目录

题目链接

解题过程

总结

题目链接

https://buuoj.cn/challenges#[INSHack2017]remote-multimedia-controller

解题过程

题目是道流量题。有提示，好像没什么用 ，

打开流量包。搜索flag，发现有flag.txt信息，

追踪TCP流 ，在stream 2发现base64加密信息，

Vmxkd1NrNVhVbk5qUlZKU1ltdGFjRlJYZEhOaWJFNVhWR3RPV0dKVmJEWldiR1JyV1ZkS1ZXRXphRnBpVkVaVFYycEtVMU5IUmtobFJYQlRUVmhDTmxZeFdtdGhhelZ5WWtWYWFWSlViRmRVVlZaYVRURmFjbFpyT1ZaV2JXUTJWa1pvYTFkck1YVlVhbHBoVWxack1GUlZaRXRqVmxaMVZHMTRXRkpVUlRCWFdIQkdUbGRHY2s1VmFFOVdNWEJoV1Zkek1XSldaSFJPVm1SclZsZDRXbFJWVm5wUVVUMDk=

 用BurpSuite工具解码，多次解码后等到明文，

这步用代码解码也可以，代码如下：

import base64cipher_text = 'Vmxkd1NrNVhVbk5qUlZKU1ltdGFjRlJYZEhOaWJFNVhWR3RPV0dKVmJEWldi' \'R1JyV1ZkS1ZXRXphRnBpVkVaVFYycEtVMU5IUmtobFJYQlRUVmhDTmxZeFdt' \'dGhhelZ5WWtWYWFWSlViRmRVVlZaYVRURmFjbFpyT1ZaV2JXUTJWa1pvYTFk' \'ck1YVlVhbHBoVWxack1GUlZaRXRqVmxaMVZHMTRXRkpVUlRCWFdIQkdUbGRH' \'Y2s1VmFFOVdNWEJoV1Zkek1XSldaSFJPVm1SclZsZDRXbFJWVm5wUVVUMDk='plain_text = ''while 'flag' not in plain_text:    cipher_text, plain_text = plain_text, base64.b64decode(cipher_text).decode()print(plain_text)

解出明文：Good job ! You found the flag: INSA{TCP_s0ck3t_4n4lys1s_c4n_b3_fun!}

flag{TCP_s0ck3t_4n4lys1s_c4n_b3_fun!}

总结

1.思路：流量分析搜索关键字、追踪流。

2.知识点：base64解码。