bugku misc qaq_云笙y的博客-爱代码爱编程
cipher.txt里面的内容为:
FSAnRAIzNlMjPQMjNyBJNTs6NlIFPFIqDDVTJy0zGE8rKxZBJDIrJkYoPUQML1M3MDYJZTElFyI7
UzE6DTtSNxckNDw2Mxk9Jzc=
是base64但解码后是乱码。
QAQ文件用010editor查看后发现了 main 之类的关键词,判定为pyc文件,拓展名改为pyc文件后使用uncompyle6工具进行反编译
得到
对应写出解密脚本:
import base64
def decryt(key, cipher):
plain = ''
for i in range(len(cipher)):
plain += chr(ord(key[(i % len(key))]) ^ int(cipher[i]))
return plain
str = 'FSAnRAIzNlMjPQMjNyBJNTs6NlIFPFIqDDVTJy0zGE8rKxZBJDIrJkYoPUQML1M3MDYJZTElFyI7UzE6DTtSNxckNDw2Mxk9Jzc='
key = 'LordCasser'
s = base64.b64decode(str)
print(decryt(key, s))
得到结果为
YOU ARE FOOLED
THIS IS NOT THAT YOU WANT
GO ON DUDE
CATCH THAT STEGOSAURUS
说明该题实际是pyc隐写。利用stegosaurus工具:python3 stegosaurus.py -x QAQ.pyc
下载地址:https://github.com/AngelKitty/stegosaurus
注:stegosaurus仅支持python3.6以下版本