20190424进度

Posted on

20190424进度

Calculator

学习request库的用法后,思路是写脚本把算式部分截取后计算,加上cookies再发送上服务器。再返回的即为flag

1
2
3
4
5
6
import requests
r = requests.get('http://web1.blue-whale.me:23331/calculator/') 
print eval (r.text[515:-133])
p = eval (r.text[515:-133])
r = requests.get ('http://web1.blue-whale.me:23331/calculator/?answer='+str(p), cookies=r.cookies)
print r.text

Imgur

reverse sign in

通过分析main函数,看到如下的逻辑关系:

Imgur

i与所给内存异或后为i的值即为所求。代码如下:

1
2
3
4
5
d =[0x66,0x6d,0x63,0x64,0x7f,0x3c,0x36,0x72,0x57,0x42,0x64,0x3b,0x7b,0x52,0x7c,0x3c,0x66,0x54,0x60,0x60,0x27,0x4a,0x49,0x7f,0x71,0x58,0x52,0x72,0x7d,0x75,0x2a,0x62,0x00]
table = []
for i in range(0,32):
    table.append(i^d[i])
print table

把得到的列表转化为字符串形式,再把每个数字转化为ascii码即为flag