Training:Get Sourced
似乎只有F12能看到
会有一行注释
答案就是:html_sourcecode
Training:Stegano I
有一个bmp,用二进制读一下,然后直接输出就可以看到
with open("./img/stegano1.bmp","rb") as f :
p = f.read()
print(str(p))
这么一段
b'BMf\x00\x00\x00\x00\x00\x00\x006\x00\x00\x00(\x00\x00\x00\x04\x00\x00\x00\x04\x00\x00\x00\x01\x00\x18\x00\x00\x00\x00\x000\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Look what the hex-edit revealed: passwd:steganoI'
所以答案:steganoI
Trainging:Crypto - Caesar I
凯撒密码就是写好一句话,把每个字母替换为自已之后的第k个,于是枚举就好了
s = "UIF RVJDL CSPXO GPY KVNQT PWFS UIF MBAZ EPH PG DBFTBS BOE ZPVS VOJRVF TPMVUJPO JT BJOMEENGQGEQ"
for i in range(26) :
print("".join([chr(ord('A') + (ord(x) - ord('A') + i) % 26) if(ord(x) >= ord('A') and ord(x) <= ord('Z')) else x for x in s]))
然后结果是
UIF RVJDL CSPXO GPY KVNQT PWFS UIF MBAZ EPH PG DBFTBS BOE ZPVS VOJRVF TPMVUJPO JT BJOMEENGQGEQ
VJG SWKEM DTQYP HQZ LWORU QXGT VJG NCBA FQI QH ECGUCT CPF AQWT WPKSWG UQNWVKQP KU CKPNFFOHRHFR
WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ RI FDHVDU DQG BRXU XQLTXH VROXWLRQ LV DLQOGGPISIGS
XLI UYMGO FVSAR JSB NYQTW SZIV XLI PEDC HSK SJ GEIWEV ERH CSYV YRMUYI WSPYXMSR MW EMRPHHQJTJHT
YMJ VZNHP GWTBS KTC OZRUX TAJW YMJ QFED ITL TK HFJXFW FSI DTZW ZSNVZJ XTQZYNTS NX FNSQIIRKUKIU
ZNK WAOIQ HXUCT LUD PASVY UBKX ZNK RGFE JUM UL IGKYGX GTJ EUAX ATOWAK YURAZOUT OY GOTRJJSLVLJV
AOL XBPJR IYVDU MVE QBTWZ VCLY AOL SHGF KVN VM JHLZHY HUK FVBY BUPXBL ZVSBAPVU PZ HPUSKKTMWMKW
BPM YCQKS JZWEV NWF RCUXA WDMZ BPM TIHG LWO WN KIMAIZ IVL GWCZ CVQYCM AWTCBQWV QA IQVTLLUNXNLX
CQN ZDRLT KAXFW OXG SDVYB XENA CQN UJIH MXP XO LJNBJA JWM HXDA DWRZDN BXUDCRXW RB JRWUMMVOYOMY
DRO AESMU LBYGX PYH TEWZC YFOB DRO VKJI NYQ YP MKOCKB KXN IYEB EXSAEO CYVEDSYX SC KSXVNNWPZPNZ
ESP BFTNV MCZHY QZI UFXAD ZGPC ESP WLKJ OZR ZQ NLPDLC LYO JZFC FYTBFP DZWFETZY TD LTYWOOXQAQOA
FTQ CGUOW NDAIZ RAJ VGYBE AHQD FTQ XMLK PAS AR OMQEMD MZP KAGD GZUCGQ EAXGFUAZ UE MUZXPPYRBRPB
GUR DHVPX OEBJA SBK WHZCF BIRE GUR YNML QBT BS PNRFNE NAQ LBHE HAVDHR FBYHGVBA VF NVAYQQZSCSQC
HVS EIWQY PFCKB TCL XIADG CJSF HVS ZONM RCU CT QOSGOF OBR MCIF IBWEIS GCZIHWCB WG OWBZRRATDTRD
IWT FJXRZ QGDLC UDM YJBEH DKTG IWT APON SDV DU RPTHPG PCS NDJG JCXFJT HDAJIXDC XH PXCASSBUEUSE
JXU GKYSA RHEMD VEN ZKCFI ELUH JXU BQPO TEW EV SQUIQH QDT OEKH KDYGKU IEBKJYED YI QYDBTTCVFVTF
KYV HLZTB SIFNE WFO ALDGJ FMVI KYV CRQP UFX FW TRVJRI REU PFLI LEZHLV JFCLKZFE ZJ RZECUUDWGWUG
LZW IMAUC TJGOF XGP BMEHK GNWJ LZW DSRQ VGY GX USWKSJ SFV QGMJ MFAIMW KGDMLAGF AK SAFDVVEXHXVH
MAX JNBVD UKHPG YHQ CNFIL HOXK MAX ETSR WHZ HY VTXLTK TGW RHNK NGBJNX LHENMBHG BL TBGEWWFYIYWI
NBY KOCWE VLIQH ZIR DOGJM IPYL NBY FUTS XIA IZ WUYMUL UHX SIOL OHCKOY MIFONCIH CM UCHFXXGZJZXJ
OCZ LPDXF WMJRI AJS EPHKN JQZM OCZ GVUT YJB JA XVZNVM VIY TJPM PIDLPZ NJGPODJI DN VDIGYYHAKAYK
PDA MQEYG XNKSJ BKT FQILO KRAN PDA HWVU ZKC KB YWAOWN WJZ UKQN QJEMQA OKHQPEKJ EO WEJHZZIBLBZL
QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD LC ZXBPXO XKA VLRO RKFNRB PLIRQFLK FP XFKIAAJCMCAM
RFC OSGAI ZPMUL DMV HSKNQ MTCP RFC JYXW BME MD AYCQYP YLB WMSP SLGOSC QMJSRGML GQ YGLJBBKDNDBN
SGD PTHBJ AQNVM ENW ITLOR NUDQ SGD KZYX CNF NE BZDRZQ ZMC XNTQ TMHPTD RNKTSHNM HR ZHMKCCLEOECO
THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG OF CAESAR AND YOUR UNIQUE SOLUTION IS AINLDDMFPFDP
所以答案是:AINLDDMFPFDP
Training:WWW-Robots
Robots exlusion standard……机器人拒绝标准?
或者就是一个单纯的robots.txt(*如是说)
于是维基还说这个东西通常在root of the web site hierarchy 例如:https://www.example.com/robots.txt
是一个限制爬虫爬取的东西
在下面的Security里还说,“很多网络机器人根本不尊重这些,甚至把不允许爬取的目录当做爬取的导航”
哦,那好吧,我们输入http://www.wechall.net/robots.txt
发现
User-agent: *
Disallow: /challenge/training/www/robots/T0PS3CR3T
User-agent: Yandex
Disallow: *
disallow的东西必然要访问一下啦,于是再输入http://www.wechall.net/challenge/training/www/robots/T0PS3CR3T
就过了
Training:ASCII
ASCII码就是数字和字母对应的表吧,写个程序
s = "84, 104, 101, 32, 115, 111, 108, 117, 116, 105, 111, 110, 32, 105, 115, 58, 32, 102, 102, 98, 108, 98, 104, 104, 104, 100, 100, 112, 109"
print("".join([chr(int(x.strip())) for x in s.split(",")]))
输出就是
The solution is: ffblbhhhddpm
(答案越来越随机串了呢……)
Encodings:URL
URL解码(%xx)的形式就是URL啦
from urllib.parse import unquote
s = "%59%69%70%70%65%68%21%20%59%6F%75%72%20%55%52%4C%20%69%73%20%63%68%61%6C%6C%65%6E%67%65%2F%74%72%61%69%6E%69%6E%67%2F%65%6E%63%6F%64%69%6E%67%73%2F%75%72%6C%2F%73%61%77%5F%6C%6F%74%69%6F%6E%2E%70%68%70%3F%70%3D%70%6C%69%73%73%69%65%65%69%63%6E%69%26%63%69%64%3D%35%32%23%70%61%73%73%77%6F%72%64%3D%66%69%62%72%65%5F%6F%70%74%69%63%73%20%56%65%72%79%20%77%65%6C%6C%20%64%6F%6E%65%21"
print(unquote(s))
Yippeh! Your URL is challenge/training/encodings/url/saw_lotion.php?p=plissieeicni&cid=52#password=fibre_optics Very well done!
输进浏览器就可以了