# angstromCTF (Write-up) [TOC] [官網網址](https://2023.angstromctf.com/) ---------------------------------------------------------------------------- ## Misc ### meow ![](https://i.imgur.com/0cIdVyG.png) ### sanity check 在 DC misc 頻道中寫道 ![](https://i.imgur.com/x1SVb5z.png) ![](https://i.imgur.com/pHXQFiS.png) ---------------------------------------------------------------------------- ## Web ### catch me if you can ![](https://i.imgur.com/2ST3WA2.png) ### shortcircuit 在 F12 裡面我們找到這一行,一看就跟 flag 有關 ![](https://i.imgur.com/AnKWism.png) 根據 swap 的程式可以知道, 傳到 swap 的 array 有 4 個 elements,而且 chunk 只是把 flag 每 30 個字元切成一段,總共切了四段 ![](https://i.imgur.com/nvCrXZV.png) 所以重新排列一下 flag 就出來了 (自己排啦 ### directory 找到要吐了,用 python 去跑,跑有夠久的 == ```python= import requests from bs4 import BeautifulSoup url = 'https://directory.web.actf.co/' with open('output.txt','w') as f: for i in range(0,5000): web = url + str(i) + '.html' res = requests.get(web) soup = BeautifulSoup(res.text, "html.parser") f.write(str(soup)+'\n') if soup.text != 'your flag is in another file': print('I find it!'+soup.text) break elif i%100==0: print("I still alive! "+str(i)) print("finish!\n") f.close() ``` ---------------------------------------------------------------------------- ## Crypto ### ranch ![](https://i.imgur.com/x5a7dne.png) ---------------------------------------------------------------------------- ## rev ### checkers ![](https://i.imgur.com/hklTlwn.png)