PolarD&N靶场

GUANZHI · 2023 年12 月 4 日 03:29

Misc

1、0和255
首先给出了两个文件image_list.txt和image_list.py
python文件代码

from PIL import Image
image = Image.open('flag.png')   #flag.png分辨率为33*33
width = image.width
height = image.height
image_list = []
for x in range(height):
    scanline_list = []
    for y in range(width):
        pixel = image.getpixel((y, x))
        scanline_list.append(pixel)
    image_list.append(scanline_list)
print(image_list)

它将一个flag图片按像素读取，范围0-255，生成列表，即image_list.txt。
exp很简单，就将list中的值按像素点填回去，得到png文件，点击得到二维码

扫描二维码得到Polar_Night
根据题目要求再将其进行md5加密（有大写和小写两种），套上flag测试
2、01
与第一题类似，给出了一个flag.zip但是加密了，要密码，在hint提示中给出了25*25的01矩阵，想到把1看做0，把0看做255（这个想法是试用了1看做255,0看做0后失败了，所以反过来试一试），套用上一题的exp代码，得到二维码图片

扫描得到p@ssw0rd!
输入得到一个txt文件，里面是喵言喵语，第一感觉是西电2023招新赛的喵言喵语，但是发现不止2种形式，所以试一试兽语加密解密，得到flag
3、100RGB
题目内容由一行行Emoji表情 组成。
Emoji解密得到:

82,71,66102,108,97103,123,65110,49,10997,49,11532,95,97114,51,9599,117,43101,125,0

根据ASCII码可得到真实的ASCII码。

82 71 66 102 108 97 103 123 65 110 49 109 97 49 115 32 95 97 114 51 95 99 117 43 101 125

把RGB去掉，得到flag
4. 二维码
下载拿到png文件，不能打开，用010打开得到了
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAXkAAAF4CAYAAACxX4mYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAEnQAABJ0Ad5mH3gAACsWSURBVHhe7Z1fiKZl/f91p3DRptVxddewo2JMomBRFpGEUVkSrdNioViFoCPrYIkinIohpHCDOhAhPZgQRk2S6KA/A7V0ZBs2HajUIKK1lIOU1WZN2rj39/d5eObHNn6e67o+13N97vu67+f1htdRz319rr8vn2fivvaihhBCyODy+uuvN3/5y18aJE8IIQPMP/7xj+aVV15B8oQQMsT87W9/a86ePYvkCSFkiHnttdeaP/zhD0ieEEKGmL/+9a9InhBChhokTwghAw6SJ4SQAQfJE0LIgIPkCSFkwMmW/OnTp5uvfe1rUJi1tbXxDIezubmpPl8DsjdSMot7KHV920juHmJ9u8W6h7IlL8UuuugiKMzHP/7x8QyH86Mf/Uh9vgZkb6RkFvdQ6vq2kdw9xPp2i3UPIfnKQPLDBsnDtCD5noPkhw2Sh2lB8j0HyQ8bJA/TguR7DpIfNkgepgXJ9xwkP2yQPEwLku85SH7YIHmYFiTfc5D8sEHyMC1Ivucg+WGD5GFakHzPQfLDBsnDtCD5noPkh00tkn/jjTeaJ598Uu1jDNa3W5B8z0Hyw8ZT8nKY//SnPyXx3HPPNd/85jfVPsZgfbsFyfccJD9sPCV/4sSJ5j3veU8Shw8fbg4cOKD2MQbr2y3VS355eXkkqKGzurraLCwsqHMQYpYkL7cg7p23ELlzakHalzpa/RKcOXNmPPrykb2jjak03pLHEWGql7wMbhYiP4nlG5M2ByFmSfLW5M6pBWlf6vQxQ5E8jgiD5CsJki8fJB8Oku9XkHzPg+TLB8mHg+T7FSTf8yD58kHy4SD5fgXJ9zxIvnyQfDhIvl9B8j0Pki8fJB8Oku9XkHzPg+TLB8mHg+T7FSTf8yD58kHy4SD5fgXJ9zxIvnyQfDhIvl+ZecmvrKyMBlMb8uq4TFossyz5xcXFt83bJGSdU9OG5Pfv398cO3ZM7WtXpL4lK5/VxlSamiS/trb2tvnqmlocsZtqJS8D0Z7vmtRverMseQuWDduG5GuktjNTk+Rza3hSiyN2g+SN9F3ylm/ZR48eVdsoidRJjWxW+Za0t5+TOHTokFqzb6SeGeuv39z1RfJhkDySD5K6gLmSTz2gktwaFqwb1pJa95AVi/Qs8d5DSD4cJI/kg/E+oJLcGhaQfByL9Czx3kNIPhwkj+SD8T6gktwaFpB8HIv0LPHeQ0g+HCSP5IPxPqCS3BoWkHwci/Qs8d5DSD4cJI/kg/E+oJLcGhaQfByL9Czx3kNIPhwkj+SD8T6gktwaFpB8HIv0LPHeQ0g+HCSP5IPxPqCS3BoWkHwci/Qs8d5DSD4cJI/kg/E+oJLcGhaQfByL9Czx3kNIPhwkj+SD8T6gL7zwQisHyEPy58+fb958883mrrvuUmv2DSQ/OW3sUStIHskH8Zb88ePHR8/GkPWt7Y3X7e3tZn19Xe3vXp588snmhhtuUGv2jeXlZXWMk0i960Y+q9WLgeTDIPnEBUTy4eQeUCtzc3Oj6wFkLCHkM/JZrY0Qlg2bO6fezM/Pv20+SuA9p0jeB1k7JJ8QJB9OW5IX0WxsbIzGE0I+k3NXzBAkf/LkybfNRwm85xTJ+4DkkXyQ2iRf04bNreFNqvSsqXUPIfkwNZ0ZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCIvl6QPJ6kHw4bZwZCZI3UssCbm5ujtbAm1OnTjXnzp0bV50c+Yx8VmsjxNra2riFeHJrpCI3dGprEkOe9QiSjye3hidIHskHsS4gKRdv6VmD5ONB8vEgeSNIfrhB8mkg+TBIHskHQfLdBcmngeTDIHkkHwTJdxcknwaSD4PkkXwQJN9dkHwaSD4MkkfyQZB8d0HyaSD5MEgeyQdB8t0FyaeB5MMgeSQfBMl3FySfBpIPg+SRfBAk312QfBpIPgySR/JBUhcw943X06dPj1soG++3Uach9a3aoUh+cXHxbXOg4f2Gr3xOez4Gkg+D5J2pZQGHIqQ2YE7Lkjpeb0dIcmt4UosjdlOt5E+cODGagNo4cuRIs7W1Ne7l5CD5ekid0/X19f9Z61TkF4xHZJ/JftNqauzfv18df2lqkrzMvTYXXVKLI3ZTreSlYzIJtSGLt7OzM+7l5MhnPRcQyaeTOqfb29v/s9appFzglhPZZ7LftJoax44dU8dfmpokL3OvzUWX1OKI3VQr+b7HewGRfDrWQ9HXyDi18ZemJsn3OUi+50Hy9YDky4LkywTJ9zxIvh6QfFmQfJkg+Z4HydcDki8Lki8TJN/zIPl6QPJlQfJlguR7HiRfD0i+LEi+TJB8z4Pk6wHJlwXJlwmS73mQfD0g+bIg+TIZrORXV1dHgxs6GxsbzaFDh9Q5CFGT5C0vB+WOtw3kJSGtzxqpL7JYX1TaRQ5camb1ZSgcEaZ6yS8sLIz+6zV0ZPHm5ubUOQhRk+Qtr/nnjrcN5HV/rc8aqa+ky2csVw7sItd1pMZaYyjXGuCIMNVLHsLUJPncGnK7oTwbI/cWxOXlZbW9vRw9elR9PoQcPvmWFYt8Rj6rtRHCckBza8i4tfnYi8yj9nwMb8lDGCTfc4YgeW8JSL9SInOpPR9iCJKvZQ/hCB+QfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM9B8nGQfBgkP2yQfM+p5YA+9thjzU033aS2EcNbArMg+Weffba55557mssuu0xtJ0RKjVdeeaX5zne+oz4fw3t9IQyS7znekl9aWhqtXYxbb721ufjii9U2YsjzKZHPac/H8JT8/Px8c/Lkyf+ZCw35jHxWayPE4uKi2t5e7r777ubgwYPNvn371HZCpNT43Oc+N1pj7fkY8nxK5HPa8zAdrUl+bW1tVAzKsrKyMp7hcM6cOaM+HyLnxju59EpuN9Tam4TsjZTkSsBT8jmIVPfOgYZ8Tns+htxFo7W3l9rWF0f4kOqI3WRLnvQvskG0gx4i9c8XORmK5L2/2dbw5ynS3yD5GQqS9wHJk5qD5GcoSN4HJE9qDpKfoSB5H5A8qTlIfoaC5H1A8qTmIPkZCpL3AcmTmoPkZyhI3gckT2oOkp+hIHkfkDypOUh+hoLkfUDypOZkS35zc3O0+byRNzu9Im1rNbvEc7yeEtje3m7W19fVMU3i+PHjas0Yy8vLant7kTdFtedL4y15z/EuLCw0q6uranuTkLPvkZw9JKSema2tLfX5vmF1RLbkczesFRGTV9r6pmehtvGmSl4+I5/V2hg63pKvjdTxWpO7h1LPjAhSe75vWB2B5JWaXVLbeJF8HCRfJkg+DasjkLxSs0s8x5vz5yn5+Sw/o2PJPaDyJwatrob8WUH+vKC1UwrPP18g+XCQfBpI3pBZk7xnvA+opI1fC9K+1PEIkg8HyadhdQSSV2p2ied4PYPk40Hy4SD5NKyOQPJKzS7xHK9nkHw8SD4cJJ+G1RFIXqnZJZ7j9QySjwfJh4Pk07A6AskrNbvEc7yeQfLxIPlwkHwaVkcgeaVml3iO1zNIPh4kHw6ST8PqCCSv1OwSz/F6BsnHg+TDQfJpWB2B5JWaXeI5Xs94H9A333yzef7555vDhw+r7ZTCS/JvvfVW85WvfEWt2Tc8JL+zs9O8+OKLzTXXXKPWDJG6h5C8MUjeB8/xesZb8r/97W+bT37yk82ll16qtlMKL8n//e9/b77whS+oNfuGh+RfeeWV5pFHHsl62S11DyF5Y5C8D4cOHRr1q28cO3as2b9/vzqmEKnjveWWW5qrrrqq2bdvn9pOKWQMMhatD9Nwxx13NO973/vUmn1jcXFRHeM0yJx/6EMfat75zneqNUOk7qG2LqzzRsZiSbbkT58+PRK9N2tra+OK5SOTpU1iiPn5+ebkyZNqX6dlaWlJrdk3ZBza+PaSO165vVJrby8iI+35vpE63jZoY04t461xD6U6Qj4jn9XaCNGa5IeQHMl7/ZyXyMJrNfuGjCMlueOVn90pyVnfGkkdbxtpY04t461xD6U6wvtPnLtB8sokhkDycZB8WZD85CD5eJC8MokhkHwcJF8WJD85SD4eJK9MYggkHwfJlwXJTw6SjwfJK5MYAsnHQfJlQfKTg+TjQfLKJIZA8nGQfFmQ/OQg+XiQvDKJIZB8HCRfFiQ/OUg+HiSvTGIIJB8HyZcFyU8Oko8HySuTGALJx0HyZUHyk4Pk45lJyZ87d6759re/3XzgAx9QJzGEl+Qfe+yx5tZbb1Vr9o0UyT/77LPN3XffrT4fI3ZAz58/P7rQ7K677lKf7xs1SF7+Mfef/OQnzY033qj2sSQ1SF4uTDt79mxz++23q8+HGIzk5V+ol4mysrW1NW6hbKRdrZ7G9773vdF9Fzn3oOT8a/4p3HTTTc3FF1+s1uwb8sq4NsYLkcu65K4S7fkYy8vLapsX8uSTTzY33HCD+nzfkPF4xHJm5EuIyOXgwYNqH0si9VKTK/nYHnrqqaeaBx54oLn++uvV50MMRvLeP5OskXa1ejHk7giZ6Bg5d0zkIBdkafVrR/6jOTc3p44JpqO2M+ONZbynTp1S96NGzg2XOUgtJO+Q3A0rlwTJZMeQz2nPl0Zu49Pq187GxsZI9NqYYDqQ/OTIn161/aghv8C1eqVB8pVtWBlHSnLHa8W6gLUkd8NCHCRfJm2NF8lXtoBIvkyQvB99l56Vvo8XyVe2gEi+TJC8H32XnpW+jxfJV7aASL5MkLwffZeelb6PF8lXtoBIvkyQvB99l56Vvo8XyVe2gEi+TJC8H32XnpW+jxfJV7aASL5MkLwffZeelb6PF8lXtoBIvkyQvB99l56Vvo935iUvLyTI4FKRDqYkdwGH8DKU3CviEWlXq6fBy1B+1HZmvOn7eGde8vJqsQwslRMnTowrhpO7gEO41mB9fX08C2Uj7Wr1NLjWwI/azow3fR+v9GmmJW8ldUC1btg2kLF7ZJbntM/M2pmpbbyDkfzp06dHok9F/tyR82247xtWbmTU5kNjaWlJbSNGnyW/uLiozoVG7h5KrSFrpT0fQ9ZNa28vuetrJfXMyE2yWj9DyFxqNbvE2xGp67uLXJomd+rEUr3krfEeUK2StwhYNojWRow+S96yYWvdQ7JuKcldXytWCVgibWs1u6SW9bUGyY/xXkBvLAJG8uEg+TSsErBE2tZqdkkt62sNkh/jvYDeWASM5MNB8mlYJWCJtK3V7JJa1tcaJD/GewG9sQgYyYeD5NOwSsASaVur2SW1rK81SH6M9wJ6YxEwkg8HyadhlYAl0rZWs0tqWV9rkPwY7wX0xiJgJB8Okk/DKgFLpG2tZpfUsr7WIPkx3gvojUXASD4cJJ+GVQKWSNtazS6pZX2tQfJjvBfQG4uAkXw4SD4NqwQskba1ml1Sy/paMyjJy2Aeeuih5oorrlA7HcJ7Ab1JFfCjjz7a3HLLLWobMVJrWNPGnKaub817KEUC//znP5svfvGL6vOlsUrAEmlbq9klNaxvTqqXvOWN13vvvbe5+eabm0suuUTtdAjvBfQm9Y1XEfzll1+uthGjz5JPfRu15j2U8kakCF76rz1fGqsELJG2tZpd4r2+sn4eqV7yMnCtA6XxXsDakIu+ZMwWzpw5M56FssmdUxG31s+9tPWKvNRKiczj3j5OQm4LlcvktHpdI/3zysrKytvmohS5cyrPpsSyvheytrY2bqFsRL5yuZpWM4SsgSVIvjJSx9tGvL/51LaHLMn9FtYGNe0hS9r6ZjtrQfKVgeTLg+T7ESTvEyRfGUi+PEi+H0HyPkHylYHky4Pk+xEk7xMkXxlIvjxIvh9B8j5B8pWB5MuD5PsRJO8TJF8ZSL48SL4fQfI+QfKVgeTLg+T7ESTvEyRfGUi+PEi+H0HyPkHylYHky4Pk68/29nbzzDPPjN741sYUAsmHg+QrA8mXR16XFymXZGNjI0tIbZC6h0Ss2ti6QAT/9a9/vTlw4IA6phAe63sh586dG89Y2ezs7DRbW1tqzRAibUuQfGUg+fLIfSjyrbskIvi5uTm1Xtek7qH19XV1bF0g8ymC37dvnzqmEB7reyGnTp0az1jZiOCPHDmi1gwh991Y0rrkl5eXR/JIJfXyLZkw7fkQR48eVftYEq/xtpGcORU2NzfHLYQjn9Oen8Tq6mqzsLCgznOXyE2jWn+7InUPyWe18XSN5czI3GttlCT1S4s18q1cpK3VDGH9Iti65GVhaolMltbHktQ03r4n91B44yUB78je1MbTNZYz08avQSRvBMmT3CD5skHyaSB5I0ie5AbJlw2STwPJG0HyJDdIvmyQfBpI3giSJ7lB8mWD5NNA8kaQPMkNki8bJJ8GkjeC5ElukHzZIPk0kLyRWqR3/vz55mMf+5jax5Ig+XJB8mWD5NNA8kZqkJ4I/t///ndz5513qn0sCZIvFyRfNkg+DSRvRN4ylU6msrKyMq4Yjrzlpz2vId/gRfBXX3212seSWMebQ+objjKX2vOlWVtbG1csm1mTvBxOeYVdm+MQqWcGyaexuLiozvMkZM1k7WIZrOStpA6o1g3bBqmHQuZSe740tX3z8aa28fb9zNQmeSuyZrJ2sSD5MUg+zqxIPvebbSq5dxn1VfKWX7+7tHHzpkXy8qtR66dGG3dVCUjeSOqAkHw8Mpfa86Xxkp53cvdQXyWfkzb2kEXylrTlCCRvBMnHQfJlguTjQfJxkLwRJB8HyZcJko8HycdB8kaQfBwkXyZIPh4kHwfJG0HycZB8mSD5eJB8HCRvBMnHQfJlguTjQfJxkLwRJB8HyZcJko8HycdB8kaQfBwkXyZIPh4kHwfJG0HycZD89HnxxRdH1wFo44nhMd5XX321efzxx5srr7xSrRkCyetB8sYg+Xroq+Q3NzdHfbeytbU1biEceaNTe15DBH/zzTer44nhMd4HH3xwdL/S/v371Zoh5M1OrU2N9fX1Znt7e9zDeNrYQ8vLy2pfp0Xa1eqVZmFhoVldXVX7cCHyGfms1kaImZW8bFb5r6KFnANkRRZRq60xPz+vthFDNkxK5EoAre4kcjagkCq93D2UOt7a/qPW1pmxIOuc8q1zN5Y9lLufa0PGoY1PI/fMWJhZycu3EdmsFo4dO6bWLIn811qrrXHy5Em1jRip0pPF1upOQvqu1YuB5PUMQfKWPZS7n2tDxqGNTyP3zFiYWcnnpA0JpApJ4i09a6RdrV4Mb+kh+XJYJW9JjePNIXV9JblnxgKSNwTJh4Pk0/AerydIPk7q+kqQfAZIPg6S14Pk4yD5OKnrK0HyGSD5OEheD5KPg+TjpK6vBMlngOTjIHk9SD4Oko+Tur4SJJ8Bko+D5PUg+ThIPk7q+kqQfAZIPg6S14Pk4yD5OKnrK0HyGSD5OEheD5KPg+TjpK6vBMlnIC8sySZMQV5339nZGfcwnjYk0MbLUJYaFnJf7Eh9ecR7vG287Cb0WfLyD3NvbGyo8zctQ3kZCsk7I1cPyLeNFI4cOZJ8r4mkDcm3ca2BpYaF3Fe0U18D9x5vG9dWCH2W/Nzc3Ej02vxNy1CuNUDyFSEbS75BpKYNycPw6bPkIQ6Srwgk3z8WFxdHeykF+fnv/e1Q2pc6Wv1JnD59eryjwpHPajVjHD9+/G01NWQutee7JnVOc9c3dQ/JPGrPx5BnU4PknUHy/cOyYWVtZY21dkph3UOW5J4ZEUdKat3PqXOau76peyhXwEi+IpB8/0DycZB8GCQfDpJX2oH2QPJxkHwYJB8OklfagfZA8nGQfBgkHw6SV9qB9kDycZB8GCQfDpJX2oH2QPJxkHwYJB8OklfagfZA8nGQfBgkHw6SV9qB9kDycZB8GCQfDpJX2oH2SN2w//rXv5qnn366ufrqq9V2SuEleblu4/Of/7xaM8YsSH6a9a1F8q+99lrz8MMPq22UBMkj+V6R+rbil770pebTn/50c9lll6ntlCLnjdcURPA33nijWjPGLLzxOs36er/xurS0pLa3FxnjHXfcobZRkuolf/To0VEnY8ilSdrzIaySX1lZUWt3RRuHVGpotTVkrbQ2YqTWyB1v6h6ykjteC7KvtdoacotmziVrlhqetLG+3jVyPCRrJmuntXchuesrz1rSuuQ9f3p6/dRuK7lzakFqpMb75633HrImd7wWLAdU9rLsaa2dEFYJeKWN9fWu4emhttYXyVeU3Dm1IDVSkyu91Bree8ia3PFaQPJxLOvrXQPJKx2IUcPk1prcObUgNVKTK73UGt57yJrc8VpA8nEs6+tdA8krHYhRw+TWmtw5tSA1UpMrvdQa3nvImtzxWkDycSzr610DySsdiFHD5Naa3Dm1IDVSkyu91Bree8ia3PFaQPJxLOvrXQPJKx2IUcPk1prcObUgNVKTK73UGt57yJrc8VpA8nEs6+tdA8krHYhRw+TWmtw5tSA1UpMrvdQa3nvImtzxWkDycSzr610DySsdiFHD5Naa3Dm1IDVSkyu91Bree8ia3PFaQPJxLOvrXQPJKx2IUcPk1prcObUgNVKTK73UGt57yJrc8VpA8nEs6+tdA8krHYhRw+TWmGeffba5++671XGVJFXAL730UnP//ferbcRIqSHrdO+996rPx/CQ/Kuvvto8+OCDar2SpB7Qc+fONT//+c+bq666Sm0nBJKPE6uxs7PT/PGPf2xuv/129fkQSN5R8vIK8sbGxmjyUpHDlBL5nPZ8Ke65557m4MGD6rhKIvdraPX3IoK/9tpr1TZipNR46KGHmptvvll9Psbq6qra5jQ8/vjjzZ133qnWK4m8yq7V34sI/hOf+ERz6aWXqu2E8JS8CEPrr4bsA61/MdqQfGwPvfDCC823vvWt5rrrrlOfD4HkHSU/Nzc3Er1MXCqnTp0aVwxHPqc9Xwq5mGnfvn3quEoil0Vp9fdy4MCB0XxqbcRIqXHFFVc0l1xyifp8jIWFBbXNabjyyiuz7hGxIjW0+nuRb/Ai+IsvvlhtJ4Sn5E+cOKH2V0P2gda/GG1IPraHrrnmmubyyy9v3vGOd6jPh5DnByH5zc3N0WJYkStXU5Ij+Rxkk6QkdzNZkYuTtHnby/Lysvp8aeQwyLcerQ8XIp+Rz2ptQLt4Sr6Ncyn7KTVtnEu5vXLvfg+xvr7ebG9vj3s4OdVL3juzKvnUBZTNpD1fGu9vJVAeJF+WVEdYg+SRfDBIHiaB5MuC5J2C5MNB8jAJJF8WJO8UJB8OkodJIPmyIHmnIPlwkDxMAsmXBck7BcmHg+RhEki+LEjeKUg+HCQPk0DyZUHyTkHy4SB5mASSLwuSdwqSDwfJwySQfFmQvFPakvzi4uKoVgz5nPZ8aaRWStqSvLyGL/et7J2Pvchn2rgWAOLI1R7aGmnINQUigdTIM1rNkshb33v7OYk2zqVF8mfOnFH7qZF7ZuRZS2Ze8rWRuoBtSR6GTeovtd3M4rm0SL6NczkYya+srIwG44l849EmMUTqN9tcZNwpsXxj2CVnvN5YvnXmfvNJrSHfILXnh0wbkvf+Nei9vm1IPvUvCkKqI3ZTreTbiEyYNuEhrIeipuSM1xvpU2q8/4Y5i7+O2pB8ao1a17cNyXv93V+C5JUJD4Hky5J6QCVIvjxIPg6S73E8N2yNyRmvN6kHVILky4Pk4yD5Hsdzw9aYnPF6k3pAJUi+PEg+DpLvcTw3bI3JGa83qQdUguTLg+TjIPkex3PD1pic8XqTekAlSL48SD4Oku9xPDdsjckZrzepB1SC5MuD5OMg+R7Hc8PWmJzxepN6QCVIvjxIPg6S72Heeuut5rXXXms++tGPqhMeoo+S39nZaV5++eXmtttuU8fUJakH9I033miee+655vDhw2o7IZD8ZFL3s/eZqXl9Z1bym5ubowH1kR/+8IfNww8/3Hz4wx9WJzzEwsJCs7q6qrZbKz/4wQ+ab3zjG811112njqlL5C1Erc97+f73vz8aw4EDB9R2QiD5yaTuZzkz3/3ud93OzDTrm7qHlpeX1edjzKzkpVNaZ6Fu5ufnR9+sUpDDqbURI7WGfE57vjRIHqYByUOvOHny5Oincwry7UtrI0ZqDfmc9nxpkDxMA5KHXlHThm1rDyF5mIaazkxOkPyMUdOGbWsPIXmYhprOTE6Q/IxR04Ztaw8heZiGms5MTpD8jFHThm1rDyF5mIaazkxOkPyMUdOGbWsPIXmYhprOTE6Q/IxR04Ztaw8heZiGms5MTpD8jFHThm1rDyF5mIaazkxOkPyMUdOGbWsPIXmYhprOTE6Q/IyRuplef/315tFHH1XbiJFao609lCL5//znP80TTzyhPg+zTU1nJidIfsZI3UyPPPJI9l03qTXa2kMpkv/lL3/ZfOpTn1Kfh9mmpjOTEyQ/YywuLo6kF+ODH/xgc8kll6htxKhN8ocOHVLHeCE33XRTc80116jPw2zTxplJrSGsrKyMT1BasiV/+vTp0SGFbjh+/Li6WUojl4jJHTNaHyYheyMl1j0k/WjrUjMLS0tLan/bRkSh9a80tYxXkL5ofYwh50drby85c5p6ZnL3s4jekmzJk27T1v9JKLdFymViNUT6If3R+tklcmBriBx+rX+lqWW8EumL1scYcn5SkjOnqWcmdz8j+RkJkq8HJN9dkHw8SL6nQfL1gOS7C5KPB8n3NEi+HpB8d0Hy8SD5ngbJ1wOS7y5IPh4k39Mg+XpA8t0FyceD5HsaJF8PSL67IPl4kHxPg+TrAcl3FyQfD5LvaZB8PSD57oLk48mWPG+8+rC2tjae4XCQfD3IuqUk98xsbm6OWwinNsl7j1cin9f6GAPJJyR3ciFM6gIi+XqQs5CSGoWUQy3jldQ4p0gegqQu4Pr6+miDeHPkyJFma2trXLXbSD+kP1o/S7CwsKCuSYxapIfk00HyCcmdXAiTuoDb29ujTeKNiHVnZ2dctdtIP6Q/Wj9LsLq6qq5JjFqkh+TTQfIJyZ1cCGNdQFIucvC1NYlRi/SQfDpIPiG5kwthkHx3QfJp1DJeSY1ziuQhCJLvLkg+jVrGK6lxTpE8BEHy3QXJp1HLeCU1zimShyBIvrsg+TRqGa+kxjlF8hAEyXcXJJ9GLeOV1DinSB6CIPnuguTTqGW8khrnFMlDECTfTeS9g8cff1xdkxgp0nvzzTeb++67T30+BpKfHCQfD5KvjNQFbOtlqBzOnTs37mU48jnt+Rgy9pTI5tae19jY2Mje0/Kv7mttXsjzzz/ffPazn1Wfj4HkJ6dGyR86dGi0n7R9cCHyGfms1kYIJN9zUhewrWsNcjh16tS4l+HI57TnY8jYU3LixAn1eQ05bO9+97vVNYkxPz+vtnkhhw8fbt71rnepz8dA8pNTo+Tn5uZG+0nbBxcin5HPam2EqF7yy8vLowkeOvKKfM5dKKkLKDW052ugFgm0JT1vahtv6vrKbZK758GC5a4k7z105syZt/UvhPhNqxfj+PHjansa0idLWpe8dHIWIj/H5L/W2hyEQPJxUvcQkvchdX3bSG0eyj2XnnOK5J2C5OPx3kNI3gdPIVlTm4dyz6XnnCJ5pyD5eLz3EJL3wVNI1tTmodxz6TmnSN4pSD4e7z2E5H3wFJI1tXko91x6zimSdwqSj8d7DyF5HzyFZE1tHso9l55ziuSdguTj8d5DSN4HTyFZU5uHcs+l55wieacg+Xi89xCS98FTSNbU5qHcc+k5p0jeKUg+Hu89hOR98BSSNbV5KPdces4pkncKko/Hew8heR88hWRNbR7KPZeec4rknYLkw3n00UebW265RX0+RmwPnT9/fnS/zZ133qk+3zdSz8ysSf6JJ55obrvtNrWPMbw8lHsuZ1Lya2troxq1IfetpFzANcuSX1paUufuQkTwl19+ufp8DHkFXGtzl69+9avNl7/85eb973+/+nzfiI13l8XFRfX50qSsbxuI4A8ePKj2MQaST4h0SutsjNTJrfWntohbBB5LrZIXEUiN0hw7dqzZv3+/WjOEXNKktaeRW8OCtC91tPrT0paEIQ6STwiSD6dWyXttJu/xSnJrWEhd35zknhkoD5JPCJIPB8mngeShC5B8QpB8OEg+DSQPXYDkE4Lkw0HyaSB56AIknxAkHw6STwPJQxcg+YQg+XCQfBpIHroAyScEyYeD5NNA8tAFSD4hSD4cJJ8GkocuQPIJQfLhIPk0kDx0AZJPCJIPp1bJW/5VeGF9fX10D0wsueM9evSoWldjdXW1WVhYUNsphbQvdbT60yJzr9WE9pH1SMmZM2feto4hlpeX1XoxLOdS+mQJkjfSd8lb8R4vQBf02UOpjtgNkjeC5PUgeegTSD4hSD4cb8lvbW2N5tKC/GlEqxkidbzyJx35045WdxK5f76Qn8Rae9OS+1PbguXPU1Zy1tf656k2arSBnJ+U5Hgodby5f35E8s7UIvmc5Mxp6nhz4r2HrJF2tXol6fv61raHvOM53rYcgeSN1LaAltR2QJF82bSxvrXtIe94jrctRyB5I7UtoCW1HVAkXzZtrG9te8g7nuNtyxFI3khtC2hJbQcUyZdNG+tb2x7yjud423IEkjdS2wJaUtsBRfJl08b61raHvOM53rYcgeSN1LaAltR2QJF82bSxvrXtIe94jrctRyB5I7UtoCW1HVAkXzZtrG9te8g7nuNtyxFI3khtC2hJTQf0v//9b3PfffepNWN4SH5nZ6d56qmn1Hol6fv61rSHPHP+/PnmjTfeaO666y51TCFqcwSSN1LbAlpS0wH9/e9/33zmM59Ra8bwkPzZs2ebBx54QK1Xkr6vb017yDMi+N/85jfNRz7yEXVMIWpzBJI3UtsCWuJ5QGUjnThxYlQjhaWlpea9732vWjOGvHWptTkNt99+e3P99der9UoitVJjndNDhw6pNUOkru9upI7WTghrDa/IxV5752wS8g1eBH/FFVeoYwqxf//+5tixY2q7FyKfkc9qbYSQZy1B8kb6LPm1tbXRulk4depUc+7cuXELk5M73lnDsr5tzKlVwDnn0lrDK+IerX99A8k7k7phcw+op+Q904aQhgCS7y5I3hgkH07uAUXywwbJdxckbwySDyf3gCL5YYPkuwuSNwbJh5N7QJH8sEHy3QXJG4Pkw8k9oEh+2CD57oLkjUHy4eQeUCQ/bJB8d0HyxiD5cHIPKJIfNki+uyB5Y5B8OLkHFMkPGyTfXZC8MUg+nNwDiuSHDZLvLkjeGCQfTu4BRfLDJnV9X3rppeb+++9vDhw4oLZTitT9LP9Q+49//OPmxhtvVNsJgeTLguSdqUXy8q/Ny1x6s76+PjrgsSD5NOTeHW2e9yKCv/baa5u5uTm1nVIsLCw0q6urah8u5LHHHhvtzYMHD6rthEit4c3y8rLav74xGMnLxUwijdo4cuTISLCxeEte5lF7vjQyBs//qMkFTbtzG0Mu4MqRnqWGJ/Pz82r/YogktfamRdrV6s0CfZ7TwUheOibiqA0RvNw9Hot8VhZdm4MQsyZ5uYlvd25jbGxsZN20aKnhycmTJ9X+xZBvwVp70yLtavVmgT7P6WAk3/fIgiP5OJYN20YNz9R2ZtraQzXS5zlF8pUEyaeB5OP0WUi10uc5RfKVBMmngeTj9FlItdLnOUXylQTJp4Hk4/RZSLXS5zlF8pUEyaeB5OP0WUi10uc5RfKVBMmngeTj9FlItdLnOUXylQTJp4Hk4/RZSLXS5zlF8pUEyaeB5OP0WUi10uc5rV7yXi8h1Ebuizu1SV7GIGPRxnghbbyo5D2nlsgLcfJinNbPSbT1MpQc6pQg+fJB8v8Pr9eJa0NklPMKfm2SlzHIWLQxXkjueNu41sBD8iJ4ueJC6+ck2rrWQK4ESQmSLx8kD1Fqk/wQ8JC8fGMWoWr1uoY9FAfJJwTJ++B9QJeWlkZrl8Lx48fVNmKk1pDPac+XBsnraUvy8gtG/lSl7YFpyd1DtUneci7X1tbG1dKC5CvD+4DKuqXGu0ZbewjJ62lL8jJPMl8eyd1DtUneci6tQfKVgeTLg+T1IPnyQfIQBcmXB8nrQfLlg+QhCpIvD5LXg+TLB8lDFCRfHiSvB8mXD5KHKEi+PEheD5IvHyQPUZB8eZC8HiRfPkgeoiD58iB5PUi+fJA8REHy5UHyepB8+SB5iILky4Pk9SD58hmU5OXVWtlMUJaVlZXxDIdz5swZ9fkYlleivWu0tYdS59QSOThyEZhWr2u895AVmSeZL4/k7iEZu0faOJfWZEueEEJI/UHyhBAy4CB5QggZcJA8IYQMOEieEEIGHCRPCCEDDpInhJABB8kTQsiAg+QJIWTAQfKEEDLgIHlCCBlw/r/kX3jhhea5555rnnnmmeZXv/pV8/TTTwMAQA8Rh4vLxeni9rNnzzYX/e53vxtdrvOLX/yi+dnPftb89Kc/BQCAHiIOF5eL08Xtf/7zn5uLXn755eb5559vNjY2ml//+tej/xEAAPqHOFxcLk4Xt7/66qvN/wHrIhz8YSu7CgAAAABJRU5ErkJggg==
以上形式，其中我把等号后面的垃圾数据去除了（看着就没用），然后一看就是base64编码，搜索base64转图片，得到二维码，扫一扫得到flag

PWN

1、 sandbox
检查文件

pwn checksec sandbox

题目为64位elf文件，开启NX和Canary保护。
将文件导入ida中，发现box（）函数

__int64 box()
{
  char buf[40]; // [rsp+0h] [rbp-30h] BYREF
  unsigned __int64 v2; // [rsp+28h] [rbp-8h]

  v2 = __readfsqword(0x28u);
  puts("Please input your command");
  puts("No sh,no cat,no flag.");
  system("ls");
  read(0, buf, 0x20uLL);
  if ( strchr(buf, 115) || strchr(buf, 104) || strstr(buf, "cat") || strstr(buf, "flag") || strchr(buf, 45) )
  {
    puts("Illegal command.");
    exit(0);
  }
  system(buf);
  return 0LL;
}

box() 函数中有一个read() 函数，可以读取0x20 个字节数据到buf ，这里分析出需要用户输入数据。

if语句中strchr() 函数对用户的输入进行了检查，不允许字符s、h、cat、flag、- 输入。

box() 函数最后执行system() 函数，需要绕过sh、cat flag 等命令获取终端执行权限。
利用system("$0") 获取终端执行权限；输入$0 传给程序拿到权限；(system($0) 是在一个编程语言中调用系统命令的方式)