BUUCTF 每日打卡 2021-7-29

最新推荐文章于 2023-01-03 16:41:53 发布

Σ2333!

最新推荐文章于 2023-01-03 16:41:53 发布

阅读量264

点赞数

分类专栏： crypto 文章标签：密码学加密解密

本文链接：https://blog.csdn.net/weixin_52446095/article/details/119213817

版权

crypto 专栏收录该内容

79 篇文章 3 订阅

订阅专栏

引言

原本以为今天能把1分题刷完的，结果又多了几个，淦

[AFCTF2018]One Secret, Two encryption

题面：
一份秘密发送给两个人不太好吧，那我各自加密一次好啦~~~
素数生成好慢呀
偷个懒也……不会有问题的吧？

给了两个公钥文件
先转成能看懂的：

from Crypto.PublicKey import RSA

with open("public1.pub", "r") as f:
    key = RSA.import_key(f.read())
    n1 = key.n
    e1 = key.e
    print('n1:', key.n)
    print('e1:', key.e)

with open("public2.pub", "r") as f:
    key = RSA.import_key(f.read())
    n2 = key.n
    e2 = key.e
    print('n2:', key.n)
    print('e2:', key.e)

得到n和e：
在这里插入图片描述
先尝试爆破，发现都可以暴力分解（啊这）
得到p,q：

p1 = 27809722472252756488236572384949349891208643090117349509994417047989746484576130392206781875743390815588696964830219136848285391966773129269973231061599768809907518881304479207799187410626121509031210549317480187679455501340422680238395009932081263455435640341892702399022829951248686529928945588545968218943
q1 = 174410123761631337520799179808598127914184971978811796722414215239874114048347830609255805203105210941441708658356189056418366104015120153227123562166980882513945308613658062284844636341082646995916907680076101741743945938845994542592182491688095893467336553001430454260431413695816790105384153941685561590503
p2 = 13574537518864130340355432541118272197612469786472599699388744722964224446468845332277885224151359348751827390453295742493408690917441802418376492710577443748707324892538263470296850322457820732500754398379697996486797672220145645775197396918813888878389297506519458452871204328250224991572191181011886880259
q2 = 174410123761631337520799179808598127914184971978811796722414215239874114048347830609255805203105210941441708658356189056418366104015120153227123562166980882513945308613658062284844636341082646995916907680076101741743945938845994542592182491688095893467336553001430454260431413695816790105384153941685561590503

发现q1=q2
原来题面说的“偷个懒”是这个意思
然后就是常规的RSA解密，代码如下：

from Crypto.PublicKey import RSA
from Crypto.Util.number import *
import rsa

with open("public1.pub", "r") as f:
    key = RSA.import_key(f.read())
    n1 = key.n
    e1 = key.e
    print('n1:', key.n)
    print('e1:', key.e)

with open("public2.pub", "r") as f:
    key = RSA.import_key(f.read())
    n2 = key.n
    e2 = key.e
    print('n2:', key.n)
    print('e2:', key.e)

p1 = 27809722472252756488236572384949349891208643090117349509994417047989746484576130392206781875743390815588696964830219136848285391966773129269973231061599768809907518881304479207799187410626121509031210549317480187679455501340422680238395009932081263455435640341892702399022829951248686529928945588545968218943
q1 = 174410123761631337520799179808598127914184971978811796722414215239874114048347830609255805203105210941441708658356189056418366104015120153227123562166980882513945308613658062284844636341082646995916907680076101741743945938845994542592182491688095893467336553001430454260431413695816790105384153941685561590503
p2 = 13574537518864130340355432541118272197612469786472599699388744722964224446468845332277885224151359348751827390453295742493408690917441802418376492710577443748707324892538263470296850322457820732500754398379697996486797672220145645775197396918813888878389297506519458452871204328250224991572191181011886880259
q2 = 174410123761631337520799179808598127914184971978811796722414215239874114048347830609255805203105210941441708658356189056418366104015120153227123562166980882513945308613658062284844636341082646995916907680076101741743945938845994542592182491688095893467336553001430454260431413695816790105384153941685561590503
print(q1 == q2)

d1 = inverse(e1, (p1 - 1) * (q1 - 1))
Rsa = rsa.PrivateKey(n1, e1, d1, p1, q1)

with open('flag_encry1', 'rb') as f:
    c1 = f.read()
    print(rsa.decrypt(c1, Rsa))

d2 = inverse(e2, (p2 - 1) * (q2 - 1))
Rsa = rsa.PrivateKey(n2, e2, d2, p2, q2)
with open('flag_encry2', 'rb') as f:
    c2 = f.read()
    print(rsa.decrypt(c2, Rsa))

[AFCTF2018]MyOwnCBC

加密代码如下：

from Crypto.Cipher import AES
from Crypto.Random import random
from Crypto.Util.number import long_to_bytes

def MyOwnCBC(key, plain):
	if len(key)!=32:
		return "error!"
	cipher_txt = b""
	cipher_arr = []
	cipher = AES.new(key, AES.MODE_ECB, "")
	plain = [plain[i:i+32] for i in range(0, len(plain), 32)]
	print plain
	cipher_arr.append(cipher.encrypt(plain[0]))
	cipher_txt += cipher_arr[0]
	for i in range(1, len(plain)):
		cipher = AES.new(cipher_arr[i-1], AES.MODE_ECB, "")
		cipher_arr.append(cipher.encrypt(plain[i]))
		cipher_txt += cipher_arr[i]
	return cipher_txt
	
key = random.getrandbits(256)
key = long_to_bytes(key)

s = ""
with open("flag.txt","r") as f:
	s = f.read()
	f.close()

with open("flag_cipher","wb") as f:
	f.write(MyOwnCBC(key, s))
	f.close()

题面：
CBC什么东西呀？不就是把上一轮加密的影响扩散到下一轮嘛
它写的CBC一点都不正宗
我这样写肯定也行的！

大概吧？

观察代码，发现是先随机生成了一个key然后把plain按每段32位分割，第一段用生成的key进行AES加密，后面每段plain以前面一段加密后的plain（也就是cipher）作为key进行加密，最后拼接在一起，题面里“把上一轮加密的影响扩散到下一轮”就是这个意思
由于第一段key是随机生成的，也没有线索来还原，就以第一段cipher作为key来还原后面的内容，代码如下：

from Crypto.Cipher import AES

with open("flag_cipher", "rb") as f:
    cipher = f.read()

key = cipher[:32]
plain_txt = b""
cipher = [cipher[i:i + 32] for i in range(0, len(cipher), 32)]
for i in range(1, len(cipher)):
    aes = AES.new(key, AES.MODE_ECB)
    plain_txt += aes.decrypt(cipher[i])
    key = cipher[i]
print(plain_txt)

结果为：
在这里插入图片描述

结语

希望继续坚持

Σ2333!

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
BUUCTF 每日打卡 2021-7-29

引言原本以为今天能把1分题刷完的，结果又多了几个，淦[AFCTF2018]One Secret, Two encryption题面：一份秘密发送给两个人不太好吧，那我各自加密一次好啦~~~素数生成好慢呀偷个懒也……不会有问题的吧？给了两个公钥文件先转成能看懂的：from Crypto.PublicKey import RSAwith open("public1.pub", "r") as f: key = RSA.import_key(f.read()) n1 = ke
复制链接

扫一扫