526互联

CTF-MISC-压缩包(持续更新)

发布时间 2023-05-05 20:38:26作者: CierraRunnis

1.明文攻击

题目来源-HDCTF

附件是一张图片,文件尾藏有压缩包,使用foremost将其分离

 

 分离得到一个加密压缩包

 使用暴力破解

 所得文件为压缩包的逆序,利用脚本将其恢复

str='''05 B4 30 40 51 00 10 00 90 00 1F EB C8 65 9F 42
96 08 A1 10 00 00 E7 10 00 00 90 00 00 00 05 C6
16 96 E6 E2 A7 96 07 B1 65 01 1C E7 66 D9 0A 49
22 2C 95 B2 88 48 74 AB 50 7D 65 97 60 72 DC D0
47 6D 2C 27 82 E8 ED 3B 25 8B 62 D3 B8 D0 CC E0
32 A3 F8 61 39 CE 16 FA 1B F0 C1 E4 EB 8B E8 A2
7A 9C 32 D9 AB C3 40 84 FB 87 64 F3 42 FE 1E 58
CB 15 69 5D DB 0A AB 69 C2 8E FE 1B 08 EC 65 12
33 4C 48 9E 5E 66 4F E1 B5 72 61 B7 AB 56 2C C0
C9 0B 99 C8 2E D9 8B 53 85 FA D9 68 93 C7 9B 41
BA 8B 9A D1 53 13 0D 60 67 8B B2 FF F4 AC E8 1B
50 B8 61 D8 E5 2B C4 46 BA F9 AE 94 D5 27 EF CC
66 93 7E B5 91 9D 8F 79 B1 C0 22 0C 0C F2 E8 C9
95 06 DD 99 99 59 FA B6 2B 47 22 B0 C7 E7 D4 51
72 FA 35 27 11 C7 EA 3B 33 67 2A 04 EB 3B 5B A8
4D 2F 44 67 4F B7 01 28 34 CA E9 8E E0 F4 27 EA
89 D4 20 75 DD C7 72 18 A5 4B 87 BB 07 53 F4 B1
A6 98 08 6E FC DF C8 5C 44 E8 14 5A E6 F3 74 5E
4B ED 20 52 03 99 55 7B D8 A9 92 A8 A6 1B 00 0D
33 86 A8 A7 CC AB A0 07 B3 E6 DE 17 9B B0 D6 E2
18 05 B4 30 40 51 00 10 00 90 00 DF EB C8 65 BF
FB 81 42 59 00 00 00 EB 00 00 00 A0 00 00 00 37
56 36 27 56 47 E2 A7 96 07 66 F4 9B D3 17 41 20
90 75 C9 10 4C 48 AA F9 88 27 A3 C8 F6 78 78 C0
1C BF C0 CA 49 7B BC 92 B2 5D A3 F0 D6 5A 29 FD
69 66 4B 15 46 B7 9F 61 64 FB 54 0F EB 8F A6 22
E9 0F C3 23 ED E6 19 BE 5E 7A 44 43 07 10 86 D7
33 B1 E7 19 BA E3 52 5F 1A F1 C4 38 43 5A F0 0C
7B 41 01 D8 40 96 E0 4D 33 CD 2F F9 F7 00 94 7E
84 A8 03 01 93 13 CB A4 A3 6D 14 60 5B F6 A1 F3
A4 DB 32 AE 3D 62 31 A6 17 C9 86 45 52 7C DB A8
4D 96 5F 10 00 B4 C7 DB 61 72 23 BA A5 A1 05 B4
10 20 F3 00 51 00 10 00 90 00 1F EB C8 65 9F 42
96 08 A1 10 00 00 E7 10 00 00 90 00 42 00 00 00
00 00 00 00 02 00 00 00 00 00 00 00 05 C6 16 96
E6 E2 A7 96 07 A0 00 02 00 00 00 00 00 10 00 81
00 00 FD 53 73 75 D6 9D 10 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 05 B4 10 20 F3 00 51
00 10 00 90 00 DF EB C8 65 BF FB 81 42 59 00 00
00 EB 00 00 00 A0 00 42 00 00 00 00 00 00 00 02
00 00 00 14 10 00 00 37 56 36 27 56 47 E2 A7 96
07 A0 00 02 00 00 00 00 00 10 00 81 00 00 BF 38
54 75 D6 9D 10 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 05 B4 50 60 00 00 00 00 20 00 20
00 7B 00 00 00 EF 10 00 00 00 00'''
str=str.replace('\n','')
str=str.replace(' ','')
zip=''
for i in range(0,len(str),2):
    zip+=str[i+1]+str[i]
print(zip)
View Code

恢复后的压缩包内藏有两个压缩包

利用密码爆破sercret.zip

 可以使用zip明文攻击

 解压后便得到flag