其他分享
首页 > 其他分享> > XuntCTF2021 wp

XuntCTF2021 wp

作者:互联网

本来准备OCT7th写结果在返校路上耗了一天。。

Web

[1]外星人

直接查看页面源代码。

flag{e15180e0fff28a468387957d06ae0713}

[2]view_source

小冯学长老是喜欢拿鼠标右键打开点开检查看一些看不懂的东西,今天他的右键突然坏了!!!

Ctrl+U。

flag{0e394d6005f54b97670138518ad1f353}

[3]一个不能按的按钮 

<h3>按下按钮获得flag</h3>

<form action="" method="post">

<input disabled="" class="btn btn-default" style="height:50px;width:200px;" type="submit" value="flag" name="auth">

</form>

</body></html>

 删掉disabled=""

flag{fa966345577ba81af19408f203db968f}

[4]ezsy_request

猪猪侠今天去上计网课,但是一不小心睡着了,隐约听到了老师说什么请求方式,甘特,剖斯特!!!

也就是get和post。

 flag{We1c0me_T0_xiyoUn1t!}

[5]夹心饼干

cookies

[6]一起来玩呀!

 

 /f1Ag.php?score=10000

flag{T3trI5_i5_i^t3ri^g}

[7]扫黑行动

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Document</title>
</head>
<body>
    <p>Where is flag?</p>
    <!--flag is in /.git-->
</body>
</html>

在python2下使用GitHack:

 

 

打开获得flag:

flag{4aad2a8f-8fe6-475c-821d-fbe436c40691} 

[8]争分夺秒的黑客

burpsuite,代理,爆破,重发

flag{978badf22af155cabc8584e4210811d1}

[9]寻物启事

检查发现hint:

命令:python dirsearch.py -u URL -e extension

因为安装了python2和3所以命令:

python3 dirsearch.py -u http://2727a0c3-9084-4c93-9b95-618660431128.node.xuntctf.top:8080/ -e extension

/123.php

flag{Armageddon_cannon_is_here} 

[10]小姐姐来学HTTP`(*>﹏<*)′

一道头题

按照bp可见的提示一步一步做得到flag

[11]花式绕过

参考了这个

?ctf=paste${IFS}fla?.php

flag{486781b7368effbbda3c87c04296650b}

Crypto

[1]base16*4

base64

flag{soooooo_easyyyyyyy!}

[2]ezsy_Caesar!

凯撒密码,位移11位

flag{Casesarrrrr_ezzzzz_so_oo!}

[3]new_base64

#include<bits/stdc++.h>
using namespace std;
char a[64]={'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q',
'r','s','t','u','v','w','x','y','z','A','B','C','D','E','F','G','H','I','J','K',
'L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3','4',
'5','6','7','8','9','{','}'};
int b[38]={5, 11, 0, 6, 62, 61, 57, 0, 53, 56,
        56, 58, 0, 59, 53, 54, 52, 4, 56, 0,
		 5, 57, 2, 52, 2, 60, 60, 59, 60, 0,
		  1, 1, 59, 4, 58, 3, 54, 63};
int main(){
	for(int i=0;i<38;i++)
	    printf("%c",a[b[i]]);
	return 0;
}

flag{95a1446a7120e4af5c0c8878abb7e6d2}

[4]Railfence Cipher

栅栏密码,key=4

flag{d8cf1d5e-413c-432e-ba7b-893f57dbf54b}

[5]Pig!

猪圈密码

flag{xiyounetyyds}

[6]Caesar_Primary!

位移9位,大小写互换

flag{We1c0me_t0_tHe_WoRld_oF_CryPtOgrAphy}

[7]what is 阿斯口码?

ascii码

flag{08aaf7b5d3bf1979c1fd183517cecb23}

[8]Caesar_Plusss!

写个c++一跑顺利出flag。

[9]解方程

解方程。

[10]number_so_longggggg!

#include<bits/stdc++.h>
using namespace std;
const double e=2.718281828459045;
double cip[38]={8.387472968915334e+38, 1.429361922489721e+87, 1.4825364951968168e+70, 1.5742397835595065e+70, 3.8182864609133486e+28, 7.685490443573144e+68, 5459.815003314423, 2.5057549181615482e+20, 2.782460365186798e+78, 9.732697697074454e+45,
 1.888273106770144e+23, 6.912158655486207e+53, 2.552668139525435e+65, 2.0586638771777868e+36, 488736078.62793255, 2.9012762935556714e+49, 152.22378239370653, 2.959659758678102e+72, 4.306597977221508e+83, 10177939690299.602,
 1.1892590228281937e+51, 4.2432225078284057e+27, 7.612864571104453e+16, 4.874223703151913e+43, 3.332833918246933e+74, 4.607186634331275e+30, 1.3709397423262218e+45, 3.385567443583169e+64, 6.298340227994489e+52, 2.3370349567878094e+86,
 2.6182098793941887e+63, 1.7911398206275525e+86, 405154.196378769, 4.0485660085792305e+80, 7.0167359120976145e+22, 9.345998205225964e+22, 1.3658353890530412e+67, 50428.59918659188};
int  rnd[38]={85, 196, 157, 157, 61, 154, 4, 43, 176, 102, 49, 120, 146, 79, 16, 110, 1, 163, 188, 26, 113, 59, 35, 96, 167, 66, 100, 144, 117, 195, 142, 194, 9, 181, 48, 49, 150, 6};
int main(){
	for(int i=0;i<38;i++)
	    printf("%.0lf,",cip[i]/pow(e,rnd[i]));
	return 0;
}

flag{ed5f1c5de7180a4de0ccd3ba08d2dd1b}

标签:38,59,int,53,flag,Caesar,XuntCTF2021,wp
来源: https://blog.csdn.net/Usashi/article/details/120606557