网鼎杯
bang
拿到题是个加壳的,直接用通用脱壳机一梭子,就ok了,直接有答案
signal
虚拟机的题
1 2 3 4 5 6 7 8 9 10 11 12 13
| 0A 00 00 00 04 00 00 00 10 00 00 00 08 00 00 00 03 00 00 00 05 00 00 00 01 00 00 00 04 00 00 00 20 00 00 00 08 00 00 00 05 00 00 00 03 00 00 00 01 00 00 00 03 00 00 00 02 00 00 00 08 00 00 00 0B 00 00 00 01 00 00 00 0C 00 00 00 08 00 00 00 04 00 00 00 04 00 00 00 01 00 00 00 05 00 00 00 03 00 00 00 08 00 00 00 03 00 00 00 21 00 00 00 01 00 00 00 0B 00 00 00 08 00 00 00 0B 00 00 00 01 00 00 00 04 00 00 00 09 00 00 00 08 00 00 00 03 00 00 00 20 00 00 00 01 00 00 00 02 00 00 00 51 00 00 00 08 00 00 00 04 00 00 00 24 00 00 00 01 00 00 00 0C 00 00 00 08 00 00 00 0B 00 00 00 01 00 00 00 05 00 00 00 02 00 00 00 08 00 00 00 02 00 00 00 25 00 00 00 01 00 00 00 02 00 00 00 36 00 00 00 08 00 00 00 04 00 00 00 41 00 00 00 01 00 00 00 02 00 00 00 20 00 00 00 08 00 00 00 05 00 00 00 01 00 00 00 01 00 00 00 05 00 00 00 03 00 00 00 08 00 00 00 02 00 00 00 25 00 00 00 01 00 00 00 04 00 00 00 09 00 00 00 08 00 00 00 03 00 00 00 20 00 00 00 01 00 00 00 02 00 00 00 41 00 00 00 08 00 00 00 0C 00 00 00 01 00 00 00 07 00 00 00 22 00 00 00 07 00 00 00 3F 00 00 00 07 00 00 00 34 00 00 00 07 00 00 00 32 00 00 00 07 00 00 00 72 00 00 00 07 00 00 00 33 00 00 00 07 00 00 00 18 00 00 00 07 00 00 00 A7 FF FF FF
|
github上的angr_ctf套题提供的标准模板,直接拿来用了改一下
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
| import angr import sys def main(argv): bin_path = argv[1] p = angr.Project(bin_path) init_state = p.factory.entry_state() sim = p.factory.simulation_manager(init_state) def is_good(state): return b'good,The answer format is:flag {}' in state.posix.dumps(1) def is_bad(state): return b'what a shame...' in state.posix.dumps(1) or b'WRONG!\n' in state.posix.dumps(1) sim.explore(find = is_good ,avoid = is_bad) if sim.found: found_state = sim.found[0] print("Flag: {}".format(found_state.posix.dumps(0))) else : print("cannot found a solution") if __name__ == "__main__": main(sys.argv)
|
flag{757515121f3d478}
jocker
看一下一个异或的东西,可以借出来前面的
19位flag{d07abccf8a410c是这个,后面的东西就是一个异或,吐槽一下,什么提示都没有,太脑洞了吧
58和}异或得出来的是71 和其他的异或就行了直接得出答案
flag{d07abccf8a410cb37a}
you raise me up
56006392793405651552924479293096841126763872290794186417054288110043102953612574215902230811593957757
转化一下 flag{5f95ca93-1594-762d-ed0b-a9139692cb4a}