levelx00 输入给定字符串
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx00')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(data2)
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx01 输入给定两个字符串
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx01')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(data2)
data3 = s.recv(1024)
print(data2)
s.send(data3)
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx02 字符串全大写
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx02')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(data2.upper())
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx03 base64解码
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx03')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(base64.b64decode(data2))
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx04 字符串逆序
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx04')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(data2[::-1])
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx05 最后五个字符
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx05')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(data2[-5::])
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx06 字符串长度
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx06')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
s.send(str(len(data2)).encode())
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx07 16进制转字符串
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx07')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
data3=bytes.fromhex(data2.decode()).decode()
s.send(data3.encode())
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx08 两数之和
import socket
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the message / Conecta al host y recibes la intro general.
print('Receiving Intro')
data = s.recv(1024)
print(data)
# Send "levelx00" to choose the level / Envia levelx00 para elegir el nivel.
s.send(b'levelx08')
# Receive the challenge / Recibe el challenge.
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2)
# Send the challenge solved / Envia el resultado del challenge.
print('Envio reto')
data3=[x for x in data2.decode().split(' ')]
data3 = int(data3[0])+int(data3[1])
print(str(data3).encode())
# Receive the flag / Recibe la flag.
print('Recibo flag')
data3 = s.recv(1024)
print(data3)levelx09 rot13
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
# Function to translate text using Rot13 for decryption
def rot13(text):
result = ""
for char in text:
if 'A' <= char <= 'Z':
result += chr((ord(char) - ord('A') + 13) % 26 + ord('A'))
elif 'a' <= char <= 'z':
result += chr((ord(char) - ord('a') + 13) % 26 + ord('a'))
else:
result += char
return result
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
# Connect to the host and receive the introductory message
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
# Send "levelx09" to choose the level
s.sendall(b'levelx09\n')
# Receive the challenge
print('Receiving challenge.')
data2 = s.recv(1024)
challenge_text = data2.decode('utf-8').strip() # Decode and strip any extra newlines or spaces
print('Challenge text:', challenge_text)
# Send the challenge solution
print('Sending solution')
solved_challenge = rot13(challenge_text)
print('Solved challenge:', solved_challenge)
s.sendall(solved_challenge.encode('utf-8') + b'\n')
# Receive and print the response from the server
data4 = s.recv(1024)
print(data4.decode('utf-8'))levelx10 数组排序
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx10')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=data3.replace(' ',',')
data3=[int(x) for x in data3.split(',')]
data3.sort()
data4=''
for i in data3:
data4+=str(i)
print(data4)
s.send(str(data4).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx11 莫斯密码
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
MORSE_CODE_DICT = {
'.-': 'A', '-...': 'B', '-.-.': 'C', '-..': 'D',
'.': 'E', '..-.': 'F', '--.': 'G', '....': 'H',
'..': 'I', '.---': 'J', '-.-': 'K', '.-..': 'L',
'--': 'M', '-.': 'N', '---': 'O', '.--.': 'P',
'--.-': 'Q', '.-.': 'R', '...': 'S', '-': 'T',
'..-': 'U', '...-': 'V', '.--': 'W', '-..-': 'X',
'-.--': 'Y', '--..': 'Z', '-----': '0', '.----': '1',
'..---': '2', '...--': '3', '....-': '4', '.....': '5',
'-....': '6', '--...': '7', '---..': '8', '----.': '9'
}
def decode_morse(morse_code):
# 用空格分割摩斯密码,得到每个字符的摩斯码
morse_code_words = morse_code.split(' ')
# 用摩斯码映射表转换为字符
decoded_chars = [MORSE_CODE_DICT[code] for code in morse_code_words if code in MORSE_CODE_DICT]
# 将字符列表拼接为字符串
return ''.join(decoded_chars)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx11')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=decode_morse(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx12 字符串加倍
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx12')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=[x for x in data3.split(' ')]
print(data3)
data3=data3[0]*int(data3[1])
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx13 字符串排序
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def last_string(strings):
# 移除 "[" 和 "]" 字符
strings=strings.strip("[]")
cleaned_strings = [s for s in strings.split(' ')]
# 对字符串列表按字母顺序排序
sorted_strings = sorted(cleaned_strings)
# 返回排序后的列表中的最后一个字符串
return sorted_strings[-1]
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx13')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=last_string(data3)
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx14 统计给定字符出现次数
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx14')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=[x for x in data3.split(' ')]
data3=data3[0].count(data3[1])
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx15 等差数列
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx15')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=[x for x in data3.split(' ')]
print(data3)
data3=int(data3[-1]) + int(data3[1]) - int(data3[0])
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx16 base64编码的图像的长宽
import socket
import base64
from PIL import Image
from io import BytesIO
def get_image_size(base64_encoded_png):
# 将Base64编码的PNG图像解码为二进制数据
png_data = base64.b64decode(base64_encoded_png)
# 使用PIL库打开图像并获取其宽度和高度
with Image.open(BytesIO(png_data)) as img:
width, height = img.size
return width, height
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx16')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=get_image_size(data3)
width, height = data3
data3 = f"{width}x{height}"
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx17 返回base64编码图像的最后一个像素RGBA值
import socket
import base64
from PIL import Image
from io import BytesIO
def get_last_rgba_value(base64_encoded_png):
# 将Base64编码的PNG图像解码为二进制数据
png_data = base64.b64decode(base64_encoded_png)
# 使用PIL库打开图像
with Image.open(BytesIO(png_data)) as img:
# 获取图像的像素数据
pixels = img.load()
# 获取图像的宽度和高度
width, height = img.size
# 获取最后一个像素的RGBA值
last_rgba = pixels[width - 1, height - 1]
return last_rgba
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx17')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=get_last_rgba_value(data3)
data3=data3[-1]
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx18 字符串转二进制
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx18')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=''.join(format(ord(char), '08b') for char in data3)
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx19 读取一个base64编码的zip文件提取里面的txt文件
import socket
import base64
import zipfile
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def extract_text_from_zip(base64_encoded_zip):
# 解码Base64编码的ZIP文件
zip_data = base64.b64decode(base64_encoded_zip)
# 使用BytesIO创建一个类文件对象
from io import BytesIO
zip_file = BytesIO(zip_data)
# 打开ZIP文件
with zipfile.ZipFile(zip_file, 'r') as zip_ref:
# 提取ZIP文件中的文本文件名
txt_file_name = zip_ref.namelist()[0]
# 读取文本文件内容
with zip_ref.open(txt_file_name) as txt_file:
text = txt_file.read().decode('utf-8')
return text
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx19')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=extract_text_from_zip(data3)
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx20 md5碰撞 rockyou
import socket
import hashlib
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx20')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
with open('E:/字典/字典超超超全/字典超超超全/字典及生成工具/Passwords/rockyou.txt', 'r', encoding='latin-1') as file:
lines = [line.strip() for line in file.readlines()[:50]]
print(lines)
for i in lines:
k=i
md5_hasher = hashlib.md5()
md5_hasher.update(i.encode())
md5_hash = md5_hasher.hexdigest()
print(md5_hash)
if md5_hash==data3:
data3=k
break
file.close()
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx21 单位换算 kb
import socket
import hashlib
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def convert_to_kb(number):
kb = number / 1024
return "{:.2f}KB".format(kb)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx21')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=convert_to_kb(int(data3))
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx22 ascii转换
import socket
import hashlib
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx22')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=[chr(int(x)) for x in data3.split(' ')]
t=''
for i in data3:
t+=i
data3=t
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx23 png像素alpha转ascii
import socket
import base64
from PIL import Image
HOST = "temperance.hackmyvm.eu"
PORT = 9988
from io import BytesIO
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx23')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
image_data = base64.b64decode(data3)
with BytesIO(image_data) as img_file:
with Image.open(img_file) as img:
if img.size != (5, 1):
raise ValueError("图像不是5x1像素")
pixels = list(img.getdata())
data3 = ''.join(chr(pixel[3]) for pixel in pixels)
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx24 curl
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
import requests
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx24')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
re=requests.get(data3)
data3=re.text
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx25 获取head指定字段
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
import requests
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx25')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
re=requests.get(data3)
print(re.headers)
data3=re.headers.get("HMV-Code")
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx26 base64解码获取一个图片并读取
import socket
from PIL import Image
from io import BytesIO
import pytesseract
import base64
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def extract_data(encoded_png_base64):
# Decode base64 string to bytes
decoded_data = base64.b64decode(encoded_png_base64)
# Open image from bytes
image = Image.open(BytesIO(decoded_data))
text = pytesseract.image_to_string(image,lang="eng")
return text
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx26')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=extract_data(data3)
print(data3)
s.send(data3.encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx27 获取相应包指定user的id
import socket
import re
HOST = "temperance.hackmyvm.eu"
PORT = 9988
import requests
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx27')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
response = requests.get(data3)
data3 = response.text
pattern = r'proxy:x:(\d+):'
match = re.search(pattern, data3)
if match:
proxy_uid = match.group(1)
data3=proxy_uid
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx28 解码jwt获取payload部分
import socket
import jwt
import base64
import json
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def base64_url_decode(input):
# 添加缺失的填充字符
padding = '=' * ((4 - len(input) % 4) % 4)
input = input + padding
# 将Base64 URL编码转换为标准Base64编码
input = input.replace('-', '+').replace('_', '/')
# 解码Base64字符串
return base64.b64decode(input)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx28')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=[x for x in data3.split('.')]
data3=base64_url_decode(data3[1])
data3=data3.decode('utf-8')
data3=json.loads(data3)
data3=data3['HMVKey']
print(data3)
s.send(str(data3).encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx29 计算距离
import socket
import base64
import re
from geopy.distance import geodesic
HOST = "temperance.hackmyvm.eu"
PORT = 9988
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print("Receiving Intro")
data = s.recv(1024)
print(data)
s.send(b"levelx29")
data2 = s.recv(1024)
print(data2)
data2 = data2.decode()
pattern = r"Lat: (\d+) Lon: (\d+) - Lat: (\d+) Lon: (\d+)"
matches = re.match(pattern, data2)
if matches:
coord1 = (int(matches.group(1)), int(matches.group(2)))
coord2 = (int(matches.group(3)), int(matches.group(4)))
distance = geodesic(coord1, coord2).kilometers
formatted_distance = "{:.3f}".format(distance)
s.send(formatted_distance.encode())
data3 = s.recv(1024)
print(data3)levelx30 异或
import socket
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def xor_encrypt_decrypt(data: bytes, key: str) -> bytes:
key_bytes = key.encode()
key_length = len(key_bytes)
data_length = len(data)
if key_length < data_length:
key_bytes = (key_bytes * (data_length // key_length + 1))[:data_length]
elif key_length > data_length:
key_bytes = key_bytes[:data_length]
result = bytes(a ^ b for a, b in zip(data, key_bytes))
return result
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode() if data else "No data received")
s.sendall(b'levelx30')
print('Receiving challenge.')
data2 = s.recv(1024)
print(data2.decode() if data2 else "No challenge received")
key = 'HMV'
xor_result = xor_encrypt_decrypt(data2, key)
solution = xor_result.decode()
print(solution)
s.sendall(solution.encode())
print('Receiving flag.')
data3 = s.recv(1024)
print(data3.decode() if data3 else "No flag received")levelx31 读二维码
import socket
import base64
from PIL import Image
import cv2
import numpy as np
from io import BytesIO
from pyzbar.pyzbar import decode
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def decode_qr_and_extract_text(encoded_png_base64):
# 解码 base64 编码的 PNG 图像
decoded_data = base64.b64decode(encoded_png_base64)
image = Image.open(BytesIO(decoded_data))
# 将图像转换为灰度图像
gray_image = image.convert('L')
# 将 PIL 灰度图像转换为 NumPy 数组
np_image = np.array(gray_image)
# 使用 Pyzbar 解码 QR 码
qr_codes = decode(np_image)
# 提取 QR 码中的文本信息
decoded_text = ""
for qr in qr_codes:
decoded_text += qr.data.decode("utf-8")
return decoded_text
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx31')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=decode_qr_and_extract_text(data3)
print(data3)
s.send(data3.encode('utf-8'))
data5=s.recv(1024)
print(data5)levelx32 字符串全排列碰撞md5
import socket
import itertools
import hashlib
HOST = "temperance.hackmyvm.eu"
PORT = 9988
def permute_until_md5_match(md5_hash, input_string):
# Convert the input string to a list of characters
input_list = list(input_string)
# Generate permutations of the input string
permutations = itertools.permutations(input_list)
# Loop through each permutation
for perm in permutations:
# Join the characters back into a string
perm_string = ''.join(perm)
# Calculate the MD5 hash of the permutation
perm_md5 = hashlib.md5(perm_string.encode()).hexdigest()
# If the MD5 hash matches the given MD5 hash, return the permutation
if perm_md5 == md5_hash:
return perm_string
# If no permutation matches, return None
return None
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
print('Receiving Intro')
data = s.recv(1024)
print(data.decode('utf-8'))
s.sendall(b'levelx32')
print('Receiving challenge.')
data2 = s.recv(1024)
print('Challenge text:')
print(data2)
print('Solved challenge:')
data3=data2.decode('utf-8')
data3=[x for x in data3.split(' ')]
data3=permute_until_md5_match(data3[0],data3[1])
print(data3)
s.send(data3.encode('utf-8'))
data5=s.recv(1024)
print(data5)