BUU-crypto-刷题记录19

已于 2024-01-04 21:35:25 修改
阅读量319 收藏
点赞数
分类专栏: 密码小白刷题记录 文章标签: python BUU crypto rsa
于 2021-07-06 23:23:33 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_57291352/article/details/118529552
版权

[ACTF新生赛2020]crypto-classic0

题目
hint

哼,压缩包的密码?这是小Z童鞋的生日吧==

cipher

Ygvdmq[lYate[elghqvakl}

然后还有一个要密码的压缩包
解题
已知密码是生日,那就是全是数字,并且是八位数字(年份加月日)

使用工具Ziperello

得到密码为19990306

解压得到一个c代码:

#include<stdio.h>

char flag[25] = ***

int main()
{
	int i;
	for(i=0;i<25;i++)
	{
		flag[i] -= 3;
		flag[i] ^= 0x7;
		printf("%c",flag[i]);
	}
	return 0; 
}

其中^=是按位异或且赋值运算符
可以写出解密程序

#include<stdio.h>
char flag[25] = "Ygvd mq[lYate[elghqvakl}";
int main()
{
	int i;
	for(i=0;i<25;i++)
	{
		flag[i] ^= 0x7;
        flag[i] += 3;
		printf("%c",flag[i]);
	}
	return 0; 
}

运行得到

actf*my_naive_encrytion}

答案
flag{my_naive_encrytion}

[AFCTF2018]可怜的RSA

题目
flag.enc

GVd1d3viIXFfcHapEYuo5fAvIiUS83adrtMW/MgPwxVBSl46joFCQ1plcnlDGfL19K/3PvChV6n5QGohzfVyz2Z5GdTlaknxvHDUGf5HCukokyPwK/1EYU7NzrhGE7J5jPdi0Aj7xi/Odxy0hGMgpaBLd/nL3N8O6i9pc4Gg3O8soOlciBG/6/xdfN3SzSStMYIN8nfZZMSq3xDDvz4YB7TcTBh4ik4wYhuC77gmT+HWOv5gLTNQ3EkZs5N3EAopy11zHNYU80yv1jtFGcluNPyXYttU5qU33jcp0Wuznac+t+AZHeSQy5vk8DyWorSGMiS+J4KNqSVlDs12EqXEqqJ0uA==

public.key

-----BEGIN PUBLIC KEY-----
MIIBJDANBgkqhkiG9w0BAQEFAAOCAREAMIIBDAKCAQMlsYv184kJfRcjeGa7Uc/4
3pIkU3SevEA7CZXJfA44bUbBYcrf93xphg2uR5HCFM+Eh6qqnybpIKl3g0kGA4rv
tcMIJ9/PP8npdpVE+U4Hzf4IcgOaOmJiEWZ4smH7LWudMlOekqFTs2dWKbqzlC59
NeMPfu9avxxQ15fQzIjhvcz9GhLqb373XDcn298ueA80KK6Pek+3qJ8YSjZQMrFT
+EJehFdQ6yt6vALcFc4CB1B6qVCGO7hICngCjdYpeZRNbGM/r6ED5Nsozof1oMbt
Si8mZEJ/Vlx3gathkUVtlxx/+jlScjdM7AFV5fkRidt0LkwosDoPoRz/sDFz0qTM
5q5TAgMBAAE=
-----END PUBLIC KEY-----

解题
公钥解析
在这里插入图片描述
得到:

e=65537
n=79832181757332818552764610761349592984614744432279135328398999801627880283610900361281249973175805069916210179560506497075132524902086881120372213626641879468491936860976686933630869673826972619938321951599146744807653301076026577949579618331502776303983485566046485431039541708467141408260220098592761245010678592347501894176269580510459729633673468068467144199744563731826362102608811033400887813754780282628099443490170016087838606998017490456601315802448567772411623826281747245660954245413781519794295336197555688543537992197142258053220453757666537840276416475602759374950715283890232230741542737319569819793988431443

分解n得到:

p=3133337
q=25478326064937419292200172136399497719081842914528228316455906211693118321971399936004729134841162974144246271486439695786036588117424611881955950996219646807378822278285638261582099108339438949573034101215141156156408742843820048066830863814362379885720395082318462850002901605689761876319151147352730090957556940842144299887394678743607766937828094478336401159449035878306853716216548374273462386508307367713112073004011383418967894930554067582453248981022011922883374442736848045920676341361871231787163441467533076890081721882179369168787287724769642665399992556052144845878600126283968890273067575342061776244939

解密:

import gmpy2
from base64 import b64decode
from Crypto.Util.number import long_to_bytes
from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA

c='GVd1d3viIXFfcHapEYuo5fAvIiUS83adrtMW/MgPwxVBSl46joFCQ1plcnlDGfL19K/3PvChV6n5QGohzfVyz2Z5GdTlaknxvHDUGf5HCukokyPwK/1EYU7NzrhGE7J5jPdi0Aj7xi/Odxy0hGMgpaBLd/nL3N8O6i9pc4Gg3O8soOlciBG/6/xdfN3SzSStMYIN8nfZZMSq3xDDvz4YB7TcTBh4ik4wYhuC77gmT+HWOv5gLTNQ3EkZs5N3EAopy11zHNYU80yv1jtFGcluNPyXYttU5qU33jcp0Wuznac+t+AZHeSQy5vk8DyWorSGMiS+J4KNqSVlDs12EqXEqqJ0uA=='
e=65537
n=79832181757332818552764610761349592984614744432279135328398999801627880283610900361281249973175805069916210179560506497075132524902086881120372213626641879468491936860976686933630869673826972619938321951599146744807653301076026577949579618331502776303983485566046485431039541708467141408260220098592761245010678592347501894176269580510459729633673468068467144199744563731826362102608811033400887813754780282628099443490170016087838606998017490456601315802448567772411623826281747245660954245413781519794295336197555688543537992197142258053220453757666537840276416475602759374950715283890232230741542737319569819793988431443
p=3133337
q=25478326064937419292200172136399497719081842914528228316455906211693118321971399936004729134841162974144246271486439695786036588117424611881955950996219646807378822278285638261582099108339438949573034101215141156156408742843820048066830863814362379885720395082318462850002901605689761876319151147352730090957556940842144299887394678743607766937828094478336401159449035878306853716216548374273462386508307367713112073004011383418967894930554067582453248981022011922883374442736848045920676341361871231787163441467533076890081721882179369168787287724769642665399992556052144845878600126283968890273067575342061776244939

c=b64decode(c)
phi = (q-1) * (p-1)
d = gmpy2.invert(e,phi)

rsa_components=(n,e,int(d),p,q)
arsa=RSA.construct(rsa_components)
rsakey = RSA.importKey(arsa.exportKey())
rsakey = PKCS1_OAEP.new(rsakey) 
decrypted = rsakey.decrypt(c)
print(decrypted)

注意,不能通过m = gmpy2.powmod(c,d,n)解,因为c不是数字
运行

b'afctf{R54_|5_$0_B0rin9}'

答案
flag{R54_|5_$0_B0rin9}

[RoarCTF2019]babyRSA

题目

import sympy
import random

def myGetPrime():
    A= getPrime(513)
    print(A)
    B=A-random.randint(1e3,1e5)
    print(B)
    return sympy.nextPrime((B!)%A)
p=myGetPrime()
#A1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467234407
#B1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467140596

q=myGetPrime()
#A2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858418927
#B2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858351026

r=myGetPrime()

n=p*q*r
#n=85492663786275292159831603391083876175149354309327673008716627650718160585639723100793347534649628330416631255660901307533909900431413447524262332232659153047067908693481947121069070451562822417357656432171870951184673132554213690123308042697361969986360375060954702920656364144154145812838558365334172935931441424096270206140691814662318562696925767991937369782627908408239087358033165410020690152067715711112732252038588432896758405898709010342467882264362733
c=pow(flag,e,n)
#e=0x1001
#c=75700883021669577739329316795450706204502635802310731477156998834710820770245219468703245302009998932067080383977560299708060476222089630209972629755965140317526034680452483360917378812244365884527186056341888615564335560765053550155758362271622330017433403027261127561225585912484777829588501213961110690451987625502701331485141639684356427316905122995759825241133872734362716041819819948645662803292418802204430874521342108413623635150475963121220095236776428
#so,what is the flag?

解题
自己写了个程序改了半天还是不对
还是膜拜大神的吧🤡

from sympy import nextprime
from Crypto.Util.number import *
from gmpy2 import invert

def get_p_q(A,B):
    tmp = 1
    # calculate remain value (mod A) of (A−1)(A−2)(A−3)...(B+1)
    for i in range(B+1,A-1):
        tmp *= i
        tmp %= A

    tmp_inv = invert(tmp,A)
    result = nextprime(tmp_inv)
    return result

A1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467234407
B1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467140596

A2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858418927
B2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858351026

n=85492663786275292159831603391083876175149354309327673008716627650718160585639723100793347534649628330416631255660901307533909900431413447524262332232659153047067908693481947121069070451562822417357656432171870951184673132554213690123308042697361969986360375060954702920656364144154145812838558365334172935931441424096270206140691814662318562696925767991937369782627908408239087358033165410020690152067715711112732252038588432896758405898709010342467882264362733
e=0x1001
c=75700883021669577739329316795450706204502635802310731477156998834710820770245219468703245302009998932067080383977560299708060476222089630209972629755965140317526034680452483360917378812244365884527186056341888615564335560765053550155758362271622330017433403027261127561225585912484777829588501213961110690451987625502701331485141639684356427316905122995759825241133872734362716041819819948645662803292418802204430874521342108413623635150475963121220095236776428

p = get_p_q(A1,B1)
q = get_p_q(A2,B2)
print(p)
print(q)
# p = 1276519424397216455160791032620569392845781005616561979809403385593761615670426423039762716291920053306063214548359656555809123127361539475238435285654851
# q = 13242175493583584108411324143773780862426183382017753129633978933213674770487765387985282956574197274056162861584407275172775868763712231230219112670015751

r = n // p // q
print(r)
# r = 5057572094237208127867754008134739503717927865750318894982404287656747895573075881186030840558129423864679886646066477437020450654848839861455661385205433

phn = (p - 1) * (q - 1) * (r - 1)
d = invert(e, phn)
print(d)
# d = 23245991568931089935575398139533179902151911325504278186895368123724684132878362590745372016987963378102056924287587028702166372731411906405181410326380814220943063812165970658883369631308421395770179828382024820676516261188276456737434776404340381374859304944884947772697915445301641449023374627214573292539161320959779418043275889202421521069705878414823578781441160766914068377017428380775625886023385019623499784980822629415795884228504498888092721097658433
m = pow(c,d,n)
print(m)
# 49562188096458630410563044417358818341913265571373725266976612126526106528404944745044614126232074073813936259453
print(long_to_bytes(m))

出自:https://www.cnblogs.com/vict0r/p/13563073.html

解析:

从题目代码中可以知道:
p=(B1!)%A1
q=(B2!)%A2

又由威尔逊定理知道,(A−1)!≡ −1 mod A

而B=A-random.randint(1e3,1e5),所以在B的前面补上(A−1)(A−2)(A−3)…(B+1)就有(A−1)(A−2)(A−3)…(B+1)∗(B!)%A=−1%A

于是再整理一下又有

(A−2)(A−3)…(B+1)∗(B!)%A=1%A

这就意味这可由(A−2)(A−3)…(B+1)模A的逆元求得(B!)%A的值。

再取nextprime就可得到p或q的值。

答案
flag{wm-CongrAtu1ation4-1t4-ju4t-A-bAby-R4A}

无名函数
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
CTF-BUUCTF-CRPTO-[ACTF新生赛2020]crypto-classic0
weixin_43880435的博客
06-02 1937
1、题目3个文件 cipher: Ygvdmq[lYate[elghqvakl} 压缩文件:howtoencrypt.zip有密码 hint.txt 哼,压缩包的密码?这是小Z童鞋的生日吧== 2、AZPR 19700000-20000000 生日爆破 压缩文件,密码:19990306,得到classic0.c文件,内容是 #include<stdio.h> char flag[25] = *** int main() { int i; for(i=0;i...
BUUCTF·[ACTF新生赛2020]crypto-classic0·WP
sm1918451478的博客
11-14 375
BUUCTF·[ACTF新生赛2020]crypto-classic0·WP
BUUCTF 打卡2
qq_52193383的博客
08-20 349
1.RSA4 题目给出了三组c和n,猜测是广播攻击。猜测e = 3。自己写的脚本有点不靠谱,就借用书上的。值得注意的是题目给出的c和n都是5进制数!!!(仔细点的话可以看出数据中没有出现>=5的数字) #广播攻击??? import gmpy2,libnum from Crypto.Util.number import long_to_bytes,bytes_to_long def broadcast_attack(data): def extended_gcd(a,b):
每天10道Crypto Day3
MikeCoke的博客
08-17 790
1.救世捷径 2.坏蛋是雷宾 3.[AFCTF2018]你能看出这是什么加密么 4.[NPUCTF2020]这是什么觅???? 5.[HDCTF2019]together 6.[AFCTF2018]Single 7.[WUSTCTF2020]B@se 8.EasyProgram 9.[BJDCTF2020]Polybius 10.[WUSTCTF2020]大数计算 11.[AFCTF2018]你听过一次一密么? . ...
BUUCTF_ACTF新生赛_crypto
qq_45628145的博客
05-04 835
classic0 附件里面有三个文件,压缩包有密码,根据hints.txt的提示哼,压缩包的密码?这是小Z童鞋的生日吧==,进行8位数字的爆破,得到密码19990306 得到一个C文件,代码是 #include<stdio.h> char flag[25] = *** int main() { int i; for(i=0;i<25;i++) { flag[i] -=...
BUU-Reveser-XMAN2018排位赛-easywasm(WebAssembly逆向分析)
最新发布
05-26
在"BUU-Reveser-XMAN2018排位赛-easywasm(WebAssembly逆向分析)"这个挑战中,参赛者需要对名为"easywasm.wasm"的WASM文件进行逆向工程,理解其内部逻辑并可能找到隐藏的漏洞或解决方案。 WASM的主要特点包括: 1...
BUU刷题-Reveser-FlareOn5-Web2.0(WebAssembly逆向分析)
05-26
在本题目中,我们面临的是一个关于WebAssembly(简称WASM)逆向分析的挑战,源自FlareOn5赛事的Web2.0关卡。WebAssembly是一种低级虚拟机指令集,它允许开发者以接近原生的速度运行用C、C++或Rust等语言编译的代码。...
POSN:POSN-BUU的源代码
04-01
9. **调试与测试**:源代码中可能包含断点、日志记录(如`std::cout`或使用Glog)、单元测试等,用于调试和验证代码的正确性。 10. **性能优化**:对于计算密集型的任务,源码可能包含一些性能优化技巧,如循环展开...
Majin Buu Top HD Anime New Tabs Theme-crx插件
03-15
每次打开一个新选项卡,您将获得Majin Buu提供的不同高清壁纸 这个新主题包括时钟等等。 魔鬼的布欧(the devil,Buu),日本动漫《七龙珠》中的义与恶的角色,是《七龙珠》综合实力最强的BOSS。 这个名字来自电影...
Project-Decoder-Ring
03-27
项目解码器环 项目描述:解码器环 该应用程序具有3种不同的解码器。 1.凯撒密码是一种替换密码,其中明文中... 2.... 3.... “单位”可以是单个字母(最常见),成对的字母,字母的三元组,上述的混合形式,等等。... 屏幕截图:
BASE64转图片
热门推荐
lulu
06-23 2万+
Sctf 2019 签到题 cat /flag in data:image/jpeg;base64,/9j/4QBkRXhpZgAATU0AKgAAAAgABYdpAAQAAAABAAAASgESAAQAAAABAAAAAAEBAAMAAAABAa4AAAEyAAIAAAABAAAAAAEAAAMAAAABAa4AAAAAAAAAAZIIAAQAAAABAAAAAAAAAAD/4AAQSkZ...
ACTF新生赛2020 crypto-classic1
pondzhang的专栏
04-30 2533
哇,这里有压缩包的密码哦,于是我低下了头,看向了我的双手,试图从中找到某些规律 xdfv ujko98 edft54 xdfv pok,.; wsdr43 键盘码,得到的密码为circle 密文为:SRLU{LZPL_S_UASHKXUPD_NXYTFTJT} SRLU未加密前应为ACTF,编写脚本如下: #破解key s='ABCDEFGHIJKLMNOPQRSTUVWXYZ' s1...
[ACTF2020 新生赛]Include
gmp的博客
08-08 949
[ACTF2020 新生赛]Include 访问题目,有tips: 这个url,似乎告诉我这里是突破口 考虑 "php://input"伪协议 + POST发送PHP代码 的经典套路 重新考虑之后使用 “php://filter"伪协议” 来进行包含 构造Payload: ?file=php://filter/read=convert.base64-encode/resource=flag.php 使用php://filter伪协议进行文件包含时,需要加上read=convert.base64-enc
Crypto_[ACTF新生赛2020]crypto-aes
M3ng@L的博客
11-16 1052
[ACTF新生赛2020]crypto-aes 题目描述: from Cryptodome.Cipher import AES import os import gmpy2 from flag import FLAG from Cryptodome.Util.number import * def main(): key=os.urandom(2)*16 iv=os.urandom(16) print(bytes_to_long(key)^bytes_to_long(iv))
BUUCTF--rsa
weixin_30607659的博客
09-24 1769
测试文件:https://buuoj.cn/files/ed10ec009d5aab0050022aee131a7293/41c4e672-98c5-43e5-adf4-49d75db307e4.zip?token=eyJ0ZWFtX2lkIjpudWxsLCJ1c2VyX2lkIjoxOTAzLCJmaWxlX2lkIjoyMDV9.XYl7ag.BZcdhjGojXT726Y0wj4...
[ACTF新生赛2020]crypto-des(考点:DES)
MikeCoke的博客
02-18 1939
题目:给了三个文件,附件1和附件2,以及加密的 easydes.zip 压缩包,通过解密附件1,2以获取解密 zip 的 key 附件1 encryptedkey.txt 72143238992041641000000.000000, 77135357178006504000000000000000.000000, 1125868345616435400000000.000000, 67378029765916820000000.000000, 7555348609218470300000000000
buuctf刷题-cyptro-[ACTF新生赛2020]crypto-classic1
菜鸟之路
08-24 2638
键盘密码-维吉尼亚-[ACTF新生赛2020]crypto-classic1 首先有个hint.txt和一个压缩包: 哇,这里有压缩包的密码哦,于是我低下了头,看向了我的双手,试图从中找到某些规律 xdfv ujko98 edft54 xdfv pok,.; wsdr43 低头看看键盘,键盘密码,xdfv连起来,包出的字母是啥 于是解密得到circle 解压,得到vigenere.zip SRLU{LZPL_S_UASHKXUPD_NXYTFTJT} 猜测SRLU对应FLAG,对应秘钥为nump,结果试
BUUCTF——CRYPTO记录不熟悉的题)(3)
Luiino的博客
08-01 863
用记事本打开所给文件,发现一堆乱码,再用010打开首字母代表星期几的英文首字母缩写,其中,S1是星期六,S2是星期日。下一个数字代表的是第几行,根据此规律,得到31125144118,对照字母表得到英文单词calendar。...
CTF Crypto---RSA KCS1_OAEP模式
3tefanie丶zhou的博客
07-19 1848
【青青槐荫,皎皎月光。春风一披拂,百卉各争妍】
buu Quoted-printable
09-13
Quoted-printable是一种编码方法,常用于电子邮件中的MIME编码。它的作用是将非ASCII字符转换为可打印的ASCII字符。在Quoted-printable编码中,使用"="符号后跟两个十六进制数字来表示原本的字符。...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值