第八届浙江省大学生网络与信息安全竞赛决赛

不是炒米线2025-11-162025-12-10

[web1]

1 2	post http://10.1.219.30/flag.php 123456789

[web2]

源码为（近似）

from flask import Flask as app_class, render_template as render_template, request as request, render_template_string as render_template_string
import os as os
import random as random

app = app_class(__name__)

class CharacterProcessor:
    def __init__(self):
        self.character_map = {'\\\'': "'", '"': '"', '`': '`'}
    
    def convert_character(self, data_stream):
        if not isinstance(data_stream, str):
            return data_stream
        else:
            return ''.join([char for char in data_stream if char not in self.character_map.values()])
    
    def execute_cleanup(self, input_sequence):
        return self.convert_character(input_sequence)

def generate_template_wrapper(content_data):
    return<html<body<h1>Query Results</h1<p>Parsed content: " + str(content_data) + "</p<p<a href='/'>Go back to home</a></p></body></html>"

app.add_route('/', lambda: render_template('index.html'))
app.add_route('/audit', lambda: render_template_string(generate_template_wrapper(processor_instance.execute_cleanup(request.args.get('query', 'default content'))))

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=80, debug=True)

尝试http://10.1.219.31/audit?query={{7*7}}, 返回了49，SSTI，fenjing一把梭

[ai1]

在一堆dog的图片里找cat，有6张

26c39cf8-55fb-4899-82bc-442cf4627d95.jpg+6e17fffa-b696-4769-9b43-e0f453f8098d.jpg+7a19da17-9f4a-411b-bac7-83d2454d868a.jpg+897a3a87-dfcf-4233-8097-6bba2e6507ba.jpg+c6b1099a-d626-4cbd-94fc-32aa46ffb02b.jpg+d5117480-7943-48f8-9e79-67fdd51092d2.jpg

做一下md5

[数据安全1]

import csv
from datetime import datetime

def validate_id_number(id_num):
    if len(id_num) != 18:
        return False
    if not id_num[:-1].isdigit():
        return False
    if not (id_num[-1].isdigit() or id_num[-1] == 'X'):
        return False
    weights = [7, 9, 10, 5, 8, 4, 2, 1, 6, 3, 7, 9, 10, 5, 8, 4, 2]
    digits = id_num[:17]
    s = 0
    for i in range(17):
        s += int(digits[i]) * weights[i]
    remainder = s % 11
    check_chars = {0: '1', 1: '0', 2: 'X', 3: '9', 4: '8', 5: '7', 6: '6', 7: '5', 8: '4', 9: '3', 10: '2'}
    expected_char = check_chars[remainder]
    if id_num[-1].upper() != expected_char:
        return False
    return True

def validate_gender(id_num, gender):
    if len(id_num) != 18:
        return False
    try:
        gender_code = int(id_num[16])
        if gender_code % 2 == 1:  # odd, male
            if gender != '男':
                return False
        else:  # even, female
            if gender != '女':
                return False
    except ValueError:
        return False
    return True

def validate_birth_date(id_num, birth_date):
    if len(id_num) != 18:
        return False
    id_birth_str = id_num[6:14]
    y = id_birth_str[0:4]
    m = id_birth_str[4:6]
    d = id_birth_str[6:8]
    id_birth_clean = f"{y}-{m}-{d}"
    if birth_date != id_birth_clean:
        return False
    return True

def validate_phone(phone):
    if len(phone) != 11:
        return False
    if not phone.isdigit():
        return False
    if phone[0] != '1':
        return False
    return True

def validate_time_logic(birth_date_str, register_time_str, last_login_time_str):
    try:
        birth_date = datetime.strptime(birth_date_str, '%Y-%m-%d').date()
        register_time = datetime.strptime(register_time_str, '%Y-%m-%d %H:%M:%S')
        last_login_time = datetime.strptime(last_login_time_str, '%Y-%m-%d %H:%M:%S')
    except ValueError:
        return False
    if birth_date > register_time.date():
        return False
    if register_time > last_login_time:
        return False
    return True

def validate_name(name):
    if len(name)< 2 or len(name) > 4:
        return False
    for char in name:
        if not ('\u4e00' <= char <= '\u9fa5'):
            return False
    return True

input_file = 'data.csv'
output_file = 'clean_data.csv'

with open(input_file, 'r', newline='') as infile, open(output_file, 'w', newline='') as outfile:
    reader = csv.DictReader(infile)
    fieldnames = reader.fieldnames
    writer = csv.DictWriter(outfile, fieldnames=fieldnames)
    writer.writeheader()
    for row in reader:
        if (validate_id_number(row['身份证号']) and
            validate_gender(row['身份证号'], row['性别']) and
            validate_birth_date(row['身份证号'], row['出生日期']) and
            validate_phone(row['手机号']) and
            validate_time_logic(row['出生日期'], row['注册时间'], row['最后登录时间']) and
            validate_name(row['姓名'])):
            writer.writerow(row)

[数据安全2]

import pandas as pd
from datetime import datetime, timedelta

# 定义商品类型价格范围
price_ranges = {
    '电子产品': (100, 5000),
    '服装鞋包': (50, 1000),
    '家居用品': (30, 2000),
    '美妆护肤': (20, 800),
    '食品饮料': (5, 300),
    '图书文具': (5, 200),
    '运动户外': (50, 3000)
}

# 定义银行卡Luhn算法验证函数
def luhn_checksum(card):
    def digits_of(n):
        return [int(d) for d in str(n)]
    digits = digits_of(card)
    if len(digits) % 2 == 0:
        odd_digits = digits[-1::-2]
        even_digits = digits[-2::-2]
    else:
        odd_digits = digits[-2::-2]
        even_digits = digits[-1::-2]
    checksum = 0
    checksum += sum(odd_digits)
    for d in even_digits:
        d *= 2
        if d > 9:
            d -= 9
        checksum += d
    return checksum % 10 == 0

# 读取CSV文件
df = pd.read_csv('data.csv')

# 1. 金额异常检测
amount_anomalies = []
for _, row in df.iterrows():
    product_type = row['商品类型']
    amount = row['订单金额']
    min_price, max_price = price_ranges.get(product_type, (0, 0))
    if amount< min_price or amount > max_price:
        user_id = row['用户ID']
        user_anomaly = next((a for a in amount_anomalies if a['用户ID'] == user_id), None)
        if user_anomaly:
            # 已经存在，不重复添加
            pass
        else:
            amount_anomalies.append({'用户ID': user_id, '异常类型': '金额异常'})

# 2. 银行卡异常检测
card_anomalies = []

# 2.1 格式验证
for _, row in df.iterrows():
    card = str(row['银行卡号']).strip()
    if len(card)< 16 or len(card) > 19 or not card.isdigit():
        user_id = row['用户ID']
        user_anomaly = next((a for a in card_anomalies if a['用户ID'] == user_id and a['异常类型'] == '银行卡异常'), None)
        if not user_anomaly:
            card_anomalies.append({'用户ID': user_id, '异常类型': '银行卡异常'})

# 2.2 Luhn算法验证
for _, row in df.iterrows():
    card = str(row['银行卡号']).strip()
    if not luhn_checksum(card):
        user_id = row['用户ID']
        user_anomaly = next((a for a in card_anomalies if a['用户ID'] == user_id and a['异常类型'] == '银行卡异常'), None)
        if not user_anomaly:
            card_anomalies.append({'用户ID': user_id, '异常类型': '银行卡异常'})

# 3. 频率异常检测
# 将下单时间转换为datetime对象
df['下单时间'] = pd.to_datetime(df['下单时间'])
df['小时'] = df['下单时间'].dt.floor('H')

# 按用户ID和小时分组，统计订单数
frequency_counts = df.groupby(['用户ID', '小时']).size().reset_index(name='订单数')

# 找出在任意1小时内订单数超过10的用户
frequency_anomalies = []
for _, row in frequency_counts.iterrows():
    if row['订单数'] > 10:
        user_id = row['用户ID']
        user_anomaly = next((a for a in frequency_anomalies if a['用户ID'] == user_id), None)
        if not user_anomaly:
            frequency_anomalies.append({'用户ID': user_id, '异常类型': '频率异常'})

# 合并所有异常
all_anomalies = amount_anomalies + card_anomalies + frequency_anomalies

# 去重：同一用户同一异常类型只保留一条记录
unique_anomalies = []
for anomaly in all_anomalies:
    key = (anomaly['用户ID'], anomaly['异常类型'])
    if key not in [tuple(u.items()) for u in unique_anomalies]:
        unique_anomalies.append(anomaly)

# 转换为DataFrame并保存为CSV
anomaly_df = pd.DataFrame(unique_anomalies)
anomaly_df.to_csv('output.csv', index=False)

print("异常检测完成，结果保存在output.csv中")