第二届“钓鱼城杯”网络安全大赛-WP

最新推荐文章于 2024-05-27 13:06:08 发布
最新推荐文章于 2024-05-27 13:06:08 发布
阅读量1.1k 收藏 3
点赞数 2
文章标签: web安全 php 网络
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_61155226/article/details/130983811
版权

Web

一点点魔法

Target: http://1.13.245.197:9895/

[22:21:56] Starting:

[22:21:58] 403 - 220B - /.ht_wsr.txt

[22:21:58] 403 - 223B - /.htaccess.bak1

[22:21:58] 403 - 223B - /.htaccess.save

[22:21:58] 403 - 223B - /.htaccess.orig

[22:21:58] 403 - 225B - /.htaccess.sample

[22:21:58] 403 - 224B - /.htaccess_extra

[22:21:58] 403 - 223B - /.htaccess_orig

[22:21:58] 403 - 221B - /.htaccess_sc

[22:21:58] 403 - 221B - /.htaccessOLD

[22:21:58] 403 - 221B - /.htaccessBAK

[22:21:58] 403 - 213B - /.htm

[22:21:58] 403 - 222B - /.htaccessOLD2

[22:21:58] 403 - 220B - /.httr-oauth

[22:21:58] 403 - 223B - /.htpasswd_test

[22:21:59] 403 - 214B - /.html

[22:21:59] 403 - 219B - /.htpasswds

[22:22:24] 405 - 0B - /index.php

[22:22:24] 405 - 0B - /index.php/login/

[22:22:37] 403 - 223B - /server-status/

[22:22:37] 403 - 222B - /server-status

Task Completed

GET访问,无法访问到,抓包修改为POST,得到提示:Tips: Must be accessed from Xiaohong's own computer.

我们修改一下X-Forwarded-For:127.0.0.1

Flag: flag{ef15892ef92c8d1ce18b603415040d3c}

网络管理系统

Target: http://1.13.245.197:9560/#/

[22:20:12] Starting:

[22:20:15] 403 - 300B - /.ht_wsr.txt

[22:20:15] 403 - 303B - /.htaccess.bak1

[22:20:15] 403 - 303B - /.htaccess.orig

[22:20:15] 403 - 305B - /.htaccess.sample

[22:20:15] 403 - 303B - /.htaccess.save

[22:20:15] 403 - 304B - /.htaccess_extra

[22:20:15] 403 - 303B - /.htaccess_orig

[22:20:15] 403 - 301B - /.htaccess_sc

[22:20:15] 403 - 301B - /.htaccessBAK

[22:20:15] 403 - 301B - /.htaccessOLD

[22:20:15] 403 - 302B - /.htaccessOLD2

[22:20:15] 403 - 293B - /.htm

[22:20:15] 403 - 294B - /.html

[22:20:15] 403 - 303B - /.htpasswd_test

[22:20:15] 403 - 299B - /.htpasswds

[22:20:15] 403 - 300B - /.httr-oauth

[22:20:30] 301 - 320B - /assets -> http://1.13.245.197:9560/assets/

[22:20:30] 403 - 296B - /assets/

[22:20:33] 200 - 0B - /config.php

[22:20:41] 200 - 2KB - /index.php

[22:20:41] 200 - 3KB - /index.php.bak

[22:20:46] 200 - 2KB - /index.php/login/

[22:20:55] 403 - 302B - /server-status

[22:20:55] 403 - 303B - /server-status/

Task Completed

存在SQL注入,直接数组绕过:

password[]=1&username=admin[]=1

然后就是命令执行了%0d

ip=127.0.0.1%0dls

有长度限制,我们绕过长度限制,查看pin15558823456g.php

这里%0d之后只能跟4个字符;发现是对全部的长度限制,我们重新构造

ip=8.0.0.1%0dls /

数据库账号密码泄露了,不知道是不是这样做的,再扫描一下开放的端口

└─# masscan 1.13.245.197 -p 0-65535 --rate=1000

Starting masscan 1.3.2 (http://bit.ly/14GZzcT) at 2023-05-10 05:46:27 GMT

Initiating SYN Stealth Scan

Scanning 1 hosts [65536 ports/host]

Discovered open port 10000/tcp on 1.13.245.197

Discovered open port 9560/tcp on 1.13.245.197

Discovered open port 110/tcp on 1.13.245.197

Discovered open port 7677/tcp on 1.13.245.197

Discovered open port 9080/tcp on 1.13.245.197

Discovered open port 7678/tcp on 1.13.245.197

Discovered open port 9895/tcp on 1.13.245.197

Discovered open port 25/tcp on 1.13.245.197

Discovered open port 9051/tcp on 1.13.245.197

Discovered open port 22/tcp on 1.13.245.197

胖虎

感觉是文件上传,先扫描一下把

Target: http://1.13.245.197:9051/

[01:27:37] Starting:

[01:27:40] 403 - 300B - /.ht_wsr.txt

[01:27:40] 403 - 303B - /.htaccess.bak1

[01:27:41] 403 - 305B - /.htaccess.sample

[01:27:41] 403 - 303B - /.htaccess.save

[01:27:41] 403 - 303B - /.htaccess.orig

[01:27:41] 403 - 303B - /.htaccess_orig

[01:27:41] 403 - 304B - /.htaccess_extra

[01:27:41] 403 - 301B - /.htaccess_sc

[01:27:41] 403 - 301B - /.htaccessBAK

[01:27:41] 403 - 301B - /.htaccessOLD

[01:27:41] 403 - 302B - /.htaccessOLD2

[01:27:41] 403 - 294B - /.html

[01:27:41] 403 - 303B - /.htpasswd_test

[01:27:41] 403 - 293B - /.htm

[01:27:41] 403 - 299B - /.htpasswds

[01:27:41] 403 - 300B - /.httr-oauth

[01:27:55] 200 - 550B - /admin_login.php

[01:28:05] 200 - 86B - /checklogin.php

[01:28:17] 200 - 1KB - /index.php

[01:28:17] 200 - 1KB - /index.php/login/

[01:28:35] 403 - 302B - /server-status

[01:28:35] 403 - 303B - /server-status/

[01:28:50] 200 - 203KB - /www.zip

Task Completed

sqliBlind

感觉是SQL注入,先扫描一下把

Target: http://1.13.245.197:9080/

[01:30:49] Starting:

[01:30:52] 403 - 300B - /.ht_wsr.txt

[01:30:52] 403 - 303B - /.htaccess.bak1

[01:30:52] 403 - 303B - /.htaccess.orig

[01:30:52] 403 - 303B - /.htaccess.save

[01:30:52] 403 - 301B - /.htaccessBAK

[01:30:52] 403 - 305B - /.htaccess.sample

[01:30:52] 403 - 301B - /.htaccess_sc

[01:30:52] 403 - 304B - /.htaccess_extra

[01:30:52] 403 - 301B - /.htaccessOLD

[01:30:52] 403 - 303B - /.htaccess_orig

[01:30:52] 403 - 302B - /.htaccessOLD2

[01:30:52] 403 - 293B - /.htm

[01:30:52] 403 - 294B - /.html

[01:30:52] 403 - 299B - /.htpasswds

[01:30:52] 403 - 300B - /.httr-oauth

[01:30:52] 403 - 303B - /.htpasswd_test

[01:31:16] 301 - 317B - /css -> http://1.13.245.197:9080/css/

[01:31:24] 200 - 23B - /index.php

[01:31:24] 200 - 23B - /index.php/login/

[01:31:27] 200 - 2KB - /login.php

[01:31:40] 403 - 302B - /server-status

[01:31:40] 403 - 303B - /server-status/

Task Completed

Crypto

mikumiku

Hex

Html Entity

Base64

ASCII

flag{8ea44e39c914c5ddfbb9808c10033421}

hafuhafu


题目给出n,e和base64加密后的c,简单的RSA,脚本如下:

import gmpy2
from Crypto.Util.number import *
import base64

e = 65537
n = 25572000680139535995611501720832880791477922165939342981900803052781801299380515116746468338767634903543966903733806796606602206278399959935132433794098659859300196212479681357625729637405673432324426686371817007872620401911782200407165085213561959188129407530503934445657941975876616947807157374921539755157591354073652053446791467492853468641331291383821277151309959102082454909164831353055082841581194955483740168677333571647148118920605752176786316535817860771644086331929655259439187676703604894258185651165017526744816185992824404330229600417035596255176459265305168198215607187593109533971751842888237880624087
p = 149930380465516707151079321019435489399072155945793735032334088844599773034021170995501688132861944516938448679935403246643441984203770825485165700862168437691254557323938150173733659070945061763789341407547559935070758242521126066900261360899379463301621378242061934281538210192731229473900396425739817670867
q = 170559166199281256887953076784727902849936084815549184550874370897326056825177365209113910954088389779180174518262922176726833811470419181874717574929460298509184863124213663255559781224744696195678069242025195218017449489985102637547369070225979448169459840545693721393354651993457943927480894225788038743661
phi = (p - 1) * (q - 1)
d = gmpy2.invert(e, phi)

c_str = 'DTlEiAKLE24m19es4TBWl4Uo2MvmQMEYqWBCFggWJlJSjCwl3fT9322ytgudiQW2raDh53e6t2edygpFOP+MsAPXlU469rlmVng5JyDl0CF0ypevnaM5i+CvNT2mBoDadIYnPBVGMtj9HVVPDpMIgv5bF9N5ddQS7JB21oDdQBdDLTkKvcSqegtjNFv04R8+yrqOMZYpzdCRRw0j/MMt2JefC6z36mjrTL85A9EKlwKg5ydW7qELycfjBvzB/cwJ7mJ2I0xVPToa3sSLNDyddFttATwU6wmCa4XaWpTwVR/PfET2FRj0p+8UwYSDdlLLh6gRUVURpT+2jc9zx/rhOw=='
c = bytes_to_long(base64.b64decode(c_str))
m = pow(c,d,n)
print(long_to_bytes(m))
//flag{D0nT_uS3_Th3_kN0w_n}

crypto1

import  gmpy2
from Crypto.Util.number import *
c1=163820585866464748037603720038892832306554988255206332863466690031251112393421587550794518466136449805972150046258007843678810670858951387865544768705860991912961811815403716953592063388227590617471347829805148489681889353092402164643007648065816490395610440358210631794473074518280532005297323838015000696012544093096729757248560313800119985077628515064121290046849842744649645290768993658687322260767120966685347950282971463554789285475522426817366147609763855420569516751283073981560233583052224238576709207099742418240326781531079937393665507293492304460161648982800074101163393514977619796309524278704876480025742024160221890561273557038260189577859945055862584556222614337893856036135407528568963925417637444291244325443939058848883360791328763182036736991538226734334763710031379376903812920870564906505631446736446351432678455275793428547686664667539262939321057216659646680245853118886811477642137593470574356360886586517623917262716025748350280034971229225621439570870095238910932174538777011907435005615951965481796660744335386804670981037480723346003591779345801230978946027215192726050182071464556997361600570176261668330138026540849862934790571484498436157306820319598552136374283506981655462848489790309701474742231765
n=839123934774248293554478900304805652005840721338630070412976096583047842775036231818774021937639649434688167897414096334116238084902194754637764024750792816721392354301739479608067847343792597904131386883826936202738091643779024125141255264223247609242732797223111375906539968766539699070553220024835237726906103489324159983224252110158455246369757060858217509822937163152185972444899932745256697748371372158650749600653559864702036394611754651413137001635037310384486835415211127040685857231115447354804277699698486014015179198727374388217592948103504783273235502069953842424278640309430812418432009515965525235385145845104436993038590088545931577484359861647891101843425163557830467877799969686630827090586068831286572090214049241078519089880483666226861834918996928339953135949773709823413539900554860599681940844430108740145857463465317542463460369739470382431178811713605099730666854586750420573809975950891432736357055207659867908960389714343184134892741009452909757459817636609433427812924456782545899375540553326445169985403837463499577711582154287873330657825693756960147166773280203881994461147955853897180714973259859345569061880741001595805100970589056125774856383495601030032566633812017502429733745385901436096392471289
e1=806324329
c2=273242589426480927826167181440879042261352093903608434884600905569452427185873771727772405404505268635334400366319247889103997045566310053661596019565754930974302295439331258267831862178643151110272578792132366938072461672903904131261872916290092535496394107067073669859724326918200655564533782970003007228779265786965898584930920671749110403164178828194786698903692367972071819235589738473333448909143263601696287295696594333362374640947177450581133679785322780121777626014738094838546764265270540875237752587231957198655334919482389040609616499842407581630400649266699612327355801522626608567074516199161612041393966746535463537504182396463306145605244107129067775658018376118992392243654356151728789607874911337696728619623272935933692059586381093273314357325686727609120412886454183336002684696756892485413467576457476017669378668920561188578039728356555469910921968008598794341024437414411415025750797861498237313315133504763627579092827456484850672726497492397166505646338025210493939717283132813965892266364677296542793933736272452657509115949431627829562871153172728793514100920642454624860024655189013182334029353933043493447139401983635409889928162529397033633451464690205097492717456395000561496206701612814279836034509030
e2=981665371

# 解题模板
s1 = int(gmpy2.gcdext(e1,e2)[1])
s2 = int(gmpy2.gcdext(e1,e2)[2])
m = pow(c1,s1,n) * pow(c2,s2,n) %n
flag = long_to_bytes(m)
print(flag)

crypto2

n = 8604206664806745342168308407736664243779255857304203559954887795876314292548808824569221326135442951396570846730905060035093483091560994483766999321792528742385522688674491325318243227665651447454225684489922429130701999583472403938977116046240939097443373997461261268576566757297338922187501639574851029992578820698058472586961747714012538193674494758948475663291020567990855344532515152207300039545667460492842519422816159286385691631813719409268620014517296396144435387913805962148004421071107300134917

e = 65537

dp = 5322568719169737161435373804079374052963099217986542304765220927456862340459918748565303396239095461305158145873483711181078415768561073654821282898895792014510875476759654876641542774715410624823541347

c = 7713010941776018394460937838688101138886389440124967436362634520453525787263803153048839218904596792025221739398376160611187175949223252314089684537538587279344619934441104448127018949686378560731689286639199775823979889880011530090416478590812561931551073004551522758033697758211066364688996430692968155580514545636400072748535651733331992209003506999556029761752106288763442020289094502293759308446402753316908997325117590363436976980346946963276901401118341392396023155471904168993033594607832278309287
import gmpy2
import libnum
e = 65537
n = 8604206664806745342168308407736664243779255857304203559954887795876314292548808824569221326135442951396570846730905060035093483091560994483766999321792528742385522688674491325318243227665651447454225684489922429130701999583472403938977116046240939097443373997461261268576566757297338922187501639574851029992578820698058472586961747714012538193674494758948475663291020567990855344532515152207300039545667460492842519422816159286385691631813719409268620014517296396144435387913805962148004421071107300134917
c = 7713010941776018394460937838688101138886389440124967436362634520453525787263803153048839218904596792025221739398376160611187175949223252314089684537538587279344619934441104448127018949686378560731689286639199775823979889880011530090416478590812561931551073004551522758033697758211066364688996430692968155580514545636400072748535651733331992209003506999556029761752106288763442020289094502293759308446402753316908997325117590363436976980346946963276901401118341392396023155471904168993033594607832278309287
dp = 5322568719169737161435373804079374052963099217986542304765220927456862340459918748565303396239095461305158145873483711181078415768561073654821282898895792014510875476759654876641542774715410624823541347

p=gmpy2.gcd(pow(2,e*dp,n)-2,n)
print(p)
for i in range(1, e):
    p = (dp * e - 1) // i + 1
    if n % p == 0:
        q = n // p
        print(p)
        break

phi_n = (p - 1) * (q - 1)
d = gmpy2.invert(e, phi_n)
m = pow(c, d, n)
print(m)
flag = libnum.n2s(int(m))
print(flag)

crepper?

第一次做nc的密码题,没有什么头绪

[+]proof: skr=os.urandom(8)
[+]hashlib.sha256(skr).hexdigest()=00fa16e31f6ce084cdcbebeb73c6f37898e7ad83f5a3b04a5688b7ba05d83007
[+]skr[0:5].encode('hex')=1e9c0657bf
[-]skr.encode('hex')=

#!/usr/bin/env python
# -*- coding: UTF-8 -*-
'''
@File    :NCCRYP.py
@IDE     :PyCharm 
@Author  :SlackMoon安全
@Date    :2023/5/10 15:10 
'''
from Crypto.Util.number import *
import hashlib

for i in range(10000,20000000):
	tar = 0x1e9c0657bf
	payload = long_to_bytes(i)
	payload = long_to_bytes(tar) + payload
	if hashlib.sha256(payload).hexdigest() == '00fa16e31f6ce084cdcbebeb73c6f37898e7ad83f5a3b04a5688b7ba05d83007' :
		print(i)
		break
#1e9c0657bf8c295e

输入后得到题目

[+]Generating challenge 1


[+]n=13112061820685643239663831166928327119579425830632458568801544406506769461279590962772340249183569437559394200635526183698604582385769381159563710823689417274479549627596095398621182995891454516953722025068926293512505383125227579169778946631369961753587856344582257683672313230378603324005337788913902434023431887061454368566100747618582590270385918204656156089053519709536001906964008635708510672550219546894006091483520355436091053866312718431318498783637712773878423777467316605865516248176248780637132615807886272029843770186833425792049108187487338237850806203728217374848799250419859646871057096297020670904211 

[+]e=3

[+]m=random.getrandbits(512)

[+]c=pow(m,e,n)=15987554724003100295326076036413163634398600947695096857803937998969441763014731720375196104010794555868069024393647966040593258267888463732184495020709457560043050577198988363754703741636088089472488971050324654162166657678376557110492703712286306868843728466224887550827162442026262163340935333721705267432790268517

[+]((m>>72)<<72)=2519188594271759205757864486097605540135407501571078627238849443561219057751843170540261842677239681908736

[-]long_to_bytes(m).encode('hex')=

import gmpy2
from Crypto.Util.number import long_to_bytes

c =15987554724003100295326076036413163634398600947695096857803937998969441763014731720375196104010794555868069024393647966040593258267888463732184495020709457560043050577198988363754703741636088089472488971050324654162166657678376557110492703712286306868843728466224887550827162442026262163340935333721705267432790268517
m = gmpy2.iroot(c,3)[0]
print(long_to_bytes(m))

//b'FLAG{2^8rsa7589693fc689c77c5f5262d654272427}'
//464c41477b325e3872736137353839363933666336383963373763356635323632643635343237323432377d

输入Hex后的Flag得到下一题:

[+]Generating challenge 2

[+]n=12784625729032789592766625203074018101354917751492952685083808825504221816847310910447532133616954262271205877651255598995305639194329607493047941212754523879402744065076183778452640602625242851184095546100200565113016690161053808950384458996881574266573992526357954507491397978278604102524731393059303476350167738237822647246425836482533150025923051544431330502522043833872580483142594571802189321599016725741260254170793393777293145010525686561904427613648184843619301241414264343057368192416551134404100386155751297424616254697041043851852081071306219462991969849123668248321130382231769250865190227630009181759219 

[+]e=65537

[+]m=random.getrandbits(512)

[+]c=pow(m,e,n)=627824086157119245056478875800598959553774250161670787506083253960788230737588761787385686125828765665617567887904228030839535317987589608761534500003128247164233774794784231518212804270056404565710426613938264302998015421153393879729263551292024543756422702956470022959537221269172084619081368498693930550456153543628170306324206266216348386707008661128717431426237486511309767286175518238620230507201952867261283880986868752676549613958785288914989429224582849218395471672295410036858881836363364885164276983237312235831591858044908369376855484127614933545955544787160352042318378588039587911741028067576722790778

[+]((p>>128)<<128)=97522826022187678545924975588711975512906538181361325096919121233043973599759518562689050415761485716705615149641768982838255403594331293651224395590747133152128042950062103156564440155088882592644046069208405360324372057140890317518802130081198060093576841538008960560391380395697098964411821716664506908672

[-]long_to_bytes(m).encode('hex')=

import gmpy2
import binascii
from Crypto.Util.number import long_to_bytes 

e = 65537
n = 12784625729032789592766625203074018101354917751492952685083808825504221816847310910447532133616954262271205877651255598995305639194329607493047941212754523879402744065076183778452640602625242851184095546100200565113016690161053808950384458996881574266573992526357954507491397978278604102524731393059303476350167738237822647246425836482533150025923051544431330502522043833872580483142594571802189321599016725741260254170793393777293145010525686561904427613648184843619301241414264343057368192416551134404100386155751297424616254697041043851852081071306219462991969849123668248321130382231769250865190227630009181759219
c = 627824086157119245056478875800598959553774250161670787506083253960788230737588761787385686125828765665617567887904228030839535317987589608761534500003128247164233774794784231518212804270056404565710426613938264302998015421153393879729263551292024543756422702956470022959537221269172084619081368498693930550456153543628170306324206266216348386707008661128717431426237486511309767286175518238620230507201952867261283880986868752676549613958785288914989429224582849218395471672295410036858881836363364885164276983237312235831591858044908369376855484127614933545955544787160352042318378588039587911741028067576722790778
p = 97522826022187678545924975588711975512906538181361325096919121233043973599759518562689050415761485716705615149641768982838255403594331293651224395590747133152128042950062103156564440155088882592644046069208405360324372057140890317518802130081198060093576841538008960560661715295741651653499691458486798196487
q = 131093675711613661161476275473445206682597559447006571385482255727609238786596952165801814021602699749876712682307789568113374768689632642728986573211776526473651771104432443501294668372441525987174391472994271054873305324343666279426741897612827889525440428582592216151586138881806196331920758968403508531637
phi = (q-1) * (p-1)
d = gmpy2.invert(e,phi)
m = gmpy2.powmod(c,d,n)

print(long_to_bytes(m))
print(binascii.hexlify(long_to_bytes(m)))

b'FLAG{2^8rsa6e277f355dbe6da3edd6f356d2db6d6f}'
b'464c41477b325e3872736136653237376633353564626536646133656464366633353664326462366436667d'

输入得到下一题:

[+]Generating challenge 3


[+]n=92896523979616431783569762645945918751162321185159790302085768095763248357146198882641160678623069857011832929179987623492267852304178894461486295864091871341339490870689110279720283415976342208476126414933914026436666789270209690168581379143120688241413470569887426810705898518783625903350928784794371176183 

[+]e=3

[+]m=random.getrandbits(512)

[+]c=pow(m,e,n)=56164378185049402404287763972280630295410174183649054805947329504892979921131852321281317326306506444145699012788547718091371389698969718830761120076359634262880912417797038049510647237337251037070369278596191506725812511682495575589039521646062521091457438869068866365907962691742604895495670783101319608530

[+]d&((1<<512)-1)=787673996295376297668171075170955852109814939442242049800811601753001897317556022653997651874897208487913321031340711138331360350633965420642045383644955

def getFullP(low_p, n):
    R.<x> = PolynomialRing(Zmod(n), implementation='NTL')
    p = x*2^512 + low_p
    root = (p-n).monic().small_roots(X = 2^128, beta = 0.4)
    if root:
        return p(root[0])
    return None
    
def phase4(low_d, n, c,e):
    maybe_p = []
    for k in range(1, 4):
        p = var('p')
        p0 = solve_mod([e*p*low_d  == p + k*(n*p - p^2 - n + p)], 2^512)
        maybe_p += [int(x[0]) for x in p0]
    # print(maybe_p)    
    for x in maybe_p:
        P = getFullP(x, n)
        if P: break    
    P = int(P)
    Q = n // P    
    assert P*Q == n    
    d = inverse_mod(e, (P-1)*(Q-1))
    print(hex(power_mod(c, d, n))[2:])
    
n=92896523979616431783569762645945918751162321185159790302085768095763248357146198882641160678623069857011832929179987623492267852304178894461486295864091871341339490870689110279720283415976342208476126414933914026436666789270209690168581379143120688241413470569887426810705898518783625903350928784794371176183 
e=3
low_d = 787673996295376297668171075170955852109814939442242049800811601753001897317556022653997651874897208487913321031340711138331360350633965420642045383644955


phase4(low_d, n, c,e)

#464c41477b325e3872736135616230383637343566366563373435363139613862363566653465633536307d

输入后下一题

[+]Generating challenge 4

[+]e=3

[+]m=random.getrandbits(512)


[+]n1=78642188663937191491235684351005990853149481644703243255021321296087539054265733392095095639539412823093600710316645130404423641473150336492175402885270861906530337207734106926328737198871118125840680572148601743121884788919989184318198417654263598170932154428514561079675550090698019678767738203477097731989


[+]c1=pow(m,e,n1)=23419685303892339080979695469481275906709035609088426118328601771163101123641599051556995351678670765521269546319724616458499631461037359417701720430452076029312714313804716888119910334476982840024696320503747736428099717113471541651211596481005191146454458591558743268791485623924245960696651150688621664860



[+]n2==98174485544103863705821086588292917749386955237408645745685476234349659452606822650329076955303471252833860010724515777826660887118742978051231030080666542833950748806944312437614585352818344599399156268450521239843157288915059003487783576003027303399985723834248634230998110618288843582573006048070816520647

[+]c2=pow(m,e,n2)=72080679612442543693944655041130370753964497034378634203383617624269927191363529233872659451561571441107920350406295389613006330637565645758727103723546610079332161151567096389071050158035757745766399510575237344950873632114050632573903701015749830874081198250578516967517980592506626547273178363503100507676



[+]n3=91638855323231795590642755267985988356764327384001022396221901964430032527111968159623063760057482761918901490239790230176524505469897183382928646349163030620342744192731246392941227433195249399795012672172947919435254998997253131826888070173526892674308708289629739522194864912899817994807268945141349669311


[+]c3=pow(m,e,n3)=22149989692509889061584875630258740744292355239822482581889060656197919681655781672277545701325284646570773490123892626601106871432216449814891757715588851851459306683123591338089745675044763551335899599807235257516935037356212345033087798267959242561085752109746935300735969972249665700075907145744305255616

[-]long_to_bytes(m).encode('hex')=

from gmpy2 import *
from Crypto.Util.number import *
from functools import reduce
import random
e=3
m=random.getrandbits(512)
n1=78642188663937191491235684351005990853149481644703243255021321296087539054265733392095095639539412823093600710316645130404423641473150336492175402885270861906530337207734106926328737198871118125840680572148601743121884788919989184318198417654263598170932154428514561079675550090698019678767738203477097731989
c1=23419685303892339080979695469481275906709035609088426118328601771163101123641599051556995351678670765521269546319724616458499631461037359417701720430452076029312714313804716888119910334476982840024696320503747736428099717113471541651211596481005191146454458591558743268791485623924245960696651150688621664860
n2=98174485544103863705821086588292917749386955237408645745685476234349659452606822650329076955303471252833860010724515777826660887118742978051231030080666542833950748806944312437614585352818344599399156268450521239843157288915059003487783576003027303399985723834248634230998110618288843582573006048070816520647
c2=72080679612442543693944655041130370753964497034378634203383617624269927191363529233872659451561571441107920350406295389613006330637565645758727103723546610079332161151567096389071050158035757745766399510575237344950873632114050632573903701015749830874081198250578516967517980592506626547273178363503100507676
n3=91638855323231795590642755267985988356764327384001022396221901964430032527111968159623063760057482761918901490239790230176524505469897183382928646349163030620342744192731246392941227433195249399795012672172947919435254998997253131826888070173526892674308708289629739522194864912899817994807268945141349669311
c3=22149989692509889061584875630258740744292355239822482581889060656197919681655781672277545701325284646570773490123892626601106871432216449814891757715588851851459306683123591338089745675044763551335899599807235257516935037356212345033087798267959242561085752109746935300735969972249665700075907145744305255616
#long_to_bytes(m).encode('hex')=

N = [n1,n2,n3]
c = [c1,c2,c3]

def chinese_remainder(modulus, remainders):
    Sum = 0
    prod = reduce(lambda a, b: a*b, modulus)
    for m_i, r_i in zip(modulus, remainders):
        p = prod // m_i
        Sum += r_i * (inverse(p,m_i)*p)
    return Sum % prod
e = 3
pow_m_e = chinese_remainder(N,c)
m = iroot(pow_m_e,3)[0]
print(long_to_bytes(m))
#b'FLAG{2^8rsa8c5f3cff4bc095349fec65fc2263e878}'
#464c41477b325e3872736138633566336366663462633039353334396665633635666332323633653837387d

输入后下一题:

[+]Generating challenge 5


[+]n= 113604829563460357756722229849309932731534576966155520277171862442445354404910882358287832757024693652075211204635679309777620586814014894544893424988818766425089667672311645586528776360047956843961901352792631908859388801090108188344342619580661377758180391734771694803991493164412644148805229529911069578061


[+]e=7


[+]m=random.getrandbits(512)


[+]c=pow(m,e,n)=112992730284209629010217336632593897028023711212853788739137950706145189880318698604512926758021533447981943498594790549326550460216939216988828130624120379925895123186121819609415184887470233938291227816332249857236198616538782622327476603338806349004620909717360739157545735826670038169284252348037995399308


[+]x=pow(m+1,e,n)=112992730284209629010217336632593897028023711212853788739137950706145189880318698604512926758021552486915464025361447529153776277710423467951041523831865232164370127602772602643378592695459331174613894578701940837730590029577336924367384969935652616989527416027725713616493815764725131271563545176286794438175


[-]long_to_bytes(m).encode('hex')=

import binascii
def attack(c1, c2, n, e):
    PR.<x>=PolynomialRing(Zmod(n))
    g1 = x^e - c1
    g2 = (x+1)^e - c2
    
    def gcd(g1, g2):
        while g2:
            g1, g2 = g2, g1 % g2
        return g1.monic()
    return -gcd(g1, g2)[0]
n= 113604829563460357756722229849309932731534576966155520277171862442445354404910882358287832757024693652075211204635679309777620586814014894544893424988818766425089667672311645586528776360047956843961901352792631908859388801090108188344342619580661377758180391734771694803991493164412644148805229529911069578061
e=7
c1=112992730284209629010217336632593897028023711212853788739137950706145189880318698604512926758021533447981943498594790549326550460216939216988828130624120379925895123186121819609415184887470233938291227816332249857236198616538782622327476603338806349004620909717360739157545735826670038169284252348037995399308
c2=112992730284209629010217336632593897028023711212853788739137950706145189880318698604512926758021552486915464025361447529153776277710423467951041523831865232164370127602772602643378592695459331174613894578701940837730590029577336924367384969935652616989527416027725713616493815764725131271563545176286794438175
m1 = attack(c1, c2, n, e)
print(m1)
print(binascii.unhexlify("%x" % int(m1)))
  
c = 16404985139084147094704300764850430964980485772400565266054075398380588297033201409914512724255440373095027298869259036450071617770755361938461322132693877590521575670718076480353565935028734363256919872879837455527948173237810119579078252909879868459848240229599708133153841801633280283847680255816123323196
x = 92463268823628386526871956385934776043432833035349654252757452728405540022093349560058649691620353528569690982904353035470935543182784600771655097406007508218346417446808306197613168219068573563402315939576563452451487014381380516422829248470476887447827532913133023890886210295009811931573875721299817276803

#2519188594271759205757864485636246725747814635521266738394314968508953885010717495394569603836620104361341
#b'FLAG{2^8rsa398cf8df7c26661bb7cb65b2b9fae25e}'
#'464c41477b325e3872736133393863663864663763323636363162623763623635623262396661653235657d'

输入后得到下一题:

[+]Generating challenge 6


[+]n=0xbadd260d14ea665b62e7d2e634f20a6382ac369cd44017305b69cf3a2694667ee651acded7085e0757d169b090f29f3f86fec255746674ffa8a6a3e1c9e1861003eb39f82cf74d84cc18e345f60865f998b33fc182a1a4ffa71f5ae48a1b5cb4c5f154b0997dc9b001e441815ce59c6c825f064fdca678858758dc2cebbc4d27L 

[+]d=random.getrandbits(1024*0.270)

[+]e=invmod(d,phin)

[+]hex(e)=0x11722b54dd6f3ad9ce81da6f6ecb0acaf2cbc3885841d08b32abc0672d1a7293f9856db8f9407dc05f6f373a2d9246752a7cc7b1b6923f1827adfaeefc811e6e5989cce9f00897cfc1fc57987cce4862b5343bc8e91ddf2bd9e23aea9316a69f28f407cfe324d546a7dde13eb0bd052f694aefe8ec0f5298800277dbab4a33bbL

[+]m=random.getrandbits(512)

[+]c=pow(m,e,n)=0xe3505f41ec936cf6bd8ae344bfec85746dc7d87a5943b3a7136482dd7b980f68f52c887585d1c7ca099310c4da2f70d4d5345d3641428797030177da6cc0d41e7b28d0abce694157c611697df8d0add3d900c00f778ac3428f341f47ecc4d868c6c5de0724b0c3403296d84f26736aa66f7905d498fa1862ca59e97f8f866cL

[-]long_to_bytes(m).encode('hex')=

import time

############################################
# Config
##########################################

"""
Setting debug to true will display more informations
about the lattice, the bounds, the vectors...
"""
debug = True

"""
Setting strict to true will stop the algorithm (and
return (-1, -1)) if we don't have a correct 
upperbound on the determinant. Note that this 
doesn't necesseraly mean that no solutions 
will be found since the theoretical upperbound is
usualy far away from actual results. That is why
you should probably use `strict = False`
"""
strict = False

"""
This is experimental, but has provided remarkable results
so far. It tries to reduce the lattice as much as it can
while keeping its efficiency. I see no reason not to use
this option, but if things don't work, you should try
disabling it
"""
helpful_only = True
dimension_min = 7 # stop removing if lattice reaches that dimension

############################################
# Functions
##########################################

# display stats on helpful vectors
def helpful_vectors(BB, modulus):
    nothelpful = 0
    for ii in range(BB.dimensions()[0]):
        if BB[ii,ii] >= modulus:
            nothelpful += 1

    print( nothelpful, "/", BB.dimensions()[0], " vectors are not helpful")

# display matrix picture with 0 and X
def matrix_overview(BB, bound):
    for ii in range(BB.dimensions()[0]):
        a = ('%02d ' % ii)
        for jj in range(BB.dimensions()[1]):
            a += '0' if BB[ii,jj] == 0 else 'X'
            if BB.dimensions()[0] < 60:
                a += ' '
        if BB[ii, ii] >= bound:
            a += '~'
        print( a)

# tries to remove unhelpful vectors
# we start at current = n-1 (last vector)
def remove_unhelpful(BB, monomials, bound, current):
    # end of our recursive function
    if current == -1 or BB.dimensions()[0] <= dimension_min:
        return BB

    # we start by checking from the end
    for ii in range(current, -1, -1):
        # if it is unhelpful:
        if BB[ii, ii] >= bound:
            affected_vectors = 0
            affected_vector_index = 0
            # let's check if it affects other vectors
            for jj in range(ii + 1, BB.dimensions()[0]):
                # if another vector is affected:
                # we increase the count
                if BB[jj, ii] != 0:
                    affected_vectors += 1
                    affected_vector_index = jj

            # level:0
            # if no other vectors end up affected
            # we remove it
            if affected_vectors == 0:
                print( "* removing unhelpful vector", ii)
                BB = BB.delete_columns([ii])
                BB = BB.delete_rows([ii])
                monomials.pop(ii)
                BB = remove_unhelpful(BB, monomials, bound, ii-1)
                return BB

            # level:1
            # if just one was affected we check
            # if it is affecting someone else
            elif affected_vectors == 1:
                affected_deeper = True
                for kk in range(affected_vector_index + 1, BB.dimensions()[0]):
                    # if it is affecting even one vector
                    # we give up on this one
                    if BB[kk, affected_vector_index] != 0:
                        affected_deeper = False
                # remove both it if no other vector was affected and
                # this helpful vector is not helpful enough
                # compared to our unhelpful one
                if affected_deeper and abs(bound - BB[affected_vector_index, affected_vector_index]) < abs(bound - BB[ii, ii]):
                    print( "* removing unhelpful vectors", ii, "and", affected_vector_index)
                    BB = BB.delete_columns([affected_vector_index, ii])
                    BB = BB.delete_rows([affected_vector_index, ii])
                    monomials.pop(affected_vector_index)
                    monomials.pop(ii)
                    BB = remove_unhelpful(BB, monomials, bound, ii-1)
                    return BB
    # nothing happened
    return BB

""" 
Returns:
* 0,0   if it fails
* -1,-1 if `strict=true`, and determinant doesn't bound
* x0,y0 the solutions of `pol`
"""
def boneh_durfee(pol, modulus, mm, tt, XX, YY):
    """
    Boneh and Durfee revisited by Herrmann and May
    
    finds a solution if:
    * d < N^delta
    * |x| < e^delta
    * |y| < e^0.5
    whenever delta < 1 - sqrt(2)/2 ~ 0.292
    """

    # substitution (Herrman and May)
    PR.<u, x, y> = PolynomialRing(ZZ)
    Q = PR.quotient(x*y + 1 - u) # u = xy + 1
    polZ = Q(pol).lift()

    UU = XX*YY + 1

    # x-shifts
    gg = []
    for kk in range(mm + 1):
        for ii in range(mm - kk + 1):
            xshift = x^ii * modulus^(mm - kk) * polZ(u, x, y)^kk
            gg.append(xshift)
    gg.sort()

    # x-shifts list of monomials
    monomials = []
    for polynomial in gg:
        for monomial in polynomial.monomials():
            if monomial not in monomials:
                monomials.append(monomial)
    monomials.sort()
    
    # y-shifts (selected by Herrman and May)
    for jj in range(1, tt + 1):
        for kk in range(floor(mm/tt) * jj, mm + 1):
            yshift = y^jj * polZ(u, x, y)^kk * modulus^(mm - kk)
            yshift = Q(yshift).lift()
            gg.append(yshift) # substitution
    
    # y-shifts list of monomials
    for jj in range(1, tt + 1):
        for kk in range(floor(mm/tt) * jj, mm + 1):
            monomials.append(u^kk * y^jj)

    # construct lattice B
    nn = len(monomials)
    BB = Matrix(ZZ, nn)
    for ii in range(nn):
        BB[ii, 0] = gg[ii](0, 0, 0)
        for jj in range(1, ii + 1):
            if monomials[jj] in gg[ii].monomials():
                BB[ii, jj] = gg[ii].monomial_coefficient(monomials[jj]) * monomials[jj](UU,XX,YY)

    # Prototype to reduce the lattice
    if helpful_only:
        # automatically remove
        BB = remove_unhelpful(BB, monomials, modulus^mm, nn-1)
        # reset dimension
        nn = BB.dimensions()[0]
        if nn == 0:
            print( "failure")
            return 0,0

    # check if vectors are helpful
    if debug:
        helpful_vectors(BB, modulus^mm)
    
    # check if determinant is correctly bounded
    det = BB.det()
    bound = modulus^(mm*nn)
    if det >= bound:
        print( "We do not have det < bound. Solutions might not be found.")
        print( "Try with highers m and t.")
        if debug:
            diff = (log(det) - log(bound)) / log(2)
            print( "size det(L) - size e^(m*n) = ", floor(diff))
        if strict:
            return -1, -1
    else:
        print( "det(L) < e^(m*n) (good! If a solution exists < N^delta, it will be found)")

    # display the lattice basis
    if debug:
        matrix_overview(BB, modulus^mm)

    # LLL
    if debug:
        print( "optimizing basis of the lattice via LLL, this can take a long time")

    BB = BB.LLL()

    if debug:
        print( "LLL is done!")

    # transform vector i & j -> polynomials 1 & 2
    if debug:
        print( "looking for independent vectors in the lattice")
    found_polynomials = False
    
    for pol1_idx in range(nn - 1):
        for pol2_idx in range(pol1_idx + 1, nn):
            # for i and j, create the two polynomials
            PR.<w,z> = PolynomialRing(ZZ)
            pol1 = pol2 = 0
            for jj in range(nn):
                pol1 += monomials[jj](w*z+1,w,z) * BB[pol1_idx, jj] / monomials[jj](UU,XX,YY)
                pol2 += monomials[jj](w*z+1,w,z) * BB[pol2_idx, jj] / monomials[jj](UU,XX,YY)

            # resultant
            PR.<q> = PolynomialRing(ZZ)
            rr = pol1.resultant(pol2)

            # are these good polynomials?
            if rr.is_zero() or rr.monomials() == [1]:
                continue
            else:
                print( "found them, using vectors", pol1_idx, "and", pol2_idx)
                found_polynomials = True
                break
        if found_polynomials:
            break

    if not found_polynomials:
        print( "no independant vectors could be found. This should very rarely happen...")
        return 0, 0
    
    rr = rr(q, q)

    # solutions
    soly = rr.roots()

    if len(soly) == 0:
        print( "Your prediction (delta) is too small")
        return 0, 0

    soly = soly[0][0]
    ss = pol1(q, soly)
    solx = ss.roots()[0][0]

    #
    return solx, soly

def example():
    ############################################
    # How To Use This Script
    ##########################################

    #
    # The problem to solve (edit the following values)
    #

    # the modulus
    N = 0xbadd260d14ea665b62e7d2e634f20a6382ac369cd44017305b69cf3a2694667ee651acded7085e0757d169b090f29f3f86fec255746674ffa8a6a3e1c9e1861003eb39f82cf74d84cc18e345f60865f998b33fc182a1a4ffa71f5ae48a1b5cb4c5f154b0997dc9b001e441815ce59c6c825f064fdca678858758dc2cebbc4d27
    # the public exponent
    e = 0x11722b54dd6f3ad9ce81da6f6ecb0acaf2cbc3885841d08b32abc0672d1a7293f9856db8f9407dc05f6f373a2d9246752a7cc7b1b6923f1827adfaeefc811e6e5989cce9f00897cfc1fc57987cce4862b5343bc8e91ddf2bd9e23aea9316a69f28f407cfe324d546a7dde13eb0bd052f694aefe8ec0f5298800277dbab4a33bb
    # the cipher
    c = 0xe3505f41ec936cf6bd8ae344bfec85746dc7d87a5943b3a7136482dd7b980f68f52c887585d1c7ca099310c4da2f70d4d5345d3641428797030177da6cc0d41e7b28d0abce694157c611697df8d0add3d900c00f778ac3428f341f47ecc4d868c6c5de0724b0c3403296d84f26736aa66f7905d498fa1862ca59e97f8f866c
    # the hypothesis on the private exponent (the theoretical maximum is 0.292)
    delta = .28 # this means that d < N^delta

    #
    # Lattice (tweak those values)
    #

    # you should tweak this (after a first run), (e.g. increment it until a solution is found)
    m = 4 # size of the lattice (bigger the better/slower)

    # you need to be a lattice master to tweak these
    t = int((1-2*delta) * m)  # optimization from Herrmann and May
    X = 2*floor(N^delta)  # this _might_ be too much
    Y = floor(N^(1/2))    # correct if p, q are ~ same size

    #
    # Don't touch anything below
    #

    # Problem put in equation
    P.<x,y> = PolynomialRing(ZZ)
    A = int((N+1)/2)
    pol = 1 + x * (A + y)

    #
    # Find the solutions!
    #

    # Checking bounds
    if debug:
        print( "=== checking values ===")
        print( "* delta:", delta)
        print( "* delta < 0.292", delta < 0.292)
        print( "* size of e:", int(log(e)/log(2)))
        print( "* size of N:", int(log(N)/log(2)))
        print( "* m:", m, ", t:", t)

    # boneh_durfee
    if debug:
        print( "=== running algorithm ===")
        start_time = time.time()

    solx, soly = boneh_durfee(pol, e, m, t, X, Y)

    # found a solution?
    if solx > 0:
        print( "=== solution found ===")
        if False:
            print( "x:", solx)
            print( "y:", soly)

        d = int(pol(solx, soly) / e)
        m = pow(c,d,N)
        print( '[-]d is ' + str(d))
        print( '[-]m is: ' + str(m))
        print( '[-]hex(m) is: ' + '{:x}'.format(int(m)))
    else:
        print( "[!]no solution was found!")
        print( '[!]All Done!')

    if debug:
        print(("[!]Timer: %s s" % (time.time() - start_time)))
        print( '[!]All Done!')

if __name__ == "__main__":
    example()

用sage运行得到

'\nSetting debug to true will display more informations\nabout the lattice, the bounds, the vectors...\n'
"\nSetting strict to true will stop the algorithm (and\nreturn (-1, -1)) if we don't have a correct \nupperbound on the determinant. Note that this \ndoesn't necesseraly mean that no solutions \nwill be found since the theoretical upperbound is\nusualy far away from actual results. That is why\nyou should probably use `strict = False`\n"
"\nThis is experimental, but has provided remarkable results\nso far. It tries to reduce the lattice as much as it can\nwhile keeping its efficiency. I see no reason not to use\nthis option, but if things don't work, you should try\ndisabling it\n"
" \nReturns:\n* 0,0   if it fails\n* -1,-1 if `strict=true`, and determinant doesn't bound\n* x0,y0 the solutions of `pol`\n"
=== checking values ===
* delta: 0.280000000000000
* delta < 0.292 True
* size of e: 1020
* size of N: 1023
* m: 4 , t: 1
=== running algorithm ===
* removing unhelpful vectors 4 and 5
* removing unhelpful vector 3
* removing unhelpful vectors 1 and 2
* removing unhelpful vector 0
5 / 10  vectors are not helpful
We do not have det < bound. Solutions might not be found.
Try with highers m and t.
size det(L) - size e^(m*n) =  698
00 X 0 0 0 0 0 0 0 0 0 ~
01 X X 0 0 0 0 0 0 0 0 ~
02 X X X 0 0 0 0 0 0 0
03 X X X X 0 0 0 0 0 0
04 0 0 0 0 X 0 0 0 0 0 ~
05 0 0 0 0 X X 0 0 0 0 ~
06 0 0 0 0 X X X 0 0 0 ~
07 0 0 0 0 X X X X 0 0
08 0 0 0 0 X X X X X 0
09 X X X X 0 X X X X X
optimizing basis of the lattice via LLL, this can take a long time
LLL is done!
looking for independent vectors in the lattice
found them, using vectors 0 and 1
=== solution found ===
[-]d is 776765455081795377117377680209510234887230129318575063382634593357724998207571
[-]m is: 5616256644474643777324927156425296308201436356404797635226215853608752109375728559177663257634746748367999648544612395127292284761610833552163188225026856
[-]hex(m) is: 6b3bb0cdc72a7f2ce89902e19db0fb2c0514c76874b2ca4113b86e6dc128d44cc859283db4ca8b0b5d9ee35032aec8cc8bb96e8c11547915fc9ef05aa2d72b28
[!]Timer: 0.20359492301940918 s
[!]All Done!

输入6b3bb0cdc72a7f2ce89902e19db0fb2c0514c76874b2ca4113b86e6dc128d44cc859283db4ca8b0b5d9ee35032aec8cc8bb96e8c11547915fc9ef05aa2d72b28

得到:FLAG{9828f915d621b9a0a5666fc21e5ee84f}


 

Pwn

MagicRoom

2020网鼎杯的题,没有附件做不来

yundun

2020网鼎杯的题,没有附件做不来

Re

easyGo

先试试能不呢符号执行直接出 ,如果不行再手动分析一下;

import angr
import sys


class Cracker:
    def __init__(self, path_to_binary):
        self.path_to_binary = path_to_binary
        self.project = angr.Project(path_to_binary)
        # 初始化状态
        self.initial_state = self.project.factory.entry_state()
        # 初始化模拟器
        self.simulation = self.project.factory.simgr(self.initial_state)
        # 不参与符号执行的地址
        self.avoid_address = None

    def init_state(self):
        self.initial_state = self.project.factory.entry_state()

    def set_avoid_address(self, avoid_address):
        self.avoid_address = avoid_address

    def simulate_by_output(self, success_output: str, fail_output: str):
        def is_successful(state):
            stdout_output = state.posix.dumps(sys.stdout.fileno())
            if success_output.encode() in stdout_output:
                return True
            else:
                return False

        def should_abort(state):
            stdout_output = state.posix.dumps(sys.stdout.fileno())
            if fail_output.encode() in stdout_output:
                return True
            else:
                return False
        # 初始化模拟器
        self.simulation = self.project.factory.simgr(self.initial_state)
        # 开始查找所有的可能
        self.simulation.explore(find=is_successful, avoid=should_abort)
        # 如果有结果
        if self.simulation.found:
            # 输出第一种可能
            solution_state = self.simulation.found[0]
            print(solution_state.posix.dumps(sys.stdin.fileno()))
        else:
            raise Exception('Could not find the solution')


def main():
    cracker = Cracker("./easyGo")
    # 比较常用的方法,根据输出进行符号执行
    cracker.simulate_by_output(
        success_output="Congratulation the flag you input is correct!", fail_output="Try again! Come on!")


main()

符号分析条件复杂度太高了,还是得自己做;分析很久都没有什么头绪,突然感觉这道题有点熟悉,在网上搜索可以发现CISCN有一道GO题和这个很像;

根据题目名称和 IDA 结合来看,猜测是一个 go 写的程序。

程序的符号信息被去除了,用 IDAGolangHelper 恢复符号信息

然后看 main_main 函数,在 encoding_base64__ptr_Encoding_DecodeString 处下断点。

单步调试到这里,跟进 rsi 地址的内存数据,就能看到 flag 了。

flag{92094daf-33c9-431e-a85a-8bfbd5df98ad}

Misc

a-dump-file

内存取证的题目

查看镜像信息,profile为Win7SP1x64

查看cmd执行的命令,发现添加了一个用户mumuzi,密码(ljmmz)ovo。

然后foremost 镜像文件,找到其中的ZIP文件夹,批量解密,密码为:(ljmmz)ovo

得到Flag

入侵排查

正常做法有点麻烦,SlackMoon师傅教你非预期,直接分解,然后破一下伪加密,直接拿下

MISC1

binwalk -e misc1.png 得到文件,发现23991的文件是压缩包,但是逆序了

解密后保存打开,得到ook文本,再次解密:

flag{0343875a622b2cab8c01e5fcd385503d}

SlackMoon
关注
  • 2
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
重庆市合川区第二届网络安全钓鱼城“杯部分题解
m0_60894143的博客
08-09 599
下载文件后,进行分析往下划看见smb最开始以为是通过smb协议下载的文件找半天没发现,往前翻了翻,看见了flag存储为原始数据通过上述分析发现开头是pk,保存为zip压缩包发现需要密码感觉是伪加密使用工具一把梭再次打开压缩包就发现了flag证实了伪加密下载文件发现是内存文件直接工具分析volatility常规分析一波查看镜像信息分析进程发现没有异常查看cmd历史看到创建用户这个关键点先留意然后查看关键字发现有个zip直接导出到本地改为zip。
期中考核部分复现
2301_81105268的博客
05-21 874
下载解压,打开附件搜索查找编码类型Unicode编码使用在线工具进行解码使用cyberchef进行解码得到flag下载解压打开附件e= 59159m=???根据题目信息,已知n,e,c,求解m使用在线工具分解大整数n得到三个质数编写脚本进行解题运行得到flag。
第一届 长城杯 总决赛wp
weixin_45906533的博客
05-27 1603
第一届 长城杯 总决赛 - Ahisec。
网鼎杯-第三场-加解密-hafuhafu
08-27
2018年8月27日网鼎杯|第三场|加解密|
svn+axure+nginx+htpasswd+php 做简单安全的技术产品文档管理网站
wnw001的博客
02-21 1553
svn+axure+nginx+htpasswd+php 做简单安全的技术产品文档管理网站 1:htpasswd 是开源 http 服务器密码认证生成工具–安装 Centos yum -y install httpd #首先创建文件生成密码: htpasswd -c /usr/local/nginx/passwd root (创建文件并生成一个账户) htpasswd -b /usr/local/...
『Nginx安全访问控制』利用Nginx实现账号密码认证登录的最佳实践
老陈聊架构
11-29 3647
📣读完这篇文章里你能收获到:如何创建用户账号和密码文件,并生成加密密码,配置Nginx的认证模块,实现基于账号密码的登录验证
【MISC】domainhacker2(第六届”蓝帽杯“全国大学生网络安全技能大赛
07-11
【MISC】domainhacker2 是一场比赛项目,源自第六届"蓝帽杯"全国大学生网络安全技能大赛。这个比赛旨在提升大学生在网络安全领域的实践能力和理论知识,促进网络安全技术的学习与交流。从提供的文件名来看,我们可以...
第六届全国网络安全大赛 XDCTF 2015 线下某题.zip
04-19
网络安全面临的威胁和挑战多种多样,包括钓鱼攻击、DDoS攻击、数据泄露、社交工程、零日漏洞利用以及无线网络攻击等。这些威胁都可能导致系统被破坏、数据被泄露或滥用,对个人、企业和国家造成重大损失。 为了应对...
网络安全r-paper-mas笔记
最新发布
06-06
网络安全是信息技术领域中的一个核心部分,它涉及到保护网络系统、数据和信息免受未经授权的访问、使用、披露、中断、修改或破坏。"网络安全r_paper-mas笔记"可能是一份详细记录了关于网络安全研究论文的笔记,特别...
网络安全必备-御剑系列工具
04-23
网络安全是信息化社会中不可或缺的重要领域,它涉及到个人隐私保护、企业信息安全以及国家的网络主权。"御剑系列工具"作为一款后台扫描软件,是网络安全专业人士常用的一种工具集,旨在帮助用户发现并解决网络安全...
网络安全--来自荷兰的最新评论.pdf
09-19
第二阶段则将对第一阶段确定的研究问题进行更深入的调查。同时,报告还提出了一系列研究问题,如当前和新出现的网络安全问题是什么,调查的彻底程度如何,以及在NCTV领域内的网络安全问题有哪些等。 5. 网络安全的...
【CTF WriteUp】2020网鼎杯第三场Crypto题解
cccchhhh6819的博客
05-18 3017
Crypto simple 根据题目名称提示,本题为简单仿射密码,爆破得映射关系为:y = 8a + 22 (mod 26),密钥使用方法为:123456 % 26 = 8,321564 % 26 = 22与爆破结果相同。于是得到正向替换表a-w b-e c-m d-u e-c f-k,反向替换得到flag。 RUA 题目给出了三组n和c,且三个n之间两两互质,所以本题只可能是利用中国剩余定理求出me,然后爆破e求解m。解题代码如下: #!/usr/bin/env python # -*- coding:
go系列-加密与解密
sre救赎之路
06-26 1169
运行结果。
signature=a7ab3f52fd3143e911ffec68c5ce32d7,2019年强网杯crypto部分题解
weixin_39865625的博客
05-30 1万+
一 、random study这个题目中共给出了三个challenge。1. challenge 1服务器将python中的random模块的种子设置为int(time()),然后生成随机数让我们猜,只要我们猜对一次就可以通关了。题目中给了200次机会,应该是考虑到服务器与我们机器的时间不同步的问题(可能相差几秒)。我这里假定服务器时间与本地时间相差不超过10秒,然后对这20种情况进行枚举就好了。...
网鼎2018CTF第四场 _Crypto
Rorschach:Blog
08-30 1881
0x0 shenyue 理清代码流程,按照给的注册流程跑一遍 ==== administration console ==== 1. sign up 2. log in 3. private key generation -1. command execution &gt; 1 id: 123 pw: 123 successfully registered &gt; 2 id: 123 pw:...
buu [NPUCTF2020]共 模 攻 击 1
Emmaaaaa's blog
05-23 792
以后遇到e还算小的可以尝试用sympy.nthroot_mod(),感觉这东西还挺🐂的,哈哈哈 以上copper法值得收藏(求m,m位数已知,并且c1 = m^p mod n, c2 = m^q mod n) 以下三个可以互换使用,目前还没看到局限(可能是做题少了吧) PR. = PolynomialRing(Zmod(n)) R. = PolynomialRing(Zmod(n),implementation = 'NTL') R. = Zmod(n)[]
Linux bash 部分命令学习
热门推荐
DeepXL
02-07 4万+
Linux Shortcuts and Commands: Linux Newbie Administrator Guide by Stan and Peter Klimas This is a practical selection of the commands we use most often. Press to see the listing of all availabl
flutter 填坑之旅(dart学习笔记篇)
奔跑的痕迹的博客
08-20 1万+
俗话说 ‘工欲善其事必先利其器’ 先要撸flutter app 不懂 dart 那就像不懂英语的人去国外求生一样,难! 安装 dart 就不用说了,比较简单dart 官网 https://dart.dev/ 安装完成后就开启学习dart 旅程吧… 1 首先得找个ide (总不能使用记事本撸吧),所以我们选择 idea 这个开发不错 1)idea 安装 dart (简单同直接 打开idea ...
CTF做题小记
weixin_51536807的博客
01-22 3404
1.XCTFWeb新手区xff_referer 根据题目描述先了解XFF和Referer。 再看到题目中的“ip地址必须为123.123.123.123”我们可以想到用BP抓包修改IP地址。 在请求中加入 X-Forwarded-For:123.123.123.123 注:要加在Connection: close之前 发现得到了一句话: 这时就要用上Referer伪造了。 再次添加 Referer:https://www.google.com 后发送即可得到flag。 2.XCTFWeb
"计算机网络安全第二版期末复习重点:概念、特征与安全体系结构详解
安全性攻击包括各种威胁,例如病毒、木马、恶意软件、网络钓鱼等,在网络安全中是需要重点防范和解决的问题。OSI安全体系结构涉及的方面包括安全保密性、身份认证、访问控制、数据完整性、不可否认性、溯源性、可靠...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值