png圖片IDAT塊異常

本文轉載自查看原文 2018-08-26 17:17 752 隱寫

png圖片套路走一波，什么查看屬性，stegsolve，binwalk

用 tweakpng 查看一下png圖片

其它數據塊都是導論65524滿，倒數第二個還沒有滿就有下一個數據塊了，說明最后一個有問題

用 Hex Workshop 打開，用ctrl搜索關鍵字IDAT，找到最后一個IDAT所在位置，將這一部分的數據摳出來

如圖陰影部分，IDAT只是數據塊標識和結束標識一樣，不用將它拿出來

那么摳出來的這部分是什么數據呢？查找以78 9c開頭的文件是什么，得知是zlib壓縮的標志

python編程（基於python3）

 1 import zlib
 2 import binascii
 3 
 4 IDAT ="789C5D91011280400802BF04FFFF5C75294B5537738A21A27D1E49CFD17DB3937A92E7E603880A6D485100901FB0410153350DE8311
 5 2EA2D51C54CE2E585B15A2FC78E8872F51C6FC1881882F93D372DEF78E665B0C36C529622A0A45588138833A170A2071DDCD18219DB8C0D465
 6 D8B6989719645ED9C11C36AE3ABDAEFCFC0ACF023E77C17C7897667"
 7 IDAT =bytes.fromhex(IDAT)#默認會將十六進制做為字符串解碼，此時就會出現錯誤，就需要轉換成字節碼
 8 #HEX_str = IDAT.hex()#字節碼轉換成十六進制
 9 #print(HEX_str)#檢查一下是否有誤
10 result = binascii.hexlify(zlib.decompress(IDAT))
11 print(result)


然后得到了

b'3131313131313130303031303030303131303131313131313131303030303031303131313030313031313031303030303031313031313130
313031303030303030303030313031313130313130313131303130303130303030303030303130313131303131303131313031303131313031
313031303031303131313031313030303030313031303130313130313130313030303030313131313131313130313031303130313031303131
313131313130303030303030303130313131303131313030303030303030313130313030313130303030303130313030313131303131303131
313130313031303130303130303030313131303030303030303030303031303130303030303030303130303130303131303130303031303031
313130303131313130313131303031313131303030303131313031313131313030303131303031303130303031313030313131303030303130
313031303030313130313030303131313130313031313030303030313031303030313031313030303030313130313131303131303031303030
303131313030313131303031303030303130313131313131313031303030303030303031313031303130303130303031313131303131313131
313130313131303030303131303130313130313131303030303031303030303131303031313030303131313130313031313130313030303131
303130303131313131303030303130313131303130313130303031313130313030313131303031303131313031303031303031313130313130
3131303030313130303030303130313130303031313031303030313130303031313131313131303131303130313130313131303131303131'

（可能手動分割出現了點錯誤。。。）

30 31是hex編碼，30 31分別代表hex的0 1編碼
hex在線轉換成ASCII：https://www.asciitohex.com/
得到01字符串不是8 6的倍數沒辦法轉換為ASCII的字符,剛好625個 625 = 25 *25
再次編程畫出圖片

from PIL import Image

MAX = 25
pic = Image.new("RGB",(MAX, MAX))
str = "1111111000100001101111111100000101110010110100000110111010100000000010111011011101001000000001011101101110101110110100101110110000010101011011010000011111111010101010101111111000000001011101110000000011010011000001010011101101111010101001000011100000000000101000000001001001101000100111001111011100111100001110111110001100101000110011100001010100011010001111010110000010100010110000011011101100100001110011100100001011111110100000000110101001000111101111111011100001101011011100000100001100110001111010111010001101001111100001011101011000111010011100101110100100111011011000110000010110001101000110001111111011010110111011011"
i=0
for y in range (0,MAX):
    for x in range (0,MAX):
        if(str[i] == '1'):
            pic.putpixel([x,y],(0, 0, 0))
        else:
            pic.putpixel([x,y],(255,255,255))
        i = i+1
pic.show()
pic.save("flag.png")

得到二維碼圖片，掃碼即可。

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 png圖片隱寫 png圖片解碼 libpng處理png圖片（二） PNG圖片格式詳解 CSS改變png圖片顏色 GDI+ 加載PNG圖片 Golang壓縮Jpeg圖片和PNG圖片 Delphi 圖片轉換（jpg、bitmap、png、gif）將HTML轉換為圖片（PNG,JPGE）關於圖片格式png與xml的真實轉換