Bohemian

NewStarCTF 2023 公开赛道 WEEK2REVERSEWEEK2|REVERSE PZthon 下载文件，看起来像是py文件，py文件的话拖ida是不行的，至于为什么不行，我也不知道，大佬说的， 拖到ida里，也不行，太多东西了。 https://github.com/extremecoders-re/pyinstxtractor 可以使用这个python exe 反编译工具进行反编译， python3 .\pyinstxtractor.py...

压缩包大师很简单的压缩包套娃，密码是压缩包的密码python脚本whindows,但是解压很慢 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139import zipfileimport osimport py7zrimport rarfile#a = py7zr.SevenZipFile(r'e:\test.7z','r')count=0 # now =...

NewStarCTF 2023 公开赛道 WEEK1webWEEK1|WEB 泄漏的秘密http://cd98ca4d-7c72-4499-9cb1-010764aa19de.node4.buuoj.cn:81/robots.txt http://cd98ca4d-7c72-4499-9cb1-010764aa19de.node4.buuoj.cn:81/www.zipPART ONE: flag{r0bots_1s_s0_us3ful$PART_TWO = “_4nd_www.zip_1s_s0_d4ng3rous}"; WEEK1|WEB Begin of Upload前端拦截 WEEK1|WEB Begin of HTTPhttp://node4.buuoj.cn:29356/?ctf=1base64_decode(bjN3c3Q0ckNURjIwMjNnMDAwMDBk改一下cookie WEEK1|WEB...

1234567891011121314151617181920212223242526272829import  osimport  timeimport pyautogui as pagtry:    while True:        print("Press Ctrl-C to end")        screenWidth, screenHeight = pag.size()  #获取屏幕的尺寸        print(screenWidth,screenHeight)        x,y = pag.position()   #获取当前鼠标的位置        posStr = "Position:" + str(x).rjust(4)+','+str(y).rjust(4)        print(posStr)        time.sleep(0.2)        os.system('cls')   #清楚屏幕except KeyboardInterrupt:   ...

没了tcp.flags.syn==1 and tcp.flags.ack==1 1234567891011121314151617181920212223242526 from Crypto.Cipher import AESimport zlibkey = b'748007e861908c03'hex_string = 'b5c1fadbb7e28da08572486d8e6933a84c5144463f178b352c5bda71cff4e8ffe919f0f115a528ebfc4a79b03aea0e31cb22d460ada998c7657d4d0f1be71ffa'byte_data = bytes.fromhex(hex_string) cipher = AES.new(key, AES.MODE_ECB)decrypted_data = cipher.decrypt(byte_data) s = zlib.decompress(decrypted_data,16 + zlib.MAX_WBITS)sa=...

webR2D2提示robot机器人，直接访问robots.txt即可 Space Traveler前端验证，直接右键源代码， 1var...

[鹤城杯 2021]流量分析开局拿到一个流量包，是流量分析，经典老题， 一个一个数显然太慢了，抄的脚本， 123456789101112131415161718192021222324252627282930313233# strings timu.pcapng| grep flag > a.txt#在kali中，将带有flag的字符提出来import ref = open("D:\\vscodework\\ctf\\tjctf\\a.txt","rb")#读取a.txtst = f.read().decode("utf-8","ignore")##GET /ctf/Less-5/?id=1'%20and%20ascii(substr((select%20flag%20from%20t),1,1))=33--+ HTTP/1.1lis = re.findall(",([0-9]*),1\)\)=([0-9]*)",st)#获取 位数和字符数aa =...

...