├── .gitignore ├── README.md ├── 东部赛区 ├── Homooo0.zip ├── KeyRecever.zip ├── pb.rar ├── re_ds001.rar ├── server.zip ├── 描述.md ├── 数据分析1.zip ├── 数据分析2.zip ├── 数据分析3.zip ├── 数据分析5.zip └── 数据分析6.zip ├── 南北部赛区 ├── Bitcoin │ └── 描述.txt ├── Classic_image_steganography │ ├── Classic_image_steganography_689adef0ca6a6bd5e9bd39509199626d.zip │ └── 描述.txt ├── IDN的绘画 │ └── 描述.txt ├── Magic Audio │ ├── magicaudio_f5cdb7f226ad30d209081aa01d879e90.zip │ └── 描述.txt ├── drinktea │ └── 描述.txt ├── easyjava │ ├── easyjava_2dfb11a009041a3879f33f8af00c5121.zip │ └── 描述.txt ├── rrrrcccc │ ├── rrrrcccc_9320bad31719126ac546154f6c606262.zip │ └── 描述.txt ├── sm3_need_extend │ ├── sm3extend_c3566723d412c8ac35c604ea00feb44d.zip │ └── 描述.txt ├── your_model │ ├── Umodel_5e97c93e7058da5cde5df780ca6239e1.zip │ └── 描述.txt ├── 不安全的u盘 │ └── 描述.txt └── 网站的数据绝对安全 │ ├── safe_675bbba7b9bfeafef8b62f4203030ae9.zip │ └── 描述.txt └── 西部赛区 ├── BabyRSA_d8a7ec1ac2107b5d5d18032c620a01a4.zip ├── Backpack_34b38ace7dd95b34e1d2770169230c1c.zip ├── Backpack_revenge_e09f1722ae5ef0d804bee3e0403e34d8.zip ├── Crackdeb_708f183cd9f4ea912bf8aec428173d84.zip ├── Data Processing.zip ├── INPUT_b5d8ef10e9b85ae9839bba3944745327.zip ├── LRisc_6a09dee66442237e4442add1190e15a2.zip ├── MWatch_c404430ebed371baf76aaa3854f8705e.zip ├── Malware Analysis.zip ├── Notebook_142584f8803b3fb115566f9d41fd0beb.zip ├── PrimeConundrum_99d5f95028dde72227124f5dbee81686.zip ├── Q2code_e0be3d468b2ba77163f63edff1d0b78a.zip ├── RWIO_64c64c8c128c9b8bfcb35f80bf88b8e1.zip ├── RWZIP_e974e05bec738d79cae89fa4936e047c.zip ├── SU7_5d93ddc7ffb442ce01146086941ae9a6.zip ├── USBHacker_bf5697e7f222285a7e3274033fd357bf.zip ├── UnsetData_13e56993b63c3013034b197fba52074d.zip ├── Verification.zip ├── dispense_2cc37301c496cd132e3db82c5b2d4265.zip ├── fun_51b789381b6d5531ae97e429dbe5fda1.zip ├── iosend_a4e5ab56137f676f7939c94579737626.zip ├── ping_7b37cfd704016954c920614f6b5e0563.zip ├── pyc_09d721c8bf4f0b2ec29afa857a330ad2.zip ├── training_d014675cc4987f8e404f52e2063bc16c.zip ├── training_server.py ├── 好大的公钥_0fde0fda50a7270276e12538d7b725b0.zip ├── 好小的公钥_b723d1f84e972610737b04dedebe712a.zip ├── 消逝的曲线_ff662792ce13f9b7b280d7e9ea6339e2.zip └── 题目描述.md /.gitignore: -------------------------------------------------------------------------------- 1 | Release/ 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ShuXinCup2024 2 | 3 | 第二届数据安全大赛(数信杯2024)积分争夺赛 各赛区附件 4 | -------------------------------------------------------------------------------- /东部赛区/Homooo0.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/Homooo0.zip -------------------------------------------------------------------------------- /东部赛区/KeyRecever.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/KeyRecever.zip -------------------------------------------------------------------------------- /东部赛区/pb.rar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/pb.rar -------------------------------------------------------------------------------- /东部赛区/re_ds001.rar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/re_ds001.rar -------------------------------------------------------------------------------- /东部赛区/server.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/server.zip -------------------------------------------------------------------------------- /东部赛区/描述.md: -------------------------------------------------------------------------------- 1 | 1、KeyRecever(100分): 2 | 3 | 题目描述:某公司一员工由于存储不当导致一个密钥文件损坏,无法解密相关重要文件。安全部门的小A通过技术手段恢复了部分密钥文件数据,请你帮助小A完整恢复密钥文件,并尝试解密获得flag。 4 | 5 | 6 | 7 | 8 | 9 | 2、AESsystem(100分): tcp://101.132.242.241:33069 10 | 11 | 题目描述:AES高级加密标准(Advanced Encryption Standar)作为目前分组密码实际上的工业标准,广泛使用在各个领域。某企业安全部门的小A在学习了AES算法的相关知识后,简单实现了一个AES的加解密系统,并准备将此系统推广至企业所有员工,用于实现员工敏感数据的加密处理。现小A开放了一个测试接口,请帮助其测试此加解密系统,并尝试获取flag。 12 | 13 | 14 | 15 | 16 | 17 | 3、re_ds001(100分): 18 | 19 | 题目描述:分析程序,获取对应附件中加密文件的原始数据,正确答案请提交解密后数据的第12行第2列数据 20 | 21 | 22 | 23 | 24 | 25 | 4、pb(100分): tcp://101.132.242.241:33070 26 | 27 | 题目描述:利用程序漏洞获取info_sec文件中数据,提交第6行第2列数据 -------------------------------------------------------------------------------- /东部赛区/数据分析1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/数据分析1.zip -------------------------------------------------------------------------------- /东部赛区/数据分析2.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/数据分析2.zip -------------------------------------------------------------------------------- /东部赛区/数据分析3.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/数据分析3.zip -------------------------------------------------------------------------------- /东部赛区/数据分析5.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/数据分析5.zip -------------------------------------------------------------------------------- /东部赛区/数据分析6.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/东部赛区/数据分析6.zip -------------------------------------------------------------------------------- /南北部赛区/Bitcoin/描述.txt: -------------------------------------------------------------------------------- 1 | file2.7z:https://pan.baidu.com/s/14RCtSXbtFB5eTnPafalzXg 提取码为GAME 2 | md5值为492533cff1554d0338cbccb907403a21 3 | 4 | 第一题: 5 | (本题附件见于提前下载的加密压缩包file2.7z,解压密码为ea22f6a70e24c3aa682aa43ab1c19220) 6 | 7 | 计算机上的加密货币钱包程序在何时被安装?(时间以东八区为准,格式为YYYY/MM/DD-HH:MM:SS) 8 | 9 | 第二题: 10 | 隐藏的加密货币钱包文件的完整路径是什么? 11 | 12 | 第三题: 13 | 钱包中记录着一笔交易,这笔交易的接收方地址是什么? 14 | 15 | 第四题: 16 | 在合约CTF.sol中存在一处漏洞,该漏洞是由哪一函数造成的(比如:exec)? -------------------------------------------------------------------------------- /南北部赛区/Classic_image_steganography/Classic_image_steganography_689adef0ca6a6bd5e9bd39509199626d.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/Classic_image_steganography/Classic_image_steganography_689adef0ca6a6bd5e9bd39509199626d.zip -------------------------------------------------------------------------------- /南北部赛区/Classic_image_steganography/描述.txt: -------------------------------------------------------------------------------- 1 | 很经典的图片隐写 -------------------------------------------------------------------------------- /南北部赛区/IDN的绘画/描述.txt: -------------------------------------------------------------------------------- 1 | file3.7z:https://pan.baidu.com/s/1NNcb4QrA6y1y5sF2iTdzTA 提取码为GAME 2 | md5值为9c26770d174c682d60ddbe66149f9da2 (解压密码将在比赛时对应题目描述里) 3 | 4 | IDN·MRF 出生在2082年3月,根据IDN星球规定,每一个IDN人出生时,必须配备唯一的ID,但是粗心的IDN·MRF却把他的ID弄丢了,只留下了一串加密的信息:xn--7nraaa738k9tnba223fba479qe42gda,似乎墙上的画对她也有一定的帮助,好心人,你能帮这个小朋友找回她唯一的ID吗?flag格式为flag{32位字符串} 5 | 6 | (本题附件见于提前下载的加密压缩包file3.7z,解压密码为cc42721a3bd4988e6cabea6eb8f622db) 7 | 8 | 题目提示:需要根据关键字构造字典;密码长度为23位 -------------------------------------------------------------------------------- /南北部赛区/Magic Audio/magicaudio_f5cdb7f226ad30d209081aa01d879e90.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/Magic Audio/magicaudio_f5cdb7f226ad30d209081aa01d879e90.zip -------------------------------------------------------------------------------- /南北部赛区/Magic Audio/描述.txt: -------------------------------------------------------------------------------- 1 | magic audio -------------------------------------------------------------------------------- /南北部赛区/drinktea/描述.txt: -------------------------------------------------------------------------------- 1 | drink tea please. -------------------------------------------------------------------------------- /南北部赛区/easyjava/easyjava_2dfb11a009041a3879f33f8af00c5121.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/easyjava/easyjava_2dfb11a009041a3879f33f8af00c5121.zip -------------------------------------------------------------------------------- /南北部赛区/easyjava/描述.txt: -------------------------------------------------------------------------------- 1 | 某个精通百家姓的开发者把自己的小秘密藏在了附件中,来查查他有什么秘密。 -------------------------------------------------------------------------------- /南北部赛区/rrrrcccc/rrrrcccc_9320bad31719126ac546154f6c606262.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/rrrrcccc/rrrrcccc_9320bad31719126ac546154f6c606262.zip -------------------------------------------------------------------------------- /南北部赛区/rrrrcccc/描述.txt: -------------------------------------------------------------------------------- 1 | Where did my correct code go? -------------------------------------------------------------------------------- /南北部赛区/sm3_need_extend/sm3extend_c3566723d412c8ac35c604ea00feb44d.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/sm3_need_extend/sm3extend_c3566723d412c8ac35c604ea00feb44d.zip -------------------------------------------------------------------------------- /南北部赛区/sm3_need_extend/描述.txt: -------------------------------------------------------------------------------- 1 | sm3 != md5 ? 2 | 3 | calc_sm3 降低了编码干扰带来的难度 -------------------------------------------------------------------------------- /南北部赛区/your_model/Umodel_5e97c93e7058da5cde5df780ca6239e1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/your_model/Umodel_5e97c93e7058da5cde5df780ca6239e1.zip -------------------------------------------------------------------------------- /南北部赛区/your_model/描述.txt: -------------------------------------------------------------------------------- 1 | 根据提供的模型进行训练,要求对积极语句识别准确度超过80%,并保障其他类型的最低识别标准。 -------------------------------------------------------------------------------- /南北部赛区/不安全的u盘/描述.txt: -------------------------------------------------------------------------------- 1 | file1.7z:https://pan.baidu.com/s/17L3hwWlgSzlvOGS-5s7hsA 提取码为GAME 2 | md5值为1637f16391868504a856851a2b8e4a7b 3 | 4 | 第一题: 5 | 小明在一家数据安全公司上班,今天在公司捡到了一个U盘,好奇心冒出的他将它插入到自己的电脑中,并查看里面的README.pdf后,打开后发现自己的电脑变卡了,并且一段时间后,有很大的下载的流量传入。小明在想,难道这个pdf文件是木马?于是有着安全意识的小明,紧急将当前电脑的内存状态给进行了一个保存,并进行了断网操作。 6 | (本题附件见于提前下载的加密压缩包file1.7z,解压密码为03feb52b45d074a82c064ee0f73f089e) 7 | 8 | 请提交小明电脑中的test账户的密码(格式为hash对应的明文,长度为9) 9 | 10 | 11 | 第二题: 12 | 请提交导致小明点击pdf后被控的危险软件名字(格式为包含完整路径的危险软件名字,并去除空格,去除空格后长度为56) 13 | 14 | 第三题: 15 | 请提交控制小明的服务器地址:端口(格式为"ip:port",长度为19) 16 | 17 | 第四题: 18 | 攻击者在控制了小明电脑后,似乎上传了用于后渗透的文件,请找到该文件对应的配置文件,从配置文件中溯源到攻击者的公网服务器的ip地址和监听端口(格式为"ip_port",长度为19) 19 | -------------------------------------------------------------------------------- /南北部赛区/网站的数据绝对安全/safe_675bbba7b9bfeafef8b62f4203030ae9.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/南北部赛区/网站的数据绝对安全/safe_675bbba7b9bfeafef8b62f4203030ae9.zip -------------------------------------------------------------------------------- /南北部赛区/网站的数据绝对安全/描述.txt: -------------------------------------------------------------------------------- 1 | 第一题: 2 | 系统中存在的用户名是什么? 3 | 4 | 第二题: 5 | key3的的值是什么? 6 | 7 | 第三题: 8 | 图片中泄漏的信息是什么? -------------------------------------------------------------------------------- /西部赛区/BabyRSA_d8a7ec1ac2107b5d5d18032c620a01a4.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/BabyRSA_d8a7ec1ac2107b5d5d18032c620a01a4.zip -------------------------------------------------------------------------------- /西部赛区/Backpack_34b38ace7dd95b34e1d2770169230c1c.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Backpack_34b38ace7dd95b34e1d2770169230c1c.zip -------------------------------------------------------------------------------- /西部赛区/Backpack_revenge_e09f1722ae5ef0d804bee3e0403e34d8.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Backpack_revenge_e09f1722ae5ef0d804bee3e0403e34d8.zip -------------------------------------------------------------------------------- /西部赛区/Crackdeb_708f183cd9f4ea912bf8aec428173d84.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Crackdeb_708f183cd9f4ea912bf8aec428173d84.zip -------------------------------------------------------------------------------- /西部赛区/Data Processing.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Data Processing.zip -------------------------------------------------------------------------------- /西部赛区/INPUT_b5d8ef10e9b85ae9839bba3944745327.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/INPUT_b5d8ef10e9b85ae9839bba3944745327.zip -------------------------------------------------------------------------------- /西部赛区/LRisc_6a09dee66442237e4442add1190e15a2.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/LRisc_6a09dee66442237e4442add1190e15a2.zip -------------------------------------------------------------------------------- /西部赛区/MWatch_c404430ebed371baf76aaa3854f8705e.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/MWatch_c404430ebed371baf76aaa3854f8705e.zip -------------------------------------------------------------------------------- /西部赛区/Malware Analysis.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Malware Analysis.zip -------------------------------------------------------------------------------- /西部赛区/Notebook_142584f8803b3fb115566f9d41fd0beb.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Notebook_142584f8803b3fb115566f9d41fd0beb.zip -------------------------------------------------------------------------------- /西部赛区/PrimeConundrum_99d5f95028dde72227124f5dbee81686.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/PrimeConundrum_99d5f95028dde72227124f5dbee81686.zip -------------------------------------------------------------------------------- /西部赛区/Q2code_e0be3d468b2ba77163f63edff1d0b78a.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Q2code_e0be3d468b2ba77163f63edff1d0b78a.zip -------------------------------------------------------------------------------- /西部赛区/RWIO_64c64c8c128c9b8bfcb35f80bf88b8e1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/RWIO_64c64c8c128c9b8bfcb35f80bf88b8e1.zip -------------------------------------------------------------------------------- /西部赛区/RWZIP_e974e05bec738d79cae89fa4936e047c.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/RWZIP_e974e05bec738d79cae89fa4936e047c.zip -------------------------------------------------------------------------------- /西部赛区/SU7_5d93ddc7ffb442ce01146086941ae9a6.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/SU7_5d93ddc7ffb442ce01146086941ae9a6.zip -------------------------------------------------------------------------------- /西部赛区/USBHacker_bf5697e7f222285a7e3274033fd357bf.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/USBHacker_bf5697e7f222285a7e3274033fd357bf.zip -------------------------------------------------------------------------------- /西部赛区/UnsetData_13e56993b63c3013034b197fba52074d.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/UnsetData_13e56993b63c3013034b197fba52074d.zip -------------------------------------------------------------------------------- /西部赛区/Verification.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/Verification.zip -------------------------------------------------------------------------------- /西部赛区/dispense_2cc37301c496cd132e3db82c5b2d4265.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/dispense_2cc37301c496cd132e3db82c5b2d4265.zip -------------------------------------------------------------------------------- /西部赛区/fun_51b789381b6d5531ae97e429dbe5fda1.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/fun_51b789381b6d5531ae97e429dbe5fda1.zip -------------------------------------------------------------------------------- /西部赛区/iosend_a4e5ab56137f676f7939c94579737626.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/iosend_a4e5ab56137f676f7939c94579737626.zip -------------------------------------------------------------------------------- /西部赛区/ping_7b37cfd704016954c920614f6b5e0563.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/ping_7b37cfd704016954c920614f6b5e0563.zip -------------------------------------------------------------------------------- /西部赛区/pyc_09d721c8bf4f0b2ec29afa857a330ad2.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/pyc_09d721c8bf4f0b2ec29afa857a330ad2.zip -------------------------------------------------------------------------------- /西部赛区/training_d014675cc4987f8e404f52e2063bc16c.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/training_d014675cc4987f8e404f52e2063bc16c.zip -------------------------------------------------------------------------------- /西部赛区/training_server.py: -------------------------------------------------------------------------------- 1 | import os 2 | import random 3 | import hashlib 4 | from PIL import Image 5 | import tensorflow as tf 6 | from flask import Flask, request, jsonify 7 | from tensorflow.keras.optimizers import Adamax 8 | 9 | from secret import flag 10 | 11 | app = Flask(__name__) 12 | app.config['MAX_CONTENT_LENGTH'] = 100 * 1024 * 1024 13 | app.config['PERMANENT_SESSION_LIFETIME'] = 600 14 | 15 | @app.route('/') 16 | def index(): 17 | return "

I'm alive.

" 18 | 19 | @app.route('/upload_model', methods=['POST']) 20 | def upload_model(): 21 | global loaded_model 22 | try: 23 | if 'model' not in request.files: 24 | return jsonify({'status': 'failed', 'message': 'No model file.'}) 25 | model = request.files['model'] 26 | model.save('./model.h5') 27 | loaded_model = tf.keras.models.load_model('./model.h5', compile=False) 28 | loaded_model.compile(Adamax(learning_rate= 0.001), loss= 'categorical_crossentropy', metrics= ['accuracy']) 29 | with open('./model.h5', 'rb') as f: 30 | model_bytes = f.read() 31 | return jsonify({'status': 'success', 'message': hashlib.md5(model_bytes).hexdigest()}) 32 | except Exception as e: 33 | loaded_model = None 34 | # print(repr(e)) 35 | return jsonify({'status': 'failed', 'message': repr(e)}) 36 | 37 | @app.route('/predict', methods=['GET', 'POST']) 38 | def predict(): 39 | if not loaded_model: 40 | return jsonify({'status': 'failed', 'message': 'No model.'}) 41 | counts = 50 42 | right_count = 0 43 | fire_count = random.randint(1, counts // 2) 44 | no_fire_count = counts - fire_count 45 | fire_names = random.sample(FireNames, fire_count) 46 | no_fire_names = random.sample(NoFireNames, no_fire_count) 47 | 48 | for name in fire_names: 49 | image = Image.open('./Vali/Fire/' + name) 50 | img_array = tf.keras.preprocessing.image.img_to_array(image) 51 | img_array = tf.expand_dims(img_array, 0) 52 | predictions = loaded_model.predict(img_array) 53 | score = tf.nn.softmax(predictions[0]) 54 | if tf.argmax(score).numpy() == 0: 55 | right_count += 1 56 | for name in no_fire_names: 57 | image = Image.open('./Vali/NoFire/' + name) 58 | img_array = tf.keras.preprocessing.image.img_to_array(image) 59 | img_array = tf.expand_dims(img_array, 0) 60 | predictions = loaded_model.predict(img_array) 61 | score = tf.nn.softmax(predictions[0]) 62 | if tf.argmax(score).numpy() == 1: 63 | right_count += 1 64 | 65 | if right_count / counts > 0.9: 66 | return jsonify({'status': 'success', 'right': f'{right_count/counts:0.2f}%', 'message': flag}) 67 | else: 68 | return jsonify({'status': 'failed', 'right': f'{right_count/counts:0.2f}%', 'message': 'Sorry, you are not good enough.'}) 69 | 70 | if __name__ == '__main__': 71 | loaded_model = None 72 | FireNames = os.listdir('./Vali/Fire') 73 | NoFireNames = os.listdir('./Vali/NoFire') 74 | 75 | app.run(host='0.0.0.0', port = 5000, debug=False) 76 | 77 | -------------------------------------------------------------------------------- /西部赛区/好大的公钥_0fde0fda50a7270276e12538d7b725b0.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/好大的公钥_0fde0fda50a7270276e12538d7b725b0.zip -------------------------------------------------------------------------------- /西部赛区/好小的公钥_b723d1f84e972610737b04dedebe712a.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/好小的公钥_b723d1f84e972610737b04dedebe712a.zip -------------------------------------------------------------------------------- /西部赛区/消逝的曲线_ff662792ce13f9b7b280d7e9ea6339e2.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CTF-Archives/2024-ShuXinCup-sjaq/0467376c478116f64356f1f1c0c10f9881b3da6d/西部赛区/消逝的曲线_ff662792ce13f9b7b280d7e9ea6339e2.zip -------------------------------------------------------------------------------- /西部赛区/题目描述.md: -------------------------------------------------------------------------------- 1 | # SU7 2 | 3 | 分数:289.8 4 | 5 | 6 | 7 | 数据安全工程师在对测试车辆例行维护检查的时候,发现某台车辆的行驶记录存在异常,疑似被黑客攻击,请你协助排查出现这一情况的原因。flag{异常数值} 8 | 9 | # MWatch 10 | 11 | 分数:223.7 12 | 13 | 14 | 15 | 数据安全研究员在分析智能设备实时采集的数据时,检测到有一台设备使用者曾出现过某数值过高的情况,请你协助分析该数值最高是多少。`flag{md5(数据采集设备名称_数据接收设备名称_数值)}` 16 | 17 | # messagebox[容器题] 18 | 19 | 分数:76.8 20 | 21 | 22 | 23 | 主办方推出了收集各位选手对题目反馈的平台 24 | 25 | # 定向数据采集[容器题] 26 | 27 | 分数:84.7 28 | 29 | 30 | 31 | 根据通知,要求按照一个格式的数据进行采集,符合规定即可,共计收集1000份样本数据。 32 | 33 | # isend[容器题] 34 | 35 | 分数:477.5 36 | 37 | 38 | 39 | 某公司内部使用如下软件作为数据传输采集工具,请分析工具,找出存在问题的地方。 40 | 41 | # ping数据采集[容器题] 42 | 43 | 分数:500 44 | 45 | 46 | 47 | 该程序针对icmp协议进行数据传输,用于敏感数据采集,由于特殊的协议构造,无法被waf拦截,请分析程序,尝试拿到服务器中的敏感信息并提交。 48 | 49 | # Q2code 50 | 51 | 分数:500 52 | 53 | 54 | 55 | 为了体现出产品的独特性加入了新的校验系统,在实现校验的同时还跟传统扫描器区分开,扫描出的二维码信息会和自身Mask Pattern进行校验,请在混淆过的二维码中找到两组隐藏的数据。 56 | 57 | # Prime Conundrum 58 | 59 | 分数:477.5 60 | 61 | 62 | 63 | 某员工使用RSA算法存储了某些明文信息,但他的RSA参数是不是有点问题? 64 | 65 | # cloudconsole[容器题] 66 | 67 | 分数:223.7 68 | 69 | 70 | 71 | 我们推出了新的云控制台,来对产品与服务进行集中管理 72 | 73 | # Verification 74 | 75 | 分数:477.5 76 | 77 | 78 | 79 | 某公司有一个用于传输敏感数据的数据传输接口。为了确保数据传输的安全性,服务端对接收到的数据进行了加密和校验。请分析该接口程序的加密校验算法,解出flag。 80 | 81 | # 幻方[容器题] 82 | 83 | 分数:136.5 84 | 85 | 86 | 87 | 你只有3s 88 | 89 | # Data Processing 90 | 91 | 分数:500 92 | 93 | 94 | 95 | 请分析数据处理程序的算法,还原出原始文件数据,提取出flag。 96 | 97 | # RWZIP 98 | 99 | 分数:103.8 100 | 101 | 102 | 103 | 数据存档的时候出现了异常情况,请你协助分析文档的信息。 104 | 105 | # pyc 106 | 107 | 分数:57.9 108 | 109 | 110 | 111 | py又cc 112 | 113 | # Crackdeb 114 | 115 | 分数:500 116 | 117 | 118 | 119 | 开发人员针对图像数据编写了一个测试版本的数据加密工具,不过被同事发现要破解这组数据十分简单,请你尝试获取被加密起来的秘密。 120 | 121 | # Backpack 122 | 123 | 分数:176.5 124 | 125 | 126 | 127 | 没有人比你更懂CJLOSS, flag格式为 flag{xxxx} 128 | 129 | # 好小的公钥 130 | 131 | 分数:500 132 | 133 | 134 | 135 | 一封道歉信 136 | 137 | # weather 138 | 139 | 分数:289.8 140 | 141 | 142 | 143 | 在多次的修改与调试后,我终于完成了我的第一个天气展示系统 144 | 145 | # RWIO 146 | 147 | 分数:425.2 148 | 149 | 150 | 151 | 数据分析师在处理数据时发现有可疑的数据,请你协助分析并还原数据。 152 | 153 | # blankwebsite[容器题] 154 | 155 | 分数:500 156 | 157 | 158 | 159 | 这是一个空白的网站,我只完成了登录页面的开发 160 | 161 | # USBHacker 162 | 163 | 分数:128.1 164 | 165 | 166 | 167 | 同志,请出示您的身份信息!flag{md5(缺失的信息)} 168 | 169 | # training 170 | 171 | 分数:425.2 172 | 173 | 174 | 175 | 我们提供了一批火焰、非火焰的样本,请帮忙设计一个模型,用于快速识别图片中是否有火焰。 176 | 177 | # Backpack_revenge 178 | 179 | 分数:500 180 | 181 | 182 | 183 | Master of CJLOSS 184 | 185 | # Malware Analysis 186 | 187 | 分数:500 188 | 189 | 190 | 191 | 在一次水坑攻击中,一组黑客伪装成管理员,通过邮箱系统发送了一个看似合法的Excel表格给受害者。请你分析该钓鱼文件,找出flag。 192 | 193 | # 好大的公钥 194 | 195 | 分数:451.1 196 | 197 | 198 | 199 | 不太正常的d 200 | 201 | # dispense[容器题] 202 | 203 | 分数:500 204 | 205 | 206 | 207 | 数据通过某种算法平均分发下来了,请分析程序,找到该程序的薄弱点并尝试利用。 208 | 209 | # Notebook 210 | 211 | 分数:207.8 212 | 213 | 214 | 215 | 某企业员工将内部通知发到了互联网,该企业数据安全工程师通过技术手段溯源到了泄密者,你能找到是谁泄密的吗? 216 | 217 | # cloudplat[容器题] 218 | 219 | 分数:187.7 220 | 221 | 222 | 223 | 面对越来越多的服务上云,我编写了这个平台来快速分配资源 224 | 225 | # Baby_RSA 226 | 227 | 分数:304.5 228 | 229 | 230 | 231 | 某员工有一个生成素数的初始值,这个算法他跑了很长时间。程序不小心终端,还不小心删了了初始值,还能恢复明文吗 232 | 233 | # 消逝的曲线 234 | 235 | 分数:500 236 | 237 | 238 | 239 | 用以完成的加密的曲线消失了,请分析已有信息,恢复曲线 240 | 241 | # UnsetData 242 | 243 | 分数:289.8 244 | 245 | 246 | 247 | 数据分析师收到一个遭到破坏的设备文件,请你协助分析并还原真实的数据。 248 | 249 | # filesever[容器题] 250 | 251 | 分数:425.2 252 | 253 | 254 | 255 | 越来越多的文件需要存储,于是我开发了这个网盘 256 | 257 | # LRisc[容器题] 258 | 259 | 分数:500 260 | 261 | 262 | 263 | 该JIT系统实现了一套类似RISCV子集的完备指令系统以及新的调用约定,请尝试找出问题。 264 | 265 | # mysql数据清理[容器题] 266 | 267 | 分数:242.3 268 | 269 | 270 | 271 | 根据要求,现在要从数据库中彻底删除一些用户的数据,请连接提供的mysql容器,删除ctf所有表中,用户id为5142、2123、1169、8623这四个用户的数据。要求彻底清理这些用户,不能在服务器[中找到残留,同时不能改动其他用户数据。当操作成功后,系统会在ctf.flag表中录入flag数据。(mysql ctf用户密码 pswd@123) 272 | 273 | # fun 274 | 275 | 分数:242.3 276 | 277 | 278 | 279 | 方程 280 | 281 | # INPUT 282 | 283 | 分数:500 284 | 285 | 286 | 287 | 这是什么格式的信息呢? --------------------------------------------------------------------------------