攻防世界 ——crypto
生活随笔
收集整理的這篇文章主要介紹了
攻防世界 ——crypto
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
目錄
新手區部分題解:
1,easy_RSA
2,Normal_RSA
3,?冪數加密
4,easy_ECC
高手進階區部分題題解
5, ENC
6,告訴你個秘密
7,Easy-one
8,說我作弊需要證據
9.x_xor_md5
10,easy_crypto
11,cr2-many-time-secrets
12,oldDevier
13,wtc_rsa_bbq
14,cr4-poor-rsa
15,flag_in_your_hand1
16,cr3-what-is-this-encryption
17,safer_than_rot13
18,flag_in_your_hand
19,Decode_The_File
新手區部分題解:
1,easy_RSA
摘別人的圖
或者用 腳本? python2:(裝了 gmpy2庫的可以用)
import gmpy2 p = 473398607161 q = 4511491 e = 17 s = (p-1)*(q-1)d = gmpy2.invert(e,s)print d2,Normal_RSA
解壓出來兩個文件:flag.enc? 和 pubkey.pem?
pem文件:以前是利用公鑰加密進行郵件安全的一個協議,而現在PEM這個協議僅僅在使用的就是.pem這種文件 格式,這種文件里面保存了keys和X.509證書,看到了嗎數字證書和key都能保存。 而現在一般表示用Base64 encoded DER編碼的證書, 這種證書的內容打開能夠看到在”—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–”之間 enc文件:該.enc文件擴展用于通過在UUenconded格式文件,它們是加密的文件。 這也意味著這些ENC文件包含受保護的數據和保存在該格式中,所以未經授權的收視數據和復制可以被防止本題考查? 兩個工具的使用? openssl (linux自帶) 和 rsatool
這兩個工具我是在 windows 下 安裝使用的,當然可以在 linux中使用,個人喜好
分享:openssl:?https://pan.baidu.com/s/1wP73GPJZo-HITH50UA61YQ 提取碼: v2ti
? ? ? ? ??rsatools : https://pan.baidu.com/s/16Hl_p1zv_ajZadkW5GFnzQ 提取碼: 8qqr
其中 openssl 是exe文件 直接執行安裝,默認安裝到:C:\Program Files\OpenSSL-Win64
然后把??C:\Program Files\OpenSSL-Win64\bin? 添加到 環境變量中
我的電腦 右鍵 》 屬性?》高級系統設置 》環境變量 》系統變量? 中? 雙擊? path? 》 新建? 》把復制的路徑添加進去 確定
?
一個是加密過的的flag.enc,另一個是公鑰pubkey.pem。我們需要用四個步驟拿到flag
把?flag.enc? 和 pubkey.pem? 復制到 rsatools 文件夾中, 打開cmd
1,提取?pubkey.pem 中的 參數:
openssl rsa -pubin -text -modulus -in warmup -in pubkey.pem對得到的Modulus(16)進制的轉化為十進制:
87924348264132406875276140514499937145050893665602592992418171647042491658461然后把 這個數分解 為兩個 互質數? 就是 q和 p
這里需要用到 yafu 中的 factor (kali自帶),我偏向于在windows中 玩
分享 源碼,python腳本? linux也可以用,
?https://pan.baidu.com/s/1TQqM8naEyVKhh101kz_igQ 提取碼: rcb9?
275127860351348928173285174381581152299 319576316814478949870590164193048041239知道兩個素數,隨機定義大素數e,求出密鑰文件 private.pem? ? ? ? ? ? ? ? ? ? (python2)
python rsatool.py -o private.pem -e 65537 -p 275127860351348928173285174381581152299 -q 319576316814478949870590164193048041239最后解密:
openssl rsautl -decrypt -in flag.enc -inkey private.pem?
openssl是一個功能強大的工具,https://www.cnblogs.com/yangxiaolan/p/6256838.html
3,?冪數加密
提示是 冪函數解密:
冪函數加密的密文 只有 01234? 不可能有 8,所以表層不是 冪函數加密,
是 云影密碼 :
4,easy_ECC
直接上腳本:
import collections import randomEllipticCurve = collections.namedtuple('EllipticCurve', 'name p a b g n h')curve = EllipticCurve('secp256k1',# Field characteristic.p=int(input('p=')),# Curve coefficients.a=int(input('a=')),b=int(input('b=')),# Base point.g=(int(input('Gx=')),int(input('Gy='))),# Subgroup order.n=int(input('k=')),# Subgroup cofactor.h=1, )# Modular arithmetic ##########################################################def inverse_mod(k, p):"""Returns the inverse of k modulo p.This function returns the only integer x such that (x * k) % p == 1.k must be non-zero and p must be a prime."""if k == 0:raise ZeroDivisionError('division by zero')if k < 0:# k ** -1 = p - (-k) ** -1 (mod p)return p - inverse_mod(-k, p)# Extended Euclidean algorithm.s, old_s = 0, 1t, old_t = 1, 0r, old_r = p, kwhile r != 0:quotient = old_r // rold_r, r = r, old_r - quotient * rold_s, s = s, old_s - quotient * sold_t, t = t, old_t - quotient * tgcd, x, y = old_r, old_s, old_tassert gcd == 1assert (k * x) % p == 1return x % p# Functions that work on curve points #########################################def is_on_curve(point):"""Returns True if the given point lies on the elliptic curve."""if point is None:# None represents the point at infinity.return Truex, y = pointreturn (y * y - x * x * x - curve.a * x - curve.b) % curve.p == 0def point_neg(point):"""Returns -point."""assert is_on_curve(point)if point is None:# -0 = 0return Nonex, y = pointresult = (x, -y % curve.p)assert is_on_curve(result)return resultdef point_add(point1, point2):"""Returns the result of point1 + point2 according to the group law."""assert is_on_curve(point1)assert is_on_curve(point2)if point1 is None:# 0 + point2 = point2return point2if point2 is None:# point1 + 0 = point1return point1x1, y1 = point1x2, y2 = point2if x1 == x2 and y1 != y2:# point1 + (-point1) = 0return Noneif x1 == x2:# This is the case point1 == point2.m = (3 * x1 * x1 + curve.a) * inverse_mod(2 * y1, curve.p)else:# This is the case point1 != point2.m = (y1 - y2) * inverse_mod(x1 - x2, curve.p)x3 = m * m - x1 - x2y3 = y1 + m * (x3 - x1)result = (x3 % curve.p,-y3 % curve.p)assert is_on_curve(result)return resultdef scalar_mult(k, point):"""Returns k * point computed using the double and point_add algorithm."""assert is_on_curve(point)if k < 0:# k * point = -k * (-point)return scalar_mult(-k, point_neg(point))result = Noneaddend = pointwhile k:if k & 1:# Add.result = point_add(result, addend)# Double.addend = point_add(addend, addend)k >>= 1assert is_on_curve(result)return result# Keypair generation and ECDHE ################################################def make_keypair():"""Generates a random private-public key pair."""private_key = curve.npublic_key = scalar_mult(private_key, curve.g)return private_key, public_keyprivate_key, public_key = make_keypair() print("private key:", hex(private_key)) print("public key: (0x{:x}, 0x{:x})".format(*public_key))?
cyberpeace{19477226185390}
高手進階區部分題題解
5, ENC
是一個沒有后綴的文件,用winhex打開,發現 只有兩種 字符串? ZERO 和 ONE
復制下來保存為 123.txt,然后用腳本將ZERO 替換為 0? ONE替換為 1:
f = open("123.txt","r") chars = f.read() char = chars.split(" ") string = "" for c in char:if(c == "ZERO"):string += "0"elif(c == "ONE"):string +="1" print(string) f.close() 0100110001101001001100000110011101001100011010010011000001110101010011000110100101000001011101010100100101000011001100000111010101001100011010010011000001100111010011000101001100110100011101000100110001101001010000010111010001001001010000110011010001110101010011000101001100110100011001110100110001010011010000010111010101001100011010010011010001110101010010010100001100110100011101000100110001010011001100000111010001001001010000110011010001110101010011000110100100110100011101010100100101000011001100000111010001001100010100110100000101110101010011000101001100110000011101000100110001010011010000010111010101001100011010010011010001100111010011000101001100110000011101000100100101000011001101000111010101001100011010010011010001110101010010010100001100110100011101010100110001010011010000010111010101001100010100110011000001110101010010010100001100110100011101010100110001101001001100000111010001001001010000110011010001110100010011000110100101000001011101000100110001010011001100000110011101001100011010010011010001110101010011000110100100110100011001110100110001101001010000010111010001001100011010010011000001110101010010010100001100110100011101000100110001101001010000010111010101001100011010010011010001110100010011000101001101000001011101000100100101000011001100000111010001001100010100110100000101110100010010010100001100110000011101010100110001101001001100000110011101001100010100010011110100111101然后轉為 16進制 ,再轉為 asci,base64? 摩斯密碼
最后得到這個玩意,怎么提交都不對,TM的什么幾把玩意,
ALEXCTFTH15O1SO5UP3RO5ECR3TOTXT?
最后看了別人的writeup 說需要整理格式:
ALEXCTF{TH15_1S_5UP3R_5ECR3T_TXT}
6,告訴你個秘密
打開是兩段十六進制,轉為ascii? 》 base64 》? 鍵盤密碼(我自己命名的,幾個字符包圍的字符)
flag: TONGYUAN
7,Easy-one
這個題我不會,附上一個大神的鏈接:
https://blog.csdn.net/zz_Caleb/article/details/89575430
8,說我作弊需要證據
?
追蹤流:
是base64 ,找幾條解密一下:
解碼得到序列號,數據和 簽名(簽名用來校驗信息)
猜測應該是解密數據部分,便可以得到flag。
現在思路就清晰了,
題目中給了兩個公鑰,一個公鑰對應 加密的數據,另一個是用來 加密校驗碼的保證數據的準確性
序列號,肯定是 解密出字符 的位置
首先 求解 兩個公鑰 對應的 私鑰: (其中的 n = q * p ,n分解為 p 和q 需要用到 yafu(kali自帶) 里面的 factor命令,linux和win都有yafu這個工具,命令? linux:? factor(n);win: yafu.exe factor(n))
from Crypto.PublicKey import RSA import gmpy n = long(3104649130901425335933838103517383) e = long(65537) p = 49662237675630289 q = 62515288803124247 d = long(gmpy.invert(e, (p-1)*(q-1))) rsa = RSA.construct( (n, e, d) )然后就可以拿私鑰解密數據了:
給出完整的腳本: 其中的? zero_one是 保存的 tcp流數據
from Crypto.PublicKey import RSA import gmpy2 import base64 #Alice's A_n = 1696206139052948924304948333474767 A_p = 38456719616722997 A_q = 44106885765559411 #Bob's B_n = 3104649130901425335933838103517383 B_p = 49662237675630289 B_q = 62515288803124247A_phi = (A_p - 1) * (A_q - 1) B_phi = (B_p - 1) * (B_q - 1)e = 65537A_d = int(gmpy2.invert(e, A_phi)) B_d = int(gmpy2.invert(e, B_phi))A_rsa = RSA.construct( (A_n, e, A_d) ) B_rsa = RSA.construct( (B_n, e, B_d) )flag = {} with open('zero_one') as f:for s in f.readlines():line = str(base64.b64decode(s), encoding = 'utf8')seq = int(line.split(';')[0].split(' ')[2])data = int(line.split('0x')[1].split('L;')[0], 16)sig = int(line.split('0x')[2].rstrip('L;\n'), 16)decry = B_rsa.decrypt(data)signcheck = A_rsa.sign(decry, '')[0]if signcheck == sig:flag[seq] = chr(decry) dic = sorted(flag.items(), key = lambda item:item[0]) #對字典按鍵值進行排序,返回值為列表 print(dic) f = '' for i in dic:f += i[1] print(f)拿到flag:flag{n0th1ng_t0_533_h3r3_m0v3_0n}
9.x_xor_md5
下載下來是一個無后綴名的文件,用hex打開看到十六進制的內容中有幾行是重復的,加上題目是 異或 xor
懷疑 重復的內容就是 xor key
用 xor key 去和每一行的數據進行 異或運算,
['01', '78', '0C', '4C', '10', '9E', '32', '37', '12', '0C', 'FB', 'BA', 'CB', '8F', '6A', '53']然后得到:
['68', '4d', '4d', '4d', '0c', '00', '47', '4f', '4f', '44', '00', '4a', '4f', '42', '0c', '2a', '54', '48', '45', '00', '46', '4c', '41', '47', '00', '49', '53', '00', '4e', '4f', '54', '00', '72', '63', '74', '66', '5b', '77', '45', '11', '4c', '7f', '44', '10', '4e', '13', '7f', '3c', '55', '54', '7f', '57', '48', '14', '54', '7f', '49', '15', '7f', '0a', '4b', '45', '59', '20', '5d', '2a', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '00', '72', '6f', '69', '73']再將其 轉為字符:得到有ctf字樣的亂碼,說明思路沒有出錯,還需要進一步操作
審查得到的 16 進制列表數據,發現 不應該出現0x00,0x00是絕對意義上的空,而空格 是 0x20
所以猜測應該是 所有數據還要和 0x20 進行 異或運算
得到,
['48', '6d', '6d', '6d', '2c', '20', '67', '6f', '6f', '64', '20', '6a', '6f', '62', '2c', 'a', '74', '68', '65', '20', '66', '6c', '61', '67', '20', '69', '73', '20', '6e', '6f', '74', '20', '52', '43', '54', '46', '7b', '57', '65', '31', '6c', '5f', '64', '30', '6e', '33', '5f', '1c', '75', '74', '5f', '77', '68', '34', '74', '5f', '69', '35', '5f', '2a', '6b', '65', '79', '0', '7d', 'a', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '52', '4f', '49', '53']轉為字符:提交不對,看到 { }中間 u前面有一個空格,并且*key應該是 *key*
在 16 進制列表中先找到 key 前面的 字符 的16進制為 2a ,確定key后面的字符也應該是 2a
而,0x00與0x2a異或后 就是 0x2a ,所以找到 字符u 前面的字符 1c 與 2a進行 異或運算得到? 36
所以最后的結果 就是將? 1c 改為 36 ,將00 改為 2a
改完之后得到:
['48', '6d', '6d', '6d', '2c', '20', '67', '6f', '6f', '64', '20', '6a', '6f', '62', '2c', '0a', '74', '68', '65', '20', '66', '6c', '61', '67', '20', '69', '73', '20', '6e', '6f', '74', '20', '52', '43', '54', '46', '7b', '57', '65', '31', '6c', '5f', '64', '30', '6e', '33', '5f', '36', '75', '74', '5f', '77', '68', '34', '74', '5f', '69', '35', '5f', '2a', '6b', '65', '79', '2a', '7d', '0a', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '52', '4f', '49', '53']轉為字符串:
提交還是不對,
題目提示還有 md5
而且字符串最后一行是一串不能打印的字符,懷疑最后一行的16進制 與md5有關,
將 最后一行的 16 進制復制下來 與 0x20 進行異或 再進行md5解碼 得到 that
m = ['01','78','0C','4C','10','9E','32','37','12','0C','FB','BA','CB','8F','6A','53'] zz = [] for i in range(0,len(m)):x = int(m[i],16)zz.append(hex(x^32)[2:]) for i in zz:print(i,end="") 21582c6c30be1217322cdb9aebaf4a73最后得到 flag:
RCTF{We1l_d0n3_6ut_wh4t_i5_that}處理腳本:
file1 = "693541011C9E75785D48FBF084CD66795530494C56D273701245A8BA85C03E53731B782A4BE977265E73BFAA859C156F542C731B588A66485B1984B080CA33735C520C4C109E3237120CFBBACB8F6A5301780C4C109E3237120CFBBACB8F6A5301780C4C109E3237120CFBBACB8F6A5301780C4C109E3237120C89D5A2FC"file = [] #先將文件的16進制字符串兩個字符一組制成列表 for i in range(0,len(file1),2):file.append(file1[i:i+2]) xor1 = "01780C4C109E3237120CFBBACB8F6A53" xor = [] #將 異或的對象制成一個列表 for i in range(0,len(xor1),2):xor.append(xor1[i:i+2]) result = [] string = "" print(xor) for i in range(0,len(file)):s = int("0x" + file[i],16) ^ int("0x" + xor[i%16],16) ^ int("0x20",16)string += chr(s)result.append(hex(s)[2:]) print(result) print(string)修改數據后的處理腳本:
n = ['48', '6d', '6d', '6d', '2c', '20', '67', '6f', '6f', '64', '20', '6a', '6f', '62', '2c', '0a','74', '68', '65', '20', '66', '6c', '61', '67', '20', '69', '73', '20', '6e', '6f', '74', '20','52', '43', '54', '46', '7b', '57', '65', '31', '6c', '5f', '64', '30', '6e', '33', '5f', '36','75', '74', '5f', '77', '68', '34', '74', '5f', '69', '35', '5f', '2a', '6b', '65', '79', '2a','7d', '0a', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20','20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20','20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '20','20', '20', '20', '20', '20', '20', '20', '20', '20', '20', '52', '4f', '49', '53'] for i in n :print(chr(int(i,16)),end="")10,easy_crypto
給了一個密文 enc.txt 和? ?一個加密的腳本
根據加密腳本,寫出解密腳本
get buf unsign s[256]get buf t[256]we have key:hello worldwe have flag:????????????????????????????????for i:0 to 256set s[i]:ifor i:0 to 256set t[i]:key[(i)mod(key.lenth)]for i:0 to 256set j:(j+s[i]+t[i])mod(256)swap:s[i],s[j]for m:0 to 37set i:(i + 1)mod(256)set j:(j + S[i])mod(256)swap:s[i],s[j]set x:(s[i] + (s[j]mod(256))mod(256))set flag[m]:flag[m]^s[x]fprint flagx to file解密腳本
# -*- coding: utf-8 -*- f = open('C:/Users/HP/Desktop/enc.txt','r',encoding='ISO-8859-1') c = f.read() t = [] key = 'hello world' ch = '' j = 0 #初始化 s = list(range(256)) #創建有序列表 for i in range(256):j = (j + s[i] + ord(key[i % len(key)])) % 256s[i],s[j] = s[j],s[i] i = 0 #初始化 j = 0 #初始化 for r in c:i = (i + 1) % 256j = (j + s[i]) % 256s[i], s[j] = s[j], s[i]x = (s[i] + (s[j] % 256)) % 256ch += chr(ord(r) ^ s[x]) print(ch)得到:
EIS{55a0a84f86a6ad40006f014619577ad3}
?
11,cr2-many-time-secrets
沒思路,是多字節xor運算,
附上一篇 大牛的博客:https://pequalsnp-team.github.io/writeups/CR2
? import binasciidef dec(msg, key):'''Simple char-by-char XOR with a key (Vigenere, Vernam, OTP)'''m = ""for i in range(0, len(key)):m += chr(msg[i] ^ ord(key[i]))return m######################################lines = []with open("msg", "r") as f:# Read lines from file and decode Hexls = f.readlines()for l in ls:lines.append(binascii.unhexlify(l[:-1]))# Step 1: Decode each line with the known key k = "ALEXCTF{" mes = [] for l in lines:m = dec(l, k)mes.append(m) print(mes)# Step 2: Guess some part of the first message 'Dear Fri' k = "Dear Friend, " m = dec(lines[0], k) print(m)# Step 3: Decode each line with the new known key k = "ALEXCTF{HERE_" mes = [] for l in lines:m = dec(l, k)mes.append(m) print(mes)# Step 4: Guess some part of the last message 'ncryption sc' k = 'ncryption scheme ' m = dec(lines[-1], k) print(m)# Step 5: Decode each line with the new known key k = "ALEXCTF{HERE_GOES_" mes = [] for l in lines:m = dec(l, k)mes.append(m) print(mes)# Step 6: Guess all the second message 'sed One time pad e' # the third message is 'n scheme, I heard ' # so we can retrive the complete key k = 'sed One time pad encryptio' m = dec(lines[2], k) print(m)''' ['Dear Fri', 'nderstoo', 'sed One ', 'n scheme', 'is the o', 'hod that', ' proven ', 'ever if ', 'cure, Le', 'gree wit', 'ncryptio'] ALEXCTF{HERE_ ['Dear Friend, ', 'nderstood my ', 'sed One time ', 'n scheme, I h', 'is the only e', 'hod that is m', ' proven to be', 'ever if the k', 'cure, Let Me ', 'gree with me ', 'ncryption sch'] ALEXCTF{HERE_GOES ['Dear Friend, This ', 'nderstood my mista', 'sed One time pad e', 'n scheme, I heard ', 'is the only encryp', 'hod that is mathem', ' proven to be not ', 'ever if the key is', 'cure, Let Me know ', 'gree with me to us', 'ncryption scheme a'] ALEXCTF{HERE_GOES_THE_KEY} '''??
12,oldDevier
以前遇到過這種類型的題,是 RSA攻擊方法中的一種,RSA低加密指數廣播攻擊(模數n、密文c不同,加密指數e相同)
至于什么是?RSA低加密指數廣播攻擊,自行百度,
如果想更詳細的的掌握 RSA 的各種攻擊方法,可以看看 這篇博客https://www.zhihu.com/people/ou-yang-shen-pai/posts
?
(python 2 )
#!/usr/bin/python #coding:utf-8import gmpy2 import time from Crypto.Util.number import long_to_bytesfile = [{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10, "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803}, {"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10, "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193}, {"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10, "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623}, {"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10, "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723}, {"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10, "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493}, {"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10, "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949}, {"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10, "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043}, {"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10, "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047}, {"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10, "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553}, {"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10, "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]# 讀入 e, n, c c = [] n = [] for f in file:c.append(f["c"])n.append(f["n"]) e = 10def CRT(items):N = reduce(lambda x, y: x * y, (i[1] for i in items))result = 0for a, n in items:m = N / nd, r, s = gmpy2.gcdext(n, m)if d != 1: raise Exception("Input not pairwise co-prime")result += a * s * mreturn result % N, Ndata = zip(c, n) x, n = CRT(data) m = gmpy2.iroot(gmpy2.mpz(x), e)[0].digits() print long_to_bytes(m)?
13,wtc_rsa_bbq
給了個密文和公鑰,直接用 RsaCtfTool 直接爆破就行
kali沒有,需要自行去 github下載使用(需要先安裝依賴包)
命令:
python RsaCtfTool.py --publickey key.pem --uncipherfile cipher.bin得到:flag{how_d0_you_7urn_this_0n?}
14,cr4-poor-rsa
給了個無后綴的文件,先用winhex查看一下,發現是一個壓縮包,后綴改為 zip解壓
得到兩個文件 flag.b64(密文) 和 key.pub(公鑰)?
先處理flag.b64(將flag.b64中的內容進行解 base64操作)
使用 notepad++ 打開 flag.b64文件使用 插件中的 MIME Tools 中的 base64 decode 將文件內容解密,然后另保存為 flag.enc 文件(這里不能直接復制粘貼保存,會丟失數據)
然后使用 RsaCtfTool 工具進行破解:
python RsaCtfTool.py --publickey key.pem --uncipherfile cipher.bin?得到flag:ALEXCTF{SMALL_PRIMES_ARE_BAD}
15,flag_in_your_hand1
給了兩個 文件 index.html 和 一個js文件 ,考察js代碼審計能力
首先借助瀏覽器來運行js 程序。用瀏覽器打開index.html,分析 js 代碼: 首先無論在 token 輸入框中輸入什么字符串,getFlag()?都會算出一個 hash 值,
實際上是showFlag()函數中 ic 的值決定了 hash 值即 flag 是否正確。
那么在script-min.js中找到 ic 取值的函數 ck() ,找到一個 token 使得 ck()中ic =true即可。
token 是[118, 104, 102, 120, 117, 108, 119, 124, 48,123,101,120]每個數字減3 得到的ascii 碼所對應的字符,
即security-xbu
可以利用瀏覽器的js 調試功能跟蹤變量,邏輯梳理的會更快一些
在 token 處輸入security-xbu?,點擊Get flag!
出現You got the flag below!!?,
以及flag:?RenIbyd8Fgg5hawvQm7TDQ
?
16,cr3-what-is-this-encryption
給了rsa解密的相關參數,直接用腳本解密就行了
import libnum from Crypto.Util.number import long_to_bytesc = 0x7fe1a4f743675d1987d25d38111fae0f78bbea6852cba5beda47db76d119a3efe24cb04b9449f53becd43b0b46e269826a983f832abb53b7a7e24a43ad15378344ed5c20f51e268186d24c76050c1e73647523bd5f91d9b6ad3e86bbf9126588b1dee21e6997372e36c3e74284734748891829665086e0dc523ed23c386bb520e = int("0x6d1fdab4ce3217b3fc32c9ed480a31d067fd57d93a9ab52b472dc393ab7852fbcb11abbebfd6aaae8032db1316dc22d3f7c3d631e24df13ef23d3b381a1c3e04abcc745d402ee3a031ac2718fae63b240837b4f657f29ca4702da9af22a3a019d68904a969ddb01bcf941df70af042f4fae5cbeb9c2151b324f387e525094c41",16)q = int("0xa6055ec186de51800ddd6fcbf0192384ff42d707a55f57af4fcfb0d1dc7bd97055e8275cd4b78ec63c5d592f567c66393a061324aa2e6a8d8fc2a910cbee1ed9",16) p = int("0xfa0f9463ea0a93b929c099320d31c277e0b0dbc65b189ed76124f5a1218f5d91fd0102a4c8de11f28be5e4d0ae91ab319f4537e97ed74bc663e972a4a9119307",16) n = q*pd = libnum.invmod(e, (p - 1) * (q - 1)) m = pow(c, d, n) # m 的十進制形式 string = long_to_bytes(m) # m明文 print(string) # 結果為 b‘ m ’ 的形式flag:?ALEXCTF{RS4_I5_E55ENT1AL_T0_D0_BY_H4ND}
17,safer_than_rot13
解壓得到 cry100文件,復制文件內容嘗試進行 rot13解密,沒發現什么
在嘗試 詞頻分析,利用在線工具:https://quipqiup.com/
得到flag:no_this_is_not_crypto_my_dear
18,flag_in_your_hand
給了兩個 文件 index.html 和 一個js文件 ,考察js代碼審計能力
首先借助瀏覽器來運行js 程序。用瀏覽器打開index.html,分析 js 代碼: 首先無論在 token 輸入框中輸入什么字符串,getFlag()?都會算出一個 hash 值,
實際上是showFlag()函數中 ic 的值決定了 hash 值即 flag 是否正確。
那么在script-min.js中找到 ic 取值的函數 ck() ,找到一個 token 使得 ck()中ic =true即可。
token 是[118, 104, 102, 120, 117, 108, 119, 124, 48,123,101,120]每個數字減3 得到的ascii 碼所對應的字符,
即security-xbu
可以利用瀏覽器的js 調試功能跟蹤變量,邏輯梳理的會更快一些
在 token 處輸入security-xbu?,點擊Get flag!
出現You got the flag below!!?,
以及flag:?RenIbyd8Fgg5hawvQm7TDQ
19,Decode_The_File
這題跟 攻防世界的 misc中的 base64stego 一樣,都是利用 base64加密的特性進行數據的加密填充
利用base64 加密的特性,將flag進行編碼分割,填充在每一行的最后
(簡要原理,ascii碼是用8位二進制表示一個字符的,而base64是用6位二進制表示一個字符,將明文字符轉化為二進制后再每6位劃分成 一個 “字節”,然后將每個字節轉化為一個字符,就變成了base64密文,而在base64的密文中加密是利用,每一段密文的最后4位二進制是不影響明文的,可以將flag轉化為二進制后拆分隱藏在每一段的最后4位二進制中)
解密:
將文件重命名為 stego.txt
import base64b64chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' with open('stego.txt', 'rb') as f: #stego.txt 為在base64密文中加密后的密文flag = ''bin_str = ''for line in f.readlines():stegb64 = str(line, "utf-8").strip("\n")rowb64 = str(base64.b64encode(base64.b64decode(stegb64)), "utf-8").strip("\n")offset = abs(b64chars.index(stegb64.replace('=', '')[-1]) - b64chars.index(rowb64.replace('=', '')[-1]))equalnum = stegb64.count('=') # no equalnum no offsetif equalnum:bin_str += bin(offset)[2:].zfill(equalnum * 2) for i in range(0, len(bin_str), 8):print(chr(int(bin_str[i:i + 8], 2)),end='')?
刷不下去了,就到這兒吧
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
總結
以上是生活随笔為你收集整理的攻防世界 ——crypto的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: bugku——web 做题记录
- 下一篇: bugku——分析(流量分析)题解