[Level 20]
Title: go away!
图片中显示
PRIVATE PROPERTY BEYOND THIS FENCE
图片下有一段话
but inspecting it carefully is allowed.
信息大概就这么多,然后各种尝试,无果。没办法,搜索了下,原来突破口是响应头里的Content-Range:bytes 0-30202/2123456789。那么然后呢?改变范围。
import httplib2,re
h = httplib2.Http('.Cache')
url = 'http://www.pythonchallenge.com/pc/hex/unreal.jpg'
headers = {'Authorization':'Basic YnV0dGVyOmZseQ=='}
pattern = re.compile(r'-(\d+)')
start = 30203
while True:
headers['Range'] = 'bytes={0}-'.format(start)
resp, content = h.request(url,headers=headers)
if content:
start = int(pattern.search(resp['content-range']).group(1)) + 1
print(content)
content = ''
else:
break
收获invader关键字,但invader.html显示Yes! that's you!,没什么用。范围还能倒过来开始?
start = 2123456789
while True:
headers['Range'] = 'bytes={0}-'.format(start)
resp, content = h.request(url,headers=headers)
if content:
start = int(pattern.search(resp['content-range']).group(1)) - 1
print(content)
content = ''
else:
break
得到两条信息,esrever ni emankcin wen ruoy si drowssap eht和and it is hiding at 1152983631.。第一条信息反转后为the password is your new nickname in reverse,nickname是invader,1152983631呢?
headers['Range'] = 'bytes=1152983631-'
content = h.request(url,headers=headers)[1]
内容打印出来是长字节,无法解读,写入文件吧。
with open('data','wb') as f:
f.write(content)
修改为图片后缀,无法打开。以文本形式打开,可以看到PK和readme.txt字样,猜测是压缩文件。修改后缀,可以打开,[Level 21]的内容就在里面。
小结
认证信息可以这样:
import base64
headers = {'Authorization':'Basic {0}'.format(base64.b64encode(b'butter:fly').decode())}
使用urllib.request请求网页:
import urllib.request
request = urllib.request.Request(url)
request.add_header('Authorization', 'Basic YnV0dGVyOmZseQ==')
request.headers['Range'] = 'bytes=30203-'
response = urllib.request.urlopen(request)
