RSA
送的,factor.com直接分解
# !/usr/bin/env python
# -*- coding: utf-8 -*-
# @author: yjp
# @software: PyCharm
# @file: exp.py
# @time: 2023-01-05 20:18
from yjpscripts.crypto.factorUtil import factor
n = 135127138348299757374196447062640858416920350098320099993115949719051354213545596643216739555453946196078110834726375475981791223069451364024181952818056802089567064926510294124594174478123216516600368334763849206942942824711531334239106807454086389211139153023662266125937481669520771879355089997671125020789
# factor(n)
p0=11239134987804993586763559028187245057652550219515201768644770733869088185320740938450178816138394844329723311433549899499795775655921261664087997097294813
p1=12022912661420941592569751731802639375088427463430162252113082619617837010913002515450223656942836378041122163833359097910935638423464006252814266959128953
from Crypto.Util.number import *
import gmpy2
c=110674792674017748243232351185896019660434718342001686906527789876264976328686134101972125493938434992787002915562500475480693297360867681000092725583284616353543422388489208114545007138606543678040798651836027433383282177081034151589935024292017207209056829250152219183518400364871109559825679273502274955582
e = 65537
phi = (p0-1)*(p1-1)
d = gmpy2.invert(e,phi)
print(long_to_bytes(gmpy2.powmod(c,d,n)))
# hgame{factordb.com_is_strong!}
Be Stream
查看task.py
仅异或,所以将enc与water异或就可以拿到flag了,但是递归需要很长的时间。这里我将已经算出的值放入缓存,最终在1秒内求得flag。
# !/usr/bin/env python
# -*- coding: utf-8 -*-
# @author: yjp
# @software: PyCharm
# @file: exp.py
# @time: 2023-01-05 20:32
# from flag import flag
# assert type(flag) == bytes
from functools import lru_cache
key = [int.from_bytes(b"Be water", 'big'), int.from_bytes(b"my friend", 'big')]
@lru_cache(maxsize=1024)
def stream(i):
if i==0:
return key[0]%256
elif i==1:
return key[1]%256
else:
return (stream(i-2)*7%256 + stream(i-1)*4%256)%256
enc = b'\x1a\x15\x05\t\x17\tu"-\x06lm\x01-\xc7\xcc2\x1eXA\x1c\x15\xb7\xdb\x06\x13\xaf\xa1-\x0b\xd4\x91-\x06\x8b\xd4-\x1e\xab\xaa\x15-\xf0\xed\x1f\x17\x1bY'
flag =b''
for i in range(len(enc)):
water = stream((i//2)**6% 256)
flag += bytes([(water ^ enc[i])%128])
print(flag)
print(flag)
# hgame{\xb1\xe6_t\xe8\xe9s_ch@l|eng\xb3\xdfta\xeb\xe5_y0u_to0_l\xef\xeeg_\xf4\xe9me?}
(i//2)**6% 256需要%上256
兔兔的车票
题目的大致意思是从随机生成的三张图片随机的取出一张与flag异或(rbg像素点)得出新的图片,我们需要根据新的图片换原出flag,感觉只能爆破。
from PIL import Image
import random
from Crypto.Util.number import *
def invert_right(m, l, val=''):
length = 32
mx = 0xffffffff
if val == '':
val = mx
i, res = 0, 0
while i * l < length:
mask = (mx << (length - l) & mx) >> i * l
tmp = m & mask
m = m ^ tmp >> l & val
res += tmp
i += 1
return res
def invert_left(m, l, val):
length = 32
mx = 0xffffffff
i, res = 0, 0
while i * l < length:
mask = (mx >> (length - l) & mx) << i * l
tmp = m & mask
m ^= tmp << l & val
res |= tmp
i += 1
return res
def invert_temper(m):
m = invert_right(m, 18)
m = invert_left(m, 15, 4022730752)
m = invert_left(m, 7, 2636928640)
m = invert_right(m, 11)
return m
def clone_mt(record):
state = [invert_temper(i) for i in record]
gen = random.Random()
gen.setstate((3, tuple(state + [0]), None))
return gen
def makeSourceImg():
colors = long_to_bytes(g.getrandbits(width * height * 24))[::-1]
img = Image.new('RGB', (width, height))
x = 0
for i in range(height):
for j in range(width):
img.putpixel((j, i), (colors[x], colors[x + 1], colors[x + 2]))
x += 3
return img
def xorImg(keyImg, sourceImg):
img = Image.new('RGB', (width, height))
for i in range(height):
for j in range(width):
p1, p2 = keyImg.getpixel((j, i)), sourceImg.getpixel((j, i))
img.putpixel((j, i), tuple([(p1[k] ^ p2[k]) for k in range(3)]))
return img
from PIL import Image
from Crypto.Util.number import *
im = Image.open('pics/enc0.png')
width = im.width
height = im.height
for i in range(16):
key = Image.open(f'pics/enc{i}.png')
for j in range(16):
encImg = Image.open(f'pics/enc{j}.png')
pt = xorImg(key, encImg)
pt.save(f'res/flag{i*16+j}.png')
flag
神秘的电话
morseacsii可以拿到字符串
0223e__priibly___honwa__jmgh__fgkcqaoqtmfr
然后试了栅栏什么的就不会了