and down(异世界)来拯救霍金斯小镇,入口就在此题!

flag 格式 以moectf{}包裹

题解:

将给定文件放入winhex中查看,发现是倒置的png格式的16进制数,直接写个python脚本进行倒置

def reverse_hex_string(hex_string):
    # 将输入的16进制字符串进行切片,获取每个16进制字符
    hex_digits = [hex_string[i:i+1] for i in range(0, len(hex_string), 1)]
    # 将切片后的列表进行倒序排序
    hex_digits.reverse()
    # 拼接倒序排序后的16进制字符列表,并返回结果
    return ''.join(hex_digits)

# 测试功能实现
hex_str = "280624EA44E45494000000002393B7521148E9FCF0FF10E6081F8FB04770F80CB5AA50CFE7D1FF9F7CF95DFFEF7A0AEEDF9F7D1EDD933F7F47FEEC282E7E4650D9333F6FE6B67E9E9E79F979D7103E0D05EF2A55D31FBB4A0BF7E0CE851F73F10FE73337BBCF64FFDB23D54C29945055AFE05037372742387575558FBE11E2F2FDFE7FD31A924DAE173B3B2B000E078300404D4D0D7030186CECEC8C966A28A6A686C0810310101050CFFB790FADADBD6B7AEA60A8CD4700298BAAAACA7478B9D66B8D0070969FBDBAD74CBBD5EA8DEB1FCE05CCCD33DAED543E3E2EE0CE831965DAA535352D04C7F4FCFCEC483A2B04CBF2B06EC69D6AC69D0AE571582F94C0C4C406C86432470D6FE0E0C0C08143D8A143E5FA753B707040A4EECB58B1B53EDAEE929595D57BABA881D90DE1D33F457BE3E3E3E3702B2727E61F522D9E8738140A9F2E565656A33D1D241162C4892216222A2AFD21F8646C6C8C8D8DAD39322B74B1D87C0040B3574E090303B38F18141426D1E078B6ABB55CDD3F65FBAF28696FBBD5CAF6F6F650BC7970B9DC6ED0D4D404ED73D83E767646414949289BC5EA717979DBE52E944218E575596F62D68F535F7E7F41CACA8AE3E3E3707C7C1C7FD7FDF7CA9443A9C4541FC7E581858564F9F47A303232125D5D4DD6BFE7EDF2FAFA78FE7FBF402B95C2A5ADAD5E80A457A3C9C0C8C83FAF438D058BC5C2B4DF13D7BCFD266CE6E5BC6A3391E800434D5F5F4FD3698E061CB92BB9A85C267BD2E09CE03FCBFEA3BD7EA4EABE1885BA7DEDE2F3F1F823BC82F0380EAF7BE9791391CC6E97B6B6A65C98FE586F6B4E2B2AC2850BC49963DA8AD9D5D5F5964400945F0100606868080D0D6D778B9B9797E43B2A63E2E5E505851B06851B16381C0E0C00212929D8E3F9E473BBDD8EEFFFF72A606040646C6C181515D54251E07834D1BB67E1F7F3C9444C4C0AA9B8F87C3EC8CDCD1D4226BF7DEB91CDAD85CD6916C7EFF713BB671E77DD7F877C1FCFC756690469B452585151013DD4D72697CBED265BA61C52524265BE571B238B8ED12851F3F43D0EF9729C0F155460B5D269B163C623BC127FDFFF8794949411131302FDB93FE712161664E2E2823D9E4FFFDB72C6B2B1B11131312172379BADAC577679D88DEBCFF13B97BE8C441A60C081A3FA2D7D1D7DD41E078BC594424A2965BE578B299453DD06BF4FAFD2E3F9F45B7EF73607CD75476CD3783C1E8DEB5EFD14B44732EA6BEFE3E3327272523F9ED34F0F4E04D0DC22BCC2285FA7DB9043A9C4070F0FB8B9B9193A3A2A23272714EBF6B91E6AA9E1F7F3C9E2C5BBB250373727239FC78BC08103EDFE771A7FD7FD072994309DCE6F31964B8D6C58A14396C241CCCC8C1D8E4F26BFB0727242C4CCCC28212111D7D7C7DEEA89EBCEF1FF300C020273F784E0D3741D4FB7A72B24C37C361B9D069823463D0C090505262F2F4F984C2EB7A7744A096DB6535F7275AE764A797D7D7D9CE6DABEA7FDA2AA9AB9B9B931AFF7F48ECB54743A1DCC679EB8FE1CAFF211A45E27BBCC1513132394606464165451CF802AA8D9BB67292449138BC782CE29703018ACA1A141E9933D0E97E07834ACD3E1E8587AB34A7B656654B2B2B2A0828AB3D1E84E097A49153A645C75C4F537F3EFF7F97E5CDCDCBC82CAF61FAAC22B8CC5EE771331984C8DCDB8757545070F0FD8BD7BA0AA8A61BC560B1554C0E9F46230160B8DE5E5E510CFF3784FF915A7AFAF4DA49861B854B8B5B535EBD3059951F37A4FCF824DA6133F9FCF1C909080BAAEAFCB663F970BBFD7EB5CDCDC8CF37ECFFFD8FBF6BD4DC5B8F5BEDFE7DA7FD85ECA5FF75F05122E2929197C1FCFB771EDD3261D73F0B376952E171717D8434D969696A9BC4A4A4A1B3B66DC8E7541643B95EA0032BABACA3B9DCE7F87F87A3D8E47506747B0A32E14114E97F14239783C1ED8D5D529E07C363BF915A2AAAA5BD72F76E27F2BAED1E07851BA65212323228472E4C951555554A65D58D0D0B0B719A0A8A8A8A5A50500A053A1C8E38878E0C122262624A8A8885656562D57ECDFDF839751554523BC32CAA4A2A2225BA63C71714195CE6F17A55B163030209FA442A1D060B367CEB061C242464634B2B2D29C825A565604C5E2711B4F3EAEF07DAAD0E5E8D654BCBCAC03DF029347A35131C3005B5B5B91939312F1741D1F795E9F8700CDF4FCFC2C616141336FE7FCBC8D88462381D8A163D78A2BBC12A14316A14316701C0F87B82E8FCB411534F57D5F1F3D9E4F5CD2D2829A9A9A000202327BBDDEC8E5F26171B65B8DEBEBEBD1D3D302F6B16C0F3D964B1D05A5A3A3227BB5DA081C38E0F9F46A83CFE783DD7FD7CD444C4C68EFFDBD8F7B6FEFFDF8FEFE1EA3470EBBD5EA0C00F1F47A0D3DD490C9EC6691C66B95F482BBB7B7B5500D6011F5F5F5024AB7E97AB98C7D57B8FCE5049ED343ABD018EE085877DD7F8776460B252B2B0B1061675750A3A88F7FF67BBDEA347DC3A778341A881EBE92BC2A2A2A3B7575655024181818D8434D5FAFDF8692E638D37310101071B3D9CC555514F9769DFF0A22C08103381C0EFF2A1D1D1D9043A9C4E2C58BA2AAAA68A986C7CFCF183C7860A986B651DCDCBC1E821A161644E9F472805811C46A35913B66603391C843ADD603299400050515B9DC6ECE0B4FCAB87D00140E0F07B2ABC3365D942CFEDFFFFB58595919A3470E2994001C38C02B8CC6CECE686161113399CC0C007CF8143D6137CBEA75B2999B9B2B943397CBCD822AF88F4FEBDD5D0CE57B1FC3EDF693A143D6CAA75BA68CB747ED685F54B1B1B1C1C5C50600103F0AF1BE344D94396245387D61727E7E8E1554B4D3E9FCC26FB7C3003495CA6D91BD57D307627FB7DB09030333BFDFEF1B76735B54E62020305F7E2799B42B540EB7F47A3D3C3535859923B6CBD5DBDB3B7E7E6E62C4A9F2F2F241DED92E016FC69D6AEAEACA565656943ED920397D2067DEADE2C5ABC6714AFE330C64B3D1F8909494165451626673535321D06038191B1B1B5B5B6B0A1E9D32DA6DBE14B4674BAEF67C3E1F0CC261B0B1B3B3226C6C7C50D20F4DD19FCFEF165D5D4D603C16AB4521ACAC8CEBFDF61AFDBB7FE7A1961ABD7B067E9BEE8729E0EDED0D9B272ED978FA77BB8D944268FEBBEE3EF83E8F0F795A9E870060DBFAB62C944290949404C261B04B2362B5D269B367CE50261B85822A38B8B898DD8A4B474764F271B8616B6B0A8F8F8F4229145959495669247FB7DB88CDE663A2AFEBFAB079E241ABD5C24115044C4C4CC1C9C9BAB04A41F8852BDE3F289ECC6E3708600EA76464748771F67BBD2C34D950327D20B6D18DC2EC891FAE6CB2D5EA7D50585DA9DC66D97EA3FC41C2C2C200138667E409138EE170184E953D61741A67AEC074F8F8F858A65D08C86432808A8A2AAAAAD1DBDB0A1B262C606040E3FDF61BBD7B0671B0582C5EBC18989888180C0E36F0783C282D2D1DA3471EBB670E202020018E47833B9DCE2E656545433D34C22B903962808A8A0AEC7633D8BD7B93214F940B3962C4B061D27FB87BE60CEA75B2285CB8D0DEDE1E361B8D2CA2A2823F9FCF3EC22B50B861C1E3F1C064D881E2C58BF3F3F320212111DFEFFF245EBC386AC2BD67E022E7FBF50B1B260D071E1D65BA55FF20964BAD27616161B49FF7F25EA65D3AB8B8C8D57D57EDB8243F9FCF0F1B262D606060B970CA67B3C1EFEFEF1509CE1873A07FDBFE973C3C3CA0828ABDD66B0E64D129239DC68B262636EF4EAB2E2E3EB163D6000FC3F0B8BCBC2D94E3E7E7363BFA7A7846482B95E28088886CDCB994EBF6B94EC8C8C81B1B1BD9E3F9E4242C2C2C2525652D159D62ECECBC6137ABE3F83A2F94C1746A8798949405DFA776A8F1781E8F155444454595422C1C566935C22BA8DFF5BA9F42080381E0060F8713C2E2AE5FA7CB5B32DC430D4778BE6D61B3CA8282CDE6733671F0F0806F3C2B13068BEFF3F8901463C69D4FB767DE0D63B1D07D12760783C1E083CFE7839E9E9E707272024545758F51554533373754D6D6862950A1D8743242E5EBEB1A683C1688C9E462C0C4C434D44391959504828282999999B17BE601CFF3F0D8BD7B202D2D1DB0582C6CF07038505252226E6E4EA7AFAF585E5E0E155440298464D88181CC661331984C6CE6E686555555113A64CA01EBFFFBFEB0B2B202603010482984522D9E17F5BEDFF7913B6671DBFEB7D8E9FC66E3E7E774F9FC7ED1D3D302484848F3F3F340298437CFFFE332178B8D14141401030382B374CA85E9DDD04D01E18B21696969944E2F87992386B5D269AD671154513162D4B367DE020F87C300F561EEFBFABE0FEC763388830F8A8ACAD2D2D229842E2E3EC2C6C656555571E2D530343426E8E13A1D8E1E2DF3E1485B0DD589CDD05F42120062F1F078482793D18EE6CB193447385CD1EDCBA894B2B6B62473345BD83EE3D12985CE6753D1ABEC336B7C90E078344A138E9024D57D57EDF275BA8D2828383060D0C3E7F391A2B0F279BC2CA8B24FC4C2C2034444447E88FBFBFB0A20C0C8C8791B11C1E874993B66F9F7FD7F1C80B453A9ECE4D9A3422D9693303020581FCEE1F070F1F9F96AF94AE1F2F6B1D86C6CFE77BB51ABDDC6038DC6033190486C9546180B098E47835E5E5E21042222222217838911884C16585848100E87E110141474F2F2829E9E9E113A64904209178BCD266161410060FC763B502399C4C26DB603CBCBCBC3A065654557DFF7E5F1F67B8D53535391C7EBC5222A2AB8B9B9093613892C9442B163C6A3A7A764E4E4849393931187CBC591CC6E07B3D1E83CB0B080DEBD0B979797B1DBEDCEE7FFFBEE73B7DB8D979797D0B96350B8612104B9D46A0CC1E070A1DBE5CA64D8A115E65910D66D6C5E26E2EAC5ABA45E276B4F3A6B67B05073DC3FC700F4F5F585A9A9B96377E594DBDBCB3E61E2E2C22964BBD5EA57989F9F9F0FD8EB5D1F221FBE9C3366DCFB884D4D6DA2AAAAC91FE929D3FEB7FD0011E47A355CA3D9E451999D33784BA7D38191E9A9E97E9A76575E5E1E39392901050574E6DD38B6B6861E499E61E0494949489C39221F01061CBA182E93C1E8402E17A36CAB928BC5E3F1C0404848BAB64A3215562F9F17BD7B16BEBEAE23BC0278341A4CC2C282545454317AE450279BC57F881915152640B87BE60C424242838B8BE8DDBBB0B5B505B922EFFFF72A5BA61C59594937CFFFE3038FC783715C1FC767DE8D433D052E96BB37DBCEA779B45AACA5A5857030181E9A9AFAB92C1616163878E0098BC5E2838B8B7CBDDE7FC1EE77C329E4F9F47AF037CD7F3878E0E9EBEB4B3AE09C31964BCD822A5AE0783488A7E1781A66577488299492699574B1D87C422979B45A5C5151913E1F8F2EA4A4C4DAA54B3E1F8F0FC615EFF37C9FA55B862A2A3A9247ABC529D4D1D1810058B86169BBD5EA232B2B5C51519133333312161666DEBD6AEAEACA1B8DCE27F7FC9FFF4219595969259E476B4E9EB813CDA81E55552562626200C35D2D513C0A84E3F0385E55552EEAA8EAE2AC5E278B00A8AAAA2B845767678554BDB1B101652F24F845A653C111884C5776F49472379BCD00848585859B276E16905D5D6DF5F5F5506657B8D25DCAF82594029B271EDBDBCB3366CC01050524A6A686505050202A2A3A7A7A4A272F2F88C3E1E03162C4F07A3D8EDD7FD7CDC7CFCF282121012B2B2B83878754D4D4849D9D9D909A9A1A5656464115246B6B4BB16E9FEBA2AA1AFB7FEFFF919B9B0A434343E7FFF74BEE2237CD7FC3F2F2F2D026C49903111111B0B2B2327C7C4C566934B7B787E6DD8B114E97F1494C35333302434343C7CFCF7871711131984C2C944271BA5D8EE7E7E7C428C3A1A1A1A25FA7BB6174CAAD6A7E7C7C0D2AA879B3D9EC646C6C6CB1D078402613C129646D6D9DA347FECE419E3D3AD0683C2822222394816FD3F8BFAF2F1C018C4683D7E3F956555510060BC5141414F721429C39545555957C3E1FCE36ADABAB2B479E2D636363E4D9A3B02E8FFB0001FEB3EC9F555573A39A7E7A1AAB2F0401017181F8763BCDD2D2D25955254911030B0B7C7E7E2E736D09D90DF7527BDCB943BCC2A9E98A8C2597C3D937E114141428CFF5B89F5555D4D1D1913A1D8E1F05A5ABAB0B404060201C062B41EC2AD73D6DEE7B8C95CBEDE60624822A4A861DABC9ABC7C7D733373766FA75BA14BDA3F712676F6F4C4D4D8DB251A84F58E00E6065651542B1DBEDCEA45E275B6F1283C9F4FFAFEDA3C58D944209542A1DC72831DC6E3FB079E25155056E22CBFAB23CDA6DBE40CFF9391F4221CFFBF2F8F5FA6DE1E5E514C06834B0B2B20241A79D8704504961DEBD28ACAC8CD0D0D0201B85CAF5F5F5A21C21D5E27948B35A0922BCC2787F7F0F944218C1E874E1FFFDBF0F81031642E93CD92D71B36BBDD6EB87BBD7EBCD822A6A95562397C3A97DE1FE77BB8DDFE7FB84EAE2CCCCCC0B7AC41FA25DA68B3DD4545E5E2EB23B5B8C7404261C94812BDD9E9E9EE6477CE638A3FC8EB0245E5E5E68713520BEA9F0C495D45D4179D4D4D474FAFA8A00E0F1F068F3FBFDBEC8C467B3D17AE6E86361DEBD38D44397A8AAAAE077B3C961C28520282898C3E9F4931A118C4E0700201783C961C285411574C8442A2A2A876CFD6C14E1D7B19EE25E69347070403B24545454909A9A0A8F8F8F61C285F1F47A1D42F0FCFC2C646444433D14275ECD3D8003068DF6E0085C88FE314FA7851B86851B9636363600217DB65BACAAAA848C8C4CDBF2B44E29B6AFEFFB708FFFF11F5C5C6CD2BEA7FDB163D6A0A4A406C06030088083078EAAAABAA0829AB85C2E3E66DC5AD2D2C25F5F5F29943E3E2EB112555FD7F5422F97C31D1D1D99E7F5792B1C61E2E2C2151515281B85EA252D2D9B308CA7E178ACA9A9899D3B9633333341454506EBF2B82FF8743A6C656595B5B5B5423967DE1D275E3D7D7D6D87CFE793343434219482299413467B9DB477FC3FCF0FBEFE71FCFC9C6DD51C1C1C88828223946237938929784689EFF3F8CC2BAC502C1E87A2A2B2532F8ECC6633D8434D1389CC37C22BAB5CD7D7D7A25FA78BA8B5FBF3F9EC0042C6C6C6966A3AB6B6F60178BA57ABCD29343E3EBE81F9F67BCDDDBB47966AE9EBC32F2F3F41DF02CE6BEEB3804E4E4EA4ACAC389DCE6F9A0BAA57A3899D9D9D0103032284737B7B18C46A35301389CC9440EE77B350525212643A1558A5DA6543A7D3819C9C9CD1EBFDC6818989A8D9E46A71E2D5C30349AE578330180C0E2AA8111B1B2A479E0C2AA8D0DADA3A737343636B6B98919111BDBDAD23BC12425153533278784893CDEE17383828F0F8F868DEBD68C69D78FEBFEF3E7E7E4EF5F67B1D3D3D2D3060C092969674FCFC8CD0D0D0B05DAE4F5669044A4A4AC3EDF613699596A0B90AC3A77FDBFEC729A4A1A1818103668749454507F32D6D3299CC7EA2AA7A81BBB7B727C1040202134229993B66089032198C3C4A68523DCD7FD34EC0C0C0822A1A1F1F4FEFFFF72B94E0E4E4B57DB33CCDC3C3034D4D6D656D6DDCBD7BC4EBF5F232363675085F3611E976992F9472E4D9D03FC7FD5955453C0FCFE300525555D3E7FBA5307C8AB3749A4BADD6FE21DA65BA0880299424292959D1487E379BEF1B1E11119136363642B9287B8647A3C1140A0D2794C3FFF3FC080202031010060BC529249BC5FAF0763B9DE02C2964A9A653ADDE97A3478E292939A0828A155454A5DA753135350620434B4B9C429A9A9A983962BAB3FA623179C667B3B19D2C822A0AFB2DF0E177DBEDFE3667DE0CAFD7E368616101781A8E87DCDCDCD1F7F57DB8DDEE6F52565664FA75BA909A9A2A6565454048489802525252C47DC582D33A1D8E1C54515FB87C3E1F88CDE663201E078B55555551ABDDC6058E4703A4A4A4E3E7E764FE77BB81EFF3F84ECAA300795E9FC7424A4A9802919191F0F2F2125E5E4EE7FFF71B37372781CE67831A0D8E0667B3D1E8E5E50571B0585CA65D48861DC926DADADA818B8B1A5A5A4A402C16032B2B2B2016038996969622363D0321EEB7B5E7E9E999422993C1C86CC2FFF93FCF966A68EABE4FA5ABABFA4CB77E3F9F5EDADA9AC88583832394B1D66BCD00949595957A3D9EEE0587EA75B28DC172B1D87C83078E116DBE5789BC1A1212237432199C4295CA6D0710CD585DD7F575BD39D61CDDF23CD500F5F67B0D3211881C1F1F0F966A189A9AFA6DE0185F5FEC1A666E6EE8DDBB00050515BD7B061554505E5E1EBD7B16B5B5A5804623A16DE2DDBBC09D3B40A1D060A0821AA143163C1E0F7CE6DD58EE7FB7404A4A3A7D7D4D454D4D285CB8F0FEFE0E7432195C554542464654A65D18265C088888881B1B1BFF1C61C285F5F67B1DBCBCACD1C68AE5E3E382AD31D4536C92E6081F8E061C6A6F6F4F822A4AEC7633D8B963C867B3E1E0C1A3E0C1A3262E2E8C8585859D3B86B8542A0E20904C2E87AAAABAB061D292AFE7F92994B8B8B8221F87CB29C4F3F03C1E9898C81F8FCF076C3613FCF1F1310E975858684048482C5CB854ADDE674D03A85623C9C69D4B9A4DAE177FD7FD8783078E3D964B0E2063C6AD279FC79B32323221252546E874320880B452290E1E3C2AA2A2B2449D3B867432190E1E3C1AE174190F2AA83878E0D8B7E57D0C50B1EA5BA3E7BCFD381C0EFE3A1D1B1B0B1063B7D3C9AAAA18DDC97C8A4FA79363F0A5ADADDCEE7FB7FB98EC7E377CB3D9FCC70B0F20C5EE77E34E71E6DD6A95461D7FCE56ED7FD9A1BBBA35DA8F375BAB810306A5A5B5CFB07D7D4D020D86032D2D2DC0C4C464DEBD28A6A686966A28469C0800C5EE770381030639944A3CE17C1B0E4B4B4B314E9FE3A1960AAEAEAE02078381969696101212129F9F8FF6F6F650A3D9E4E3E7E70400140FC7E1E3E7E774F2F282C081039F9F9F317AE431333332B7DBED686D6D0D00F1FBFDCEE6DD9BB1700405AF73F98355A7DBC533CEBFF3C0D9131A47D1FD2ED9FE0B4710743A1D1CCA6DB69042095FAFDF16275E3C787848944E2F17A3470EDFE7FB74FAFA8A966A78F4F4841C1C1C504105180C0E062AA8A0AFEBFA78797919303020C1E67381DCDCDCB079E2703399CCE4D983050D0D0881C0604228F4394E0F00317AE4C1EBF5C2433D1442293E058E20AFAF8F411504EC763368BBD5EA1D9E02B65BAD0EEC7633BC72A524F8C74DDCFF2877DF21A4A4D40E7839353576F279BCDF71F8F898E52CD8D8D859554551A85C66134048489C3D7A64696939D7B82ABBB39A3962F9FDFD0D2AA8494B4B0B071E0D10E0E4E4C75DFA8F76F738F77F13A2AAAAE8F5F269A0820A3DD4707979093190480C8C8C8CDEDEDE317AE4717373126DBE57A8A9A919699580C9E46263B7D3C90E48BC562B0CE972982E7A359A68D3F8364C096C7275750581030623232371AFFFF55E8552BC7960675C86DD8C541D191909FC3BCE8F822A09E1B578F51C77BF45D3B96316DFDFCFC26FB7B3C815131312E279B40800C183071A1A1A515505354D5FC3A3DDE65BECDD701C0FC755550400A05E278BEFEFEF000022222250545444F3F03C0E003264C8B1B5B544861D689546C0DDF91DCA78F9F9F909D1D63DBDB74F4B4B0A03060C424242F5F5F5C02B8C67DE8D65DA85858D8D9802EFEFEF111313D38D222D2D9DCC65B3D1C8F3F3F3F0FEFE1EA55B16353525C3C7C734D5EA7D0000A8A8A8B2B6B664E4E484C2850BEDFE770A00505454048A8AEA23B0C22B20FE1B46A7E0FE0FFA9F989888C183077ECFFFF90800585858C0C2C232747444239DC61BB5DA6D0C00916E97E9434747874DD3313121401FC3F4010B0B2A7FDBFE17BEBEAE3366CCA0823A49315FAFDFD0B963301389CCF6F6F60089C4629247AB852940ABD5E2323636C556ADDBE5EAA1960AADADADB1B5B534D443A25FA7CBE169DD5032BDB9B9F92EB9281C06FB3EA3577934160BFD8E696565462961C2B5F741EE77B3CFAF251CA3ABAB4CABD5E2AF22212181AEAEBEA2AA9A5555343131F1EC732A1C422925F271B88CCBE5F200115E5E6E94022096AFE7F9C358DDF3F43D0EEB028DC66328698EB35AA4ECFF11DED4D4841C0E0FF77C150CD8D4D40400C1C9C9C8C1C111729C2F87515151F07BBDCE902E87E93366CCB0B4B4048282825C5C5C61D7F976881D3A00050515BDDE6F6C954660361389AAAA5855452194B210E008A3D7E389E3F9F45A8562A986623D960B1554D0BD7B60BDD66B4228F83A8E9F14802AA8A1ABAB2A7FB7DB081C38F3022B97C38912098C16E279B428A8825669A524F805E1D35FAFDFF76CBDC9C9C90A9357F4354D8F00193A6476B8B7B7A7F7F7F74429A40022EFE09C37372793F8040C0C8C1D3A44414191B2B2B2323636068686C6966A4918AEAAAA676F6FFCF5FA7D3162C4AFD33B3B3BA2AA9A3434347179792A2FAE2F2F4F1A1A1A5955459D9D9D04874F973EF71EB37FD7FD770C40565656A77C3B373766C69D0A061C1A5451402E17C35A5A5A08906995841D3A449C39343E3E9E699524A8A265DAA59442CCCCCC94421A9090C0DCB9431212120903033372399C9C423BCEBFE362C4896CD339393977886BB5D2EB4F90CEC59B4729249DC67B00012AA8E6677075C5F6CF72D7FAB6AD0FA6A6A63060C0A2AA1AD7D7C7601FCBF6F0FCFC0C001387CB8500A0EBFABA2FF10A8E8361EAEA8AB2AC2FCB434B4B48A9D4629779C7EFF783562B9D26F4394E0F292929C17FD3FC51A7DBC5E6DD8B221D860B2C2C2C00006BB5D2080505F5728EB44FCD4A4A4AC1EC7613BB670E81034641E208F9BF303B77F144E0E9EFF84229A5C69742292D61701E02D8FFC8FEEAC58B9420CD1F04F6EA9B27BEFC0ABE5FB5CBA8BB02C59B276E62A9964F95560994420800E6DD8BE6DD9B9FEDCD03068103164D4F0A618EF0F1087B0487CFA3FF0E64FD8F06F824F3010019EEBFBFEDD7EEDFCEBF9D8CF2B6D52F6DDF7FFDBA719012397688EFCF3F33C9484862D48CB64889096204180366405C2C11A5855BD6AA0514542C8424016102DA4BBBA59227CABB556D6D822834400D15867155285A71B4880102C4901812C548628BB5686224D79CC96E37EF9D5D4547B7C7DEC987451444942AE10000743BDE550000006080840000008400000025448494D0000000A0A1A0D074E40598"
reversed_hex_str = reverse_hex_string(hex_str)
print("倒置后的16进制字符串:", reversed_hex_str)
#运行结果
'''
89504E470D0A1A0A0000000D494844520000004800000048080600000055EDB34700001EA249444154789CED7C7B7454D5D9FE73E69CC97D4226865BB826845C2181094C2010884B17A58255176851D004438228D6D655BBAC72295ABBB4AD2016104248C2454150AA6DB5585A11C2C50466308140269098846BC84D2684849C33F3FCFE886793210917ABDFF7FDD6F25D6B2FC8D9FBECFDEE7DDEFBFBEE9100103F428F60F8DF46E0FF3AFC7840B7801F0FE816A0F4D46130186030DCDEF9B9DD6EB8DD6E00802449906559F4699A26E672B95C20BB8ABC5BF5EBA0CFEB72B9AE6F40F1DC0249B85CAEEF8CFF8D20E10716D29224796C5A92248FFE9E0E441F77B303FB9F802E14643018E076BB3167CE1CA4A4A4DCF44BE8275F5050802D5BB60000C2C2C2B068D122B8DD6E5CBD7A15CF3DF71C929292F0E4934F62D9B265387FFE7C9779264D9A84B4B434BCF2CA2BA8AEAE1638E8A01FF2ABAFBE0A0058BC783100C0CFCF0F6FBCF1067C7D7DA1AA2A0C06036A6A6AF0DA6BAF7D27FC6F5C5707766E8AA21000B76CD9429274B95CEC09F4BE2D5BB688779393933DC6984C263EFBECB324C9C9932733303090212121349BCD0C0909A12449CCCCCC24495AAD562A8A425996E9E3E34393C944A3D14859960980A5A5A53C71E2041545A1C160A0D96C667373B3C77A65656504C077DF7DF73BE17FE379F47840D9D9D9545595A1A1A1F4F2F2EAF2A2979717434343A9AA2AB3B3B33DFA4C2613D7AF5FCFF6F676AAAAEA8194A6696C6868606363232B2B2B19141444A3D1C8C0C0408F39727373C90EFE22004A92447F7F7F7A7B7B8B6746A39100F8D4534F7539A09C9C9CDBC67FFDFAF53D1E508F425A9665288A824B972E61C89021983C79B2203F83C180BD7BF7A2BABA1A8AA20841F9E8A38F8224B66DDB06B7DB0D4551B069D326689A2658A54F9F3E983E7D3A800E012B4912545585AAAA983163066459C6F6EDDB51505000A3D188679F7D16C5C5C5282828404B4B0BCC66339E78E209ECDBB70F15151578F2C927111C1C8C9C9C1C00404D4D8DC051C77FF0E0C1484D4DED11FFCE4AA53BE89682366CD820BEE0D34F3FDD853C9F7EFA69022049E6E5E511002F5EBCC88B172F529224C1A237CE1F1313435555A9AA2AEBEAEA18121222FA2E5DBAC4BABA3AC152FAFC3B77EE147F5B2C169264565696E8DFB0614397753AE3BF60C1829BE29F9B9BDB2305DD961EBC7AF52A344D435B5B1BDADADAA0691AAE5EBDDA655C6363232E5DBA049258BA7429264C98006F6F6FCC983103369B0DFDFAF51394A3280ACC6633EAEBEB71EFBDF7A2B0B0104F3CF1041213133DD4787474349E79E61900C0D6AD5BB16CD932444747232C2C0C85858500809FFFFCE770381C888989F9AFF0EF0E7A64B1EF02B22C0B32AEA8A84045450500A077EFDEB0582C484E4E466B6B2B8A8A8A0000D7AE5D437C7C3C52535361B55AE1EFEF0F3F3F3F8C1D3B56CCD9D2D222D83D313111FEFEFE2089D8D85858AD56D8ED76C8B20C5F5F5F242424C06030A0B4B4F47BDBD36D1D909F9F9F87ACD19FDD0C645986D168445B5B1B8C462300E0C30F3F444545052222220000FEFEFEB872E50A004055557CF0C107DDCEB56EDD3A3CF5D453505515A1A1A170381C00804B972E213131518C3B7BF62CFCFDFD61369B3D54FB77C15F875B1E90A228F8ECB3CF909191D145C8DD68C5760697CB2558E55FFFFA1732323260301850575727C690C4638F3D86A953A7E289279EC0B265CB84E09C3D7B36264E9C085996919A9A8A75EBD6213737174EA713EDEDEDC8C8C8C0840913909797074DD3A0280A962F5F8EAAAA2A31F77F837F67F8AFD57C4E4E0E01D0E170B0B4B4948AA2D0DFDF9F2693A93BBBA28B7D93969646A7D3C98484043166C58A155455958D8D8DC25E898F8F17FDCB972F6753539387E04D4A4A12FD7782FFCDD47C8F425A27CB3367CEE0DAB56B20E9D1AE5DBB863367CE405114F8FAFA02E850E3922441D3342C5FBE1C4EA71300F0E4934F8224060C1880D0D050389D4ECC9933072E970BCDCDCD18376E1C02030391979787AFBEFA0A8AA260E0C081501405C1C1C1484F4F87A669A8AFAF47BF7EFDE0743A71F2E449848787C3E57261FDFAF59024096BD6ACC1D1A3470174B0EF9DE2DF1D74A1319D0C3FFBEC335CBD7A55389F37FA5040071BB9DD6EECDFBF1F00D0D6D686DEBD7B233333134EA713F9F9F930180C282F2F477E7E3E1E7CF04100407E7E3E4E9D3A056F6F6FF8F9F92121210169696918387020EAEAEAA0691A3EF9E413B4B4B4E0B1C71EC3A449936030183077EE5C0080C96482A669686A6A82DBED464C4C0CD2D2D23068D020D4D7D70BFC5B5A5A603018BAB573F8AD53ABBB1A9DF7DE65ECF7D16459A6DD6E17E43E77EE5C02F0B07CCF9D3BC773E7CE89BF7BF7EECDDADA5A0F36397AF4A8C79CDD81AAAA9C3D7B3601B0B1B1D1A3EFE0C183DFCB7E3AB5AE1B05C0D75E7B8D0E87838AA2F091471EA1C3E1E091234768B3D9442B2A2AA2C3E1E092254B088023478E64525212232323B97CF972DA6C3602E0B469D3E8703878DF7DF771EAD4A9B4D96C9C32658A30D476EDDA458BC5C284840486858579E0131F1FCF3163C670FCF8F18C8989E1C30F3F4C92BC78F1228B8B8B49929F7EFA292D160BABAAAA78E2C40902E0A2458B68B3D9585858C8E2E2623A1C0E3A1C0E1E3B768C369B8D3367CEA4A228F4F6F6A6C160E8F1806E29C6354D13DA283E3E5EA86C1DCACBCBD1B76F5F582C16C1FFB1B1B188888880C56281D56A456464245455C5912347E0EFEF0F8BC582D4D454D4D7D7A3A4A4047BF7EE85DD6EC7F0E1C361341AA1280A060D1A04B3D90CBBDD2ED61A3264085A5B5B61B7DBE1E5E505455160B7DB51505000BBDD8EE6E666A1CEF5F5810ED6AFA9A981A669F0F1F1C1881123D0B76F5F005DC32FDDC16D93DB575F7DD585DC0170D6AC5924C9912347322121A1CB9875EBD611E87038C78D1B271CD82B57AE7850EEE9D3A75959594900DCB66D1B49323838588CA9ADADE5F9F3E77BC4AFBABA5AF4EBAE86A669FCF39FFF2CC68C1C399224999E9E7E5B7BEE1230D3632269696998306102B2B2B23061C204A4A5A5A1B8B818ADADAD629CD16884D56AC5850B17505E5E8E1D3B7660E8D0A13876EC18727373B17FFF7EE4E5E5212F2F0F1919192089A4A4247CF9E597003AACE48F3FFE18BB77EF467E7E3E4A4A4A3074E8506CDDBA15555555B870E102366EDC88F1E3C78BF51545C1E8D1A33D285CD74C2525252089848404545656A2A9A909AB57AF46656525F6EEDD8BD75F7F1DCDCDCD78E8A187101616863E7DFAC0ED7663EFDEBD771E0FD2BFA0A228C2D91B3B766C971326AF3BAB269389A9A9A924C9B4B434026053531357AD5A454551A8280A939292E8743A79EDDA356A9A4692C20ED9B3670FAF5CB942925CB060010130202080CF3FFF3C4972D0A0411C3A7468B7829B24636363191111E1B1FEB973E7841D9592924249920880AB56AD12EF6DDAB4A9473BA8C7035ABF7E3D555525003EFCF0C3545595DF7CF30D9D4E2749F299679E1163F580576363232F5FBE4CB7DBCDD6D656D6D4D4303C3CDCC33BD75B4E4E0E49B27FFFFEF4F1F1A1A2280C0C0CE43DF7DCD32586A4C3C89123098066B3999224312020401C727B7BBB18A7AA2AE7CC9923D6D23F7054549478663018181A1A4A927CEFBDF77A3CA09B0A695996316FDE3CA4A4A4409665F4EAD50B0D0D0DC8CFCF476969290C0603D2D3D3D1B76F5FE4E7E7E3FEFBEF87D96C86DBED868F8F0F82838371EEDC39848787233535152421CB32DADBDB11191989B6B636343737A3ADAD0D8AA2C0E974A2B1B1118AA2E0C081033875EA94303C5D2E17A64E9D8A9898186CDFBE1DC9C9C9183D7A3456AD5A8551A346212525053B77EE0449CC98310353A64C81B7B7374822303010D9D9D9983A75AAB0A9F6ECD983CACA4AE4E4E4083BEEB6EC20FD14F3F2F23CBE9EA66974BBDDDCB76F9F18EBE3E34392DCBA75AB87106F6B6BA3A6696C6C6C2400CE9F3FBF5B8AB87AF52A7D7D7DC5BAB22C73CC9831D4348D3366CCE8F2352B2A2A78E1C205CAB2CC8F3FFE98648792983973264932282888C1C1C15DD6C9CFCF17EFEBF0FCF3CF774BD9B764314992284912434343397EFC78D6D7D7D3E572D1ED7693245B5B5B595656C6A3478FF28B2FBE6054541433333369B3D9989A9ACA871E7AC803B9D2D252AE58B1825151512C2E2E16C1B2975F7E99D1D1D13C79F2245F7DF555211BE2E3E34992F5F5F52C2D2DA5CD66E3E2C58BA9280AABAAAAE87038088003060C604A4A0A6D361BDF7AEB2DC6C5C5F11FFFF807BFFEFA6B92E44B2FBDC4C8C848AAAACAB56BD7120063636369B15868B1587AF413EF88C5800E6FD8603008D3DCE57241D334444646C2CFCF0F24D1A74F1F582C16F8F8F8A0A9A90945454542B30407074396E52EE91B7D1E41C6DFC678A2A2A2448C475114582C169C3871020070E4C811A1394F9E3C89828202582C169C3B770EAAAA8A79344D83DBED16368E6EA71D3B764C8CEBDFBF3F860F1F0E00A8AFAF474D4D4D9714D54D594C0F9AEB02531786E5E5E5420BE8CF3A836EC7746EE9E9E9DDB21849C1624047C8B5B32BE2E5E5454DD3B86AD52AF14CA7B0CCCCCC2EAE48BF7EFDD8BB77EF1ED79A3C79326559A6A228DCBE7DBB78BE6DDBB63B17D29DC39E24613018F0FBDFFF1E478E1C812449F0F7F7872CCB2290A53B84972E5D12C12A5F5F5FAC58B1020D0D0DC8CACA82DBED1694054078D97A14202B2B0B43860C415E5E1ED6AF5F8F2FBFFC1224F1939FFC04EBD6ADC32BAFBC22E65055152E970BF3E6CD13827CD1A245902449D85C3ADEFAFF4F9C3821F6B572E54AECDEBD1B2451565606E00E85F48A152BD8D4D4C4F6F676217F3ADB41AB57AF667373337D7C7CBA9CBAD168A4A22842606EDEBC59C8B7EED6D37DA2CE14B260C102060404B0BABA5A50F1E8D1A3191D1D4D5555F98B5FFC824141411E739D3C7952C8A89E9A2CCB349BCDB7257FD09D90D637E2E7E7C7B0B03011945255952D2D2DDCB3678F1817101040F2BAA1A7E7A93A375555F9CE3BEF1000BFF8E20B3A9D4E363636D2E974B2BABADA63ECF1E3C75955554593C924127F4141415CB060015555659F3E7D3864C810C1F2FAFB8F3DF6184932222282C3860DA3D3E914ECEF743AD9D6D646921C316204870D1BC6C6C646CE9D3B978AA2D0C7C7E7A6DAAC4716BB7AF52A1A1A1A3C824C7E7E7EE8D5AB172449C2C4891311171787FCFC7C34343420333353C4941F79E411B8DD6E787B7B439665C4C7C7232B2B0B11111130994C620D2F2F2F3CF7DC7322EEB47FFF7E343434A0B9B919FFFEF7BFA1AA2ABEF9E61BB4B6B6425114646565A1A9A909D9D9D9484D4D45787838B2B2B210121282FCFC7CDC7DF7DDE8D3A70F4C26130E1E3C88F2F272A4A7A7A3A2A202050505686A6A42505010CC6633BCBDBDE172B92049528FACD52D8B7566055F5F5FD6D5D50961E672B95858584800DCB97327494F6775C488111C356A548F42F256101B1BDB455876767548B2AAAA8A00B872E5CA2EAE8AAEE25555E5830F3E48A0C315D2D53C00262626525555E18ADC318BE9E4B674E9529695959124FFF9CF7F72ECD8B1ACAEAEA6DBED66616121333333191515C5B2B232AE5DBB96168B8500181D1D4D925CBA7429A3A2A268B55AF9C73FFE516CF0F8F1E3B45AAD4C4A4AE2F8F1E3191515C5A54B979224C78D1B47599629499288477566A1871E7A8843870EA5A228DCB46913C90EA3B4BEBE9E0E8783F7DC730FA74F9F4E923C77EE1CF7EDDBC7B8B8382E5CB8900E8783616161C29BAFA9A9E1810307585A5ACAA54B977AECBD73BB69E250D334D8ED767CF1C517387CF8303EFFFC73949595C16AB5A27FFFFE229B505B5B0BBBDD8EB8B838242424C06EB78B046251519188F75CB972054EA713454545282C2CC4A1438720CB32EAEBEB61B7DB71F9F2655123A46BAB8484040C1F3E5CB829BAC63A71E2048E1C39E281ABC16010F12293C9849494940E16E994E1686B6B83DD6E47505010929393E1E5E57567A9E79E9A9E19183D7AB48733D999154E9D3AC553A74E1100DF7BEF3D929EF19CAAAA2AD6D4D488BFCD6633C9EBF122F1D5BE8DF0F9F9F98975AE5DBB46922C2E2E16E3BCBDBD495E77369B9A9A585F5F4F007CF3CD37050B76B6A3F4B672E54ABA5CAE2E62E5C6D66D01956E511A8D46AC5EBD1A070E1CC0A64D9B4012168B05369B0D797979D8BD7B37EEBFFF7EECDEBD1B797979B0DBED080B0BC38E1D3B70E6CC195CBC7811393939484E4E467A7A3A6C361B2449C2983163909B9B8BA2A2225CBE7C19353535D8B76F1F5E7FFD755456560A3CBCBCBC306BD62C4C993205B367CF060014161662DCB87190240946A311E9E9E9282F2F474141011E78E00184858561C48811983871222222224012E5E5E53874E890B0816459C6840913306CD8306CDDBA15BB77EFC6C68D1B6F2F1EA49FA69F9F1F070F1EECF1850203033969D2243A9D4ECE9A354B08C1F7DF7F9F66B399478E1C11B1978C8C0C02A0BFBFBF88E7444444302C2C4CF42B8AC2CB972F0B2A193F7E3C0D0603838282D8AB572FDE75D75D4209E831A443870E09C7B633CEBA1D3576EC58921D3EE38DB54337426B6B2B498ABCDE1DC583744391BC6EE81D397284870F1F26002124F50DDC985DD0B5841E3FD2E1E8D1A31E8E624343035D2E175555656C6C2CE3E2E248922D2D2DACA8A8F038883367CEF0EBAFBFEE165F003C78F020ED763B4D261315451176DA962D5B68329978F2E44996969612B81E10D40DDD9E58AC473B28303010414141D8B871233EFFFC734892043F3F3F848484203D3D1DE7CF9F477E7E3E66CF9E8D7BEFBD1766B3197FFDEB5F71E9D225489284010306202B2B0BEFBFFFBE10AC46A311555555686E6EC6C489133166CC18188D464892044551E0E5E585FAFA7AE4E6E62225250583070FC6C2850BD1D2D202B7DB8D0F3FFC106EB71B99999928282840595919344D434C4C0C264E9C8861C386A1BEBE5E2423478D1A0592686D6D45737333545515F857545420272707E9E9E9387EFC380E1C38706721D70D1B36D0ED767BF4D96C3641098F3FFEB86031B2C3F6080F0F1763376EDC2828AC3B16D6EB8774D034CD23B5BC7AF5EA2E2C3178F0600E18308024F9AB5FFD8AB22C539665C1C224595454444551F8E1871F8A677AFD5049498978A6471C49F2A38F3EBA7316CBCECE26D951D2565252C2C2C2424E9F3E9DB1B1B18C8C8CE49B6FBE499BCDC68888082E59B2846487A7AFB3637E7E3E49D2CBCB8B0F3CF0006D361BE3E2E2BAE4FE636262B86CD932921D46E0B66DDBA8280AC3C3C379EFBDF70A3781EC9051FEFEFE1C3B76AC079B060606D262B1F0FCF9F3428BDE75D75D8C8B8BA3D56AE52F7FF94B16161672DAB46902FF55AB56D1E170D062B1B05FBF7E220E76DB2CA683CBE542FFFEFD111212023F3F3FB85C2E188D460C1F3E1C168B05B22CE3FCF9F3282A2AC2D8B163E1EDED0D8BC5822B57AEC06EB78BF72D160B4C2693B049F41239B7DB8D3367CEA0A8A808269309B22C43D334545656E2ECD9B33874E810020202E076BBE1743AD1D2D282C3870F63E0C08188898981CBE5C2850B1760B7DBB16FDF3E040606C262B1A0BDBD1DAAAAA2A8A80823468C80D56A858F8F8F470CEA76A14716D359E481071EE831904E766831002C2C2C14CF3AE79D66CD9AD58505D7AE5D2BC6EAF198CE2CD81D6B02D723059D43C2DBB76F17784746467AE0068073E6CCE982F3EDB2588F14A40BAB9C9C1CC4C4C44051142C5DBA142E970BAFBEFA2A366EDC88BD7BF7429665949595419224F8F8F8A0B6B6168B172F467474B4A8DD898B8B83A22858B16205EC763B962D5B2632B40B162C404949092449C26BAFBD060078E9A597F0F8E38FE3EEBBEF862449D8BB77AF879DE272B9D0DEDE0E9278EEB9E760B7DBA1691A7EF7BBDFA16FDFBEC8CACA1254BA61C306D4D5D561FEFCF91DD4F02D05C7C6C6223B3B1B0B162CC0F1E3C76FEAB4764B41EBD6AD23D9E1A0B6B5B5B1B1B19183060D1235353766261545614949098F1D3B46C033EFA4176CBA5C2EDAED7602D793029DE349656565ACAEAEA6D96CF610E29DED142F2F2F9A4C26E6E7E7B3BDBD5DBC6B3299585353C3D3A74F7BE045B24B9972E7F50302026E45B53767B1FEFDFB33303090BD7BF726703D75DB19D6AC5943003C7BF62CCF9E3D4B4551E8E7E72716D78354269349D443EB1FA0F30100605C5C1C1B1B1B45F586DE747BC86AB57AAC6D341A396FDE3CF1B75EC0D5DDBEF4F88FA228DCBC793349B2B9B9992B57AEBC7316D3418FC700C0CC993311161686ECEC6CC8B20C83C1004992E0743A91959585BFFFFDEFC249D5633CBA2B70F0E04100D78BACF4B0ECE6CD9B515050004992306DDA348C19330666B31953A64C118508274F9E446161A128E1CBCDCD156B689A0687C381FCFC7C689A86AAAA2AB85C2E4C9A3409D1D1D1A2FFE0C18330180C22A0FFD9679F415555CC9D3B17010101373D836E2968FDFAF5D4348D8181814205565757B3A2A2A2CB29EBE188A143877A3CD743AEDBB76FF7F88A3A0575761601B0B2B252B0646778F7DD778580EE810DBA343DE9405ECF8B75D7C89BA79E7BA4205F5F5F1106D0055B7B7BBB284F59B66C1966CE9C094DD3D0A74F1F00C0AE5DBBE0743AE1EFEF8FDFFEF6B7F8DBDFFE86C4C444DC7DF7DD387EFC38A64F9F0E83C180AD5BB7223A3A5A50D1B469D3F0C61B6F203D3D1DBEBEBED8B56B17162F5E8CEDDBB723202000A9A9A9282D2DC5F4E9D3F1F5D75F435114BCF8E28B78F0C10761341A61341A21CBB2A87D361A8D18326488D8CBCF7EF633141616C2CFCF4FDC0078F9E597F1D1471F21393919B5B5B5003C13153A743920FD30CACBCB456D8E5E0DAAD70FEAE3F4B1172E5C406565A528C92D2B2B436464242C160BEC763B060D1A244AF902030361B55A71F6EC59141717C36AB5222A2A4AAC23CB325455157938FDFDCE75D2656565888A8A426262221C0E87883E8C1A350A00505A5A8A8A8A0A917B0B0D0D85D56A455555159C4E27482232321256AB15870E1DEAB2F72E67F27DB5AAAA2A519FB363C70E925D5D8DE1C38793241F79E41141E23A0B74760574E8D3A78F78F7ECD9B3ACABAB2300AE59B3461457E8CD66B3B1A4A4A4CB9A696969D4348D717171E259673B0F37D1623DDE177BFCF1C7919292E22150F57FF5ACE58DF7AD7EFDEB5F8B5CD4DB6FBF8DFFFCE73FC8CDCDC5BE7DFBB079F366BCFAEAAB080909C1FCF9F3316AD428FCF4A73F1599503DBE535B5B8B458B16894AD4FAFA7A519FF4873FFC015E5E5ED8B06103264F9E0C4551B065CB16A8AA0AB7DB8DF0F0705457578BDCD8C489133177EE5CC8B22CAAF16FAC28CBCDCDC5E79F7FFE3F735F4C57C546A35194A790E48E1D3BA8280A2B2B2B456656B7A43BA7858E1E3DCA43870E79E0D3399E141A1ACA81030792EC287CB83194429276BB9D8AA208FC1545614646064932313151CCBB72E54A112FFAC1EF8BE976CCD1A34745BCE84F7FFA139B9B9BA9AA2ADF7AEBAD6EC9D7D7D797A467EA5727F5356BD690A4477A7BE2C489F4F2F262505090C0D364328960D9B163C73C42B27A7BF4D1473D0E487F372020C003FF1FECBE98AEED7C7D7D11121282CCCC4C2427270BFB62F4E8D1C8CCCC142C69341A85C6D8B46913F6ECD903499270DF7DF7A177EFDE30180CB87CF932727373052BBB5C2E9C3F7F1E9AA6E19B6FBE41727232A2A3A3919B9B8BF0F0704C9A3409BD7AF5822CCB22CD0D40E4F0F43DE9F3252727233E3EFEB6AE23744B41DFE5BED8E1C3873DC67457DC70637FE7B54F9F3E2DFAF4FB60DD354992B875EB5692A424495CB870E14DD7D1D7D2AF3A180C06A144C8EB79B31FFCBED88D976775CADAB97327121313111B1B2B6C27BDFFF4E9D3282E2E466161217EF39BDF2031311149494978FFFDF721CB326C361B962D5B064551F0C9279FE0D34F3F15821DE8B832B175EB56242525C16AB562DEBC79627D4DD310151585254B964096657CFCF1C778F7DD77E176BB317FFE7C6196DC58DADC19BED7FB6224D1DCDC8CE3C78F8B9AA0C4C4449C3F7F1E76BB1D43870E15245D515181C6C646040606A27FFFFEE8DDBB374E9F3E8D92921200C0E0C18361B15860B158505E5E2E36A2B34E7979B9B877D6D0D0808686060010F5490044695F5D5D9DA8AD36994CB0582CA2B2E4B6F685EF89C56A6B6B79E6CC1931979EB7FAE0830F28CB328F1F3F2EDED7AB5881EBAE4AE7DB3AEFBCF30EC90E2DB762C58A9BB29BC160E8963DF4F5F5D434008E1933A6CB5E6EC662DFCB7D31FD4B2C5CB850D834FAF38C8C0C9C3A754A08E5DADA5A2C59B204FBF7EF87AFAF2FDE7EFB6DD4D5D521232303A74F9F465858185E7CF1454C9A3449AC7FDF7DF7C1C7C7073E3E3EA8ACAC14F7E7F535F86D26F695575E812449E25EBD979717AE5CB982949414646767E38D37DE404D4D0DE6CD9B0797CB056F6F6FAC5DBBF69682FABF56F3DDC55BBA6B870E1D62414181F83B303090E4753B0400C78D1B47B22393DAD8D8C8C6C6468F12DFA2A2226122984C261142D1D33A656565E2F9A0418378E9D225F16E7272B2073E3E3E3EB754F33D1ED09D188ABAB75D595929EEADE35B1B85BCEE4A040707B357AF5E341A8D34180C0C0E0EF6D07423468C604C4C0C49F285175EA0D96CA6D96CE60B2FBC40B2A384CECFCF4F7C40D253535AAD569138EC0EE2E3E345DEAD33DCCC50ECF1BED8AE5DBBC47DABDBF9690700D8B66D9B8747ACAAAAB8920074DC8A06AEA7B6DBDADAF097BFFC0501010130180C686A6A82A669C8CECEC6810307D0D4D404003870E000B2B3B371EAD429A13DF7EFDF2F2E11EBF85557578324727373050EFA55054992C45D32BDFF46FCBB73337EF01F37F158EC0E7FB0A4BBF13D55A2FE50D0E3017D979F97E9E9E76B6EF6F3339D0564E7E282CEEF74F7F339DDE1D7F9FDEEA0A7FEFFD59FC7F9FF1D7EFC05AA5BC08F07740BF8F1806E01FF0FCF9E8411257B39320000000049454E44AE426082
'''

然后得到一个新图片,是张二维码,扫描后得到flag

moectf{Fri3nds_d0n’t_lie!}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

ctfer2077①

题目描述:

某天晚上,你在通宵速通荒坂大楼,然后你猝死了(

再睁眼你发现你坐在一辆车中,正在被公司的人追杀,正当你不知道怎么办时,脑海里突然出现一道声音"欢迎来到ctfer2077,请开始解决你的第一题",说着你的脑子连入了一张图片

注:flag格式:moectf{[\da-z-]+}

题解:

给了张二维码,扫描后得到Do you want to get the flag?Please enjoy the video:BV1hThreMEyT,没发现什么用处,后来使用zsteg秒了,得到flag为

moectf{84d7f247-3cba-4077-ba25-079f3ac7bb8a}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

捂住一只耳

题目描述:

一只手捂住耳朵 另一只手搓得键盘生火 不小心按到了caps键

flag 形式以moectf{}包裹提交

题解:

键盘坐标解密,根据音频中的数字,找到对应键盘上的坐标,即可得到flag

63 31 43 31 41 52 31 51 71 101 对应 nevergetup

则flag为 moectf{nevergetup}

每人至少300份

题目描述:

npm本在愉快地度过暑假,然而天降300份社会实践问卷必须完成,与朋友们互帮互助同时,他的手机被黑阔小子盯上了,发出去的二维码被大切四块,打乱顺序,npm在手机中终于找到了侵入程序的编码,然deadline就在眼前,快来帮他恢复一下吧!

题解:

#加密脚本    
def self_encoding(input_text):
    code_setting_first="doanythingfryuienbcjklmqpsw"
    encoded_text=" "
    for x in input_text:
        if x in code_setting_first:
            if ord(x) < 104 :
                num = ord(x) + 19
                x = chr(num)
                encoded_text += x + " "
            elif ord(x) > 115:
                num = ord(x) - 19
                x = chr(num)
                encoded_text += x + " "
            elif 104 <= ord(x) <= 115:
                num = 219 - ord(x)
                x = chr(num)
                encoded_text += x + " "

    number_setting = "0123456789"
    for i in range(len(input_text)):
        if input_text[i] in number_setting:
            if i != len(input_text) -1:
                x = int(input_text[i]) ^ int(input_text[i+1])
                encoded_text += str(x) + " "
            elif i == len(input_text) - 1:
                encoded_text += input_text[-1]
    return encoded_text

def reverse_encoding(input_text):
    output_text = input_text[::-1]
    return output_text

"main函数看个大概流程奥 uu们"

if __name__=="__main__":
    input_text = "balabalabala"
    print(reverse_encoding(self_encoding(input_text)))

先根据加密脚本,写出解密脚本如下

#解密脚本
def decode(input_text):
    code_setting_first = "fdbahijklmnopqrszyxwvut"
    input_text1=""
    decode_text=""
    for x in input_text:
        if x==" ":
            continue
        else:
            input_text1+=x
    input_text=input_text1
    print(input_text)
    for x in input_text:
        if x in code_setting_first:
            if ord(x)> 115:
                num = ord(x) - 19
                x = chr(num)
                # print(num,x)
                decode_text += x
            elif ord(x) <103:
                num = ord(x) + 19
                x = chr(num)
                decode_text += x
                # print(num, x)
            else:
                num = 219 - ord(x)
                x = chr(num)
                decode_text += x
                # print(num, x)
    number_setting = "0123456789"
    for i in range(len(input_text)):
        if input_text[i] in number_setting:
            if i != 0:
                x = int(input_text[i]) ^ int(decode_text[-1])
                decode_text+= str(x)
            elif i == 0:
                decode_text += input_text[0]
    return decode_text

def reverse_encoding(input_text):
    output_text = input_text[::-1]
    return output_text

if __name__=="__main__":
    miwen=""
    print(reverse_encoding(decode(miwen)))

得到二维码的排列方式

735dliahiry-firstrow147

651dliwmIvxh-secondrow236

9131dliwirsa-thirdrow589(最后一个的数字是手算的)

拼图后扫描得到balabalballablblablbalablbalballbase58lblblblblllblblblblbalblbdjshjshduieyrfdrpieuufghdjhgfjhdsgfsjhdgfhjdsghjgfdshjgfhjdgfhgdh///key{3FgQG9ZFteHzw7W42}??

base58解密后得到flag

moectf{we1rd_qrc0d3}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

the_secret_of_snowball

题目描述:

啊哦,captain rabbit被抓走了,最后留下的下机密就在图片里,怎么打不开,是被家宠破坏了吗,复仇计划无法进行?no way!想尽办法恢复图片,找到前一半flag,前往下水道王国 。

captain rabbit留下的最后一张图片,会有后一部分遗言?(老大不会game over的(确信),快找找吧!

flag模式 moectf{机密~}

题解:

将jpg图片放入010查看,发现其开头不符合jpg文件开头的格式,将FF D6修改为FF D8

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

打开图片即可发现 {Welc0me_t0_the_sec

又在末尾处发现一串base64字符 cmV0X2xpZmVfMGZfTWlzYyE=

解密后得到 ret_life_0f_Misc!

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

则flag为 moectf{Welc0me_t0_the_secret_life_0f_Misc!}

我的图层在你之上

题目描述:

一片漆黑,你能看出其中的奥秘吗

flag格式:moectf{[\da-z-]+}

题解:

将pdf转为svg矢量图,然后进行图层分离(https://c.p2hp.com/more/svgeditor/#google_vignette),即可得到key:p_w_d

解压后得到一串caesar密码

zbrpgs{q751894o-rr0n-47qq-85q4-r92q0443921s}

解密后得到flag为 moectf{d751894b-ee0a-47dd-85d4-e92d0443921f} 向右偏移了13位

解不完的压缩包

题目描述:

玩过俄罗斯套娃吗,就和那一样,不过最后有一点小惊喜哦,加油吧

题解:

#递归解压压缩包,不过后面是我自己手动弄的
import zipfile
import os


def extract_nested_zip(zip_file_path, extract_path, level=1, max_level=999):
    """
    递归解压缩包含压缩文件的压缩包,直到达到指定的层数。

    :param zip_file_path: 初始压缩包文件路径
    :param extract_path: 解压的目标路径
    :param level: 当前解压缩层级
    :param max_level: 最大解压缩层数
    """
    if level > max_level:
        print(f"达到最大解压层级:{max_level}")
        return

    with zipfile.ZipFile(zip_file_path, 'r') as zip_ref:
        current_extract_path = os.path.join(extract_path, f"level_{level}")
        os.makedirs(current_extract_path, exist_ok=True)
        zip_ref.extractall(current_extract_path)
        print(f"第 {level} 层解压完成。")

    # 在解压缩目录中查找下一个压缩包文件
    for root, _, files in os.walk(current_extract_path):
        for file in files:
            if file.endswith('.zip'):
                next_zip_file = os.path.join(root, file)
                # 递归调用解压缩函数
                extract_nested_zip(next_zip_file, extract_path, level + 1, max_level)
                return  # 只解压缩一个找到的压缩包


# 使用示例
initial_zip = './999.zip'  # 替换为你的初始压缩包路径
output_dir = ('./')  # 替换为解压后的输出路径

os.makedirs(output_dir, exist_ok=True)
extract_nested_zip(initial_zip, output_dir)

得到cccccccrc.zip

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

一眼crc爆破,直接删除flag.txt后爆破秒出,不然速度很慢,密码为:*m:#P7j0

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

使用密码解压后得到flag为 moectf{af9c688e-e0b9-4900-879c-672b44c550ea}

ctfer2077②

题目描述:

为了拯救T-bug和杰克,你不得不和某个联觉信标被更改的系统达成合作,它帮你改写剧情,而你帮它拿到一个关键的key。“key在这个加密卷里,我只知道密码是’法治富强自由富强和谐平等和谐平等法治法治和谐富强法治文明公正自由’,他宝贝的,只能靠你自己解密了。” 请将得到的flag以moectf{}包裹提交

题解:

首先根据题目描述拿到加密卷的密码

法治富强自由富强和谐平等和谐平等法治法治和谐富强法治文明公正自由 解密后得到:p@55w0rd

接着使用VeraCrypt对文件进行挂载得到加密卷,发现里面只有一个文件flag?.txt,没什么用处,然后查看挂载盘的属性,发现其文件系统为NTFS

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

我们尝试使用工具NtfsStreamsEditor2对该磁盘进行搜索可疑数据流,可以得到一个新的txt文件A!_flag?.txt!小鹤.txt

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

新的txt文件内容如下(这里的密文是小鹤双拼输入法):

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

ulpb vfde hfyz yisi buuima
key jqui xxmm vedrhx de qrpb xnxp
ulpb ui veyh dazide
ulpb vfde hfyz yisi buuima(双拼真的很有意思不是吗)
key jqui xxmm vedrhx de qrpb xnxp(key 就是下面这段话的全拼小写)
ulpb ui veyh dazide(shuangpinshizheyangdazide双拼是这样打字的)

最后可得flag为 moectf{shuangpinshizheyangdazide}

小小套娃

题目描述:

简单套娃 轻松拿下

题解:

题目给了一个加密的7z压缩包和一张图片,经过测试发现图片为IDAT隐写,使用binwalk -e进行分离可得到新的png文件(634D4为其16进制数值)

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

新的文件是张二维码,扫描后可以得到key:874jfy37yf37y7

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

解压后得到whereisthekey.txt和flag.7z(加密的,需要key)

观察后发现txt文件为零宽隐写,我们使用https://yuanfux.github.io/zero-width-web/解密后可以得到

idon’tknowmaybeits:dhufhduh48589

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

再次解压flag.7z后可以得到flag.txt,内容为新佛曰

新佛曰:諸隸閦僧降吽諸閦陀摩隸僧蜜念蜜劫哆咤若嘚閦嘇缽隸所羅閦劫諸諦若心菩咒閦即所空摩僧閦彌尊羅彌所眾若彌吽尊色訶閦空空閦摩即閦嚤蜜色嚴空即斯訶彌色空嚴嚴色陀閦阿降如如囑囑

使用在线网站http://hi.pcmoe.net/buddha.html解密后得到:弗拉格是{sfdh8334r784jfx_sdjjuhreubc}

则flag为 moectf{sfdh8334r784jfx_sdjjuhreubc}

拼图羔手

题目描述:

拼图羔手申请出战!“Just do it!” flag格式以moectf{}包裹提交

enjoy it!

题解:

首先是拼二维码,然后扫一下得到

balabalbalablbalblablbalabala//nihaopintugaoshou//encoded flag{71517ysd%ryxsc!usv@ucy*wqosy*qxl&sxl*sbys^wb$syqwp$ysyw!qpw@hs}

#encode加密脚本
from base64 import b64encode as be
def self_encoding(input_text):
    code_setting_first="doanythigfruebcjklmqpswvxz"
    code_setting_sec="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    number_setting = "0123456789"
    encoded_text=" "
    for x in input_text:
        if x in code_setting_first:
            if ord(x) < 104 :
                num = ord(x) + 19
            elif ord(x) > 115:
                num = ord(x) - 19
            elif 104 <= ord(x) <= 115:
                num = 219 - ord(x)
            encoded_text += chr(num) + " "        

        elif x in code_setting_sec:
            if 64 < ord(x) < 72:
                num = ord(x) + 7  
            elif 71 < ord(x) < 79:
                num = ord (x) - 7 
            elif 78 < ord(x) < 82:
                num = ord(x) + 9 
            elif 87 < ord(x) < 91:
                num = ord(x) - 9 
            elif 81 < ord(x) < 88:
                num = 168 - ord(x) 
            encoded_text += chr(num) + " "
        
        elif x not in number_setting:
            encoded_text += x

    for i in range(len(input_text)):
        if input_text[i] in number_setting:
            if i != len(input_text) -1:
                x = int(input_text[i]) ^ int(input_text[i+1])
                encoded_text += str(x) + " "
            elif i == len(input_text) - 1:
                encoded_text += input_text[-1]
    return encoded_text

def reverse_encoding(input_text):
    output_text = input_text[::-1]
    return output_text

def strange_character_hint(key):
    key = self_encoding(reverse_encoding(key))
    res="".join((key).split(" "))
    print(be(res.encode('utf-8')))

"""enjoy the revenge!"""

if __name__=="__main__":
    input_text = "idon'tknow"
    key="don'tknoweither"
    print("".join((reverse_encoding(self_encoding(input_text))).split(" ")))
    strange_character_hint(key)

    #strange_character_hint(key)$output:b'eGl4c2R4bmxVbVhpeHVuYkdzYXJkZnRhVWl4YXZ0aXRzSnh6bXRpYVU='

根据加密脚本逆向写出解密脚本如下

from base64 import b64decode as be


def self_decoding(input_text):
    code_setting_first = "doanythigfruebcjklmqpswvxz"
    code_setting_sec = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    number_setting = "0123456789"
    decoded_text = " "
    for x in input_text:

        if ord(x) - 19 < 104 and chr(ord(x) - 19) in code_setting_first:
            decoded_text += chr(ord(x) - 19) + " "
        if ord(x) + 19 > 115 and chr(ord(x) + 19) in code_setting_first:
            decoded_text += chr(ord(x) + 19) + " "
        if 104 <= 219 - ord(x) <= 115 and chr(219 - ord(x)) in code_setting_first:
            decoded_text += chr(219 - ord(x)) + " "

        if 64 < ord(x) - 7 < 72 and chr(ord(x) - 7) in code_setting_sec:
            decoded_text += chr(ord(x) - 7) + " "
        if 71 < ord(x) + 7 < 79 and chr(ord(x) + 7) in code_setting_sec:
            decoded_text += chr(ord(x) + 7) + " "
        if 78 < ord(x) - 9 < 82 and chr(ord(x) - 9) in code_setting_sec:
            decoded_text += chr(ord(x) - 9) + " "
        if 87 < ord(x) + 9 < 91 and chr(ord(x) + 9) in code_setting_sec:
            decoded_text += chr(ord(x) + 9) + " "
        if 81 < 168 - ord(x) < 88 and chr(168 - ord(x)) in code_setting_sec:
            decoded_text += chr(168 - ord(x)) + " "

        if x not in number_setting and x not in code_setting_first and x not in code_setting_sec:
            decoded_text += x
    return decoded_text


def reverse_decoding(input_text):
    output_text = input_text[::-1]
    return output_text


def strange_character_hint(key):
    key = be(key)
    key = self_decoding(key.decode('utf-8'))
    res = "".join((key).split(" "))
    print(reverse_decoding(res))


strange_character_hint(b'eGl4c2R4bmxVbVhpeHVuYkdzYXJkZnRhVWl4YXZ0aXRzSnh6bXRpYVU=')
key = reverse_decoding("ysd%ryxsc!usv@ucy*wqosy*qxl&sxl*sbys^wb$syqwp$ysyw!qpw@hs")
print("".join(self_decoding(key).split(" ")))
#StrangeCharacterStaywithNumberOnSomewhere
#hs@dkj!dfhf$kdjfh$ud^hfuh*oeh&oej*fhljd*fvb@chb!vhefi%whf
# hs@dkj!dfhf$kdjfh$ud^hfuh*oeh&oej*fhljd*fvb@chb!vhefi%whf52367
# 定义替换规则
replacement_dict = {
    '!': '1',
    '@': '2',
    '$': '4',
    '%': '5',
    '^': '6',
    '&': '7',
    '*': '8',
}

# 替换函数
def replace_symbols(text):
    for symbol, number in replacement_dict.items():
        text = text.replace(symbol, number)
    return text

# 输入示例
input_text = "hs@dkj!dfhf$kdjfh$ud^hfuh*oeh&oej*fhljd*fvb@chb!vhefi%whf52367"

# 调用替换函数
output_text = replace_symbols(input_text)

# 输出结果
print(output_text)

可得flag为 moectf{hs2dkj1dfhf4kdjfh4ud6hfuh8oeh7oej8fhljd8fvb2chb1vhefi5whf52367}

ctfer2077③

题目描述:

终于到最后一章了,干爆亚当·重锤,想不出文案了,开摆

狡猾的出题人因为不想让你们做出来,将附件上传到了服务器上,不过还好有Alt帮你获取了这段流量,接下来,就靠你自己了

注:请将最终结果以_分离并包上moectf{}提交

题解:

首先查看http流,发现其上传了东西,追踪http流看一下

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

发现PK字样,上传了一个secret.zip,导出后解压得到

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

将gif分帧查看发现第三十帧得到key:C5EZFsC6,用得到的key去解密MP3音频文件

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

解密后得到

+++++ +++[- >++++ ++++< ]>+++ +++++ .<+++ +[->- ---<] >---. <++++ +++[-
>++++ +++<] >+.<+ ++++[ ->--- --<]> ----- -.<++ +[->+ ++<]> +++++ +.<++
+[->- --<]> -.<++ ++[-> ----< ]>--- -.<++ ++++[ ->+++ +++<] >++++ +.<

brainfuck解密(https://www.splitbrain.org/services/ook)后得到新的key:H5gHWM9b

解压flag.zip后得到三个内容都是01的txt文件,直接将1画成黑色,0画成白色,得到三张图片(跳舞的小人)

from PIL import Image

def txt_to_image(input_file, output_file):
    # 读取文本文件
    with open(input_file, 'r') as f:
        lines = f.readlines()

    # 获取图像的宽度和高度
    width = len(lines[0].strip())
    height = len(lines)

    # 创建一个新的RGB图像
    image = Image.new('RGB', (width, height), "white")
    pixels = image.load()

    # 将文本中的字符映射到图像像素
    for y, line in enumerate(lines):
        for x, char in enumerate(line.strip()):
            if char == '1':
                pixels[x, y] = (0, 0, 0)  # 黑色
            elif char == '0':
                pixels[x, y] = (255, 255, 255)  # 白色

    # 保存图像文件
    image.save(output_file)
    print(f"图像已保存为 {output_file}")

# 用法
input_file = 'input.txt'  # 输入的txt文件路径
output_file = 'output_image.png'  # 输出图像的文件名称
txt_to_image(input_file, output_file)

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

对照密码表得到flag为 moectf{PEOPLE_DANCING_HAPPILY}

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

ez_usbpcap

题目描述:

npm本在欢快地玩游戏,键盘声敲得和奏乐一样,隔壁大黑阔偷偷把usb接口换了一下,终于找到了npm奏乐如此动人的原因!

题解:

首先打开流量包flag.pacpng,发现其为usb流量,仔细观察可以发现为键盘流量

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

然后使用过滤器筛选出有用的键盘流量(source为2.1.1的流量)

usb.src==2.1.1

将筛选后的流量另存为新的流量包test.pacpng,接着我们使用pcap2text对其进行解密

#!/usr/bin/env python
# coding:utf-8
import argparse
import os
from tempfile import NamedTemporaryFile

BOOT_KEYBOARD_MAP = {
    0x00: (None, None),                         # Reserved (no event indicated)
    0x01: ('', ''),                             # ErrorRollOver
    0x02: ('', ''),                             # POSTFail
    0x03: ('', ''),                             # ErrorUndefined
    0x04: ('a', 'A'),                           # a
    0x05: ('b', 'B'),                           # b
    0x06: ('c', 'C'),                           # c
    0x07: ('d', 'D'),                           # d
    0x08: ('e', 'E'),                           # e
    0x09: ('f', 'F'),                           # f
    0x0a: ('g', 'G'),                           # g
    0x0b: ('h', 'H'),                           # h
    0x0c: ('i', 'I'),                           # i
    0x0d: ('j', 'J'),                           # j
    0x0e: ('k', 'K'),                           # k
    0x0f: ('l', 'L'),                           # l
    0x10: ('m', 'M'),                           # m
    0x11: ('n', 'N'),                           # n
    0x12: ('o', 'O'),                           # o
    0x13: ('p', 'P'),                           # p
    0x14: ('q', 'Q'),                           # q
    0x15: ('r', 'R'),                           # r
    0x16: ('s', 'S'),                           # s
    0x17: ('t', 'T'),                           # t
    0x18: ('u', 'U'),                           # u
    0x19: ('v', 'V'),                           # v
    0x1a: ('w', 'W'),                           # w
    0x1b: ('x', 'X'),                           # x
    0x1c: ('y', 'Y'),                           # y
    0x1d: ('z', 'Z'),                           # z
    0x1e: ('1', '!'),                           # 1
    0x1f: ('2', '@'),                           # 2
    0x20: ('3', '#'),                           # 3
    0x21: ('4', '$'),                           # 4
    0x22: ('5', '%'),                           # 5
    0x23: ('6', '^'),                           # 6
    0x24: ('7', '&'),                           # 7
    0x25: ('8', '*'),                           # 8
    0x26: ('9', '('),                           # 9
    0x27: ('0', ')'),                           # 0
    0x28: ('\n', '\n'),                         # Return (ENTER)
    0x29: ('[ESC]', '[ESC]'),                   # Escape
    0x2a: ('\b', '\b'),                         # Backspace
    0x2b: ('\t', '\t'),                         # Tab
    0x2c: (' ', ' '),                           # Spacebar
    0x2d: ('-', '_'),                           # -
    0x2e: ('=', '+'),                           # =
    0x2f: ('[', '{'),                           # [
    0x30: (']', '}'),                           # ]
    0x31: ('\\', '|'),                          # \
    0x32: ('', ''),                             # Non-US # and ~
    0x33: (';', ':'),                           # ;
    0x34: ('\'', '"'),                          # '
    0x35: ('`', '~'),                           # `
    0x36: (',', '<'),                           # ,
    0x37: ('.', '>'),                           # .
    0x38: ('/', '?'),                           # /
    0x39: ('[CAPSLOCK]', '[CAPSLOCK]'),         # Caps Lock
    0x3a: ('[F1]', '[F1]'),                     # F1
    0x3b: ('[F2]', '[F2]'),                     # F2
    0x3c: ('[F3]', '[F3]'),                     # F3
    0x3d: ('[F4]', '[F4]'),                     # F4
    0x3e: ('[F5]', '[F5]'),                     # F5
    0x3f: ('[F6]', '[F6]'),                     # F6
    0x40: ('[F7]', '[F7]'),                     # F7
    0x41: ('[F8]', '[F8]'),                     # F8
    0x42: ('[F9]', '[F9]'),                     # F9
    0x43: ('[F10]', '[F10]'),                   # F10
    0x44: ('[F11]', '[F11]'),                   # F11
    0x45: ('[F12]', '[F12]'),                   # F12
    0x46: ('[PRINTSCREEN]', '[PRINTSCREEN]'),   # Print Screen
    0x47: ('[SCROLLLOCK]', '[SCROLLLOCK]'),     # Scroll Lock
    0x48: ('[PAUSE]', '[PAUSE]'),               # Pause
    0x49: ('[INSERT]', '[INSERT]'),             # Insert
    0x4a: ('[HOME]', '[HOME]'),                 # Home
    0x4b: ('[PAGEUP]', '[PAGEUP]'),             # Page Up
    0x4c: ('[DELETE]', '[DELETE]'),             # Delete Forward
    0x4d: ('[END]', '[END]'),                   # End
    0x4e: ('[PAGEDOWN]', '[PAGEDOWN]'),         # Page Down
    0x4f: ('[RIGHTARROW]', '[RIGHTARROW]'),     # Right Arrow
    0x50: ('[LEFTARROW]', '[LEFTARROW]'),       # Left Arrow
    0x51: ('[DOWNARROW]', '[DOWNARROW]'),       # Down Arrow
    0x52: ('[UPARROW]', '[UPARROW]'),           # Up Arrow
    0x53: ('[NUMLOCK]', '[NUMLOCK]'),           # Num Lock
    0x54: ('[KEYPADSLASH]', '/'),               # Keypad /
    0x55: ('[KEYPADASTERISK]', '*'),            # Keypad *
    0x56: ('[KEYPADMINUS]', '-'),               # Keypad -
    0x57: ('[KEYPADPLUS]', '+'),                # Keypad +
    0x58: ('[KEYPADENTER]', '[KEYPADENTER]'),   # Keypad ENTER
    0x59: ('[KEYPAD1]', '1'),                   # Keypad 1 and End
    0x5a: ('[KEYPAD2]', '2'),                   # Keypad 2 and Down Arrow
    0x5b: ('[KEYPAD3]', '3'),                   # Keypad 3 and PageDn
    0x5c: ('[KEYPAD4]', '4'),                   # Keypad 4 and Left Arrow
    0x5d: ('[KEYPAD5]', '5'),                   # Keypad 5
    0x5e: ('[KEYPAD6]', '6'),                   # Keypad 6 and Right Arrow
    0x5f: ('[KEYPAD7]', '7'),                   # Keypad 7 and Home
    0x60: ('[KEYPAD8]', '8'),                   # Keypad 8 and Up Arrow
    0x61: ('[KEYPAD9]', '9'),                   # Keypad 9 and Page Up
    0x62: ('[KEYPAD0]', '0'),                   # Keypad 0 and Insert
    0x63: ('[KEYPADPERIOD]', '.'),              # Keypad . and Delete
    0x64: ('', ''),                             # Non-US \ and |
    0x65: ('', ''),                             # Application
    0x66: ('', ''),                             # Power
    0x67: ('[KEYPADEQUALS]', '='),              # Keypad =
    0x68: ('[F13]', '[F13]'),                   # F13
    0x69: ('[F14]', '[F14]'),                   # F14
    0x6a: ('[F15]', '[F15]'),                   # F15
    0x6b: ('[F16]', '[F16]'),                   # F16
    0x6c: ('[F17]', '[F17]'),                   # F17
    0x6d: ('[F18]', '[F18]'),                   # F18
    0x6e: ('[F19]', '[F19]'),                   # F19
    0x6f: ('[F20]', '[F20]'),                   # F20
    0x70: ('[F21]', '[F21]'),                   # F21
    0x71: ('[F22]', '[F22]'),                   # F22
    0x72: ('[F23]', '[F23]'),                   # F23
    0x73: ('[F24]', '[F24]'),                   # F24
    0x74: ('', ''),                             # Execute
    0x75: ('', ''),                             # Help
    0x76: ('', ''),                             # Menu
    0x77: ('', ''),                             # Select
    0x78: ('', ''),                             # Stop
    0x79: ('', ''),                             # Again
    0x7a: ('', ''),                             # Undo
    0x7b: ('', ''),                             # Cut
    0x7c: ('', ''),                             # Copy
    0x7d: ('', ''),                             # Paste
    0x7e: ('', ''),                             # Find
    0x7f: ('', ''),                             # Mute
    0x80: ('', ''),                             # Volume Up
    0x81: ('', ''),                             # Volume Down
    0x82: ('', ''),                             # Locking Caps Lock
    0x83: ('', ''),                             # Locking Num Lock
    0x84: ('', ''),                             # Locking Scroll Lock
    0x85: ('', ''),                             # Keypad Comma
    0x86: ('', ''),                             # Keypad Equal Sign
    0x87: ('', ''),                             # International1
    0x88: ('', ''),                             # International2
    0x89: ('', ''),                             # International3
    0x8a: ('', ''),                             # International4
    0x8b: ('', ''),                             # International5
    0x8c: ('', ''),                             # International6
    0x8d: ('', ''),                             # International7
    0x8e: ('', ''),                             # International8
    0x8f: ('', ''),                             # International9
    0x90: ('', ''),                             # LANG1
    0x91: ('', ''),                             # LANG2
    0x92: ('', ''),                             # LANG3
    0x93: ('', ''),                             # LANG4
    0x94: ('', ''),                             # LANG5
    0x95: ('', ''),                             # LANG6
    0x96: ('', ''),                             # LANG7
    0x97: ('', ''),                             # LANG8
    0x98: ('', ''),                             # LANG9
    0x99: ('', ''),                             # Alternate Erase
    0x9a: ('', ''),                             # SysReq/Attention
    0x9b: ('', ''),                             # Cancel
    0x9c: ('', ''),                             # Clear
    0x9d: ('', ''),                             # Prior
    0x9e: ('', ''),                             # Return
    0x9f: ('', ''),                             # Separator
    0xa0: ('', ''),                             # Out
    0xa1: ('', ''),                             # Oper
    0xa2: ('', ''),                             # Clear/Again
    0xa3: ('', ''),                             # CrSel/Props
    0xa4: ('', ''),                             # ExSel
    0xa5: ('', ''),                             # Reserved
    0xa6: ('', ''),                             # Reserved
    0xa7: ('', ''),                             # Reserved
    0xa8: ('', ''),                             # Reserved
    0xa9: ('', ''),                             # Reserved
    0xaa: ('', ''),                             # Reserved
    0xab: ('', ''),                             # Reserved
    0xac: ('', ''),                             # Reserved
    0xad: ('', ''),                             # Reserved
    0xae: ('', ''),                             # Reserved
    0xaf: ('', ''),                             # Reserved
    0xb0: ('', ''),                             # Keypad 00
    0xb1: ('', ''),                             # Keypad 000
    0xb2: ('', ''),                             # Thousands Separator
    0xb3: ('', ''),                             # Decimal Separator
    0xb4: ('', ''),                             # Currency Unit
    0xb5: ('', ''),                             # Currency Sub-unit
    0xb6: ('', ''),                             # Keypad (
    0xb7: ('', ''),                             # Keypad )
    0xb8: ('', ''),                             # Keypad {
    0xb9: ('', ''),                             # Keypad }
    0xba: ('', ''),                             # Keypad Tab
    0xbb: ('', ''),                             # Keypad Backspace
    0xbc: ('', ''),                             # Keypad A
    0xbd: ('', ''),                             # Keypad B
    0xbe: ('', ''),                             # Keypad C
    0xbf: ('', ''),                             # Keypad D
    0xc0: ('', ''),                             # Keypad E
    0xc1: ('', ''),                             # Keypad F
    0xc2: ('', ''),                             # Keypad XOR
    0xc3: ('', ''),                             # Keypad ^
    0xc4: ('', ''),                             # Keypad %
    0xc5: ('', ''),                             # Keypad <
    0xc6: ('', ''),                             # Keypad >
    0xc7: ('', ''),                             # Keypad &
    0xc8: ('', ''),                             # Keypad &&
    0xc9: ('', ''),                             # Keypad |
    0xca: ('', ''),                             # Keypad ||
    0xcb: ('', ''),                             # Keypad :
    0xcc: ('', ''),                             # Keypad #
    0xcd: ('', ''),                             # Keypad Space
    0xce: ('', ''),                             # Keypad @
    0xcf: ('', ''),                             # Keypad !
    0xd0: ('', ''),                             # Keypad Memory Store
    0xd1: ('', ''),                             # Keypad Memory Recall
    0xd2: ('', ''),                             # Keypad Memory Clear
    0xd3: ('', ''),                             # Keypad Memory Add
    0xd4: ('', ''),                             # Keypad Memory Subtract
    0xd5: ('', ''),                             # Keypad Memory Multiply
    0xd6: ('', ''),                             # Keypad Memory Divide
    0xd7: ('', ''),                             # Keypad +/-
    0xd8: ('', ''),                             # Keypad Clear
    0xd9: ('', ''),                             # Keypad Clear Entry
    0xda: ('', ''),                             # Keypad Binary
    0xdb: ('', ''),                             # Keypad Octal
    0xdc: ('', ''),                             # Keypad Decimal
    0xdd: ('', ''),                             # Keypad Hexadecimal
    0xde: ('', ''),                             # Reserved
    0xdf: ('', ''),                             # Reserved
    0xe0: ('', ''),                             # Left Control
    0xe1: ('', ''),                             # Left Shift
    0xe2: ('', ''),                             # Left Alt
    0xe3: ('', ''),                             # Left GUI
    0xe4: ('', ''),                             # Right Control
    0xe5: ('', ''),                             # Right Shift
    0xe6: ('', ''),                             # Right Alt
    0xe7: ('', ''),                             # Right GUI
}


def parse_boot_keyboard_report(data: bytearray):
    # 数据解析
    modifiers = data[0]  # 修改键字节
    keys = data[2:8]      # 键码字节

    # 将修改键字节中的位解码为按键修饰符
    ctrl = (modifiers & 0x11) != 0
    shift = (modifiers & 0x22) != 0
    alt = (modifiers & 0x44) != 0
    gui = (modifiers & 0x88) != 0

    # 解析键码字节并将其映射为字符
    characters = []
    for key in keys:
        if key != 0:
            # 键码不为0则查询映射表
            if key in BOOT_KEYBOARD_MAP:
                characters.append(BOOT_KEYBOARD_MAP[key][shift])
            else:
                characters.append(None)
    return (ctrl, shift, alt, gui, characters)


def help_formatter(prog):
    return argparse.HelpFormatter(prog, max_help_position=40)


def main():
    # 解析命令行参数
    parser = argparse.ArgumentParser(
        description='Parse keyboard report data and output as text', formatter_class=help_formatter)
    parser.add_argument('pcapng_file', help='path to the pcapng file')
    args = parser.parse_args()

    # 通过tshark解析pcapng文件,获取键盘数据包
    tmpfile = NamedTemporaryFile(delete=False)
    tmpfile.close()

    command = "tshark -r %s -T fields -e usbhid.data -e usb.capdata > %s" % (
        args.pcapng_file, tmpfile.name)
    os.system(command)

    with open(tmpfile.name, 'r') as f:
        lines = f.readlines()

    os.unlink(tmpfile.name)

    # 解析键盘数据包,获取输入字符
    text = ""
    last_characters_count = {}
    repeat_limit = 2
    for line in lines:
        capdata = line.strip().replace(':', '')
        if capdata:
            data = bytearray.fromhex(capdata)
            characters = parse_boot_keyboard_report(data)[-1]
            if not characters:
                last_characters_count = {}
            else:
                for character in characters:
                    if character:
                        last_characters_count = {character: count for character,
                                                count in last_characters_count.items() if character in characters}
                        if character in last_characters_count:
                            last_characters_count[character] += 1
                            if last_characters_count[character] <= repeat_limit:
                                continue
                        else:
                            last_characters_count[character] = 1
                        text += character
        else:
            pass

    raw_text = repr(text)
    print(f'Raw output:\n{raw_text}')
    print(f'Text output:\n{text}')


if __name__ == "__main__":
    main()

解密后得到

[KEYPAD6]d[KEYPAD6]f[KEYPAD6][KEYPAD5][KEYPAD6][KEYPAD3][KEYPAD7][KEYPAD4][KEYPAD6][KEYPAD6][KEYPAD7]b[KEYPAD6]e[KEYPAD3][KEYPAD1][KEYPAD6][KEYPAD8][KEYPAD6][KEYPAD1][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD7][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD9][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD5][KEYPAD6][KEYPAD4][KEYPAD6][KEYPAD9][KEYPAD6][KEYPAD1][KEYPAD6]e[KEYPAD6]c[KEYPAD3][KEYPAD3][KEYPAD3][KEYPAD2][KEYPAD3][KEYPAD4][KEYPAD3][KEYPAD5][KEYPAD3][KEYPAD1][KEYPAD7]d

然后写个替换脚本如下

replacement_dict = {
    '[KEYPAD0]': '0',
    '[KEYPAD1]': '1',
    '[KEYPAD2]': '2',
    '[KEYPAD3]': '3',
    '[KEYPAD4]': '4',
    '[KEYPAD5]': '5',
    '[KEYPAD6]': '6',
    '[KEYPAD7]': '7',
    '[KEYPAD8]': '8',
    '[KEYPAD9]': '9',
}

# 替换函数
def replace_symbols(text):
    for symbol, number in replacement_dict.items():
        text = text.replace(symbol, number)
    return text

# 输入示例
input_text = "[KEYPAD6]d[KEYPAD6]f[KEYPAD6][KEYPAD5][KEYPAD6][KEYPAD3][KEYPAD7][KEYPAD4][KEYPAD6][KEYPAD6][KEYPAD7]b[KEYPAD6]e[KEYPAD3][KEYPAD1][KEYPAD6][KEYPAD8][KEYPAD6][KEYPAD1][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD7][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD9][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD5][KEYPAD6][KEYPAD4][KEYPAD6][KEYPAD9][KEYPAD6][KEYPAD1][KEYPAD6]e[KEYPAD6]c[KEYPAD3][KEYPAD3][KEYPAD3][KEYPAD2][KEYPAD3][KEYPAD4][KEYPAD3][KEYPAD5][KEYPAD3][KEYPAD1][KEYPAD7]d"

# 调用替换函数
output_text = replace_symbols(input_text)

# 输出结果
print(output_text)

#6d6f656374667b6e3168613077307930756469616e6c33323435317d

将得到的字符进行base16解密后得到flag

moectf{n1ha0w0y0udianl32451}
替换脚本如下

replacement_dict = {
    '[KEYPAD0]': '0',
    '[KEYPAD1]': '1',
    '[KEYPAD2]': '2',
    '[KEYPAD3]': '3',
    '[KEYPAD4]': '4',
    '[KEYPAD5]': '5',
    '[KEYPAD6]': '6',
    '[KEYPAD7]': '7',
    '[KEYPAD8]': '8',
    '[KEYPAD9]': '9',
}

# 替换函数
def replace_symbols(text):
    for symbol, number in replacement_dict.items():
        text = text.replace(symbol, number)
    return text

# 输入示例
input_text = "[KEYPAD6]d[KEYPAD6]f[KEYPAD6][KEYPAD5][KEYPAD6][KEYPAD3][KEYPAD7][KEYPAD4][KEYPAD6][KEYPAD6][KEYPAD7]b[KEYPAD6]e[KEYPAD3][KEYPAD1][KEYPAD6][KEYPAD8][KEYPAD6][KEYPAD1][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD7][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD9][KEYPAD3][KEYPAD0][KEYPAD7][KEYPAD5][KEYPAD6][KEYPAD4][KEYPAD6][KEYPAD9][KEYPAD6][KEYPAD1][KEYPAD6]e[KEYPAD6]c[KEYPAD3][KEYPAD3][KEYPAD3][KEYPAD2][KEYPAD3][KEYPAD4][KEYPAD3][KEYPAD5][KEYPAD3][KEYPAD1][KEYPAD7]d"

# 调用替换函数
output_text = replace_symbols(input_text)

# 输出结果
print(output_text)

#6d6f656374667b6e3168613077307930756469616e6c33323435317d

将得到的字符进行base16解密后得到flag

moectf{n1ha0w0y0udianl32451}

点赞(0) 打赏

评论列表 共有 0 条评论

暂无评论

微信公众账号

微信扫一扫加关注

发表
评论
返回
顶部