Part practice
编译原理 | Theory of computation | Automata – 这是一个Theory of computation的题目, 考察Theory of computation的理解, 涵盖了自动机/计算理论/编译原理等方面
Q
grep ^And.*it$ test.txt, use '^' start with, '$' is ending '.*' to match any
Q
sort here.txt sort the file, uniq -c to count the number of occurrence in the file, grep 14 to find passphrase that occuer exactly 14 times
Q
sha256sum * to get the hash of all files, grep a92536e3c31979736460be6e6729147f974411ef193629999b022b96f5682450 to find the file with hash starting with a92536e3c31979736460be6e6729147f974411ef193629999b022b96f5682450, so filename: hacklab_{demipauldron-crucialness-abrased}
Q
print is long, last passphrase is "pr0b4bl3", decrypted file content is "hacklab_{saronide-pitchometer- cinephone}" cat words.txt | tr ‘a’ ‘4’ | tr ‘e’ ‘3’ | tr ‘i’ ‘1’ | tr ‘o’ ‘0’ is ‘l33t’ convert from words.txt echo $line; cat secret.txt.gpg | gpg -d –batch –passphrase $line; is to decrypt the file with passphrase using above command
Q
Find the flag hidden: "hacklab_{hightailing-cothurnian-longhaired}" secret.txt, first field the index of the flag character, second field is the random string cat secret.txt | awk ‘{split($0, a, ":"); print substr(a[2], a[1]+1, 1);}’, a[1] is index, a[2] is random string, every line is a flag character tr -d ‘\n’ to combine all characters into one line
Q
filename: ./folder00/folder00/folder00/folder03/file find ./ -type f -size 47c to find the file with size 47 bytes, -size to specify size, c for bytes, so find the file is "./folder00/folder00/folder00/folder03/file02" cat ./folder00/folder00/folder00/folder03/file02 to get the secret: "hacklab_{landfill- tyrannizes-pseudoneuropteran}"
Q7
use vi open a.out, search "sorry", find the "hacklab_{sautoires-piperidine-snobbing}"
Q
Guess the secret is base64 or base32 encoded, use base64 -d secret.enc to decode the base64 file, get the secret: hacklab_{copartnery-palegold-supergiant}
Q
mycrypto.py is use xor to encrypt, so P xor K xor K = P, so we can use mycrypto.py to decrypt the file, get "hacklab_{wrestled-bigwiggedness-banqueteer}"
xor encrypt not secure, because we can use the same key to decrypt the file the mydecrypt.py key space is the different number of seed, for n b IT seed, the key space is 2^n.
Q
modify module 0x02 RSA script, set n, d, enc, use int_to_string function to encrypted message is "hacklab_{demonetization}"
Q
hackvm can’t unzip, and not convert command, so download to local linux ‘2000x2000_256-color.bmp.encrypted’ filename, konw is 2000×2000, 256 color bmp file, use convert -size 2000×2000 xc:"rgb(255,255,255)" -depth 8 -map gray gray.bmp to convert gray bmp, use dd command combine file, last open bmp file find hidden message: "42 42 42"
Q
use subbreaker to break the substitution cipher, subbreaker usage: https://guballa.gitlab.io/Substituti onBreaker/cli_explained.html#breaking-ciphers
original text: IT WAS THE BEST OF TIMES, IT WAS THE WORST OF TIMES, IT WAS THE AGE OF WISDOM, IT WAS THE AGE OF FOOLISHNESS, IT WAS THE EPOCH OF BELIEF, IT WAS THE EPOCH OF INCREDULITY, IT WAS THE SEASON OF LIGHT, IT WAS THE SEASON OF DARKNESS, IT WAS THE SPRING OF HOPE, IT WAS THE WINTER OF DESPAIR, WE HAD EVERYTHING BEFORE US, WE HAD NOTHING BEFORE US, WE WERE ALL GOING DIRECT TO HEAVEN, WE WERE ALL GOING DIRECT THE OTHER WAY – IN SHORT, THE PERIOD WAS SO FAR LIKE THE PRESENT PERIOD, THAT SOME OF ITS NOISIEST AUTHORITIES INSISTED ON ITS BEING RECEIVED, FOR GOOD OR FOR EVIL, IN THE SUPERLATIVE DEGREE OF COMPARISON ONLY.
key: lwsimazuedyhgrncfjtxbqpovk
Q
first hashcat –help to find ‘500’ code is MD5(unix), save "yoda" hash to crack1.hash hashcat -m 0500 -a 0 -o found1.txt crack1.hash rockyou.txt to crack the hash, the result store to found1.txt, so "yoda" user password is "spiderman1"
use yoda and spiderman1 to ssh login, find the flag: "hacklab_{prehypophysis-chacker-sphagnous}"