2025第九届御网杯复现


misc

easy_misc

题目描述:

1
简单的misc

下载附件

1
77 49 66 77 83 107 104 68 78 70 81 50 90 50 104 87 98 87 74 73 101 85 53 118 100 85 86 108 90 108 86 52 87 84 103 48 81 86 86 72 82 48 119 61 

赛博厨子一把梭

1
ascll转字符串-base64解码-base58解密-rot13解密

最后flag为

1
flag{HNCTFOr6hP46KXm5j}

ez_pictre

题目描述:

1
有点困难哦

下载附件

stegsolve查看图片通道

得到压缩包密码:

1
999999999

解压压缩包得到

010查看文件

得到base编码

1
ZmxhZ3tITkNURm1aNWJNMVpZQWk3fQ==

base64解密

最后flag为

1
flag{HNCTFmZ5bM1ZYAi7}

ez_xor

题目描述:

1
ez_xor

下载附件

1
5f-55-58-5e-42-71-7a-6d-7f-48-4e-5c-78-6a-7d-08-0f-0d-44

exp:

1
2
3
4
5
6
7
8
9
10
cipher_hex = "5f-55-58-5e-42-71-7a-6d-7f-48-4e-5c-78-6a-7d-08-0f-0d-44"
cipher_bytes = bytes.fromhex(cipher_hex.replace("-", ""))

for key in range(256):
plain = bytes([b ^ key for b in cipher_bytes])
if plain.startswith(b"flag{"):
print(f"Key: {hex(key)}, Flag: {plain.decode()}")
break
else:
print("No valid key found.")

运行得到

最后flag为

1
flag{HCTFqweASD164}

被折叠的显影图纸

题目描述:

1
“这份图纸的关键部分被折叠隐藏,但它不像加密蓝图需要解密药水——只需展开褶皱,显影的字符便会自动浮现”

下载附件

010搜索字符串查看发现

最后flag为

1
flag{0???c3_3@$Y_cR@Qk3!}

光隙中的寄生密钥

题目描述:

1
“阳光穿过树叶的缝隙,在地面投下光斑。这张图片记录了这一瞬的美,但某些光斑的形态却违背了丁达尔效应——它们是被刻意植入的寄生体,形似密钥的轮廓。”

下载附件

foremost提取

爆破密码

解压压缩包得到

赛博厨子一把梭

最后flag为

1
flag{5Jg*Hc4$vD8xL!rS}

套娃

题目描述:

1
套娃

下载附件

改后缀.zip

继续改zip得到flag

最后flag为

1
flag{HNCTFDKKBKODtK}

crypto

easy签到题

题目描述:

1
2
3
4
题目内容:怀揣黑客梦想的你,对网络世界的神秘挑战心驰神往。听闻御网杯是汇聚高手、满是趣味谜题的竞赛,
立刻拉上同样痴迷解谜的青梅竹马小鱼奔赴现场。活动现场,齿轮与电路装饰的展架林立,张贴着机械组装提示
和神秘代码。参赛者们或沉思、或讨论,气氛紧张热烈。小鱼望着字符,满脸困惑:“这都是啥?”尽管你计算机知
识尚浅,但热爱驱使你决心与小鱼并肩,破解这些“数字谜题”,开启探索之旅。

下载附件,exe文件用记事本打开

赛博厨子一把梭

最后flag为

1
flag{6f1c38a5-9e2b-1f76-3d40-857109264c5a}

baby_rsa

题目描述:

1
简单的rsa

下载附件

查看exe文件,用记事本打开

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
from Crypto.Util.number import getPrime, isPrime, getRandomNBitInteger, bytes_to_long, long_to_bytes
from gmpy2 import powmod,invert,gcd
from flag import flag
import sympy

q = getPrime(1024)
p = sympy.nextprime(q)
N = p * q
e = 0x10001
flag = flag.ljust(80)
m = bytes_to_long(flag)
c = pow(m,e,N)

print('N = ',N)
print('e = ',e)
print('c = ',c)

'''
N = 12194420073815392880989031611545296854145241675320130314821394843436947373331080911787176737202940676809674543138807024739454432089096794532016797246441325729856528664071322968428804098069997196490382286126389331179054971927655320978298979794245379000336635795490242027519669217784433367021578247340154647762800402140321022659272383087544476178802025951768015423972182045405466448431557625201012332239774962902750073900383993300146193300485117217319794356652729502100167668439007925004769118070105324664379141623816256895933959211381114172778535296409639317535751005960540737044457986793503218555306862743329296169569
e = 65537
c = 4504811333111877209539001665516391567038109992884271089537302226304395434343112574404626060854962818378560852067621253927330725244984869198505556722509058098660083054715146670767687120587049288861063202617507262871279819211231233198070574538845161629806932541832207041112786336441975087351873537350203469642198999219863581040927505152110051313011073115724502567261524181865883874517555848163026240201856207626237859665607255740790404039098444452158216907752375078054615802613066229766343714317550472079224694798552886759103668349270682843916307652213810947814618810706997339302734827571635179684652559512873381672063
'''

一把梭

替换得到flag

最后flag为

1
flag{5c9c885c371541e0b271f58b71db8cec}

cry_rsa

题目描述:

1
简单的数学

下载附件

1
2
在一次RSA密钥对生成中,假设p=473398607161,q=4511491,e=19
求解出d,然后把d的值加6为flag值。flag格式为flag{********}

一把梭

得到的d值+6

最后flag为

1
flag{2023326077889096383}

ez_base

题目描述:

1
简简单单

下载附件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Dear Friend ; Especially for you - this amazing announcement 
. This is a one time mailing there is no need to request
removal if you won't want any more ! This mail is being
sent in compliance with Senate bill 2316 , Title 1
; Section 303 ! This is not a get rich scheme . Why
work for somebody else when you can become rich in
77 months . Have you ever noticed society seems to
be moving faster and faster and more people than ever
are surfing the web ! Well, now is your chance to capitalize
on this ! We will help you turn your business into
an E-BUSINESS and sell more . You can begin at absolutely
no cost to you . But don't believe us . Ms Ames who
resides in Indiana tried us and says "Now I'm rich,
Rich, RICH" . We are licensed to operate in all states
. If not for you then for your LOVED ONES - act now
! Sign up a friend and you'll get a discount of 30%
! Thank-you for your serious consideration of our offer
. Dear Colleague ; Your email address has been submitted
to us indicating your interest in our letter ! This
is a one time mailing there is no need to request removal
if you won't want any more ! This mail is being sent
in compliance with Senate bill 2516 ; Title 1 , Section
304 . This is not a get rich scheme ! Why work for
somebody else when you can become rich inside 34 months
! Have you ever noticed how long the line-ups are at
bank machines plus people will do almost anything to
avoid mailing their bills ! Well, now is your chance
to capitalize on this ! We will help you process your
orders within seconds and deliver goods right to the
customer's doorstep ! You are guaranteed to succeed
because we take all the risk ! But don't believe us
. Mr Simpson of Oregon tried us and says "I've been
poor and I've been rich - rich is better" . We are
licensed to operate in all states . We urge you to
contact us today for your own future financial well-being
. Sign up a friend and you get half off . Thank-you
for your serious consideration of our offer . Dear
Salaryman ; Your email address has been submitted to
us indicating your interest in our briefing . This
is a one time mailing there is no need to request removal
if you won't want any more ! This mail is being sent
in compliance with Senate bill 1625 , Title 8 , Section
301 ! This is different than anything else you've seen
! Why work for somebody else when you can become rich
in 38 weeks . Have you ever noticed how many people
you know are on the Internet and nearly every commercial
on television has a .com on in it ! Well, now is your
chance to capitalize on this ! WE will help YOU deliver
goods right to the customer's doorstep plus increase
customer response by 160% ! You can begin at absolutely
no cost to you . But don't believe us ! Prof Simpson
who resides in Idaho tried us and says "I was skeptical
but it worked for me" ! We are licensed to operate
in all states ! We IMPLORE you - act now . Sign up
a friend and you'll get a discount of 30% . Thanks
.

垃圾邮箱解密

base解密

最后flag为

1
flag{HNCTFxct41omoZp3TF}

Gift

题目描述:

1
flag{appale}

下载附件

1
2
五一劳动节爸爸给家里人带了一个礼物。由于礼物不好拿,所以把礼物平均分成了四份,但是其中一份不小心掉在地上散落成了无数片,变成了 1 - 1/3 + 1/5 - 1/7 + …
聪明的你能算出或猜出爸爸带的礼物是什么吗?flag示例: flag{apple} flag{watermelon} 提交flag值凯撒密码加密,偏移量9在提交。
1
2
3
莱布尼茨级数,礼物被分成四份,其中一份是四分之一π,整个礼物就是π

所以礼物是派(pie)

凯撒加密

1
2
3
4
p → y(15 + 9 = 24)
i → r(8 + 9 = 17)
e → n(4 + 9 = 13)
加密结果:yrn

最后flag为

1
flag{yrn}

甸方阵的密语

题目描述:

1
2
3
考古学家在阿尔卑斯山麓发现了一处古罗马牧羊场遗址,残垣断壁间散落着刻满符号的石
板。研究显示,这些符号出自青年时期的凯撒之手一一彼时他尚未成为征服高卢的统帅,而是在草甸间放牧的少
年。传说中,这位未来的军事天才曾将羊群训练成移动方阵,并用栅栏排列出隐秘的防御阵型。

下载附件,是exe文件,用记事本打开

1
lDrwgDmg{efhsFr}

栅栏解密

凯撒解密

最后flag为

1
flag{zm1XqXaybZ}

文章作者: yiqing
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 yiqing !
  目录