-
-
[原创]kctf 第四题英雄救美 wp
-
发表于: 2021-5-14 16:37
-
前一个函数就是一个字符转换的函数,然后第二个函数虽然比较丑,但是去看逻辑,发现很明显的前面操作就是填充map上的0,然后判断每一行不能重复,每一列不能重复,9个格子不能重复,好家伙,就是数独呗,找个在线的数独解题网站,直接搞出来。
然后把我们填充的部分,提出来,进行下一步的反推输入,然后继续
看转换的部分,之前尝试一直出错,然后才发现这个数字的插入是有讲究
的,基本的原则在于每一行的字符必须不重复,这样插的话,转换才是正确的,哦对,至于转换的地图,我是直接dump下来的,好像前面有做什么操作,还是大端小端端问题,静态dump下来不太一样,不理会就好了)
。放下exp
:u$YBPf2pa]Dt4#QM^H4ic'j0`w2y{d-Zzo2%/n_s@+2<UW)e4AR;F.4=-qEkvC2
truemap=[0x24, 0x42, 0x50, 0x56, 0x3A, 0x75, 0x62, 0x66, 0x59,
0x70, 0x7D, 0x5D, 0x44, 0x74, 0x4E, 0x3E, 0x61, 0x54,
0x5E, 0x4D, 0x47, 0x6D, 0x4A, 0x51, 0x23, 0x2A, 0x48,
0x72, 0x60, 0x4F, 0x27, 0x77, 0x6A, 0x69, 0x63, 0x30,
0x21, 0x68, 0x64, 0x79, 0x7B, 0x6F, 0x5A, 0x7A, 0x2D,
0x40, 0x6E, 0x2B, 0x3F, 0x26, 0x25, 0x73, 0x5F, 0x2F,
0x67, 0x3C, 0x65, 0x5B, 0x57, 0x29, 0x58, 0x55, 0x78,
0x52, 0x46, 0x53, 0x4C, 0x52, 0x41, 0x3B, 0x2E, 0x6C,
0x3D, 0x43, 0x45, 0x6B, 0x76, 0x4B, 0x2D, 0x28, 0x71]
index="5619238"
index1="18345"
index2="76219"
index3="7846925"
index4="4539786"
index5="6928713"
index6="28563"
index7="61728"
index8="1793452"
tw=[index,index1,index2,index3,index4,index5,index6,index7,index8]
print tw
flag=""
for j in range(9):
yen=0
temp= 9-len(tw[j])
for i in range(len(tw[j])):
flag+=chr(truemap[(eval(tw[j][i])-1)+j*9])
flag+=str(temp)
print flag
truemap=[0x24, 0x42, 0x50, 0x56, 0x3A, 0x75, 0x62, 0x66, 0x59,
0x70, 0x7D, 0x5D, 0x44, 0x74, 0x4E, 0x3E, 0x61, 0x54,
0x5E, 0x4D, 0x47, 0x6D, 0x4A, 0x51, 0x23, 0x2A, 0x48,
0x72, 0x60, 0x4F, 0x27, 0x77, 0x6A, 0x69, 0x63, 0x30,
0x21, 0x68, 0x64, 0x79, 0x7B, 0x6F, 0x5A, 0x7A, 0x2D,
0x40, 0x6E, 0x2B, 0x3F, 0x26, 0x25, 0x73, 0x5F, 0x2F,
0x67, 0x3C, 0x65, 0x5B, 0x57, 0x29, 0x58, 0x55, 0x78,
0x52, 0x46, 0x53, 0x4C, 0x52, 0x41, 0x3B, 0x2E, 0x6C,
0x3D, 0x43, 0x45, 0x6B, 0x76, 0x4B, 0x2D, 0x28, 0x71]
index="5619238"
index1="18345"
index2="76219"
index3="7846925"
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
|
|
|---|---|
