b64 | CTFHub

点击此处获得更好的阅读体验

WriteUp来源

本WP由Vanish提供

题目考点

base64加密

解题思路

换表base64，将给出对应关系记下来，发现flag密文中['E', 'G', 'I', 's', 'X', 'z']，这六个字符没有映射关系。

然后有['+', '/', '1', '5', '7', '6', '9', '8', 'A', 'C', 'H', 'K', 'J', 'P', 'R', 'V', 'e', 'f', 'n', 'u', 'w', 'v'] 这么多位字符也没有被映射。

所以爆破这两个列表中的映射关系

然后根据flag的格式，uuid，来判断结果。

# -*- coding: utf-8-*-
from base64 import *
from string import *
def check(s):
    for i in s:
        if i not in "flag{-1234567890abcdef}":
            return False
    return True
flag = 'uLdAuO8duojAFLEKjIgdpfGeZoELjJp9kSieuIsAjJ/LpSXDuCGduouz'
a='pTjMwJ9WiQHfvC+eFCFKTBpWQtmgjopgqtmPjfKfjSmdFLpeFf/Aj2ud3tN7u2+enC9+nLN8kgdWo29ZnCrOFCDdFCrOFoF='
b='YXNobGtqIUBzajEyMjMlXiYqU2Q0NTY0c2Q4NzlzNWQxMmYyMzFhNDZxd2prZDEySjtESmpsO0xqTDtLSjg3MjkxMjg3MTM='
alpha = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789abcdefABCDEF+/'
FLAG=''
print("fail words")
for i in flag:
    if i in a:
        index = a.index(i)
        FLAG+=b[index]
    else:
        FLAG+='!'
        print i,
print "\nFLAG cipher"
print FLAG
#'ZmxhZ3sxZTNhMm!lN!0xYz!yLT!mNGYtOWIyZ!!hNGFmYW!kZj!xZTZ!'
print "alternative words"
aw=""
for i in alpha:
    if i not in b:
        aw += i
print aw
'@#$%^&'
table = 'ACHJKPRVefnuvw156789efAC+/'
print("for z")
for i in table:
    if b64decode("ZTZ"+i)[-1] == '}':
        FLAG = FLAG.replace("ZTZ!","ZTZ9")
        table = table.replace(i,"")
        #print FLAG
print("for G")
for i in table:
    if check(b64decode("Zj"+i+"x")) and check(b64decode("Yz"+i+"y")):
        #print b64decode("Zj"+i+"x")
        FLAG = FLAG.replace("Zj!x","Zj"+i+"x").replace("Yz!y","Yz"+i+"y")
        table = table.replace(i,"")
        #print i
        #print FLAG
print("for I and s")
for i in table:
    for j in table:
        if check(b64decode("N"+i+"0x")) and check(b64decode("Z"+i+j+"h")):
            #print b64decode("N"+i+"0x"),b64decode("Z"+i+j+"h")
            FLAG = FLAG.replace("N!0x","N"+i+"0x").replace("Z!!h","Z"+i+j+"h")
            table = table.replace(i,"").replace(j,"")
            #print i,j
            #print FLAG
print("for X and E")
for i in table:
    for j in table:
        if j == i:
            continue
        s = b64decode(FLAG.replace("Mm!l","Mm"+i+"l").replace("LT!m","LT"+i+"m").replace("YW!k","YW"+j+'k'))
        if check(s):
            print s

FLAG

1	flag{1e3a2de5-1c02-4f4f-9b2e-a4afaedf01e6}