[SCTF2019]Who is he
dnspy打开
发现是先DES再base64
不过要留意在在C#中,字符串默认是Unicode
在下面的encryptKey和EncryptData中可以找到密文和key,不过这是假flag
用dnspy调试断点也打不下去,参考别的师傅的博客,用的是CE
直接就找到了
写脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| from Crypto.Cipher import DES
import base64
enc = "1Tsy0ZGotyMinSpxqYzVBWnfMdUcqCMLu0MA+22Jnp+MNwLHvYuFToxRQr0c+ONZc6Q7L0EAmzbycqobZHh4H23U4WDTNmmXwusW4E+SZjygsntGkO2sGA=="
key = b'1\x002\x003\x004\x00'
des = DES.new(key, DES.MODE_CBC, iv=key)
dec = des.decrypt(base64.b64decode(enc))
print(dec.decode('utf16'))
enc1 = "xZWDZaKEhWNMCbiGYPBIlY3+arozO9zonwrYLiVL4njSez2RYM2WwsGnsnjCDnHs7N43aFvNE54noSadP9F8eEpvTs5QPG+KL0TDE/40nbU="
key1 = b't\x00e\x00s\x00t\x00'
aaa = DES.new(key1, DES.MODE_CBC, iv=key1)
ddd = aaa.decrypt(base64.b64decode(enc1))
print(ddd.decode('utf16'))
|
1
| flag{She_P1ay_Black_Hole_Very_Wel1!LOL!XD!}
|