标签：26 14 flag Crypto range print 256 string

[ACTF新生赛2020]crypto-classic1

看键盘就知道了

压缩包密码：circle

感觉有点像是flag的形式，不知道从何下手，借鉴了wp
要用维吉尼亚，接下来找密钥。根据题目ACTF，猜测接出来的flag应该是‘ACTF开头’，对于维吉尼亚表格可以找到密钥：spsp或者sp

用在线工具：

提交上去是错误的

wp上面写的是题目是错误的：SRLU{OWSI_S_RDPKHARSA_NXYTFTJT}

改为小写：
flag{what_a_classical_vigenere}

EasyProgram

题目有两个文件，不知从何下手，看大佬wp
文本1：

文本2：簭+"烸?K?镝?灸註? z?Q碉=??
要用到脚本：代码是一系列运算后，最后进行异或。解题思路就是，还原源代码，再进行一次异或就可以了

点击查看代码

#读文件方法一：
def filehex(file):
    fhex=[]
    f = open(file,'rb')
    ff = f.read().hex()
 
    for i in range(0,len(str(ff)),2):
        fhex.append(int(str(ff)[i:i+2],16))
    return fhex
 
flagx2=filehex('file.txt')
print(flagx2)
 
#读文件方法二：使用010edit 读取'file.txt'文件16进制
flagx=[0x00,0xBA,0x8F,0x11,0x2B,0x22,0x9F,0x51,0xA1,0x2F,0xAB,0xB7,0x4B,0xD7,0x3F,0xEF,0xE1,0xB5,0x13,0xBE,0xC4,0xD4,0x5D,0x03,0xD9,0x00,0x7A,0xCA,0x1D,0x51,0xA4,0x73,0xB5,0xEF,0x3D,0x9B,0x31,0xB3]
 
s=[]
t=[]
key='whoami'
j=0
for i in range(0,256):
    s.append(i)
 
for i in range(0,256):
    t.append(key[i % len(key)])
 
for i in range(0,256):
     j=(j+int(s[i])+int(ord(t[i])))%256
     s[i], s[j] = s[j], s[i]
 
i=0;j=0;x=0
for m in range(0,38):
    i=(i + 1)%(256)
    j=(j + s[i])%(256)
    s[i],s[j] = s[j],s[i]
    x=(s[i] + (s[j]%(256)))%(256)
    flagx[m] = flagx[m] ^ s[x]
    flagx2[m]=flagx2[m]^s[x]
 
print(''.join(chr(flagx[i]) for i in range(0,38)))
print(''.join(chr(flagx2[i]) for i in range(0,38)))

跑出来flag是：
flag{f238yu28323uf28u2yef2ud8uf289euf}

[UTCTF2020]hill

要涉及到哈希密码，先看一下什么是哈希密码：
https://blog.csdn.net/Pioo_/article/details/110490888?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522170977412716800180651632%2522%252C%2522scm%2522%253A%252220140713.130102334..%2522%257D&request_id=170977412716800180651632&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~all~sobaiduend~default-1-110490888-null-null.142^v99^pc_search_result_base5&utm_term=%E5%B8%8C%E5%B0%94%E5%8A%A0%E5%AF%86&spm=1018.2226.3001.4187
需要脚本：
`s='wznqcaduqopfkqnwofDbzgeu'
flag_pre='utflag'
def getit(a1,b1,c1,a2,b2,c2,a3,b3,c3):
for i in range(26):
for j in range(26):
if (a1 * i + b1 * j) % 26 == c1 and (a2 * i + b2 * j) % 26 == c2 and (a3 * i+b3j) % 26 == c3:
return (i,j)
x1=getit(22,25,20,13,16,5,2,0,0)
x2=getit(22,25,19,13,16,11,2,0,6)
import string
flag=''
for i in range(0, len(s),2):
flag+=string.ascii_letters[(x1[0]string.ascii_letters.index(s[i])+x1[1]string.ascii_letters.index(s[i+1]))%26]
flag+=string.ascii_letters[(x2[0]string.ascii_letters.index(s[i])+x2[1]*string.ascii_letters.index(s[i+1]))%26]
print(flag)

`

不是最后的flag，对应明文将数字和下划线添上，明文当中有一个字母是大写的，flag对应的字母也要大写

flag{d4nger0us_c1pherText_qq}

[GUET-CTF2019]NO SOS

打开文本是一串摩斯密码，用在线工具得到乱码
从wp中知道是国际摩斯电码救难信号
转为01二进制形式，不行，转为ab培根密码
aababababbaaaaaaabbaabaaabaabaaabbababaaaabaabaabbababaababaabbbb

培根密码：

flag{guetkkp}

[ACTF新生赛2020]crypto-des

刚开始就卡着了
大佬wp：
有一个文件你写的是:c语言中有趣的数据结构,
查了一下好像之前考到过数据在内存中的存储
把数据转为内存中的存储大佬脚本:
`from libnum import*
import struct
import binascii

s = [72143238992041641000000.000000,77135357178006504000000000000000.000000,1125868345616435400000000.000000,67378029765916820000000.000000,75553486092184703000000000000.000000,4397611913739958700000.000000,76209378028621039000000000000000.000000]
a = ''
b = ''
for i in s:
i = float(i)
a += struct.pack('<f',i).hex() #小端
print(a)

for j in s:
i = float(i)
b += struct.pack('>f',i).hex() #小端
print(b)

a = 0x496e74657265737472696e67204964656120746f20656e6372797074
b = 0x74707972747079727470797274707972747079727470797274707972
print(n2s(a))
print(n2s(b))
`

然后利用大佬脚本

import pyDes import base64 deskey = "********" DES = pyDes.des(deskey) DES.setMode('ECB') DES.Kn = [ [1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0], [1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0], [0, 1, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0], [1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1], [0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1], [0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0], [0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0], [0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0], [1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0], [0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0], [0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1], [0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0], [1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0, 0], [1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1], [1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1], [1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1] ] c='vrkgBqeK7+h7mPyWujP8r5FqH5yyVlqv0CXudqoNHVAVdNO8ML4lM4zgez7weQXo' b=base64.b64decode(c) m=DES.decrypt(b) print(m)
运行得：

flag{breaking_DES_is_just_a_small_piece_of_cake}

[AFCTF2018]MagicNum

题目：

感觉跟之前有道题有点类似，考点：这个题考的是数据在计算机内存中的存储，需要将上面的数据转换为内部存储模式再转换为二进制数据，再转成字节就得到 flag了。
借鉴大佬的思路及脚本：
double类型数据，转化成内部存储形式，然后再解码成字节码
`#include <stdio.h>

include <stdlib.h>

int main()
{
double x;
while(scanf("%llf",&x)){
unsigned char *p;
char buff[9];
int i;

p=(unsigned char )&x;
for (i=0; i<8; i++){
itoa(p++,buff,2);
printf("%08s",buff);
}
printf("\n");
}

return 0;
}

flag{sec_is_everywhere}

这是base？？

`c="JKLMNOxyUVzABCDEFGH789PQIabcdefghijklmWXYZ0123456RSTnopqrstuvw+/="
text="FlZNfnF6Qol6e9w17WwQQoGYBQCgIkGTa9w3IQKw"

end=""
for i in text:
# print(c.find(i))
# print(bin(c.find(i))[2:].zfill(6))
end+=bin(c.find(i))[2:].zfill(6)
print(end)

x=""
for i in range(0,len(end),8):
ins=end[i:i+8]
x+=chr(int(ins,2))
print(x)
`
然后进行base64解码就行

XXencode1

用在线工具：xxencode就ok了

flag{This_is_Xx3nc0de}

ROT13

用rot 13在线工具

flag{1Root8Is7Not3Allowed}

base家族

看到标题，认为就是base来回转换，结果就只用到了base 32

flag{erhei_e8934_erUO}

标签：26,14,flag,Crypto,range,print,256,string
From： https://www.cnblogs.com/YangSIY/p/18049656

Crypto( 14 )