实验吧MD5之守株待兔解题思路

解题链接

http://ctf5.shiyanbar.com/misc/keys/keys.php

解题思路

首先我们多打开几次解题链接,发现系统密钥大约在一秒钟左右变一次,所以联想到时间戳。

解题过程

编写python脚本,然后执行得出答案
python脚本代码

import time

import requests

def getTime():

    return str(int(time.time()))#获取当前的时间戳

def getFlag(time1):
   url='http://ctf5.shiyanbar.com/misc/keys/keys.php?key='+time1
   r=requests.get(url)
   reponse = requests.get(url)
   print(r.text)打印返回的网站数据
   print(reponse)请求结果是否成功

for i in range(10):

    getFlag(getTime())

执行脚本后我们可以发现有script中就是flag

对于网上的write up

我看了网上许多write up都是错误的
首先是脚本中不需要对MD5解压,所以也就没有必要引进hashlib库,更没有必要引进thread库。
还有就是很多write up里面写的是return str(int(time.time())+3)#获取三秒后的时间戳,这样写的话密钥永远对不上怎么能跑出flag,如果非要这样写那必须要在getFlag的第一行加入time.sleep(3)才能得到flag。

原文地址:https://www.cnblogs.com/luoleqi/p/10585638.html

时间: 2024-10-10 21:54:14

实验吧MD5之守株待兔解题思路的相关文章

实验吧-密码学解题思路及答案(一)

1.JS 解题链接: http://ctf5.shiyanbar.com/crypto/2.html eval(function(p,a,c,k,e,d){e=function(c){return(c35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){retur

securityoverridehacking challenge 解题思路汇总——JavaScript

通过了Advanced部分( securityoverridehacking challenge 解题思路汇总--Advanced),下面就进入JavaScript了.总的来说,这个部分比较简单,因为JavaScript是高度可控的东西.也就是说,安全角度而言,JavaScript是不可信的. 4        Javascript 4.1       Login Bypass 这题比较容易让人想多,逛了下hint,发现很简单.观察,首先请求了index.php,然后跳转到了fail.php,并

SecurityOverride Decryption 部分解题思路

Level 1 : ROT13 ROT13加密,一种简单加密方式,详见百度百科,这里用python shell直接解密 1 'grfg110, jung vf Frgrp Nfgebabzl'.decode('rot13') 可得答案:'test110, what is Setec Astronomy' Level 2 :  BASE64 base64 加密,详情百度,同上直接python shell解密 'VG9vIG1hbnkgc2VjcmV0cyB0ZXN0MTEw'.decode('ba

LeetCode解题思路:595. Big Countries

There is a table World +-----------------+------------+------------+--------------+---------------+ | name | continent | area | population | gdp | +-----------------+------------+------------+--------------+---------------+ | Afghanistan | Asia | 652

[LeetCode] 3Sum 解题思路

Given an array S of n integers, are there elements a, b, c in S such that a + b + c = 0? Find all unique triplets in the array which gives the sum of zero. Note: Elements in a triplet (a,b,c) must be in non-descending order. (ie, a ≤ b ≤ c) The solut

leetCode 103.Binary Tree Zigzag Level Order Traversal (二叉树Z字形水平序) 解题思路和方法

Given a binary tree, return the zigzag level order traversal of its nodes' values. (ie, from left to right, then right to left for the next level and alternate between). For example: Given binary tree {3,9,20,#,#,15,7}, 3 / 9 20 / 15 7 return its zig

[LeetCode] 53. Maximum Subarray 解题思路

Find the contiguous subarray within an array (containing at least one number) which has the largest sum. For example, given the array [-2,1,-3,4,-1,2,1,-5,4],the contiguous subarray [4,-1,2,1] has the largest sum = 6. 问题: 给定一个元素有正有负的数组,求最大连续子数组的和. 思路

[LeetCode] Maximum Gap 解题思路

Given an unsorted array, find the maximum difference between the successive elements in its sorted form. Try to solve it in linear time/space. Return 0 if the array contains less than 2 elements. You may assume all elements in the array are non-negat

[LeetCode] 234. Palindrome Linked List 解题思路

Given a singly linked list, determine if it is a palindrome. Follow up:Could you do it in O(n) time and O(1) space? 问题:给定一个单向列表结构,判断它是不是回文的. 补充:是否可以在 O(n) 时间,O(1) 额外空间下完成? 解题思路: 对于数组,判断是否是回文很好办,只需要用两个指针,从两端往中间扫一下就可以判定. 对于单向列表,首先想到的是,将列表复制一份到数组中,然后用上面