ISCC复现

黑暗森林

通常bmp文件word bfreserved1和2值为0

400.PNG

但是这题给的图值存在

401.PNG

所以应该是需要根据这个bfReserved1 的值 找到值为1的图读取内容放在第一位

值为2的图读取内容放在第二位以此类推

跑脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
import os
import pyzbar.pyzbar as pyzbar
from PIL import  Image
from tqdm import tqdm
import base64

dir = os.listdir('./universe')
lists = ['']*100
for i in dir:
    file = f'./universe/{i}'
    img = Image.open(file)
    texts = pyzbar.decode(img)
    for text in texts:
        place = open(file,'rb').read()[6]
        lists[place-1] = text[0].decode()
out = ''.join(lists)
f = open('flag','wb').write(base64.b64decode(out.encode()))

生成文件

402.PNG

是个rar压缩包 文件有问题

broadcast.png 是apng格式的文件用网站分离一下

得到这样的

403.PNG

每张图都有数字应该是要把rar中对应字节的数据删除

1
2
3
4
5
6
7
8
9
10
11
12
13
14
table = [21,42,47,50,53,71,72,73,88,113,118,125,128,148,150,158,161,162,166,167,176,190,194,206,223,236,239,266,269,270,274,289,290,302,305,308,316,318,326,328,329,360,375,392,395,414,425,443,450,463,469,471,477,487,494,498,514,519,522,523,527,531,540,555,561,574,589,627,629,636,637,654,668,673,689,690,704,736,751,752,753,763,765,769,774,780,801,814,817,858,870,899,915,928,934,948,951,964,967,982]

f1 = open('flag.rar','rb').read()
f2 = open('outflag.rar','wb+')

tmp = f1[:1000] #数字最多982直接读取前1000
tmp = list(tmp)
tmp_list = []
for j in range(1000):
    if(j not in table):#将索引不在表中的弄掉
        tmp_list.append(tmp[j])
f2.write(bytearray(tmp_list))
f2.write(f1[1000:])

得到压缩包密码提示

404.PNG

bing搜一下

405.PNG

弱雪

从题目雪应该是有snow隐写但每个文档都没有snow隐写的感觉

看每个文件的时间不太对劲

406.PNG

407.PNG

408.PNG

没有时间为40的文件

410.PNG

411.PNG

写脚本大于40的作为0小于的作为1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
import os

ss=''
path = './Misc-2022.05.05/'
n = 1936
for i in range(n):
    file = f'{path}{i}.txt'
    #print(file)
    time = os.path.getmtime(file)
    #time = os.path.getmtime(f'./Misc-2022.05.05/{i}')
    if time <1651438000:
        ss +='0'
    else:
        ss +='1'
print(ss)
print(len(ss))

412.PNG

解压缩得到

413.PNG

snow 隐写

1
2
3
4
5
6
7
8
9
10
11
12
13
import os
 
with open("C:/Users/zazazazaz/Downloads/isccfuxian/1/password.txt", 'r') as f:
    for passwd in f:
        try:
            with os.popen(f'C:/Users/zazazazaz/Downloads/isccfuxian/1/snow -C -p "{passwd.strip()}" "C:/Users/zazazazaz/Downloads/isccfuxian/1/snow.txt"') as aaa:
                rst = aaa.read()
                if rst.find("ISCC") >= 0 or rst.find("iscc") >= 0 or rst.find("flag") >= 0:
                    print(rst)
                    print(passwd)
        except Exception as e:
            ...