2021-07-23

最新推荐文章于 2023-06-15 22:31:54 发布
最新推荐文章于 2023-06-15 22:31:54 发布
阅读量827 收藏 2
点赞数
分类专栏: 密码小白刷题记录 文章标签: 算法
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_57291352/article/details/119046307
版权

[ACTF新生赛2020]crypto-des

题目
encryptedkey

72143238992041641000000.000000,
77135357178006504000000000000000.000000,
1125868345616435400000000.000000,
67378029765916820000000.000000,
75553486092184703000000000000.000000,
4397611913739958700000.000000,
76209378028621039000000000000000.000000

hint

To solve the key, Maybe you know some interesting data format about C language?

和一个加密压缩包
解题

为了解决这个问题,也许你知道一些关于C语言的有趣的数据格式?

那一串数字应该为double型(double:646f75626c65;01100100 01101111 01110101 01100010 01101100 01100101)

根据提示,我们需要解出压缩包密码,但还是尝试手贱一下不需要密码的方式,然后就真的没解出来,还是老老实实算密码吧

from libnum import*
import struct
import binascii

s = [72143238992041641000000.000000,77135357178006504000000000000000.000000,1125868345616435400000000.000000,67378029765916820000000.000000,75553486092184703000000000000.000000,4397611913739958700000.000000,76209378028621039000000000000000.000000]
a = ''
b = ''
for i in s:
    i = float(i)
    a += struct.pack('<f',i).hex()        #小端
print(a)

for j in s:
    i = float(i)
    b += struct.pack('>f',i).hex()        #小端
print(b)

a = 0x496e74657265737472696e67204964656120746f20656e6372797074
b = 0x74707972747079727470797274707972747079727470797274707972
print(n2s(a))
print(n2s(b))

运行得到:

496e74657265737472696e67204964656120746f20656e6372797074
74707972747079727470797274707972747079727470797274707972
b'Interestring Idea to encrypt'
b'tpyrtpyrtpyrtpyrtpyrtpyrtpyr'

尝试解密发现密钥为:Interestring Idea to encrypt

解压得到:

import pyDes
import base64
from FLAG import flag
deskey = "********"
DES = pyDes.des(deskey)
DES.setMode('ECB')
DES.Kn = [
			[1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0],
			[1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0], 
			[0, 1, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0],
			[1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1], 
			[0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1],
			[0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0],
			[0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0],
			[0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0],
			[1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0],
			[0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0],
			[0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1],
			[0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0],
			[1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0, 0],
			[1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1],
			[1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1],
			[1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1]
		]
cipher_list = base64.b64encode(DES.encrypt(flag))
#b'vrkgBqeK7+h7mPyWujP8r5FqH5yyVlqv0CXudqoNHVAVdNO8ML4lM4zgez7weQXo'

DES全称为Data Encryption Standard,即数据加密标准,是一种使用密钥加密的块算法。
DES算法的入口参数有三个:Key、Data、Mode。其中Key为7个字节共56位,是DES算法的工作密钥;Data为8个字节64位,是要被加密或被解密的数据;Mode为DES的工作方式,有两种:加密或解密。
DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是64位(实际用到了56位,第8、16、24、32、40、48、56、64位是校验位, 使得每个密钥都有奇数个1),其算法主要分为两步:初始置换和逆置换

这道题的话,直接输入解密代码就行:

import pyDes
import base64
#from FLAG import flag
deskey = "********"
DES = pyDes.des(deskey)
DES.setMode('ECB')
DES.Kn = [
			[1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0],
			[1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0], 
			[0, 1, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0],
			[1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1], 
			[0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1],
			[0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0],
			[0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0],
			[0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0],
			[1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0],
			[0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0],
			[0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1],
			[0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0],
			[1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0, 0],
			[1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1],
			[1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1],
			[1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1]
		]
#cipher_list = base64.b64encode(DES.encrypt(flag))

k=b'vrkgBqeK7+h7mPyWujP8r5FqH5yyVlqv0CXudqoNHVAVdNO8ML4lM4zgez7weQXo'
print(DES.decrypt(base64.b64decode(k)))

运行得到:b’actf{breaking_DES_is_just_a_small_piece_of_cake}’

答案

flag{breaking_DES_is_just_a_small_piece_of_cake}

[De1CTF2019]xorz

题目

from itertools import *
from data import flag,plain

key=flag.strip("de1ctf{").strip("}")
assert(len(key)<38)
salt="WeAreDe1taTeam"
ki=cycle(key)
si=cycle(salt)
cipher = ''.join([hex(ord(p) ^ ord(next(ki)) ^ ord(next(si)))[2:].zfill(2) for p in plain])
print cipher
# output:
# 49380d773440222d1b421b3060380c3f403c3844791b202651306721135b6229294a3c3222357e766b2f15561b35305e3c3b670e49382c295c6c170553577d3a2b791470406318315d753f03637f2b614a4f2e1c4f21027e227a4122757b446037786a7b0e37635024246d60136f7802543e4d36265c3e035a725c6322700d626b345d1d6464283a016f35714d434124281b607d315f66212d671428026a4f4f79657e34153f3467097e4e135f187a21767f02125b375563517a3742597b6c394e78742c4a725069606576777c314429264f6e330d7530453f22537f5e3034560d22146831456b1b72725f30676d0d5c71617d48753e26667e2f7a334c731c22630a242c7140457a42324629064441036c7e646208630e745531436b7c51743a36674c4f352a5575407b767a5c747176016c0676386e403a2b42356a727a04662b4446375f36265f3f124b724c6e346544706277641025063420016629225b43432428036f29341a2338627c47650b264c477c653a67043e6766152a485c7f33617264780656537e5468143f305f4537722352303c3d4379043d69797e6f3922527b24536e310d653d4c33696c635474637d0326516f745e610d773340306621105a7361654e3e392970687c2e335f3015677d4b3a724a4659767c2f5b7c16055a126820306c14315d6b59224a27311f747f336f4d5974321a22507b22705a226c6d446a37375761423a2b5c29247163046d7e47032244377508300751727126326f117f7a38670c2b23203d4f27046a5c5e1532601126292f577776606f0c6d0126474b2a73737a41316362146e581d7c1228717664091c

解题
官方wp

def getKeyPool(cipher, stepSet, plainSet, keySet):
    ''' 传入的密文串、明文字符集、密钥字符集、密钥长度范围均作为数字列表处理.形如[0x11,0x22,0x33]
        返回一个字典,以可能的密钥长度为键,以对应的每一字节的密钥字符集构成的列表为值,密钥字符集为数字列表。
            形如{
                    1:[[0x11]],
                    3:[
                        [0x11,0x33,0x46],
                        [0x22,0x58],
                        [0x33]
                       ]
                }
    '''
    keyPool = dict()
    for step in stepSet:
        maybe = [None] * step
        for pos in xrange(step):
            maybe[pos] = []
            for k in keySet:
                flag = 1
                for c in cipher[pos::step]:
                    if c ^ k not in plainSet:
                        flag = 0
                if flag:
                    maybe[pos].append(k)
        for posPool in maybe:
            if len(posPool) == 0:
                maybe = []
                break
        if len(maybe) != 0:
            keyPool[step] = maybe
    return keyPool


def calCorrelation(cpool):
    '''传入字典,形如{'e':2,'p':3}
        返回可能性,0~1,值越大可能性越大
        (correlation between the decrypted column letter frequencies and
        the relative letter frequencies for normal English text)
    '''
    frequencies = {"e": 0.12702, "t": 0.09056, "a": 0.08167, "o": 0.07507, "i": 0.06966,
                   "n": 0.06749, "s": 0.06327, "h": 0.06094, "r": 0.05987, "d": 0.04253,
                   "l": 0.04025, "c": 0.02782, "u": 0.02758, "m": 0.02406, "w": 0.02360,
                   "f": 0.02228, "g": 0.02015, "y": 0.01974, "p": 0.01929, "b": 0.01492,
                   "v": 0.00978, "k": 0.00772, "j": 0.00153, "x": 0.00150, "q": 0.00095,
                   "z": 0.00074}
    relative = 0.0
    total = 0
    fpool = 'etaoinshrdlcumwfgypbvkjxqz'
    total = sum(cpool.values())  # 总和应包括字母和其他可见字符
    for i in cpool.keys():
        if i in fpool:
            relative += frequencies[i] * cpool[i] / total
    return relative


def analyseFrequency(cfreq):
    key = []
    for posFreq in cfreq:
        mostRelative = 0
        for keyChr in posFreq.keys():
            r = calCorrelation(posFreq[keyChr])
            if r > mostRelative:
                mostRelative = r
                keychar = keyChr
        key.append(keychar)

    return key


def getFrequency(cipher, keyPoolList):
    ''' 传入的密文作为数字列表处理
        传入密钥的字符集应为列表,依次包含各字节字符集。
            形如[[0x11,0x12],[0x22]]
        返回字频列表,依次为各字节字符集中每一字符作为密钥组成部分时对应的明文字频
            形如[{
                    0x11:{'a':2,'b':3},
                    0x12:{'e':6}
                 },
                 {
                    0x22:{'g':1}
                 }]
    '''
    freqList = []
    keyLen = len(keyPoolList)
    for i in xrange(keyLen):
        posFreq = dict()
        for k in keyPoolList[i]:
            posFreq[k] = dict()
            for c in cipher[i::keyLen]:
                p = chr(k ^ c)
                posFreq[k][p] = posFreq[k][p] + 1 if p in posFreq[k] else 1
        freqList.append(posFreq)
    return freqList


def vigenereDecrypt(cipher, key):
    plain = ''
    cur = 0
    ll = len(key)
    for c in cipher:
        plain += chr(c ^ key[cur])
        cur = (cur + 1) % ll
    return plain


def main():
    ps = []
    ks = []
    ss = []
    ps.extend(xrange(32, 127))
    ks.extend(xrange(0xff + 1))
    ss.extend(xrange(38))
    cipher = getCipher(c)

    keyPool = getKeyPool(cipher=cipher, stepSet=ss, plainSet=ps, keySet=ks)
    for i in keyPool:
        freq = getFrequency(cipher, keyPool[i])
        key = analyseFrequency(freq)
        plain = vigenereDecrypt(cipher, key)
        print plain,"\n"
        print ''.join(map(chr,key))


if __name__ == '__main__':
    main()

但是上面程序适用于python2环境,
来看某位大佬的程序

import string
from binascii import unhexlify, hexlify
from itertools import *

def bxor(a, b):     # xor two byte strings of different lengths
    if len(a) > len(b):
        return bytes([x ^ y for x, y in zip(a[:len(b)], b)])
    else:
        return bytes([x ^ y for x, y in zip(a, b[:len(a)])])

def hamming_distance(b1, b2):
    differing_bits = 0
    for byte in bxor(b1, b2):
        differing_bits += bin(byte).count("1")
    return differing_bits

def break_single_key_xor(text):
    key = 0
    possible_space = 0
    max_possible = 0
    letters = string.ascii_letters.encode('ascii')
    for a in range(0, len(text)):
        maxpossible = 0
        for b in range(0, len(text)):
            if(a == b):
                continue
            c = text[a] ^ text[b]
            if c not in letters and c != 0:
                continue
            maxpossible += 1
        if maxpossible > max_possible:
            max_possible = maxpossible
            possible_space = a
    key = text[possible_space] ^ 0x20
    return chr(key)

salt = "WeAreDe1taTeam"
si = cycle(salt)
b = unhexlify(b'49380d773440222d1b421b3060380c3f403c3844791b202651306721135b6229294a3c3222357e766b2f15561b35305e3c3b670e49382c295c6c170553577d3a2b791470406318315d753f03637f2b614a4f2e1c4f21027e227a4122757b446037786a7b0e37635024246d60136f7802543e4d36265c3e035a725c6322700d626b345d1d6464283a016f35714d434124281b607d315f66212d671428026a4f4f79657e34153f3467097e4e135f187a21767f02125b375563517a3742597b6c394e78742c4a725069606576777c314429264f6e330d7530453f22537f5e3034560d22146831456b1b72725f30676d0d5c71617d48753e26667e2f7a334c731c22630a242c7140457a42324629064441036c7e646208630e745531436b7c51743a36674c4f352a5575407b767a5c747176016c0676386e403a2b42356a727a04662b4446375f36265f3f124b724c6e346544706277641025063420016629225b43432428036f29341a2338627c47650b264c477c653a67043e6766152a485c7f33617264780656537e5468143f305f4537722352303c3d4379043d69797e6f3922527b24536e310d653d4c33696c635474637d0326516f745e610d773340306621105a7361654e3e392970687c2e335f3015677d4b3a724a4659767c2f5b7c16055a126820306c14315d6b59224a27311f747f336f4d5974321a22507b22705a226c6d446a37375761423a2b5c29247163046d7e47032244377508300751727126326f117f7a38670c2b23203d4f27046a5c5e1532601126292f577776606f0c6d0126474b2a73737a41316362146e581d7c1228717664091c')
plain = ''.join([hex(ord(c) ^ ord(next(si)))[2:].zfill(2) for c in b.decode()])
b = unhexlify(plain)
print(plain)

normalized_distances = []

for KEYSIZE in range(2, 40):
    # 我们取其中前6段计算平局汉明距离
    b1 = b[: KEYSIZE]
    b2 = b[KEYSIZE: KEYSIZE * 2]
    b3 = b[KEYSIZE * 2: KEYSIZE * 3]
    b4 = b[KEYSIZE * 3: KEYSIZE * 4]
    b5 = b[KEYSIZE * 4: KEYSIZE * 5]
    b6 = b[KEYSIZE * 5: KEYSIZE * 6]

    normalized_distance = float(
        hamming_distance(b1, b2) +
        hamming_distance(b2, b3) +
        hamming_distance(b3, b4) +
        hamming_distance(b4, b5) +
        hamming_distance(b5, b6)
    ) / (KEYSIZE * 5)
    normalized_distances.append(
        (KEYSIZE, normalized_distance)
    )
normalized_distances = sorted(normalized_distances, key=lambda x: x[1])

for KEYSIZE, _ in normalized_distances[:5]:
    block_bytes = [[] for _ in range(KEYSIZE)]
    for i, byte in enumerate(b):
        block_bytes[i % KEYSIZE].append(byte)
    keys = ''
    try:
        for bbytes in block_bytes:
            keys += break_single_key_xor(bbytes)
        key = bytearray(keys * len(b), "utf-8")
        plaintext = bxor(b, key)
        print("keysize:", KEYSIZE)
        print("key is:", keys, "n")
        s = bytes.decode(plaintext)
        print(s)
    except Exception:
        continue

运行得到

1e5d4c055104471c6f234f5501555b5a014e5d001c2a54470555064c443e235b4c0e590356542a130a4242335a47551a590a136f1d5d4d440b0956773613180b5f184015210e4f541c075a47064e5f001e2a4f711844430c473e2413011a100556153d1e4f45061441151901470a196f035b0c4443185b322e130806431d5a072a46385901555c5b550a541c1a2600564d5f054c453e32444c0a434d43182a0b1c540a55415a550a5e1b0f613a5c1f10021e56773a5a0206100852063c4a18581a1d15411d17111b052113460850104c472239564c0755015a13271e0a55553b5a47551a54010e2a06130b5506005a393013180c100f52072a4a1b5e1b165d50064e411d0521111f235f114c47362447094f10035c066f19025402191915110b4206182a544702100109133e394505175509671b6f0b01484e06505b061b50034a2911521e44431b5a233f13180b5508131523050154403740415503484f0c2602564d470a18407b775d031110004a54290319544e06505b060b424f092e1a770443101952333213030d554d551b2006064206555d50141c454f0c3d1b5e4d43061e453e39544c17580856581802001102105443101d111a043c03521455074c473f3213000a5b085d113c194f5e08555415180f5f433e270d131d420c1957773f560d11440d40543c060e470b55545b114e470e193c155f4d47110947343f13180c100f565a000403484e184c15050250081f2a54470545104c5536251325435302461a3b4a02484e12545c1b4265070b3b5440055543185b36231301025b084054220f4f42071b1554020f430b196f19564d4002055d79
keysize: 30
key is: W3lc0m3tOjo1nu55un1ojOt3m0cl3W n
In faith I do not love thee with mine eyes,For they in thee a thousand errors note;But `tis my heart that loves what they despise,Who in despite of view is pleased to dote.Nor are mine ears with thy tongue`s tune delighted;Nor tender feeling to base touches prone,Nor taste, nor smell, desire to be invitedTo any sensual feast with thee alone.But my five wits, nor my five senses canDissuade one foolish heart from serving thee,Who leaves unswayed the likeness of a man,Thy proud heart`s slave and vassal wretch to be.Only my plague thus far I count my gain,That she that makes me sin awards me pain.
keysize: 9
key is: mulpelOut n
s( u4hiN:9q07t:0upZ1+J r!1RS> A,w;!Fco.
F.* v)o h) 1gy3yflf*t0pMA: qr67c"ujG:h!/C2JIfmjui`Is:)vq-Zlu*uf7C17u.^^vdI6i7rF6]5N (6 f$yviu" *i< R}18g6!3}FDi g -*0fn{O0ounQ#W/nvudsH'm4jxyhc|niQv*G%d!2NI3 H u7fKno9N.* v$dbesgf jp?Uflaec"bFn*vc1 c"hqLdsS:}2BI2e?uostw8r|uZd/stZ1+MeudfRI iX }
n{d$s$6sw f&fd&s1/k?Opflf dcpOJt -B,10o:xKw:="fW5(oaul!]nl8>c<s/:e^K6dt'_BvoB 98nLvc.I )=ap5*`rn* 6jn Rv!8z-d&=tMueoe83uq^opQv>d0k2K_flz>ddHt:2x08Zm{26RWhR7xt"O3a^1y-!Pvk+D  6d"7kus`+ 2}y"Xpflaec&?lKv<#m e`n}kG!+u | BHfI36n	oO'w$>w8n6rgK1,J 7u.ZSvmM.|-!N*.Hna9wc3nu l" 5nu8
keysize: 2
key is: tr n
j/8w%v3nQ;'u'/(u<)rhX 5q'r>0LW)8|-q"&^a~06A.5!h-xgi/96{"Baly+j4gU|;&hu.5r<+rjX;l67~3LPauhdw"gIl;7rf5gms3xmw)x67j/@Za|t7o.u^4L+u'()!x nnTt$9-q>1LF68x7?7j^yh&~'5(!x*i{N.kbvl"N(vtdz&tH8l*noa3ieeiqSg4|"d>3PM$8u!s.aSl~'!I.5!h szXra'rr.KDal~d}&u^8o,od)"r<5oqSemW-e>3DP5}=dq(tkv&vkmgey6tlX 5vbu{gLM7qe!{iyu::t$)ri$q>[e j67i.QKaly!zggWwu&4E43!q<=xTv$95~j4	/wcdr>&]qm&:t$)ry6=}\np1dk&AFaw!?!iTtr0r')"`n1=xOo,91rl1LM&8e,z"*lptcvb 1doehpNw `'s>3MFatx/z)cHk;,|' gl}+1JUyai0xk#K$yc04&Htz5' )e<3|mNa-95e{3FKal~d}"(tvw::j8gqp$zkX 5q7d>!DQaQ1'p2hO8v::` .o0uI 2q'7j/DWaup/z4&V};0sia&v}7ymm$92vw)
keysize: 7
key is: zttpuvl n
d)8u$r+fW? w9!.u>(vpP 3u p >JW+9x5y" Zf|.8G.7 l5pgm(;(q}"Cetq+l0`Wb5 hw/1j4+tn_9b07|2HHiun`p yGj;5sb-omu7oy/x46n7HZgxs5q s^6M/m/(/%"p`Rt&8)i61JB1:f997h_}p.~!1/#f$o{O*sjvj&L6xrdx'pP0l,jhc-gcekpW<|$`91NC"8w w6iSjz #W 3!j!wbPrg{ pl MDcmz|u&sZ?m2ab) s8-gqUajU3k83FQ1e5dw,sux vilc}q6rh_"+xduyfHU?qc%|wu8;p<!ro v<Ek&j46m6YKgh~#diaWut",M45%v>#vRv&81fb4(u}jt>$\uu.:r .pg8;}^oh9dm"FDyy!= mL|r6v +<nh1?yKw$97vk3RC 8g-~:"lvpdt|.7dmdlhFw&d q =KFcu|7r)eLl92r! emy39JS}fk.vm#J ak0y0!Jjt3%!-}43ziIc373ey2BSilx`z 6zpw8;n oqv }iF.3q5e:9LQgU6%n<nO:w>"h (k7kqO 0p#/b/BSfwn!|4$Wy#8soe!tc9ml !:vq-
keysize: 19
key is: h{ct>aoQuaougultjj{ n
v&/qoe(MB  f 7.k$&hgI yd:W9%QV<9b-i</Bhi6|R5 {6tq)'.pa-B-ydm!zTi:8hm0<n5<t K  m%,y KHgkpkm-vI .*Wa zlf2fmi d? leSAB}g,h=rF2R3z='8!45sKSa988p 1TX?$q 9}yEZi5e &/9~4qt	A?k.cq[5waed&lV1p#yi+ rFdzjTt3d$z&<JB5894nfFq2 W.-?a<zm^8rdsa5LWftxze)oQ)o`zy%g!4zpMeuI$y7$B&feb3sln hsb}jh68yE2ctnfRM/ol=roQjn;g?.an<w Cj:e'7%;Lnfyd ofyWok/(L#5kb'yGm#*2fl*5xrd>+;xvx;;a%7ra(4aUy:"H'R]fdx99?q[n}!rk<?Ei$ yZn29)le-EZ rv7Y#9wwgdnd>)kujypb=E f#2XGt`1s5j_mq?g!twz86RSgyf*wz#I^9\d%b53Ijz-a.< r:yovm`>"2v|+@Uycdkl"dakR=/w9rpn$buQ<<f1.-:gPrJ64w*nQ y 5q bz-4rjT!'p97r1MKhbvei/Wn 7`ny he8cbmh,/Sp<

可以看出当运行出来的是明文的时候密钥为flag
答案
flag{W3lc0m3tOjo1nu55un1ojOt3m0cl3W}

[NCTF2019]easyRSA

题目

from flag import flag

e = 0x1337
p = 199138677823743837339927520157607820029746574557746549094921488292877226509198315016018919385259781238148402833316033634968163276198999279327827901879426429664674358844084491830543271625147280950273934405879341438429171453002453838897458102128836690385604150324972907981960626767679153125735677417397078196059
q = 112213695905472142415221444515326532320352429478341683352811183503269676555434601229013679319423878238944956830244386653674413411658696751173844443394608246716053086226910581400528167848306119179879115809778793093611381764939789057524575349501163689452810148280625226541609383166347879832134495444706697124741
n = p * q

assert(flag.startswith('NCTF'))
m = int.from_bytes(flag.encode(), 'big')
assert(m.bit_length() > 1337)

c = pow(m, e, n)
print(c)
# 10562302690541901187975815594605242014385201583329309191736952454310803387032252007244962585846519762051885640856082157060593829013572592812958261432327975138581784360302599265408134332094134880789013207382277849503344042487389850373487656200657856862096900860792273206447552132458430989534820256156021128891296387414689693952047302604774923411425863612316726417214819110981605912408620996068520823370069362751149060142640529571400977787330956486849449005402750224992048562898004309319577192693315658275912449198365737965570035264841782399978307388920681068646219895287752359564029778568376881425070363592696751183359

解题
已知n、p、q、c
但是算出来的phi与e不互素
所以要换一种方式来解

[NCTF2019]babyRSA

题目

from Crypto.Util.number import *
from flag import flag

def nextPrime(n):
    n += 2 if n & 1 else 1
    while not isPrime(n):
        n += 2
    return n

p = getPrime(1024)
q = nextPrime(p)
n = p * q
e = 0x10001
d = inverse(e, (p-1) * (q-1))
c = pow(bytes_to_long(flag.encode()), e, n)

# d = 19275778946037899718035455438175509175723911466127462154506916564101519923603308900331427601983476886255849200332374081996442976307058597390881168155862238533018621944733299208108185814179466844504468163200369996564265921022888670062554504758512453217434777820468049494313818291727050400752551716550403647148197148884408264686846693842118387217753516963449753809860354047619256787869400297858568139700396567519469825398575103885487624463424429913017729585620877168171603444111464692841379661112075123399343270610272287865200880398193573260848268633461983435015031227070217852728240847398084414687146397303110709214913
# c = 5382723168073828110696168558294206681757991149022777821127563301413483223874527233300721180839298617076705685041174247415826157096583055069337393987892262764211225227035880754417457056723909135525244957935906902665679777101130111392780237502928656225705262431431953003520093932924375902111280077255205118217436744112064069429678632923259898627997145803892753989255615273140300021040654505901442787810653626524305706316663169341797205752938755590056568986738227803487467274114398257187962140796551136220532809687606867385639367743705527511680719955380746377631156468689844150878381460560990755652899449340045313521804

解题
已知e、d、c还需要知道n就可以求解了

from Crypto.Util.number import *
from gmpy2 import *

e = 0x10001
d = 19275778946037899718035455438175509175723911466127462154506916564101519923603308900331427601983476886255849200332374081996442976307058597390881168155862238533018621944733299208108185814179466844504468163200369996564265921022888670062554504758512453217434777820468049494313818291727050400752551716550403647148197148884408264686846693842118387217753516963449753809860354047619256787869400297858568139700396567519469825398575103885487624463424429913017729585620877168171603444111464692841379661112075123399343270610272287865200880398193573260848268633461983435015031227070217852728240847398084414687146397303110709214913
c = 5382723168073828110696168558294206681757991149022777821127563301413483223874527233300721180839298617076705685041174247415826157096583055069337393987892262764211225227035880754417457056723909135525244957935906902665679777101130111392780237502928656225705262431431953003520093932924375902111280077255205118217436744112064069429678632923259898627997145803892753989255615273140300021040654505901442787810653626524305706316663169341797205752938755590056568986738227803487467274114398257187962140796551136220532809687606867385639367743705527511680719955380746377631156468689844150878381460560990755652899449340045313521804

kphi = e*d - 1

for k in range(1, e):
    if kphi % k == 0:
        phi = kphi // k
        root = iroot(phi, 2)[0]
        for p in range(root - 2000, root + 2000):
            if phi % (p-1) == 0: break
        else: continue
        break

q = phi//(p-1) + 1
m = pow(c, d, p*q)
print(long_to_bytes(m))

运行得到b'NCTF{70u2_nn47h_14_v3ry_gOO0000000d}'
答案
flag{70u2_nn47h_14_v3ry_gOO0000000d}

无名函数
关注
  • 0
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
BUUCTF [NCTF2019]babyRSA解题思路
weixin_45441024的博客
11-29 2452
BUUCTF [NCTF2019]babyRSA 这是一道RSA的题目,前几天看祥云杯的RSA做到自闭,做点简单的题转换一下心情。 下载文件之后是一个压缩包,里面有一个py文件,题目如下: from Crypto.Util.number import * from flag import flag def nextPrime(n): n += 2 if n & 1 else 1 while not isPrime(n): n += 2 return n p
BUUCTF——rsa系列(4)
Luiino的博客
07-27 3974
给了c、z、n以及e分析一下,首先是它的作用是进行求导,前一个参数表示求导的内容,后一个参数表示求导的主体,如意思是以p为主体对求导得到1/(1+),同理得到1/(1-)。其次对于如Fraction(1,Derivative(arctan(p),p))是以1为分子,以Derivative(arctan(p),p)为分母,这样一来可以得到关系式z=可以进一步得到下面的关系式=z-2n,=z+2n,敲代码解出p、q。............
BuuCTF [2019红帽杯]easyRE
最新发布
m0_74154467的博客
06-15 351
Buuctf解题思路
BUUCTF笔记之Crypto部分WriteUp(一)
克格莫
05-08 1294
1、RSA1 直接上代码: import gmpy2 as gp p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229 q = 12640674973996472769176047937170883420927050821480010581
2021-07-25
m0_57291352的博客
07-25 692
[XNUCA2018]Warmup 题目 Buggy_Server.py from Crypto.Util.number import bytes_to_long, getPrime from random import randint from gmpy2 import powmod import sys p = getPrime(1024) q = getPrime(1024) N = p*q Phi = (p-1)*(q-1) with open("flag", 'r') as fr: flag
BvSshClient-Inst__8.49.exe(2021-07-23)
07-26
Bitvise SSH Client是款window上不错的免费的ssh客户端,支持SFTP, tunneling, terminal, FTP­to­SFTP bridge。除了支持比较重要的动态端口转发外,还支持多帐号登录、图形界面的SFTP、远程桌面等。...
2019-2020中国人工智能计算力发展评估报告[2021-07-23](32页).pdf
05-18
2019-2020中国人工智能计算力发展评估报告[2021-07-23](32页).pdf
2016至2045年新兴科技趋势(英文版)[2021-07-23](35页).pdf
05-18
2016至2045年新兴科技趋势(英文版)[2021-07-23](35页).pdf
【FutureScout,LLC】2016至2045年新兴科技趋势(英文版)[2021-07-23](35页).pdf
05-06
【FutureScout,LLC】2016至2045年新兴科技趋势(英文版)[2021-07-23](35页).pdf
Pipeline-Trigger-2021-04-07T23-24-34.883Z:为工具链创建
04-08
App4UITest 用于功能性End2End系统测试 部署和测试用Jade编写的节点应用程序
ctf-writeup-crawler:CTF撰写的检索器
04-27
ctf-writeup-crawler CTF撰写的检索器 请确保已在配置了以下内容的计算机上安装并运行PostgreSQL 确保有一个名为ctfcrawler的数据库 确保有一个postgres用户/密码:ctfcrawler / ctfcrawler 该程序是在Eclipse IDE上开发的。 要运行,可以将文件夹导入Eclipse并使用Eclipse运行,或者使用“ jar xf”提取jar文件并使用“ java”运行 WebCrawlerDriver 用于启动WebCrawler的驱动程序类。 要运行,“ java WebCrawlerDriver” 数据库前端 用于查询的数据库前端。 要运行,“ java DatabseFrontend” WhiteList_Domains.txt 包含爬网期间允许的域 Categories.txt 包含在爬网期间标记链接的类别 Po
NCTF 2019 Re Writeup(四题)
siphre
11-25 889
reverse 一、DEBUG ELF动态调试,flag长度24字节,用户输入的字符串跟经过处理后的字符串s做校验。因为变量s是经过处理的,得在cmp dl,al下断看eax寄存器的值,可以看到最终比较的时候s的值。 手抄s的值出来,再python翻译成字符串即可。 flag=[0x4E,0x43,0x54,0x46,0x7b,0x6a,0x75,0x73,0x74,0x5f,0x6...
nctf-密码
电风
03-30 3511
1…….KeyBoard 题目提示:看键盘看键盘看键盘! ytfvbhn tgbgy hjuygbn yhnmki tgvhn uygbnjm uygbn yhnijm直接在键盘上画出来,没有什么规律,只是一串字母 一目了然:areuhack2……base64全家桶R1pDVE1NWlhHUTNETU4yQ0dZWkRNTUpYR00zREtNWldHTTJES 1JSV0dJM0RDTlpU
BUUCTF Crypto [NCTF2019]childRSA wp
hsqGOD's blog
03-16 2935
这一道RSA打开加密算法乍一看感觉没有问题,N特别大,除了p和q的生成算法啥都没给,于是我们去查了一下 Crypto.Util.number 中的sieve_base,发现这是前10000个素数的生成列表,我们再去查一下第10000个素数的值为104729 不过就算我们知道了这个值的大小似乎还是得不到结果,从这个p,q的生成算法中,我们可以知道其是由小于104729的素数随机组合生成的,在这里我...
[ACTF新生赛2020]crypto-des
weixin_44110537的博客
07-22 1183
题目 分析 打开提示 提示说要了解一些c语言的数据类型. 打开encryptedkey.txt 一看数据范围就知道该类型是double类型 可是有什么用呢 难道提示压缩包的密码是double吗?,是不是太简单了,毕竟直接爆破就可以得到. 不管先爆破再说. 于是理所当然,爆破失败. 于是想这数据究竟能给出什么信息呢,试着转化为内部存储模式. 再去解码 解得key 打开压缩包是一个加密脚本 import pyDes import base64 from FLAG import flag deskey
[ACTF新生赛2020]crypto-des(考点:DES)
MikeCoke的博客
02-18 1917
题目:给了三个文件,附件1和附件2,以及加密的 easydes.zip 压缩包,通过解密附件1,2以获取解密 zip 的 key 附件1 encryptedkey.txt 72143238992041641000000.000000, 77135357178006504000000000000000.000000, 1125868345616435400000000.000000, 67378029765916820000000.000000, 7555348609218470300000000000
BUUCTF Crypto [GWCTF 2019]BabyRSA、[BJDCTF2020]easyrsa
qtL0ng的博客
06-05 2351
一、题目 下载题目得到encrypt.py和secret两个文件 先来看看加密算法: import hashlib import sympy from Crypto.Util.number import * flag = 'GWHT{******}' secret = '******' assert(len(flag) == 38) half = len(flag) / 2 flag1 = flag[:half] flag2 = flag[half:] secret_num = getPrime(
参数名称:period,数据类型:字符串,当前值:2021-07-16 ~ 2021-07-23,显示格式:自动,容许值:全部。现在维度A=[PERIOD],对A这个维度解析
06-13
根据您提供的信息,A维度的取值为[PERIOD],即A维度的值为2021-07-16 ~ 2021-07-23。这个维度可以用于数据分析和可视化,例如,可以使用这个维度来筛选和展示在2021-07-16 ~ 2021-07-23期间发生的事件或者数据。在数据报表中,您可以使用这个维度来创建一个时间范围的过滤器或者分组器,以便更好地分析数据。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值