MoeCTF2022 部分Crypto 复现

已于 2022-11-07 16:22:13 修改
阅读量2.8k 收藏 6
点赞数
分类专栏: 密码学 文章标签: python 开发语言
于 2022-11-05 16:40:02 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Luiino/article/details/127702178
版权

Signin

题目:

from Crypto.Util.number import *
from secret import flag
m=bytes_to_long(flag)
p=getPrime(512)
q=getPrime(512)
print('p=',p)
print('q=',q)
n=p*q
e=65537
c=pow(m,e,n)
print('c=',c)
#p= 12408795636519868275579286477747181009018504169827579387457997229774738126230652970860811085539129972962189443268046963335610845404214331426857155412988073
#q= 12190036856294802286447270376342375357864587534233715766210874702670724440751066267168907565322961270655972226761426182258587581206888580394726683112820379
#c= 68960610962019321576894097705679955071402844421318149418040507036722717269530195000135979777852568744281930839319120003106023209276898286482202725287026853925179071583797231099755287410760748104635674307266042492611618076506037004587354018148812584502385622631122387857218023049204722123597067641896169655595

用基础方法解不出来,原因是e与phi_n不互素,又phi_n = (p-1)*(q-1),求gcd(e,(p-1))和gcd(e,(q-1)),发现e与p-1互素。把e*d = 1 mod (p-1)*(q-1)和m = c ^ d mod p*q拆开,利用含p的部分求解即可:

e*d = 1 mod (p-1)

m = c ^ d mod p

代码如下:

from gmpy2 import *
from Crypto.Util.number import *

e = 65537
p = 12408795636519868275579286477747181009018504169827579387457997229774738126230652970860811085539129972962189443268046963335610845404214331426857155412988073
q = 12190036856294802286447270376342375357864587534233715766210874702670724440751066267168907565322961270655972226761426182258587581206888580394726683112820379
c = 68960610962019321576894097705679955071402844421318149418040507036722717269530195000135979777852568744281930839319120003106023209276898286482202725287026853925179071583797231099755287410760748104635674307266042492611618076506037004587354018148812584502385622631122387857218023049204722123597067641896169655595
n = p*q

phi_n = (p-1)*(q-1)
print(gcd(e,q-1))
d = invert(e,(p-1))
m = pow(c,d,p)
print(long_to_bytes(m))

一次就好

题目:

from Crypto.Util.strxor import strxor
from Crypto.Util.number import *
from gmpy2 import powmod,next_prime
from FLAG import flag
import codecs

c = b'Just once,I will accompany you to see the world'
flag = flag.ljust(len(c),'#')
key = strxor(flag.encode(), c)
m = bytes_to_long(key)

p = getPrime(512)
q = next_prime(p)
N = p*q
e = 0x10001

gift = powmod(m, e, N)

print(gift)
print(N)

# gift = 127749242340004016446001520961422059381052911692861305057396462507126566256652316418648339729479729456613704261614569202080544183416817827900318057127539938899577580150210279291202882125162360563285794285643498788533366420857232908632854569967831654923280152015070999912426044356353393293132914925252494215314
# N = 164395171965189899201846744244839588935095288852148507114700855000512464673975991783671493756953831066569435489213778701866548078207835105414442567008315975881952023037557292470005621852113709605286462434049311321175270134326956812936961821511753256992797013020030263567313257339785161436188882721736453384403

ljust的作用是将原字符串左对齐,用空格填充至指定长度。

strxor的作用:搞不太懂,当作异或 

可以知道p、q相近,则|p-q|很小,进而 \frac{(p-q)^2}{4}也很小,即 \frac{(p+q)^2}{4}与 N 相差很小,从而\frac{p+q}{2}\sqrt{N}相差很小

\frac{(p+q)^2}{4} - N = \frac{(p+q)^2}{4} -pq = \frac{(p-q)^2}{4}

这里都是近似等于

因此,我们可以爆破差值delt,即\frac{(p-q)^2}{4},计算delt + N是否为完全平方数,如果为完全平方数,那么delt + N = \frac{(p+q)^2}{4}

\sqrt{delt} = \frac{p-q}{2} \\ \sqrt{delt + N } = \frac{p+q}{2}

from gmpy2 import *
from Crypto.Util.number import *
from Crypto.Util.strxor import strxor

e = 0x10001
gift = 127749242340004016446001520961422059381052911692861305057396462507126566256652316418648339729479729456613704261614569202080544183416817827900318057127539938899577580150210279291202882125162360563285794285643498788533366420857232908632854569967831654923280152015070999912426044356353393293132914925252494215314
N = 164395171965189899201846744244839588935095288852148507114700855000512464673975991783671493756953831066569435489213778701866548078207835105414442567008315975881952023037557292470005621852113709605286462434049311321175270134326956812936961821511753256992797013020030263567313257339785161436188882721736453384403
c = b'Just once,I will accompany you to see the world'

delt = 0
while True:
    if iroot(N+delt**2, 2)[1] == True:
        x = iroot(N+delt**2, 2)[0]
        p = delt + x
        break
    delt += 1
q = N//p
d = invert(e,(p-1)*(q-1))
m = powmod(gift, d, N)
key = long_to_bytes(m)
flag = strxor(key, c)
print(flag)

参考记录官方wp  

EZ_CBC

题目:

from Crypto.Util.number import *
import random
from secret import flag

IV = bytes_to_long(b'cbc!') 
K = random.randrange(1,1<<30)

assert flag[:7] == b'moectf{'
assert flag[-1:] == b'}'

block_length = 4
flag = flag + ((block_length - len(flag) % block_length) % block_length) * b'\x00'
plain_block = [flag[block_length * i: block_length * (i + 1)] for i in range(len(flag) // block_length)]

c = []
c0 = (IV ^ bytes_to_long(plain_block[0])) ^ K
c.append(c0)

for i in range(len(plain_block)-1):
    c.append(c[i] ^ bytes_to_long(plain_block[i+1]) ^ K)

print(c)

'''
[748044282, 2053864743, 734492413, 675117672, 1691099828, 1729574447, 1691102180, 657669994, 1741780405, 842228028, 1909206003, 1797919307]
'''

 分组加密、采用CBC的分组模式,有待学习

{\displaystyle P_{i}=D_{K}(C_{i})\oplus C_{i-1}}

{\displaystyle C_{0}=IV}

解密:

c = [748044282, 2053864743, 734492413, 675117672, 1691099828, 1729574447, 1691102180, 657669994, 1741780405, 842228028, 1909206003, 1797919307]
m = [bytes_to_long(b'moec')]
k = IV ^ m[0] ^ c[0]

for i in range(1,len(c)):
    m.append(k^c[i]^c[i-1])

for i in range(len(m)):
    print(long_to_bytes(m[i]).decode(),end='')

参考记录官方wp 

Smooth

题目:

from Crypto.Util.number import sieve_base,isPrime,getPrime
import random
from secret import flag

def get_vulnerable_prime():
    p=2
    while True:
        for i in range(136):
            smallp=random.choice(sieve_base)
            p*=smallp
        if isPrime(p+1):
            return p+1

P=get_vulnerable_prime()
Q=getPrime(2048)
N=P*Q
e=0x10001

for i in range(1,P-1729):
    flag=flag*i%P

c=pow(flag,e,N)
print("c=",hex(c))
print("N=",hex(N))

'''
c= 0x3cc51d09c48948e2485820f6758fb10c7693c236acc527ad563ba8369c50a0bc3f650f39a871ee7ef127950ed916c5f4dc69894e11caf9d178cd7e8f9bf9af77e1c69384cc5444da64022b45636eeb5b7a221792880dd242be2bb99be3ed02c430c2b77d4912bec1619d664e066680910317c2bb0c87fafdf25f0a2400103278f557b8eca51d3b67d61098f1ab68da072bb2810596180afbc81a840cd24efef4d4113235160e725a5af4824dc716d758b3bc792f2458e979398e001b27e44d21682e2ef80ae94e21cd09a12e522ca2e569df72f012fa40341645445c6e68c6233a8a39e5b91eb14b1ccfa61c9bad25e8e3285a22da27cd506ddd63f207517a4e8ede00b104d8806ff4c0e3162c3de69169d7e584952655272b96d39d242bb83019c7eab1ceb0b4b287591e1e0a5b6378e70340a82d3430c5925d215f31fda6d9d0bccea240591b22a3d0f6b5bf4ddf1243d71aca0fd53045c352c8c5497ebcdbd7ac11083d63aba7c053604fda2430c317a4e04702b5ad539e110f101165b21dcd9fdb5ba7324acdba6a506244ce7c911197dfe067441fe7488d164c050f45ef6476aaf399cedde1793cceb8c21d88ec8ecf5e17df27586713d7dd9566ec5023cfef75422b73e2d5a932c661b3cfdf9c4bda12b64380d2be1aa957c3e1416e068937bafe79b8cf303296792388e9c197702e11e7ded6088ae992d352b23a4a27
N= 0xdc77f076092cbe81c44789ccfc1b2ca55eabae65f44cf34382799e8bbb42d4d6c032bd897c21df1da401929d82deb56264823a757f6cacf63e0037146026cbab32ab9e4abc783dcabaac2b7ccc439937be3ab0fbf149524ff29ef0fe6f27e45215d74b40597c70e8207159dc7f542c2a6828500016480053dfc2d8dbf8fcdf6700640184c8f3318f7aab2e17e116edf680592f5eae951159bb8c20cfbd0cbab8b4b95925b5068038d0377a55a4d346ebbf53a1c2943b7c17e1b9d4a1b77916da2e15140b05b96655906942a07d04b7e25fa7521b3b7ae26eda68375a8b8ef2d5b4704a28168b236de97f24a663f0d0a3aeab47767dfe75a21662f5f25ef7f7d4b25c90fd7bcdd7137c23f03b6ea4209f8fb9b4628355e6ad62e6467d26666d3d1b0e6f078c5f3866413a6fcd3c1dc2ff3a5ab286e339d5c72f4d2f0473a4faddcba6b031bb6ec226fd4b319834b5029f09ea0ffeb5b6ed182d5a13675571b6708c38299118043390343e2f79edebd2ae0e0a765a3aebf776f54ca983cdae8547547cfc8430f7222aefa77301d7cc7c03b1451b6603028b21fea869d35138a9c83919985a91b3fdfa934f25a442cc10349b0ed6f2ee3955d40249e8b3fb9f1955534ee06cee41a3ad2d6ff7dbdb0f01e47b9e4d04f65232f5579135ae035e8ba2d1fe6465a730dcc8b9ba3a558ab38f040ea510757d25e92f886c50c24ad967f1
'''

choice用法:从非空序列中随机选取一个数据并带回,该序列可以是list、tuple、str、set。如果序列为空,则弹出IndexError错误。

from Crypto.Util.number import sieve_base,不清楚。

考察:Pollard‘s p-1 method 和Wilson定理,

Pollard‘s p-1 method ,待学习

Wilson定理:如果p是素数,则(p − 1) ! ≡ −1 (mod  p) 
记录官方wp:

from gmpy2 import powmod,gcd
from Crypto.Util.number import long_to_bytes,inverse

c= 0x3cc51d09c48948e2485820f6758fb10c7693c236acc527ad563ba8369c50a0bc3f650f39a871ee7ef127950ed916c5f4dc69894e11caf9d178cd7e8f9bf9af77e1c69384cc5444da64022b45636eeb5b7a221792880dd242be2bb99be3ed02c430c2b77d4912bec1619d664e066680910317c2bb0c87fafdf25f0a2400103278f557b8eca51d3b67d61098f1ab68da072bb2810596180afbc81a840cd24efef4d4113235160e725a5af4824dc716d758b3bc792f2458e979398e001b27e44d21682e2ef80ae94e21cd09a12e522ca2e569df72f012fa40341645445c6e68c6233a8a39e5b91eb14b1ccfa61c9bad25e8e3285a22da27cd506ddd63f207517a4e8ede00b104d8806ff4c0e3162c3de69169d7e584952655272b96d39d242bb83019c7eab1ceb0b4b287591e1e0a5b6378e70340a82d3430c5925d215f31fda6d9d0bccea240591b22a3d0f6b5bf4ddf1243d71aca0fd53045c352c8c5497ebcdbd7ac11083d63aba7c053604fda2430c317a4e04702b5ad539e110f101165b21dcd9fdb5ba7324acdba6a506244ce7c911197dfe067441fe7488d164c050f45ef6476aaf399cedde1793cceb8c21d88ec8ecf5e17df27586713d7dd9566ec5023cfef75422b73e2d5a932c661b3cfdf9c4bda12b64380d2be1aa957c3e1416e068937bafe79b8cf303296792388e9c197702e11e7ded6088ae992d352b23a4a27
N= 0xdc77f076092cbe81c44789ccfc1b2ca55eabae65f44cf34382799e8bbb42d4d6c032bd897c21df1da401929d82deb56264823a757f6cacf63e0037146026cbab32ab9e4abc783dcabaac2b7ccc439937be3ab0fbf149524ff29ef0fe6f27e45215d74b40597c70e8207159dc7f542c2a6828500016480053dfc2d8dbf8fcdf6700640184c8f3318f7aab2e17e116edf680592f5eae951159bb8c20cfbd0cbab8b4b95925b5068038d0377a55a4d346ebbf53a1c2943b7c17e1b9d4a1b77916da2e15140b05b96655906942a07d04b7e25fa7521b3b7ae26eda68375a8b8ef2d5b4704a28168b236de97f24a663f0d0a3aeab47767dfe75a21662f5f25ef7f7d4b25c90fd7bcdd7137c23f03b6ea4209f8fb9b4628355e6ad62e6467d26666d3d1b0e6f078c5f3866413a6fcd3c1dc2ff3a5ab286e339d5c72f4d2f0473a4faddcba6b031bb6ec226fd4b319834b5029f09ea0ffeb5b6ed182d5a13675571b6708c38299118043390343e2f79edebd2ae0e0a765a3aebf776f54ca983cdae8547547cfc8430f7222aefa77301d7cc7c03b1451b6603028b21fea869d35138a9c83919985a91b3fdfa934f25a442cc10349b0ed6f2ee3955d40249e8b3fb9f1955534ee06cee41a3ad2d6ff7dbdb0f01e47b9e4d04f65232f5579135ae035e8ba2d1fe6465a730dcc8b9ba3a558ab38f040ea510757d25e92f886c50c24ad967f1

def p_1_smooth(N):
    a = 2;n = 2
    while True:
        a = powmod(a, n, N)
        res = gcd(a-1, N)
        if res != 1 and res != N:
            return res
        n += 1

p=p_1_smooth(N)
q=N//p
phi=(p-1)*(q-1)
d=inverse(0x10001,phi)
m=pow(c,d,N)

for i in range(p-1729,p):
    m=m*i%p
m=(-m)%p

print(long_to_bytes(m))

0RSA0

题目:

from Crypto.Util.number import *
from flag import flag

assert flag[0:7] == b'moectf{'
assert flag[-1:] == b'}'
flag = flag[7:-1]
assert len(flag) == 32

m1 = bytes_to_long(flag[0:16])
m2 = bytes_to_long(flag[16:32])

def enc1(m):
    p = getPrime(512)
    q = getPrime(512)
    n = p * q
    e = 3
    c = pow(m,e,n)
    return n,e,c

def enc2(m):
    p = getPrime(512)
    q = getPrime(512)
    e = 65537
    d = inverse(e,(p-1)*(q-1))
    n = p * q 
    dp2 = d % (p-1)
    c = pow(m,e,n)
    return n,e,c,dp2

n1,e1,c1 = enc1(m1)
n2,e2,c2,dp2 = enc2(m2)

print("n1="+ str(n1))
print("e1="+ str(e1))
print("c1="+ str(c1))
print("n2="+ str(n2))
print("e2="+ str(e2))
print("c2="+ str(c2))
print("dp2="+ str(dp2))

'''
n1=133024413746207623787624696996450696028790885302997888417950218110624599333002677651319135333439059708696691802077223829846594660086912881559705074934655646133379015018208216486164888406398123943796359972475427652972055533125099746441089220943904185289464863994194089394637271086436301059396682856176212902707
e1=3
c1=1402983421957507617092580232325850324755110618998641078304840725502785669308938910491971922889485661674385555242824
n2=159054389158529397912052248500898471690131016887756654738868415880711791524038820158051782236121110394481656324333254185994103242391825337525378467922406901521793714621471618374673206963439266173586955520902823718942484039624752828390110673871132116507696336326760564857012559508160068814801483975094383392729
e2=65537
c2=37819867277367678387219893740454448327093874982803387661058084123080177731002392119369718466140559855145584144511271801362374042596420131167791821955469392938900319510220897100118141494412797730438963434604351102878410868789119825127662728307578251855605147607595591813395984880381435422467527232180612935306
dp2=947639117873589776036311153850942192190143164329999603361788468962756751774397111913170053010412835033030478855001898886178148944512883446156861610917865
'''

enc1:低指数解密,直接开方即可 

enc2:dp泄露,利用脚本即可

Luino!
关注
  • 0
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
IIS Crypto 3.2 下载
07-26
IIS Crypto 是一个免费工具,让管理员能够在 Windows Server 2008、2012、2016 和 2019 上启用或禁用协议、密码、哈希和密钥交换算法。一键禁用不安全的 SSL 3、TLS 1.0,开启TLS 1.2、TLS 1.3 非常方便
D3CTF2022-官方WriteUp1
08-03
"D3CTF2022-官方WriteUp1" 本文将对 D3CTF 2022 官方 WriteUp1 进行总结,主要涉及 MySQL UDF 提权、Java 反序列化、MySQLInject、Web 短链技术等多方面的知识点。 1. MySQL UDF 提权 在 MySQL 中,可以使用 User...
rsa入门ctf
jishamo的专栏
12-09 482
总结rsa
NSS [MoeCTF 2022]ezphp
Jay17的博客
07-04 570
NSS [MoeCTF 2022]ezphp
MoeCTF 2022 usb
最新发布
qq_39947980的博客
05-31 393
其实很多时候我们用usb一把梭工具时。直接和usb流量永存脚本 结合一下。包裹的字符是大写的即可。
[MoeCTF 2022]fake_key
liaochonxiang的博客
07-24 198
:Str为全局变量,动调一下得到全部key。rand伪随机数,c语言编辑一下得到。
re [MoeCTF 2022]Art 复现
m0_75098930的博客
04-20 179
最开始我的解法是这样,一直解不出来,我也不知道原因,后来看了dfs深搜,简单的递归一下,才出的,果然是多解。,就是解密我不知道怎么解,那个401550函数,看官方wp上说是为了防止多解。
[MoeCTF 2022]——Web方向 wp
Leaf_initial的博客
08-09 1457
海纳百川,有容乃大;壁立千仞,无欲则刚。” 寓意人要像大海能容纳无数江河水一样的胸襟宽广,以容纳和融合来对他人。(我们坤坤都这么努力了,你们为什么还要黑他!!!?小黑子们真虾头!!???黑我家哥哥是吧打开环境后源码如下看见有include函数了,可以想到是文件包含但是这里并不能直接传入file的值等于index.php或者flag.php,所以要利用php伪协议构造payload来读取index.php的内容访问后得到base64编码后的index.php解码base64解码得到源代码。
NSSCTF题库[MoeCTF 2021-2022]系列
J1ng_Hong的博客
08-08 1482
环境页面,让我们直接来查看源码就完事了看它的完成条件,白给题。
crypto_CRYPTO_PowerBuilder_
09-29
在IT领域,加密技术(CRYPTO)是一种至关重要的安全手段,用于保护数据的隐私和完整性。PowerBuilder是一款功能强大的开发工具,尤其适用于构建数据库应用程序。本主题将详细探讨如何在PowerBuilder 12中利用加密...
IISCrypto3.2.zip
11-19
IIS Crypto是一款免费工具,使管理员能够在Windows Server 2008,2012和2016上启用或禁用协议,密码,哈希和密钥交换算法;它还允许您对IIS提供的SSL / TLS密码套件进行重新排序,实施最佳做法只需点击一下,创建...
IISCrypto.rar
04-06
SSL证书是网络安全的重要组成部分,它确保了在Web服务器和客户端之间传输的数据是加密的,防止数据被窃取或篡改。 描述中提到的“管理windows服务器 SSL证书加密方式”,意味着IISCrypto.exe工具可以帮助管理员优化...
picoCTF2022_wp
fly1ng_pengu1n的博客
03-27 4909
picoCTF2022_wp_fgps
MoeCTF_2023新生赛 Reverse题解WP【详解】-(学习记录)‘‘
Sciurdae的博客
10-21 1209
MoeCTF是我学习Re以来接触的第一个比赛!举办的很nice!(づ ̄3 ̄)づ╭❤~明年看看有没有时间,akakak要ak一次才完整a!Github仓库题目下载还差几题,有空补上,还需努力。
moeCTF题解-0x03】Algorithm
框架科工:Framecraft
11-03 761
title: 【moeCTF题解-0x03】Algorithm categories: CTF moeCTF tags: CTF 【moeCTF题解-0x03】Algorithm 计算是宇宙的本质 (并不) 这部分主要是一些数据处理题和算法题。 数据处理题用Python做较为容易。 算法题要求用C++,我不太擅长;又因都是一些经典的题目,万维网上其他大佬的题解很多,故没有去做,这个题解中会放一些其他人题解的链接。 【moeCTF题解】总目录如下: 【moeCTF题解-0x00】序 .
[XNUCA2018]Warmup(考点:流量包文件提取,RSA共模攻击)
MikeCoke的博客
02-18 605
题目: from Crypto.Util.number import bytes_to_long, getPrime from random import randint from gmpy2 import powmod import sys p = getPrime(1024) q = getPrime(1024) N = p*q Phi = (p-1)*(q-1) with open("flag", 'r') as fr: flag = bytes_to_long(fr.read().strip(
BUUCTF 每日打卡 2021-4-23
weixin_52446095的博客
04-23 322
引言 无 babyRSA 题目只给了 e, d, c 根据加密代码: from Crypto.Util.number import * from flag import flag def nextPrime(n): n += 2 if n & 1 else 1 while not isPrime(n): n += 2 return n p = getPrime(1024) q = nextPrime(p) n = p * q e = 0x10001 d =
moectf2023学习笔记
Fab1an的博客
08-15 1086
也可以在这里改cookie的值。
陇原战役 Crypto题目WriteUP WP CTF竞赛
zxsctf的博客
03-27 386
陇原战役 Crypto题目WriteUP WP CTF竞赛
moectf2023
08-19
moectf2023 是一个比赛或活动的名称,但在提供的引用内容中没有提及和解释这个名称的具体含义。根据给出的信息,引用中提到了一个关于 moeCTF 的信息,但是并没有提及到 moectf2023 这个特定的事件。引用是一段代码,与 moectf2023 也没有直接关联。引用中也没有提及到 moectf2023。 所以,根据提供的引用内容,无法确定 moectf2023 具体指的是什么。如果有其他相关的信息,请提供更多的细节,以便我能够给出更准确的回答。<span class="em">1</span><span class="em">2</span><span class="em">3</span> #### 引用[.reference_title] - *1* [百度贴吧签到网站源码Java-moectf-wp:XDSEC协会2019招新赛moectf之xiaohuihuiWriteup](https://download.csdn.net/download/weixin_38606294/19412604)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_1"}}] [.reference_item style="max-width: 50%"] - *2* *3* [MoeCTF2022 部分Crypto 复现](https://blog.csdn.net/Luiino/article/details/127702178)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_1"}}] [.reference_item style="max-width: 50%"] [ .reference_list ]

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值