hgame_week1_wp
Web
Hitchhiking_in_the_Galaxy
POST,UA,Referer,X-Forwarded-For
watermelon
改project.js,把加分值的地方改大
智商检测鸡
解一百道定积分
// ==UserScript==
// @name New Userscript
// @namespace http://tampermonkey.net/
// @version 0.1
// @description try to take over the world!
// @author You
// @match http://r4u.top:5000/
// @grant none
// ==/UserScript==
(async () => {
await sleep(5000);
async function sleep(time) {
return new Promise(resolve => setTimeout(resolve, time))
}
async function ajax(d) {
return new Promise((resolve, reject) => {
$.ajax({
type: 'POST',
async: false,
url: "http://127.0.0.1:5000/",
data: d,
success(data) {
resolve(data)
},
error() {
reject();
}
})
})
}
let mem;
while (true) {
let math = $("#integral").html();
if (mem !== math && math.indexOf("math") !== -1) {
let result = await ajax({
math: math
})
$("#answer").val(result);
mem = math;
submit();
await sleep(1000);
} else {
await sleep(1000)
}
}
})();
from flask_cors import cross_origin
from sympy import integrate
from sympy.abc import x
import re
from flask import Flask, request
app = Flask(__name__)
@app.route('/', methods=['POST'])
@cross_origin()
def first_flask():
data = request.form.get('math')
data = re.sub(r'</?\w+/?>', ' ', data)
data = re.sub(r'\s+', ' ', data)
data = re.sub(r'(-)\s(\d)', r'\1\2', data)
data = re.sub(r'(\d)\s(x)', r'\1\2', data)
data = re.findall(r'-?\d+', data)
data = [int(i) for i in data]
down, top, a, b = data
f = a * x + b
result = str(integrate(f, (x, down, top)))
print(f"结果:{result}")
data = str(eval(result))
return data
app.run(debug=True)
Reverse
helloRe
签到题
pypy
python字节码
翻译代码:
raw_flag = input('give me your flag:\n')
cipher = list(raw_flag[6: -1])
length = len(cipher)
for i in range(length // 2):
cipher[2 * i], cipher[2 * i + 1] = cipher[2 * i + 1], cipher[2 * i]
res = []
for i in range(length):
res.append(ord(cipher[i]) ^ i)
res = bytes(res).hex()
print('your flag: ' + res)
解析代码:
res = bytes.fromhex("30466633346f59213b4139794520572b45514d61583151576638643a")
print(res)
raw = []
for i in range(28):
raw.append(chr(res[i] ^ i))
for i in range(28 // 2):
raw[2 * i], raw[2 * i + 1] = raw[2 * i + 1], raw[2 * i]
print(''.join(raw))
运行结果:G00dj0&_H3r3-I$Y@Ur_$L@G!~!~
PWN
whitegive
输入字符串的地址转十进制
Crypto
Transformer
quipquip
MISC
Base全家福
base64+base32
不起眼压缩包的养成的方法
Foremost,明文攻击,bzip2+zipcrypto store