首页 > 其他分享 >Crypto ( 4 )

Crypto ( 4 )

时间:2023-11-23 20:23:17浏览次数:43  
标签:bytes Crypto long 解密 flag print import

crypto 13

题中说明base家族,猜测十多种base组合,常见的有base32和base64,写脚本执行,发现得到flag:flag{b4Se_Fami1y_Is_FUn}image

easyrsa 3

由rsa的加密原理可知: c=m^e%n。
c1 = m^e1 % n
c2 = m^e2 % n
当攻击者截获了c1和c2,其实就可以恢复出明文。
解密脚本:
import gmpy2
from Crypto.Util.number import long_to_bytes,bytes_to_long

n = 15944475431088053285580229796309956066521520107276817969079550919586650535459242543036143360865780730044733026945488511390818947440767542658956272380389388112372084760689777141392370253850735307578445988289714647332867935525010482197724228457592150184979819463711753058569520651205113690397003146105972408452854948512223702957303406577348717348753106868356995616116867724764276234391678899662774272419841876652126127684683752880568407605083606688884120054963974930757275913447908185712204577194274834368323239143008887554264746068337709465319106886618643849961551092377843184067217615903229068010117272834602469293571
e1 = 797
c1 = 11157593264920825445770016357141996124368529899750745256684450189070288181107423044846165593218013465053839661401595417236657920874113839974471883493099846397002721270590059414981101686668721548330630468951353910564696445509556956955232059386625725883038103399028010566732074011325543650672982884236951904410141077728929261477083689095161596979213961494716637502980358298944316636829309169794324394742285175377601826473276006795072518510850734941703194417926566446980262512429590253643561098275852970461913026108090608491507300365391639081555316166526932233787566053827355349022396563769697278239577184503627244170930
e2 = 521
c2 = 6699274351853330023117840396450375948797682409595670560999898826038378040157859939888021861338431350172193961054314487476965030228381372659733197551597730394275360811462401853988404006922710039053586471244376282019487691307865741621991977539073601368892834227191286663809236586729196876277005838495318639365575638989137572792843310915220039476722684554553337116930323671829220528562573169295901496437858327730504992799753724465760161805820723578087668737581704682158991028502143744445435775458296907671407184921683317371216729214056381292474141668027801600327187443375858394577015394108813273774641427184411887546849

s = gmpy2.gcdext(e1,e2) # 扩展欧几里得算法,s会有两个值,一个正一个负
m1 = pow(c1,s[1],n) #幂取模:(m1=(c1^s1)mod n)
m2 = pow(c2,s[2],n) #幂取模:(m2=(c2^s2)mod n)

m = (m1*m2)%n
print(long_to_bytes(m))
运行得到flag:flag{sh4r3_N}

easyrsa 4

e很小,但n很大,为低加密指数攻击。
解密脚本:
import libnum
from gmpy2 import invert, gcd, iroot

def op(x):
res = 1
for i in x:
res *= i
return res

def CRT(m, a):
assert (len(m) == len(a))
M = op(m)
sum = 0
for m, a in zip(m, a):
Mi = M // m
ti = invert(Mi, m)
sum += a * ti * Mi
return sum % M
def GCRT(m, a):
assert (len(m) == len(a))
curm, cura = m[0], a[0]
for m, a in zip(m[1:], a[1:]):
d = gcd(curm, m)
c = a - cura
assert (c % d == 0)
K = c // d * invert(curm // d, m // d)
cura += curm * K
curm = curm * m // d
return cura % curm

e= 3
n= [18970053728616609366458286067731288749022264959158403758357985915393383117963693827568809925770679353765624810804904382278845526498981422346319417938434861558291366738542079165169736232558687821709937346503480756281489775859439254614472425017554051177725143068122185961552670646275229009531528678548251873421076691650827507829859299300272683223959267661288601619845954466365134077547699819734465321345758416957265682175864227273506250707311775797983409090702086309946790711995796789417222274776215167450093735639202974148778183667502150202265175471213833685988445568819612085268917780718945472573765365588163945754761]
c= [150409620528139732054476072280993764527079006992643377862720337847060335153837950368208902491767027770946661]
m = CRT(n, c)
m1 = iroot(m, e) # 开e次方
print(m1)
print(libnum.n2s(int(m1[0])))

easyrsa 5

维纳攻击:github上找到相关的攻击脚本
链接:https://github.com/pablocelayes/rsa-wiener-attack。
下载完成后将所有文件放在同一个文件夹内,在该文件夹内编写脚本。
image
解密脚本:
import gmpy2
import RSAwienerHacker
from Crypto.Util.number import long_to_bytes,bytes_to_long
e = 284100478693161642327695712452505468891794410301906465434604643365855064101922252698327584524956955373553355814138784402605517536436009073372339264422522610010012877243630454889127160056358637599704871937659443985644871453345576728414422489075791739731547285138648307770775155312545928721094602949588237119345
n = 468459887279781789188886188573017406548524570309663876064881031936564733341508945283407498306248145591559137207097347130203582813352382018491852922849186827279111555223982032271701972642438224730082216672110316142528108239708171781850491578433309964093293907697072741538649347894863899103340030347858867705231
c = 350429162418561525458539070186062788413426454598897326594935655762503536409897624028778814302849485850451243934994919418665502401195173255808119461832488053305530748068788500746791135053620550583421369214031040191188956888321397450005528879987036183922578645840167009612661903399312419253694928377398939392827

d = RSAwienerHacker.hack_RSA(e,n)
m = gmpy2.powmod(c,d,n)
print(d)
print(long_to_bytes(m))
image

easyrsa 6

给了一个py文件,里面给出了n,c,e,打开http://factordb.com/index.php,分解n,得到p,q的值。再编写脚本解密即可
解密脚本:
import libnum
from Crypto.Util.number import long_to_bytes,bytes_to_long

e = 0x10001
n = 26737417831000820542131903300607349805884383394154602685589253691058592906354935906805134188533804962897170211026684453428204518730064406526279112572388086653330354347467824800159214965211971007509161988095657918569122896402683130342348264873834798355125176339737540844380018932257326719850776549178097196650971801959829891897782953799819540258181186971887122329746532348310216818846497644520553218363336194855498009339838369114649453618101321999347367800581959933596734457081762378746706371599215668686459906553007018812297658015353803626409606707460210905216362646940355737679889912399014237502529373804288304270563
c = 18343406988553647441155363755415469675162952205929092244387144604220598930987120971635625205531679665588524624774972379282080365368504475385813836796957675346369136362299791881988434459126442243685599469468046961707420163849755187402196540739689823324440860766040276525600017446640429559755587590377841083082073283783044180553080312093936655426279610008234238497453986740658015049273023492032325305925499263982266317509342604959809805578180715819784421086649380350482836529047761222588878122181300629226379468397199620669975860711741390226214613560571952382040172091951384219283820044879575505273602318856695503917257
p = 163515803000813412334620775647541652549604895368507102613553057136855632963322853570924931001138446030409251690646645635800254129997200577719209532684847732809399187385176309169421205833279943214621695444496660249881675974141488357432373412184140130503562295159152949524373214358417567189638680209172147385163
q = 163515803000813412334620775647541652549604895368507102613553057136855632963322853570924931001138446030409251690646645635800254129997200577719209532684847732809399187385176309169421205833279943214621695444496660249881675974141488357432373412184140130503562295159152949524373214358417567189638680209172147385801
fn=(p-1)*(q-1)
d = libnum.invmod(e,fn)
m = pow(c, d, n)
flag=long_to_bytes(m)
print(m)
print(flag)#转字节

easyrsa 7

这题我也是用分解n的办法来做的,打开http://factordb.com/index.php,分解n,得到p,q的值。然后用上面的脚本解密即可

BUUCTF Crypto

一眼就解密

image
题目后面有=就猜是base64编码,用在线base64解码就OK
image

MD5

直接上在线工具:MD5在线工具
image

Url编码

题目就直接告诉我们用Url编码在线工具就OK了
image

看我回旋踢

看题觉得是凯撒密码
image
直接用在线工具:image

摩斯

题目就提示我们这是摩斯密码,用在线工具就欧克了
image

变异凯撒

image
image
因为明文flag对应asZ_,所以寻找明文和密文的规律
f-102 a-97 相差5
l-108 f-102 相差6
a-97 Z-90 相差7
g-103 _-95 相差8
可以看出每个字符的偏移量为n+4
所以依次算出各密文字符对应的明文字符求得明文为
flag{Caesar_variation}

Quoted-printable

image
题目提示是Quoted-printable加密,用对应的解密工具就OK了
image

Rabbit

用对应的在线工具就好了
image

篱笆墙的影子

篱笆墙很明显联想到了栅栏米娜,用栅栏密码解密就OK了
image

RSA

用对应工具,D的结果即为flag
image

标签:bytes,Crypto,long,解密,flag,print,import
From: https://www.cnblogs.com/YangSIY/p/17849879.html

相关文章

  • HWS山大专区PWN双一血 & CRYPTO-WP
    2023.11.18两天半的比赛,就打了半天(因为要赶去打香山杯决赛了),不过结果还算好,人生第一次拿了两个一血hhh。写wp的时候人在中大南校北门的酒店里:)controller格式化字符串泄露canary之后打ret2libc即可。fromevilbladeimport*context(os='linux',arch='amd64')context(os=......
  • Crypto_XCTF_WriteUp | 你猜猜
    题目提示:我们刚刚拦截了,敌军的文件传输获取一份机密文件,请君速速破解。题目:504B03040A0001080000626D0A49F4B5091F1E0000001200000008000000666C61672E7478746C9F170D35D0A45826A03E161FB96870EDDFC7C89A11862F9199B4CD78E7504B01023F000A0001080000626D0A49F4B5091F1E0000001......
  • crypto 2023.11.13-11.19
    1.a.直接用python跑。b.得到flag,此flag为16进制,需要转换为字符串。c.得到flag 2.a.直接爆破猜解:b.得到flag 3.a.直接暴力猜解b.得到flag 4.a.直接使用工具解码b.得到flag 5.a.用python工具解密b.得到10进制的flag,将其转换为16进制,再转换为字符串......
  • buuctf:crypto1-10
    crypto1. 得到一串字符串,可以用base64编码解码工具之间进行解密 crypto2. 标题直接写了MD5,所以用md5解密(数字与字母的组合)可直接解出crypto3.同理第三题,用url工具crypto4. 用凯撒密码解决并且将偏移量改为13crypto5. 摩斯密码直接得出crypto6.这道题吧,只能靠......
  • Crypto_XCTF_WriteUp | easychallenge
    题目一个pyc文件(……不知道怎么形容分析用txt格式打开是一串半人半鱼的……一串夹着一点点编程语言的乱码,必应了一下是python运行后生成的字节码文件。直接运行出现报错:提示pyc文件中的magicnumber错误,可能是python版本不匹配或者文件损坏导致。于是安装uncom......
  • Crypto_XCTF_WriteUp | 轮转机加密
    题目提示:你俩继续往前走,来到了前面的下一个关卡,这个铺面墙上写了好多奇奇怪怪的英文字母,排列的的整整齐齐,店面前面还有一个大大的类似于土耳其旋转烤肉的架子,上面一圈圈的也刻着很多英文字母,你是一个小历史迷,对于二战时候的历史刚好特别熟悉,一拍大腿:“嗨呀!我知道是什么东西了......
  • “技能兴鲁”职业技能大赛-网络安全赛项-学生组初赛 Crypto WP
    babyRSA查看代码fromgmpy2import*fromCrypto.Util.numberimport*flag='flag{I\'mnotgonnatellyoutheFLAG}'#这个肯定不是FLAG了,不要交这个咯p=getPrime(2048)q=getPrime(2048)m1=bytes_to_long(bytes(flag.encode()))e1=3247473589e2......
  • Crypto_BUUCTF_WriteUp | 还原大师
    题目我们得到了一串神秘字符串:TASC?O3RJMV?WDJKX?ZM,问号部分是未知大写字母,为了确定这个神秘字符串,我们通过了其他途径获得了这个字串的32位MD5码。但是我们获得它的32位MD5码也是残缺不全,E903???4DAB????08?????51?80??8A?,请猜出神秘字符串的原本模样,并且提交这个字串的32位MD......
  • cryptography hash 算法使用
    安装pipinstallcryptography使用方法fromcryptography.hazmat.primitivesimporthashesdigest=hashes.Hash(hashes.SHA256())#digest=hashes.Hash(hashes.SHA3_256())#digest=hashes.Hash(hashes.SM3())digest.update(b"abc")print(digest.finalize())......
  • Buuctf-Crypto-之深夜刷题部分wp
    萌萌哒的八戒首先下载好附件,解压,是一幅猪图,图的下方是一串看不懂的字,百度输入关键词猪、密码,可知这是猪圈密码,手撸得WHENTHEPIGWANTTOEAT大写不对,换成小写。whenthepigwanttoeat传统知识+古典密码首先下载好附件,解压:小明某一天收到一封密信,信中写了几个不同的年份辛卯,癸巳......