2022 Yangcheng Cup misc lost illusion wp

Enterprise 2023-07-12 01:56:39 views: null

Lost in the illusion!

I played the Yangcheng Cup the day before yesterday 

I think this question is very interesting

So today I will reproduce it for you guys (There is Keli in it) ( •̀ ω •́ )y

first step

Download the attachment and unzip it

get a virtual machine file 

Since the format of the file is correct, others have given it to us, so it is inappropriate if we don’t open it

Here we are using DiskGenius Disk Utility to open

 Click on the disk - open the virtual machine disk file  

choose the file he gave you

In this way, all the files in him will be displayed.

 

 Let's export it all first

 We can see that there are many pictures, a txt document, and several files without suffixes

There are so many pictures, so let's look at the document first

 It's all about the environment, look at the environment is those pictures

There is no way we can only analyze the pictures

I believe that after further observation, you will find that the 100 pictures in the middle are actually in the same format and size.

So the extra things can be dispensable

Then we will first analyze the pictures that can be opened, but it is useless

Just look at the hexadecimal format of those files without saying anything 010

After careful observation, I found that this file is just missing the file header.


According to the information we know, the file header of png should be supplemented

 

 save it

You will find that it is still the same picture

But if you look closely, you will find that the file formats of the two pictures are different.

  So use the stegsolve tool to XOR two images to get a key

 Get a key "Kelly come to report"

There is only one picture of Keli left here and we have no information

When we carefully observe the picture format, we will find that most of the front is garbled

 especially the red part

 Here we find a screenshot of an article as above for everyone to understand 

According to our understanding, clear all the extra and garbled characters

get a full picture

get

 

Since the key was obtained earlier, it must be to decrypt the picture

After multiple attempts, it was found to be outguess steganography

Order

outguess -k" 可莉前来报道" -r  3333.jpg  flag.txt

get the flag

DASCTF{f473a6fd2de17a0c5794414b3905ebbe} 

 

 

Come on everyone ( •̀ ω •́ )y look forward to seeing you again

Guess you like

Origin blog.csdn.net/m0_68012373/article/details/126695002
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com