hans362
/
hans362.github.io
mirror of https://github.com/hans362/hans362.github.io.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8f918a659e'
${ noResults }
hans362.github.io/post/sjtu-ctf-2025-writeup/index.html

1 line
81 KiB
HTML
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<!DOCTYPE html><html lang="zh-CN"><head><meta charset="utf-8"><meta http-equiv="x-dns-prefetch-control" content="on"><meta name="viewport" content="width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no"><meta name="renderer" content="webkit"><meta name="force-rendering" content="webkit"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><meta name="HandheldFriendly" content="True"><meta name="mobile-web-app-capable" content="yes"><link rel="shortcut icon" href="https://hans362-img.oss.0vv0.top/favicon.ico"><link rel="icon" type="image/png" sizes="16x16" href="https://hans362-img.oss.0vv0.top/favicon-16x16.png"><link rel="icon" type="image/png" sizes="32x32" href="https://hans362-img.oss.0vv0.top/favicon-32x32.png"><link rel="apple-touch-icon" sizes="180x180" href="https://hans362-img.oss.0vv0.top/apple-touch-icon.png"><link rel="mask-icon" href="https://hans362-img.oss.0vv0.top/safari-pinned-tab.svg"><title>SJTU-CTF 2025 部分 WriteUp | Hans362 &#39;s Blog</title><meta name="keywords" content="Web, 网络安全, CTF, Writeup, 解题报告, Hans362"><meta name="description" content="又是一年一度的校赛,今年继续给校赛出了 2 道 Web 题SmartGrader、EzWebAuthn(_Revenge),赛后按照惯例发一下出题思路和解题过程。不过考虑到题目后续会搬到校内 OJ为避免影响后面同学的练习效果就全部加密了密码是对应题目的 Flag解出后可以来看看出题思路和可能的其他解法。"><meta property="og:type" content="article"><meta property="og:title" content="SJTU-CTF 2025 部分 WriteUp"><meta property="og:url" content="https://blog.hans362.cn/post/sjtu-ctf-2025-writeup/"><meta property="og:site_name" content="Hans362 &#39;s Blog"><meta property="og:description" content="又是一年一度的校赛,今年继续给校赛出了 2 道 Web 题SmartGrader、EzWebAuthn(_Revenge),赛后按照惯例发一下出题思路和解题过程。不过考虑到题目后续会搬到校内 OJ为避免影响后面同学的练习效果就全部加密了密码是对应题目的 Flag解出后可以来看看出题思路和可能的其他解法。"><meta property="og:locale" content="zh_CN"><meta property="article:published_time" content="2025-04-10T15:33:33.000Z"><meta property="article:modified_time" content="2025-04-11T10:35:15.358Z"><meta property="article:author" content="Hans362"><meta property="article:tag" content="Web"><meta property="article:tag" content="网络安全"><meta property="article:tag" content="CTF"><meta property="article:tag" content="Writeup"><meta property="article:tag" content="解题报告"><meta name="twitter:card" content="summary_large_image"><link rel="stylesheet" href="/css/style/main.css"><link rel="stylesheet" id="hl-default-theme" href="https://blog.hans362.cn/npm/highlight.js@10.1.2/styles/atom-one-light.css" media="none"><link rel="stylesheet" id="hl-dark-theme" href="https://blog.hans362.cn/npm/highlight.js@10.1.2/styles/atom-one-dark.css" media="none"><script src="/js/darkmode.js"></script><link rel="dns-prefetch" href="https://analytics.0vv0.top"><link rel="preconnect" href="https://hans362-img.oss.0vv0.top"><meta name="generator" content="Hexo 7.1.1"><link rel="alternate" href="/atom.xml" title="Hans362 's Blog" type="application/atom+xml"></head><body><div class="app-shell-loader">加载中...</div><div class="container" tabindex="-1"><header><div class="header__left"><a href="/" class="button"><span class="logo__text">Hans362 &#39;s Blog</span></a></div><div class="header__right"><div class="navbar__menus"><a href="/" class="button"><div class="navbar-menu">首页</div></a><a href="/archives/" class="button"><div class="navbar-menu">归档</div></a><a href="/tags/" class="button"><div class="navbar-menu">标签</div></a><a href="/bangumi/" class="button"><div class="navbar-menu">追番</div></a><a href="/links/" class="button"><div class="navbar-menu">友链</div></a><a href="/about/" class="button"><div class="navbar-menu">关于</div></a><a href="/atom.xml" class="button"><div class="navbar-menu">RSS</div></a></div><a href="/search/" class="button"><div id="btn-search"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1024 1024" width="24" height="24" fill="currentColor" stroke="currentColor" stroke-width="32"><path d="M192 448c0-141.152 114.848-256 256-256s256 114.848 256 256-114.848 256-256 256-256-114.848-256-256z m710.624 409.376l-206.88-206.88A318.784 318.784 0 0 0 768 448c0-176.736-143.264-320-320-320S128 271.264 128 448s143.264 320 320 320a318.784 318.784 0 0 0 202.496-72.256l206.88 206.88 45.248-45.248z"></path></svg></div></a><a href="javaScript:void(0);" rel="external nofollow noreferrer" class="button"><div id="btn-toggle-dark"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1 1 11.21 3 7 7 0 0 0 21 12.79z"></path></svg></div></a><a href="#" class="button" id="b2t" aria-label="回到顶部" title="回到顶部"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1024 1024" width="32" height="32"><path d="M233.376 722.752L278.624 768 512 534.624 745.376 768l45.248-45.248L512 444.128zM192 352h640V288H192z" fill="currentColor"></path></svg> </a><a class="dropdown-icon button" tabindex="0"><div id="btn-dropdown"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" width="24" height="24" fill="none" stroke="currentColor" stroke-width="0.7" stroke-linecap="round" stroke-linejoin="round"><path fill="currentColor" d="M3.314,4.8h13.372c0.41,0,0.743-0.333,0.743-0.743c0-0.41-0.333-0.743-0.743-0.743H3.314c-0.41,0-0.743,0.333-0.743,0.743C2.571,4.467,2.904,4.8,3.314,4.8z M16.686,15.2H3.314c-0.41,0-0.743,0.333-0.743,0.743s0.333,0.743,0.743,0.743h13.372c0.41,0,0.743-0.333,0.743-0.743S17.096,15.2,16.686,15.2z M16.686,9.257H3.314c-0.41,0-0.743,0.333-0.743,0.743s0.333,0.743,0.743,0.743h13.372c0.41,0,0.743-0.333,0.743-0.743S17.096,9.257,16.686,9.257z"></path></svg></div></a><div class="dropdown-menus" id="dropdown-menus"><a href="/" class="dropdown-menu button">首页</a> <a href="/archives/" class="dropdown-menu button">归档</a> <a href="/tags/" class="dropdown-menu button">标签</a> <a href="/bangumi/" class="dropdown-menu button">追番</a> <a href="/links/" class="dropdown-menu button">友链</a> <a href="/about/" class="dropdown-menu button">关于</a> <a href="/atom.xml" class="dropdown-menu button">RSS</a></div></div></header><cover></cover><main><div class="post-content"><div class="post-title"><h1 class="post-title__text">SJTU-CTF 2025 部分 WriteUp</h1><div class="post-title__meta"><a href="/archives/2025/04/" class="post-meta__date button">2025-04-10</a> <span class="separate-dot"></span> <a href="/categories/%E6%B0%B4/" class="button"><span class="post-meta__cats"></span></a><style>.post-meta__pv{color:var(--t-l);visibility:hidden;opacity:0;transition:.2s}</style><span class="separate-dot"></span> <span class="post-meta__pv"></span></div></div><aside class="post-side"><div class="post-side__toc"><div class="toc-title">文章目录</div><ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#smartgrader"><span class="toc-text">SmartGrader</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#ezwebauthn-ezwebauthn_revenge"><span class="toc-text">EzWebAuthn &#x2F; EzWebAuthn_Revenge</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#%E9%9D%9E%E9%A2%84%E6%9C%9F%E8%A7%A3%E6%B3%95%E4%BB%85%E9%80%82%E7%94%A8%E4%BA%8E-ezwebauthn"><span class="toc-text">非预期解法(仅适用于 EzWebAuthn</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#%E9%A2%84%E6%9C%9F%E8%A7%A3%E6%B3%95%E9%80%82%E7%94%A8%E4%BA%8E-ezwebauthn-ezwebauthn_revenge"><span class="toc-text">预期解法(适用于 EzWebAuthn &#x2F; EzWebAuthn_Revenge</span></a></li></ol></li></ol></div></aside><a class="btn-toc button" id="btn-toc" tabindex="0"><svg viewBox="0 0 1024 1024" width="32" height="32" xmlns="http://www.w3.org/2000/svg"><path d="M128 256h64V192H128zM320 256h576V192H320zM128 544h64v-64H128zM320 544h576v-64H320zM128 832h64v-64H128zM320 832h576v-64H320z" fill="currentColor"></path></svg></a><div class="toc-menus" id="toc-menus"><div class="toc-title">文章目录</div><ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#smartgrader"><span class="toc-text">SmartGrader</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#ezwebauthn-ezwebauthn_revenge"><span class="toc-text">EzWebAuthn &#x2F; EzWebAuthn_Revenge</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#%E9%9D%9E%E9%A2%84%E6%9C%9F%E8%A7%A3%E6%B3%95%E4%BB%85%E9%80%82%E7%94%A8%E4%BA%8E-ezwebauthn"><span class="toc-text">非预期解法(仅适用于 EzWebAuthn</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#%E9%A2%84%E6%9C%9F%E8%A7%A3%E6%B3%95%E9%80%82%E7%94%A8%E4%BA%8E-ezwebauthn-ezwebauthn_revenge"><span class="toc-text">预期解法(适用于 EzWebAuthn &#x2F; EzWebAuthn_Revenge</span></a></li></ol></li></ol></div><article class="post post__with-toc card"><div class="post__header"><div class="post__expire" id="post-expired-notify"><p><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" style="fill:#f5a623;stroke:#f5a623"><path fill-rule="evenodd" d="M8.893 1.5c-.183-.31-.52-.5-.887-.5s-.703.19-.886.5L.138 13.499a.98.98 0 0 0 0 1.001c.193.31.53.501.886.501h13.964c.367 0 .704-.19.877-.5a1.03 1.03 0 0 0 .01-1.002L8.893 1.5zm.133 11.497H6.987v-2.003h2.039v2.003zm0-3.004H6.987V5.987h2.039v4.006z"></path></svg> 本文最后更新于 <span id="expire-date"></span> 天前,文中部分描述可能已经过时。</p></div><script>(()=>{var e=Date.parse("2025-04-10"),t=(new Date).getTime(),t=Math.floor((t-e)/864e5);120<=t&&(document.querySelectorAll("#expire-date")[0].innerHTML=t,document.querySelectorAll("#post-expired-notify")[0].style.display="block")})()</script></div><div class="post__content"><html><head><script>var meting_api="https://api-v2.hans362.cn/vip/?server=:server&type=:type&id=:id&r=:r"</script><script class="meting-secondary-script-marker" src="/js/Meting.min.js"></script></head><body><p>又是一年一度的校赛,今年继续给校赛出了 2 道 Web 题SmartGrader、EzWebAuthn(_Revenge),赛后按照惯例发一下出题思路和解题过程。不过考虑到题目后续会搬到校内 OJ为避免影响后面同学的练习效果就全部加密了密码是对应题目的 Flag解出后可以来看看出题思路和可能的其他解法。</p><span id="more"></span><h2 id="smartgrader"><a class="markdownIt-Anchor" href="#smartgrader"></a> SmartGrader</h2><p>来试试我写的分数换算小工具吧!</p><p><a target="_blank" rel="noopener" href="https://hans362-img.oss.0vv0.top/2025/04/10/SmartGrader-1998cadd4d19944ea3318db44d6e4bed.zip">Attachment</a></p><details><summary>答题情况</summary><p>11 Solves (SJTU 5 Solves + ZJU 6 Solves) / 590 pts</p></details><hr><p>一个抽象的分数换算小工具,用户可以输入评分规则和百分制成绩,提交给后端换算成等级制成绩。</p><div class="encrypt card" style="text-align:center"><div style="font-size:1.1rem;display:inline-flex;align-items:center"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="currentColor" class="icon icon-tabler icons-tabler-filled icon-tabler-lock"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M12 2a5 5 0 0 1 5 5v3a3 3 0 0 1 3 3v6a3 3 0 0 1 -3 3h-10a3 3 0 0 1 -3 -3v-6a3 3 0 0 1 3 -3v-3a5 5 0 0 1 5 -5m0 12a2 2 0 0 0 -1.995 1.85l-.005 .15a2 2 0 1 0 2 -2m0 -10a3 3 0 0 0 -3 3v3h6v-3a3 3 0 0 0 -3 -3"></path></svg> 内容受密码保护</div><p style="font-size:.8rem">密码提示:密码为 SmartGrader 题目的 Flag</p><form class="search-form" onsubmit='return decrypt(this.querySelector("a")),!1'><input type="password" class="password search-input" placeholder="请输入密码" autocomplete="password"> <input type="hidden" class="cipher" value="24725d9796f875e0c87d0620ade70d36be9c394a7e2bb1eadc613467c0456d5f27cd70ebf00787a9ab544fb7bed85a873e15cda99bcfc5310aaa1dc0140b6d05220990053d74115e5d20935e30eceda8951aa2989d67db19faef79ac4cbcdaf2377865837f7c8f4c565a8bac4e406f26898b11defd85dd346e50c68e34606de5ad240deee847052dc9152e44e5870e525cbca789be8cb29fe0e422d5eb7e19078a140489f7c975fe7105ec35964b76101a8732933ccc535a6603ee65e28bd0ce62062c14dfc0e91f5747e4f3415de33edaba927c72238a8147808ef8ec56fdccd76e9f3a0ae39bab75ab03fe4c99cd0aadaa7784c2b0c5bed486db3ae10c6f297d412de4029fa35101d327ab33942c4ca9d5ee2efe4d64e032ccf46a39ef3dcc51da16f9d4811c7f7d0ad47abebcab5b68806cfc0650046cce1a5f230b5cc9a447512974bf285426127094fe67d76b4b66586aef929b5ab7edf671da1af8c28578960d2a76130348ab9d47e91466131c90596e3bc5fa5e38fa931897eb3d20b7933293801dd8d33ea2e1513e358c050ed7cd40ae07ab909395b257fd4dfee8b3e511db25faca27d8fc7ae895be5add65c4b32ff209fdb2e0d1a802c703fa0c1bd243ab753838bf0d0417ea14cfd74c738a03839e44608c3cd442f788c5bfd0f7e5fecc37c8910dd464bb0fcb9b5e6f27f4305680a6f3231dbe01850bbd7aa23d877988f295ea56186fee028b5f26d6edf96b295af13bbe64c06c382ab9c56d54b80cb36962dd9db5c29db3bbba4a8729467f32b7b3e54c2fdec7430789eaf717dac3d0da97ce7b8de6e10745d2e708ad4b5164456cba23c428c36febde4df77b7c6387813c6f786cb76cc752714e998540b1528640fa3b5a2787ddcdc4fa13364bd5c9573a480607a6cd1cb236ad567193a6a034462a7d01d55496c3884f902ee04c37067c684f92a5c6efdfa99088043c599eb5f030a6a066ea07aa3eac2a6d71c20a0af82b865cea9a3d5a218f7db1079ed8460a972bb9efa6bc83606197097fa050844af82e2dafd60ec7db868fe7898db99712bcdfae164948b905b08768aca8c9c0a1cd2b9bfc83e97fdf179958133e7a4e04409a8dd3ebe5cef5ecbb84dabc5018505e31cd942edc401fbef85c1a31bf7dfd0e00544285be392d03d60e5fd1aee2e03061ef969fc32bf0e7f6f51bc70da5b3fad977d4f5ec6a035e6c315ec5ceea1d0813bae052a20cfaa90eaff8d75bea5c8106a036e426aa2205be5b1fbf2cec946d3d3af6dad34c71c7070aed4fd657375d393794d4fcb443fac4f5b4dd2c101543879d8e3957bb9c2a718434a66939b0324ac7bb3bced5e6995186f233f8a644b206cdab86d3d70e50f158f1017128b9d2e596897c866e20f62ad2b447c231fd3179c5c16ff28246995207e3b5c792d93a574eb6415284fc73f8a42db26e13277d43cf545adb69b42fa6abac8300ec1df828b6fdcac9f440355a467f0385138338b8f1f5069b844aecba8005ac914c4db8ec45b9332e0c1e38afd7d8213f91b274ddfe36eef2dab71c9563a16256459380dd64a9003aa553753e7d85f5f66591da08978cb56803d5c7e3a1acc098630d8dfefb27e67e8f256b214b0d348d555dbf99cb1ada05283fd778f6f5e188e5ec4099604c95ad300269a11210c7a3cd01692492d78d7f4e03a88a153511cecde32813252c2f291431b0eb5ed4a689274c166044534777ec00a8738a52cb262e92a8e03f139e910c4a38d2b99209cdcb9ae16b34800e7df6375b25233f2d0c3ac7ed1c176080d8b03192e3a47863eaa36393cd66c6cfdc74369172bbc80f858380ae6483ddf7efb2e2e18816dac2d7176021648530453411e70701dc30175675df3640288fa4ec9ae8f37ad40256031eff209022e11a8c73a37f45eccc41996d7a909f5f81872a13cfd72842cec7af3b9035d2bd420eba35b3678d0d3f9069398afa5ac423ae8463e9035e0b6a215f77495e54760e0f28e207bceb0a4ff4ad739d37f3ad553c3890f9c81bac6a9c06eaed591ea8f5bc8f27aa999b3232f99a453ee2c58c36a303951665ae4cfddc3c3db2515fbe0aa08227c2df680ba299e939f4a687f4345188bc9e300dae7dc3860eab37ed443609e712bd32f26a85e57f19b0f6f6660b3a597015201994b13bf3366ff6cd203e9f833dc07f46346db29f173088bfd02d07417a0cfab0f8269030976f09d21eb9d527e1aaa6145c29dfd8bea3863af1c1d962d260720583aca549c603c9ddf65e8b32bf173c829ee34842a75f71c39685ec37776d1f372815e36c9e81524f45f5745ce97b263048b2f2e85a6a17e83f8daf78ede864cb69bf47b35a8dea240e82f2a6dab6195473d52bf815c64d0f59a7c46d2cb67c71ef9d0c3e540ae60d736ccb82ef28e70106c0d0b3799e88d681a30ea87157bd63699a461863fcc45e966f77826428280e88166b88211b870a325757b8c9fd85c3814ac7e80fd52dfb2f0e1616b7ce88eb789d02bc78f3b72c06b9112eea4f09d039e8fd49178a1049fe68266677602cdd458dd38c738068a276d34a66a3dd53464f7704da0c4c793d7014a3d35a220fb30e7dcf121c3c80d7c4fdc0fcb2c664279fc4846a88c0ebaf4de70d10a433b144856fd5e464207db1cac447d8149eee42508757ce870493cc2f4c9fcbf863200afba193259170cddbe34b94a3612a75d1a9775a9bdc58993d68595a6d6d693406e86437f1666e4fef75dc8c3addee5119c17ec106054391db5af3dfc29dace988b377ca5d6d191b50ef5b3cc81f89524091630408ebb31f2f76c97abd90a3be95972059527424d9da9389236d18ef9c7ae07cdcc25ee8a29b3038d95b3b0e08252c503c2e204394a086dba1ebf7dd8f3187a725d552b03b9e88a79f349f79cdd09a5500c8bd37e47f0b31450d09a136307908fd45583eca4b4f8cd45c5c2b89691fa79816d457205c6aee921bc0361de559ea69818aef080964c9b74dd9457273eebd16a7025e5a3481ffeb33a25554275f3ac27d29a574f154b1ee7f8f9ba60aa7f8a1207cb458b008825b7ad334255dfb375849ac6613f4a45aff984c535c52c00499da0104cc2bb23f106448c6ee3dfb33f07142e523535573fd14c8102aeda9138eb6190840a018a32ddf99c5afd240d336fac97e3d941d1f9e1d4838c952f5ac9de7fe1ab60f324195f342837991942e3e700fe66ea502fb13e6a0a80eff1a1324223146e730f96da9f95dc72875c54caae2be9133c1b52cde6297d5843c02842ec48ebcd1a5fb8dfc32fc72ec9440cef06ef6aea062d6bbe2071424aa32cc2b7ced0574cefd5320bd20e9f0ceef0b8fd288f409f5089c95037738cb0cda60b73a9c882e51a8022ba0d71876592dfedaabd995833f7c51cb2d77cf5428d8730193abc6813412adad8113903f82e695e31e88503c952ebd939c2aa54e6756a71bc2bda2f27eaadc3863f1ad495af4d9dce84f82f4c92eb6fbaffaf04bbf2b89df783fc39182719902230c47e035bcc7e835eeea52e31f7434fc5396d885c65e71f0d29f0b13efee1c8207dc8367cb3744a8db50d9a49f0fdd708285602aa7f079c8703dfc78aa33b9f320f59ab79a881008bfd8ae41acedc9961a33da60d4d6f5c4210f621b705171d121c346cb8a28a0aa8e98ab06154c8bd29c2a1558a02f92527910b62d3508bb88c956e7f5c91ada73326f275d5fddbdaf4562aac5d0435352671dafd41cfdaeec68c08cc82cfd19f9bf47b1d11f7bf1151f352d3f1ea5a5b943c78b27c7f144fbadd3f1567f30baa3fa575909deb8d802b255bba2d9e3f332b5d5ccba8ede9cb773c29f4596514c8a9d5a53751dbf2601fb8840f335bfb134874c1d3e1390cd2cb7e4621f8f47015424eeb448dd82155efb458adcd79beb7819050c510f544e1bf280ebf494a37dacc3fb5b18200a7d67430359cd73aad9e844bdfebccfd28c2beebf5621aac7c37f33da3d52ee31581ba0f3c31716ac053d7da17e445c3d3203751e0303f94e6370556d20c69f583ebf4b32e9b08d61732aa730af0826bc1a362e1b4e7dce49f035e91986b470b66edb64d58fb73c81d5adfcea84edcb566cbbd05b7dccbe3be925a25a901d9a5d8cf46f33be32aca790e79adfc922d6f33622df1828233f166774e306b0ec89cd9489eaf0c2b98e284a03aff52647d1f18d3c22e6229bbe86f01d18a342bcafd89bf7664d02441f32d3b70f6a66131968ccba0f4822e85a3679a75cfd69af27981af6116d932c40368e546744727db5768313ab892dae849abc6a71ec52f4905f8f8cf1302915ac54079ec1a635110e6cd3d74aa0f09d48cab14b2b5b6d6de5cc3a3ac26c9bd28fffbca9dc20fcf7bc84a770e311cb994e0990c5fd37549852b768787079c28d50818d302dafc5f857973a6132eaa3b51f4f8d78c29f019096ded4086834e4275c13d1976f9b23cbccf37ad56db2a655a920b15d77abe53bdfefde29fac656a10112eec4fece777b0320dbaedc69fb7c2a0b272a1b2070a306da71da158392a877c15d2c4dd890f56e1e20321eccfdc261c5da17228338ef0fb01cb6539d40c305de0110fa53856dbcdcf84335c971ce05cca6d63e4b1e60766c5fdf9f445b7c62bad6418cf107b6b710e343360e502342f7ea2ab6008d0da1b276d435b873ff9a0e548d49f436eb1f604a481c8d5d8bdf50a3473f3972096e9c4ee03f010d9fcfb5b62dd10ae5647fddb599fc991e2c387dc2210297f3fc63d5d7e7df7d45723a63e3b8946e2fcd73a7a297c09d75249b559b3dcc59a28eafce1c4978c3b273f8bc01a496f7c0933590383899f7e3f54f6b0e9ee97eea0ad5e8abc22bdb44ffe98f29fd2968e3a2a5e531276dd8223c03c922b7a5c215de773e1df4c3b8cb1715870d314a8be0bb8d10c30a8e9b43cfdae9bfe550e7c8313f2da4b29f1e405f20f0174c92dc002d74bd528a6fae5831cf1c3c418b74f118834d1b3ee3f183121af42466d1b70c536fffea0697c6823c151be2f4c91bd42742765f8934af46b9cd8948db466c31e9877d9638d41f8bb78af5516069fcec52d55c309f3b93f9b067ab172c1d313611fef0a35bb18bf8a75567e6f2b23d39461d91a677a3e52462c9f28a32b00a262db19310d91fb9ae310ff90a7f26a51a53b785c1f582e31cf69263e5f2d881cbdc09b9e5c495e8821599aa820206fafd5c80127f1efdd3b19d2b8b8f3e21c892aad013f7b8025313033092dfebcddbc2393ec5dbf819923dff23557754cef72d207e63cbda86621062735caafdf3bdb187f58ac7af23f387e05bb3013c1a80c15cd2dadcc25002f981e71fbd3a1456f1013c8e4403091c7505d9a446162ff35ba675858074e349c18c7e4092e83ead2996db2074f5efd72ffeb0ef7582678a8557018f10b4e75a001f0e3a9e9377ab74977a4bb0ce2718574449c50a7bf96a36a2053a9efb4f9bafdc0c1ec6fccb506b50782f6a57a5e98508cae0d84dd7719fd8d69077e9eeb0a3c037f335e66dca6464bee3315e2c9b350483f5ca44936b0bb13817d158b335fe6c70d1eeb78aecf650f2c7d9f2c027bee047a089a7416016816ab15b2afeb1f08625e05ffa6937ab123796a61f179d966d87bb3f5e55664c6be85010c54032c2f72a8be0001f91e9d6fb9c10e87c2ca6b7faaedfc7c6605b15a3ae65349195e3daa571fe75e54a66f45b83b8bb29423200d0be9b00b93afca14734dd9a31733839b6efa01ff995563e404010344441c2f94c70e312b52064d59bdb89776d4a4e7da1f1af6cba043d476fbea534373363ccb925d2063c124d2ef3df890f24bce54fe8a87ce94698bfc449365f2eb6397e8820386af422e80cc4ff31fba3edb5eaa44ca441333613d7ac0d46b468198d1a9b801faf621faddf7432af8832ee9e90e9a5d88c666c680f3417c28a1549f88c884b1b5b53edeb553f4709b8f2907311379f2deb230afc5cb9108d7fe20acbc7ca2bae18d42113e6aa0fecd18bfcd0972534b8ebb12eb1903a734e5ad1a5795116debaf19d18d0c9eed8dbeba96c7d16c2eff6b6a79cee40dc0761f6a441a1498c8214c28339414986d31ab62be9bc7e37204a764fecae36c59f7f0b6e658aee4d4db3cbdf781ca6cce7b8f4849e5d7a3ae57ee7786bd31a3a8bce33ba9934f074bb54d2deb72b1a53bb6e099bb4baf9b124120311d22d28b29d103e659c6268fa17f924cb06a82037e110cdb50fb4f051f1e5b0ea991d7a1be853a6ae66b8943fcd0d1efa8c85a69a47c97c912c4f916d84980cff362727be6c89505d8857a5db4a49e588aa29530b64d7971568360b325b2d3da54f2e86016e97a47c3056062a49bad77c13769245498ae8bb4cbc6d79928cf112639db9bca261c3298b4ea80fc6bd4bf5892b977a1537cd0ed7f915651047810ee0eabee5291b09edbacdc20e834d9dd03464189d3ad4ae8eb09814b722971e0178484f0387e1838ab5d6ed35fb0f1abe788cf0ff50a1f920b1869c5d5aa11a159fcf8f76472de7b442f8aa0e45ed905b366f28ddc6b4be5934950a7498e8fac2d5123f5e2faf4aaccdbe830600f75de91e8c04819db4c3e0ea2e34712a001bb1ec088c3fa95a554ae9a766c1dc1ec01eb27eb6f5b05ffc95325cd5baeb9497760e61fe3431ceb42fcff18edef05231ffe0fb4362a33908f96935508c6918620fac63f91482403ec1f3c770d2b6d429ce1e802319c9065a79504f821a2ba5571deeb9672871fe051d01361d1e834c1f5c3a0a25914eb721515bf60c8247d4b53ba880a6bc2243e3cf8d6b5d40e33e04a3fee051c6a68e2f81c598f272560edb40505c7b4c77673acea7230428e5626161b87e2f4e6db3cb159703526d6f6b6c18179d9ef644e0739d49c9241c45a7fc5e2054ea9a02dba80f2d1e86efe00dfdf269745789a71db5650c0fa16088521bf92eff4d08c3ab0484387c78651bb747542cc77121c55bec2b4850a08d8256907f1d5c4b9a619f2220858cf82eae9b787377f4d8a2abbb34b0a148bfece78c77f6267d5b6d983e3112c64164d01878016bb69b5c274f8d51f271e1f97404f8a9d855755cdb1faaec8ebff62c8d2bfab1dfecb899a29febe39d1c150c9d935e2e5688ea5486b487d51c0e8b400fe38a3d0f0ab3502f52285bfefb2d76fe7c3672db15aafe7244f163a4652c7839b4882390aa284f88ff4fa069e949f642c1f73464b34329b0d85e579b5a632b8abe5adf15ee4f0cefa52615e5c499537972369701035c9931e383ce34c89a14f57adfe676857d42e57cc45c66b0b5b8c323a3d922f2bbe62276b6bdda2de7a6a61f12da2d3daf194c025dd72154fd740537cb4149f6c52b8dad5ec9562ddfb004a5bff29801a83ad7eee928a2b6dc706390ae44cf90fec380dbce5807a92510453dc93790979eb000c20837dc0d43faaa928aaf3fcbd82e5a8fc5e9f2a2ca13872f4c250e9864a7390cb94d919d118fdc03200909b0ed94ff5b3e0dcce650abc218e0a84ebdade1e9e4d261a6fcbef9ef2dafa4bdf3e75180c5fba5234f8bb624e6ba1549c4b956029dd7905dc0db4f71dbe3f61d370b57c5814080620dbdb409d2c035517147e0a34bf688513dcd744466a850e47c68e035de12d05d16aeef2e8c42c48c64c4ae9410c6dd71f460f7cff55fac7c45eefc4816ab92f71d31a02b4c337aa57edda62145fa3dae3d4f3e0c6d553a5d71cdb25fbce414fcd9f8845a382bd4a97d595f354b67c544fb8f8ffb7c348906c68b51bd7c01e7b8bb851629f31699e78c8fde1d7a9156d930d54d2798aa92f2693d64b66af47095b6142df281ddb5a2813bcd3cf0287ff64f2ac38269e12c6f57fe1a4dd312ada805f8f78c5eef2b849846a25bd68a3b939364a87b9dba850ff28c5416f134c27f4a38b888cda61782e205bed22e1344b60577960c60b3c8a2ebafba97d2432da7e5d60c25924d4ed38478846e8710d9be9c4607ee3a0acc4e1b5a725aa2719b6e608473909f29ca46a0097bd5f61e9c53d09dcbfeeb6b1d22076382cd12fd61cbe574374d4c8a9b57b1d5629f1d14c594d30097a7eb3a98df6030f29938b7ce0abb290c8400ded1a60c059e1603beee06fd426fe7f93b03b0257263f615a9ee1be67a7f49e9f4330ee5472d6a7154b9b644bbfdb165a619beb180e307b97b891a5edf84e0b567cfb717bafe1e3534a61be4f1635901a24631adae6bd02ababe324b344ec0b81ce643efc938e54231880c0973a4ef57cbaddf916d753dd8c055595c1d002a731336d728e7a774fced88c86f19b99df2067f83fe29d7810f63202c40c0c7e19ba0005fcad6e3f02658e782997d82ee151ba03e3fcdd5eedf748c0220929a92347c39221d99ff5d6409580f475ab397eaf369e748e46af5943f52a492ec975db42d18629197baf118f100585aa27d795cdadcd6beb9ac5aa43eb40809b47f5931cde952754ef5e02b8af22ebe6db8b2bba03e0a40ac7ea98cd511aaedf06dd75dc7096fa69977a8741a79b59c36569c8a866ac40678ee2d9f0c34f0f2274d8ca9976edcd1abe65fac410bae5b9e5c81dc95e88036456d557cfcff78c49d675e2498974da7abd680238f7fd948970b42698fc08ad830e6b763a4c8563bfa05e32f4c2dd78e8f7d7b4aca6b2c530a3f18b6a02343b41fea88b373af61363beb53344ba46667dcb1a3ba85ec4dda287a1d10f537a04c49fcf544873c2eb75fda8eab0fa3de07a9e828bc89f4612190dc1306726807ae5f19206ec2ce107b86e605d0cc4eb72af0cdf9e0d4434e60e877065e821794fd40bd136d1b3f7a560ba204145b0551e0c9e1f8447539b564b9e221d1c3491f2a8f5711b471ee60dd5d0066c080ace20e35dcf79b6a202c9ea6c9f3e35528a2228a0390a055cbf4c47cdd24cab45260cf5708cdd8f861ce548d09917142ed0ea87ef319649e0dee0528c6e9b0db1248210a99601ed2e3e5034a290b41a142149082b4b0c2568e191efa487a08602cf605e3a05b054de0a466c430af06036a79a793193a96aba3f2c1253b3cde26ba63c8deacbef600b501e85563e0e354570e3731980f9ce21e39e2d73ab2b23a4c9cd81931fc3ef9fd2b842601614a07df8b8f838ea5b817999c47c6a238312369686e521330f0a8541079e429ac580d4e2ce7051612d5a48bcfa95ccf1952ba22aa882d5dad29df490e409882a030d1a2f0b7c0aba3245cd2f34f5b1c446c711f8afbbc2ef9f7a4fa4cb96e123d1b4951ed05755a7ceaa8b111dd089c65db5cab42f950240220f6a700bd9cdc2e447181f843fc98b4da9e628ebe4337106ade335a6c754ad8bb0078217b46411e80003f4b7a213abcc87bdd151d2f75ceb992e81a6e962580e98252a6a76359ca22055b51ecd2286732643f82bd19f1e9f896e206d70350c606ccb5f46c6773b8e84d211221bdd230168ec600305ce0372b256cb08e06edc3ceadb828a6f91537357984894886a664ce29fe07f5c4bbd0015ce40714d59f0a3eb572ab62650d57bef53433499d09afcf1d56fb7cb68bcfc178dba35ec6e6af65c5304d7e2cab02e75642e1cb4381b78c126f22f33643beb8e5dfc2eacaecce5a034d06e9235fd136c26e402fc8b0fb7ac68b5ed354a349dbf2c8306769227f6491d70c34d0d6e319402f0bd6c65e5e58175ac69bda24a0263b18a04ed528f2dd17c59123ba35f2a439914106f8dd2138b9892d5a0d635bb6ebef7f545c25d385effc216e74949b58c52db10c84b45f1fece84ea33b7461d60f1206bbb0ae2d4ed06edfaee36fc955b2dc45f4c28132ea7e0d43dd9b740f2ed44dd7e88165d2e21eab9a3752ae505fc1fad4bf4a01e5544244407d9247ea54c770160520fbacc4bf016340264445a646036e5c7dab61b52e0084f7f76fde5667f6f905a5ee2c21e967c15cbfc23de34a7c9bd9c72a02ca9e74f552a343a05b25ddc680699fbc204cdb7e8d3b12718a360ac294198c69a2e6d4ae8671f4f07d952bbe7575281fdac0476fb016c77ceb2bb45e2a46ce4216470ada255a265c3548efb1c982f9329a197270bdd5e203c4908467802cb7f3e27cbf1eeba12eaae481b49b5ae95fae3a13eb61c3bdd88d391a2ec85e856030a759ea4c2425bbd61b1b1123f1fc81a669613590c076de5edea7bdca94d6f84dd963fd29d4ad706b0f846b6e65b925dbfd1fd6f5990bee3c2ba05136d4026d66ddfe1eb6beff1f324dd167af69231524b7d991fb89359f487d299cbc7971bb3332220e23e28e280382c3ef50f7341f45d8c158ebd4046f69279a33ba7132287a9aa178ee9bfd6f89d643f6643a332e7ce1496704cafa1d99649433f32e84b4a8793a74315fac0533ef1f06e57966d0b6e8e1bf1d15759a92474e5031056f94e805cf566a3439f4fd7d9966071d6c8c9103dcb34a76851ffe4a3c3bf583ca87eb72954208f004a5358153c01a0512b18373cff070209902486a2e3b75b7ca299ddb0a33d82a5d1a2c18f086a5b7c32601c02162b63cafa40d27d8d27266ab618211d7d9df1e031ca413de3f1e6da3e50ce430d439a1f7d9561cf52cbacd2f0dd87b5838e876eba3fa9875929b0af98cc75a27ed0da50e6d535ace3cc5e59aff27bb4f4aa4220e4f48dc55cff10fc329969a8d6819ed81b28b87852bc4b7b4761bbe3da7d2053567baef5338e860b6a5b9783ddf1bd35a5eb3df23178eedb151682fdea9ede36bb8173c95be85db37c557ad583b2271e702959e4d070ca3d9fb163ef1fcf57e2842a2d59f0aafbcb929fb715da0307820beb08fcbce2e2aa71412f4945fe7b91e379a0af24a56dd6c991d31c9e523feaa8c4954df43d32a2b44d1121587f22ec200d3206b29a93c00a0567e21f3f621172d354a450e5a09898943cc705819b9f4e37e5d28bb2f8ce8cccc65f18008e0d0ed9bc0a1887dbe7edc16c2f2f10b063caa0ed27ecc8c558059823d7e12461d25e64d747570e7a19ab6a798e2fb4582ea907550db6def2339a15a24c21d1789dbbd0c8659a17aacdab841767f70239a081bf83b64323236122514a00d79ab92303fbbe8e6c6a2eff3ebb10d4b83af72d84c048769c38963bc9e2aec664b96895112c90a5a060fec33a222e93119fc6418d86232c787ce1d5a1180f9cfd484b7fadc155042412870be0f6b5e37fd730304db037984688868fef36883157408cf3d9043d3d57211ead60f0b455029d6b3dd404287f8c46ac17d4f70e51f85cadbe8fc26d23297daedfbe44b0f16edd53bfb2ba05c06ccae2081d798478c865a3e14bf1487ac38f6de657bbf92cfeec0675a00fd84ae4effeb87e03cc49c130861dda6cdf16679f73bee9beb927a5199e319a37d22ed811cf246b1234358b34f69a38ba69a2785274e40176460c23c26685d268c52a165cd72162b6f76c0bb5e97e241754875537373bf50130ae64fd2dba83f24d9c9e5311f73fe0c6e9d6eec89b755ea9a7659a721f1c424af7a69bb04a216395fdf6afc9940ef89d962744749c3bf31d5c609f47474153e4daa61aa770211c3582472765d5a82e2c9327fa08c5a022e81ea86cb48bf371b3359f29f2c1ea6b84a86703cf159f0e093026ce57f306bb0bc267992a6c3789cef408a0b893c3a56075caad0952b2d107d3024d4854fd173723ee2954f96679dc8d43c2bb1c1a68196f604b54c0c2e364611043aa6cb23925e0c360f5d1ca8c8325ce4acccf6beb2242049da54426ff4b3f3414f28f284cfa5943add24f31725e1fe87ff2a0fc4e0174e86454643d6ebe2f00cdf08ce0070e9232562bcbed5eb81891602d08c934b97b1923bcb1a27680cf208b01c22347e0a139058075cd5bf83bcf4d93b27b25100c5fd5c45d7add208a4a39acce1914020583a825ec39fcbb6358bcc889c48bcf29bd68120d93975d1603b7529d1f1b0a8d00c4c1f625ae6c05994552f6f8417f435fc570dc570936c6f1c4e0600c963b2e83cd3e12c9ebdf2b48fe793f82065c8b9adec5e5eb14e2d5330cd15e302d01ca634fbb4a43f993d904b224cafa7af29c17235406e7fa4ec3e15907dad9ff26dcff75f84c5b0b136d3392bbca3ae844aa7424020abbffd0a169183883ec8df1529ad00ec8f17c8882d8be18737a91f208e4c0b393757e86dbc6eed691d2f74fba2685f0f8e7acb4975bd068a2d08b9606d4ae884b8a0591e01c4d9bc2d79be790cd853aa9c993e03e42aafd10a40f359700cdea37e9a5523115661a0e0b3139e8d48813c2ff0ef8e0a5ecd3e16fc865a7bba1061e191401574f04ff66c261a1bf919578e2a7cf3f27a402e675919d57a40e90e7c4ff2dbbb444c944f75dd0be6199390621fa01ab81cd07b5f755b367f501c6566547f5530885ab418595237660895a823d6d407f2366badd6cf004a34967007e35cd6ffb4e1e81280993535e942"> <a onclick="decrypt(this)" style="margin-left:.35em;margin-right:.35em">解密</a></form></div><h2 id="ezwebauthn-ezwebauthn_revenge"><a class="markdownIt-Anchor" href="#ezwebauthn-ezwebauthn_revenge"></a> EzWebAuthn / EzWebAuthn_Revenge</h2><p>给网站加上了 WebAuthn 无密码登录,这下不怕被脱库了</p><p>说明:</p><ol><li><p>题目环境每 5 分钟自动重置</p></li><li><p>如果需要在本地运行题目环境,请使用 <code>http://localhost:&lt;port&gt;</code> 进行访问,注意不要使用 <code>http://127.0.0.1:&lt;port&gt;</code></p></li><li><p>由于平台限制,创建远程实例后请勿直接访问,请使用 <code>socat</code> 将远程端口转发至本地,命令是 <code>socat TCP4-LISTEN:&lt;port&gt;,bind=localhost,reuseaddr,fork TCP4:instance.penguin.0ops.sjtu.cn:&lt;port&gt;</code>,然后使用 <code>http://localhost:&lt;port&gt;</code> 进行访问,注意不要使用 <code>http://127.0.0.1:&lt;port&gt;</code></p></li></ol><p><a target="_blank" rel="noopener" href="https://hans362-img.oss.0vv0.top/2025/04/10/EzWebAuthn_0cb94fa4df9f29dfe0b3874c1a93e12d.zip">Attachment</a></p><p><a target="_blank" rel="noopener" href="https://hans362-img.oss.0vv0.top/2025/04/10/EzWebAuthn_Revenge_8f1a69cc679e41cf32451087c489e49f.zip">Attachment_Revenge</a></p><p>Hint1: 对比 EzWebAuthn 和 EzWebAuthn_Revenge 的题目附件,或许可以找到 EzWebAuthn 的非预期解法</p><p>Hint2: 对于预期解法,仔细观察 ORM scalar 方法的实现</p><details><summary>答题情况</summary><p>EzWebAuthn 6 Solves (SJTU 2 Solves + ZJU 4 Solves) / 764 pts</p><p>EzWebAuthn_Revenge 4 Solves (SJTU 2 Solves + ZJU 2 Solves) / 866 pts</p></details><hr><p>一个使用 WebAuthn 进行身份认证的小网站,目标是登录 admin 的账号获取 Flag。</p><p>做题之前需要先了解一下什么是 WebAuthn。简单来说WebAuthn 是一种无密码身份验证标准允许用户使用生物识别、硬件密钥等方式进行身份验证。WebAuthn 的工作原理是,用户在注册时会生成一对公私钥,公钥存储在服务器上,私钥存储在用户的设备上。登录时,服务器会向用户的设备发送一个挑战,用户使用私钥对挑战进行签名,然后将签名发送回服务器进行验证。由于整个过程中不涉及密码口令,服务器上只存储公钥,因此即使服务器由于某种原因(如 SQL 注入)被脱库,攻击者也无法仿冒用户的身份进行登录。</p><h3 id="非预期解法仅适用于-ezwebauthn"><a class="markdownIt-Anchor" href="#非预期解法仅适用于-ezwebauthn"></a> 非预期解法(仅适用于 EzWebAuthn</h3><div class="encrypt card" style="text-align:center"><div style="font-size:1.1rem;display:inline-flex;align-items:center"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="currentColor" class="icon icon-tabler icons-tabler-filled icon-tabler-lock"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M12 2a5 5 0 0 1 5 5v3a3 3 0 0 1 3 3v6a3 3 0 0 1 -3 3h-10a3 3 0 0 1 -3 -3v-6a3 3 0 0 1 3 -3v-3a5 5 0 0 1 5 -5m0 12a2 2 0 0 0 -1.995 1.85l-.005 .15a2 2 0 1 0 2 -2m0 -10a3 3 0 0 0 -3 3v3h6v-3a3 3 0 0 0 -3 -3"></path></svg> 内容受密码保护</div><p style="font-size:.8rem">密码提示:密码为 EzWebAuthn 题目的 Flag</p><form class="search-form" onsubmit='return decrypt(this.querySelector("a")),!1'><input type="password" class="password search-input" placeholder="请输入密码" autocomplete="password"> <input type="hidden" class="cipher" value="4b80672e66da74dd927121630ebf647ff45004a651877ca44dbb511181d8016e82b9b8089f10ab51b92f3badd22ca9f0e08b88ba4be918c2e25df5e9ea684fc534c3c5641e55fad8c385168a83e18e199e51f733c5ffa4b7022d67d5a491b1a4f8df28de085985b0527471cbf1459520e6de880085100ff869edc0e02962b94db24cac1e3272a51e01d55320786dd7dfb36e71541cabc36acffdc87f7bfcabf69015c790e111b4dac268989f1c4c0d262388575c4b365bf43fff80b3933be20d86f894ec7c98d835200b5f0232c0e958809ca90fb27012d8fac1ff1999c1641b6a845f5444bc0257095eac5848111f59d77bfa0069f32cc6c6b0be2e49804fc359ed47529a8d99d5a7ff198c182f0766066380209d355760487deea2e6d55fa6b2bc51b7ae1c520d96e22eb06ace908f04eb2a2156147fccfc69cb3386568c5d282b0e0bddc72f53faee5416550a083cca6b13bcfd884b43a4bc2ad32a14d7578123d39d5aab3111dda11070c4a97db33037196792015badfe41c53d52f12e122a5893c77b7612687ea8249dc974dbaccd34b0f60ff939199e3da5305ddce5e66f1c425f02279e977660ff82346210b49c49ded30c618723620e4b26e15f63aec17dae8be4c636a6beec33985cd99cce787a3bd8507e31dea33c6571053411072ab4744fb92c7269907307e1f1ed2d381741efddc81ceeae6a9d848eb9c36e14f47b61cb236e909f2027e45c5578020918ef6aa327428fccbcd770bbc9f8bb28b51f4370d76f4d9aa147229614aa4502d718496083f7d067f42c3c6e9d4865165c4d1a728ebf0cf8c6ffbdd3d1c3bcf6c7394e482756a0089c3ae9b92b2775dc0ddac058fd10520a60174b9390fc779aaf74ce8d49951426d394a1a974ed73f7fcc6f677093e01b1efb9ac5a5e15dc76bfe72a3e194064e43d5708762b9b345bdcb6d364c002263231eb96b793005474ba8596bdad01b85f7114583d94b3b621a1f4f6f44f73249136c9ad9ba6e98859e90ceb9b48c2e82ce4647dc874fa3339617fa4777f7c67c5253a4e0470f6f7c6de263d79b305d4085f4799da4eabc2b37dce46bae0aabe1227951be7576f3e518b0820214eeb7791c5e6b52fe9e334b242739886afa17e511c7729361d15c26bc32aa870f33b1e6c9857f2e45e926c5458fed063c2ea8b4fedbb9e698dd17e03257fd3e3b2de295a13e9ec18f3ad47c0a4996359e8b776afdb8b73d57136f75df17ca319a3097047d347d0e16dc77ff3d1a851097256373b656785ea3d2eddc28c09b528a0007f8e8963134026b3984cff4200136f175783bd647c70bdb000b9ff194a400061ec72123b8c9c280d91f33a74204c9c2fcca26efc1c8a4409878e0bf83503d664ab24f7da84788e0c6ff9bda46b43a9131ee65da345b2eb3920ddb1aa23a3fdcac0e4f91dcd358c05dbc6771b7b9978ec823956a6e2815f09450b9ce2121c2bb623e080043b5a08b728693d0bc25dcecfafc53ef7a056f811f447e535934939baa52fa722eb1c883ff0e53155bf4a9ea8fe2b7b0f559537514d48b839ba5391c495a9238b1ce59e765161ba9ee80f119f757aaecc79c6b9a37a6141910f4e04e6539e48cbad98d324601d7bb4e116c62069d59cb2a0ffaed18810a7e636e714f029a05f0c98d49e96cb007d8ea63bd0466114e2a6474939d5dcde25ff636326a9a377ebfab68242b6bd59cce35b64ac5a8f66c01e6da40a8084222966603cdb7057e58de265b5df114b7d05a372fa527e903420170e8d613a7dd61332675c5658f67ae45dc79505e29eff263533252709097bf2769eca6598b7d622e0e1ef2e507298bef5c6ce09a4facdc33d471e990bd99aec7b920466ddebac699c86541595db3049bc6ba27d91794b356fc81834a927957657e05bd2f4c343cbe43b2efe5694607a8250672412dedf835bc7bef1342e531d339de3cd6ffe829283c65908dc621893ade3e3d05262c4cdf46190718a65224c46b43f3245fac07e9a7b8a9eb9fa776b9007d9fa523a2eda0de616d5b178f1004e6717784cfcd0e94749faaed27700248513a81443047f126c2ee37dab786961a8c77453815e0ee49c00f6264622ded8d4ac1234a753285c4dc2dcd4e0d82844596e4a3c04f14a81a62e81848de3615791cdb74ef52e40eb9b0759785e102434b55ea4c878cbc65ca9c21f30668b6251721b9d22cb64ffd2292f532cad2c9fa5a88056699a3096b264012d0c0ba84856225eea8722c1f07276e3f8f1ad01ffefb2348d6d12a8280793c709add1375a1e3e58f8434633231f84d56009ed861c2ba0dd02fd961af3c258cf5ac69edb5839f518b9687c802caa7408de64fc0b9e2be0336d6c415d815a9844072d1eda23e2dd807367c8ef8e6db8bc96e79cd427bca1e4648d9393dab24d1028f77c269381b20269db62cd9889911cf63a85b73d402ad62baad2dd719a66f5c5f3c01a55455cf57275b293bf241c6331d28809ee32046b978138fa83ab8f499542ae1bd276794910e8b6f50fc1de616a5a196418b43ff8a1b627451152379c71016b427e789be2877a1e1c7ac6e15551e7451587655bbeae9599fd1d5315406ab634dd38f013ab9edcbc2a1f25a2b23d893ad2bb12063027975297756c02ff24ff270e39e0d2bd6e5c1c92cd73a16be8c085db430fc7eff84e12f891bfa224815a38f12cdeb77169171345f8a1773c9ee41635f6ac3392474623e9b868b65bb3e653643689a241eb0b01ee183a406ad8fbf949019be4952337aa6c37cef693ce32a7e08e65719ef1997cad10d74bb5ccd0bab123a3b665c784401a3be17b4b36d0658d4e141545a75803611f2636853e568e34d964242b8e233d5cd809727e734a8aa9caaf191ceb10f45b3a9467bd0c3318f18ebf5b804dae030eecfb34edec3e453bee94edffad1d9ecef5feddf1d8bd8c87dbd2747173f8e170ea47b04d9a66984ec5d048a5f5005e93c97cbde18124fc04a29857871ee8fb7a290a606116584eff8255fd0e739feef0182768c4e6bee264251bf4ffcc82884251e9efab4fc9455ab4e5767fd845166958c637f219b7e0d3f04337e1497e99435e7a5230a075b9402b00c55d943add1e7b1bb8881283d1e418b0e68dba12693293607e7b4a74138766295eea557c5a5ade227dcadc1b39a4bc707a83548d55a41f39e9d544126a4f7cfbf165739095c59a39290170298fe065a4fd5118eb6aefadcb6e3b6e80e854a1ab8f53a83dfee2a5408c19ab4119eda8c378d0278bde6bc7392684aabad233a72aaa18ad664afca77dc33d92d7abbf9f7abe755bae509af40857e5f74757da69e6d3fa28c1bd83b35b197110f1a8e0422076bc58a539c7a456e024fa8be32ea75216a2b8667f8434a88ec247912c389ed3339118b28e4ebbbd4453d6f7ec84fa319beadefbad348b5d28c5104724f8d48c0b52c7f96ae25b73eceaa1009db102b0578fede7a1ff5e0b0d8903db30c1f1a463fc833f901df59b2cdfc03468134859dace55da3a630864adf29069540c3ab90eacb9fd1725e8d72739bc97505c6920dc6c7fe22213e4c91aa0dbb73b5c9548967412c2c2143380553a7b5d5894176b31cca5fd53b218a2d2f83e1180d95769df5de95cc53269e44071a53a50f48f93b421c5f54943fcaa209a7142e56b6d9b79b911c3799824d08e2ea1fdd88d5b9a8cad0bca685f11dffaa090652499af88cacdfe27c359ff60cf3839ed44f17943e22b1b136d7407170008c75b9020613306710f39355f8563a4b2d7f5429da4075beb5a5fd3d58fe73d700190cf252c6f55d37e8758808a6226ade4284433eb45e0acf7d43d62458087bb763414838f311d0d1e1c3cdbc70bc4abe9e125f37730075097e82f69e842c931c9ad3f3adb19baa0323a41a359324ac7efdb88a99dfe271075a258c868d7135e4d14ab9a6d69e8143d5c701a608f65c88901ccc79bdb1a4997502a605f5ebc80213b0acba27886c933004e3f73cd59030c20273d4a3280380a5e8f6714485dfcdb4b64d082a7951ee4293c11a31f09da8b550e2451752b076bf9223cc78626c4ba6e493673d3414c69eb492e77f9f415dca5d258bd686c99a92173efbefa7d596a71631f7034547c1bc197a59df4defe993e87f19b144d9324f902bde118143e9852d52223007b5f29761179717bfcdb627c34810e2fa40a809c3a921a64c5f9dfe04638013b61ea7909fbf55b0152f9e44e1d2e3a398d13a7add59ed68beba65cadd21e38cf25f52b7cd6ef4014b22f712180cda38362a5cb547bff18247610e14b10f3226e2e7386e236df11dcbc4d6ddab8fa15960e5bb4074447de55b56ab75b689625253842da3477537286eabbdfa431087d045e01a69b6e1623710ca0a8eb78a50a400ca16ef4002bf464572ad5dd3bc25f41238897b262d560f873e92da912108de8abbb0ab0759ba23bea24eaaf43861cf475a27ff956f2dba1263cf831d1cd942b7d1b6f9d7c5c133665721f0efc4b4423469845d334281fbe412ee140a3f5f2a514d96ae5d7f94dce74250896809dd23fe3ca79ba2778219babf415de93ad636feafc979beb9ee449da46b64dd3ff09873ae99d757aa0a5274105e1cc5577f4f8173d151f87e3574aaa1fa91d70f0d847874e7cff71ed7520d45e2553a376157e457cd3ae4d36678244cc32f062c8aed6fc5b0f337d38cff37994066029c9ebfa456c83bed29b748c7f9836bdc057a3b07eb7036f9573e19fececb2a627cca2fd04fe5015a9488740eab4314d8b509fff3935a793648480e9dca2f4a885891708baf535eb48d2bee5c908c30eca309b02cc99b57f05edfff921a12a81088ca7fabd6c417e5f97181cb5d3a618f27344d8f74cba6102518189930e030a130f73342aa8d9862d264ac0db6863241276b7a36d49df5725847468aebed30029365d3b0bddf1b19e5d44b1e339412c1dbc249105008afad3b87a7fb976ce891e473416bd85a539b8abdbea2dece43460caa68fc7e76f87e5a34e7e80e36274701e9c7135317012783ad50539a6d541037f697c396956a33aa969b8c005f1242ba3460bfc4524b1d751959115e2ab4102911576ce99ff8f1f38d3b68eced481fa1d0832db5c0087949f9243cf02a3f45e7653d342f0166899532dc6c6c5984574ba74baeb42b4e4848cff6692dd8246e8763f082c813f87da89537e5c5277b5f25edf75a0049cc9d39ec7aed962f4730fe2f69e5ca7cd0465cb81d9238e1f8c36c8550dfd9dd24ce6cf7eb66fe27b8d79ba3e39385b2a10e84413c80ba8e371126fbbb5c6b6ca00f64f4d5a66297cc761276f786f738216cce713b8d5945d115506bed3fda231e6d1a0fe4c1d8d203ef929b5162521e064f417bca11f7f35c85df8720aeebc70ec140b9bfd67fee09f25584bcdaaedacad348465901f581e53cba0c48ad2f53f9abdcc22a2e14095c954e559bc891bd3262b4d05c7892fb19c7a4d3fd05de82d52560c00894fedfa25763e04e85dd74c68bfcc63c981b4404e6653aae68ed684d1a8d1e73090b305740dbe9bfe609fab51a6c7c6274c2a527f0a39a6f4473f7ea76800cab8bd5c38801c13e5e26e0113d320db059aa6880f01d8c389107503babaff35ca86dfb8077712374a12186941bd8e2d9b522d9e769d3c3a7c90dc094fe2ac4da75e8467e26a3b5163e6bff3d09114d960f744b70231d75eaef46d7572631fb92a2aebb37f145889af5e393f1fc5cdff6246aeb800628d5169f66d609a3823d33c16c9d43962b6333a3e0f9119077a27f7d2f9ddcd755c7a17d01b85744c9cca4f376a21fbc83d32cd3328822ef9d307bfc6439082f0f28cd5eec4776694c94b01411e2ad133bcd08efbf93ac5418ed1fe4908436aefdb63ef3912f09ad156ccc3b441e027a123197a8b293be3a51c321cd860bfadad75e9c05b2a812b6e8381de1d6393711eb222e78226f85640473f8fc0c78116ed0242f56adc9b82ed809811b2ca877a0d80837daea8b1229e85505ab3a252c963ec6929c5ddfbf1e94a9e5fac35f0e4a70632f4655fa69f03be4f5893b22f88caa5b82a8c6b9d37eed75a93b76c0fcec29253e852dd7474170a3ea967ce0c171ddf3c2f98f2904bcdfc049a029e5d2a5fb53a69a2bf6fbb5b945540358de6509765a025f58251b3900c525bca1d1878301653f7c70d421859f183faea1c26b58a7a210517dcd573cb1030fc27b7db219be7c8fb2c8456bafde605245e51429a997e9c3b16e262ae8eba6aa04634987282096e49c994f46df92fd919863ad923cd5adb90d80f3269e5c8ddfa91a81addd161a37fa247d8399e0c886dbf49cc302e485bbe9aef415daef72c60488190436cd1e9d4d2a65f84febb39c9a9eb0d430c2efe33d63b7e93690bca32d930db861f77a730aa6f3cdd14ce6e0650cf689593796778fce9c2995ec2e47defe3b602a0c8e04fd2e270b7c57e197458891237936a29eda8d89020f37225668c2fd3f2754fae7c50ca9f996fc4081c53b74ef958087b0808fa46fc4930f81253b6669b36971b2548080c1b3c5069636fcf9a0e80c74107a8e9f3c97f6854c362eadc259b9e1e8ebdd26b1aef255410348fd366f7f95aec209ddb06aa30a91a89e883f8d4b8c0fd8346b5e26afd80a21daf0e131cca365c84d1f24f4dc497f2d29cdca89dc5ced051f7482e164bde1af17077eb2b841bcb0346cf7a13e46601e055c394d7239ce1bd06af8d7baa1783fc4d395eac14a720e1e1f3d655b2b05bb0f74bb73842b1100edc063b82439b7fc796fd1bbfc1c140c30f55c225866fd226a8c1a3acca15f9e835caacbbd280a16b7e25acfd0dce8958e540cee481ffef71922555db8efb053a1b340866efbd284876f1c65f49a02c9c7703268ac30172de824aa453fccb5f00b6e38dd535945a9af58344cad148d05e21b100a0e1812a9a982ea6b1a446bb7e9ceb677dc8bf168d068760ef55894eee8f6da3768d555ee9af08420efbd18818ddf74ae114272bf3c06bbc245ade41bbbd8cafeaad34c93388299aee23639031d1ae2458b737e8779ca11c2ffc9dd8f0892079800ee7951ed332d2d4802a81d7289c72b1ad65e47f1318ebd912431bb7cb7a03c6c9b8579bba2e8a71fadb2c65ef900632458bf24e555d4c5ce79cd87e60884a62799100bb5e5740d6c3f5823c03c7fa970e8f0bd052097cce947deb543003bc3f948027b8910ce8be3a19d2ebc05b8d3473c8bd55bc393888a8f4cd9abaadb1e2d39306b910cd6e31eed374f8791de875b187efe2611fa4bca10a453c99097cdfc80d877c2dc65eb5781edffa14e7d4a2d4c93d32158ee7fee34b9abe154f2b2215aac2d4f335b0476061a0d31220cc98b5c45565a4ad1cd8b2ade143a2eec6c54ff8ad182ee7b40a7fc5f76ff9143278e9ef97c611e7ca5748cef1670fa4a89f1be1255092ca30898ec03e744f78a2697996d4e9f00b04665c8e348fb1969e5a4f03871a22622b4330ed67e949edccfb728c01e321a18682fba2ad31f57f5f6a062f24483ef81a879b2b1f2650294fa515c52bd1f0cc1efe287fec85939a474e83a0db2d5631b95e22d32567376c7a768648bc0b9bb816fde64b250866b0093ad9b97312191f75aad810b89f9b870e060ae1be2662fee470433851af319c504535e261c0df4feaa980148a4d03bcd7591cde39ab06809f48158b0f89f4db08a7804b4706147907447d1c3f6d5355af63eecf4ce9e69e0ce59d8f529423f89e4f2abb25b8bc9ebcdf305d5d60feca374c090dd026184cabf038003c064f8d450e047e7e71f8d82a2ca75d765eca3783c5aab6e54cf95d8247e5f0518c48d61e5c53805ce58323abbfc2f0fbc0909af53504c671eb140d0daf2c37e84ffea6764fd4601f46dc6f857f36f03b1425a02a16f73ea40d3cf22858d92a477e7f7330d5c17d8efa291c334e2f33a8accfc6c6136001e2"> <a onclick="decrypt(this)" style="margin-left:.35em;margin-right:.35em">解密</a></form></div><h3 id="预期解法适用于-ezwebauthn-ezwebauthn_revenge"><a class="markdownIt-Anchor" href="#预期解法适用于-ezwebauthn-ezwebauthn_revenge"></a> 预期解法(适用于 EzWebAuthn / EzWebAuthn_Revenge</h3><div class="encrypt card" style="text-align:center"><div style="font-size:1.1rem;display:inline-flex;align-items:center"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="currentColor" class="icon icon-tabler icons-tabler-filled icon-tabler-lock"><path stroke="none" d="M0 0h24v24H0z" fill="none"></path><path d="M12 2a5 5 0 0 1 5 5v3a3 3 0 0 1 3 3v6a3 3 0 0 1 -3 3h-10a3 3 0 0 1 -3 -3v-6a3 3 0 0 1 3 -3v-3a5 5 0 0 1 5 -5m0 12a2 2 0 0 0 -1.995 1.85l-.005 .15a2 2 0 1 0 2 -2m0 -10a3 3 0 0 0 -3 3v3h6v-3a3 3 0 0 0 -3 -3"></path></svg> 内容受密码保护</div><p style="font-size:.8rem">密码提示:密码为 EzWebAuthn_Revenge 题目的 Flag</p><form class="search-form" onsubmit='return decrypt(this.querySelector("a")),!1'><input type="password" class="password search-input" placeholder="请输入密码" autocomplete="password"> <input type="hidden" class="cipher" value="e152939dd7e249e7edd574b87c5c8c0b7142946229d1cfda418741d3d1b7b1a635ade425269035ed566e96ba00ad8959b2bee15ea3edbcb82f564117f53221481abdab5b5d9468aad9478cf34b6caf7748e1229fd69733007dbd05ebb6114fca3e5a50459ccd67c093e92151a2ad9b2404f9fcaf4c636e6f3e2fec6ff66bfcd4d0229d058fb8fd9bac1a686cfe57cffc505d171e560732bbe7d0d9932725b09edb57752b115a7ab76636acbe49738b83819b9758aaf0a52df899476bacb1db8bc0672058c50365d71c50a938a5ae00366ec9566f1960290c73793a189fb899bdbba2df984e45a5a89486c874df19f84f059654d3ad41d1cdbb4b0287fcfd33d93ef6edd96859a6bac4531d156d1a6e8f606468f9e3a6d4859845433e8be792183fb11d2187d3aa3ba13a9b40356359c9f5753bbd735714194974688e9be2078bc3c62cd5139baac95133d1f5ea98eef6bf6a72268d7b05c625b8c17532f0002c78e17deae685e56a72b70b108ed94bfc052da04775702630777763ef67baba9ab1ded90cae7932b4e5f8222866ec2147469448aa4387ae102db662d10fd303cea94f266813398a1d3f7b253211ea9fdf0e8d39de921bdd64ca93a1ac2a86c7055b0347d2b559bd38e0f123d43a07492616e259db25e2a40a0bb3cb7ce454bd27f4c61df379449aeda7fd6f18da2c5ae6474d175e907f1f1cbc78ae8ec0bad404afed2aafc94d3320c0d3675bab4f6680ae262ef4971f4cdccc194c07ec83175bf7f1bfbb3b5541fafa1b88d88b904819bcfc08473923e15f9edad6c12df80f210187da8f9d348429d8e67cabeb8113fdb1d80f4295975a322e28ebbe9c4ee93a8a8f7765d79bb9a62a0e7f691fb81fd39d9f5f986431c513a261ac40cab8f4ff503a4a663a5ce5c0687699c67c0886a0b4cc97faf26441f07b1a1e4812ea54fc50ea8639b680cc4100b7b0c95781644d79f4e8932d6f3c7e2262dc5fa91fd468d9654510f2955fbddd7d1e579394e21acbcc0a2282a0e6ef3007f9e6347a337fa04f74b72bd0590d4c55d2e9c2e8b4e4c07cbbb707070fcac22d3fb61b797c970c595f9ad223b1d84654a525c7017eb8eb992a3855af56b3b174a55f0a4babbd9908fa4bc04e8f877f45f3dd5abb3e358b37508aa78b632d7ddb30400f16d1c2e00e2ed3e604323c83a7bfa7feff60ec10ee76e0f506347c52f3d31b06fd83d89cf01aa7ff6c62b1f18d3a5c1f272620d0af5bc256cb64542b45fd61907b58bda3f1cb6cc3ced6148de7d527093918230da4664836e3fcc6b33b451a84fdb01565a2c3d37d9833395fc8d04264f81c5e41eb25f1996c135cb8c2e81815fe9c99a98476f553a8d18b79d67ed927ecebd35ad9ed0007608454b5d2e3eaab43f96c9657b128f1ee10c6d4749b6eb4ee19815f63f23b09fe3b4cc5715e765c47efd169a5cdebb54224165b0e4131508e806b51edf9f063dd5765af99af16d4e4b7c298f14c6ea104ec517a0c1e789b26d1179569c8236c55e8c5bc4849e805be1dc45fd3c7e371a0e03b0bc98e2fbbf3c1c0e68a961bb31b5df9d010d0e0982ad1ee4fbf075e581f43eff9aef2e39d8d81ff266f772a5ae7955555b5ebce69be96ec296c66cb818cbccd41dd30e46d0c308a0efda25dbd288f16ce9c3021a3a295fa6eebe37bac841d08333f645ec5eae475ce59bf21563277059dd9ccd15b700be7053f5cb0e4efad9fa9452a73ce02fc4bfed426d4be3d06be392899ac705bb20503fccc4499593efbf39d680bba709944314cb43c4023f160e1420b2de0fc5406c1dfb02e1e7f1815786a9d7db6a930dc795be139eb410a0494b772084bfc98462f68ae0e9020bbb0bfe7c94c61283ef0f46ab979b589e6f35da18d0e563c9616f66b2d53eaa4d8b7356b4b02e3eaef77db06c50b361530247ad27c09791130de21dcc668a88bbdd241cdd0a504e4740c4c442026515cecf18774b3c81d80b7777ed7773ddeb9cdf515e86b1feac0a75ba8adddef89da78b2e6e6ac3b894a1e33e7596fff3b8e3171bf6644fc50364cc745e110553646353407b479eb0bd257908d597d5fbd21b657844a9eb6d3ead99ef483c976739c6f7b5db510a3e0095920781ac83b6832d1bab913508c4ce0cd6e5366e531a3a21bce84fc785c60879bc2c549ec409990d4f65f9fdf7e2d7c4db3afbb2f26b375f25cc701bcfc505a23dbaf7e3bfab5eb129c52eb4070b3cc5dd196ca2e6e1d032c79056055c17c134e2e4eabd51b337f20b450efe0608783edc6377515589fa64488d0f887f637e0b0cc5400b51f414bcdbfaa0d5039980d349a6ef44467af4f48079276e73eea6b4e06e70e67a9d1505e1228c2c6a9bd9ca1486de343db1e21c3923ff8af2bbfd714fc6ff1e48176c840112918153c460088a72fb255b23ef796c32f55d4d8542a0215d765b6071bcf681f2d3e3e6f59156cfcfdba2b86e361305ddf71640a7856b53d0a1aed3ebf150f1c0d2dd915d40c7058c6fdf9ce811a878cebb9dfcf822dafaaa24311c9ad21e0ffd1c7749e8cef584782301f11f5b1aa8fd82fb55e9e9eeb4186bc580176a54eef7b468946233b7354b1dab56852f9dc222b3b3385d64b3d306ace06bcdb95bedaa5063434c1c540265eeb35c3868656936dac4e44ecd942f1661f8c9376cbaa7edfdba6f91f40d85ac01f0f1f1454e84ecc6f321055dce9197cd5d94b69a29c8718ffff22bd778c24e003aa54cd76e756484ac47586894a56da6fc4d4c7e0ffe2abb6809a3922b7f611788fec82c15b721518107a3ceb2efe54ea485370d3d9a62e40e1b612f32d05695622b6566ff169468fc3849282f608696ecf7b3dcb8170ecc6bb4d367f4b5a12d1262b55566827761bb7d11630cb0febe8b3b59303917ceac74a9332d55f7b4a7760381c4397a659a51a4f4081e7c66ba8155f2b3d805eade37c7a7b2167b3e8397b191864f67c404006caa3d94669948564cb20a14eab1ce4c83d4765ad8aa6605a32d9034a6db9ccaacb05024b6970c99cd8bbd18fcc68839d01683c49868a19247015103da92ff345e452ca488f39d940be277c83aa7e58a9a90451c088969d2abbaccb491b92621ab04a6725eb7f1b1191ee4df5e9cea19dd0c231dd50f86f6691919aaa2b4126f699de2ed95213e3d1f991d16a32c8a13b6590dc51f1a9fe66d0f3e5b7f8e28f5eef4bbdb1715e74bb4f8b187fdc7b043b71fd77622bff11ee022a4e724a4649885bd50ea8937cc922372e24aa704f79f113b555d3f778f10abb88fd06d6e431c0a78be50325755cb368589ef95849362e335364def54db93e890c3bdc2aa5d34066fe488ae25bc4c68283e64cc5c4e97c570c7c7bf1e81cf1acda6a4cdbf17235db417a8c0028d89e3a6bea96d2823697680586e9d7934cfc6b735e42b884f8dbbfc7d07db96077850fb3394e8383bac207d37e3851dc6c614388c538fcca965b3bba83d113b9d1d9ae8fd055bcc95bfded87af8e9207ac3b2ff30571c45a5eeaf1960c6d8321e1278cd924cae134968ba43e451427b1fd1bba312300570a9cc8d41e25b352514ba186c2a60620feb7904d5d7516545451e10fad2b991c8e6cc562a885b5485edf313786d19145080fee6315138454b6354919d630f71bc716cf7ea0b1271d53e10ad9cd16e51b8e51826c6fc5e346dc9166c7d8f6478caada0e0f5b1fbb7493da4e001e64b9618e1752417792f627a3dda8fbbb583b55a1e275699c37fddab6649ef4dedd9f8b049be0f1a55620f26ea008bf3dd28d3312bbdff824b917705590f21e5e99c978239e83a6385cb8229c4886aec6e2eaf440f27d36274fcae718067e7e33e9a387cc46cc2fb1ae52ad0c7e14918abc74b24fc8ad628acf934fb1263c29ce3d43b122ff4685416862f2896d27e16fa915b99543a731d588668499a6d77368e2ff9a5defaafbe935467966264a76fbd3595976432340ec74afd5f414f67eb7a4042c377fcd7fab3c73ce12f0b36c6fb68835ea9cb07c0a1a01f3f42d605b38809f156612b76cf30b8dd8e7c326933886ac17bfe44257f9214c8ea447aabdb2e0f326cc3731f4d6ecea5fe8d55fd3f4602fef0d00f16fce956d5d05648ce10a8e72efdd08db3057a2acc7e2c989e14d2c2d5635181c290d0540a4c12772eb19fbb9ae790578a48840e71de2b28f5d16051f30cb8b27f41e7b64a499f3c34e3bdfa25a9b9a8678f39eaa0c6dd95308120c9de7a909326634b04f70926cf8778e243b604fb9b51ada7eb26471cb824f7360f3a280e344c9711372fe9c84becd8a9872db38296f1353f13269e55985b04586254eb070c9cda60610dff9ca7fd3a24649d888743d75ad2db9bdd007f1a6048b8b84b53b6cb8e351fafdbe4d121a7cd47fa19073a811c524f19cda1c20f66c4a7484eae02b0bca25cdff31643faa573a1bd751502029602c903431be82cea82c679230ed97978f42676cba4927743e51f469f12d92274a15d60154f8c9276514732334b8d49d6f14210a9f56d2d81719ec186162429f094af217a4e7c76c9e1f6dfa95e780918d62adf4c8584ae69697ca4ce0e10187133f62b1c116734b894932242e79d3c63d2be3a7edc1a80e1a688fee14d086b3bdee59a3d61d0dc837bb83cc47c6f6d6a525a0078c12d96cb7545da22dacab809ee47d83a7a4415d110a1b21e6f78376eeec19bccf229bf93dd451c94e8f633f7254ca633764fc0053609347bc00d28bb16203fa1a494dd0145a300519bc76b14ffccb558216fe3afa81b73345869d3a6e6a59fd6774b07c81f3674c2182f110c04675400df5e0d21c28137809076b95f47cdd70d63d71483fd92bbc417eae0f7a2d1b0964c0094939e98ada4daae6352d3a27ca815bbe19db3a8f90a1228557acd4829f446f161408b950521142896fda134e0680786377ff21c31387b0e65a36578a956ac95ff554c733f14ed16d822b4c61d2c0b9308a62ebc4b4c6bfb7973d1de657174355e162e81ece161b24c51310e57b71b73791a37f47a2bebfc01aa53f033a1c7e7ba6025f8599e0b71ecbdf69a072b28f0ef023ada20fb56bac263f35a7c8a4b381c958435b28a21f0d848e62c6d372939f1b3b0e3c0eee342d558c6ec0a0888648dea9cd2238a27640e5148ba5be35789314fe37772b684a770588fcb66d93f1177fcef78636fb231450e3d60b07cd31bfe916bddf63b46bd789e925b00e861c3004bd83402a931f7fc1c0c20ef211bbd7d534291cd63161978156535baff3bb24d7bc1816bbd01208b79bf4018905d83d05dfced2000efcdcb9f9c2e4d480db5a0b2aef86de45ac5268e173e3fe453f1c326bc82b14261e8da5fa5572ea962365833bf2d72c8b47478745f5290f299b4800d86c5e4a0d14174d2a8c3972cfd4828fd2f236ebd21a4de3eea4eff5db9aa44f5ad896e88129a2d135edc589827f81daed088c1ba49912895603efa0704d0d7ed7c618b7e2be297be3802d823efda96fb5a8230c8cc5514955051347d24e490ea13f7397a102490bbd4af3c85f0f4ea5baf646b7543497d8e44fed4616f9aa5279fa0342647b95b416021012ba836d34ad99edeb4b8b9696ca7beb11b648d18b077162797571b09f57a57a0b9720082118513bef166959e2b86d22762c9d06021c9c79ee27cce5bfacbfbf79d6e001d39483fba490de557da77ada4a1855d2caee66e860e2eaaa25ee9e94a6192da20e6c237d19ffb089a10c69707699b07eabbe2da2c5c0518fe0f8e09692a2988eea751c84835617022d5ebb8438d57a659ed6cf66fff556a9e685f71ce82db0a8116fdeec8fa4b6db9175e0eaae1d606ef1e89d116b754f052673ad4f148f524cf4cf0f57d1451334ad011cdb368b7be343b6578860cd91511d913f5cbd10725f2fc984a0677132eefa2a815c2ab9d08256c2e6c237805aef97e232ec02999040f5b7b6a1af5ede7e9ab295c69a94fdad1a29fccdf1c5bdce39269360e239ecf0309781302483188a01f112d5672f1aa0678a91d308ae5d5c11c66d8133012234e33cf8531f8a9ec67fd748307f3cf1b668bfbbe9fe0ff586a89fffa0488a271b201b8ee32f7f5a528d6bf4b8b121e14d981b1a99a7b8b7824c2039e69343e0b03eac6cef42eb8688b10756d2b14a7aca04d4063e3deb520f7bb31e454e89ec04c7b7db8ef58eb14486c0ee9f7111f5ddfbeb152117254235cceeaddeef434564486959e4a8200a560ed6aa5d8ac73078e48a8c37631e66d7b8d4b38d6abf65fbe96dd3f5eadbfd9a72294414351ea33147483cbd4826fd3003072bb8a4ec24c5929411a126e3359ab3aed4319cb8085128fe02c6f5e33442dcf8148bd2b6a5062150c5efd0dbc6fbd05b8a5fb94e2201b5e720c99d05a088aa3a841f1eca835c8fe728732a37a0baa4531786dbe7c28c1789cb4f87037a252dcf20ceaa00702e69379ceb624909d443956730e6be3359b11a29f637675ea39ed45ab7d8b779daf88b7e497e6133486a330acc927e26454cb9c3da3c08b1e8b628dc65f9caace3b4ae3ceaa36f802046f8998783978b35fc02790f190010c65eade24924c8f61cbf19c082043902b5d2c7e79a8da2ce6a842ee573f7e7e06e702ef018b0a647a1167b3524700ec4369e86e2fc3ada664674511723ccd18d9ba37130e7e26224c1ca2236ab8e39aa29fcfe88dcd8830bfa20ad63722703591262112935aadc6733575c37b9c9d1da24b7e56d18988347abbcb4060708668f1e2d9b29ddfae3abe21c898eb18971c9435faf54f0eb460d7efa4a0392f34f67cdffbcf62f666816d512a25107f2b47269a5818fdc72ebecccac5dcdff989d165ad7a875fc7a4c18ca4910b7ad71dab47e0f9cad5121ced8a8444da4d2dba26308c09286381b9fa160f1eddcf2dd2749b2ea0ce1931f832f5b5325a7229ed77c51303ade8c65c369366b57cd5ef2ec22adac0f493c56cc4f0f0fc45c10568c1c1ff7caaab60f0555961181104ade46c78e93c568fc69f68454979351c144af44d6900ad2d09cd219cab98d08112c4e17be187c806c976d80a9b505b5659bed7d08ed3a653f20df07e081c4f01c85b51aaef05a723483089ac3dc4ff70f02afa06ae7b762325cd640f327e18e882d9cad328342c9640f76cf59aae2816ad4a1340dce343db8ef273a297e01ed9f3c7b6954bb5416ec5612dff53577a7ba0fd440332c754959a7f068b8df4a8a34ab964f225d573965ccd3a7c413426d5fcb1967ada2b545b42ccd0c1c9a7bd4299636b8cb3bc3ee955599f1dd2a43f9ae530d1c5d0a4dc94d8d1378e23368a562d523a68f618c424a76ac4a93e31b090ac8e817378ce4546cb58d8b55b579b7678d09f71481c298486a54295c7084b3c3faf87ce421a16ddd89f241e1584014fc321aefa78d9f256496b02037b684746574916014ca711d5e3fb531755699f25c3181b16c045bf70e7fc7fd115ed726b2e32b7132d7512a2f54e6903e6965ca84aa230a9879f8744ba1e9bb03b426b3a74dd6d570a30147b01901dc4c495bc017554ff941c7d48e9908a3968b2d92a865f1d70998801b60978a6a54a90dba957c816afd43c715f1120aa263e4559d6bd1acd0f64cf7336809cd4a9a45fd0946a82fd3ea5060f07fcbf124177b269b02ed6074a69946ce6d452ba0376b61301c7b9ace1a7891a91929988e5048d27e47bc0a2dd742ea2346e6a2a4c057c6c0f63d0500a3c6edc702c4f4e11488a39adfb9aa83d16d38eddb2f2227b2ba736309fb0994c7ebc18ebd14c83cde02a1ce1942dec00f4a6ccad08bfc06a2062e57b5f7a4dbe39491822a2f2c829c9f8dfe43b19c09fcdb8cbc815aaf79c3d9596001141af84f0f523f4239f30c4762743e6c7aa8b9af1939d4f0a31d849dad1951eb359fe92a2b700522a31af6deeb4b1077261cd88ef9f9e117d3e155d504cbdd9a9f6d42efbc32b4c736aa9ede3c38d851f0ec7cd3d9808a51baf8d777b031964ebed66fe1838d5e384bf943970f63bbc94826f3cc805e4173d7f8fbba54a84893440199357ee66e24419d1d30a64561d5aa17c465556decb8aa6d03f144364771cf92b2f91721e8b3ee83e2211b518d46139e5454900d95f9291e2e663d9b8a0c0ef1256311ac22560eb59b06c8d6fbce3bdb45c846513dd843280467a4d783a37cf25970cc278f84049ef27749939a443bcfe58af00e36c881f208d45ef827edbe14d0fd50dbfa1ca7e07eb862dff2300000236fc0364d4c85c7f65d2cc754933f71afa995818600f3fb323f4e8e1d1a9f3f243de50ee7bb9f81c486ea7e2812cdfea9a442230b81e49f501e2972098502fc64f67e750f9279e59cf4378dac6f1d18adb4511f6c53e37b25e08ca801c515122744f38ff1697a7b3d14477c339469f0b5eaacba255dec4636b0c3bf7231a5f9a82a4d956dafbe1b8e2038b4eb24c19f298b8011a3a8861dc9138b1cd62d7cfd1a9f30f435451e8561b77c24e9ca736f47c25b86bc2b80533e6ebe6cdfaf029d9e063bf1d4b2947d3231ff421b53b59967cfe4b51f5afb69f15c390e6cc7eefaab74b42beabc4b766b9db12e81b451e94fd9eeb5d3c22239f34176b8c6884da1289a6e6dad87e1d27782ac2c5c63c726e17d23f4b40dc7c738b7006b71077af1f17cd6cdd0b03ace82ee40cc32c2b71186f911248cb753bf03a17c39158422057e64f04f7305e6cd8686462a04f880c595b1e944b18e681d6f6783cfb52c16cb5e9291f8f8e633e0f53409b923955f679caff355e704b666159c5d2c89bc31239c2a04528f875107e91be642b927324550585c9d5a670d1d8d59b50aeddd90e0bce62def9f0ea94e00971004ce91004ad845a7edab9333893954571f8446876d743f0367bfa4e5f328b4a3bccb7c487392f079810ca74f906a93be9645a3015cc3daf4d79cae79279495973a33fa93845725c6ba7c2c35e746569f31b691edf4ddd2cc1489d07d8c453ee992446653cb46f96aee0fab856f392845ccf599d6440eb44c369481df03ad3bf8a6ce8897e331e48d28811991cfe58ca7f801a623928e24ddece2cf073a6e8d0905261618ce93ee0df46d2ab0a70ab90cdeb42e7f3269b3a0cdbc4100a93e0b459f48596d1b30601de11cbab13192d2d8b473fbbedf81426893078a1f941d69a2478b88431edbb2faab5f1720cb0eb7532a4d562e1a9a4b1105ebaf0ea92ecfe97e0951243e79020583f30987d2f89b999b80d8950338d62c51ea355983e613c6aaffedca13a27973d5472748fc57f4d32c274981b6e741ed8f70d8810ee5206a3e9d5176387e768530d811cd01c077b88070de747460470934b24dbb797c5ea6b40de4ed9d97ecf67d9de3ef8b0194878a02634ae4c498f6811a93467cf34d8ba74c598d24e1bcc586f5d7d85545d6243bdc0851a3aa1c840704c37b081b51ad65d97461a4a0a3eb23289a385512e3d438dcec34889cc123297644796c2c752b303212846861dbe40b5394d0d92c05a3118afa67b87a277e78d25f33600a158f1f9bac425022e2c8ddfcc42687c07061f42311849b63aab4c6afc99ade3addba196e3dc53301c8f38215d62968baf0ec9442d09955d6f4325692db36f2005e25a10205eba797e40d06c6c557f9ac0c0a21d7157440880eda9a027110829405f9a9c8a994bf764079f3c14ebb48fdf7febda39d8ffe8e15c72119714000d67c06076dc4fa48fce33793a44078872ab405095a9b47ff41ba0697e339eecdd86139484a39eeb2088f6cb87e00390a7321da4aed8046b7f9ba7f278701c81d8f3914dd69597505148741d00e6b0b67961465ec88f1d087619702fff964b377a277060d9baa331aa4b0fbeef745884ba8d9f07ce7eba76e7d4a1ec94cfabded60057485090da1b72ab849069ab43cedf5683a469a9a7cca8a4ea949ff4cc992109e71d7a56a4f6b78b43381f1c9e1ecd4d8c3eb947489563febb68eab84534e7e7712fb03f587ae22253bfc2055674f987d16a29a8fb59cb1ef3bf5b22c0526206f6647a2809180fba22396a7ba73ab7f51b0d16d359b4fbc017deea73c804c20767c5adcd1acfdfcec3c0d63450ea13effd535a51b8d7e9aca1b218e058040f73d811d52a474bba13d791cac37371af482da19e7ff66712f6a2d55a54ae6bfa3f2598b68e0f25d46bc54499cf7d7bd24a8d8c2e5d458185a0bd66c6af26ee1240d08560c40b3590260f6216502d8dfe937afbd3a0b34bc56b9408d56b79bbb6c7ebee10c604d21cbc141c329f9a2b320710bfe4000e4d7afb45bbf97f91658f276ff4791cfaf071f73f0296705b6611359b9d1c6f78b281b3399e0cfa52059908e0b672de15391100a54d693a497b7cc1107f769c74cb38ce08b165347537d3fe4ed988efa0c276261088b563d0d198bf081edec4ec253cf0c6ff5a424fc2baad3641e770c2bd1f8f49ca5c08cf89af9808666c7b32a0de469c84e0f57fb343b73cdb578b070d96db49c359a2056843fff4c05b18aa761717ffb445572c66b927a76d04be85cf561c33b9c7bfef5e9fc6095f0b97f61b309c4ebdd492308c9cc55482a36db44db1b74bb3792b728790019338cee3c03d2b072279cf9113676fd1b955bd82ecf559da2c16d16d3b07ef62c5909274766fd0ddd4f9a843d938b62fc43dfa62b49f1429ed24c117565c1e004387db21cb6720f67f0a15cc0d7567ccd26e5b193da942c9e9ff950be4f9be92aa691a78e0a51aca6e4d1834ebaae570a7db22196db01f2985dc322fa59491dca1697bee57da519f6a27e7a0bae9b0b7b2f1bd311ddf327efe311f8953d49aa3d00d7cbcdb448536c57c9ad3f4a96297ecc9ac70bc8503ef8edcfe657a01f4a32ba3d2377f7efd1390a02bc12ec967533d03fb5b4bd952283c67b75b9349857d9ff2d20964ab8f6239de0f54cdeda361d03e6aea921dfd8630486e747d64a6c9d4dd0c51e1a6a13b7ada7a5843b6b3c3ec5596951d0a6bc77281066522225139fcaad1304ff22e9d5c9ed04e75dbad8789ea66fad1aebfde3dbc7ac68a01f65ee8116b794e0e3d62c1e07c1305190131c7eeebde03d7d08c07281068e7dc77b4c574853630ec734a519015e2879483c69a1cc31c0ebeb47845b1ba4ba1b44f7e60faf730afa943bf53d85756212ec2eecd5ea459768ae808ba88328bd4e210d47e31f9e8ce4dc36d61972857b9d4537e53b19b705209865e4890d28ec689d30c977984a6de7e2a704bdb35df479d8113e62d4771cc376a8f064fb36aa60192835946c5f6128a100a05e8e6dee101ced3e237381ad6a982a9f1da023b29a32afbafaf570aa1b0e3a67876ad6b89cb8035b1fc0ad5f2c803ef79eb8f769ac15b887e16f35cc3739ea795c4ae517e3e453def11e5475ea25c1ca1369ef2748dd09973f11ee4fd60c5d9e49b5570a0d26cfe1c40a4ffd500b7f7e19af9de7b9a35cfa27da213db5e54b3080efa4d1445054277525be06015fce7119c68153a536cb124042863471d72311df9baad60d91e1f314b12b0847bef70f411773e9162471c16ad0d92ab45774a1752890d562062f8d7746111359ffcc911c7f85deb6add9244e4d5a7ef2dc71106d2b9cf9c2a76e5ea23e7abc1e4583ca008e788e3d385554b0b3e48345e6c75d66331977b0f37563f24e08bf197ebdf3973bb8e27e4c7470722dc139335392e609fc066d78510e3ea3b3c4ee8653697ab32c1153fd9a27734fdfe25f4447bb912a27d9a20076a34329fa755a03c060365e7816ade4588f6c17a02465b1e3f207ff5b684a222296224d302f521215d9853d0dd2721456e481462b060c99b37998cc04e29cced663dc89f760030fdd480be2924a920f98fb452f6b2edd754f379e57135c4f459f9fb56dd38f6312565752bc2a22dfc767d86409cbfaef04a0c9ed2a1168a1103e882c24dcb0de3e97cb30ec5948d6be8c5b259a740d960d06ce2ea46fb1b1c742a84a97afe5145a8b163f85d37216c377f02ea3b36897039a9c9207cc3d909ba4f169c51ad7c7aa4fe4d2b5ab6b5f42bf496ea9392f65c53a8e5891231a52e1e5862e6b6a7ef5e1ca62580c37fcbc1ed97df1d6803a9e71edc17b0c470295f5e694bf3d213cf358082abf3f4da9286a88d56c7a9a37b254c6a1353bb7dd83fd58f61101285afcbcb309af51402b16c3f09ace9ca0bb46adabee8c9d84f4831f44eb6733c24c59c8a4f9a1cb36bbc104b8c481e93e21aac2974b6a75604286abd0caec1b777bdc6939d7f42052aaa38e20a771eadb380b93430328833e93e8adeacc7d9c506d0ecf69492f5d5d00fb79e97c1634ea2fc51ed03865b41027269ec388f2f698a4741f9a9abfdeddbddb48ce1d5247d4f46ba49fccd2c102f88fed5ce82f9575a4f643eb2c7dccce5d94562449b747917bc25b1c376e87de05cd2b0761eb220f11ef66b3c53ed2f3a650189c3abe6422138dda84680579ae221443c8849482288c351928665de40881674fcbc8692e568f12e4fe89148617deef82a2a9876ae8c0e226ccf088267b0e44342ef5a4a9eb59b7fcd2d379cb87c64940ba5dd271775ea9f56d7893df4bc975d6a56482c1046f7d43c8b7332e995b3e31b72110793907ed7f995f1fd3e8fbbceb9d0f458845d61f05b1d48d53a45e6656d605ae33843370c1de19a0acea81d3f4502bbfc1bf414541c5430103c65c982f62743cd295b0cdefdf1fbab5559bedcb40139d7f8df37267ab54e4930caeba526f2012ac9233447f00d235e787e0ae84b1ac17ac3b22360db5c6945e80c3847417d6604715d8ba0d1a1cf406ba47f96fed3c26520f18593c6d2ddaafe354cf258ecf710b7c514bb2ce496b1b7c676b80385e9a038108b6a126012a2bbd127a82e760b745c34f5169b53e13b5346dd7c9602141369873a6998e55b427c2ebc26a5ee9ed57700aa162d9464b9fab4b785e02c7ee5755acb8f873378d769737fefbbcd9dad3f3c375cc816736dc823e882d83be1a2461a968d5776815d4359a51f03da7d14829cecf3060b3116bd0c48679004bc09fce45d7e223beb864d4fd8a7f7dd5831c8b0b521632ec40d349c4c6b6daffaad3334c27681774c61e98ba51150e0c9df9871cdff43ac29d81e2df4b88f6937010fde3086626176d0f361109e3116b3653de7db2aa5c753cf150181df5b1bff4496bbc464848e5e7920900f4e1f3c6779289495e3e807ab88ec04ea026d4cf05683fd923fd435c9b6138f3cb127cd17d73adac31507166e5a497ba4e6beb2f6f7172c7e8919d38146bbb45e3724093135d223c3692c76f933b7800dea16f3a7006bdb2038e32f567980c1f5dedabaf21aad84e43bc3e4ba6d9b6d53ae5f6cc0be93f0a4cfb29ad6f74eed07f541ecf0cc8ef7f34cd202ce9b1525e6b7eacc38255ce377f428aec6405d397b26d64d4e15bc918e70a0357bb63f20491e31420a2d23cdb911ae1349bf6082a1d0719d43cd78a711f9905d7a2babe0b1edec9e1a0044c9a8ce8523a136964d3e26639e272f6d330f3d1665580ca88c7964a715ed03d6a16b9b778d926ce248ef1228d813cdf059dd051a09bfc95cf76564731cb0a2b652ed7c3fb6334ef347d93678da08ddcd78d03a765bcce6b1ebab86ccafcb8790cbd91a1b192d2a2b8702c74aeba4b102c0091ab35a8053e5038d4f0a84fcc052c1239981f6672bffa74baf3c749ff1971005a1bce49a5ad902a2ca124cc52bbb414293b02de2164ed9ac3f201e597e8da5093c76967855ce49cde1321dc84435af32f0bd51c6baf898e00d6862a78a7b387a8b442c0e1aefd5ee0a2354b7fffe1d9367422a417a0b4ee15c902bc40b6b39b15ede76014a671ac73cceeb8fc1615ab05e91d2d9b45d1c4f35d7764617deef2f10e68fd35eb81b58d169dc13252492f88fd551c158b7d81082c1201051425af77afeaaf41b65298fa459d9c25b79bcb61b71ae65842ea3c10347921c5c1d4b26bcf75cac6ebbec3e27f71ddc54bf7414cc8741ce7a67eeeb52da3208773cbe3507758e2508b352018c503dc41d03e044864342ec84dfb4747625ac82e9d58b321b46cc9313504f734ca2495dcf93fa45325bc610f2fb6c1c3817ad2bac04af98407a8fe0ea6cb1b1aaaa721922833c45792ec7386d2be189dd61c0fdb66cd5f9719420983c87c3fb39983b3a9b44823ae5167cc15058099123587b8a65738b9a5e90c1fbb7e46eb57d88113a6f65da2ae73d16ceb20861a87c8e078a6ff83138dc45ac2f321156e01994f6a50215e51d382d432fa9bb74cc579d2bcd56c4cac70f2a67ea989496c12fc89b9acab80fe38c48062377fc6d07975fea24cd6f4e676b5cfdd6ceef1acffe6710dbc32a20feb57fe0d9006b0e1eb596119fa22173ee2a0ba426e6739ef6948bc071f4ba05d966b0a3fd419a070d1fb5da150337fb80b06e28457342f380000f5076a7079761d6cd5a143ae70d3911d3585fb62129a02b06ce70beb0ce21e3241c6492791b847492bde28c14a39035ebfbcb47601d8fe88a7276abf8174a3b8841b10b672496c7f5d211af6cb9953a339c6e82db4b91656b5d1d634e42f207bfa419e9e1db26a06eb50ad190cb8c0f141656e5be7094b34fc8686dcabc4b78243f39b6e9d76c5bd782ff478e40cba0314446735e39c84f45a0461b9e30c2a6c6f64e5dab38615e9dfa99aad2a9cdd09f76506d6ee9c7dafc761db563824cc148f1c6207b1173efa2669155ba6b4e4d82788a558124be2781d82814aa389e4d7ccee3df82d265923cc3b8e2d3765de72e5a0aa19ce538010ba174b31b7d4ee9d2b87243ddbd9aec207e5067c2b1d2f1322175e0b012cbd742f50b7d2225b318166c63b2f5e81d2ade2646cc1ce6a4795fe22fd0a3f62fc87307f7cbf66e9f33b167f161e6f4bf9ee2b818148a23c3246ed28f8232aa01e98077899c061e42d6e45c62caa9c04af42b7511f5b7dbbcf4a0b1534ed5eb4db1947327ad951f8c3491196ca6692382d8bcf2320465959327fe2be38a06b135c0b34499b0304f7458ea8f49bfcfff332a9329ea1346a218166047d294120caac511236e96a6ae81e5136861769e3cef1b758919dbc2daf0d0bf88099fba379ba6927013bc9b88b7ff24effc5d9ed55db57d42063a3acf9bdc8ff0710b1ddf6d0c9209551ef29a3dee4f6e55f46ecb971789e84e484275b28255e01ae2c11118952fb08304aef1d4085424ed33d91cd5b630e256b8cce70d63baf784679bce798825bd16e7e56a6c7e5305004caec1fdbe0c8e8eca54f503fdc7f00eb5c0f5e41bc1691ef4bb95cd3dfc173f41afe6428c7e9947c4975ac5fdf02e28fcc40d5cb82b6c6083a68b779332cf56c2754d6525954f4ace87ad93c6210b9d53ca6648a7aa8a7420a3e4267c94d629be546c5b5d1475f5038466de674ac2c9562dcce557bcf2fcdfd1b294a06d4e2b15dc0ac007c1fdffb7b5a8f4e645226d1306d372a7a891f8e20d6d59417d571ac266397c372156938cd3d64628f6b1cd97ae6f5218dadd3f0a28e7a24fd72718d4f05e66c7df4611cff72d50d5f815a5c9f39835545efc946885dd1e63ecc50953b370b736855838b20a670dd5b50c618cf7db2d2cb42fc297c69e2e69809972218cab761d6f2ffb4495c7b0544c7442c5ca95556981743d79f9e57b066becfba36df1748d2a65504e9f6a16fe4aab00127000e2ffee5d99016700398a2b7bac8756f40bdee3ef8540f4d302ccb4744cc0394113b4be7356faf9e12e705e525677106dd16d3b58750173197f8f1d49e49be3b4a37e705aecd0ab1f5926a92c77d738dec44f33f5c4721c619ab09114077ea0fd26746ddd0d84cacf5b322787312ddee42edabc264deb9df8b106a4e45cdf25f58abbae1254820f676a26a4c0bf329d15d9e404980189c141590731a88b9093e1785a5c9021355250aaf07e9085595bb1b259e0bf4d6bf63921d93918ecada318c147f5848e8357f7bb980dff9dc4eb3e20233bd4e0246300f4d37f2d627903b3feadfb44a9ce2c989fea1512bb482399ea1de42a6195149e4e4b5cb6b1d1ef7d40c48af9f7aea7260245f5a09bac2640f64cfb1e2dad08a433fa33093d22bb5bbee2eccf222a7fcbeb70c950f5bd0935cca27e9d17c3243ed8be9a5c09ae13e73273730081648ed7edfffb4d4873fb2f46322cb3c686899b7107964c6260a17dad3913ed5290c5d45b9ec05768ebc43b773daddea3a063b56355ae60044b989c2a804e93cb85d86335e400a57b419ec3f1c2b574a2387c1e1613671d711a14a01d681cd18b579301ec5fcfd05ee8cad883e0c4f4c6b12bc4945fbcf91a25fce6790da10536a49aace6169c2901e5d70486bff15fdcdbf366cf8c7fa231e660479cf5ffe1bea35654dabd3bb25d457e8525beaa2bd534c530d16fec022e0e46f2338b311b4b36be2c684e0d5687833573eddd0916cbadaa8d1afaab12d548dca8650e2556c988d4c6397f354c2ef41d9660bcc5f67f609b4870c9c8c88106fd0e6d2585a1de7a1414610312bb7b3ecdb14bb4509d49d0a15c9bc921da0fe7969a7cdadb51c31a17509d924b47ae7d8f02726eb74030cb248ac11b6238d95807783df4c9587952a90376261b4fbfdfaf9ef388d7d458529446b7a5e8308e0e0b5b979674c81e889111d8c05cf143601c644d05ca565088b5cb9ae552dd942dc684f6ba83b693424125304da087d2a71743df722b9875a9c9e8cc151808f62abbb6e54037b1e5d335bbf5619f5a49028dd2da60ee487b8e0b10cb4149bd94a5980c18ac6899f8be1e40f68a4582aab7d979f39d48d995eab00893a554d6fd2ee2cd360f5ed8f12ed882a9dc12bc95a506a48d34edbe19259a79a1258d7eba3165f7e8a47b435a4d545ca0f8112b83c29ed3b20427ec85ae635f265a7a7de1bb3557c100a53e2d16dda6d50b2327e6978789a80adf4d26d4bb69961bf66003540da646048bdda5e509ca6c4462eaeeadc45e8e969c03a0fe54ad558b75016f4949015702e04ccd905afe7492404ae9bbbf2584ebadeee4957d05461f331bfe9f088f8356113576107da6c0a723bddaa79629ac41bf88bcf8ee2551ededda88c2078d4de4fcb61edf1acf0b73ce3934e330b96902f472092cff8c7ad20de93bc3590c5e634775d99136a434853c127b5c47c9353aa386016a90f02e038aa3f38dc2614d094b193004b6f922af31f488fc0d4badffc53e8af2d4dba54dca0d04072010812abb41d31f75078130ba1e425110cee11197e57bcc1f47a5da771c6885d4793a7da64467654ab0816fd1ba628bc1b11366ba4cf5f75b0a2a0a6f779ce36b76be2089a7d55046a1775d777d553e86fb8b11103acb670e8518f38b8c61157ece32f34ff894e2a53089b7dd9d15fbcce355e5656b9a6009415c578223a27950fbd84379f0d190afdf869fd2737f4f427325c095f524b4e67a9a5aafe8c2606886d8f92226488757de9655f4d83b9a409a9d3781ad3a653b8d0c926b4b701d24db4fbb0ea4c9b1a67a773abce4e0d8fff60548739822c9a01c8987b9ef8e2f7218343492a9074736b8afd3b2bb11321df96986b3463f12051764f912e14d87979b75b9d33f4ece2cbc4ce568589b9ebdbfee0a8422d14a7cd848e9fae147f4e4ee735a342ba857b81d05c0d77f7d95a86709c932e78db399278fb147be30e611f65bba3265f19e918f892fcf08904b9fa7fced261754727b23e47fbe27c8342888f388acf9ac29888822e3224160f9d620bcea2611618fe365f62db81df4f4ff57a2fef83f96ff97bf6520f22a743993ab4f358582ad1698128850070d6d9b9b42e0a25342e3578dbd86928b6304e65f34d0053d90a43eeb45aab76dba9cd62df577b5cd0c805fea79a3dc8d5c387367afbe194bc072966a46e2365f97e7aa1ecdce7e95b2489e80960854ad7b9960c7796433d2f3b9594b2ef301f873a60cd6684c23f22d82eb4f46570edf4e1122d1de99e8f89c80766d7e5b5281996cb62a7ff912027a9cc9c5edf83a8b6333c4c7743548de3ce8ed6456154e22a068f3979046044e25933c97ce890aea0e07a816d43700cb5d16e29e47329d83f2c3290a9425bf40538036a4839e22208b4c5f0167d34212b1a55b6ee66396498a0b105182274abbc547cd11c449bff0dc80f04963af3d1cbbc52e62cfdb1ccb0993c358155fb32366db12f4f6c484447c5d3ab410d4051de2f1814f9034588bfc4056542e7ce453f34577af658d6645c2849f721b4bac1d3150d243d0aeb01521b2caa506d54c49d4754079710bea0249d736cdc516e9fe3e0565b085359da52898f261ccc8c494da7bc74bc8dd1e4ac30c378f9e52d6503cda3fa428f8dab942746090003fb73372442e4ea02d723b5a1b4acdf030bbc923f3d744207c72ae553804ddcee11d818d3b787784036f71df4c3479fee97cc2e87286dfa4dc54443b0bd9d05b0261d978b9252b21e676f983c41d17eb70d58f0eee15dbebe03a8a53e1d8160923bd8869bbd376a0a2c410d7eb188ed33c7fffe7b384faf22746dce19765cda3704cbd70da804c9d1a1f8914a28e5d071312931a61e21e021e81ac6204bdea9d98b8875cd154e65734983254e965880663870c077517bbb484abfdda3350f6f04c00befdc45f09a2a409fc228a481b91e7094e4569596c2b325061bd5e0a8e0758f961a51285eaa50af03e0332cc0dc4b1f7c2750644b04ed2a92a2018747a983192146f2ff086fe126202f5e6eb6a1fa23cba42f130674d30c6ccd4f6e19480a3cf1a1877e735d440c264339401c7d096f925d36c1dc4f86e4ca1581e52737fa20dfed85b8a68f2579632ecd30ae85812c6ef14bcdfa06350f350d223167cf180c72eae8f52b9dd0921caf7180367e300c409bd19007f6f8e306645460b00931ac859897d4608f2f158d977768267359d5f5f10a4577cea09c169867c24395e3d3bd6b9a8c786a6bdfc49feef6b5b705d2439acb1d63643f2c69e8888d4ef0fee0879afcc62e15f2e1fb92e0e7247909161b2056f656a7ac32c462e8179bf41c7b005f06b28707e58b545763587fad2b7a45fbdfc0c2118bf5ac2145aaad2af57db7da1b80270ca06d5ac621d17e2b33eff5809af4004948fb6c15b876b1eeaca2baa63e519ac68206abcde2e7ef5de2ee567d7cd1f1b66804222a47f46193a1197c1ad4537d42941caee43fc00f1377773ddd2110338612932ed2fff35543369e27b33dc30a31091f2142fd79d3aa66f9f7b3f87166c305199798b30007f17dfca629fc8caa9f82576fc6f6223d078d17725527b8fe3a1796a059bbd0cc7c24b4968a46a9c28b20b085dff3e8ba0997421df48dd5262404327854c05706dca670b82eec4856ab0203cad084826f4739f2de7f631565b4e70bdf72bfebaf3ee7e745388d075df3066c2bdae46a48e813a362e1a55f99395f2b5ed2668e0ab80b4fbf44135bdeb2136f84810fc306d28c5e0ec1213a14fe92876598b5ae0dfceb6099677b654d35adbd34e7bc869727f2e7d0496e6f026ac0114fb9abd9ff333f480ae17dba36fd61642ab8492b4cba6ee8d5ce3c9d4351be9cbd30a4cffe239c318a704ac710d67e0cf7585213afcea6210e48bd68097a46cd1e3b97f6849afcada4e75d58dd75db46182c62c8c918899119397e8fd3a87259f4c79c3e13e3cfae7f8ab6f3865a68a3aa2eabd7dd1db323fe4cb0554b8ea9c6e05c925538c8bf08cebcccbdf5cc74b5d497c13b98d4f43ce83f201f50439a695aee04c8965f3eaf72d70ec38fb0d58dd996f7d17876bdd97ab3aca4db230a8dcd35c4e9d6bb11daf4ae3fa70217549c9d8be10b3a8f743a1e9e1cf22efc909fd631edfad2a404ebd27af8993bc15f5423cd6a6143ed1fc66a8b63356373b72a49edba0289ff63c324794bee2999a67562b751c8e8f965e5da939eb2e05c7d88944d4246410257723409fec046afb3bc1f8c2e5b5c0b39c63689d06414ea9539a138c338d468da0bc415b6dc2cd72786a920bc07b2351790d5a42b460bee4e94f96511e6ab14a48e2c28592d93bd67d78699c20285acba65d2e45fd12c7f95c672f3bfa835ed841dab21e30c9ebd43d3f268082e30e25f391fce14fd989c62825a07d7ff6194b53d3f50571a8d6a70da70de3527811146a115c67fa247f99c88043be48adcabb14050a00cf103cb0a5b5787d63f28853723021759d61226e7a56a16a55b0d8c5de62da52c52150a558b785f9bb4d54a7d2c70b36969154642c81c2204a4640202c19f8de28501b3ab3b3465f536b338340463e3c061c6bdbf95a418829ced30401cf3be49d61d1d3e3c5782a5934e78598d040d4bd4cafda48fc1f0170d3ef9028b2630f040821c22ec1cb308c849631a3709ea1a4034150293b082ccee46cd2c32f518c15be34d2e2d71c3b2d5f8821320c91b31d88fafc1f40a9ac75f2eb457da87b7f8f09d4ebd399e813db517401b06b38962932035c7ee4bc165ef554f501e64668e8684c6fbc294f9ef6cc47aa690bc972972048bf661073b8453b2df1cd5ccc736f9500a2d756177e7d0b6197b97ac19bb05f48cb1152f863805b5b1f946f845b67bb2b03568614ca140c2a503c666bc89b2e674c91027a2f74d88d340d1fa5fb1ff5eca956f47af82ddaff57a154e95aab12df3d76e731b29811fc991588ff7f659be3fc379552a2d492eb1257a299614b34370863ac2af9f00398c104622822eb22d5547a585bd59f3fabd9428b0ca882c841527134dd162585998c6f825958343c4445b8550ab3952ef50821af152a8eeab22c2eca976ca8a2945954f10b158efefa91ca2c7977acc5fe090121c9b039207f13e0e5218f0fbc2177f52c22cb129559e0dd5dcc0a25c8d56e49c10fd81769e07a1f2a32d54c40e8f87b8bd3951dc14ce716923b6b28ab7ad13d2dfd9f1b354afdd3cb525ef5c36bcde66041ccc85dc7dbb31203cd33a1121b04d69097114fdcd311f7c90e541f76da51b735be8d6f3c898f1949e137ecf1f14589fa713cbdc744a82e6fe8bdc7355356527897b9141715f741f0a35ec29e5570802673321f03079448ac61e3ba22e8a10cd61833c19e89a1e2350f400849a28eaf4f318819e155a65c43f76271205ebfe86ac069dc64f25af915f88e1e4a2b33aea95bae94c681198c6ed101bc51eeffc32b250bf8c365f56e8185114e27ee3bc6fc2122fab8dba0c0c7afddc4b27ec5bde690ba6a9a0f2238af8ac38b150b59d8d6f76eac3275560755b384518df345803b8b632a05a93346fe142b905121c30ee905a7b976e00a66c1196443a9947591c59aa77ac175b6658a7244f79d1982629e06f2f1d0023699b0971339110f5cd9743c347043b3e79b148ecf6626a2dc9a26a9cc2d1db848a3d5729e897287e1f53d1d47e417e745a8044082b9284e0958e62750be2abafae83aec149992c7cc6ee8d247d9de92e0260c851ba64ef73dca81a8729da9d88b772de5d6486ed23c35455026c3904fa54299096f649930e4cb54c15c2dc77ad9701c07dfd8608453431df806375a0a763812d8a542f9fdd92d2e89c867d51d14a1d8622c5b4d092e78722acfa7bb633350d12f4270ecd71b97a1e036482bf6e324426145dab843d7172c0e0892d2650304321baafc9622c393820149a411d4d11e00235db1baaa9529b7509f2bf70fdfeea1de8a097c4d3fefd4cc3584e846bd3ac9245f067869faeed64d02b615d92bf1fad09764dac81712e3fb8add17686756886754419daef79b30b6203764f085786ea4d4193069cf66d4ae59a6c9dbb1e585973d909bf205c2022bb354a62d68fbf5dfa5906f058e40d66e11e8dca699abb1c263b8c91e66f4641c3aac9f320d5bd84845f7659506f5e35556cf6b107030ef0143ec49d1a802ff41d914fd5a6356e3b324f9862f93d971003f788b53dd639b6b32f37cb974d34d2b463e612ea86287dc5fab146dbc81c33a4001be698798357"> <a onclick="decrypt(this)" style="margin-left:.35em;margin-right:.35em">解密</a></form></div></body></html><script>async function sha384(e){const t=new TextEncoder;e=t.encode(e),e=await window.crypto.subtle.digest("SHA-384",e);return new Uint8Array(e)}async function aes_decrypt(e,t,r){t={name:"AES-CBC",iv:t},e=await window.crypto.subtle.importKey("raw",e,t,!1,["decrypt"]),t=await window.crypto.subtle.decrypt(t,e,r);return(new TextDecoder).decode(t)}async function decrypt(e){var t=e.parentNode.querySelector(".password").value;const r=e.parentNode.querySelector(".cipher").value,a=await sha384(t);var t=a.slice(0,32),n=a.slice(32,48),c=Uint8Array.from(r.match(/.{1,2}/g).map(e=>parseInt(e,16)));try{var o=await aes_decrypt(t,n,c);e.parentNode.parentNode.style.textAlign="left",e.parentNode.parentNode.classList.remove("card"),e.parentNode.parentNode.innerHTML=o}catch(e){alert("密码错误!")}}</script></div><div class="license"><div class="license-title">SJTU-CTF 2025 部分 WriteUp</div><div class="license-link"><a href="https://blog.hans362.cn/post/sjtu-ctf-2025-writeup/">https://blog.hans362.cn/post/sjtu-ctf-2025-writeup/</a></div><div class="license-meta"><div class="license-meta-item"><div class="license-meta-title">本文作者</div><div class="license-meta-text">Hans362</div></div><div class="license-meta-item"><div class="license-meta-title">最后更新</div><div class="license-meta-text">2025-04-10</div></div><div class="license-meta-item"><div class="license-meta-title">许可协议</div><div class="license-meta-text"><a href="https://creativecommons.org/licenses/by-nc-sa/4.0/deed.zh" rel="nofollow noopener noreferrer" target="_blank">CC BY-NC-SA 4.0</a></div></div></div><div>转载或引用本文时请遵守许可协议,注明出处、不得用于商业用途!</div></div><div class="post-footer__cats"><a href="/categories/%E6%B0%B4/" class="post-cats__link button"></a><a href="/tags/Web/" class="post-tags__link button"># Web</a><a href="/tags/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/" class="post-tags__link button"># 网络安全</a><a href="/tags/CTF/" class="post-tags__link button"># CTF</a><a href="/tags/Writeup/" class="post-tags__link button"># Writeup</a><a href="/tags/%E8%A7%A3%E9%A2%98%E6%8A%A5%E5%91%8A/" class="post-tags__link button"># 解题报告</a></div></article><div class="nav"><div class="nav__prev"></div><div class="nav__next"><a href="/post/2024-annual-report/" class="nav__link"><div><div class="nav__label">下一篇</div><div class="nav__title">2024年终总结</div></div><div><svg viewBox="0 0 1024 1024" xmlns="http://www.w3.org/2000/svg" width="24" height="24"><path d="M434.944 790.624l-45.248-45.248L623.04 512l-233.376-233.376 45.248-45.248L713.568 512z" fill="#808080"></path></svg></div></a></div></div><div class="post__sponsers card"><div class="sponser-label">喜欢这篇文章吗?考虑支持一下作者吧~</div><a class="sponser-button button" href="https://afdian.net/@hans362" rel="external nofollow noreferrer" target="_blank" data-type="afdian">爱发电</a> <a class="sponser-button button" data-type="alipay">支付宝<img class="sponser-qrcode" src="https://hans362-img.oss.0vv0.top/2021/08/05/68281340.jpg"></a></div><div class="post__comments post__with-toc card" id="comment"><h4>评论</h4><div id="disqus_thread">您所在的地区可能无法访问 Disqus 评论系统,请切换网络环境再尝试。</div></div></div></main><footer><p class="footer-copyright">Copyright © 2017&nbsp;-&nbsp;2025 <a href="/">Hans362 &#39;s Blog</a></p><p>Powered by <a href="https://hexo.io" target="_blank">Hexo</a> | Theme - <a href="https://github.com/ChrAlpha/hexo-theme-cards" target="_blank">Cards</a></p><script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script><ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-8746554831230893" data-ad-slot="6356225601" data-ad-format="auto" data-full-width-responsive="true"></ins><script>(adsbygoogle=window.adsbygoogle||[]).push({})</script></footer></div><script defer src="https://blog.hans362.cn/npm/vanilla-lazyload@17.8.3/dist/lazyload.min.js"></script><script>window.lazyLoadOptions={elements_selector:".lazy"}</script><script async defer data-website-id="5d181692-8a81-4c20-a282-cee87a6b90ef" src="https://analytics.0vv0.top/vue.js"></script><script src="/js/pageviews.js"></script><link rel="stylesheet" href="https://blog.hans362.cn/npm/katex@0.16.0/dist/katex.min.css" crossorigin="anonymous"><script>function loadComment(){let n,e;(n=document.createElement("script")).src="https://blog.hans362.cn/js/disqus.js",document.body.appendChild(n),n.onload=()=>{new DisqusJS({shortname:"hans362-s-blog",siteName:"Hans362 &#39;s Blog",api:"https://api-v3.hans362.cn/",apikey:"8Z1UVT4UOk22yNyk9MhpqQ0FLb27Hb1bpV066b4v9zOFie0GQ6VCoJ9TJwoGlCVF",admin:"hans362",identifier:"post/sjtu-ctf-2025-writeup/",url:"https://blog.hans362.cn/post/sjtu-ctf-2025-writeup/",nesting:"4"})},(e=document.createElement("link")).rel="stylesheet",e.href="https://blog.hans362.cn/css/disqusjs.css",document.head.appendChild(e)}var runningOnBrowser="undefined"!=typeof window,isBot=runningOnBrowser&&!("onscroll"in window)||"undefined"!=typeof navigator&&/(gle|ing|ro|msn)bot|crawl|spider|yand|duckgo/i.test(navigator.userAgent),supportsIntersectionObserver=runningOnBrowser&&"IntersectionObserver"in window;setTimeout(function(){var e;!isBot&&supportsIntersectionObserver?(e=new IntersectionObserver(function(n){n[0].isIntersecting&&(loadComment(),e.disconnect())},{threshold:[0]})).observe(document.getElementById("comment")):loadComment()},1)</script></body></html>
Reference in New Issue View Git Blame Copy Permalink