CTF 御林 欢迎来到御林安全!

1.SIGN_IN

signin

直接输入即可

2.JOIN_QQ_GRP

加入QQ群,得到flag
join_qq

3.Wow_You_Know_how_to_L44t

通过下载附件,得到代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
def leet_flag(flag: str, token: str, salt: str) -> str:
    uid = int(hashlib.sha256((token+salt).encode()).hexdigest(), 16)
    rcont = flag[len('flag{'):-len('}')]
    rdlis=[]

    for i in range(len(rcont)):
        if rcont[i] in string.ascii_letters:
            rdlis.append(i)

    rdseed=(uid+233)*114547%123457
    for it in range(4):
        if not rdlis:  # no any leetable chars
            return flag

        np = rdseed%len(rdlis)
        npp = rdlis[np]
        rdseed = (rdseed+233)*114547%123457
        del rdlis[np]
        px = rcont[npp]
        rcont = rcont[:npp] + (px.upper() if px in string.ascii_lowercase else px.lower()) + rcont[npp+1:]

    return 'flag{'+rcont+'}'

稍微读一下代码,然后进行一些小小的补全

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
import hashlib
import string


def leet_flag(flag: str, token: str, salt: str) -> str:
    uid = int(hashlib.sha256((token+salt).encode()).hexdigest(), 16)
    rcont = flag[len('flag{'):-len('}')]
    rdlis=[]

    for i in range(len(rcont)):
        if rcont[i] in string.ascii_letters:
            rdlis.append(i)

    rdseed=(uid+233)*114547%123457
    for it in range(4):
        if not rdlis:  # no any leetable chars
            return flag

        np = rdseed%len(rdlis)
        npp = rdlis[np]
        rdseed = (rdseed+233)*114547%123457
        del rdlis[np]
        px = rcont[npp]
        rcont = rcont[:npp] + (px.upper() if px in string.ascii_lowercase else px.lower()) + rcont[npp+1:]

    return 'flag{'+rcont+'}'

token = "这段是要保密的,可以自己去复制个人token"
salt = "salt"
flag = "flag{Wow_You_Know_how_to_L44t}" # 这个是直接复制的题目标题

ans = leet_flag(flag, token, salt)
print(ans)
  • 注:个人token可以在提交入口下方复制

token

然后把flag换成YulinSec,就是flag
这个题的代码,我推测是用来把一串正常的英文变成一串奇形怪状的字符的