202210_QQ群_神秘的压缩包

Tags:ZIP,CRC碰撞

0x00. 题目

附件路径：https://pan.baidu.com/s/1GyH7kitkMYywGC9YJeQLJA?pwd=Zmxh#list/path=/CTF附件

附件名称：202210_QQ群_神秘的压缩包.zip

某地网安专责截获疑似攻击者用于传送秘密信息的压缩包，请协助该网安专责进行分析。flag格式为flag{}

0x01. WP

01 用CRC碰撞脚本尝试爆破出1.txt-6.xtx可能的内容

工具在网盘的zip_crc.zip

经过组合得到hint信息passwordisClassicalencryptionishint6

D:\=MAX230_Wiki=\题库\Archives\Misc\Archives\202210_QQ群_神秘的压缩包>python exp.py -f 108.zip+-----------------------------------------------+
|            Byxs20's Zip Crc32 Tools           |
+-----------+------+------------+--------+------+
| File name | Size |  Checksum  |  Text  | More |
+-----------+------+------------+--------+------+
|  flag.txt |  31  | 0x1d7cb767 |  None  |  *   |
|   1.txt   |  6   | 0x8cfcb81c | !oa2o+ | True |
|   2.txt   |  6   | 0x145383d1 | /dpPVc | True |
|   3.txt   |  6   | 0x86f17134 | -B@iql | True |
|   4.txt   |  6   | 0x3a9eb11a | +3mNBD | True |
|   5.txt   |  6   | 0x7c07412c | !f4rw9 | True |
|   6.txt   |  6   | 0x15b89588 | +pc!zW | True |
+-----------+------+------------+--------+------+
是否需要生成字典: (y/N): n
是否需要导出csv: (y/N): y
Generate csv-file Finish!D:\=MAX230_Wiki=\题库\Archives\Misc\Archives\202210_QQ群_神秘的压缩包>type output.csv
File name, Size, Checksum, Text
flag.txt,31,0x1d7cb767,
1.txt,6,0x8cfcb81c,!oa2o+,2__CYl,33m_F1,5FX}sG,@3XuT5,@_+XPq,A_jiKh,CB1g{9,D7EtUV,FFmWaC,II3VFT,J8ZDiX,Ll1v5b,NL{4mk,OPuYwf,Pn@JLj,WwGtfA,Y5uy7G,YxXDZO,aPYPpm,b!0B_a,c!qsDx,d8vMnS,passwo,qa2Blv,rA91/f,s1Dq1/,w5Yp0L,ywk}aJ,{Knc8W,
2.txt,6,0x145383d1,/dpPVc,066ni+,0ZECmo,16w_r2,42+ohH,7CB}GD,@f4F=o,BZ1Xdr,DCwWU@,EC6fNY,F2_taU,Hpmy0S,JLhgiN,LIa4Yh,Ltpx10,MUoYCe,NHufh-,OH4Ws4,PW_T!t,Qv@uS!,RkZJxi,YAGZ7Q,_y_Eo/,cUCPDn,dLDnnE,f=lMZP,fpAp7X,i22L}G,k_U3HF,n+5rWl,o+tCLu,py2}s=,rdisCl,sEvR19,u}nMiG,wAkS0Z,zr0LNP,{rq}UI,}k7rd{,
3.txt,6,0x86f17134,特殊-B@iql,/3hJEy,4e3u{R,7YwZ9V,特殊=s+{mw,A1mm5l,DYBp+R,FeGnrO,IvV3TL,MrK2U/,PMjs_f,QluR-3,RP1}o7,WTmMuM,YG=!HW,_B4rxq,assica,bO7F!e,fjtWIJ,gj5fRS,hekguD,kY/H7@,o1Ad2g,pBYJdc,r3qiPv,s30XKo,s_CuO+,yTADrF,ztJ71V,
4.txt,6,0x3a9eb11a,特殊+3mNBD,特殊-FXlw2,0yy-}{,1ew@gv,25@B!6,8soNqS,@dV8D7,A5uh32,BeBjur,E1hi2Q,KsZdcW,MvS7Sq,OwGeb4,PIrvY8,QI3GB!,QhmW+m,R8ZUm-,SThIrp,X3XdP@,ZBpGdU,bjqSNw,cj0bUn,eo91eH,gOss=A,lencry,nYk}+d,o5Ya49,pFAOb=,v3tmWK,}TD@u{,
5.txt,6,0x7c07412c,!f4rw9,特殊+m6CJT,特殊-tpL{f,/i+BK7,2JE_@j,3VK2Zg,5SBajA,8-4CyC,9-urbZ,@J1DIw,AJpuRn,DorU!X,FSwKxE,K1N5jS,Led6-p,M4GfZu,O5S4k0,P6wk8d,P{ZVUl,XqL5YD,YmBXCI,aECLik,cyFR0v,d-lQwU,iOU/eC,owM0==,ptioni,rHlq7t,sisPE!,wmnQDB,xb0PcU,ybqaxL,
6.txt,6,0x15b89588,特殊+pc!zW,特殊-ujrJq,0JK3@8,2K_aq},80a!I@,AKjKcy,BVptH1,FRmuIR,Ka6j7X,K}y66L,ND4JDn,ODu{_w,Oyd77/,Pz@hd{,RFEv=f,SgZWO3,WcGVNP,_iQ5Bx,bYCMs4,c5qQli,d093GV,gAP!hZ,oKFBdr,pT-A62,qTlp-+,shint6,tP0@7Q,wltouU,

02使用密码解压缩得到密文

压缩包密码为Classicalencryptionishint6,解压得到密文

]cX^r:X\jXiV`jVm\ipV`ek\ijk`e^t

使用凯撒解密的到flag为flag{Caesar_is_very_intersting}