0x01, Topic: colorful
0x02、WP
1. Right-link, click on the new tab to open the link, save the attachment lipstick.png
// As shown below, the name of the accessory as lipstick, lipstick is the meaning of
2, I began to picture steganography routine:
①, open the image to view the width and height should be no problem, but the color of it, because the topic is colorful, the file name is lipstick, always imply that color-related problem, then what would I use a picture steganography artifact Stegsolve open to see
First:
As shown below, we switch back and forth, found when switching to a certain frame, found YSL (poplar, YSL is a lipstick brand). . . .
Secondly, we look at the export data, we found a compressed package, savebin saved as ysl.zip
then click decompression, error! ! ! Yes ah, we are not in the file header 504B 0304, but we pull into winhex modification, you will find too many bytes are not allowed to save, to play safe, we dragged kali, to be foremost
as follows: in kali inside foremost out of a compressed package, but it needs a password. . . . .
②, well, since it was a package containing compressed flag.txt, we brute about:
As shown below, one at the time, despair! ! ! !
// Note that there is a small trick, as long as the encrypted archive using brute force software to open, if you can crack, it is certainly not the pseudo-encrypted compressed package
③, we look at properties, look at the detailed information, open Notepad search , 010edit no search results, foremost picture did not result. . . . . . . . . . . . . . . . . . . . . .
④, we again look to the subject, and colorful, and the first step species found in Saint Laurent, title or lipstick
Below, as shown, it may be found to be related to the color number. . . .
⑤, using the color picker TakeColor, reads these 21 colors, and the color number corresponding to the official website, and then converted to binary, and then converted to ASCII
1、总共21个颜色:
取色得:
#BC0B28
#D04179
#D47A6F
#C2696F
#EB8262
#CF1A77
#C0083E
#BC0B28
#BC0B28
#D13274
#6A1319
#BC0B28
#BC0B28
#D4121D
#D75B59
#DD8885
#CE0A4A
#D4121D
#7E453A
#D75B59
#DD8885
2、去官网:https://www.yslbeautyus.com/on/demandware.store/Sites-ysl-us-Site/en_US/Product-Variation?pid=194YSL
3、对应色号:
#BC0B28 01
#D04179 27
#D47A6F 59
#C2696F 11
#EB8262 23
#CF1A77 07
#C0083E 57
#BC0B28 01
#BC0B28 01
#D13274 76 //该色号,官网上没有。。
#6A1319 222
#BC0B28 01
#BC0B28 01
#D4121D 50
#D75B59 214
#DD8885 06
#CE0A4A 77
#D4121D 50
#7E453A 53
#D75B59 214
#DD8885 06
4、可以使用脚本把色号转为二进制再转换为ASCII码
**注意:别人的代码。。。。。。。。**
================================================
#coding=utf8
import sys
import libnum
ss=''
s=[1,27,59,11,23,7,57,1,1,76,222,1,1,50,214,6,77,50,53,214,6]
for i in s:
ss+=bin(i)[2:]
print ss
type = sys.getfilesystemencoding()
print libnum.b2s(ss).decode('utf-8').encode(type)
=================================================
5、但是:这里需要安装libnum库。。。
安装过程:
①、打开kali
②、运行以下命令:
git clone https://github.com/hellman/libnum
cd libnum
python setup.py install
6、之后运行该python脚本得出密码:白学家
如下图所示:
⑥, before extracting archive, too:
0x03、Flag
flag{White_Album_is_Really_worth_watching_on_White_Valentine’s_Day}
0x04, related tools:
1, eyedropper tool: TakeColor
Baidu network disk link | Extraction code |
---|---|
https://pan.baidu.com/s/1CJcM0Xd11IM3DYycexzEXQ | 31tx |