JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG 这是CTF解密题目 他...
创建于:2026年1月9日
使用 GPT-5.2 Thinking 回答 Chat01
问题
JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG
这是CTF解密题目 他可能是什么加密方法 帮我解密一下
Python
pythonimport base64, binascii, textwrap, math, re, string s="JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG" len(s) 37
Python
pythons="JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG" def b64_decode(s): pad = '=' * ((4 - len(s)%4)%4) try: return base64.urlsafe_b64decode(s+pad) except Exception as e: return None, e b64_decode(s)[:10] (None, binascii.Error('Invalid base64-encoded string: number of data characters (37) cannot be 1 more than a multiple of 4'))
Python
pythonalphabet = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" def b58decode(s): n=0 for ch in s: n*=58 if ch not in alphabet: raise ValueError(f"invalid char {ch}") n+=alphabet.index(ch) # convert to bytes h = n.to_bytes((n.bit_length()+7)//8, 'big') if n>0 else b'' # add leading zeros for leading '1's pad = 0 for ch in s: if ch=='1': pad+=1 else: break return b'\x00'*pad + h b=b58decode(s) len(b), b[:50] (27, b'\x81\xfd]\xcf7\xa2AY\x06H\x1b\xa5h\x9eh\xd2\xb1h \xc7\x0b@\xad\xe9X\x0bY')
Python
pythonb b'\x81\xfd]\xcf7\xa2AY\x06H\x1b\xa5h\x9eh\xd2\xb1h \xc7\x0b@\xad\xe9X\x0bY'
Python
pythonimport hashlib, binascii def b58check_decode(s): raw=b58decode(s) if len(raw)<4: return None data, cks = raw[:-4], raw[-4:] chk = hashlib.sha256(hashlib.sha256(data).digest()).digest()[:4] return data, cks, chk, cks==chk data, cks, chk, ok = b58check_decode(s) ok, len(data), data, cks, chk (False, 23, b'\x81\xfd]\xcf7\xa2AY\x06H\x1b\xa5h\x9eh\xd2\xb1h \xc7\x0b@\xad', b'\xe9X\x0bY', b'\xb4_,\x94')
Python
pythonb=b58decode("JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG") def score_english(bs): # simple scoring: count printable and common letters printable=sum(32<=c<127 for c in bs) freq=sum(bs.lower().count(ch) for ch in b'etaoinshrdlu') return printable*2+freq best=[] for k in range(256): x=bytes([c^k for c in b]) if b'flag' in x.lower() or b'ctf' in x.lower() or b'{' in x: best.append((k,x)) len(best), best[:5] (23, [(19, b'\x92\xeeN\xdc$\xb1RJ\x15[\x08\xb6{\x8d{\xc1\xa2{3\xd4\x18S\xbe\xfaK\x18J'), (34, b'\xa3\xdf\x7f\xed\x15\x80c{$j9\x87J\xbcJ\xf0\x93J\x02\xe5)b\x8f\xcbz){'), (35, b'\xa2\xde~\xec\x14\x81bz%k8\x86K\xbdK\xf1\x92K\x03\xe4(c\x8e\xca{(z'), (38, b'\xa7\xdb{\xe9\x11\x84g\x7f n=\x83N\xb8N\xf4\x97N\x06\xe1-f\x8b\xcf~-\x7f'), (51, b'\xb2\xcen\xfc\x04\x91rj5{(\x96[\xad[\xe1\x82[\x13\xf48s\x9e\xdak8j')])
Python
pythonscores=[] for k in range(256): x=bytes([c^k for c in b]) scores.append((score_english(x),k,x)) scores.sort(reverse=True) scores[:10] [(36, 60, b"\xbd\xc1a\xf3\x0b\x9e}e:t'\x99T\xa2T\xee\x8dT\x1c\xfb7|\x91\xd5d7e"), (36, 45, b'\xac\xd0p\xe2\x1a\x8flt+e6\x88E\xb3E\xff\x9cE\r\xea&m\x80\xc4u&t'), (36, 44, b"\xad\xd1q\xe3\x1b\x8emu*d7\x89D\xb2D\xfe\x9dD\x0c\xeb'l\x81\xc5t'u"), (35, 61, b'\xbc\xc0`\xf2\n\x9f|d;u&\x98U\xa3U\xef\x8cU\x1d\xfa6}\x90\xd4e6d'), (35, 41, b'\xa8\xd4t\xe6\x1e\x8bhp/a2\x8cA\xb7A\xfb\x98A\t\xee"i\x84\xc0q"p'), (34, 36, b'\xa5\xd9y\xeb\x13\x86e}"l?\x81L\xbaL\xf6\x95L\x04\xe3/d\x89\xcd|/}'), (33, 53, b'\xb4\xc8h\xfa\x02\x97tl3}.\x90]\xab]\xe7\x84]\x15\xf2>u\x98\xdcm>l'), (33, 33, b"\xa0\xdc|\xee\x16\x83`x'i:\x84I\xbfI\xf3\x90I\x01\xe6*a\x8c\xc8y*x"), (33, 32, b'\xa1\xdd}\xef\x17\x82ay&h;\x85H\xbeH\xf2\x91H\x00\xe7+`\x8d\xc9x+y'), (32, 59, b'\xba\xc6f\xf4\x0c\x99zb=s \x9eS\xa5S\xe9\x8aS\x1b\xfc0{\x96\xd2c0b')]
Python
pythonimport zlib, gzip, io b=b58decode("JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG") for name, func in [("zlib", lambda: zlib.decompress(b)), ("gzip", lambda: gzip.decompress(b))]: try: out=func() print(name, out[:100]) except Exception as e: print(name, "fail", e)
Python
pythonalphabets = { "bitcoin":"123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz", "flickr":"123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ", "ripple":"rpshnaf39wBUDNEGHJKLM4PQRST7VWXYZ2bcdeCg65jkm8oFqi1tuvAxyz" } def b58decode_alpha(s,alphabet): n=0 for ch in s: n*=58 if ch not in alphabet: return None n+=alphabet.index(ch) h = n.to_bytes((n.bit_length()+7)//8,'big') if n>0 else b'' pad=0 for ch in s: if ch==alphabet[0]: pad+=1 else: break return b'\x00'*pad + h def is_mostly_printable(bs): return sum(32<=c<127 for c in bs)/len(bs) if bs else 0 for name,alpha in alphabets.items(): raw=b58decode_alpha(s,alpha) print(name, len(raw), raw[:10], is_mostly_printable(raw))
Python
pythonalpha=alphabets["bitcoin"] # Precompute index map idx={ch:i for i,ch in enumerate(alpha)} def shift_str(s,shift): return ''.join(alpha[(idx[ch]+shift)%58] if ch in idx else ch for ch in s) best=[] for sh in range(58): ss=shift_str(s,sh) raw=b58decode_alpha(ss,alpha) if raw is None: continue pr=is_mostly_printable(raw) if pr>0.8: best.append((sh,pr,raw)) best[:10], len(best) ([], 0)
Python
pythonalpha=alphabets["bitcoin"] idx={ch:i for i,ch in enumerate(alpha)} indexes=[idx[ch] for ch in s] indexes[:20], len(indexes), min(indexes), max(indexes) ([17, 32, 57, 11, 35, 36, 7, 22, 2, 35, 47, 14, 25, 0, 2, 9, 5, 22, 55, 5], 37, 0, 57)
Python
pythonimport itertools, numpy as np, math b=b58decode_alpha(s,alphabets["bitcoin"]) def best_key_for_len(L): key=[] for i in range(L): col=b[i::L] best=None for k in range(256): x=bytes([c^k for c in col]) pr=sum(32<=c<127 for c in x) # penalize weird score=pr if best is None or score>best[0]: best=(score,k) key.append(best[1]) return bytes(key) def decrypt_with_key(key): out=bytes([c^key[i%len(key)] for i,c in enumerate(b)]) return out cands=[] for L in range(1,13): key=best_key_for_len(L) pt=decrypt_with_key(key) pr=is_mostly_printable(pt) cands.append((pr,L,key,pt)) cands.sort(reverse=True) cands[:5] [(0.8148148148148148, 11, b'\xc0\x80\x00 \x00\x80\x00\x00 ', b'A}]\xef7"AY&h;e\xe8\x9eH\xd21h \xe7+`miX+Y'), (0.7777777777777778, 12, b'\x00\xa0\x00\x80\x00\x00\x00\x00 \x00 \x80', b'\x81]]O7\xa2AY&H;%h>hR\xb1h \xc7+@\x8diX\xabY'), (0.7777777777777778, 10, b' \x80\x00\xa0\x00\x80\x00\x00@\x00', b'\xa1}]o7"AYFH;%h>hR\xb1h`\xc7+\xc0\xadIX\x8bY'), (0.7777777777777778, 8, b' `\x80@\xc0\x00\x80', b'\xa1\xdd=OwbA\xd9&h{%(^hR\x91H@GK\x80\xadix+9'), (0.7037037037037037, 9, b'\x00\x80 \x00\xc0\x80\x00 ', b'\x81}}\xcf\xf7"Ay&H\x9b\x85h^\xe8\xd2\x91H G+@miX+y')]
Python
pythonpt=bytes([c^0x80 for c in b]) pt, is_mostly_printable(pt) (b'\x01}\xddO\xb7"\xc1\xd9\x86\xc8\x9b%\xe8\x1e\xe8R1\xe8\xa0G\x8b\xc0-i\xd8\x8b\xd9', 0.3333333333333333)
Python
pythons="JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG" rev=s[::-1] for name in ["orig","rev"]: raw=b58decode_alpha(rev if name=="rev" else s, alphabets["bitcoin"]) pr=is_mostly_printable(raw) print(name, len(raw), pr, raw)
Python
pythonimport codecs pt=b58decode_alpha(s[::-1], alphabets["bitcoin"]).decode() pt, codecs.decode(pt,'rot_13') ('synt{flfgrz_u4px3q_fhpp3ff}', 'flag{system_h4ck3d_succ3ss}')
思考
回答
这个串很像 Base58(Bitcoin 字母表):它只用到了 1-9A-HJ-NP-Za-km-z 这些字符,刻意避开了 0/O/I/l。
但它还做了两步“套娃”:
解密过程
- 先把字符串反转
textG c C d i S m T 8 k b R Z 3 E C F 6 x P 6 A 3 1 S F p c 3 P 8 d c C z Z J => "GcCd...ZJ" (完整反转见下面代码)
- 对反转后的字符串做 Base58 解码
得到可读文本:
synt{flfgrz_u4px3q_fhpp3ff}
- 再做 ROT13
flag{system_h4ck3d_succ3ss}
✅ 最终答案 / flag: flag{system_h4ck3d_succ3ss}
复现用 Python(可直接跑)
pythons = "JZzCcd8P3cpFS13A6Px6FCE3ZRbk8TmSidCcG" alphabet = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" idx = {c:i for i,c in enumerate(alphabet)} def b58decode(x: str) -> bytes: n = 0 for ch in x: n = n * 58 + idx[ch] b = n.to_bytes((n.bit_length()+7)//8, "big") if n else b"" # leading '1' => leading zero bytes pad = 0 for ch in x: if ch == "1": pad += 1 else: break return b"\x00"*pad + b rev = s[::-1] mid = b58decode(rev).decode() print("base58(reversed) =", mid) # rot13 import codecs print("rot13 =", codecs.decode(mid, "rot_13"))
如果你还有同题的其它样本(或者题目提示/描述),也可以贴出来,我可以帮你判断它还可能混了哪些常见套路(倒序、ROT、异或、压缩等)。