🚩flag{5BC925649CB0188F52E617D70929191C}

1from PIL import Image2 3def create_image_from_rgb_file(file_path, width, height):4    with open(file_path, 'r') as file:5        lines = file.readlines()6 7    rgb_values = [tuple(map(int, line.strip().split(','))) for line in lines]8 9    image = Image.new('RGB', (width, height))10 11    pixels = []12    for i in range(height):13        for j in range(width):14            index = i * width + j15            if index < len(rgb_values):16                pixels.append(rgb_values[index])17            else:18                pixels.append((0, 0, 0))19 20    image.putdata(pixels)21 22    image.save('output.png')23    print("图像已保存为 output.png")24 25if __name__ == "__main__":26    width = int(input("请输入图像边长1: "))27    height = int(input("请输入图像边长2: "))28 29    with open('1.txt', 'r') as file:30        line_count = sum(1 for _ in file)31 32    create_image_from_rgb_file('1.txt', width, height)

🚩flag{youc@n'tseeme}

🚩flag{y0ud1any1s1}

🚩SYC{Hei_hei_hei}

1flags = ['11111111010111101111', '11111011111110111111', '00001100101010110001', '01001010010000001101', '11010011011101010111', '10011011011010110110', '00111001101101111101'] # 按顺序存到列表里2 3for i in range(0, 20):4    flag = ''5    for j in range(0, 7):6        flag += flags[j][i] # 提取每一列的二进制位，将其组合成一个新的二进制字符串7    print(chr(int(flag, 2)), end='') # 将该二进制字符串转换为对应的 ASCII 字符并输出

🚩flag{Png1n7erEs7iof}

1..... ..... ....! ?!!.? ..... ..... ....? .?!.? ....! .?... ..... .....2..!?! !.?.. ..... ..... ..?.? !.?.. ..... ..... ..... ..... !.?.. .....3..... .!?!! .?!!! !!!!! !!!!? .?!.? !!!!! !!!!! !!!!! .?... ....! ?!!.?4!!!!! !?.?! .?!!! !!!!! !!!!! .!!!. ?.... ..... ..... .!?!! .?... .....5..... .?.?! .?!.? .

🚩flag{hackermisc12580}

1import os2from PIL import Image3 4def find_duplicate_images(template_image_name, directory):5    duplicates = []6    template_path = os.path.join(directory, f'{template_image_name}.png')7    with Image.open(template_path) as template_img:8        template_hash = hash(template_img.tobytes())9        10        for filename in sorted(os.listdir(directory)):11            if filename.endswith('.png'):12                try:13                    file_num = int(filename.rsplit('.', 1)[0])14                    if 0 <= file_num < 1168: # 有1168张图片15                        file_path = os.path.join(directory, filename)16                        with Image.open(file_path) as img:17                            if hash(img.tobytes()) == template_hash:18                                duplicates.append(file_num)19                except ValueError:20                    continue21    return duplicates22 23def delete_images(image_numbers, directory):24    for image_num in image_numbers:25        image_name = f"{image_num}.png"26        image_path = os.path.join(directory, image_name)27        try:28            os.remove(image_path)29        except Exception as e:30            print(f"Failed to delete {image_name}: {e}")31 32def create_traffic_light_string(red_lights, yellow_lights, green_lights):33    traffic_dict = {}34    for num in red_lights:35        traffic_dict[num] = '1'36    for num in yellow_lights:37        traffic_dict[num] = '/'38    for num in green_lights:39        traffic_dict[num] = '0'40 41    result = ''.join([traffic_dict.get(num, '') for num in sorted(traffic_dict)])42    return result43 44if __name__ == "__main__":45    gif_frame_directory = '/path/gifframe' # 图片所在文件夹路径46 47    # # 删除灰色的图片48    # delete_images(find_duplicate_images('1', gif_frame_directory), gif_frame_directory)49    # delete_images(find_duplicate_images('3', gif_frame_directory), gif_frame_directory)50    # delete_images(find_duplicate_images('17', gif_frame_directory), gif_frame_directory)51 52    # 检测红灯53    red_lights = find_duplicate_images('2', gif_frame_directory)54    red_lights.sort()55 56    # 检测黄灯57    yellow_lights = find_duplicate_images('16', gif_frame_directory)58    yellow_lights.sort()59 60    # 检测绿灯61    green_lights = find_duplicate_images('18', gif_frame_directory)62    green_lights.sort()63 64    # 创建并打印交通灯字符串65    traffic_light_str = create_traffic_light_string(red_lights, yellow_lights, green_lights)66    print(traffic_light_str)

1flag = '01100110/01101100/01100001/01100111/01111011/01010000/01101100/00110011/00110100/01110011/00110011/01011111/01110000/00110100/01111001/01011111/00110100/01110100/01110100/00110011/01101110/01110100/00110001/00110000/01101110/01011111/01110100/00110000/01011111/01110100/01110010/00110100/01100110/01100110/00110001/01100011/01011111/01110011/00110100/01100110/00110011/01110100/01111001/01011111/01110111/01101000/00110011/01101110/01011111/01111001/00110000/01110101/01011111/00110100/01110010/00110011/01011111/00110000/01110101/01110100/01110011/00110001/01100100/00110011/01111101'2print(''.join([chr(int(i, 2)) for i in flag.split('/')]))

🚩flag{Pl34s3_p4y_4tt3nt10n_t0_tr4ff1c_s4f3ty_wh3n_y0u_4r3_0uts1d3}

1passwords = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z','A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z']2 3with open('dict.txt', 'w') as dictionary:4    for i in range(len(passwords)):5        dictionary.write(f"{passwords[i]*50}\n")

1user_spd_min = 7;2user_spd_max = 17;

🚩flag{jpexs7reeflash}

1从一朵花中看到一个世界，那从一段佛文中能看到什么呢？2你站在4楼的栏杆上眺望远方，如果参悟不出来就打算跳下去34佛曰：阿罰豆缽娑提諳竟諳迦亦侄栗侄大梵尼朋梵彌哆耨除怛奢般是諳爍悉哆爍冥參特參怯涅皤吉缽阿藝耶諳勝侄竟離諳諸尼缽曰。梵究呐耨盧他姪明漫究呐得哆藐集能冥盡滅知俱朋怯室神奢羅姪豆罰帝遠蘇明梵苦奢密侄曰缽者特哆呼勝蘇不冥死等那阿冥悉奢薩豆涅缽波罰。罰摩侄故罰夢缽恐皤寫諳闍舍哆得波苦奢即罰恐冥道一哆究梵呼冥闍哆上罰南訶諳寫冥依皤者哆諦故死哆夷菩侄曰呐逝至皤佛諳耶

🚩flag{CoolyouGotItNowYouKnowTheFlag}

1import re2import os3import filetype # pip install filetype4from lsb import extract # 把github上下载的lsb.py放到当前目录下5 6path = '/path' # 文件存放目录7dict_path = f'{path}/darkweb2017-top1000.txt'8filename=f'{path}/小猪佩奇.png'9 10# 反转字典11with open(dict_path, "r", encoding='utf-8') as file:12    lines = file.readlines()13lines.reverse()14with open(dict_path, "w", encoding='utf-8') as file:15    file.writelines(lines)16 17# 读取字典18with open(f'{path}/darkweb2017-top1000.txt','r+') as file:19    file = file.readlines()20 21# 提取22for i in file:23    i=i.replace('\n','')24    if len(i)==7 and re.search('[0-9!?]',i)==None:25        out_file= f'{path}/output/{i}'26        extract(filename,out_file,i)27 28# 当前路径下所有子文件29def get_files_names(file_dir):30    for _, _, files in os.walk(file_dir):31        return files32 33files_names = get_files_names(f'{path}/output/')34 35# 判断文件类型并输出36for i in range(0, len(files_names)):37    try:38        kind = filetype.guess(f'{path}/output/{files_names[i]}')39        if kind is None:40            pass41        else:42            print(f"File: {files_names[i]}, MIME Type: {kind.mime}")43    except Exception as e:44        print(f"Error processing file {files_names[i]}: {e}")

🚩flag{37d9704c-9752-434c-8891-ee15e1800490}

🚩flag{nev3r_enc0de_t00_sm4ll_fil3_w1th_zip}

🚩flag{yanji4n_bu_we1shi}

1# uncompyle6 version 3.9.22# Python bytecode version base 3.6 (3379)3# Decompiled from: Python 3.12.4 (tags/v3.12.4:8e8a4ba, Jun  6 2024, 19:30:16) [MSC v.1940 64 bit (AMD64)]4# Embedded file name: QAQ.py5# Compiled at: 2018-08-15 14:38:316# Size of source mod 2**32: 620 bytes7 8 9def encryt(key, plain):10    cipher = ""11    for i in range(len(plain)):12        cipher += chr(ord(key[i % len(key)]) ^ ord(plain[i]))13 14    return cipher15 16 17def getPlainText():18    plain = ""19    with open("plain.txt") as f:20        while True:21            line = f.readline()22            if line:23                plain += line24            else:25                break26 27    return plain28 29 30def main():31    key = "LordCasser"32    plain = getPlainText()33    cipher = encryt(key, plain)34    with open("cipher.txt", "w") as f:35        f.write(cipher.encode("base_64"))36 37 38if __name__ == "__main__":39    main()40 41# okay decompiling QAQ.pyc

1import base642def decrypt(key, cipher):3    plain = ""4    for i in range(len(cipher)):5        plain += chr(ord(key[i % len(key)]) ^ ord(cipher[i]))6    return plain7 8key = "LordCasser"9cipher = base64.b64decode("FSAnRAIzNlMjPQMjNyBJNTs6NlIFPFIqDDVTJy0zGE8rKxZBJDIrJkYoPUQML1M3MDYJZTElFyI7 UzE6DTtSNxckNDw2Mxk9Jzc=").decode()10plain = decrypt(key, cipher)11with open("plain.txt", "w") as f:12    f.write(plain)

1YOU ARE FOOLED2THIS IS NOT THAT YOU WANT3GO ON DUDE4CATCH THAT STEGOSAURUS

🚩flag{fin4lly_z3r0_d34d}

1嘟嘟嘟嘟2士兵：报告首长！已截获纳粹的加密电报！3首长：拿来看看45电报内容：6..../-/-/.--./---.../-..-./-..-././-./-.-./---/-.././.-.-.-/-.-./..../.-/..../..-/---/.-.-.-/-.-./---/--/-..-.78首长：我操你在逗我吗？你确定是他们纳粹发的吗？9士兵：难道我弄错了？哦。。。等等是这一条1011内容：http://c.bugku.com/U2FsdGVkX18tl8Yi7FaGiv6jK1SBxKD30eYb52onYe0=12      AES Key：@#@#￥%……￥￥%%……&￥1314士兵：二维码真的扫不出来吗？？肯定可以扫出来

🚩KEY{nitmzhen6}

1def letter_to_index(letter):2    if 'A' <= letter <= 'Z':3        return ord(letter) - ord('A')4    elif 'a' <= letter <= 'z':5        return ord(letter) - ord('a')6    else:7        return None8 9def index_to_letter(index, is_upper):10    if is_upper:11        return chr(index + ord('A'))12    else:13        return chr(index + ord('a'))14 15def prepare_keyword(keyword, length):16    return (keyword * (length // len(keyword) + 1))[:length]17 18def vigenere_decrypt(ciphertext, keyword):19    decrypted_text = []20    keyword = keyword.upper()21    extended_keyword = prepare_keyword(keyword, len(ciphertext))22    keyword_index = 023 24    for char in ciphertext:25        if 'A' <= char <= 'Z' or 'a' <= char <= 'z':26            is_upper = char.isupper()27            char_index = letter_to_index(char)28            key_index = letter_to_index(extended_keyword[keyword_index])29            dec_idx = (char_index - key_index) % 2630            decrypted_text.append(index_to_letter(dec_idx, is_upper))31            keyword_index += 132        else:33            decrypted_text.append(char)34 35    return ''.join(decrypted_text)36 37def read_file(file_path):38    with open(file_path, 'r', encoding='utf-8') as file:39        return file.read()40 41def read_keywords(file_path):42    with open(file_path, 'r', encoding='utf-8') as file:43        return [line.strip() for line in file]44 45def main():46    path = "/path" # 密文和密钥所在目录47    ciphertext = read_file(f'{path}/ciphertext.txt') # 密文48    keywords = read_keywords(f'{path}/keys.txt') # 密钥49 50    for keyword in keywords:51        plaintext = vigenere_decrypt(ciphertext, keyword)52        if 'password' in plaintext.lower(): # password也可以是别的词，猜出来的53            print(plaintext)54 55if __name__ == "__main__":56    main()

1# 不完整密码: *7*5-*4*3?2# 不完整sha-1: 619c20c*a4de755*9be9a8b*b7cbfa5*e8b4365*3 4import string5import hashlib6import itertools7 8 9# 1.先定义几个字符集到时候使用10str_digits = string.digits11str_upper = string.ascii_uppercase12str_lower = string.ascii_lowercase13str_printable = string.printable14 15password = "%s7%s5-%s4%s3?"16for chrs in itertools.product(str_printable, repeat=4):17    pwd = password % chrs18    if (hash_str := hashlib.sha1(pwd.encode()).hexdigest()).startswith("619c20c"):19        print(pwd, hash_str)

1s7v5-T4`3? 619c20c33dbeff190fab0d5498f0789e3ec1519a2I7~5-s4F3? 619c20c4a4de75519be9a8b7b7cbfa54e8b4365b

1import sympy2import libnum3from Crypto.PublicKey import RSA4 5 6# 1.read flag.enc7with open("flag.enc", "rb") as f:8    flag = f.read()9    c = libnum.s2n(flag)10 11# 2.read pub_key12with open("rsa_public_key.pem") as f:13    pub_key = RSA.import_key(f.read())14 15n = pub_key.n16e = pub_key.e17 18# 3.使用factordb查询的19p = 1599184697099321332207262690156074993268632576640340486402334181073531924906637091609064092621907936884551044403140032222914777168296113242048189736284319920q = 2880579177126025948685690272902043868667035444129624714820786283606465784973534361820709816390178728736856976847252134463556733429935676008050745464020700321 22phi_n = (p - 1) * (q - 1)23d = sympy.mod_inverse(e, phi_n)24 25m = pow(c, d, n)26m = int(m) # 将 gmpy2.mpz 类型转换为 int 类型27print(libnum.n2s(m))

🚩flag{W0rld_Of_Crypt0gr@phy}

🚩flag{d3fcbf17f9399504}

🚩flag{6fde4163df05d900}

🚩flag{0a394df55312c51a}

🚩flag{0d86208ac54fbf12}

🚩flag{m0rse_code_1s_interest1n9!}

1def decode_string(encoded_str, shift=4):2    decoded_str = ""3    for char in encoded_str:4        # Shift the ASCII value of each character backwards by 'shift'5        new_ascii = ord(char) - shift6        # Append the shifted character to the result string7        decoded_str += chr(new_ascii)8    return decoded_str9 10# Given encoded string11encoded_str = "e6Z9i~]8R~U~QHE{RnY{QXg~QnQ{^XVlRXlp^XI5Q6Q6SKY8jUAA"12# Decode the string13decoded_str = decode_string(encoded_str)14print("Decoded string:", decoded_str)15 16decoded_provided_string = base64.b64decode(decoded_str).decode('utf-8')17print("Decoded Provided String:", decoded_provided_string)

🚩key{68743000650173230e4a58ee153c68e8}

🚩flag{52048c453d794df1}

1import base642from html import unescape3import urllib.parse as urlparse4 5def decode_data(encoded_string):6    # Step 1: Base64 decode7    base64_decoded = base64.b64decode(encoded_string).decode('utf-8')8 9    # Step 2: Split by backslash and convert octal to characters10    octal_parts = base64_decoded.split('\\')11    del octal_parts[0]  # Remove the first element if it's empty or not an octal sequence12    oct_to_text = ''.join(chr(int(part, 8)) for part in octal_parts if part)  # Convert octal to char13 14    # Step 3: Split by '\x' and convert hex to characters15    hex_parts = oct_to_text.split('\\x')16    del hex_parts[0]  # Remove the first element if it's empty or not a hex sequence17    hex_to_text = ''.join(chr(int(part, 16)) for part in hex_parts if part)  # Convert hex to char18 19    # Step 4: Decode unicode escape sequences20    unicode_decoded = hex_to_text.encode().decode('unicode-escape')21 22    # Step 5: Split by comma and replace first and last elements23    decimal_parts = unicode_decoded.split(',')24    if len(decimal_parts) > 1:  # Ensure there are enough elements to modify25        decimal_parts[0] = '38'26        decimal_parts[-1] = '59'27    dec_to_text = ''.join(chr(int(part)) for part in decimal_parts if part.isdigit())  # Convert decimal to char28 29    # Step 6 & 7: HTML entity decode twice30    html_decoded_first_pass = unescape(dec_to_text)31    html_decoded_second_pass = unescape(html_decoded_first_pass)32 33    # Step 8: URL decode34    url_decoded = urlparse.unquote(html_decoded_second_pass)35 36    return url_decoded37 38encoded_string = "" #这里填入密文39print(decode_data(encoded_string))

🚩flag{ctf_tfc201717qwe}

🚩flag{bugku_jiami}

🚩flag{lei_ci_jiami}

1# 定义圆盘和密钥2disks = [3    "ZWAXJGDLUBVIQHKYPNTCRMOSFE",4    "KPBELNACZDTRXMJQOYHGVSFUWI",5    "BDMAIZVRNSJUWFHTEQGYXPLOCK",6    "RPLNDVHGFCUKTEBSXQYIZMJWAO",7    "IHFRLABEUOTSGJVDKCPMNZQWXY",8    "AMKGHIWPNYCJBFZDRUSLOQXVET",9    "GWTHSPYBXIZULVKMRAFDCEONJQ",10    "NOZUTWDCVRJLXKISEFAPMYGHBQ",11    "QWATDSRFHENYVUBMCOIKZGJXPL",12    "WABMCXPLTDSRJQZGOIKFHENYVU",13    "XPLTDAOIKFZGHENYSRUBMCQWVJ",14    "TDSWAYXPLVUBOIKZGJRFHENMCQ",15    "BMCSRFHLTDENQWAOXPYVUIKZGJ",16    "XPHKZGJTDSENYVUBMLAOIRFCQW"17]18 19key = [2, 5, 1, 3, 6, 4, 9, 7, 8, 14, 10, 13, 11, 12]20ciphertext = "HCBTSXWCRQGLES"21 22# 根据密钥重新排序圆盘23ordered_disks = [disks[i-1] for i in key]24 25# 找到每个密文字符在对应圆盘上的位置，并构建所有可能的解码结果26positions = []27for i, char in enumerate(ciphertext):28    pos = ordered_disks[i].index(char)29    positions.append(pos)30 31# 输出所有可能的解码结果（即每一列）32for i in range(len(disks[0])):33    plaintext = ''34    for j, disk in enumerate(ordered_disks):35        plaintext += disk[(i + positions[j]) % len(disk)]36    print(plaintext)

1HCBTSXWCRQGLES2GPVELQAEJWOTNW3VMIQOYTOLXIDYA4SNQGQIDNXPKESY5FZHYXZSJKHFNRX6UQKXVMRQIKHQUP7WWYPEJFGSZEWBL8IXPLTWHWEGNAMV9KYNOAAETFJYOCU10PITCMONHATVXQB11BHCKKRYSPDUPWO12EFRBGPVPMSWYVI13LRMDHLUYYEAVJK14NLOMINBBGNBUXZ15AASAWDMXHYMIPG16CBFIPVCIBVCKLJ17ZEEZNHOZQUXZTR18DUZVYGIUNBPGDF19TOWRCFKLOMLJAH20RTANJCZVZLTBOE21XSXSBUGKUADMIN <- flag在这里22MGJJFKJMTOSCKM23JJGUZTXRWIRSFC24QVDWDEPADRJRZQ25ODLFRBLFCFQFGT26YKUHUSQDVCZHHD

🚩flag{xsxsbugkuadmin}

🚩flag{Adm1N-B2G-kU-SZIP}

🚩flag{TONGYUAN}

🚩flag{ae73587ba56baef5}

🚩flag{554a5058c9021c76}