首页 > 其他分享 >西瓜杯CTF2024

西瓜杯CTF2024

时间:2024-07-07 20:08:06浏览次数:20  
标签:西瓜 bytes flag CTF2024 ctfshow key print import

前言

闲着无聊做一下,也是出了一道很简单的密码,也是被秒了

最后结果,misc差一题,reverse当misc做了也差一题,web就第一题,pwn没有。
更加坚定了只搞密码的决心了。

crypto

奇怪的条形码

硬看,然后根据base64解密结果微调

关键点:大小写 字母大写J和小写p

最后因为题目flag设置错误,后面才提交成功

简单密码

输出一下ctfshow的十六进制就很容易看出来了

from Crypto.Util.number import *
a=b'ctfshow'
print(a.hex())
#      63746673686f77
flag=0x647669776d757e83817372816e707479707c888789757c92788d84838b878d9d
flag=long_to_bytes(flag)
k=1
for i in flag:
    print(chr(i-k),end="")
    k=k+1
#ctfshow{xiguabei_just_ez_signin}

factor

将leak1和leak2异或后就是p异或q

套dfs剪枝代码即可

"""from Crypto.Util.number import *
import gmpy2
import os
from enc import flag

hint = os.urandom(36)
tmp = bytes_to_long(hint)
m = bytes_to_long(flag)
p = getPrime(512)
q = getPrime(512)
d = getPrime(400)
phi = (p-1)*(q-1)
e = gmpy2.invert(d,phi)
n = p*q
c = pow(m,e,n)
leak1 = p^tmp
leak2 = q^tmp
print(f"n = {n}")
print(f"e = {e}")
print(f"c = {c}")
print(f"leak1 = {leak1}")
print(f"leak2 = {leak2}")"""
from Crypto.Util.number import *
from gmpy2 import *
import os
hint = os.urandom(36)


n = 145462084881728813723574366340552281785604069047381248513937024180816353963950721541845665931261230969450819680771925091152670386983240444354412170994932196142227905635227116456476835756039585419001941477905953429642459464112871080459522266599791339252614674500304621383776590313803782107531212756620796159703
e = 10463348796391625387419351013660920157452350067191419373870543363741187885528042168135531161031114295856009050029737547684735896660393845515549071092389128688718675573348847489182651631515852744312955427364280891600765444324519789452014742590962030936762237037273839906251320666705879080373711858513235704113
c = 60700608730139668338977678601901211800978306010063875269252006068222163102100346920465298044880066999492746508990629867396189713753873657197546664480233269806308415874191048149900822050054539774370134460339681949131037133783273410066318511508768512778132786573893529705068680583697574367357381635982316477364
leak1 = 13342820281239625174817085182586822673810894195223942279061039858850534510679297962596800315875604798047264337469828123370586584840078728059729121435462780
leak2 = 10901899434728393473569359914062349292412269512201554924835672710780580634465799069211035290729536290605761024818770843901501694556825737462457471235151530

leak= leak1^leak2

#https://skatexu.github.io/2023/11/30/RSA-p-q/
sys.setrecursionlimit(3000)  # 将默认的递归深度修改为3000
pq = []
leak_bits = 1024
xor = bin(leak)[2:].zfill(1024)

def pq_high_xor(p="", q=""):
    lp, lq = len(p), len(q)
    tp0 = int(p + (1024-lp) * "0", 2)
    tq0 = int(q + (1024-lq) * "0", 2)
    tp1 = int(p + (1024-lp) * "1", 2)
    tq1 = int(q + (1024-lq) * "1", 2)

    if tp0 * tq0 > n or tp1 * tq1 < n:
        return
    if lp == leak_bits:
        pq.append(tp0)
        return

    if xor[lp] == "1":
        pq_high_xor(p + "0", q + "1")
        pq_high_xor(p + "1", q + "0")
    else:
        pq_high_xor(p + "0", q + "0")
        pq_high_xor(p + "1", q + "1")

pq_high_xor()
p,q=pq
print(long_to_bytes(pow(c,invert(e,p-1),p)))
#b'cftshow{do_you_know_what_is_xor_and_prune!!!}'

给你d又怎样

讲一下出题思路:

单纯是因为之前有一次看错了,把print(n,e,c)看成pow(n,e,c),然后想了半天

出题时需要具体数据,需要保证 c>n-c

然后我不想搞其他的了,就直接让sage可以计算c的欧拉函数,然后给d直接解就好了

解题

\[n=c+a\\ hint=n^e\quad mod(c)\\ 二项式定理:hint=a^e\quad mod(c)\\ a*d_c=1\quad mod(\phi(c))\\ hint^{d_c}=a^{e*d_c}=a\quad mod(c) \]

之后给了d就正常解了

#sage
from Crypto.Util.number import *
from gmpy2 import *

c= 48794779998818255539069127767619606491113391594501378173579539128476862598083
hint= 7680157534215495795423318554486996424970862185001934572714615456147511225105
e= 65537
d= 45673813678816865674850575264609274229013439838298838024467777157494920800897


phic=euler_phi(c)

print(gcd(e,phic))

dc=invert(e,phic)

a=pow(hint,dc,c)

n=int(a)+int(c)

print(long_to_bytes(int(pow(c,d,n))))
#ctfshow{Oh_u_knOw_4uler}

混合密码体系

正常解rsa,然后知道key和iv直接解密aes即可

"""# 库
from Crypto.Util.number import bytes_to_long,getPrime
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad

# 对称加密
flag = b'ctfshow{***}'      # 密文,隐藏
key = b'flag{***}'      # 会话密钥,隐藏
iv = b'flag{1fake_flag}'       # AES偏移向量,已知
# 对明文进行填充,使其长度符合AES加密的要求
padded_plaintext = pad(flag, AES.block_size)

# 创建AES加密对象
cipher = AES.new(key, AES.MODE_CBC, iv)

# 加密
ciphertext = cipher.encrypt(padded_plaintext)

# 加密后的文本通常是字节串,转成整数便于进行会话密钥的RSA加密
c1 = bytes_to_long(ciphertext)

print(f'c1 = {c1}')

# 非对称加密
m = bytes_to_long(key)
e = 0x10001
p = getPrime(1024)
q = getPrime(1024)
n = p * q
c = pow(m,e,n)
print(f'p = {p}')
print(f'q = {q}')
print(f'n = {n}')
print(f'c2 = {c}')
# print("hint:key需要转成字节流也就是b''")
"""
from Crypto.Util.number import *
from Crypto.Cipher import AES
from gmpy2 import *
c1 = 10274623386006297478525964130173470046355982953419353351509177330015001060887455252482567718546651504491658563014875
p = 126682770761631193509957156425049279522830651950325320826580754739365086374362604934854454428815835196844469535588686149210573266628767888593088817059600076401582225549728184309047483547810100015820325082976781284679340880386138390518973395696206374336712856387090369022746536868747455939074262253452873845903
q = 99825079362327808334563489684167271427241139432727401182808888165552821217781929397837262324242177528386988701584385208395369790542025175917752058047649096340776854252623173162664426065810683048016574420043010318337693586527652970534982946701493024718805916479479658257730226388868060010370893747360166996939
n = 12646117645119414744807511144503229609414192869007113075368323921021672404219693075011763838210400633721060798765473421092201704833591315689681668160927426685183273670665030724394172000165517517884654100267567861284096827407481978978840602383267875832034344793848710383473014512122260278131503985961857107838296047172582364612603344429943715046318283653354068887129071531081918798285138812386418361474496678248683513378861801570673376726388110813411011818940310547686977359605296489433805717348250520973842927175837164120905300831792358190183785344002217291207378744610039145999012939983693891188308725179098958690917
c2 = 5211902378262010726785508340196935051860438587769647187076059600864676774592415052428465708887047312982844957691943180258845015420187239772414768121857728821510440178906193308448250067671679439841031484589864038401572589752057423667532898133171822921282769652197139455317095891357335645435094243006629469245881345449943250189771998449015275390517315432969774421721243965028796050948747282387052634211032729131656214346307483397410725129682422969273915759947596313513270946529649661334582775282060624547405060499311618257517792321792697831000977711752728887999320311631022598717946355057272761740061999974856808147244
e = 0x10001

key=long_to_bytes(pow(c2,invert(e,p-1),p))
iv = b'flag{1fake_flag}'

cipher = AES.new(key, AES.MODE_CBC, iv)
flag = cipher.decrypt(long_to_bytes(c1))
print(flag)
# b'ctfshow{Hybrid_password_system_is_chaos}\x08\x08\x08\x08\x08\x08\x08\x08'

misc

她说她想结婚

提示:图片上的汉字是某个key

010打开搜索IEND

有之前比赛的经历知道9E97BA2A是oursecret加密的特征,先提取出来,后面还有压缩包提取出来

压缩包内有0-10.txt,flag.txt,tips.txt

flag.txt后面特征是snow加密,根据提示得到密码

解密得到ctfshow{W1sh1ng_every0ne_4_

之后根据tips的时间是2012/5/20 13:14,然后0-10.txt属性打开里面修改时间很奇怪,根据之前ISCC有一题的思路,先提取一下看看。

import os
for i in range(11):
    filename = "./暧昧/{0}.txt".format(i)
    file_attr = os.stat(filename)
    create_time = str(file_attr.st_mtime)
    print(file_attr.st_mtime)
    #print(chr(int(create_time[7:10])),end='')

会发现最后三位都在ascii可显示字符范围内,提取一下得到 lfz:dtfTh0x

到这里卡住了,想了一会,感觉这一串很奇怪,应该是有特殊意义英文才对,放随波逐流里看一下。

得到key:cseSg0w,但是会发现不成功,最后看里面字符感觉跟ctfshow有关,然后跟一开始得到的一对比

就得到key:ctfSh0w,这就是一开始oursecret的密钥

你是我的眼

jebpro打开看伪代码即可

二维码拼图

拼接然后根据边缘对齐一下(不会ps,我直接在word里搞了

然后直接手绘,累死我了

signin

之前在dk的群里面有Tokeii 发的项目地址:

Tokeii0/LoveLy-QRCode-Scanner: A script to brute force decode QR codes, mainly for decoding blurred or AI-generated QR codes that can't be scanned by WeChat. (github.com)

找来解码之后会发现预计二维码个数是1的话,会解出来2:QRc0de_所以猜测要改一下,这边改成三个就是全部了。

ctfshow{Ai_Art_QRc0de_iS_Amz!}

web

CodeInject

直接命令执行

关键点:system里面语句要加双引号

reverse

pe

直接strings秒了

一个西瓜切两半你一半我一半

python反汇编得到代码,将密文密钥复制过来改一下就好了

"""#https://tool.lu/pyc/
flag = 'ctfshow{this_is_fake_flag}'
key = '这是假的密钥'
tmp = ''
for i in flag:
    tmp += chr(ord(i) - 32)

crypt = ''
for i in range(len(tmp)):
    crypt += chr(ord(tmp[i]) + ord(key[i % len(key)]))

print(crypt)
"""

crypt = '乃乾觅甯剏乳厡侻丨厏扝乌博丿乜规甲剌乶厝侥丿卻扚丠厘丿乎覟瓬剤'
key = '一个西瓜切两半你一半我一半'
flag = ''
for i in range(len(crypt)):
    flag += chr(ord(crypt[i]) - ord(key[i % len(key)]))
    
tmp = ''

for i in flag:
    tmp += chr(ord(i) + 32)

print(tmp)
#ctfshow{Hell0_Reverse_Qi@n_D@0}

探索进制转换的奥秘

ida打开得到十六进制串,直接解码就是flag

E

直接OD调试就出来了??????????????

标签:西瓜,bytes,flag,CTF2024,ctfshow,key,print,import
From: https://www.cnblogs.com/naby/p/18288774

相关文章

  • emojiCTF2024
    看到一个新生赛,来打打,发现自己还是太菜了连最正常的hash扩展一开始都没看出来,丢大脸这次就巩固了一下hash扩展密码其他的都是常规题了其他方向基本不会,新生赛都打不了,(哭crypto签到0111001001111010011000100111011101110110010100000100011101010011011110110011000101100......
  • 长城杯CTF2024-PWN-kawayi复现
    文件保护libc版本uaf漏洞free函数没有进行置0操作GDB断点断点:0xD90泄漏libc由于v1>3会退出,所以必须在四次申请堆块中拿到shell第一次申请-创建largebinchunk因为创建largebin的chunk堆块,所以申请的是0x430第二次申请-创建tcachebinchunk申请一个tcache......
  • BCACTF2024
    被拉去打R3,结果啥都不会,就装模做样写了两道mc。趁假期最后一天找了个比赛玩玩,就挑了解多的写。但最近给我的直观感受,就是什么题都要nc了。不单单是简单的附件题了,更多要考察代码审计和脚本编写了。crypto难度还行。但我对椭圆曲线太不熟了,r3里也有,但我就算看懂了,也不知道怎么......
  • 西瓜书与d2l笔记
    西瓜书强化学习任务通常用马尔可夫决策过程(MarkovDecisionProcess,简称MDP)来描述机器只能通过选择要执行的动作来影响环境,也只能通过观察转移后的状态和返回的奖赏来感知环境机器要做的是通过在环境中不断地尝试而学得一个"策略"(policy)π,根据这个策略,在状态x下就能得知......
  • LitCTF2024——ezrc4
    0x01关于rc4rc4简介rc4的维基具体实现step1rc4_init()voidrc4_init(unsignedchar*s_box,unsignedchar*key){ inti=0,j=0; chark[256]; intlen=strlen(key); for(i=0;i<256;i++){ //以256填充s盒 s[i]=i; //使用key循环填充k k[i]=key[i%len]; } //......
  • LitCTF2024-ZongRan战队WriteUp
    ZongRan战队WriteUpWeb+Misc:MuneyoshiCrypto:chachaReverse:laonazaixiuxingMisc涐贪恋和伱、甾―⑺dé毎兮毎秒解题思路:lsb隐写,直接提取LitCTF{e8f7b267-9c45-4c0e-9d1e-13fc5bcb9bd6}你说得对,但__一张二维码扫描一下发现不对,发现这是原神网页binwalk提取一下然后......
  • Litctf2024-Crypto(部分wp)
    common_primes共享素数给了一个e,和多组的n,c。这些n,c还都是一个明文m通过对不同的n进行gcd()算法,求出最大公约数(即p)求出p了,就能求出q,进而求出d,解出明文mfromCrypto.Util.numberimport*importgmpy2n1=6330693176526188188891200809534047097877299962020517485727101......
  • LitCTF2024 web复盘
    昨天61,本来打算出去玩玩,看到有比赛那就做做。题目总体来说不难,就是没有提示试错太多了,复盘下昨天的一些东西(今天NSS上靶机没上线,文字描述吧)。exx常规的xxe漏洞直接打就行,file:///flagSAS-SerializingAuthenticationSystem极其简单的反序列化,直接构造使其满足isvaild的......
  • LitCTF2024
    YR队员:naby,liyue总结:很符合新生赛的水平但是我pwn刚学完了栈,这就告诉我栈已经不算入门了嘛。(哭web(6/6)exx-naby原理:xxe随便输一下,然后就是简单的xxe了一个....池子-liyuessti模板注入参考教程https://blog.csdn.net/qq_61955196/article/details/132237648......
  • 2024最新西瓜视频收益玩法,一台电脑即可 新手小白简单操作单号月入1800+
    在数字时代的浪潮中,短视频领域成为了一个巨大的流量池。抖音,无疑站在了这股浪潮的顶端,吸引了无数的观众和创作者。然而,对于初出茅庐的新手来说,要想在抖音中脱颖而出,并非易事。很多时候,成功似乎和运气有着千丝万缕的联系,这让许多新手感到无从下手。幸运的是,随着视频号的......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99