├── README.md ├── images └── image-20231122-1.png └── scripts ├── crypto ├── aes.py └── rc4.py └── misc ├── images ├── image_merge1.py ├── image_merge2.py └── stega_8bit.py └── qrcode ├── qrcode_painter_1.py └── qrcode_painter_2.py /README.md: -------------------------------------------------------------------------------- 1 | # Awesome-CTF 2 | 3 | **❗【免责声明】本项目所涉及的技术、思路和工具仅供学习,任何人不得将其用于非法用途和盈利,不得将其用于非授权渗透测试,否则后果自行承担,与本项目无关。 使用本项目前请先阅读 [法律法规](https://github.com/Threekiii/Awesome-Laws)。** 4 | 5 | _Disclaimer: The technologies, concepts, and tools provided in this Git repository are intended for educational and research purposes only. Any use for illegal activities, unauthorized penetration testing, or commercial purposes is strictly prohibited. Please read the [Awesome-Laws](https://github.com/Threekiii/Awesome-Laws) before using this repository._ 6 | 7 | 📖 一个 CTF 知识库。_A knowledge base for CTF (Capture The Flag) challenges._ 8 | 9 | ## Roadmap 10 | 11 | ![](images/image-20231122-1.png) 12 | 13 | ## 目录 14 | 15 | - [First of All](#first-of-all) 16 | - [开源导航](#%E5%BC%80%E6%BA%90%E5%AF%BC%E8%88%AA) 17 | - [Crypto](#crypto) 18 | - [综合工具](#%E7%BB%BC%E5%90%88%E5%B7%A5%E5%85%B7) 19 | - [加解密](#%E5%8A%A0%E8%A7%A3%E5%AF%86) 20 | - [编解码](#%E7%BC%96%E8%A7%A3%E7%A0%81) 21 | - [数学计算](#%E6%95%B0%E5%AD%A6%E8%AE%A1%E7%AE%97) 22 | - [Misc](#misc) 23 | - [综合工具](#%E7%BB%BC%E5%90%88%E5%B7%A5%E5%85%B7) 24 | - [图片分析](#%E5%9B%BE%E7%89%87%E5%88%86%E6%9E%90) 25 | - [图片隐写](#%E5%9B%BE%E7%89%87%E9%9A%90%E5%86%99) 26 | - [图片EXIF](#%E5%9B%BE%E7%89%87exif) 27 | - [图片杂项](#%E5%9B%BE%E7%89%87%E6%9D%82%E9%A1%B9) 28 | - [二维码](#%E4%BA%8C%E7%BB%B4%E7%A0%81) 29 | - [音视频分析](#%E9%9F%B3%E8%A7%86%E9%A2%91%E5%88%86%E6%9E%90) 30 | - [流量分析](#%E6%B5%81%E9%87%8F%E5%88%86%E6%9E%90) 31 | - [取证分析](#%E5%8F%96%E8%AF%81%E5%88%86%E6%9E%90) 32 | - [磁盘取证](#%E7%A3%81%E7%9B%98%E5%8F%96%E8%AF%81) 33 | - [内存取证](#%E5%86%85%E5%AD%98%E5%8F%96%E8%AF%81) 34 | - [日志取证](#%E6%97%A5%E5%BF%97%E5%8F%96%E8%AF%81) 35 | - [浏览器取证](#%E6%B5%8F%E8%A7%88%E5%99%A8%E5%8F%96%E8%AF%81) 36 | - [鼠标/键盘取证](#%E9%BC%A0%E6%A0%87%E9%94%AE%E7%9B%98%E5%8F%96%E8%AF%81) 37 | - [木马分析](#%E6%9C%A8%E9%A9%AC%E5%88%86%E6%9E%90) 38 | - [密码破解](#%E5%AF%86%E7%A0%81%E7%A0%B4%E8%A7%A3) 39 | - [基线加固](#%E5%9F%BA%E7%BA%BF%E5%8A%A0%E5%9B%BA) 40 | - [数据处理](#%E6%95%B0%E6%8D%AE%E5%A4%84%E7%90%86) 41 | - [其他](#%E5%85%B6%E4%BB%96) 42 | - [Web](#web) 43 | - [信息泄露](#%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2) 44 | - [Bypass](#bypass) 45 | - [Webshell检测](#webshell%E6%A3%80%E6%B5%8B) 46 | - [Pwn](#pwn) 47 | - [Pwntools](#pwntools) 48 | - [IDA](#ida) 49 | - [插件](#%E6%8F%92%E4%BB%B6) 50 | - [签名库](#%E7%AD%BE%E5%90%8D%E5%BA%93) 51 | - [GDB](#gdb) 52 | - [ROP Gadget](#rop-gadget) 53 | - [Angr](#angr) 54 | - [Reverse](#reverse) 55 | - [ELF/EXE](#elfexe) 56 | - [Android](#android) 57 | - [Java](#java) 58 | - [Python](#python) 59 | - [Rust](#rust) 60 | - [Go](#go) 61 | 62 | ## First of All 63 | 64 | CTF 常见竞赛模式: 65 | 66 | - 理论知识: 通常为选择题。 67 | - 解题模式: 通常分为 Crypto、Misc、Web、Pwn、Reverse 五个类别。 68 | - AWD 模式: Attack with Defense,通常仅包含 Web 及 Pwn 两个类别。 69 | - AWD Plus 模式: Attack with Defence Plus,通常为解题(攻击)+ 加固(防御)。 70 | - RHG 模式: Robot Hacking Game,通常为使用自动化攻击程序实现对漏洞的全自动挖掘及漏洞。 71 | 72 | 18 年以后的其他新竞赛模式: 73 | 74 | - Real World CTF 75 | - King of The Hill 76 | 77 | ## 开源导航 78 | 79 | - CTF Wiki: https://ctf-wiki.org/ 80 | - CTF Hub: https://www.ctfhub.com/ 81 | - CTF Time: https://ctftime.org/ 82 | - AWD-Guide: https://github.com/AabyssZG/AWD-Guide 83 | - 攻防世界: https://adworld.xctf.org.cn/ 84 | - Hacker 101: https://www.hacker101.com/ 85 | - Cryptopals: 密码学练习题目 https://cryptopals.com/ 86 | - Awesome-ctf: https://github.com/apsdehal/awesome-ctf 87 | - CTF Tools: https://github.com/zardus/ctf-tools 88 | - ~~近期赛事-https://su-sanha.cn/events/ API-http://event.ctf.probius.xyz/cn_CTF ~~(貌似不再维护) 89 | 90 | ## Writeups Collection 91 | 92 | - CTF writeups from P4 Team: https://github.com/p4-team/ctf 93 | 94 | ## Crypto 95 | 96 | *Tools used for solving Crypto challenges.* 97 | 98 | ### 综合工具 99 | 100 | - 在线工具: 101 | - http://www.ip33.com/ 102 | - https://evilcos.me/lab/xssee/ 103 | - http://www.metools.info/ 104 | - https://www.107000.com/ 105 | - https://github.com/wangyiwy/oktools 106 | - http://www.hiencode.com/ 107 | - http://www.atoolbox.net/ 108 | - https://www.sojson.com/ 109 | - https://the-x.cn/ 110 | - 离线工具: 111 | - Ciphey: https://github.com/Ciphey/Ciphey python 112 | - CyberChef: https://github.com/gchq/CyberChef web 113 | - ctfcode: http://1o1o.xyz/bo_ctfcode.html 114 | - CaptfEncoder: https://github.com/guyoung/CaptfEncoder 115 | 116 | ### 加解密 117 | 118 | - 摩斯电码: http://moersima.00cha.net/ 119 | - 摩斯电码: http://www.zhongguosou.com/zonghe/moersicodeconverter.aspx 120 | - 栅栏密码: https://www.qqxiuzi.cn/bianma/zhalanmima.php 121 | - 猪圈密码: http://www.hiencode.com/pigpen.html 122 | - 零宽字符: http://330k.github.io/misc_tools/unicode_steganography.html 123 | - quipqiup: 在线古典密码词频爆破 https://www.quipqiup.com/ 124 | - rabbit: https://asecuritysite.com/encryption/rabbit2 125 | - MD5: 126 | - https://www.cmd5.org/ 127 | - https://www.somd5.com/ 128 | - https://www.onlinehashcrack.com/ 129 | - https://crackstation.net/ 130 | - https://crack.sh/ 131 | - https://passwordrecovery.io/ 132 | - https://md5decrypt.net/en/Sha256/ 133 | - https://hashes.com/en/decrypt/hash 134 | - RSA: 135 | - https://www.ssleye.com/ssltool/ 136 | - https://www.lddgo.net/en/encrypt/rsa work with .pem 137 | - 加密算法模板: https://github.com/a568972484/The_encryption_template_Python 138 | 139 | ### 编解码 140 | 141 | - Unicode: https://www.compart.com/en/unicode/ 142 | - GB2312: http://code.mcdvisa.com/ 143 | - UUencode: http://web.chacuo.net/charsetuuencode 144 | - XXencode: 输入文本以每三个字节为单位进行编码 http://web.chacuo.net/charsetxxencode 145 | - Escape/Unescape: https://tool.chinaz.com/tools/escape.aspx 146 | - HTML 实体编码: https://zh.rakko.tools/tools/21/ 147 | - Base64 填充位隐写读取: https://github.com/cjcslhp/wheels/tree/master/b64stego 148 | 149 | ### 数学计算 150 | 151 | - yafu: RSA 解题中的因式分解 https://github.com/bbuhrow/yafu 152 | - factordb: 在线大数分解数据库 http://factordb.com/ 153 | - 在线求解线性方程组: http://www.yunsuan.info/matrixcomputations/solvelinearsystems.html 154 | - 数独求解器: https://shudu.gwalker.cn/ 155 | 156 | ## Misc 157 | 158 | *Tools used for solving Misc challenges.* 159 | 160 | ### 综合工具 161 | 162 | - PuzzleSolver: Misc 工具 https://github.com/Byxs20/PuzzleSolver 163 | 164 | ### 图片分析 165 | 166 | #### 图片隐写 167 | 168 | - Stegsolve: 图片隐写查看器 http://www.caesum.com/handbook/stego.ht 169 | - Stegonline: Stegsolve 在线版 https://stegonline.georgeom.net/upload 170 | - F5-steganography: 隐写工具 jpg https://github.com/matthewgao/F5-steganography 171 | - OutGuess: 隐写工具 jpg https://github.com/crorvick/outguess 172 | - Silenteye: 隐写工具 jpg https://achorein.github.io/silenteye/ 173 | - zsteg: 检测 png 和 bmp 图片隐写数据 https://github.com/zed-0xff/zsteg 174 | - PNGDebugger: 读取 png 文件头,检查 CRC https://github.com/rvong/png-debugger#pngdebugger 175 | - cloacked-pixel: LSB 隐写工具 png https://github.com/livz/cloacked-pixel 176 | - LSB-Steganography: LSB 隐写工具 png https://github.com/RobinDavid/LSB-Steganography 177 | 178 | #### 图片 EXIF 179 | 180 | - 图虫在线 EXIF 查看器: https://exif.tuchong.com/ 181 | - EXIF 查看器: exiftool https://exiftool.org/ 182 | - Magicexif 元数据编辑器: https://www.magicexif.com/ 183 | - TweakPNG: png 图像编辑器,修改元数据 https://entropymine.com/jason/tweakpng/ 184 | 185 | #### 图片杂项 186 | 187 | - Ezgif: 在线分帧 https://ezgif.com/split 188 | - 盲水印提取: https://github.com/chishaxie/BlindWaterMark 189 | - OCR 在线识别: https://web.baimiaoapp.com/ 190 | - 解决拼图问题: montage+gaps https://github.com/nemanja-m/gaps 191 | 192 | #### 二维码 193 | 194 | - 在线绘制二维码/汉信码: https://www.pixilart.com/draw?ref=home-page 195 | - 在线绘制二维码: https://merricx.github.io/qrazybox/ 196 | - 在线扫描一维码: https://online-barcode-reader.inliteresearch.com/ 197 | 198 | ### 音视频分析 199 | 200 | - Audacity: 音频隐写 https://www.audacityteam.org/ 201 | - Mp3Stego: Mp3 音频隐写 https://www.petitcolas.net/steganography/mp3stego/ 202 | - RX-SSTV: 145.800Mhz 频率信号解码 音频→图片 https://www.qsl.net/on6mu/rxsstv.htm 203 | 204 | ### 流量分析 205 | 206 | - Pcap 流量包在线修复: http://f00l.de/hacking/pcapfix.php 207 | - knm: 鼠标键盘流量包取证 https://github.com/FzWjScJ/knm 208 | - PCredz: Extract information from pcap https://github.com/lgandx/PCredz 209 | 210 | ### 取证分析 211 | 212 | _Tools used for solving Forensics challenges_. 213 | 214 | #### 磁盘取证 215 | 216 | - DiskGenius: 磁盘取证工具 https://www.diskgenius.cn/ 217 | - Sleuth Kit: 磁盘取证工具 https://github.com/sleuthkit/sleuthkit 218 | - Autopsy: 磁盘取证浏览器 https://www.autopsy.com/ 219 | - AccessData FTK Imager: ad1 镜像格式取证 https://www.exterro.com/digital-forensics-software/ftk-imager 220 | - ElcomSoft Distributed Password Recovery: BitLocker 解密 https://www.elcomsoft.com/edpr.html 221 | - Elcomsoft Forensic Disk Decryptor: https://www.elcomsoft.com/efdd.html 222 | 223 | #### 内存取证 224 | 225 | - Volatility: 内存取证工具 https://github.com/volatilityfoundation/volatility 226 | - Volatility3: https://github.com/volatilityfoundation/volatility3 227 | - GIMP: 开源图像编辑器 配合 Volatility 导出的.dmp 使用 https://www.gimp.org/ 228 | - pyvmx-cracker: .vmx 密码破解 https://github.com/axcheron/pyvmx-cracker 229 | - VMwareVMX: .vmx 配置数据解密 https://github.com/RF3/VMwareVMX 230 | 231 | #### 日志取证 232 | 233 | - LogForensics: web 日志取证分析工具 https://security.tencent.com/index.php/opensource/detail/15 234 | - ProcessMonitor: 进程监视器 https://learn.microsoft.com/zh-cn/sysinternals/downloads/procmon 235 | - Event log explorer: 日志查看器 https://www.eventlogxp.com/ 236 | - LogonTracer: Windows Active Directory 事件日志分析 https://github.com/JPCERTCC/LogonTracer 237 | 238 | #### 浏览器取证 239 | 240 | - hindsight: Chrome/Chromium 取证 https://github.com/obsidianforensics/hindsight 241 | - HackBrowserData: 浏览器导出解密 https://github.com/moonD4rk/HackBrowserData 242 | 243 | #### 鼠标/键盘取证 244 | 245 | - knm: 鼠标键盘流量包取证 https://github.com/FzWjScJ/knm 246 | - UsbKeyboardDataHacker: USB 键盘流量包取证 https://github.com/WangYihang/UsbKeyboardDataHacker 247 | - USB-Mouse-Pcap-Visualizer: USB 鼠标流量包取证 https://github.com/WangYihang/USB-Mouse-Pcap-Visualizer 248 | 249 | ### 木马分析 250 | 251 | - CS_Decrypt: CobaltStrike 流量解密 https://github.com/5ime/CS_Decrypt 252 | - godzilla_decryptor: Godzilla 流量解密 https://github.com/Threekiii/Awesome-Redteam/blob/master/scripts/Godzilla_Decryptor/godzilla_decryptor.py 253 | - BlueTeamTools: 综合工具 冰蝎 1.x-3.x Godzilla1.x-4.x 流量解密 https://github.com/abc123info/BlueTeamTools 254 | 255 | ### 密码破解 256 | 257 | _Tools used for various kind of bruteforcing (passwords etc.)_ 258 | 259 | - crunch: 字典生成 260 | - Kali/Linux: https://sourceforge.net/projects/crunch-wordlist 261 | - Windows: https://github.com/shadwork/Windows-Crunch 262 | - pydictor: 字典生成 md5 计算 https://github.com/LandGrey/pydictor/blob/master/README_CN.md 263 | - aircrack-ng: 破解 wifi 密码 https://github.com/aircrack-ng/aircrack-ng 264 | - Advanced Office Password Recovery(AOPR): 破解 office 文档密码 https://www.elcomsoft.com/aopr.html 265 | - Advanced Archive Password Recovery(ARCHPR): 破解 zip 和 rar 文件密码 https://www.elcomsoft.com/archpr.html 266 | - crc32: CRC32 爆破 https://github.com/theonlypwner/crc32 267 | - ZipCenOp: zip 伪加密破解 268 | - Ziperello: zip 压缩包密码破解 269 | - c-jwt-cracker: JWT Token 爆破 https://github.com/brendan-rius/c-jwt-cracker 270 | - how-does-Xmanager-encrypt-password: Xmanager 密码解密 https://github.com/HyperSine/how-does-Xmanager-encrypt-password 271 | - SharpXDecrypt: Xshell 全版本密码恢复 https://github.com/JDArmy/SharpXDecrypt 272 | - navicat_password_decrypt: Navicat 密码恢复 注册表 or .ncx https://github.com/Zhuoyuan1/navicat_password_decrypt 273 | 274 | ### 数据处理 275 | 276 | - 010 Editor: https://www.sweetscape.com/010editor/ 277 | - 010 Editor 插件模板下载: 例如 ELF.bt https://www.sweetscape.com/010editor/repository/templates/ 278 | - Binwalk: https://github.com/ReFirmLabs/binwalk 279 | - 在线十六进制编辑器: https://hexed.it/ 280 | - 在线正则表达式: https://c.runoob.com/front-end/854/ 281 | - 在线正则表达式: https://regex101.com/ 282 | - 在线正则英语单词: https://regdict.com/ 283 | 284 | ### 其他 285 | 286 | - QEMU: 物联网固件仿真 https://wiki.qemu.org/Documentation 287 | - 挖矿收益计算器: https://minersns.com/tools/jsqlist 288 | 289 | ## Web 290 | 291 | ### 信息泄露 292 | 293 | - GitHack: .git 泄露利用脚本 https://github.com/lijiejie/GitHack python3 有时无法恢复.git 目录,推荐 python2 版本 294 | - GitHack: .git 泄露利用脚本 https://github.com/BugScanTeam/GitHack python2 295 | - dvcs-ripper: .svn、.hg、.cvs 泄露利用脚本 https://github.com/kost/dvcs-ripper 296 | - ds_store_exp: .DS_Store 文件泄漏利用脚本 https://github.com/lijiejie/ds_store_exp 297 | 298 | ### Webshell 排查 299 | 300 | - https://www.d99net.net/ 301 | - https://github.com/jvoisin/php-malware-finder 302 | 303 | ### Bypass 304 | 305 | - localhost 绕过: 127.0.0.1 >>> 2130706433 https://www.browserling.com/tools/ip-to-dec 306 | 307 | ## Pwn 308 | 309 | ### Pwntools 310 | 311 | - Pwntools: CTF 框架和漏洞利用开发库 https://github.com/Gallopsled/pwntools 312 | 313 | ### IDA 314 | 315 | #### 插件 316 | 317 | - idaplugins-list: IDA 插件 https://github.com/onethawt/idaplugins-list 318 | 319 | #### 签名库 320 | 321 | - sig-database: IDA FLIRT 签名库 https://github.com/push0ebp/sig-database 322 | - FLIRTDB: IDA FLIRT 签名库 https://github.com/Maktm/FLIRTDB 323 | 324 | ### GDB 325 | 326 | - Pwndbg: GDB 插件 https://github.com/pwndbg/pwndbg 327 | - gdb-dashboard: GDB 插件 https://github.com/cyrus-and/gdb-dashboard 328 | 329 | ### ROP Gadget 330 | 331 | - ROPgadget: 返回导向式编程 寻找 Gadget https://github.com/JonathanSalwan/ROPgadget 332 | - Ropper: 返回导向式编程 寻找 Gadget https://github.com/sashs/Ropper 333 | 334 | ### Angr 335 | 336 | - Angr: 符号执行 https://docs.angr.io/ 官方实例: https://docs.angr.io/en/latest/examples.html 337 | 338 | ## Reverse 339 | 340 | ### ELF/EXE 341 | 342 | - Cutter: https://cutter.re/ 343 | - IDA: https://hex-rays.com/ida-pro/ 344 | - x64DBG: https://x64dbg.com/ 345 | - Ollydbg: https://www.ollydbg.de/ 346 | - bindiff: 二进制比对工具 https://www.zynamics.com/software.html 347 | - angr: 二进制分析 https://github.com/angr/angr 348 | - ExeinfoPE: 查壳工具 https://github.com/ExeinfoASL/ASL 349 | - PEiD: 查壳工具 https://www.aldeid.com/wiki/PEiD 350 | - UPX: UPX 脱壳工具 https://github.com/upx/upx 351 | 352 | ### Android 353 | 354 | - jadx: https://github.com/skylot/jadx 355 | - JEB: https://www.pnfsoftware.com/ 356 | - GDA: https://github.com/charles2gan/GDA-android-reversing-Tool 357 | 358 | ### Java 359 | 360 | - jd-gui: https://github.com/java-decompiler/jd-gui 361 | 362 | ### Python 363 | 364 | - py2exe: 打包工具 https://www.py2exe.org/ 365 | - pyInstaller: 打包工具 https://pyinstaller.org/ 366 | - unpy2exe: py2exe 打包程序中提取 .pyc https://github.com/matiasb/unpy2exe 367 | - pyinstxtractor: pyInstaller 打包程序中提取 .pyc https://github.com/extremecoders-re/pyinstxtractor 368 | - uncompyle6: 字节码文件(.pyc)反编译为源代码(.py) https://github.com/rocky/python-uncompyle6/ 369 | 370 | ### Rust 371 | 372 | - rust-reversing-helper: https://github.com/cha5126568/rust-reversing-helper 373 | 374 | ### Go 375 | 376 | - golang_loader_assist: https://github.com/strazzere/golang_loader_assist 377 | - IDAGolangHelper: https://github.com/sibears/IDAGolangHelper 378 | 379 | ### .NET 380 | 381 | - dotPeek: https://www.jetbrains.com/zh-cn/decompiler/ 382 | - dnSpy: https://github.com/dnSpy/dnSpy 383 | -------------------------------------------------------------------------------- /images/image-20231122-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Threekiii/Awesome-CTF/ab515926cae2851f20d09ef082d73a9849268d0a/images/image-20231122-1.png -------------------------------------------------------------------------------- /scripts/crypto/aes.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Author : Threekiii 3 | # @Time : 2023/12/1 15:03 4 | # @Function: AES Encryption and Decryption 5 | 6 | # AES Key lenth: 16 -> Ciphertext length: 128 7 | # AES Key lenth: 32 -> Ciphertext length: 256 8 | 9 | from Crypto.Util.Padding import pad 10 | from Crypto.Cipher import AES 11 | import base64 12 | 13 | # AES Mode: 14 | # Crypto.Cipher.AES.MODE_ECB= 1 15 | # Crypto.Cipher.AES.MODE_CBC = 2 16 | # Crypto.Cipher.AES.MODE_EAX = 9 17 | # ... 18 | 19 | def padding(data): 20 | # style(string) – Padding algorithm.It can be ‘pkcs7’ (default), ‘iso7816’ or ‘x923’. 21 | if len(data) % AES.block_size != 0: 22 | return pad(data, AES.block_size, 'pkcs7') 23 | else: 24 | return data 25 | 26 | def aes_ecb_encrypt(key, data): 27 | pad_pkcs7 = padding(data) 28 | # pad_pkcs7 = pad(data, AES.block_size, style='pkcs7') # pkcs7 Padding 29 | 30 | key = padding(key) 31 | 32 | aes = AES.new(key, AES.MODE_ECB) 33 | encrypt_aes = aes.encrypt(pad_pkcs7) 34 | encrypted_result = base64.b64encode(encrypt_aes) 35 | return encrypt_aes,encrypted_result 36 | 37 | def aes_ecb_decrypt(key, data): 38 | key = padding(key) 39 | 40 | aes = AES.new(key, AES.MODE_ECB) 41 | decrypted_text = aes.decrypt(data) 42 | return decrypted_text 43 | 44 | if __name__ == '__main__': 45 | key = b"db20d905c4635f77" 46 | data = b"flag{whoami_WHOAMI_12345_Wh0am1}" 47 | encrypt_aes,encrypted_result = aes_ecb_encrypt(key, data) 48 | print(encrypted_result) 49 | decryption_result = aes_ecb_decrypt(key,encrypt_aes) 50 | print(decryption_result) 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /scripts/crypto/rc4.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Author : Threekiii 3 | # @Time : 2023/5/12 15:32 4 | # @Function: RC4 Decryption 5 | 6 | import base64 7 | def rc4_main(key = "init_key", message = "init_message"): 8 | s_box = rc4_init_sbox(key) 9 | crypt = rc4_excrypt(message, s_box) 10 | return crypt 11 | 12 | def rc4_init_sbox(key): 13 | s_box = list(range(256)) 14 | print("[Initial S-Box]: {}".format(s_box)) 15 | j = 0 16 | for i in range(256): 17 | j = (j + s_box[i] + ord(key[i % len(key)])) % 256 18 | s_box[i], s_box[j] = s_box[j], s_box[i] 19 | print("[Random S-Box]: {}".format(s_box)) 20 | return s_box 21 | def rc4_excrypt(plain, box): 22 | plain = base64.b64decode(plain.encode('utf-8')) 23 | plain = bytes.decode(plain) 24 | res = [] 25 | i = j = 0 26 | for s in plain: 27 | i = (i + 1) % 256 28 | j = (j + box[i]) % 256 29 | box[i], box[j] = box[j], box[i] 30 | t = (box[i] + box[j]) % 256 31 | k = box[t] 32 | res.append(chr(ord(s) ^ k)) 33 | cipher = "".join(res) 34 | return cipher 35 | 36 | if __name__ == "__main__": 37 | input=[188, 197, 18, 125, 133, 35, 132, 113, 123, 57, 40, 2, 211, 81, 243, 44, 137, 43, 166, 44, 175, 9] #Cipher 38 | key='12345678abcdefghijklmnopqrspxyz' 39 | s='' 40 | for i in input: 41 | s+=chr(i) 42 | s=str(base64.b64encode(s.encode('utf-8')), 'utf-8') 43 | result = rc4_main(key, s) 44 | print("*"*100) 45 | print("[Cipher]: {}".format(input)) 46 | print("[Key]: {}".format(key)) 47 | print("[Plain Text Result]: {}".format(result)) -------------------------------------------------------------------------------- /scripts/misc/images/image_merge1.py: -------------------------------------------------------------------------------- 1 | # coding=utf-8 2 | # 图片拼接问题(例如50个20*1000分割图片,拼合成一张1000*1000图片) 3 | # 通过r通道对相邻碎片之间的像素查进行比对并调参。主要是对r通道中值部分进行比对,从而得到差值最小的碎片组合。 4 | 5 | import cv2 6 | import os 7 | import numpy 8 | import copy 9 | import itertools 10 | import math 11 | 12 | images = [] 13 | 14 | def judge(A, B): 15 | diff = 0 16 | for r in range(0, len(A)): 17 | #diff += (A[r][len(A[0]) - 1][0] - B[r][0])[0] 18 | #diff += (A[r][len(A[0]) - 1][1] - B[r][0])[1] 19 | diff += (A[r][len(A[0]) - 1][2] - B[r][0])[2] ** 0.25 20 | return diff 21 | 22 | def combine(A, B): 23 | final_matrix = numpy.zeros((len(A), len(A[0]) + len(B[0]), 3), numpy.uint8) 24 | final_matrix[0:len(A), 0:len(A[0])] = A 25 | final_matrix[0:len(A), len(A[0]):len(A[0]) + len(B[0])] = B 26 | return final_matrix 27 | 28 | if __name__ == "__main__": 29 | f_images = os.listdir("./images") 30 | for f_image in f_images: 31 | images.append( 32 | cv2.imread( 33 | "images\\" + f_image 34 | ) 35 | ) 36 | while len(images) > 1: 37 | min_entropy = -1 38 | to_combine = None 39 | for i in range(1, len(images)): 40 | entropy = judge(images[0], images[i]) 41 | if min_entropy == -1 or entropy < min_entropy: 42 | min_entropy = entropy 43 | to_combine = i 44 | images[0] = combine(images[0], images[to_combine]) 45 | print(len(images), len(images[0][0])) 46 | images.pop(to_combine) 47 | cv2.imwrite("./result.png", images[0]) -------------------------------------------------------------------------------- /scripts/misc/images/image_merge2.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Author : Threekiii 3 | # @Time : 2023/5/19 19:24 4 | # @Function: 图片拼接(方法2),例如将 1000 张图片拼接为 1 张图片 5 | 6 | from PIL import Image 7 | 8 | def join(png1, png2, flag='horizontal'): 9 | """ 10 | :param png1: path 11 | :param png2: path 12 | :param flag: horizontal or vertical 13 | :return: 14 | """ 15 | img1, img2 = Image.open(png1), Image.open(png2) 16 | size1, size2 = img1.size, img2.size 17 | if flag == 'horizontal': 18 | joint = Image.new('RGB', (size1[0]+size2[0], size1[1])) 19 | loc1, loc2 = (0, 0), (size1[0], 0) 20 | print(loc1, loc2) 21 | joint.paste(img1, loc1) 22 | joint.paste(img2, loc2) 23 | joint.save('horizontal.png') 24 | elif flag == 'vertical': 25 | joint = Image.new('RGB', (size1[0], size1[1]+size2[1])) 26 | loc1, loc2 = (0, 0), (0, size1[1]) 27 | joint.paste(img1, loc1) 28 | joint.paste(img2, loc2) 29 | joint.save('vertical.png') 30 | 31 | if __name__ == '__main__': 32 | try: 33 | num = 1000 34 | png = 'first_slice.png' 35 | for n in range(0,num): 36 | filename = "./" + str(n) + ".png" 37 | join(png, filename) 38 | except Exception as e: 39 | print(e) -------------------------------------------------------------------------------- /scripts/misc/images/stega_8bit.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Author : Threekiii 3 | # @Time : 2022/12/8 14:17 4 | # @Function: 位深隐写提取脚本(后8bit隐写) 5 | 6 | import png 7 | 8 | img = png.Reader('image_48bit.png') 9 | imginfo = img.read() 10 | w, h, imgdata = imginfo[:3] 11 | data = [] 12 | for linedata in imgdata: 13 | line = [] 14 | for d in linedata: 15 | line.append(d%(2**8)) 16 | data.append(line) 17 | with open('flag.png', 'wb') as f: 18 | img2 = png.Writer(width=w, height=h, greyscale=False, bitdepth=8) 19 | img2.write(f, data) 20 | -------------------------------------------------------------------------------- /scripts/misc/qrcode/qrcode_painter_1.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Author : Threekiii 3 | # @Time : 2022/8/30 15:52 4 | # @Function: 二维码绘制(方法1) 5 | 6 | from PIL import Image 7 | 8 | MAX = 330 9 | pic = Image.new("RGB",(MAX,MAX)) 10 | 11 | s= '' 12 | i = 0 13 | for y in range(0,MAX): 14 | for x in range(0,MAX): 15 | print(s[i]) 16 | if(s[i]=='1'): 17 | pic.putpixel([x,y],(0,0,0)) 18 | else: 19 | pic.putpixel([x,y],(255,255,255)) 20 | i=i+1 21 | pic.show() 22 | pic.save('flag.png') 23 | 24 | 25 | -------------------------------------------------------------------------------- /scripts/misc/qrcode/qrcode_painter_2.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # @Author : Threekiii 3 | # @Time : 2022/8/30 15:54 4 | # @Function: 二维码绘制(方法2) 5 | 6 | import cv2 7 | # import cv2 as cv 8 | import numpy as np 9 | 10 | f = open("qrcode.txt",encoding = "utf-8") 11 | 12 | blank_image = np.zeros((330,330,3), np.uint8) 13 | 14 | a = f.read() 15 | 16 | aa = 0 17 | 18 | for i in a: 19 | x = aa//330 20 | y = aa%330 21 | if i == '0': 22 | blank_image[x, y, 1] = 0 23 | else: 24 | blank_image[x, y, 0] = 255 25 | blank_image[x, y, 1] = 255 26 | blank_image[x, y, 2] = 255 27 | aa += 1 28 | 29 | cv2.imwrite('flag.png',blank_image) 30 | cv2.imshow('canvas',blank_image) 31 | cv2.waitKey(0) 32 | cv2.destroyAllWindows() --------------------------------------------------------------------------------