fixit
算是个签到,给了个 css,写个 html 引入加上 div 就行。鼠标 hover 之后是个二维码。
搜一下是阿兹特克码,解码就有。
easyMCU
bin 包,用srec_cat转为 bin。
srec_cat.exe mcu.s19 --offset -0x80000000 -o mcu.bin -binary丢进 ghidra 逆向,交给 re 手看看能够得出结论是个 AES。
staking
没想到有生之年我能做 web3.
搜了一下找到了这篇,‣
照着利用搓脚本就行。
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.26;
import {Script, console} from "forge-std/Script.sol";
import {setUp1, SCTF, USDC, StakingReward} from "../src/contract.sol";
// v4.local.4kAvtcVlBIWUJy8kctgq-TVZetmxGEX6cdQeFpDRBY-k1gJRsnMta155wP4MkjgBa-zERhdNIdRQLrjf8I4fSAJJsmpiRReTBlhgnZco7g6gtu2LEY7_av5m0u-pFBgFGSqOkUPcqumMpN0uRdUcJldkgO3OIP49_9N-G7kzvl4z4A.c2V0VXAx
contract SolveScript is Script{
uint256 privKey = xxx;
address setUpContract = 0x7cCf45454B62AeBB15d16f3E50FB127888eaD9c3;
function run() public{
vm.startBroadcast(privKey);
setUp1 setup = setUp1(setUpContract);
StakingReward stake = setup.staking();
USDC usdc = setup.usdc();
SCTF sctf = setup.sctf();
setup.registerPlayer();
sctf.approve(address(stake), 10e18);
for(uint i = 0; i < 864; i++){
stake.vm_warp(500);
stake.getReward();
}
stake.vm_warp(stake.periodFinish() - stake.block_timestamp());
setup.claimReward();
console.log(setup.isSolved());
vm.stopBroadcast();
}
}速来探索SCTF星球隐藏的秘密
前半段写个脚本 fuzz 就行。
是HAHAHAy04
后面是个 LLM,想办法让他输出 prompt 就行。
musicMaster
mkvtoolnix可以打开解出两个声音通道两个视频通道。
声音通道是sstv,解出二维码
视频通道是一个cimbar 二维码的文件,7z。
二维码的内容是密码,拿到 7z 中的tracker。打开再找能找到
里面的 hex,猜测 base64?
data=[0x14,0x34,0x0d,0x14,0x11,0x27,0x2d,0x14,0x1a,0x03,0x11,0x2e,0x12,0x35,0x3d,0x19,0x0c,0x07,0x15,0x1f,0x0d,0x05,0x3d,0x0c,0x0c,0x17,0x0d,0x34,0x0c,0x36,0x39,0x29,0x1b,0x23,0x25,0x1f,0x13,0x17,0x25,0x1f,0x13,0x13,0x01,0x24,0x1d,0x16,0x30,0x33,0x17,0x34,0x35,0x35,0x0d,0x13,0x05,0x23,0x1f,0x10,0x40,0x40]
t='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='
for i in data:
print(t[i],end='')解码就行
U0NURntUaDRuS19ZMHVfNF9MMXN0M25pbjlfTXlfTTBkdWwzX011NTFjfQ==
SCTF{Th4nK_Y0u_4_L1st3nin9_My_M0dul3_Mu51c}