#include <stdio.h> #include <string.h> #include <unistd.h> struct __attribute__((__packed__)) data { char buf[32]; int guard; }; void ignore(void) { setvbuf(stdout, NULL, _IONBF, 0); setvbuf(stdin, NULL, _IONBF, 0); } void get_flag(void) { char flag[1024] = { 0 }; FILE *fp = fopen("flag.txt", "r"); fgets(flag, 1023, fp); printf(flag); } int main(void) { struct data first_words; ignore(); /* ignore this function */ printf("Hello little p0wn3r. Do you have any first words?\n"); fgets(first_words.buf, 64, stdin); sleep(2); puts("Man that is so cute"); sleep(2); puts("I remember last year people were screaming at the little p0wn3rs.. like AAAAAAAAAAAAAAAAAAAAAAAAAAAAA!"); sleep(2); puts("Don't worry little one. I won't let them do that to you. I've set up a guard"); if (first_words.guard == 0x42424242) { get_flag(); } return 0; }
import random def main(): print("Let's play a game, I am thinking of a number between 0 and", 2 ** 64, "\n") try: guess = eval(input("What is the number?: ")) except: guess = 0 correct = random.randint(0, 2**64) if (guess == correct): print("\nCorrect! You won the flag!") flag = open("flag.txt", "r").readline() print(flag) else: print("\nYou lost lol") main()
再使用hashcat进行爆破(需要将前面的”Database:”删去) 
随后拿密码进入keepass中翻找一番即可得到flag