https://dreamhack.io/wargame/challenges/872

 

64se64

Description "Welcome! πŸ‘‹"을 좜λ ₯ν•˜λŠ” html νŽ˜μ΄μ§€μž…λ‹ˆλ‹€. μ†ŒμŠ€ μ½”λ“œλ₯Ό ν™•μΈν•˜μ—¬ 문제λ₯Ό ν’€κ³  ν”Œλž˜κ·Έλ₯Ό νšλ“ν•˜μ„Έμš”. ν”Œλž˜κ·Έ ν˜•μ‹μ€ DH{...} μž…λ‹ˆλ‹€.

dreamhack.io

문제


"Welcome! πŸ‘‹"을 좜λ ₯ν•˜λŠ” html νŽ˜μ΄μ§€μž…λ‹ˆλ‹€.

μ†ŒμŠ€ μ½”λ“œλ₯Ό ν™•μΈν•˜μ—¬ 문제λ₯Ό ν’€κ³  ν”Œλž˜κ·Έλ₯Ό νšλ“ν•˜μ„Έμš”.
ν”Œλž˜κ·Έ ν˜•μ‹μ€ DH{...} μž…λ‹ˆλ‹€.

 

풀이
1. λ¬Έμ œμ—μ„œ 주어진 μ›Ήμ‚¬μ΄νŠΈ 접속

λ¬Έμ œμ—μ„œ 주어진 μ›Ήν•΄ν‚Ή 문제 μ‚¬μ΄νŠΈ 접속 ν™”λ©΄









2. Ctrl+U λ˜λŠ” 마우슀 였λ₯Έμͺ½ 클릭 ν›„ νŽ˜μ΄μ§€ μ†ŒμŠ€λ³΄κΈ° 클릭

<!doctype html>
<html>
<head>
  <meta charset="utf-8">
  <title>Welcome</title>
</head>

<body>
  <h1>Welcome! πŸ‘‹</h1>
  <form method="POST">
    <input type="hidden" name="64se64_encoding" value="IyEvdXNyL2Jpbi9lbnYgcHl0aG9uMwphc2M
    9WzY4LCA3MiwgMTIzLCA5OCwgMTAxLCA0OCwgNTIsIDU0LCA5OCwgNTUsIDUzLCA1MCwgNTAsIDk3LCA5NywgN
    TAsIDEwMSwgNTAsIDU2LCAxMDIsIDUwLCA1NSwgNTQsIDEwMSwgNDgsIDk5LCA1NywgNDksIDQ4LCA1MywgNTA
    sIDQ5LCAxMDIsIDUwLCA1MSwgOTcsIDQ4LCA1MywgNTYsIDU1LCA0OCwgNDgsIDUzLCA5NywgNTYsIDUxLCA1NS
    wgNTUsIDUxLCA1NSwgNDgsIDk3LCA0OSwgNDksIDEwMSwgNTMsIDEwMSwgNTIsIDEwMCwgOTksIDQ5LCA1MywgMT
    AyLCA5OCwgNTAsIDk3LCA5OCwgMTI1XQphcnI9WzAgZm9yIGkgaW4gcmFuZ2UoNjgpXQpmb3IgaSBpbiByYW5nZS
    gwLDY4KToKICAgIGFycltpXT1jaHIoYXNjW2ldKQpmbGFnPScnLmpvaW4oYXJyKQpwcmludChmbGFnKQ==">
  </form>
</body>
</html>

 

 

 

3. value 뢀뢄에 base64 λ°©μ‹μœΌλ‘œ 인코딩 λ˜μ–΄μžˆλŠ” μ½”λ“œλ₯Ό λ””μ½”λ”© μ‹œν‚¨ ν›„ κ²°κ³Ό κ°’ 확인

echo "IyEvdXNyL2Jpbi9lbnYgcHl0aG9uMwphc2M9WzY4LCA3MiwgMTIzLCA5OCwgMTAxLCA0OCwgNTIsIDU0LCA5OCw
gNTUsIDUzLCA1MCwgNTAsIDk3LCA5NywgNTAsIDEwMSwgNTAsIDU2LCAxMDIsIDUwLCA1NSwgNTQsIDEwMSwgNDgsIDk5
LCA1NywgNDksIDQ4LCA1MywgNTAsIDQ5LCAxMDIsIDUwLCA1MSwgOTcsIDQ4LCA1MywgNTYsIDU1LCA0OCwgNDgsIDUzL
CA5NywgNTYsIDUxLCA1NSwgNTUsIDUxLCA1NSwgNDgsIDk3LCA0OSwgNDksIDEwMSwgNTMsIDEwMSwgNTIsIDEwMCwgOT
ksIDQ5LCA1MywgMTAyLCA5OCwgNTAsIDk3LCA5OCwgMTI1XQphcnI9WzAgZm9yIGkgaW4gcmFuZ2UoNjgpXQpmb3IgaSB
pbiByYW5nZSgwLDY4KToKICAgIGFycltpXT1jaHIoYXNjW2ldKQpmbGFnPScnLmpvaW4oYXJyKQpwcmludChmbGFnKQ=="
| base64 --decode > flag


---
cat flag

#!/usr/bin/env python3
asc=[68, 72, 123, 98, 101, 48, 52, 54, 98, 55, 53, 50, 50, 97, 97, 50, 
101, 50, 56, 102, 50, 55, 54, 101, 48, 99, 57, 49, 48, 53, 50, 49, 102, 
50, 51, 97, 48, 53, 56, 55, 48, 48, 53, 97, 56, 51, 55, 55, 51, 55, 48, 
97, 49, 49, 101, 53, 101, 52, 100, 99, 49, 53, 102, 98, 50, 97, 98, 125]
arr=[0 for i in range(68)]
for i in range(0,68):
    arr[i]=chr(asc[i])
flag=''.join(arr)
print(flag)

 

좜λ ₯ κ²°κ³Όλ¬Ό 확인 μ‹œ python μ½”λ“œκ°€ 좜λ ₯λ˜λŠ” 것을 λ³Ό 수 μžˆλ‹€.

 

 

 

 

 

 

 

 

4.  λ””μ½”λ”©ν•œ 좜λ ₯ κ²°κ³Όλ¬Ό python 으둜 μ‹€ν–‰

python flag




DH{be046b7522aa2e28f276e0c910521f23a0587005a8377370a11e5e4dc15fb2ab}

 

DH{..} ν˜•μ‹μ˜ ν”Œλž˜κ·Έ 좜λ ₯

 

 

 

'Dreamhack' μΉ΄ν…Œκ³ λ¦¬μ˜ λ‹€λ₯Έ κΈ€

[Dreamhack] cookie Write-Up  (1) 2024.03.16
[Dreamhack] phpreq Write-Up  (2) 2024.03.15
[Dreamhack] ex-req-ex Write-Up  (2) 2024.03.15
[Dreamhack] blue-whale Write-Up  (3) 2024.03.15
[Dreamhack] baby-linux Write-Up  (1) 2024.03.14

+ Recent posts

ν‹°μŠ€ν† λ¦¬νˆ΄λ°”