学习思考
🕵🏻In Your Eyes(Write_up)
00 分钟
2022-9-27
2023-6-23
type
status
date
slug
summary
tags
category
icon
password
Property
Jun 23, 2023 11:48 AM

题目信息

来源:2020-CSICTF-Misc-In Your Eyes
难度:⭐⭐⭐⭐⭐⭐⭐
平台地址CTFHub
notion image
notion image

题目描述

“我谈论我所看到的奇妙事物,你的想象纯粹是出于想象,你想知道你的光是如何度过的,日子似乎很明亮,但你不确定。我站在你的位置,闭上眼睛,我看到了什么?(打开你的窗户查看秘密信息)'
notion image

技术要点

  • 对加密图片的解密和复原
  • 学会对图片的信息进行剥离
  • 学会找到关联信息进行检索

解题思路

  • 显而易见,这绝对是一个信息隐藏的题目,我将这张图片google了一下,得到了原图如下:
notion image
与原图对比可以看到人物的眼睛被进行了遮盖,那么很有理由怀疑,Flag信息就在这个地方进行了隐藏,那么下一步就是想办法把这个信息挖掘出来
  • 这期间我使用了很多图像隐写信息工具进行剖析,但是均无法分解得到其中的信息
包括:
  • 均无法找到其中隐藏的信息或者文件,就在我一筹莫展之际,看到了在CTF学习论坛中介绍的一个神奇工具——Quickcrypto,一个支持对于多种图片格式和文件隐藏信息挖掘的程序,经过测试,在本机的Win11系统中无法运行,只支持Win7、Win8、Win10,于是我在虚拟机的Win10系统中进行了安装,并对文件进行了解密:
notion image
终于,工具不负有心人,或者确切的说这叫工欲善其事,必先利其器😂,成功找到了这串隐藏在图片中的字符串信息:
  • 这应该是一个十六进制的字符串,于是我尝试用十六进制转二进制工具将其转换为二进制的01字符串:
    • 这里我在尝试用二进制编码转为Ascii码,可能会得到最终的flag信息
      但最终并没有得到一个有效的数据:
      notion image
  • 这个地方我又再次卡住,说明这个玩意不能这样转换,最后查阅资料,既然这个图片中男人的眼睛被遮盖了,就变成了盲人,所以这串字符是不是能得到盲文,转化为flag呢
  • 那么现在的当务之急就是把这一串字符转化为盲文信息,再得到对应字符信息
为此我又进行了很多资料的查询,找到了Github上一个转化盲文的python程序:Braille_binary
通过运行该段程序:我成功把这段字符串进行了解析:
盲文片段
转义得到的信息:
最终输入flag信息:
csictf{ucbr4ill3}成功解出!

Flag

总结

  • 布莱叶盲文
    • Derivation[edit]
      • Braille is derived from the Latin alphabet, albeit indirectly. In Braille's original system, the dot patterns were assigned to letters according to their position within the alphabetic order of the French alphabet of the time, with accented letters and w sorted at the end.[11]
        Unlike print, which consists of mostly arbitrary symbols, the braille alphabet follows a logical sequence. The first ten letters of the alphabet, aj, use the upper four dot positions: ⠁⠃⠉⠙⠑⠋⠛⠓⠊⠚ (black dots in the table below). These stand for the ten digits 19 and 0 in an alphabetic numeral system similar to Greek numerals (as well all derivations of it, including Hebrew numerals, Cyrillic numerals, Abjad numerals, also Hebrew gematria and Greek isopsephy).
        Though the dots are assigned in no obvious order, the cells with the fewest dots are assigned to the first three letters (and lowest digits), abc = 123 (⠁⠃⠉), and to the three vowels in this part of the alphabet, aei (⠁⠑⠊), whereas the even digits, 4, 6, 8, 0 (⠙⠋⠓⠚), are corners/right angles.
        The next ten letters, kt, are identical to aj respectively, apart from the addition of a dot at position 3 (red dots in the bottom left corner of the cell in the table below): ⠅⠇⠍⠝⠕⠏⠟⠗⠎⠞:
        The next ten letters (the next "decade") are the same again, but with dots also at both position 3 and position 6 (green dots in the bottom row of the cell in the table above). Here w was initially left out as not being a part of the official French alphabet at the time of Braille's life; the French braille order is u v x y z ç é à è ù (⠥⠧⠭⠽⠵⠯⠿⠷⠮⠾).[note 1]
        The next ten letters, ending in w, are the same again, except that for this series position 6 (purple dot in the bottom right corner of the cell in the table above) is used without a dot at position 3. In French braille these are the letters â ê î ô û ë ï ü œ w (⠡⠣⠩⠹⠱⠫⠻⠳⠪⠺). W had been tacked onto the end of 39 letters of the French alphabet to accommodate English.
        The aj series shifted down by one dot space (⠂⠆⠒⠲⠢⠖⠶⠦⠔⠴) is used for punctuation. Letters a ⠁ and c ⠉, which only use dots in the top row, were shifted two places for the apostrophe and hyphen: ⠄⠤. (These are also the decade diacritics, at left in the table below, of the second and third decade.)
        In addition, there are ten patterns that are based on the first two letters (⠁⠃) with their dots shifted to the right; these were assigned to non-French letters (ì ä ò ⠌⠜⠬), or serve non-letter functions: ⠈ (superscript; in English the accent mark), ⠘ (currency prefix), ⠨ (capital, in English the decimal point), ⠼ (number sign), ⠸ (emphasis mark), ⠐ (symbol prefix).
        The first four decades are similar in respect that in those decades the decade dots are applied to the numeric sequence as a logical "inclusive OR" operation whereas the fifth decade applies a "shift down" operation to the numeric sequence.
        Originally there had been nine decades. The fifth through ninth used dashes as well as dots, but proved to be impractical and were soon abandoned. These could be replaced with what we now know as the number sign (⠼), though that only caught on for the digits (old 5th decade → modern 1st decade). The dash occupying the top row of the original sixth decade was simply dropped, producing the modern fifth decade. (See 1829 braille.)
        (摘自Wiki)
    • Braille Binary Converter代码
      • notion image
    • 这一次的misc杂项是我做过最繁琐、最隐晦的一题,主要是很多常规的方法和工具在应对这一题的时候都失效了,常规思路包括隐藏文件到图片和隐藏编码这种,但是很多会在编码这个地方设置难点和布下最后的防线,可能是我经验短缺了,布莱叶盲文着实让我想了很久,这也让我深刻意识到了任何不经意的地方都可以给你布下陷阱。
    • 问渠那得清如许? 为有源头活水来。😎😊
    💡
    声明: 本文采用 CC BY-NC-SA 4.0 许可协议,转载请注明出处。
     
    上一篇
    病毒文件恢复(Write_up)
    下一篇
    浏览器JS拉取远端图片上传到自己的服务器

    评论
    Loading...