UNCTF2022部分题解

最新推荐文章于 2023-12-11 20:22:14 发布
最新推荐文章于 2023-12-11 20:22:14 发布
阅读量1.1k 收藏 1
点赞数 2
分类专栏: CTF 文章标签: python
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_59700927/article/details/128313348
版权
S

Reverse

whereisyourkey-广东海洋大学

  • 直接模拟加密过程就行了,不多说
  • 远程linux调试elf执行到加密结束提取数据也行

halo-绍兴元培

考点upx脱壳逻辑运算异或解密

  • 这个题多少有点绕

  • 最后用来校对的那一堆异或和或,只有每个异或结果为0条件才为真,也就是说单个异或的结果都是相等的,通过这里就可以得到操作过后的flag

  • 中间的加密,通过分析代码可以发现规律

    f0 = f0^0  
ff1 = f0^0^f1^1
f2 = f2^2^f0^0^f1^1

相当于,顺序加密:fn = fn-1 ^ n

所以反过来异或回去就完了

  • 最上面还有个array^0x33,就是array数组第一位异或,弄一下就行

  • 解密脚本

    list = [102, 0xb,0x68,0xc,0x73,0x3e,0xc,0x3a,0x5d,0x1b,0x21,0x75,0x4f,0x20,0x4c,0x71,0x58,0x7b,0x59,0x2c,0x0,0x77,0x58,0x77,0xe,0x72,0x5b,0x26,0xb,0x70,0xa,0x77,0x66,0x77,0x36,0x76,0x37,0x76,0x62,0x72,0x6d,0x27,0x3f,0x77,0x26]
x = 44
while x > 0:
    list[x] = list[x]^list[x-1]^x
    x -= 1
for i in list:
    print(chr(i),end='')
# flag{H41oO0_6bb2920f8b98ae3f1fdb10cced277c2c}

  • 对了,还有个upx脱壳,直接工具搞一下

ezzzzre-广东海洋大学

  • 有个upx壳,工具脱掉

  • F5主函数

  • 核心代码就这一行:

    if ( Str[i] != 2 * aHelloctf[i] - 69 )

  • 提取Helloctf[i]直接计算即可

Sudoku-陆军工程大学

考点动态调试数据提取python

  • IDA反编F5+cmd运行测试

  • 好像是个数独,分析一下

    int __cdecl main(int argc, const char **argv, const char **envp)
{
  
  ......  
//生成检测数独
  while ( (unsigned int)Prepare((int (*)[9])v12) )		  
  {
    for ( i = 0; i <= 8; ++i )
    {
      for ( j = 0; j <= 8; ++j )
      {
        if ( !v12[9 * i + j] )
        {
          for ( k = 0; k <= 8; ++k )
            v4[k] = 0;									//生成函数
          line((int (*)[9])v12, v4, i);
          row((int (*)[9])v12, v4, j);
          SquireNine((int (*)[9])v12, v4, i, j);
          FillBlank((int (*)[9])v12, v4, i, j);
        }
      }
    }
  }
//提示信息输出
  puts("This is a game called Sudoku,just enjoy it!");
  puts("Pls input your answer in the following format:");
  qmemcpy(v14, &unk_4051C0, 0x144ui64);
  for ( i = 0; i <= 8; ++i )
  {
    for ( j = 0; j <= 8; ++j )
      printf("%d ", (unsigned int)v14[9 * i + j]);		
    putchar(10);
  }
//输入数独
  puts("Then you will get your flag!");
  for ( i = 0; i <= 8; ++i )
  {
    for ( j = 0; j <= 8; ++j )
      scanf("%d", &v11[9 * i + j]);			              
  }
//校验
  for ( k = 0; k <= 8; ++k )
  {
    for ( m = 0; m <= 8; ++m )
    {
      if ( v11[9 * k + m] != v12[9 * k + m] )			 
      {
        puts("Y0u_Ar3_Wr0ng!");
        exit(1);
      }
    }
  }
  printf("Y0u_Ar3_R1ght!");
}

  • 第一眼就看到v11和v12比较,所以我们要想办法把v12搞出来,首先跟踪上面的生成函数,很复杂,那就动态调试,让机器生成v12我们去提取数据

  • v12生成函数结束后位置设断点,运行,然后f5反编找到v12对应栈位置,写脚本提取数据

    auto addr = 0x000000000062FA10;
auto i = 0,cnt = 0;
for(i; i < 81*4; i = i+4)
{
	Message("%x ",Byte(addr+i));
	cnt = cnt + 1;
	if(cnt % 9 == 0)
	   Message("\n");
}
//8 5 2 4 9 1 6 7 3 
//1 9 6 7 3 8 2 5 4 
//4 3 7 5 6 2 9 1 8 
//5 2 8 1 4 6 3 9 7 
//3 7 4 9 2 5 8 6 1 
//9 6 1 3 8 7 4 2 5 
//2 1 9 8 5 4 7 3 6 
//7 4 3 6 1 9 5 8 2 
//6 8 5 2 7 3 1 4 9

  • 继续运行,输入提取的数独

  • 运行到显示:

    UNCTF{chr(29+vme)chr(15+vme)chr(29+vme)chr(24+vme)chr(39+vme)chr(25+vme)chr(29+vme)chr(20+vme)chr(32+vme)}

  • python解一下

    print('UNCTF{',end='')
print(chr(29+50),end='')
print(chr(15+50),end='')
print(chr(29+50),end='')
print(chr(24+50),end='')
print(chr(39+50),end='')
print(chr(25+50),end='')
print(chr(29+50),end='')
print(chr(20+50),end='')
print(chr(32+50),end='')
print('}',end='')
# UNCTF{OAOJYKOFR}

ezast-浙江师范大学

考点ast树js代码还原

  • 一口老血吐出来

  • 第一次遇到这种题,研究了一下ast树,然后就开始手推源代码

  • 一边构建代码看ast一边还原(得亏有个ast在线网站)

  • 还原代码

    function ezdecode(flag,key)
{
  var arr_data = flag.split()
  return arr_data.map(i => String.fromCharCode(i.charCodeAt()^(key += 1))).join('')
}
var $_a = test()
$_a -= 1145*100
$_a += 0xb
console.log(ezdecode("OTYN\\a[inE+iEl.hcEo)ivo+g",$_a))
function test(){
  return 114514
}

  • emmmm,每次只能解密一个字符,然后我就直接手删了半天加密串把flag构造出来了

  • 对了,还有一个用来转义的\要删掉

  • UNCTF{Ast_1s_v4ry_u3slu1}

HelloRust

  • 这题,一切都在动调中

  • 首先通过关键词检索识别为rc4加密

  • 修改内存数据,将unctf等等一系列数据变为字符串

  • 动调,在keyinit函数处找到密钥Unctf2022

  • 在cmp函数上方找到密文

  • 提取密文

    auto addr = 0x00005622B1A340A6;
auto i = 0;
Message("\n");
for(i; i < (0x00005622B1A340C1 - addr + 1); i = i+1)
{
	Message("%02x",Byte(addr+i));
}
//876927216fc731261b6c3a749a626ea002811d85e0e2d071f4a3090e

  • 在线网站解密得到

  • unctf{Ru5t_Rc4_1s_2_e@zy!!!}

shelled_babyxor-重庆大学

考点手动脱壳数据处理逆写解密

  • 提示脱壳+算法逆向,有点东西

  • 脱壳只能手动,没发现常规的pushad之类的东西,但知道是运行自解密

  • x64dbg运行到解密位置,把程序dump出来拖进ida64

  • ctrl+f12搜索unctf,发现有,定位过去,x交叉引用,定位关键代码

    FOOL:0000000000402E30 53                            push    rbx
FOOL:0000000000402E31 48 83 EC 50                   sub     rsp, 50h
FOOL:0000000000402E35 E8 06 EA FF FF                call    sub_401840
FOOL:0000000000402E35
FOOL:0000000000402E3A 48 8B 0D 1F 15 00 00          mov     rcx, cs:off_404360
FOOL:0000000000402E41 48 8D 5C 24 20                lea     rbx, [rsp+58h+var_38]
FOOL:0000000000402E46 48 8D 15 B3 11 00 00          lea     rdx, aInputYourAnswe            ; "input your answer\n"
FOOL:0000000000402E4D E8 26 E9 FF FF                call    sub_401778
FOOL:0000000000402E4D
FOOL:0000000000402E52 48 8B 0D F7 14 00 00          mov     rcx, cs:off_404350
FOOL:0000000000402E59 48 89 DA                      mov     rdx, rbx
FOOL:0000000000402E5C E8 0F E9 FF FF                call    sub_401770
FOOL:0000000000402E5C
FOOL:0000000000402E61 48 89 D9                      mov     rcx, rbx
FOOL:0000000000402E64 E8 07 E7 FF FF                call    sub_401570
	;核心函数
FOOL:0000000000402E64
FOOL:0000000000402E69 85 C0                         test    eax, eax
FOOL:0000000000402E6B 75 1B                         jnz     short loc_402E88
FOOL:0000000000402E6B
FOOL:0000000000402E6D 48 8B 0D EC 14 00 00          mov     rcx, cs:off_404360
FOOL:0000000000402E74 48 8D 15 B4 11 00 00          lea     rdx, aSorryYouAreWro            ; "sorry you are wrong"
FOOL:0000000000402E7B E8 F8 E8 FF FF                call    sub_401778
FOOL:0000000000402E7B
FOOL:0000000000402E80
FOOL:0000000000402E80                               loc_402E80:                             ; CODE XREF: sub_402E30+6B↓j
FOOL:0000000000402E80 31 C0                         xor     eax, eax
FOOL:0000000000402E82 48 83 C4 50                   add     rsp, 50h
FOOL:0000000000402E86 5B                            pop     rbx
FOOL:0000000000402E87 C3                            retn
FOOL:0000000000402E87
FOOL:0000000000402E88                               ; ---------------------------------------------------------------------------
FOOL:0000000000402E88
FOOL:0000000000402E88                               loc_402E88:                             ; CODE XREF: sub_402E30+3B↑j
FOOL:0000000000402E88 48 8B 0D D1 14 00 00          mov     rcx, cs:off_404360
FOOL:0000000000402E8F 48 8D 15 7D 11 00 00          lea     rdx, aYouAreRightWel            ; "you are right!welcome to re"
FOOL:0000000000402E96 E8 DD E8 FF FF                call    sub_401778

  • 跟进函数发现只有sub_401570在大面积操作数据,F5跟进

    while ( 1 )
  {
    ++v2;
    v1 += v3 % 22;			//取余得到一个v1
    if ( v2 == &v7[5] )
      break;
    v3 = *v2;
  }
  v4 = 0i64;
  for ( i = 115; ; i = *&v7[4 * v4 + 5] )	//取数
  {
    if ( (v1 ^ *(a1 + v4)) != i )	//校对
      return 0;
    if ( ++v4 == 41 )
      break;
  }

  • 终于找到真正的核心了,直接逆写解密,先求v1

    #include <bits/stdc++.h>
using namespace std;
int main()
{
  int v1 = 0; 
  char v7[] = "unctfs";
  for(int i = 0; i < 5; i++){
    v1 += (((int)v7[i]) % 22);
  }
  cout <<v1 <<endl;			//38
  return 0;
}

  • 然后拿38跟这函数给出的一堆数据异或了一下,能搞出UNCTF,那就是答案没跑了,整理数据(痛苦面具),直接写解密

    num = []
for i in range(41):
    num.append(4*i+5)
v9 = [0x65,0x72,0x60,0x5D,0x5F,0x49,0x53,0x79,0x4C,0x53,0x55,0x52, 0x79,0x53, 0x48,0x56,0x47,0x45, 0x4D,0x43, 0x42,0x79, 0x5F,0x49, 0x53,0x54, 0x79,0x40,0x4F,0x54,0x55,0x52,0x79,0x56, 0x54,0x49, 0x41,0x54]
print(len(v9))
for i in v9:
    print(chr(i^38),end='')
print(chr(71^38))
# CTF{you_just_unpacked_your_first_progra

  • 然后,UN我之前验证了,没写,最后program}猜得出来,寄

Crypto

md5-1-西南科技大学

知识点md5

  • 像我这种大冤种直接造md5加密字典
list = {}
import hashlib
for i in range(65,123):
    # 待加密信息
    str2 = chr(i)
    # 创建md5对象
    hl = hashlib.md5()
    hl.update(str2.encode(encoding='utf-8'))
    list[str2] = hl.hexdigest()
for i in range(0,10):
    str1 = str(i)
    # 创建md5对象
    hl = hashlib.md5()
    hl.update(str1.encode(encoding='utf-8'))
    list[str1] = hl.hexdigest()
l = dict(zip(list.values(),list.keys()))
li = ['4c614360da93c0a041b22e537de151eb','8d9c307cb7f3c4a32822a51922d1ceaa','0d61f8370cad1d412f80b84d143e1257','b9ece18c950afbfa6b0fdbfa4ff731d3','800618943025315f869e4e1f09471012','f95b70fdc3088560732a5ac135644506','e1671797c52e15f763380b45e841ec32','c9f0f895fb98ab9159f51fd0297e236d','a87ff679a2f3e71d9181a67b7542122c','8fa14cdd754f91cc6554c9e71929cce7','e1671797c52e15f763380b45e841ec32','8277e0910d750195b448797616e091ad','cfcd208495d565ef66e7dff9f98764da','c81e728d9d4c2f636f067f89cc14862c','c9f0f895fb98ab9159f51fd0297e236d','92eb5ffee6ae2fec3ad71c777531578f','45c48cce2e2d7fbdea1afc51c7c6ad26','cfcd208495d565ef66e7dff9f98764da','a87ff679a2f3e71d9181a67b7542122c','1679091c5a880faf6fb5e6087eb1b2dc','8fa14cdd754f91cc6554c9e71929cce7','4a8a08f09d37b73795649038408b5f33','cfcd208495d565ef66e7dff9f98764da','e1671797c52e15f763380b45e841ec32','c9f0f895fb98ab9159f51fd0297e236d','8fa14cdd754f91cc6554c9e71929cce7','cfcd208495d565ef66e7dff9f98764da','c9f0f895fb98ab9159f51fd0297e236d','cfcd208495d565ef66e7dff9f98764da','e1671797c52e15f763380b45e841ec32','45c48cce2e2d7fbdea1afc51c7c6ad26','1679091c5a880faf6fb5e6087eb1b2dc','e1671797c52e15f763380b45e841ec32','8f14e45fceea167a5a36dedd4bea2543','c81e728d9d4c2f636f067f89cc14862c','c4ca4238a0b923820dcc509a6f75849b','c9f0f895fb98ab9159f51fd0297e236d','a87ff679a2f3e71d9181a67b7542122c','cbb184dd8e05c9709e5dcaedaa0495cf']
for i in li:
    if l.get(i):
        print(l[i],end='')
    else:
        print('wrong',end='')

md5-2-西南科技大学

知识点md5异或

  • 多了个异或罢了,注意长度不够补位就行_
# 生成表
import hashlib
list = {}
for i in range(65,123):
    # 待加密信息
    str2 = chr(i)
    # 创建md5对象
    hl = hashlib.md5()
    hl.update(str2.encode(encoding='utf-8'))
    list[str2] = hl.hexdigest()
for i in range(0,10):
    str1 = str(i)
    # 创建md5对象
    hl = hashlib.md5()
    hl.update(str1.encode(encoding='utf-8'))
    list[str1] = hl.hexdigest()
x = ['?','_','@','!','}','{','C','$','%',"^",'&','*','(',')']
for i in x:
    str2 = i
    # 创建md5对象
    hl = hashlib.md5()
    hl.update(str2.encode(encoding='utf-8'))
    list[str2] = hl.hexdigest()
l = dict(zip(list.values(),list.keys()))

# 检验
li = [0x4c614360da93c0a041b22e537de151eb,0xc1fd731c6d60040369908b4a5f309f41,0x80fdc84bbb5ed9e207a21d5436efdcfd,0xb48d19bb99a7e6bb448f63b75bc92384,0x39eaf918a52fcaa5ed9195e546b021c1,0x795d6869f32db43ff5b414de3c235514,0xf59a054403f933c842e9c3235c136367,0xc80b37816048952a3c0fc9780602a2fa,0x810ecef68e945c3fe7d6accba8b329bd,0xcad06891e0c769c7b02c228c8c2c8865,0x470a96d253a639193530a15487fea36f,0x470a96d253a639193530a15487fea36f,0x4bdea6676e5335f857fa8e47249fa1d8,0x810ecef68e945c3fe7d6accba8b329bd,0xedbb7ab78cde98a07b9b5a2ab284bf0a,0x44b43e07e9af05e3b9b129a287e5a8df,0xa641c08ed66b55c9bd541fe1b22ce5c0,0xabed1f675819a2c0f65c9b7da8cab301,0x738c486923803a1b59ef17329d70bbbd,0x7e209780adf2cd1212e793ae8796ed7c,0xa641c08ed66b55c9bd541fe1b22ce5c0,0xa641c08ed66b55c9bd541fe1b22ce5c0,0x636a84a33e1373324d64463eeb8e7614,0x6ec65b4ab061843b066cc2a2f16820d5,0xa4a39b59eb036a4a8922f7142f874114,0x8c34745bd5b5d42cb3efe381eeb88e4b,0x5b1ba76b1d36847d632203a75c4f74e2,0xd861570e7b9998dbafb38c4f35ba08bc,0x464b7d495dc6019fa4a709da29fc7952,0x8eb69528cd84b73d858be0947f97b7cc,0xdd6ac4c783a9059d11cb0910fc95d4a,0x4b6b0ee5d5f6b24e6898997d765c487c,0xb0762bc356c466d6b2b8f6396f2e041,0x8547287408e2d2d8f3834fc1b90c3be9,0x82947a7d007b9854fa62efb18c9fd91f,0x8ddafe43b36150de851c83d80bd22b0a,0xc7b36c5f23587e285e528527d1263c8b,0x2a0816e8af86e68825c9df0d63a28381,0x63ce72a42cf62e6d0fdc6c96df4687e3]
for cnt in range(1,len(li)):
    li[cnt] ^= li[cnt - 1]
for cnt in range(0, len(li)):
    li[cnt] = hex(li[cnt])
    li[cnt] = li[cnt][2:]
for i in li:
    if(len(i) != 32):
        i1 = '0' + i
    else:
        i1 = i
    if l.get(i1):
        print(l[i1],end='')
    else:
        print('false')

dddd-西南科技大学

摩斯密码

  • 摩斯密码01解密,这不写了吧

caesar-西南科技大学

  • 题目提示了base64表

  • UNCTF校验发现是+45替换,逆写即可

  • 脚本(坑点是得去掉末尾空格)

    s=  'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
w = 'B6vAy{dhd_AOiZ_KiMyLYLUa_JlL/HY_}'
for i in w:
    if i in s:
        if(s.index(i) >= 45):
            print(s[s.index(i) - 45],end='')
        else:
            print(s[s.index(i)+45-64-26],end='')
    else:
        print(i,end='')

ezxor-浙江师范大学

知识点多次一密数据还原

  • 一个假题,劣质多次一密QAQ

  • decode密文,伪造flag与密文异或得到残缺明文,寻找英文单词特征比对求解,1小时的快乐没了

    UNCTF{Y0u_are_very_Clever!!!}

Single table-西南科技大学

知识点playfair

  • 很明显变种Playfair加密

  • 根据实例修改表

  • B C D E F
    G H I K M
    N O Q R S
    T U V W X
    Z P L A Y

  • 还原即可

    • 不同行不同列优先取后一个字母对应行元素
    • 同行取左
    • 同列取上

  • 得到(注意下划线位置要换一下,哦对还有去掉x,我记得有人有群u吐槽这个下划线来着)

    UNCTF{GOD_YOU_KNOW_PLAYFAIR}

Multi table-西南科技大学

知识点维吉尼亚密码(Vigenere)

题意

  • 这个题就是构造了一个循环序的字母字典table

  • 还有一个乱序的匹配字母表base_table

  • 然后随机生成查询key

  • 加密flag

    • 首先查询base_table中字母位置
    • 替换为字典key键对应位置的值
解题

  • 首先用UNCT还原出key是多少,再逆写加密就可

  • 脚本

    # 字典表
table = {0: 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 1: 'BCDEFGHIJKLMNOPQRSTUVWXYZA', 2: 'CDEFGHIJKLMNOPQRSTUVWXYZAB', 3: 'DEFGHIJKLMNOPQRSTUVWXYZABC', 4: 'EFGHIJKLMNOPQRSTUVWXYZABCD', 5: 'FGHIJKLMNOPQRSTUVWXYZABCDE', 6: 'GHIJKLMNOPQRSTUVWXYZABCDEF', 7: 'HIJKLMNOPQRSTUVWXYZABCDEFG', 8: 'IJKLMNOPQRSTUVWXYZABCDEFGH', 9: 'JKLMNOPQRSTUVWXYZABCDEFGHI', 10: 'KLMNOPQRSTUVWXYZABCDEFGHIJ', 11: 'LMNOPQRSTUVWXYZABCDEFGHIJK', 12: 'MNOPQRSTUVWXYZABCDEFGHIJKL', 13: 'NOPQRSTUVWXYZABCDEFGHIJKLM', 14: 'OPQRSTUVWXYZABCDEFGHIJKLMN', 15: 'PQRSTUVWXYZABCDEFGHIJKLMNO', 16: 'QRSTUVWXYZABCDEFGHIJKLMNOP', 17: 'RSTUVWXYZABCDEFGHIJKLMNOPQ', 18: 'STUVWXYZABCDEFGHIJKLMNOPQR', 19: 'TUVWXYZABCDEFGHIJKLMNOPQRS', 20: 'UVWXYZABCDEFGHIJKLMNOPQRST', 21: 'VWXYZABCDEFGHIJKLMNOPQRSTU', 22: 'WXYZABCDEFGHIJKLMNOPQRSTUV', 23: 'XYZABCDEFGHIJKLMNOPQRSTUVW', 24: 'YZABCDEFGHIJKLMNOPQRSTUVWX', 25: 'ZABCDEFGHIJKLMNOPQRSTUVWXY'}
# 乱序表
base_table=['J', 'X', 'I', 'S', 'E', 'C', 'R', 'Z', 'L', 'U', 'K', 'Q', 'Y', 'F', 'N', 'V', 'T', 'P', 'O', 'G', 'A', 'H', 'D', 'W', 'M', 'B']
# 密文flag
flag = 'SDCGW{MPN_VHG_AXHU_GERA_SM_EZJNDBWN_UZHETD}'
# 还原key
print(base_table.index('U')) #0  9
print(base_table.index('N')) #1  14
print(base_table.index('C')) #2  5
print(base_table.index('T')) #3  16
for i in range(26):
    if table[i][9] == 'S':
        print('key0=' + str(i))
    if table[i][14] == 'D':
        print('key1=' + str(i))
    if table[i][5] == 'C':
        print('key2=' + str(i))
    if table[i][16] == 'G':
        print('key3=' + str(i))
# 还原flag
x = 0
key=[9,15,23,16]
for i in range(len(flag)):
    if flag[i] in base_table:
        print(base_table[table[key[x%4]].index(flag[i])],end='')
        x += 1
    else:
        print(flag[i],end='')
# UNCTF{WOW_YOU_KNOW_THIS_IS_VIGENERE_CIPHER}

easy_RSA-中国人民公安大学

知识点:rsa已知p高位攻击

  • 看到>>200,是个RSA高位攻击,直接开搞

  • 去网站Sage Cell Server (sagemath.org) 先把roots爆出来

    n=102089505560145732952560057865678579074090718982870849595040014068558983876754569662426938164259194050988665149701199828937293560615459891835879217321525050181965009152805251750575379985145711513607266950522285677715896102978770698240713690402491267904700928211276700602995935839857781256403655222855599880553
p2 = 8183408885924573625481737168030555426876736448015512229437332241283388177166503450163622041857s
p4 = p4 << 200
PR.<x> = PolynomialRing(Zmod(n))
f = x + p4
roots = f.small_roots(X=2^200,beta=0.4)
print(roots)
print(p)

  • 解码

    import gmpy2
from Crypto.Util.number import *
roots = [358950849615278333731635244854025425463656033006805723630685]
n = 102089505560145732952560057865678579074090718982870849595040014068558983876754569662426938164259194050988665149701199828937293560615459891835879217321525050181965009152805251750575379985145711513607266950522285677715896102978770698240713690402491267904700928211276700602995935839857781256403655222855599880553
p2 = 13150231070519276795503757637337326535824298772055543325920447062237907554543786311611680606623830215547787830024125178567428699965091733811241451081695232
p= p2 + roots[0]
if n%p == 0:
    print(1)
q = n//p
phi = (p-1)*(q-1)
e=0x10001
c=6423951485971717307108570552094997465421668596714747882611104648100280293836248438862138501051894952826415798421772671979484920170142688929362334687355938148152419374972520025565722001651499172379146648678015238649772132040797315727334900549828142714418998609658177831830859143752082569051539601438562078140
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
print(long_to_bytes(m))

Today_is_Thursday_V_me_50-海南大学

  • 这个题就是纯考察逆向解密能力,大喜,啊不,大悲

  • 对flag先加密1,再加密2,得到结果。逆写,还是逆写

  • 脚本

    import random
from Crypto.Util.strxor import strxor
from Crypto.Util.number import *
# 题目信息
key1 = b'Today_is_Thursday_V_me_50'
key1_num = 530007872419584476649862008487908643412379763189507583587632
x = 'Q\x19)T\x18\x1b(\x03\t^c\x08QiF>Py\x124DNg3P'
#生成25位随机数序列
random.seed(key1_num)
ran = []
for i in range(25):
    temp_num = random.randint(1,128)
    ran.append(temp_num)
# 异或解密(encrypt2)
flag = []
for i in range(0,len(x)):
    temp = bytes_to_long(bytes(x[i], encoding="utf8"))
    flag.append(temp^ran[i])

# 仿写encrypt1,得出最后的异或串
guess=[('u', 'n', 'c', 't', 'f'), ('u', 'n', 'c', 'f', 't'), ('u', 'n', 't', 'c', 'f'), ('u', 'n', 't', 'f', 'c'), ('u', 'n', 'f', 'c', 't'), ('u', 'n', 'f', 't', 'c'), ('u', 'c', 'n', 't', 'f'), ('u', 'c', 'n', 'f', 't'), ('u', 'c', 't', 'n', 'f'), ('u', 'c', 't', 'f', 'n'), ('u', 'c', 'f', 'n', 't'), ('u', 'c', 'f', 't', 'n'), ('u', 't', 'n', 'c', 'f'), ('u', 't', 'n', 'f', 'c'), ('u', 't', 'c', 'n', 'f'), ('u', 't', 'c', 'f', 'n'), ('u', 't', 'f', 'n', 'c'), ('u', 't', 'f', 'c', 'n'), ('u', 'f', 'n', 'c', 't'), ('u', 'f', 'n', 't', 'c'), ('u', 'f', 'c', 'n', 't'), ('u', 'f', 'c', 't', 'n'), ('u', 'f', 't', 'n', 'c'), ('u', 'f', 't', 'c', 'n'), ('n', 'u', 'c', 't', 'f'), ('n', 'u', 'c', 'f', 't'), ('n', 'u', 't', 'c', 'f'), ('n', 'u', 't', 'f', 'c'), ('n', 'u', 'f', 'c', 't'), ('n', 'u', 'f', 't', 'c'), ('n', 'c', 'u', 't', 'f'), ('n', 'c', 'u', 'f', 't'), ('n', 'c', 't', 'u', 'f'), ('n', 'c', 't', 'f', 'u'), ('n', 'c', 'f', 'u', 't'), ('n', 'c', 'f', 't', 'u'), ('n', 't', 'u', 'c', 'f'), ('n', 't', 'u', 'f', 'c'), ('n', 't', 'c', 'u', 'f'), ('n', 't', 'c', 'f', 'u'), ('n', 't', 'f', 'u', 'c'), ('n', 't', 'f', 'c', 'u'), ('n', 'f', 'u', 'c', 't'), ('n', 'f', 'u', 't', 'c'), ('n', 'f', 'c', 'u', 't'), ('n', 'f', 'c', 't', 'u'), ('n', 'f', 't', 'u', 'c'), ('n', 'f', 't', 'c', 'u'), ('c', 'u', 'n', 't', 'f'), ('c', 'u', 'n', 'f', 't'), ('c', 'u', 't', 'n', 'f'), ('c', 'u', 't', 'f', 'n'), ('c', 'u', 'f', 'n', 't'), ('c', 'u', 'f', 't', 'n'), ('c', 'n', 'u', 't', 'f'), ('c', 'n', 'u', 'f', 't'), ('c', 'n', 't', 'u', 'f'), ('c', 'n', 't', 'f', 'u'), ('c', 'n', 'f', 'u', 't'), ('c', 'n', 'f', 't', 'u'), ('c', 't', 'u', 'n', 'f'), ('c', 't', 'u', 'f', 'n'), ('c', 't', 'n', 'u', 'f'), ('c', 't', 'n', 'f', 'u'), ('c', 't', 'f', 'u', 'n'), ('c', 't', 'f', 'n', 'u'), ('c', 'f', 'u', 'n', 't'), ('c', 'f', 'u', 't', 'n'), ('c', 'f', 'n', 'u', 't'), ('c', 'f', 'n', 't', 'u'), ('c', 'f', 't', 'u', 'n'), ('c', 'f', 't', 'n', 'u'), ('t', 'u', 'n', 'c', 'f'), ('t', 'u', 'n', 'f', 'c'), ('t', 'u', 'c', 'n', 'f'), ('t', 'u', 'c', 'f', 'n'), ('t', 'u', 'f', 'n', 'c'), ('t', 'u', 'f', 'c', 'n'), ('t', 'n', 'u', 'c', 'f'), ('t', 'n', 'u', 'f', 'c'), ('t', 'n', 'c', 'u', 'f'), ('t', 'n', 'c', 'f', 'u'), ('t', 'n', 'f', 'u', 'c'), ('t', 'n', 'f', 'c', 'u'), ('t', 'c', 'u', 'n', 'f'), ('t', 'c', 'u', 'f', 'n'), ('t', 'c', 'n', 'u', 'f'), ('t', 'c', 'n', 'f', 'u'), ('t', 'c', 'f', 'u', 'n'), ('t', 'c', 'f', 'n', 'u'), ('t', 'f', 'u', 'n', 'c'), ('t', 'f', 'u', 'c', 'n'), ('t', 'f', 'n', 'u', 'c'), ('t', 'f', 'n', 'c', 'u'), ('t', 'f', 'c', 'u', 'n'), ('t', 'f', 'c', 'n', 'u'), ('f', 'u', 'n', 'c', 't'), ('f', 'u', 'n', 't', 'c'), ('f', 'u', 'c', 'n', 't'), ('f', 'u', 'c', 't', 'n'), ('f', 'u', 't', 'n', 'c'), ('f', 'u', 't', 'c', 'n'), ('f', 'n', 'u', 'c', 't'), ('f', 'n', 'u', 't', 'c'), ('f', 'n', 'c', 'u', 't'), ('f', 'n', 'c', 't', 'u'), ('f', 'n', 't', 'u', 'c'), ('f', 'n', 't', 'c', 'u'), ('f', 'c', 'u', 'n', 't'), ('f', 'c', 'u', 't', 'n'), ('f', 'c', 'n', 'u', 't'), ('f', 'c', 'n', 't', 'u'), ('f', 'c', 't', 'u', 'n'), ('f', 'c', 't', 'n', 'u'), ('f', 't', 'u', 'n', 'c'), ('f', 't', 'u', 'c', 'n'), ('f', 't', 'n', 'u', 'c'), ('f', 't', 'n', 'c', 'u'), ('f', 't', 'c', 'u', 'n'), ('f', 't', 'c', 'n', 'u')]
for i in range(4):
    what = guess.pop(50)
    name = ''.join(j for j in what)
    mask = strxor(5*name.encode(),key1)
# 虽然计算了四轮,但最终用于使用的串只有最后一轮
print(mask)
n4 = '7\x1a\x02\x15\x17<\x1c\x15+:\x0b\x00\x14\x07\n\x02\x0c9"1\x0e\x109A^'
for i in range(25):
    flag[i] ^= ord(n4[i])
	print(chr(flag[i]),end='')
# UNCTF{1_l0ve_Thurs4Ay!!!}

ezRSA-广东海洋大学

知识点z3求解rsa基础流程

  • 非常规rsa公私钥制作,反而变简单了

  • 第一眼 p^4 = n,z3直接求解

    from z3 import *
p = Real('p')
s = Solver()
s.add(p**4 == 62927872600012424750752897921698090776534304875632744929068546073325488283530025400224435562694273281157865037525456502678901681910303434689364320018805568710613581859910858077737519009451023667409223317546843268613019139524821964086036781112269486089069810631981766346242114671167202613483097500263981460561)
print(s.check())
print(s.model())

  • cdn正常解密即可

    import libnum
e = 65537
n = 62927872600012424750752897921698090776534304875632744929068546073325488283530025400224435562694273281157865037525456502678901681910303434689364320018805568710613581859910858077737519009451023667409223317546843268613019139524821964086036781112269486089069810631981766346242114671167202613483097500263981460561
c = 56959646997081238078544634686875547709710666590620774134883288258992627876759606112717080946141796037573409168410595417635905762691247827322319628226051756406843950023290877673732151483843276348210800329658896558968868729658727981445607937645264850938932045242425625625685274204668013600475330284378427177504
p = 89065756791595323358603857939783936930073695697065732353414009005162022399741
phi = p**4 - p**3
d = libnum.invmod(e,phi)
m = pow(c,d,n)
print(m)
print(libnum.n2s(m))
# b'unctf{pneum0n0ultram01cr0sc0p01cs01l01c0v0lcan0c0n010s01s}'

babyRSA-广东海洋大学

  • 明文高位攻击,直接sage脚本

    n = 25300208242652033869357280793502260197802939233346996226883788604545558438230715925485481688339916461848731740856670110424196191302689278983802917678262166845981990182434653654812540700781253868833088711482330886156960638711299829638134615325986782943291329606045839979194068955235982564452293191151071585886524229637518411736363501546694935414687215258794960353854781449161486836502248831218800242916663993123670693362478526606712579426928338181399677807135748947635964798646637084128123883297026488246883131504115767135194084734055003319452874635426942328780711915045004051281014237034453559205703278666394594859431
c = 15389131311613415508844800295995106612022857692638905315980807050073537858857382728502142593301948048526944852089897832340601736781274204934578234672687680891154129252310634024554953799372265540740024915758647812906647109145094613323994058214703558717685930611371268247121960817195616837374076510986260112469914106674815925870074479182677673812235207989739299394932338770220225876070379594440075936962171457771508488819923640530653348409795232033076502186643651814610524674332768511598378284643889355772457510928898105838034556943949348749710675195450422905795881113409243269822988828033666560697512875266617885514107
high_m = 11941439146252171444944646015445273361862078914338385912062672317789429687879409370001983412365416202240
R.<x> = PolynomialRing(Zmod(n), implementation='NTL')
m = high_m + x
M = m((m^6 - c).small_roots()[0])
print(hex(int(M))[2:])

  • 然后把M转一下。。。。。。。

    import libnum
x =0x554e4354467b32376130616163372d373663622d343237642d393132392d3134373633363064356431627d
print(libnum.n2s(x))
# UNCTF{27a0aac7-76cb-427d-9129-1476360d5d1b}

今晚吃什么-金陵科技学院

知识点培根密码

  • 10000和00000串,5位,结合题目今晚吃什么,估计是培根密码

  • 提取每个串的首位构成新串,写脚本替换为培根密码格式

      lis = ['10000','10000','10000','00000','10000','00000','10000','10000','10000','10000','00000','10000','00000','00000','10000','10000','00000','00000','00000','10000','00000','10000','10000','10000','10000','10000','00000','00000','10000','00000','10000','00000','10000','10000','10000','00000','10000','10000','10000','00000','10000','10000','00000','10000','00000','00000','10000','10000','00000','00000','10000','00000','00000','10000','10000']
  for i in lis:
      if i == '10000':
          print('A',end='')
      else:
          print('B',end='')
      cnt += 1
      if cnt % 5 == 0:
          print('/',end='')
          
  # AAABA/BAAAA/BABBA/ABBBA/BAAAA/ABBAB/ABAAA/BAAAB/AABAB/BAABB/ABBAA

  • 去网站解密得到flag

    UNCTF{CRYPROISFUN}

Fermat

  • 费马小定理: 如果p是一个质数,而整数a不是p的倍数,则有a(p-1)≡1(mod p)

  • 推导

    • gift+x = xp

    • gift = (p-1)*x

    • 2x*(p-1) ≡ 1(mod p)

    • 2x*(p-1) - 1 = x * p

    • 2gift -1 = x*p

    • 结合n = p*q

    • p = gcd(n, 2gift -1)

    • p = gcd(n, powmod(2, gift, n))

  • 解密脚本

    from Crypto.Util.number import *
import gmpy2
import libnum

e = 0x10001
n =  19793392713544070457027688479915778034777978273001720422783377164900114996244094242708846944654400975309197274029725271852278868848866055341793968628630614866044892220651519906766987523723167772766264471738575578352385622923984300236873960423976260016266837752686791744352546924090533029391012155478169775768669029210298020072732213084681874537570149819864200486326715202569620771301183541168920293383480995205295027880564610382830236168192045808503329671954996275913950214212865497595508488636836591923116671959919150665452149128370999053882832187730559499602328396445739728918488554797208524455601679374538090229259
c = 388040015421654529602726530745444492795380886347450760542380535829893454552342509717706633524047462519852647123869277281803838546899812555054346458364202308821287717358321436303133564356740604738982100359999571338136343563820284214462840345638397346674622692956703291932399421179143390021606803873010804742453728454041597734468711112843307879361621434484986414368504648335684946420377995426633388307499467425060702337163601268480035415645840678848175121483351171989659915143104037610965403453400778398233728478485618134227607237718738847749796204570919757202087150892548180370435537346442018275672130416574430694059
gift = 28493930909416220193248976348190268445371212704486248387964331415565449421099615661533797087163499951763570988748101165456730856835623237735728305577465527656655424601018192421625513978923509191087994899267887557104946667250073139087563975700714392158474439232535598303396614625803120915200062198119177012906806978497977522010955029535460948754300579519507100555238234886672451138350711195210839503633694262246536916073018376588368865238702811391960064511721322374269804663854748971378143510485102611920761475212154163275729116496865922237474172415758170527875090555223562882324599031402831107977696519982548567367160

gift = pow(2,gift,n) - 1
p = libnum.gcd(gift,n)
q = n // p
phi = (p-1)*(q-1)
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
print(long_to_bytes(m))
# b'UNCTF{DO_y0u_Fermat_1ittle_theOrem}'

Misc

magic_word-西南科技大学

知识点零宽隐写

unctf{We1come_new_ctfer}

  • 一开始没改大写WA了一发,血亏

巨鱼-河南理工大学

知识点图片大小隐写zip伪加密文件合成ppt隐写

  • 拿到图片先常规检查,改了改宽高,发现多出一行字“无所谓我会出手”,可能有用

  • 然后kali试着foremost了一下,发现图片隐藏了zip,提取出来打开

  • 010查看zip,真加密,拿刚才找出来的字试了一下,密码正确

  • 提取出来又是一层zip,还是有加密,010打开一眼看到总标志位0000,伪加密

  • 翻看标志位unshortdeflag,为1的全改回0,去伪加密

  • 一个flag文件夹,一个化学式和一个加密的pptx,网上查了化学式名字都不对,发现叫六六粉,试了666,正确,出题人真6

  • 打开pptx,提示flagnothere,最后一页pptx无内容,猜测同色隐藏到背景里了,全选更换字体颜色,得到flag

    UNCTF{y0u_F1nd_1t!}

  • 这题多写几个字以表敬意(

syslog-浙江师范大学

  • 提示看压缩包,结合题目的syslog

  • 上kali,binwalk -e文件,打开日志查看

  • 搜索password发现base64

  • cGFzc3dvcmQgaXMgVTZudTJfaTNfYjNTdA==

  • 解密得到密码

  • 输入得到flag

    unctf{N1_sH3_D0n9_L0g_dE!}

找得到我吗-闽南师范大学

  • 打开文档全选设定文字颜色,发现3k字大作文,但是好像没用,废话文学是玩明白了

  • 常规检测,binwalk分离转出xml

  • 一大堆东西挨个看

  • document.xml中搜索flag得到结果

  • UNCTF{You_find_me!}

社什么社-湖南警察学院

  • 凤凰古城不错,以后一定去看看

  • UNCTF{4F0198127A45F66C07A5B1A2DDA8223C}

In_the_Morse_Garden-陆军工程大学

知识点base64word隐写摩斯密码

  • pdf打开,ctrl+A发现图片下面有东西,提取出来

  • UNCTF{…=},base64解密

  • 花园宝宝乱入

  • 只有玛卡巴卡和依古比古,加上题目,morse解密(空格是摩斯断点,因为这个卡了半天,服了)

  • UNCTF{WAN_AN_MAKA_BAKAAAAA!}

UmVfX1BvaW50
关注
  • 2
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 1
    评论
专栏目录
ural部分题解
10-25
部分题解 大牛出品 Vol1-3 不是很全,约有200题左右
含有历年来天梯赛部分题解
最新发布
03-05
每题上方为题目序号,代码为题解部分题解有另法
西普WEB大部分题解
12-09
西普WEB大部分题解,需要在西普刷题的CTF小伙伴赶紧下载吧
2022美赛B题题解-水电共享赛题题解.zip
01-21
2022美赛b题 2022美赛B题题解_水电共享赛题题解
UNCTF2022-Web
v2ish1yan的博客
11-21 829
unctf2022的所有webwp
【CTF】SZTU课内练习WP1
2301_76885465的博客
12-11 944
2.使用“python sqlmap.py -r “1.txt” --level 3 --batch”进行探测注入,然后使用“python sqlmap.py -r “1.txt” --level 3 --batch --dbs”获取数据库,然后依次获取表,字段,字段的内容,最后得到flag.2.进行抓包,将Get请求改为Post请求,并按要求将flag=输到8位数以上,得到。1.登录demo账户,发现有flag,点击发现没有权限查看,因此考虑越权访问。1.对IP进行扫描,发现/backend。
UNCTF2022-校内赛
Welcome To Myon'Blog !
11-25 1045
UNCTF2022-校内赛
[CTF][RoarCTF 2019]Easy Calc 1
凉水的博客
11-01 520
解题思路 1 尝试 看网页源码,有set waf的提示信息。 尝试各种注入,发现几种不同的报错,基本确定单引号、双引号等关键符号被过滤。 让人很费解的是只要是字母都会报错。在这一步上没有有效思路。 2 搜索 带着前面尝试的结果进行搜索,发现对于网页源码中对于waf的提示没有有效利用,因为搜索结果大部分提到这种情况,试用变量名前面加%20(空格)即可绕过,试了下确实如此。重新尝试注入,这次可以输入字母,但是各种命令都会被拦截。一次无意中的误输入%20写成了$返回了calc.php的源码。 <?php
CTF---Web---SQL注入---04---F12network+XXF伪造+sqlmap跑文件
qq_22160557的博客
07-29 1097
文章目录前言一、题目描述二、解题步骤1、信息隐藏2、XXF伪造3、sqlmap文件注入三、总结 前言 题目分类: CTF—Web—SQL注入—04—F12network+XXF伪造+ sqlmap跑文件 一、题目描述 题目:Simple_Calc_1,简单计算器 提示:XFF伪造 二、解题步骤 1、信息隐藏 Step1:F12—>查看network,刷新一下,就可以看到/backend/目录, 提示:{“success”:true,“count”:2},是访问次数 2、XXF伪造 Step2:其
Simple Calc Writeup
子曰小玖的博客
05-23 1178
https://sploitfun.wordpress.com/2016/03/07/bkp-ctf-simple-calc-writeup/ Recently I got my hands dirty with CTF. My first attempt was 32c3 and I failed miserably at it, however my second attempt was f...
UNCTF-日常训练-reverse-反编译
ookami6497的博客
11-22 1304
没有加壳 IDA打开,没看到啥有用的信息,用动调也没调出啥来。。。 参考大佬的博客,知道了这是python项目打包成的exe文件,如何打包可以参考 python3项目打包成exe可执行程序 然后又翻了下之前动调的截图,看到这有个调用了python的dll。(之前都忽略了) 然后就是需要从这个exe中解包得到代码,可以参考Pyinstaller解包 先从GitHub上下载pyinstxtractor 使用方法: cmd下进入该目录输入:python pyinstxtr..
UNCTF2022 wp
网安小菜鸡
01-16 971
UNCTF2022 wp
UNCTF-日常训练-reverse-babypy
ookami6497的博客
11-27 1052
这题和上一题的思路是一样的,具体方法可以参考我的上一篇博客,我写得很详细了:UNCTF-日常训练-reverse-反编译 先用pyinstxtractor解包,用010editor打开struct.pyc和baby.pyc,将baby.pyc的第一行用struct.pyc的第一行代替 另存为一个123.pyc文件,然后就能正常反编译了,在线工具网站:在线pyc反编译 反编译结果: 代码挺好懂的,libnum库使用可以参考:libnum库的安装及使用 import os, lib..
0ctf
zhang14916的博客
03-28 881
1.babyrsa: 打开源文件阅读我们发现这里的RSA中的n是多项式,但这里的RSA依旧和n为数字的RSA是相似的,在http://www.diva-portal.se/smash/get/diva2:823505/FULLTEXT01.pdf中有介绍如何求解这种RSA。如同n为数字的RSA,我们需要讲多项式n分解为p,q,根据RSA的p和q求解phi(n),继续计算获取d,这是我们就可以解...
UNCTF 2022
m0_46105229的博客
11-21 942
UNCTF WP
UNCTF2022wp
weixin_52780973的博客
11-21 995
unctf2022wp web、密码学Crypto、Misc、Reverse 比赛
【总结】2021unctf校内(cry&misc)
jialuomore的博客
12-13 988
毕竟初次接触正规比赛题,没什么经验,题型也没见多少,再加上基础知识方面还很欠缺,不了解原理题目变化就会很头疼。 下面总结一下本次解题思路: misc LPL: 下载附件是一个zip压缩包,直接解压得到.png和.zip文件 图片win可以打开(linux打不开),没有信息,再看压缩包需要密码(010观察是真加密),无法爆破,猜测密码应该隐藏在图片中 010打开图片发现提示,根据官方wp...
2022-UNCTF部分wp以及web的赛后复现学习
BrosyveryOK的博客
11-18 3431
tcltcltcltcltcl,前路漫漫,继续努力。这次的web感觉都可以做,三道sql注入只出了一道,真的tcl,这个礼拜还是测试周,和比赛重了着实难受,隔壁的geek也还没做QAQ。下礼拜就猛做sql注入和源码泄露的整理!还是要多刷题多整理啊…
csp-j2022复赛题解
09-18
csp-j2022复赛题解涉及到一个二元二次方程,并且需要进行化简和推导。首先,将给定的式子化简为n=pq pq-p-q^2=e*d,记为A。然后,根据范围n~k,可以使用动态规划来解决,复杂度为O(n^2*k)。转移的条件与序列最后一个点的坐标和添加点的个数有关。进一步推导,可以得到p*q=A B-2,记为C。由(p q)^2-4pq=(q-p)^2得到A^2-4(A B-2)=(p-q)^2,记为D。因此,q-p=sqrt(A^2-4*(A B-2)),得到D。根据p q=A q*p=D,可以得到q=(A D)/2,p=A-q。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

UmVfX1BvaW50

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值