两个完全相同的.py,分别是 2 和 3:
# py2
import base64
c = base64.b64decode('U/osUbnY8nSrWz4WPwKSwWPzKq9tOIQ9eCWnN5E+')
plain = '{"name":"guest","admin":false}'
res = ''
for i in range(len(c)):
res += chr(ord(c[i]) ^ ord(plain[i]))
need = '{"name":"guest","admin":true}'
payload = ''
for i in range(len(need)):
print ord(need[i]) ^ ord(res[i])
payload += chr(ord(need[i]) ^ ord(res[i]))
print payload, len(payload)
payload = base64.b64encode(payload)
print payload
# py3
import base64
c = base64.b64decode('U/osUbnY8nSrWz4WPwKSwWPzKq9tOIQ9eCWnN5E+')
plain = '{"name":"guest","admin":false}'
res = ""
for i in range(len(c)):
res += chr(c[i] ^ ord(plain[i]))
need = '{"name":"guest","admin":true}'
payload = ""
for i in range(len(need)):
print(ord(need[i]) ^ ord(res[i]))
payload += chr(ord(need[i]) ^ ord(res[i]))
print(payload, len(payload))
payload = base64.b64encode(payload.encode("utf-8"))
print(payload)
输出结果,逐字节打印 ascii 码,payload 变量是完全相同的,但编码结果不同
# py2
83
250
44
81
185
216
242
116
171
91
62
22
63
2
146
193
99
243
42
175
109
56
132
61
106
54
190
33
137
S?Q 关玔 c?痬
U/osUbnY8nSrWz4WPwKSwWPzKq9tOIQ9aja+IYk=
# py3
83
250
44
81
185
216
242
116
171
91
62
22
63
2
146
193
99
243
42
175
109
56
132
61
106
54
190
33
137
Sú,Q¹Øòt«[>■?☻=j6¾!
b'U8O6LFHCucOYw7J0wqtbPhY/AsKSw4Fjw7Mqwq9tOMKEPWo2wr4hwok='
将两个 base64 字串放到 Python3 中解码:
>>> b64decode("U/osUbnY8nSrWz4WPwKSwWPzKq9tOIQ9aja+IYk=")
b'S\xfa,Q\xb9\xd8\xf2t\xab[>\x16?\x02\x92\xc1c\xf3*\xafm8\x84=j6\xbe!\x89'
>>> b64decode("U8O6LFHCucOYw7J0wqtbPhY/AsKSw4Fjw7Mqwq9tOMKEPWo2wr4hwok=")
b'S\xc3\xba,Q\xc2\xb9\xc3\x98\xc3\xb2t\xc2\xab[>\x16?\x02\xc2\x92\xc3\x81c\xc3\xb3*\xc2\xafm8\xc2\x84=j6\xc2\xbe!\xc2\x89'
对于这种情况应该如何避免
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.