SWPU-Misc

少年的ctf奇遇

考点：LSB隐写、图片宽高修改

题目描述：你说了图片里的一句话，老婆露出了这个表情。

LSB隐写原理

LSB即为最低有效位，图片中的图像像素一般是由RGB三原色（红绿蓝）组成

每一种颜色占用8位，取值范围为0x00~0xFF，即有256种颜色，一共包含了256的3次方的颜色

而人的眼睛能够区分的颜色是有限的，LSB隐写就是修改RGB颜色分量的最低二进制位也就是最低有效位

StegSolve

这里使用的是StegSolve工具，载入图片选用数据提取分析

得到部分flag：NSSCTF{lao_po

宽高调整

这里使用随波逐流工具

可以看到高度和编码里的不一致，需要调整

打开winhex弱者010editor都行，我这里用的是winhex

如图修改高度为01B7，也就是439

保存之后再打开图片

后半段：_s0_cute!}

一段有规律的声音

答案格式为一串能连成话的简单英语主谓宾句子请所有字母全部大写,空格用_代替后包裹NSSCTF{}(提示：不止一种解法)

一个音频里全是重复性的两种声音，不难想象到是摩斯密码的长短性

・・・—・・— — —・・・—・—・— — — — — ・・—

提示说能组成一句简单的英语主谓宾句子

经过尝试得到明文

・・/・—・・/— — —/・・・—/・/—・— — /— — —/ ・・—/
I LOVE YOU

ez-QR

从题目来看是一道二维码的题目

给的附件是一个GIF动图，会循环展示这个二维码的每个部分

在线GIF图片帧拆分工具 – UU在线工具 (uutool.cn)

将其拆分得到九个部分

弄一个画布进去拼接就好了，根据边角的空隙来判断

在线画图软件_免费画图工具 – Canva可画

flag：NSSCTF{123fgh789okm}

怎么全是01，我flag呢

我flag呢？我不到啊，滴滴答滴哒哒哒（提示：想想文件的本质是什么）

111111111111000011100111111111111100000111111001111111111111100000000011000000111001100001110011000110011001100000000011100000000011000000111001100001110011000110011001100000000011100111111011001100000110000111000011111000000001101111110011100111111011001100000110000111000011111000000001101111110011100111111011000011111000011001111100110111111001101111110011100111111011000011111000011001111100110111111001101111110011100111111011001100111000011001001111111111111001101111110011100111111011001100111000011001001111111111111001101111110011100000000011001100100001111001111111000000000001100000000011111111111111001100100110011001001100110110011001111111111111111111111111001100100110011001001100110110011001111111111111000000000000000011000111100000111100001000000000000000000000000000000000000011000111100000111100001000000000000000000000011000011011001100011000000110110011001110011110011100110000011000011011001100011000000110110011001110011110011100110000011000011100001111011111100111001100110001100110010000110000011000011100001111011111100111001100110001100110010000110000111000011011110000011111100000110000000111100000000000110000100001100000000000000001100110111100111111100110010000000000100001100000000000000001100110111100111111100110010000000000000001100111001100111001100111001111111110000001111111110011000001100111001100111001100111001111111110000001111111110011011001100000111100111110011000000011000001111110000000110011011001100000111100111110011000000011000001111110000000110011100000011111001100011110000000110011000001100000001100111100100000011111001100011110000000110011000001100000001100111100111000000000110011100111111001000011111110000110011111000011111000000000110011100111111001000011111110000110011111000011100000011111001111100000000000111100001110000111111111000000111110000100110000111000011111001100110001111000010000110000111110000100110000111000011111001100110001111000010000110000000111100011110000111000000111110000001001100000010000110000000111100011110000111000000111110000001001100000010000110000111001111000110000000001111001001100111000011110001100001100111001111000110000000001111001001100111000011110001100001100011000011011110011111110011110000011001110011001101100111111011000011011110011111110011110000011001110011001101100111111111001111000001111100001111110111111110111100110010000111111000111111111111100011110000001001100110111111110010000111100000111111111111100011110000001001100110111111110010000111100000110011100001100111111111000110000001111100110001111000000000110011100001100111111111000110000001111100110001111000000111110011111110011011001100000001111111000011111111111001100111110011111110011011001100000001111111000011111111111001100000000000000001111000001111001110000001110011000001100110000000000000000001111000001111001110000001110011000001100110000111111111111000011011000011111110000001000011001101100110000111111111111000011011000011111110000001000011001101100110000100000000011000000000000011000001111111000011000001100001100100111111011001100111000000110000011110000011111111111111111100111111011001100111000000110000011110000011111111111111111100111111011000011100111111110111111000001111111100000111100100111111011000011100111111110111111000001111111100000111100100111111011000011111111111111000011001001100111101111110000100111111011000011111111111111000011001001100111101111110000100000000011001100100000011111000011111001111000011100000000100000000011001100100000011111000011111001111000011100000000111111111111000000000111100001000000111111111000010000000011111111111111000000000111100001000000111111111000010000000011

因为只有01，并且要改变文件格式，这里还是考虑转换成二维码的形式

字符串的长度总共是3600，可以将宽高设置为60×60

from PIL import Image

WIDTH = 60
HEIGHT = 60   
pic = Image.new("RGB", (WIDTH, HEIGHT))
str = "111111111111000011100111111111111100000111111001111111111111100000000011000000111001100001110011000110011001100000000011100000000011000000111001100001110011000110011001100000000011100111111011001100000110000111000011111000000001101111110011100111111011001100000110000111000011111000000001101111110011100111111011000011111000011001111100110111111001101111110011100111111011000011111000011001111100110111111001101111110011100111111011001100111000011001001111111111111001101111110011100111111011001100111000011001001111111111111001101111110011100000000011001100100001111001111111000000000001100000000011111111111111001100100110011001001100110110011001111111111111111111111111001100100110011001001100110110011001111111111111000000000000000011000111100000111100001000000000000000000000000000000000000011000111100000111100001000000000000000000000011000011011001100011000000110110011001110011110011100110000011000011011001100011000000110110011001110011110011100110000011000011100001111011111100111001100110001100110010000110000011000011100001111011111100111001100110001100110010000110000111000011011110000011111100000110000000111100000000000110000100001100000000000000001100110111100111111100110010000000000100001100000000000000001100110111100111111100110010000000000000001100111001100111001100111001111111110000001111111110011000001100111001100111001100111001111111110000001111111110011011001100000111100111110011000000011000001111110000000110011011001100000111100111110011000000011000001111110000000110011100000011111001100011110000000110011000001100000001100111100100000011111001100011110000000110011000001100000001100111100111000000000110011100111111001000011111110000110011111000011111000000000110011100111111001000011111110000110011111000011100000011111001111100000000000111100001110000111111111000000111110000100110000111000011111001100110001111000010000110000111110000100110000111000011111001100110001111000010000110000000111100011110000111000000111110000001001100000010000110000000111100011110000111000000111110000001001100000010000110000111001111000110000000001111001001100111000011110001100001100111001111000110000000001111001001100111000011110001100001100011000011011110011111110011110000011001110011001101100111111011000011011110011111110011110000011001110011001101100111111111001111000001111100001111110111111110111100110010000111111000111111111111100011110000001001100110111111110010000111100000111111111111100011110000001001100110111111110010000111100000110011100001100111111111000110000001111100110001111000000000110011100001100111111111000110000001111100110001111000000111110011111110011011001100000001111111000011111111111001100111110011111110011011001100000001111111000011111111111001100000000000000001111000001111001110000001110011000001100110000000000000000001111000001111001110000001110011000001100110000111111111111000011011000011111110000001000011001101100110000111111111111000011011000011111110000001000011001101100110000100000000011000000000000011000001111111000011000001100001100100111111011001100111000000110000011110000011111111111111111100111111011001100111000000110000011110000011111111111111111100111111011000011100111111110111111000001111111100000111100100111111011000011100111111110111111000001111111100000111100100111111011000011111111111111000011001001100111101111110000100111111011000011111111111111000011001001100111101111110000100000000011001100100000011111000011111001111000011100000000100000000011001100100000011111000011111001111000011100000000111111111111000000000111100001000000111111111000010000000011111111111111000000000111100001000000111111111000010000000011"
i = 0

for y in range(0, HEIGHT):
    for x in range(0, WIDTH):
        if (str[i] == '1'):
            pic.putpixel((x, y), (0, 0, 0))
        else:
            pic.putpixel((x, y), (255, 255, 255))
        i += 1

pic.save("flag.png")

NSSCTF{a51f0b9fb5fd47ca14332fa1acab352e}

从千年真理部到游戏开发部day1

什么游戏叫base啊？我要玩游戏o(╥﹏╥)o，怎么玩游戏还要了解base编码，好难啊，苦呀西~

看似是Base64加密，解密出来就是一段歌词，没有密码的痕迹

搜索的到Base64编码也有隐写

[MISC]Base64隐写-CSDN博客

# base64隐写
import base64


def get_diff(s1, s2):
    base64chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
    res = 0
    for i in range(len(s2)):
        if s1[i] != s2[i]:
            return abs(base64chars.index(s1[i]) - base64chars.index(s2[i]))
    return res


def b64_stego_decode():
    file = open("game.txt", "rb")
    x = ''  # x即bin_str
    lines = file.readlines()
    for line in lines:
        l = str(line, encoding="utf-8")
        stego = l.replace('\n', '')
        # print(stego)
        realtext = base64.b64decode(l)
        # print(realtext)
        realtext = str(base64.b64encode(realtext), encoding="utf-8")
        # print(realtext)
        diff = get_diff(stego, realtext)  # diff为隐写字串与实际字串的二进制差值
        n = stego.count('=')
        if diff:
            x += bin(diff)[2:].zfill(n * 2)
        else:
            x += '0' * n * 2

    i = 0
    flag = ''
    while i < len(x):
        if int(x[i:i + 8], 2):
            flag += chr(int(x[i:i + 8], 2))
        i += 8
    print(flag)


if __name__ == '__main__':
    b64_stego_decode()

#game,G@mee

使用密码：game,G@mee

比较明显的图片特征，拿到赛博厨师里面

NSSCTF{The_god_of_the_game_field}