冰蝎4,爆破
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
from Crypto.Cipher import AES
from Crypto.Util.Padding import unpad
import base64
import hashlib
def decrypt_aes_ecb(ciphertext, key):
    cipher = AES.new(key.encode(), AES.MODE_ECB)
    decrypted_bytes = cipher.decrypt(base64.b64decode(ciphertext))
    decrypted_text = unpad(decrypted_bytes, AES.block_size).decode('utf-8')
    return decrypted_text
 
def read_from_file(file_path):
    with open(file_path, 'r') as file:
        return file.read()
 
def read_key_from_file(key_path):
    with open(key_path, 'r') as key_file:
        keys = key_file.read().splitlines()
    return keys
 
if __name__ == "__main__":
    # 从文件中读取密文和密钥
    ciphertext_path = "D:\\vscodework\\ctf\\5space\\cip.txt"  # 替换为实际的文件路径
    key_path = "D:\\vscodework\\ctf\\5space\\pass.txt"  # 替换为实际的密钥文件路径



    ciphertext = read_from_file(ciphertext_path)
    #print(ciphertext)
    ciphertext = read_from_file(ciphertext_path)
    keys = read_key_from_file(key_path)

    # keys = read_key_from_file(key_path)

    
    decryption_success = False
 
    #尝试每个密钥进行解密
    for key in keys:
        try:
            mima = key.strip()
            key = hashlib.md5(mima.encode("utf-8")).hexdigest()
            key = key[0:16]
            decrypted_text = decrypt_aes_ecb(ciphertext, key)
            print(f"Decrypted Text with Key {key}:{mima}")
            print(decrypted_text)
            if "success" in decrypted_text:
                decryption_success = True
                print("Decryption successful. Stopping further attempts.")
                break  # 解密成功并包含"success",停止尝试其他密钥
            break
        except Exception as e:
            print(f"Decryption with Key {key} failed: {str(e)}")
 
    if not decryption_success:
        print("Decryption unsuccessful with all keys.")

# wireshark
#$mode="ZG93bmxvYWRQYXJ0";$mode=base64_decode($mode);$path="QzovVXNlcnMvQWRtaW5pc3RyYXRvci9EZXNrdG9wL3Byb2plY3RzL3Byb2plY3Quemlw";$path=base64_decode($path);$hash="";$blockIndex="MA==";$blockIndex=base64_decode($blockIndex);$blockSize="MTA0ODU3Ng==";$blockSize=base64_decode($blockSize);$content="";$charset="";$newpath="";$createTimeStamp="";$accessTimeStamp="";$modifyTimeStamp="";
#main($mode,$path,$hash,$blockIndex,$blockSize,$content,$charset,$newpath,$createTimeStamp,$accessTimeStamp,$modifyTimeStamp);'

解文件名

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

import json
import base64

def decode_base64_json(input_json):
    try:
        # 解析 JSON 输入
        json_data = json.loads(input_json)

        # 对每个对象的值进行 Base64 解码
        decoded_json = []
        for obj in json_data:
            decoded_obj = {}
            for key, value in obj.items():
                if isinstance(value, str):
                    try:
                        decoded_value = base64.b64decode(value).decode('utf-8')
                        decoded_obj[key] = decoded_value
                    except:
                        # 如果解码失败,则保留原始值
                        decoded_obj[key] = value
                else:
                    decoded_obj[key] = value
            decoded_json.append(decoded_obj)

        return decoded_json
    except json.JSONDecodeError as e:
        return [{"error": "Invalid JSON format"}]

if __name__ == "__main__":
    # 提示用户输入 JSON 数组字符串
    input_json = input("请输入JSON数组字符串:")

    # 调用函数进行解码并打印结果
    decoded_json = decode_base64_json(input_json)
    print("解码后的JSON内容:")
    print(json.dumps(decoded_json, indent=4))
sql log
1
2
3
4
5
6
7
8
9
10
11
12
import re
f = open("D:\\vscodework\\ctf\\2023新生赛\\week2\\access.log",encoding = "utf-8")
f = f.readlines()
lists = {}
for i in f:
    s = re.findall("1\)\)=(.*),sl",i)
    num = re.findall("0user\),(.*?),1\)",i)
    # lists[num[0]] = s[0]
    # print(lists)
    lists[int(num[0])]= str(s[0])
for e in list(lists.values()):
    print(chr(int(e)),end='')