平台WP · 2022年10月17日

zip诡异密码

这个题看描述让用pyzipper这个库,并且说密码只有一位
emmmAES256加密的压缩包
查一下下pyzipper这个库

import pyzipper

secret_password = b'lost art of keeping a secret'

with pyzipper.AESZipFile('new_test.zip',
                         'w',
                         compression=pyzipper.ZIP_LZMA,
                         encryption=pyzipper.WZ_AES) as zf:
    zf.setpassword(secret_password)
    zf.writestr('test.txt', "What ever you do, don't tell anyone!")

with pyzipper.AESZipFile('new_test.zip') as zf:
    zf.setpassword(secret_password)
    my_secrets = zf.read('test.txt')

这是官方文档给的用法,上面加密,下面解密
稍作修改,直接爆破

import pyzipper

PwdLists = []
for line in range(255):
    try:
        with pyzipper.AESZipFile('zip.zip') as zf:
            pp = line.to_bytes(1, 'big')
            zf.setpassword(pp)
            m = zf.read('flag.txt')
            print(m,line)
    except:
        pass # 失败跳过
print("OVER")

得到flag和密码:
nynuctf{5b3807f9-912b-4b57-8c38-ccf268a27b48} 254