WEEK 1
一.brainfuck
题目:
++++++++[>>++>++++>++++++>++++++++>++++++++++>++++++++++++>++++++++++++++>++++++++++++++++>++++++++++++++++++>++++++++++++++++++++>++++++++++++++++++++++>++++++++++++++++++++++++>++++++++++++++++++++++++++>++++++++++++++++++++++++++++>++++++++++++++++++++++++++++++<<<<<<<<<<<<<<<<-]>>>>>>>++++++.>----.<-----.>-----.>-----.<<<-.>>++…<.>.++++++…------.<.>.<<<<<+++.>>>>+.<<<+++++++.>>>+.<<<-------.>>>-.<<<+.+++++++.–…>>>>—.-.<<<<-.+++.>>>>.<<<<-------.+.>>>>>++.
根据题干可知此为brainfuck编码
在线网站:[Brainfuck/Ook! Obfuscation/Encoding splitbrain.org]
直接将题目输入,然后点击Brain to Text即可获得flag
二.Caesar’s Secert
题目:
kqfl{hf3x4w’x_h1umjw_n5_a4wd_3fed}
根据题干可知此为凯撒编码
直接将题目输入,然后简单思考一下偏移量(偏移量为5),即可获得flag
三.Fence
题目:
fa{ereigtepanet6680}lgrodrn_h_litx#8fc3
根据题干可知此为栅栏编码
在线网站:栅栏加密/解密 - Bugku CTF
直接将题目输入,栏数为2(这里不是很懂,但网站默认的为2),然后进行解密,分别将标准型和W型提交试错,最后确定是在W型获得的flag
四.Vigenère
题目:
pqcq{qc_m1kt4_njn_5slp0b_lkyacx_gcdy1ud4_g3nv5x0}
根据题干可知此为维吉尼亚编码
对表或者直接在密钥输入flag看解密出的文字,发现前四位是kfck,即可得到密钥为kfck,但是输出结果有奇怪字符:flag{g龣_k1aj4_ihd_5ign0龝_bfw龜龞s_e龞龟t1s龟4_龢3it5n0}
再次回看题目,会发现题目的维吉尼亚与平常所见的英文字符并不一致,通过查询资料可知此为法语,所以问题所在应该在法语这个地方
转换的在线网站:Vigenere Solver | guballa.de
输入题目,然后将语言转换为法语,Key Lenth默认 3-30 即可,随后直接点击Break Cipher爆破就会获得flag
五.babyencoding
题目:
part 1 of flag: ZmxhZ3tkYXp6bGluZ19lbmNvZGluZyM0ZTBhZDQ=
part 2 of flag: MYYGGYJQHBSDCZJRMQYGMMJQMMYGGN3BMZSTIMRSMZSWCNY=
part 3 of flag: =8S4U,3DR8SDY,CS-F5F-C(S,S<R-C
Q9F8S87T`
根据题干可知此为3个不同的编码
依据之前学习的知识可知 part 1 为base64编码, part 2 为base32编码,(part 3 为base91编码)
按照这样的思路去解密,前两个还算顺利,但在 part 3 处使用 base 91 编码时发现出现特殊字符,且解出的内容不符合正常flag的格式,这个时候就意识到 part 3 的编码方式另有其他
通过查询资料可知:XXencode与UUencode的编码方式与base的编码方式极为相似
在线网站;在线UUencode编码|在线UUencode解码|UU编码|UU解码|UUencode编码原理介绍–查错网 (chacuo.net)
通过尝试可知,part 3 的编码方式为UUencode,最后将这三部分组合,即可获得正确flag
六.babyrsa
题目:
from Crypto.Util.number import *
from flag import flag
def gen_prime(n):
res = 1
for i in range(15):
res *= getPrime(n)
return res
if __name__ == '__main__':
n = gen_prime(32)
e = 65537
m = bytes_to_long(flag)
c = pow(m,e,n)
print(n)
print(c)
# 17290066070594979571009663381214201320459569851358502368651245514213538229969915658064992558167323586895088933922835353804055772638980251328261
# 14322038433761655404678393568158537849783589481463521075694802654611048898878605144663750410655734675423328256213114422929994037240752995363595
根据题干可知此为RSA加密
因为题目已知n容易分解,所以直接用网站分解
在线网站:http://factordb.com/
最后直接用python代码解决即可获得flag
from Crypto.Util.number import *
p = 2217990919
q = 2338725373
r = 2370292207
s = 2463878387
w = 2706073949
a = 2794985117
b = 2804303069
d = 2923072267
f = 2970591037
g = 3207148519
h = 3654864131
j = 3831680819
k = 3939901243
x = 4093178561
y = 4278428893
e = 65537
c = 14322038433761655404678393568158537849783589481463521075694802654611048898878605144663750410655734675423328256213114422929994037240752995363595
n=p*q*r*s*w*a*b*d*f*g*h*j*k*x*y
#欧拉函数
phi_n=(p-1)*(q-1)*(r-1)*(s-1)*(w-1)*(a-1)*(b-1)*(d-1)*(f-1)*(g-1)*(h-1)*(j-1)*(k-1)*(x-1)*(y-1)
#求逆元
d=inverse(e,phi_n)
print(d)
m=c^d%n
m=pow(c,d,n)
print(long_to_bytes(m))
七.Small d
题目:
from secret import flag
from Crypto.Util.number import *
p = getPrime(1024)
q = getPrime(1024)
d = getPrime(32)
e = inverse(d, (p-1)*(q-1))
n = p*q
m = bytes_to_long(flag)
c = pow(m,e,n)
print(c)
print(e)
print(n)
# c = 6755916696778185952300108824880341673727005249517850628424982499865744864158808968764135637141068930913626093598728925195859592078242679206690525678584698906782028671968557701271591419982370839581872779561897896707128815668722609285484978303216863236997021197576337940204757331749701872808443246927772977500576853559531421931943600185923610329322219591977644573509755483679059951426686170296018798771243136530651597181988040668586240449099412301454312937065604961224359235038190145852108473520413909014198600434679037524165523422401364208450631557380207996597981309168360160658308982745545442756884931141501387954248
# e = 8614531087131806536072176126608505396485998912193090420094510792595101158240453985055053653848556325011409922394711124558383619830290017950912353027270400567568622816245822324422993074690183971093882640779808546479195604743230137113293752897968332220989640710311998150108315298333817030634179487075421403617790823560886688860928133117536724977888683732478708628314857313700596522339509581915323452695136877802816003353853220986492007970183551041303875958750496892867954477510966708935358534322867404860267180294538231734184176727805289746004999969923736528783436876728104351783351879340959568183101515294393048651825
# n = 19873634983456087520110552277450497529248494581902299327237268030756398057752510103012336452522030173329321726779935832106030157682672262548076895370443461558851584951681093787821035488952691034250115440441807557595256984719995983158595843451037546929918777883675020571945533922321514120075488490479009468943286990002735169371404973284096869826357659027627815888558391520276866122370551115223282637855894202170474955274129276356625364663165723431215981184996513023372433862053624792195361271141451880123090158644095287045862204954829998614717677163841391272754122687961264723993880239407106030370047794145123292991433
根据题干可知此为RSA加密
再根据题目中所给的 Michael J. Wiener 可知,此题为维纳攻击,故直接使用脚本进行解密即可获得flag
关于配置RSAwienerHacker参考此文章;RSAwiener攻击详解(RSA 维纳攻击)-CSDN博客
from Crypto.Util.number import *
from gmpy2 import *
from RSAwienerHacker import *
import libnum
n= 19873634983456087520110552277450497529248494581902299327237268030756398057752510103012336452522030173329321726779935832106030157682672262548076895370443461558851584951681093787821035488952691034250115440441807557595256984719995983158595843451037546929918777883675020571945533922321514120075488490479009468943286990002735169371404973284096869826357659027627815888558391520276866122370551115223282637855894202170474955274129276356625364663165723431215981184996513023372433862053624792195361271141451880123090158644095287045862204954829998614717677163841391272754122687961264723993880239407106030370047794145123292991433
e= 8614531087131806536072176126608505396485998912193090420094510792595101158240453985055053653848556325011409922394711124558383619830290017950912353027270400567568622816245822324422993074690183971093882640779808546479195604743230137113293752897968332220989640710311998150108315298333817030634179487075421403617790823560886688860928133117536724977888683732478708628314857313700596522339509581915323452695136877802816003353853220986492007970183551041303875958750496892867954477510966708935358534322867404860267180294538231734184176727805289746004999969923736528783436876728104351783351879340959568183101515294393048651825
c= 6755916696778185952300108824880341673727005249517850628424982499865744864158808968764135637141068930913626093598728925195859592078242679206690525678584698906782028671968557701271591419982370839581872779561897896707128815668722609285484978303216863236997021197576337940204757331749701872808443246927772977500576853559531421931943600185923610329322219591977644573509755483679059951426686170296018798771243136530651597181988040668586240449099412301454312937065604961224359235038190145852108473520413909014198600434679037524165523422401364208450631557380207996597981309168360160658308982745545442756884931141501387954248
d=hack_RSA(e,n)
flag=long_to_bytes(pow(c,d,n))
print(flag)
八.babyxor
题目:
from secret import *
ciphertext = []
for f in flag:
ciphertext.append(f ^ key)
print(bytes(ciphertext).hex())
# e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2
根据题目可知此为XOR加密
了解一下XOR异或可知此为字符转换为二进制,然后进行异或运算,算出的二进制值再转换为十进制
根据经验可得e9e3eee8为flag,所以密文为e9e3eee8,明文为flag,对此进行XOR异或运算
f的ASCII码值为102,102转换为二进制值为1100110,e9(16进制值)转换为二进制值为11101001
最后进行运算得到 10001111,转换为10进制值为143,所以最后的key 值为143
直接代入代码中即可获得flag
from Crypto.Util.number import *
s = 'e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2'
decode_s = bytes.fromhex(s) # 根据题目提示,先进行16进制解码
key = 143
a = [] # 创建一个空列表来存储结果
for i in range(len(decode_s)): # 使用range(len(decode_s))来迭代列表的索引
a.append(key ^ decode_s[i]) # 计算异或并将结果添加到列表中
print(bytes(a))
九.Affine
题目:
from flag import flag, key
modulus = 256
ciphertext = []
for f in flag:
ciphertext.append((key[0]*f + key[1]) % modulus)
print(bytes(ciphertext).hex())
# dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064
根据题干信息可知此为变异凯撒编码(仿射密码)
直接使用python代码进行解决
from Crypto.Util.number import *
import gmpy2
c = "dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064"
c = bytes.fromhex(c)
mod = 256
m = b"flag"
a = (c[2]-c[1])*gmpy2.invert((m[2]-m[1]),mod) % mod
print(a)
#a = 17
b = (c[2] - a*m[2]) % mod
print(b)
#b = 23
flag = []
for i in c:
flag.append((i-b)*gmpy2.invert(a,mod) % mod)
print(bytes(flag).hex())
flag = "666c61677b346666316e655f6331706865725f69355f766572795f33617a797d"
print(long_to_bytes(int(flag,16)))
或者也可以直接爆破
ciphertext_hex = "dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064"
ciphertext = bytes.fromhex(ciphertext_hex)
modulus = 256
target_plaintext = "Your target plaintext here"
output_file_name = "decryption_results1.txt"
with open(output_file_name, "w", encoding="utf-8") as output_file:
for key0 in range(modulus):
for key1 in range(modulus):
decrypted_flag = []
for ciphertext_char in ciphertext:
original_char = (ciphertext_char - key1) * key0 % modulus
decrypted_flag.append(original_char)
original_flag = "".join(map(chr, decrypted_flag))
output_file.write("Key[0]: {}\n".format(key0))
output_file.write("Key[1]: {}\n".format(key1))
output_file.write("Decrypted Flag: {}\n".format(original_flag))
output_file.write("\n") # 空行分隔每个密钥组合的输出
if original_flag == target_plaintext:
output_file.write("Found key:\n")
output_file.write("Key[0]: {}\n".format(key0))
output_file.write("Key[1]: {}\n".format(key1))
break
print("结果已导出到", output_file_name)
十.babyaes
题目:
from Crypto.Cipher import AES
import os
from flag import flag
from Crypto.Util.number import *
def pad(data):
return data + b"".join([b'\x00' for _ in range(0, 16 - len(data))])
def main():
flag_ = pad(flag)
key = os.urandom(16) * 2
iv = os.urandom(16)
print(bytes_to_long(key) ^ bytes_to_long(iv) ^ 1)
aes = AES.new(key, AES.MODE_CBC, iv)
enc_flag = aes.encrypt(flag_)
print(enc_flag)
if __name__ == "__main__":
main()
# 3657491768215750635844958060963805125333761387746954618540958489914964573229
# b'>]\xc1\xe5\x82/\x02\x7ft\xf1B\x8d\n\xc1\x95i'
根据题干可知此为AES加密
直接使用python代码
from Crypto.Cipher import AES
import os
from gmpy2 import*
from Crypto.Util.number import*
xor = 3657491768215750635844958060963805125333761387746954618540958489914964573229
enc_flag = b'>]\xc1\xe5\x82/\x02\x7ft\xf1B\x8d\n\xc1\x95i'
out = long_to_bytes(xor)
key = out[:16]*2
# print(key)
iv = bytes_to_long(key[16:])^bytes_to_long(out[16:])
# print(iv)
iv = long_to_bytes(iv)
# print(iv)
aes = AES.new(key,AES.MODE_CBC,iv)
flag = aes.decrypt(enc_flag)
print(flag)