2024年国庆假期《黑神话·悟空》争夺赛 WP

本文链接：https://blog.youkuaiyun.com/Red_guest/article/details/142757293

2024年国庆假期《黑神话悟空》争夺赛 WP

根据自解及官方WP优化后的wp

Misc

1z_recover 💯（outguess解密）

重新下载附件吧 ———作者：时针

拿到手压缩包解压后得到一张图片：生瓜蛋子.png

生瓜蛋子

你这瓜保熟吗()

甩进010看末尾发现KP字样

请添加图片描述
上脚本，逆序还原

import os

def reverse_file_hex_and_save(input_file_path, output_file_path):
    """
    从文件尾部开始读取内容，以十六进制形式逐字节反转，并将结果写入新文件。
    :param input_file_path: 输入文件路径
    :param output_file_path: 输出文件路径
    """
    with open(input_file_path, 'rb') as input_file, open(output_file_path, 'wb') as output_file:
        # 获取文件大小
        file_size = os.path.getsize(input_file_path)
        byte_list = []
        
        for position in range(file_size - 1, -1, -1):  # 从文件尾部开始反向遍历
            # 移动文件指针到当前位置
            input_file.seek(position)
            # 读取单个字节并直接追加到列表，这里不进行十六进制转换，因为最终目标是保持原样写入新文件
            byte_list.append(input_file.read(1))
        
        # 将收集的字节序列写入新文件
        output_file.write(b''.join(byte_list))

# 示例用法
input_file_path = '生瓜蛋子.png'  # 请替换为你的输入文件路径
output_file_path = 'flag.zip'  # 输出文件的路径和名称
reverse_file_hex_and_save(input_file_path, output_file_path)
print(f"Reversed content has been saved to {output_file_path}")

脚本运行后需要密码，根据题目提示拿到密码解压：you_are_so_clever

请添加图片描述
根据里面txt文本提示：奇怪，这不是压缩包吗…怎么这么多11，等等，似乎是某种运算…

猜想此层压缩包是关于11的异或运算。上脚本：

def xor_file(input_filename, output_filename, xor_key):
    # 打开输入文件，以二进制模式读取
    with open(input_filename, 'rb') as infile:
        # 打开输出文件，以二进制模式写入
        with open(output_filename, 'wb') as outfile:
            # 逐字节处理输入文件内容
            for byte in infile.read():
                # 将每个字节转换为整数后执行异或运算
                xor_byte = byte ^ xor_key
                # 将异或后的整数结果转换回字节并写入到输出文件
                outfile.write(xor_byte.to_bytes(1, byteorder='big'))

# 使用一个特定的密钥，如0x5A
xor_key = 0x11

# 替换这里的文件路径为实际的输入和输出文件路径
input_filepath = 'flag.zip'
output_filepath = 'flag2.zip'

# 调用函数处理文件
xor_file(input_filepath, output_filepath, xor_key)

解压成功后得到图片：flag.jpg

在这里插入图片描述

甩进010看见末尾有一串base64编码：OTUyNw==

在这里插入图片描述
base64解码后得到：9527（某种密钥）

常用的几种方法无果后尝试outguess解密：

在这里插入图片描述
解密后的txt文件得到flag：

flag{C0n9ratu1ati0ns!_you_are_so_cool}

诗词 💯（时间戳隐写）

你真的会读古诗嘛？ ————作者：时针

在这里插入图片描述

拿到手后word隐写：文件 👉 选项 👉 显示 👉 隐藏文字

在这里插入图片描述

打开后看到：世界是一个巨大的压缩包

修改word文件后缀为zip，在里面把这个诗词的照片提取出来（binwalk梭哈也行）

在这里插入图片描述

图片甩进010看见末尾很多压缩包，binwalk/foremost梭哈

看见众多文件的时间有问题，一眼时间戳隐写，上脚本

在这里插入图片描述

import os
import time

origin_time = 2147483000

for i in range(0,29):
	filename = "D:\\Software_Data\\VMware_Machine\\kali_sharefiles\\output\\zip\\00000718\\{0}.txt".format(i)
	file_attr = os.stat(filename)	#读取文件属性
	create_time = int(file_attr.st_mtime)	#获取创建时间
	# create_time = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(create_time))#转为标准格式

	key = str(create_time - origin_time)
	
	# print(key, end = " ")
	print(chr(int(key)),end = "")

# ekag{/g!Y/u_3qe_Sime_M3sseq!}
# flbh|0h"Z0v`4rf`Tjnf`N4ttfr"~

注意！！！！！这里因为出题人（时钟）的问题，固定的时间戳有两个，分别是2147483000 和 2147483001，运行后得出的答案会有两个！！！

flbh|0h"Z0v`4rf`Tjnf`N4ttfr"~
ekag{/g!Y/u_3qe_Sime_M3sseq!}

然后，，，，，，，，，纯靠脑洞拼接吧（最后的master纯靠脑洞补全）

flag{0h!Y0u_4re_Time_M4ster!}

longpy 💯（Stegosaurus隐写）

作者没有给出明确的提示 ——作者：huihuilikaile

在这里插入图片描述
爆破宽高得到关键线索pyc

在这里插入图片描述
甩进010看图片末尾标志，提取出剩下的十六进制文件，另存为flag.pyc

在这里插入图片描述
甩kali上反编译：

在这里插入图片描述
得到的反编译文件打开看看：

import base64, string

def base64_encode(input_str):
    base64_chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
    padding_char = "="
    result = ""
    padding_count = 0
    input_bytes = input_str.encode()
    for i in range(0, len(input_bytes), 3):
        three_bytes = input_bytes[i:i + 3]
        chunk_length = len(three_bytes)
        if chunk_length < 3:
            padding_count = 3 - chunk_length
            three_bytes += b'\x00' * padding_count
        four_chunks = [b >> 2 * i & 63 for i in range(0, 4) for b in iter(three_bytes)]
        for chunk in four_chunks:
            result += base64_chars[chunk]

    if padding_count > 0:
        result = result[:-padding_count]
        result += padding_char * padding_count
    return result


original_string = "flag"
encoded_string = base64_encode(original_string)
print(encoded_string)
str1 = "KgHoPfmcONLbTNCWS7oZ"
string1 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZnopqrstuvwxyzabcdefghijklm+/"
string2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
print(base64.b64decode(str1.translate(str.maketrans(string1, string2))))

上述代码首先定义了一个base64_encode函数来手动实现Base64编码的过程。接着，它使用这个函数对字符串"Hello, world!"进行了编码，并打印了编码后的结果。最后，代码还包含了解码一个特殊处理过的Base64字符串的部分，其中使用了字符映射来恢复原始的Base64编码格式，然后再进行解码。这里，str1是一个经过非标准Base64字符集映射的字符串，通过translate方法和maketrans创建的映射表将其转换回标准Base64格式，再通过base64.b64decode进行解码，最后输出解码后的字符串。

运行结果:
mshZbYGGGBBBnAAZAAGAAB==
b'Stegosaurus pyc'
[Finished in 124ms]

"Stegosaurus"字段猜测是Stegosaurus隐写

进行Stegosaurus解码：

在这里插入图片描述
flag{Pyc_to_stegosaurus}

海尔之眼（懒得喷）

海尔之眼 ——huihuilikaile

在这里插入图片描述
拿到手两张图，第二张图 hrxiongdi.png 甩010，右键预览图可以更改调色和排版，看见key：15740（7还是倒着的捏捏的）

在这里插入图片描述
根据题目提示，甩沉默之眼silentEye，得到flag：flag{h@r_X4_Ya2}

在这里插入图片描述
彩蛋：

再次看文件末尾，看见图片结束后，根据文件尾50 4B 05 06判断还有一个压缩包，，往头补充十六进制：50 4B 03 04 14 00

在这里插入图片描述

然后单独提取这段数据或binwalk/foremost梭哈，解压密码就是刚刚的flag去括号：h@r_X4_Ya2

解压出来得到第二个flag：flag{c3ad4d3b-39f0-5675-6c6f-b56036e654d3}

1z_disk_decode 💯 (veracrypt挂载)

密钥是什么呢？——时针

或许可以换个方向观察

老老实实解：frank firmly believes that the candy was stolen by natasha

在这里插入图片描述

也可以上爆破（根据提示“结果转换为小写”，直接爆破小写）：

在这里插入图片描述

解压出来得到一张喵.png：

请添加图片描述

甩进010看见文件末尾有一串其他的东西（一眼强塞的什么数据文件）：

在这里插入图片描述

将图片和数据手动分离出来（记得删掉所有0），上veracrypt

在这里插入图片描述

挂载后加载出来会有一美(sha)丽(bi)表情包：

在这里插入图片描述

由于自己也用这个表情包，所以知道这个表情包不全，甩010改宽高得到flag

在这里插入图片描述

flag{y0u_g0t_1t}

wu_kong (XOR)

黑神话，悟空–huihuilikaile

（出题方的问题，俩解法）

在这里插入图片描述

1、把猴.png甩stegsolve

在这里插入图片描述
2、猴子猴孙甩010

在这里插入图片描述

发现第59个数据块文件头不全，去对应位置补全头

在这里插入图片描述

然后单独提取出来，保存为新的png

在这里插入图片描述

得到Key：Sun_WuKong

提取的时候发现猴子猴孙.png末尾有snow隐写特征：

在这里插入图片描述

上snow得到提示：XOR（异或）

在这里插入图片描述

上脚本，把刚刚带Key的图片和猴.png 进行XOR

在这里插入图片描述

from PIL import Image

def xor_two_images(image_path1, image_path2):
    img1 = Image.open(image_path1)	
    img2 = Image.open(image_path2)	

    if img1.size!= img2.size:
        raise ValueError("Images must have the same size.")

    pixels1 = img1.load()
    pixels2 = img2.load()
    width, height = img1.size

    new_img = Image.new('RGBA', (width, height))
    new_pixels = new_img.load()

    for y in range(height):
        for x in range(width):
            r1, g1, b1, a1 = pixels1[x, y]
            r2, g2, b2, a2 = pixels2[x, y]
            new_pixels[x, y] = (r1 ^ r2, g1 ^ g2, b1 ^ b2, a1 ^ a2)

    new_img.save('xor_result1.png')

image_path1 = 'hou.png'
image_path2 = '猴.png'
xor_two_images(image_path1, image_path2)

得到flag：

在这里插入图片描述

flag{9ba77acb-c736-70ee-1993-0d0c2a1012ee)

看过那年的雪吗？ 💯 (oursecret解密)

图片上的汉字是某个key，注意flag格式（做过的偷偷开心吧） ————ctfshow

在这里插入图片描述

甩010看见图片下很多文件，foremost梭哈（binwalk可以省去伪加密的过程）

得到的压缩包甩进010，伪加密，修改加密解压后得到一堆文件

在这里插入图片描述

flag.txt甩进010，看末尾，加上题目名字提醒，一眼snow隐写

在这里插入图片描述

sonw解出来得到前半段flag：ctfshow{W1sh1ng_every0ne_4_

回到其他文件上，一眼时间戳加密，上脚本：

import os
for i in range(11):
    filename = "D:\\Software_Data\\VMware_Machine\\kali_sharefiles\\output\\zip\\00003326\\{}.txt".format(i)
    file_attr = os.stat(filename)#读取文件属性
    alter_time = str(file_attr.st_mtime)#获取修改时间
    print(chr(int(alter_time[7:10])),end='')

运行结果：key:ctfSh0w（肯定是某个加密方式的key啦）

为了查找后半段flag试过多种方法无果后，回到最初的图片上面找线索

发现图片png文件尾和其中隐藏的zip文件头之间还有一些乱码9E97BA2A，再加上刚取得的key，一眼oursecret加密特征

在这里插入图片描述

去掉图片最后的压缩包十六进制（不然oursecret会读取不了图片数据）

在这里插入图片描述

然后把图片甩进软件 oursecret

在这里插入图片描述

提取出一个flag.txt

JRDEWV2JKIZUKR2KJBCVGWKTJBGEUVSWIVGVIWKHIJGFOWKXJJLE2UK2IVKVES2WJZFEYR2RKZKDES22GJLFKM2DIZEEMSKGINIEUNI=

flag.txt 👉 base32 👉 base32 👉 base64 👉 base64 👉 happy_time_pl4ying}

组合起来flag：ctfshow{W1sh1ng_every0ne_4_happy_time_pl4ying}

MoreHight

作者没有留下任何提示 ——Gscsed

丢随波逐流或CRC爆破或手动调整宽高得到flag：

在这里插入图片描述

flag{Png_hight_hight}

FindSeed_MC

在这里插入图片描述

开挂：BV1NS4y117yW

在这里插入图片描述

种子：7848034476684517680

flag{5880616f80d73e086ec577d7ad21ef99}

Crypto

At

At ——作者：huihuilikaile

ﾟωﾟﾉ= /｀ｍ´）ﾉ ~┻━┻   //*´∇｀*/ ['_']; o=(ﾟｰﾟ)  =_=3; c=(ﾟΘﾟ) =(ﾟｰﾟ)-(ﾟｰﾟ); (ﾟДﾟ) =(ﾟΘﾟ)= (o^_^o)/ (o^_^o);(ﾟДﾟ)={ﾟΘﾟ: '_' ,ﾟωﾟﾉ : ((ﾟωﾟﾉ==3) +'_') [ﾟΘﾟ] ,ﾟｰﾟﾉ :(ﾟωﾟﾉ+ '_')[o^_^o -(ﾟΘﾟ)] ,ﾟДﾟﾉ:((ﾟｰﾟ==3) +'_')[ﾟｰﾟ] }; (ﾟДﾟ) [ﾟΘﾟ] =((ﾟωﾟﾉ==3) +'_') [c^_^o];(ﾟДﾟ) ['c'] = ((ﾟДﾟ)+'_') [ (ﾟｰﾟ)+(ﾟｰﾟ)-(ﾟΘﾟ) ];(ﾟДﾟ) ['o'] = ((ﾟДﾟ)+'_') [ﾟΘﾟ];(ﾟoﾟ)=(ﾟДﾟ) ['c']+(ﾟДﾟ) ['o']+(ﾟωﾟﾉ +'_')[ﾟΘﾟ]+ ((ﾟωﾟﾉ==3) +'_') [ﾟｰﾟ] + ((ﾟДﾟ) +'_') [(ﾟｰﾟ)+(ﾟｰﾟ)]+ ((ﾟｰﾟ==3) +'_') [ﾟΘﾟ]+((ﾟｰﾟ==3) +'_') [(ﾟｰﾟ) - (ﾟΘﾟ)]+(ﾟДﾟ) ['c']+((ﾟДﾟ)+'_') [(ﾟｰﾟ)+(ﾟｰﾟ)]+ (ﾟДﾟ) ['o']+((ﾟｰﾟ==3) +'_') [ﾟΘﾟ];(ﾟДﾟ) ['_'] =(o^_^o) [ﾟoﾟ] [ﾟoﾟ];(ﾟεﾟ)=((ﾟｰﾟ==3) +'_') [ﾟΘﾟ]+ (ﾟДﾟ) .ﾟДﾟﾉ+((ﾟДﾟ)+'_') [(ﾟｰﾟ) + (ﾟｰﾟ)]+((ﾟｰﾟ==3) +'_') [o^_^o -ﾟΘﾟ]+((ﾟｰﾟ==3) +'_') [ﾟΘﾟ]+ (ﾟωﾟﾉ +'_') [ﾟΘﾟ]; (ﾟｰﾟ)+=(ﾟΘﾟ); (ﾟДﾟ)[ﾟεﾟ]='\\'; (ﾟДﾟ).ﾟΘﾟﾉ=(ﾟДﾟ+ ﾟｰﾟ)[o^_^o -(ﾟΘﾟ)];(oﾟｰﾟo)=(ﾟωﾟﾉ +'_')[c^_^o];(ﾟДﾟ) [ﾟoﾟ]='\"';(ﾟДﾟ) ['_'] ( (ﾟДﾟ) ['_'] (ﾟεﾟ+(ﾟДﾟ)[ﾟoﾟ]+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((o^_^o) +(o^_^o))+ ((ﾟｰﾟ) + (ﾟΘﾟ))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((ﾟｰﾟ) + (ﾟΘﾟ))+ ((ﾟｰﾟ) + (o^_^o))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((ﾟｰﾟ) + (o^_^o))+ ((o^_^o) - (ﾟΘﾟ))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((o^_^o) +(o^_^o))+ (ﾟｰﾟ)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((ﾟｰﾟ) + (o^_^o))+ (o^_^o)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ (ﾟΘﾟ)+ ((ﾟｰﾟ) + (ﾟΘﾟ))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((o^_^o) +(o^_^o))+ ((o^_^o) - (ﾟΘﾟ))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ (o^_^o)+ ((ﾟｰﾟ) + (o^_^o))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((o^_^o) +(o^_^o))+ (o^_^o)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ (c^_^o)+ (c^_^o)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ (ﾟΘﾟ)+ (ﾟｰﾟ)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ (o^_^o)+ ((ﾟｰﾟ) + (o^_^o))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ (o^_^o)+ ((o^_^o) - (ﾟΘﾟ))+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟｰﾟ)+ (ﾟΘﾟ)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟｰﾟ)+ (ﾟΘﾟ)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟｰﾟ)+ (ﾟΘﾟ)+ (ﾟДﾟ)[ﾟεﾟ]+(ﾟΘﾟ)+ ((ﾟｰﾟ) + (o^_^o))+ ((ﾟｰﾟ) + (ﾟΘﾟ))+ (ﾟДﾟ)[ﾟoﾟ]) (ﾟΘﾟ)) ('_');
hint:注意大小写

一眼aaencode加密

在这里插入图片描述

uozt{Mr_s@L_Z!!!}

放随波逐流梭哈一下，Atbash有结果

在这里插入图片描述

但是提示注意大小写，手动转换一下：

flag{Ni_h@O_A!!!}

shuangyuCTF-AES & Base

您收到了一段使用AES-CBC模式加密的密文 ———— 白小羽

import base64
import hashlib
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad

# 固定的前8字节密钥部分（题目给出）
fixed_key_part = b'fixedpart'[:8]
# 秘密字符串的前缀（题目给出）
secret_prefix = b'secret_'
# Base64编码的密文和IV（题目给出）
encoded_data = '[lg/hfCVaU7OGl11oy7JsUzozFojJSjBmYt6BGY+sO/KCKkQxdXzHjiJP1AM0eoTH]'

# 您收到了一段使用AES-CBC模式加密的密文，同时您知道了密钥的一部分生成规则：
# 密钥的前8字节是固定的，后8字节是通过某个秘密字符串的后三位数字（000-999）与特定前缀（例如secret_）
# 进行SHA-256哈希后取前8字节得到的。您的任务是编写一个Python脚本，尝试所有可能的三位数字组合，
# 以找到正确的密钥，并解密密文，获取其中的flag。

# -----------请写出你的解密过程，获取flag-------------

# 对Base64编码的密文和IV进行解码
decoded_data = base64.b64decode(encoded_data)
received_iv = decoded_data[:16]
received_encrypted_data = decoded_data[16:]

# 暴力破解秘密字符串的后三位数字
for suffix in range(1000):  # 000-999
    suffix_str = f'{suffix:03d}'  # 确保是三位数，例如'001'
    key_part2 = hashlib.sha256(secret_prefix + suffix_str.encode()).digest()[:8]
    full_key = fixed_key_part + key_part2

    # 尝试使用当前密钥解密密文
    try:
        decrypt_cipher = AES.new(full_key, AES.MODE_CBC, received_iv)
        decrypted_data = decrypt_cipher.decrypt(received_encrypted_data)
        decrypted_plaintext = unpad(decrypted_data, AES.block_size)
        # 检查明文是否包含'flag{'，以确认是否找到了正确的密钥
        if decrypted_plaintext.startswith(b'flag{'):
            print(f'Decrypted plaintext: {decrypted_plaintext.decode()}')
            break  # 找到正确的密钥后退出循环
    except Exception as e:
        # 如果解密失败（例如由于填充错误），则继续尝试下一个密钥
        pass

flag{Crypto_shuangyuSec_@2024}

shuangyuCTF-XOR

让十六进制字符串在XOR的胯下现出原形 ——白小羽

# 题目
def xor_encrypt(data, key):
    encrypted_data = bytearray()
    for char in data:
        encrypted_data.append(ord(char) ^ key)
    return encrypted_data.hex()  # 返回十六进制字符串作为加密结果


# 以下是使用该函数加密后的一个十六进制字符串:
encrypted_string = '7a6f796973746865666c6167'
# 加密时所用的密钥(key)是 13（注意：这只是一个示例，实际题目中可以使用不同的密钥）

# 你的任务是解密这个十六进制字符串，找出它隐藏的信息，并将其格式化为 flag{*}
# 请将你的答案以 print(f"flag{{{your_decrypted_message}}}") 的形式输出


# 答案参考
def xor_decrypt(hex_data, key):
    data_bytes = bytes.fromhex(hex_data)  # 将十六进制字符串转换为字节
    decrypted_data = bytearray()
    for byte in data_bytes:
        decrypted_data.append(byte ^ key)  # XOR解密
    return decrypted_data.decode('utf-8')  # 将解密后的字节解码为字符串


# 给定的加密十六进制字符串和密钥
encrypted_string = '7a6f796973746865666c6167'
key = 13

# 解密字符串
decrypted_string = xor_decrypt(encrypted_string, key)

# 输出解密后的结果，注意格式
print(f"flag{{{decrypted_string}}}")

flag{wbtd~yehkalj}

Base签到

签到——辰

TVpXR0NaMzNNSlFXU1lUQk5GUFVHVkNHTDQzRFFOS1lORlFXNjZMVlBVPT09PT09

base 👉 base64 👉 base32 👉 flag

flag{baibai_CTF_685Xiaoyu}

你真的喜欢CTF吗？

像是个密码，至于什么密码还需要考证呢，都试试吧？
AABABAAAAAABABBAABBAAAABBABBBABBAAAABBBABABAAABABBABAAAABABAAABAAAAABABAABBAABAB ——辰

一眼培根啦

flag{falgdoyoulikectf}

decode没有key

在这里插入图片描述

UH6G2CXOVIYRJI2PXMPHVFXXWWYRRH2AXMNIZF2JXAYRBEFYWWSQRF2FWAYRBAXYXEWIPIXSWOARFIEFXMRIZFFXWASSTIFCXIOIZFFHTWWH6EFTYWSR2F2FVIPRLGFYWDMSTIXSVEYRJJPYXMPHVGXXWWUGRH2YXMTSHF2HTWWIFIXOWWTRBZFGVIYRZJFWWWWIBAPIVAYRJIOFXSRIZEFXWWRHJIFKVISH4FXDXAWIXIXTXMSIDF2JVIPRDEFXTVMSPGXJWAURJGOFXMUHXEFBWWYGRIPAXMQSZFXVXAYRJIXYTISIRH2AWAQRZJFXWESIZD2JWEURJGWFXAOHZGF2WSPSTIFSVEPRZFEFVAXRJIXXYWSIVD2HX5XGRHXWXMSIVG2JWWSRJF2GXEUHXEOIWSYGRIXIXMQSHF2QVAYSBIXXWMSSBZFFXIXHZJFYXOWIZI2IVEQRHZFGXWRIZD2JWAWIHIXGXHMR2FXJWAXHFIFXXWSRHF2BWIPHLAXWX4MSTG2SVMSRFGXYXWQHZGPBWSXGRH2AVMOIZF2BWAXHXIPVWWSRHH2KWIXHVIFYXEWIVI2SWMWRFEFQWMQHZJFEWATITH2KVIPR4FFGTWWITIXTWWSRBH2FTWXHBGFYYOWITAPSVAARFIEFXMYIXEFXWWWITH2AXMRRHF2ZXAWSXEXXXWSRZZFJWIQRRGFYWESIVE2RVEURHHMFXSYHXEFXWWRSTHFCVITRHF2LWAWH2EFRXMRIXJFIV5QRFGFXW5WITGXJVMSRJIPYXWYHXGFJWSYHJIXUVMASXF2XWAURFIXQTISIVZFIX5PHZIFUVAWIZH2IWWSRBI2YXARHVJFIWAZSTIFUVIOH4FFGXAWHJIFTWMSIVZFGXIPHVHFXXISIRF2JWWSRHFFGX42RXEPBWAXQRH2MXIQSHFFZXAYRBEFZWMSRXH2GXIQRVJFYXOSIZEXRWIQRHIFPXESIXE2XWAXRTIPCVIQRHFFKWAWR2EF2YSSHJH2GXSXHTAXYXHMSPFXJVMYRHH2XXWYHXFFBWSWIRHMHXIOIHFXVXAYRBEFSVMSQRD2GWAPGRGXYXEOIBI2SWOQRHIEFXMPHZFFBWASITIFAVITQXFXFTWXIPEFTXMQHVF2JTWPHJGFYWDMSTFXRWMARFGPQXMYIXGPTWWASTGXYXMSSRF2ZVAYSBEXVTIRIBZFGVAQSHFXUWWSH4JXSVD2HFIWFXAVIXEXXWEPITHEFVISRHE2TXAWGVEXUYWRHDH2IV5QRBFFXTWWIRF2JWIURJH2PXMXHXEPBWSQRTGFCXMSRHFFXXAYIXEXZXMSSBH2AWIPHZFFYVISIRF2JV5URJEWFXAPHZEP2WATRTIFUXITRHFFCTWWHJIXRYWSIVD2KXAPHLJFWV5SIRE2JWWORLFPGXAXIXF2BWWYGRIXKXIPSHF2UWAWR6IFYWWQIXF2GWIYRRIFYWWWIVI2SVMURHIFFXASHZJFMWWPSTIFGVIUSHFFTTWYRXIFPXWSHLH2KWIPHLIFXXDMSXAFSVMARHGXQXWSIXF2XWEYRJH2AVMOIHF2JTWXIBIXUWMSR6D2HWIXHDFFYWDMSPIXSWMARFEXYXWQHZJFAWASITHFKXISIZFFITWXIFIXTWWSHBH2JX5PHJFFUV5SITIXTVIYRFIFGXIYHXE2BWWWGRHFAXMQHHF2HTWWSXIXSXMRQXFFDTWXQZIXV

decode.txt 👉 Rot13 👉 {base32 👉 文本字符串倒序在线工具（颠倒）} * 10 👉 Rot13/Rot18

flag{flagishere}

crypto2

——辰

[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]((!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+!+[]]+(+[![]]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(+(!+[]+!+[]+!+[]+[+!+[]]))[(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([]+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][[]]+[])[+!+[]]+(![]+[])[+!+[]]+((+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]]](!+[]+!+[]+!+[]+[!+[]+!+[]])+(![]+[])[+!+[]]+(![]+[])[!+[]+!+[]])()(([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+(![]+[])[!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(![]+[+[]]+([]+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]])[!+[]+!+[]+[+[]]]+([][[]]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[!+[]+!+[]+[!+[]+!+[]]]+([]+[])[(![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]()[+!+[]+[!+[]+!+[]]]+(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(![]+[+[]]+([]+[])[([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]])[!+[]+!+[]+[+[]]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[!+[]+!+[]+[+[]]]+[!+[]+!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]+[+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+(![]+[])[+[]]+[+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]+(![]+[])[+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]]+[+!+[]]+([][(!![]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]+!+[]]]()+[])[!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]]+[!+[]+!+[]+!+[]+!+[]+!+[]]+([][[]]+[])[!+[]+!+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[(![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]]((+((+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+[+[]+[+[]]+[+[]]+[+[]]+[+[]]+[+[]]+[+[]]+[+[]]+[+[]]+[+!+[]]])+[])[!+[]+!+[]]+[+!+[]])+([]+[])[(![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]()[+!+[]+[!+[]+!+[]]]+([+[]]+![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(![]+[])[!+[]+!+[]]])[!+[]+!+[]+[+[]]])

一眼Jsfuck

flag{3e858ccd79287cfe8509f15a71b4c45d}