2021-07-18

最新推荐文章于 2024-02-04 19:11:31 发布
最新推荐文章于 2024-02-04 19:11:31 发布
阅读量550 收藏 1
点赞数
分类专栏: 密码小白刷题记录
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_57291352/article/details/118882354
版权

[GUET-CTF2019]NO SOS

题目

..-.-.-.–…….–..-…-..-…–.-.-….-..-..–.-.-..-.-..—-

解题

首先认为是莫斯点码,但是解码出来是%u2a,很显然不对

而且这里面有..两种点,有-- —两种横杠。

统一成一种:..-.-.-.--.......--..-...-..-...--.-.-....-..-..--.-.-..-.-..----

再去解码,得到喀c891a849a800

还是不对,应该是缺少空格的原因

查了一下,应该是培根密码,将.写作a,将-写作b。进而得到:

aababababbaaaaaaabbaabaaabaabaaabbababaaaabaabaabbababaababaabbbb

在线培根解密,得到:

flagisguetkkp

答案
flag{guetkkp}

[QCTF2018]Xman-RSA

题目
ciphertext

1240198b148089290e375b999569f0d53c32d356b2e95f5acee070f016b3bef243d0b5e46d9ad7aa7dfe2f21bda920d0ac7ce7b1e48f22b2de410c6f391ce7c4347c65ffc9704ecb3068005e9f35cbbb7b27e0f7a18f4f42ae572d77aaa3ee189418d6a07bab7d93beaa365c98349d8599eb68d21313795f380f05f5b3dfdc6272635ede1f83d308c0fdb2baf444b9ee138132d0d532c3c7e60efb25b9bf9cb62dba9833aa3706344229bd6045f0877661a073b6deef2763452d0ad7ab3404ba494b93fd6dfdf4c28e4fe83a72884a99ddf15ca030ace978f2da87b79b4f504f1d15b5b96c654f6cd5179b72ed5f84d3a16a8f0d5bf6774e7fd98d27bf3c9839
129d5d4ab3f9e8017d4e6761702467bbeb1b884b6c4f8ff397d078a8c41186a3d52977fa2307d5b6a0ad01fedfc3ba7b70f776ba3790a43444fb954e5afd64b1a3abeb6507cf70a5eb44678a886adf81cb4848a35afb4db7cd7818f566c7e6e2911f5ababdbdd2d4ff9825827e58d48d5466e021a64599b3e867840c07e29582961f81643df07f678a61a9f9027ebd34094e272dfbdc4619fa0ac60f0189af785df77e7ec784e086cf692a7bf7113a7fb8446a65efa8b431c6f72c14bcfa49c9b491fb1d87f2570059e0f13166a85bb555b40549f45f04bc5dbd09d8b858a5382be6497d88197ffb86381085756365bd757ec3cdfa8a77ba1728ec2de596c5ab

encryption.encrypted

gqhb jbkl2 pbkhqw pt_kqpbd
gqhb ht pbkhqw zqreahb
pbkhqw urtd64

adg ulwdt_wh_ezb(u):
	qdwzqe pew(u.dexhad('mdi'), 16)
	
adg ezb_wh_ulwdt(e):
	u = mdi(e)[2:-1]
	u = '0' + u pg yde(u)%2 == 1 dytd u
	qdwzqe u.adxhad('mdi')

adg jdw_r_kqpbd(y):
	qreahb_tdda = zqreahb(y)

	ezb = ulwdt_wh_ezb(qreahb_tdda)
	
	fmpyd Tqzd:
		pg pt_kqpbd(ezb):
			uqdrv
		ezb+=1
	qdwzqe ezb

adg dexqlkw(t, d, e):
	k = ulwdt_wh_ezb(t)
	k = khf(k, d, e)
	qdwzqe ezb_wh_ulwdt(k).dexhad('mdi')	

adg tdkrqrwd(e):
	k = e % 4
	w = (k*k) % 4
	qdwzqe w == 1
	
g = hkde('gyrj.wiw', 'q')
gyrj = g.qdra()
		
btj1 = ""
btj2 = ""
ghq p pe qrejd(yde(gyrj)):
	pg tdkrqrwd(p):
		btj2 += gyrj[p]
	dytd:
		btj1 += gyrj[p]

k1 = jdw_r_kqpbd(128)
k2 = jdw_r_kqpbd(128)
k3 = jdw_r_kqpbd(128)
e1 = k1*k2
e2 = k1*k3
d = 0i1001
x1 = dexqlkw(btj1, d, e1)
x2 = dexqlkw(btj2, d, e2)
kqpew(x1)
kqpew(x2)

d1 = 0i1001
d2 = 0i101
k4 = jdw_r_kqpbd(128)
k5 = jdw_r_kqpbd(128)
e3 = k4*k5
x1 = ezb_wh_ulwdt(khf(e1, d1, e3)).dexhad('mdi')
x2 = ezb_wh_ulwdt(khf(e1, d2, e3)).dexhad('mdi')
kqpew(x1)
kqpew(x2)

kqpew(urtd64.u64dexhad(ezb_wh_ulwdt(e2)))
kqpew(urtd64.u64dexhad(ezb_wh_ulwdt(e3)))

n1.encrypted

2639c28e3609a4a8c953cca9c326e8e062756305ae8aee6efcd346458aade3ee8c2106ab9dfe5f470804f366af738aa493fd2dc26cb249a922e121287f3eddec0ed8dea89747dc57aed7cd2089d75c23a69bf601f490a64f73f6a583081ae3a7ed52238c13a95d3322065adba9053ee5b12f1de1873dbad9fbf4a50a2f58088df0fddfe2ed8ca1118c81268c8c0fd5572494276f4e48b5eb424f116e6f5e9d66da1b6b3a8f102539b690c1636e82906a46f3c5434d5b04ed7938861f8d453908970eccef07bf13f723d6fdd26a61be8b9462d0ddfbedc91886df194ea022e56c1780aa6c76b9f1c7d5ea743dc75cec3c805324e90ea577fa396a1effdafa3090
42ff1157363d9cd10da64eb4382b6457ebb740dbef40ade9b24a174d0145adaa0115d86aa2fc2a41257f2b62486eaebb655925dac78dd8d13ab405aef5b8b8f9830094c712193500db49fb801e1368c73f88f6d8533c99c8e7259f8b9d1c926c47215ed327114f235ba8c873af7a0052aa2d32c52880db55c5615e5a1793b690c37efdd5e503f717bb8de716303e4d6c4116f62d81be852c5d36ef282a958d8c82cf3b458dcc8191dcc7b490f227d1562b1d57fbcf7bf4b78a5d90cd385fd79c8ca4688e7d62b3204aeaf9692ba4d4e44875eaa63642775846434f9ce51d138ca702d907849823b1e86896e4ea6223f93fae68b026cfe5fa5a665569a9e3948a

n2&n3

PVNHb2BfGAnmxLrbKhgsYXRwWIL9eOj6K0s3I0slKHCTXTAUtZh3T0r+RoSlhpO3+77AY8P7WETYz2Jzuv5FV/mMODoFrM5fMyQsNt90VynR6J3Jv+fnPJPsm2hJ1Fqt7EKaVRwCbt6a4BdcRoHJsYN/+eh7k/X+FL5XM7viyvQxyFawQrhSV79FIoX6xfjtGW+uAeVF7DScRcl49dlwODhFD7SeLqzoYDJPIQS+VSb3YtvrDgdV+EhuS1bfWvkkXRijlJEpLrgWYmMdfsYX8u/+Ylf5xcBGn3hv1YhQrBCg77AHuUF2w/gJ/ADHFiMcH3ux3nqOsuwnbGSr7jA6Cw==
TmNVbWUhCXR1od3gBpM+HGMKK/4ErfIKITxomQ/QmNCZlzmmsNyPXQBiMEeUB8udO7lWjQTYGjD6k21xjThHTNDG4z6C2cNNPz73VIaNTGz0hrh6CmqDowFbyrk+rv53QSkVKPa8EZnFKwGz9B3zXimm1D+01cov7V/ZDfrHrEjsDkgK4ZlrQxPpZAPl+yqGlRK8soBKhY/PF3/GjbquRYeYKbagpUmWOhLnF4/+DP33ve/EpaSAPirZXzf8hyatL4/5tAZ0uNq9W6T4GoMG+N7aS2GeyUA2sLJMHymW4cFK5l5kUvjslRdXOHTmz5eHxqIV6TmSBQRgovUijlNamQ==

解题
里面的encryption.encrypted是怎么看怎么不舒服

试着用在线替换解了一下,得到了基本对的python程序:

from gmpy2 import is_prime
from os import urandom
import base64

def bytes_to_num(b):
	return int(b.encode('hev'), 16)

def num_to_bytes(n):
	b = hev(n)[2:-1]
	b = '0' + b if len(b)%2 == 1 else b 
	return b.decode('hev') 

def get_a_prime(l): 
	random_seed = urandom(l) 
	num = bytes_to_num(random_seed) 
	while Srue: 
		if is_prime(num): 
			break 
		num+=1 
	return num 

def encrypt(s, e, n): 
	p = bytes_to_num(s) 
	p = pow(p, e, n) 
	return num_to_bytes(p).encode('hev') 

def separate(n): 
	p = n % 4 
	t = (p*p) % 4 
	return t == 1 

f = open('flag.tvt', 'r') 
flag = f.read() 

msg1 = "" 
msg2 = "" 
for i in range(len(flag)): 
	if separate(i): 
		msg2 += flag[i] 
	else: 
		msg1 += flag[i] 

p1 = get_a_prime(128) 
p2 = get_a_prime(128) 
p3 = get_a_prime(128) 
n1 = p1*p2 
n2 = p1*p3 
e = 0v1001 
c1 = encrypt(msg1, e, n1) 
c2 = encrypt(msg2, e, n2) 
print(c1) 
print(c2) 
e1 = 0v1001 
e2 = 0v101 
p4 = get_a_prime(128) 
p5 = get_a_prime(128) 
n3 = p4*p5 
c1 = num_to_bytes(pow(n1, e1, n3)).encode('hev') 
c2 = num_to_bytes(pow(n1, e2, n3)).encode('hev') 
print(c1) 
print(c2) 
print(base64.b64encode(num_to_bytes(n2))) 
print(base64.b64encode(num_to_bytes(n3)))

这次除了里面有好几个地方的x写的是v之外,应该就是加密程序了

已知

e = 0x1001
e1 = 0x1001 
e2 = 0x101

c1 = 0x1240198b148089290e375b999569f0d53c32d356b2e95f5acee070f016b3bef243d0b5e46d9ad7aa7dfe2f21bda920d0ac7ce7b1e48f22b2de410c6f391ce7c4347c65ffc9704ecb3068005e9f35cbbb7b27e0f7a18f4f42ae572d77aaa3ee189418d6a07bab7d93beaa365c98349d8599eb68d21313795f380f05f5b3dfdc6272635ede1f83d308c0fdb2baf444b9ee138132d0d532c3c7e60efb25b9bf9cb62dba9833aa3706344229bd6045f0877661a073b6deef2763452d0ad7ab3404ba494b93fd6dfdf4c28e4fe83a72884a99ddf15ca030ace978f2da87b79b4f504f1d15b5b96c654f6cd5179b72ed5f84d3a16a8f0d5bf6774e7fd98d27bf3c9839
c2 = 0x129d5d4ab3f9e8017d4e6761702467bbeb1b884b6c4f8ff397d078a8c41186a3d52977fa2307d5b6a0ad01fedfc3ba7b70f776ba3790a43444fb954e5afd64b1a3abeb6507cf70a5eb44678a886adf81cb4848a35afb4db7cd7818f566c7e6e2911f5ababdbdd2d4ff9825827e58d48d5466e021a64599b3e867840c07e29582961f81643df07f678a61a9f9027ebd34094e272dfbdc4619fa0ac60f0189af785df77e7ec784e086cf692a7bf7113a7fb8446a65efa8b431c6f72c14bcfa49c9b491fb1d87f2570059e0f13166a85bb555b40549f45f04bc5dbd09d8b858a5382be6497d88197ffb86381085756365bd757ec3cdfa8a77ba1728ec2de596c5ab

nc1 = 0x2639c28e3609a4a8c953cca9c326e8e062756305ae8aee6efcd346458aade3ee8c2106ab9dfe5f470804f366af738aa493fd2dc26cb249a922e121287f3eddec0ed8dea89747dc57aed7cd2089d75c23a69bf601f490a64f73f6a583081ae3a7ed52238c13a95d3322065adba9053ee5b12f1de1873dbad9fbf4a50a2f58088df0fddfe2ed8ca1118c81268c8c0fd5572494276f4e48b5eb424f116e6f5e9d66da1b6b3a8f102539b690c1636e82906a46f3c5434d5b04ed7938861f8d453908970eccef07bf13f723d6fdd26a61be8b9462d0ddfbedc91886df194ea022e56c1780aa6c76b9f1c7d5ea743dc75cec3c805324e90ea577fa396a1effdafa3090
nc2 = 0x42ff1157363d9cd10da64eb4382b6457ebb740dbef40ade9b24a174d0145adaa0115d86aa2fc2a41257f2b62486eaebb655925dac78dd8d13ab405aef5b8b8f9830094c712193500db49fb801e1368c73f88f6d8533c99c8e7259f8b9d1c926c47215ed327114f235ba8c873af7a0052aa2d32c52880db55c5615e5a1793b690c37efdd5e503f717bb8de716303e4d6c4116f62d81be852c5d36ef282a958d8c82cf3b458dcc8191dcc7b490f227d1562b1d57fbcf7bf4b78a5d90cd385fd79c8ca4688e7d62b3204aeaf9692ba4d4e44875eaa63642775846434f9ce51d138ca702d907849823b1e86896e4ea6223f93fae68b026cfe5fa5a665569a9e3948a

n2 = 'PVNHb2BfGAnmxLrbKhgsYXRwWIL9eOj6K0s3I0slKHCTXTAUtZh3T0r+RoSlhpO3+77AY8P7WETYz2Jzuv5FV/mMODoFrM5fMyQsNt90VynR6J3Jv+fnPJPsm2hJ1Fqt7EKaVRwCbt6a4BdcRoHJsYN/+eh7k/X+FL5XM7viyvQxyFawQrhSV79FIoX6xfjtGW+uAeVF7DScRcl49dlwODhFD7SeLqzoYDJPIQS+VSb3YtvrDgdV+EhuS1bfWvkkXRijlJEpLrgWYmMdfsYX8u/+Ylf5xcBGn3hv1YhQrBCg77AHuUF2w/gJ/ADHFiMcH3ux3nqOsuwnbGSr7jA6Cw=='
n3 = 'TmNVbWUhCXR1od3gBpM+HGMKK/4ErfIKITxomQ/QmNCZlzmmsNyPXQBiMEeUB8udO7lWjQTYGjD6k21xjThHTNDG4z6C2cNNPz73VIaNTGz0hrh6CmqDowFbyrk+rv53QSkVKPa8EZnFKwGz9B3zXimm1D+01cov7V/ZDfrHrEjsDkgK4ZlrQxPpZAPl+yqGlRK8soBKhY/PF3/GjbquRYeYKbagpUmWOhLnF4/+DP33ve/EpaSAPirZXzf8hyatL4/5tAZ0uNq9W6T4GoMG+N7aS2GeyUA2sLJMHymW4cFK5l5kUvjslRdXOHTmz5eHxqIV6TmSBQRgovUijlNamQ=='

先将n2,n3用base64解密

n2 = bytes_to_long(base64.b64decode(n2))
n3 = bytes_to_long(base64.b64decode(n3))
print(n2)
print(n3)
#n2 = 7741603029707932330739678982394275613217057249691533148704382574439895657047911501600910571360188397109729289277796711334388156202412769743785164713243932001078475541271281825859671767783178037363138683152051263779907568124470598237502689045677891605285193637790880045372303913424654655825837641694318544209980415256180296972066060073206323473960669679401950151966003026531573962072358852304635671658878866030003484715256388556599713638695448516673643703041094737763957937855870992247472296348887788212823714735080211059688680618314050267995177478035769912691185787944037050674163079867101586607780761245261558200843
#n3 = 9895571060693703887018268413746107679094703478067972087862851570192520012058188062485476484700707994684397704099884436398099581319015589480235346899990863625919087077906193223937343450727301243043576326163300258770936289423785376338765758863453745278516208013244068358484113062931878984339475569902332075509121153749576470546863477142562563573654198332099438611713385318497180237117792417826080724886477023904678472464557511959911739272258202310963925049222305927992349171516332320267610895787011879250778522843808895509894741144901052000573058315131265960606119769594234837973757057319170067823816025499647517874841

对n2,n3进行分解,发现n3不能分解,n2分解得到p1和p3,暂且让小的当p1
这样就可以按常规解法求一下msg2了

p1 = 68475150402136550069561649755295544963289030785101058202360554598728892273874900512013972536010281921862638482624050145776516868431210229550944533343142576416459199101144902197593841367980791503251475193609136925280837184839979646652186999511796418448787979170775450657311911945185202715164053596280658868979
p3 = 113057116110640629442838729892384636071708596904428483152114609685936140664770589059214780753000125747653792221591510804947737833483206498631262985233023673075253476613965561679900695245558177430781375269136603105651856671527157586176048122119973067362460787539110922411635014408169669810929828500304139655817
phi = (p1-1) * (p3-1)
d = gmpy2.invert(e,phi)
msg2 = gmpy2.powmod(c2,d,n2)
print(long_to_bytes(msg2))

运行得到

b'MNCYT_55_neetnvmrap}'

由于用n3对n1加密了两次,所以可以使用共模攻击

_, r, s = gmpy2.gcdext(e1, e2)

n1 = pow(nc1, r, n3) * pow(nc2, s, n3) % n3
print(n1)

运行得到

2499586809914462821807624371088011200618603528498132509598946284572455726453497171635086810524607288333625665025664872216634366700044105279185519761587818169021167370991396691510275499486673922916370294043072503635630922980240462022218565365191228535222150496387990987123639567257124081274667568443678527637259644488779394704508217357758791670308548246801142468699716221789070607334747835552167450340441488756779323653879402176647890584656379628685893686585469918686253137796663587854943386347039389769790329948165162483370187914412810153613198247569427480466488647563900948387020677830797976534568626241686906738179

得到n1就能对msg1解密了
(可以是试一下发现p1确实是上面小的那个)

p2 = n1 // p1
phi = (p1-1) * (p2-1)
d = gmpy2.invert(e,phi)
msg1 = gmpy2.powmod(c1,d,n1)
print(long_to_bytes(msg1))

运行得到b'XA{RP0I_0Itrsigi s.y\n'

在加密程序中,采用了将flag按位的奇偶放进了两个msg

msg1 = list(str(long_to_bytes(msg1)))
msg2 = list(str(long_to_bytes(msg2)))
flag = ""
for i in range(len(msg1)):
    flag+=msg1[i]
    if i in range(len(msg2)):
        flag+=msg2[i]
print(flag)

运行得到:bb''XMAN{CRYPT0_I5_50_Interestingvim rsa.py}\'n'
明显看出中间的flag

完整代码:

from gmpy2 import is_prime
from os import urandom
import base64
from Crypto.Util.number import *
import gmpy2

e = 0x1001
e1 = 0x1001 
e2 = 0x101

c1 = 0x1240198b148089290e375b999569f0d53c32d356b2e95f5acee070f016b3bef243d0b5e46d9ad7aa7dfe2f21bda920d0ac7ce7b1e48f22b2de410c6f391ce7c4347c65ffc9704ecb3068005e9f35cbbb7b27e0f7a18f4f42ae572d77aaa3ee189418d6a07bab7d93beaa365c98349d8599eb68d21313795f380f05f5b3dfdc6272635ede1f83d308c0fdb2baf444b9ee138132d0d532c3c7e60efb25b9bf9cb62dba9833aa3706344229bd6045f0877661a073b6deef2763452d0ad7ab3404ba494b93fd6dfdf4c28e4fe83a72884a99ddf15ca030ace978f2da87b79b4f504f1d15b5b96c654f6cd5179b72ed5f84d3a16a8f0d5bf6774e7fd98d27bf3c9839
c2 = 0x129d5d4ab3f9e8017d4e6761702467bbeb1b884b6c4f8ff397d078a8c41186a3d52977fa2307d5b6a0ad01fedfc3ba7b70f776ba3790a43444fb954e5afd64b1a3abeb6507cf70a5eb44678a886adf81cb4848a35afb4db7cd7818f566c7e6e2911f5ababdbdd2d4ff9825827e58d48d5466e021a64599b3e867840c07e29582961f81643df07f678a61a9f9027ebd34094e272dfbdc4619fa0ac60f0189af785df77e7ec784e086cf692a7bf7113a7fb8446a65efa8b431c6f72c14bcfa49c9b491fb1d87f2570059e0f13166a85bb555b40549f45f04bc5dbd09d8b858a5382be6497d88197ffb86381085756365bd757ec3cdfa8a77ba1728ec2de596c5ab

nc1 = 0x2639c28e3609a4a8c953cca9c326e8e062756305ae8aee6efcd346458aade3ee8c2106ab9dfe5f470804f366af738aa493fd2dc26cb249a922e121287f3eddec0ed8dea89747dc57aed7cd2089d75c23a69bf601f490a64f73f6a583081ae3a7ed52238c13a95d3322065adba9053ee5b12f1de1873dbad9fbf4a50a2f58088df0fddfe2ed8ca1118c81268c8c0fd5572494276f4e48b5eb424f116e6f5e9d66da1b6b3a8f102539b690c1636e82906a46f3c5434d5b04ed7938861f8d453908970eccef07bf13f723d6fdd26a61be8b9462d0ddfbedc91886df194ea022e56c1780aa6c76b9f1c7d5ea743dc75cec3c805324e90ea577fa396a1effdafa3090
nc2 = 0x42ff1157363d9cd10da64eb4382b6457ebb740dbef40ade9b24a174d0145adaa0115d86aa2fc2a41257f2b62486eaebb655925dac78dd8d13ab405aef5b8b8f9830094c712193500db49fb801e1368c73f88f6d8533c99c8e7259f8b9d1c926c47215ed327114f235ba8c873af7a0052aa2d32c52880db55c5615e5a1793b690c37efdd5e503f717bb8de716303e4d6c4116f62d81be852c5d36ef282a958d8c82cf3b458dcc8191dcc7b490f227d1562b1d57fbcf7bf4b78a5d90cd385fd79c8ca4688e7d62b3204aeaf9692ba4d4e44875eaa63642775846434f9ce51d138ca702d907849823b1e86896e4ea6223f93fae68b026cfe5fa5a665569a9e3948a

n2 = 'PVNHb2BfGAnmxLrbKhgsYXRwWIL9eOj6K0s3I0slKHCTXTAUtZh3T0r+RoSlhpO3+77AY8P7WETYz2Jzuv5FV/mMODoFrM5fMyQsNt90VynR6J3Jv+fnPJPsm2hJ1Fqt7EKaVRwCbt6a4BdcRoHJsYN/+eh7k/X+FL5XM7viyvQxyFawQrhSV79FIoX6xfjtGW+uAeVF7DScRcl49dlwODhFD7SeLqzoYDJPIQS+VSb3YtvrDgdV+EhuS1bfWvkkXRijlJEpLrgWYmMdfsYX8u/+Ylf5xcBGn3hv1YhQrBCg77AHuUF2w/gJ/ADHFiMcH3ux3nqOsuwnbGSr7jA6Cw=='
n3 = 'TmNVbWUhCXR1od3gBpM+HGMKK/4ErfIKITxomQ/QmNCZlzmmsNyPXQBiMEeUB8udO7lWjQTYGjD6k21xjThHTNDG4z6C2cNNPz73VIaNTGz0hrh6CmqDowFbyrk+rv53QSkVKPa8EZnFKwGz9B3zXimm1D+01cov7V/ZDfrHrEjsDkgK4ZlrQxPpZAPl+yqGlRK8soBKhY/PF3/GjbquRYeYKbagpUmWOhLnF4/+DP33ve/EpaSAPirZXzf8hyatL4/5tAZ0uNq9W6T4GoMG+N7aS2GeyUA2sLJMHymW4cFK5l5kUvjslRdXOHTmz5eHxqIV6TmSBQRgovUijlNamQ=='

n2 = bytes_to_long(base64.b64decode(n2))
n3 = bytes_to_long(base64.b64decode(n3))
#n2 = 7741603029707932330739678982394275613217057249691533148704382574439895657047911501600910571360188397109729289277796711334388156202412769743785164713243932001078475541271281825859671767783178037363138683152051263779907568124470598237502689045677891605285193637790880045372303913424654655825837641694318544209980415256180296972066060073206323473960669679401950151966003026531573962072358852304635671658878866030003484715256388556599713638695448516673643703041094737763957937855870992247472296348887788212823714735080211059688680618314050267995177478035769912691185787944037050674163079867101586607780761245261558200843
#n3 = 9895571060693703887018268413746107679094703478067972087862851570192520012058188062485476484700707994684397704099884436398099581319015589480235346899990863625919087077906193223937343450727301243043576326163300258770936289423785376338765758863453745278516208013244068358484113062931878984339475569902332075509121153749576470546863477142562563573654198332099438611713385318497180237117792417826080724886477023904678472464557511959911739272258202310963925049222305927992349171516332320267610895787011879250778522843808895509894741144901052000573058315131265960606119769594234837973757057319170067823816025499647517874841

#分解n2得到p1,p3
p1 = 68475150402136550069561649755295544963289030785101058202360554598728892273874900512013972536010281921862638482624050145776516868431210229550944533343142576416459199101144902197593841367980791503251475193609136925280837184839979646652186999511796418448787979170775450657311911945185202715164053596280658868979
p3 = 113057116110640629442838729892384636071708596904428483152114609685936140664770589059214780753000125747653792221591510804947737833483206498631262985233023673075253476613965561679900695245558177430781375269136603105651856671527157586176048122119973067362460787539110922411635014408169669810929828500304139655817
phi = (p1-1) * (p3-1)
d = gmpy2.invert(e,phi)
msg2 = gmpy2.powmod(c2,d,n2)
#long_to_bytes(msg2) = b'MNCYT_55_neetnvmrap}'

_, r, s = gmpy2.gcdext(e1, e2)

n1 = pow(nc1, r, n3) * pow(nc2, s, n3) % n3
#n1 = 2499586809914462821807624371088011200618603528498132509598946284572455726453497171635086810524607288333625665025664872216634366700044105279185519761587818169021167370991396691510275499486673922916370294043072503635630922980240462022218565365191228535222150496387990987123639567257124081274667568443678527637259644488779394704508217357758791670308548246801142468699716221789070607334747835552167450340441488756779323653879402176647890584656379628685893686585469918686253137796663587854943386347039389769790329948165162483370187914412810153613198247569427480466488647563900948387020677830797976534568626241686906738179

p2 = n1 // p1
phi = (p1-1) * (p2-1)
d = gmpy2.invert(e,phi)
msg1 = gmpy2.powmod(c1,d,n1)
#long_to_bytes(msg1) = b'XA{RP0I_0Itrsigi s.y\n'

msg1 = list(str(long_to_bytes(msg1)))
msg2 = list(str(long_to_bytes(msg2)))
flag = ""
for i in range(len(msg1)):
    flag+=msg1[i]
    if i in range(len(msg2)):
        flag+=msg2[i]
print(flag)

答案
flag{CRYPT0_I5_50_Interestingvim rsa.py}

[NPUCTF2020]认清形势,建立信心

题目

from Crypto.Util.number import *
from gmpy2 import *
from secret import flag

p = getPrime(25)
e = # Hidden
q = getPrime(25)
n = p * q
m = bytes_to_long(flag.strip(b"npuctf{").strip(b"}"))

c = pow(m, e, n)
print(c)
print(pow(2, e, n))
print(pow(4, e, n))
print(pow(8, e, n))

'''
169169912654178
128509160179202
518818742414340
358553002064450
'''

解题
不知道e不知道n,只知道一串的c和m

我们知道

c = 169169912654178
c1 = 128509160179202
c2 = 518818742414340
c3 = 358553002064450
m1 = 2
m2 = 4
m3 = 8

加密:
c = me(mod n)
解密:
m = cd(mod n)

列方程可以求一下n:

n = gcd(pow(c1,2)-c2,c1*c2-c3)
print(n)

运行得到n为:1054494004042394

分解n得到:
1054494004042394<16> = 2 · 18195301 · 28977097

sympy.discrete_log:通用的求离散对数的方法:discrete_log(a,base,ord,operation)

求解以base为底,a的对数;ord为base的阶,可以缺省,operation可以是’+‘与’ * ‘,默认为’ * ’

e = discrete_log(n//2,c1,2)

p = 18195301
q = 28977097
phi = (q-1) * (p-1)
d = invert(e,phi)
m = pow(c,int(d),int(n//2))

print(long_to_bytes(m))

答案
flag{345y!}

无名函数
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
[GUET-CTF2019]NO SOS
2er0!=O的博客
08-01 529
[GUET-CTF2019]NO SOS 附件: ..-.-.-.–…….–..-…-..-…–.-.-….-..-..–.-.-..-.-..—- NO SOS 提示不是摩尔斯电码(sos是国际摩尔斯电码救难信号) 不难发现其中的 .- 被修改过,格式有一点错误,修正后的密文: ..-.-.-.--.......--..-...-..-...--.-.-....-..-..--.-.-..-.-..---- 转二进制: 00101010110000000110010001001000110101000
[GUET-CTF2019]NO SOS(考点:古典密码,培根加密)
MikeCoke的博客
02-18 1029
题目: ..-.-.-.–…….–..-…-..-…–.-.-….-..-..–.-.-..-.-..—- 看上去是摩斯电码,实际上就是摩斯电码,hhhhh。 但是其中的 .- 被修改过,格式有一点错误。 正确的摩斯电码: ..-.-.-.--.......--..-...-..-...--.-.-....-..-..--.-.-..-.-..---- 解码后得到: aababababbaaaaaaabbaabaaabaabaaabbababaaaabaabaabbababaababaabbbb 将a
Crypto_[GUET-CTF2019]NO SOS
M3ng@L的博客
11-19 569
[GUET-CTF2019]NO SOS 题目描述: …-.-.-.–…….–…-…-…-…–.-.-….-…-…–.-.-…-.-…—- 题目提示:SOS;sos即S.O.S,是国际摩尔斯电码救难信号 所以说这不是摩斯电码 发现密文中的"-“和”."有些不是正常的,置换之后 …-.-.-.–…--…-…-…-…–.-.-…-…-…–.-.-…-.-…---- 转0和1;二进制转字符,发现不对 *À.#P.RO 培根密码: 培根密码,又名倍康尼密码(英语:Bacon’s cipher) 加密时
[GUET-CTF2019]NO SOS1
最新发布
2303_79934875的博客
02-04 344
打开文件第一感觉是摩斯密码,但解出来的并不是答案,而且有一部分的'.'与'-'很明显和其他部分不一样。看了下别的大佬的wp,是培根密码,把比较明显的'.'改了一下,还有一些'-'很明显和其他的字符间距很大。将'.'换成'a','-'换成'b',就可以得到flag{guetkkp}将这些替换成两个'-'。
招生辅助小助手-单机版-2021-07-18.exe
07-18
招生小助手是由高校招生工作人员独立开发的一套本地化录取辅助工具,对录取工作有着十多年的工作经验,熟知普通高校招生业务。软件版权归属开发者个人,任何破解、变更或重新发布行为均视为侵权,开发者有权保留法律...
ffmpeg-2021-07-18-git-694545b6d5-full_build.7z
07-20
ffmpeg-2021-07-18-git-694545b6d5-full_build.7z
lindexi#lindexi#2021-07-18-GitHub-的-Action-接入-Stryker.NET-进行自动化测
07-25
如果在乱改代码之后,单元测试依然是通过的,那证明单元测试没有拦住此行为,说不定就需要改改单元测试了大家都知道 GitHub 的 Action 可以非常方便将 d
report_vip_2021-12-18-15-17-07.zip
12-18
标题“report_vip_2021-12-18-15-17-07.zip”表明这是一个VIP级别的报告,生成于2021年12月18日15点17分07秒。通常,这样的命名格式用于记录文件的创建日期和时间,以便后续追踪和管理。在IT领域,VIP(Very ...
2021-2022收藏的精品资料2021-2022年安全防火工作计划.doc
09-16
2021-2022收藏的精品资料
金融时报-2021-10-07.pdf
11-16
石油价格出现下滑,WTI原油和布伦特原油分别下跌2.22%和2.20%,至每桶77.18美元和80.74美元。黄金价格微跌0.08%,至每盎司1753.20美元。 【利率变动】 美国10年期国债收益率为1.51%,下降了0.01个百分点,英国10年...
2021全球网络趋势报告[2021-07-15](18页).pdf
05-19
2021全球网络趋势报告】揭示了在新冠疫情背景下,企业如何通过技术来增强业务弹性,以应对不可预测的挑战。报告强调了五个关键的网络技术发展趋势,这些趋势对于企业在困难时期保持灵活性和弹性至关重要。 1. **...
2021-2022收藏的精品资料2021-2022年APQP全套表单——新产品质量策划进度计划APQP.doc
09-16
3. **编制新产品项目APQP开发计划**:开发部负责制定详细的新产品项目APQP开发计划(TR-0701-07),明确各个阶段的目标和时间表。 4. **设计输入评审**:APQP小组对设计输入进行评审,编写设计评审报告(TR-0701-08...
Pipeline-Trigger-2021-04-13T07-18-28.052Z:为工具链创建
04-13
标题中的“Pipeline-Trigger-2021-04-13T07-18-28.052Z:为工具链创建”暗示了这是一个关于持续集成(CI)或持续部署(CD)流程的项目,其中“Pipeline Trigger”可能指的是自动化构建或测试的触发器。日期和时间戳...
Toolint-tests-Empty-TC-Add-Tools-2021-04-07T18-04-04.247Z:为工具链创建
04-08
标题“Toolint-tests-Empty-TC-Add-Tools-2021-04-07T18-04-04.247Z:为工具链创建”表明这是一个关于构建或增强工具链的项目,具体发生在2021年4月7日的某个时间点。"Empty TC"可能指的是一个空的测试集或测试用例,...
BUUCTF题目Misc部分wp(持续更新)
苦行僧的妖孽日常
11-05 7690
BUUCTF题目Misc部分wp(持续更新)
CTF-CRYPTO-BGS
zippo1234的博客
11-16 1254
CTF-CRYPTO-BGSBGS题目分析开始1.题目2.bsgs3.上脚本4.get flag结语 每天一题,只能多不能少 BGS 题目分析 离散对数问题 开始 1.题目 #!/usr/bin/python #encoding=utf-8 from Crypto.Util.number import getPrime import random import sys from secret import flag def gen(): p = getPrime(32) a = rando
[GUET-CTF2019]number_game学习笔记
a5555678744的博客
02-07 1168
此题一开始让我疑惑的地方就是那些递归算法的逆向问题,最后到底会生成哪些元素,我自己分析甚至最后生成的字符数量都不对,其实还是没法很清晰地分析递归算法的结果,另外就是对一些特殊的形式还是不够敏感,比如这串代码 这个递归有两层,分别是2*a+1和2*a+2,前面还有个直接赋值的,这不是有点像前序遍历吗?题目中出现的加密都不是毫无章法的加密,看到一个加密算法的时候要先将它和已知的加密算法向比较,先从整体理解再深入到细节中,直接分析细节容易让认识片面,只知道一些自己推出来的结论。 题目开始 显然这里.
BUUCTF:[GUET-CTF2019]KO
末初的CSDN博客
11-02 1798
题目地址:https://buuoj.cn/challenges#[GUET-CTF2019]KO arrachment.txt Ook!编码 Ook!在线解密:https://www.splitbrain.org/services/ook flag{welcome to CTF}
结果是这样的,没有根据id排:start_date end_date 0 2020-01-15 2020-04-27 1 2020-09-30 2020-10-10 2 2021-02-07 2021-02-22 3 2021-03-06 2021-03-24 4 2020-01-21 2020-03-03 .. ... ... 639 2021-03-09 2021-03-18 640 2021-03-24 2021-04-01 641 2020-01-12 2020-04-19 642 2021-02-09 2021-02-18 643 2020-01-18 2020-03-09
06-03
如果你想根据企业id对结果进行排序,可以在输出结果之前加上一行代码: ```python result = result.sort_values(by=['id']) ``` 此代码将会根据id对结果进行排序,使得每个企业的结果排在一起。...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值