• "CoolShell puzzle game" writeup


    地址:http://fun.coolshell.cn/

    1. Fuck your brain
      看到一大串符号,还以为是 js 代码,结果放到 Chrome 控制台执行没有任何结果,然后搜了一下发现有一门叫Brainfuck的编程语言,醉了,用官网提供的编译器把那串代码编译执行一下就出结果了,答案是“welcome.html”

    2. Multiply
      2, 3, 6, 18, 108. ? 看到这一串数字很容易得到 ? = 18*108 = 1944,放到 URL 里试试,提示Yes, one of the answers is 1944,嗯……下面还有一句话,“生命、宇宙以及任何事情的终极答案”,直接谷歌了一下,说是42,好吧我信了,那么答案就是这两个数的乘积了,1944*42 = 81648

    3. Keyboard
      有一张键盘的图片和一段代码,点击图片会跳转到维基百科关于 Dvorak 键盘的介绍,猜测可能是与QWERTY键盘的键位转换,可以手动转换也可以使用在线工具转换,转换后的代码是main() { printf(&unix["21%six12"],(unix)["have"]+"fun"-0x60);},用 gcc 编译执行可以得到结果“unix”,当然,也可以手动分析试试,可以参考http://blog.csdn.net/lisonglisonglisong/article/details/38404973

    4. QR Code
      出现一个二维码和一段文字,扫描二维码可得[abcdefghijklmnopqrstuvwxyz] <=> [pvwdgazxubqfsnrhocitlkeymj],看来下面的文字是密文,而这是加密方式,逆向解密得“chere there is a shell, there is a way. s expect you use the shell command to solve this problem, now, please try using the rot13 of "shell" to enter next level.”答案就是“shell”的rot13变换,即“furyy”。
      解密用的 Python 代码如下。

        #!/usr/bin/env python3
    
        s = 'Wxgcg txgcg ui p ixgff, txgcg ui p epm. I gyhgwt mrl lig txg ixgff wrsspnd tr irfkg txui hcrvfgs, nre, hfgpig tcm liunz txg crt13 ra "ixgff" tr gntgc ngyt fgkgf.'
        result = ''
        letter1 = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z']
        letter2 = ['p', 'v', 'w', 'd', 'g', 'a', 'z', 'x', 'u', 'b', 'q', 'f', 's', 'n', 'r', 'h', 'o', 'c', 'i', 't', 'l', 'k', 'e', 'y', 'm', 'j']
        for item in s.lower():
            if item in letter2:
                result +=  letter1[letter2.index(item)]
            else:
                result += item
        print(result)
    
    1. cat
      首先,标题是“Palindrome”,意思是“回文”,然后图片左侧有一些字符串,符合回文的特征,“c”,“a”,“t”三个字母标红了,试了试“cat”,果然不对……继续看下面“The answer has been lost in the source”,难道是让查看源码的意思吗?F12走起,然后就发现这句话下面隐写了“Notes: it's case-sensitive!”,嗯……大小写敏感,指的应该是答案或者是回文字符串吧,继续看源码就发现,注释里有一大坨字符串,这TM是啥啊……

      只能从“回文”考虑了,用正则表达式找一下这一坨字符串里的回文字符串,正则表达式是([A-Z])([0-9])[a-z](2)(1)|([0-9])([A-Z])[a-z](6)(5),放到http://tool.oschina.net/regex做一下匹配,得到
    共找到 9 处匹配:
    E1v1E
    4FaF4
    9XrX9
    O3i3O
    0MaM0
    4GbG4
    M5l5M
    0WeW0
    Y0s0Y
    

    嗯……感觉还需要再处理一下,根据“cat”三个字母标红的未知,取每行中间的字母,凑出了“variables”这个单词,试了试,正确!

    1. variables
      点击图片会打开http://fun.coolshell.cn/n/2014这个链接,显示一个数字,用这个数字替换链接中的“2014”,打开该链接又会显示一个数字,根据提示“Keep going, you will find the result...”,只要这样一直找下去,就会得到答案,简单写个脚本跑一下,一会就能得到结果,Cool! the next level is "tree"。
        #!/usr/bin/env python3
    
        import requests
        n = "2014"
        while True:
            url = "http://fun.coolshell.cn/n/" + n
            r = requests.get(url)
            num = r.content.decode("utf-8")
            print(num)
            n = num
    
    1. tree
      给了二叉树的中序遍历和后序遍历,那么就可以还原出这颗二叉树,然后这棵树的最深路径就是下面那段密文的密钥,相关代码如下
        #!/usr/bin/env python3
    
        class TreeNode(object):
            def __init__(self, x):
                self.val = x
                self.left = None
                self.right = None
    
        def buildFromInorderPostorder(postorder, inorder):
            length = len(postorder)
            if length == 0:
                return None
            root_val = postorder[-1]
            root_node = TreeNode(root_val)
            offset = inorder.index(root_val)
            root_node.left = buildFromInorderPostorder(postorder[:offset], inorder[:offset])
            root_node.right = buildFromInorderPostorder(postorder[offset:-1], inorder[offset+1:])
            return root_node
    
        def deepestPath(root_node):
            if root_node == None:
                return []
            else:
                leftDeepestPath = deepestPath(root_node.left)
                rightDeepestpath = deepestPath(root_node.right)
                return [root_node.val] + (leftDeepestPath if len(leftDeepestPath) > len(rightDeepestpath) else rightDeepestpath)
    
        if __name__ == '__main__':
            inorder = ["T", "b", "H", "V", "h", "3", "o", "g", "P", "W", "F", "L", "u", "A", "f", "G", "r", "m", "1", "x", "J", "7", "w", "e", "0", "i", "Q", "Y", "n", "Z", "8", "K", "v", "q", "k", "9", "y", "5", "C", "N", "B", "D", "2", "4", "U", "l", "c", "p", "I", "E", "M", "a", "j", "6", "S", "R", "O", "X", "s", "d", "z", "t"]
            postorder = ["T", "V", "H", "o", "3", "h", "P", "g", "b", "F", "f", "A", "u", "m", "r", "7", "J", "x", "e", "w", "1", "Y", "Q", "i", "0", "Z", "n", "G", "L", "K", "y", "9", "k", "q", "v", "N", "D", "B", "C", "5", "4", "c", "l", "U", "2", "8", "E", "I", "R", "S", "6", "j", "d", "s", "X", "O", "a", "M", "p", "W", "t", "z"]
            root_node = buildFromInorderPostorder(postorder, inorder)
            print(deepestPath(root_node))
    

    得到这棵树的最深路径:'z', 'W', 'p', '8', 'L', 'G', 'n', '0', '1', 'w', 'x', 'J', '7'
    然后用它来解密密文

    echo U2FsdGVkX1+gxunKbemS2193vhGGQ1Y8pc5gPegMAcg= | openssl enc -aes-128-cbc -a -d -pass pass:zWp8LGn01wxJ7
    

    得到答案“nqueens”

    1. N Queens
      经典的 N 皇后问题,网上有大量解法,找到一个修改如下
        #!/usr/bin/env python3
        # N queens
        # From: http://blog.csdn.net/gaoyingju/article/details/6725532
    
        def conflict(state, nextX):
            nextY = len(state)
            for i in range(nextY):
                if abs(state[i]-nextX) in (0, nextY - i):
                    return True
            return False
    
        def queens(num=8, state=()):
            for pos in range(num):
                if not conflict(state,pos):
                    if len(state) == num - 1:
                        yield (pos,)
                    else:
                        for result in queens(num, state + (pos,)):
                            yield (pos,) + result
    
        # 求符合条件的code
        import hashlib
        for solution in queens(9):
            code = "".join(str(s+1) for s in solution)
            sha = hashlib.sha1(("zWp8LGn01wxJ7" + code + "
    ").encode("utf-8"))
            if sha.hexdigest() == "e48d316ed573d3273931e19f9ac9f9e6039a4242":
                print("Success! " + code)
                break
    

    得到答案“953172864”

    1. Excel Column
      把字母串转化为数字,类似与进制转换,很容易找到规律,比如 ABC=1*26^2+2*26^1+3*26^0,同理
        COOLSHELL = 3*26^8+15*26^7+15*26^6+12*26^5+19*26^4+8*26^3+5*26^2+12*26^1+12 = 751743486376
        SHELL = 19*26^4+8*26^3+5*26^2+12*26^1+12 = 8826856
    

    数字比较大可以直接粘到谷歌搜索框里计算
    因此,COOLSHELL / SHELL = 751743486376 / 8826856 = 85165,再将其转化为对应的字母串,代码如下

        #!/usr/bin/env python3
        letters = [chr(i) for i in range(65, 91)]
        def intToletters(n):
            result = ""
            while n > 0:
                result  = letters[n%26-1] + result
                n = int(n/26)
            return result
    
        if __name__ == '__main__':
            print(intToletters(85165))
    

    答案是“DUYO”

    1. Fraternal Organisation
      乍一看题不知所谓……看下面那一串字符应该是密文。然后密钥就是从两张图片下手了,题目说找到两张图片的关系就很简单了,直接用 Google 图片搜索,第一张搜出来是“pigpen”,第二张是“Freemasonry”,然后把它俩和“加密”组合作为关键词搜索,发现猪圈密码这个有意思的加密方法,对照密钥就可以解密出原文了,答案是“helloworld”,注意小写才能顺利进入下一页面

    通关!

  • 相关阅读:
    使用反射调用某个类的成员方法
    java反射机制
    SVProgressHUD
    __objc__
    loadView
    v2ex 下拉刷新 SCRootViewController
    stuck with
    v2ex 下拉刷新模块
    转载
    vue-cli脚手架构建了项目如何去除Eslint验证(语法格式验证)
  • 原文地址:https://www.cnblogs.com/renzongxian/p/5595831.html
Copyright © 2020-2023  润新知