BuildCTF 2024 Writeup - by 涉海蜉蝣
Misc
EZ_ZIP - by sorin
010查找分析发现压缩包,使用foremost分离
疑似套娃压缩包,使用开源软件extractnow或者脚本都可以批量压缩,这里使用extractnow
得到flag
HEX的秘密 - by sorin
16进制每两位截取一次转10进制,对比Build的前几个字符的ascll码发现多了128,脚本如下:
def hex_str(str): #对字符串进行切片操作,每两位截取
hex_str_list=[]
for i in range(0,len(str)-1,2):
hex_str=str[i:i+2]
hex_str_list.append(hex_str)
print("hex列表:%s\n"%hex_str_list)
hex_to_str(hex_str_list)
def hex_to_str(hex_str_list):
int_list=[]
dec_list=[]
flag=''
for i in range(0,len(hex_str_list)):#把16进制转化为10进制
int_str=int('0x%s'%hex_str_list[i],16)
int_list.append(int_str)
dec_list.append(int_str-128)#-128得到正确的ascii码
for i in range(0,len(dec_list)):#ascii码转化为字符串
flag += chr(dec_list[i])
print("转化为十进制int列表:%s\n"%int_list)
print("-128得到ASCII十进制dec列表:%s\n"%dec_list)
print('最终答案:%s'%flag)
if __name__=='__main__':
str='c2f5e9ece4c3d4c6fbb3c5fafadfc1b5e3a1a1dfe2e9eee1f2f9f9f9fd'
print("字符串长度:%s"%len(str))
hex_str(str)
运行即可:
what is this? - by sorin
打开发现是一大串二进制码
转16进制
6363632c70707070702c6363707063702c702c636363632c63707070702c6363632c6363707063702c63707070702c63636363632c6363707063702c70702c70707070702c6370632c63636363632c632c6363707063702c706370632c70707070702c7063632c632c6363707063702c7063706370702c706370637070
转ascll:
逗号分割,两个字符,怀疑是摩斯,用在线网站:
得到flag:
别真给我开盒了哥 - by sorin
打开是一张道路图,重点关注路牌:
信息有北京1km,右转去德州,S3901,出口60
在地图上搜索S3901
是京德高速,在b站上可以找到很新的高速pov
观察路段并没有发现出口60,且观察到主路上每个出口间的数字跳转很大,猜测可能路牌在其他路进入京德高速的路口上,很容易观察到在京德高速旁边有一条刚好旁边有铁路的道路S3700津雄高速
在b站上可以找到pov
成功找到路牌,确定位置,观察旁边的铁路:
取津保铁路提交
四妹你听我解释 - by sorin
010打开末尾发现异常,提取txt
获得一部分密文,结合图片信息,进行宽高爆破:
获得后半部分,社会主义核心价值观解密得到flag
四妹?还是萍萍呢? - by sorin
解压发现是一些拼图和一个png图片
010分析发现password字眼:
且IDAT块后面是0304,怀疑是压缩包,补上504B后用foremost提取:
成功提取zip,提示公众号回复password
拼图得到:
公众号回复得到St7wg.
解压得到base64格式的乱码:
用随波逐流转png格式得到图片:
010分析提示crc错误,直接爆破crc修复宽高得到:
如果再来一次,还会选择我吗? - by sorin
010分析发现png格式两两倒转:
提取为hex.txt,用记事本查找功能去除空格
脚本如下:
def reverse_hex_groups(input_file, output_file='flag.txt'):
try:
# 打开并读取输入文件
with open(input_file, 'r') as file:
hex_string = file.read().strip() # 去除首尾空白符或换行符
# 处理字符串:每两个字符为一组,然后每读取两组反转一次
result = []
for i in range(0, len(hex_string), 4): # 每次跳过4个字符
# 取出四个字符并反转前两组与后两组的位置
group = hex_string[i:i+4]
if len(group) == 4:
reversed_group = group[2:] + group[:2]
result.append(reversed_group)
else:
# 如果最后不足4个字符,则直接添加剩余部分
result.append(group)
# 将结果列表转换为字符串
processed_hex = ''.join(result)
# 将处理后的字符串写入输出文件
with open(output_file, 'w') as file:
file.write(processed_hex)
print(f"处理完成,结果已保存至 {output_file}")
reverse_hex_groups('hex.txt')
得到正常文件:
使用脚本移除换行符:
# 读取文件并去除换行符
with open('flag.txt', 'r') as file:
content = file.read().replace('\n', '')
# 将处理后的内容写回文件
with open('flag.txt', 'w') as file:
file.write(content)
print("换行符已成功移除!")
得到:
赛博厨子直接恢复文件
得到:
用密码解压得到
损坏的条形码
这里分享一个能够自动检测修复条形码的网站
https://products.aspose.app/barcode/zh-hans/recognize#
这里顶着一大堆红线直接干出来了(不是
白白的真好看 - by sorin
解压得到
这边从docx文件入手,解除隐藏+改变字体颜色得到
接下来是0宽字符隐写,用在线网站
https://www.mzy0.com/ctftools/zerowidth1/
获得第二部分
接下来关注“公众号回复雪试试呢.png”文件,了解信息得到该图片为汉信码
解码得到
通过文件名“公众号”可知,该网址是由微信授权的,应当用微信能够解码的方式打开,于是将该解码内容加密为二维码
微信扫码回复雪得到密码snowsnow
用 snow 解码可得第三部分 _1s_n0t_wh1t3}
Guesscoin - by abbb
nc 打开,发现是一个猜硬币正反的游戏,玩了一次就出flag了
一念愚即般若绝,一念智即般若生 - by abbb
随波逐流解码,第一层是佛曰,第二层是天书
我太喜欢亢金星君了! - by abbb
用stegsolve打开,发现一共只有两种画面,一个替换成1,另一个替换成0,遇到白色就空格 真成盯帧了,然后用摩斯解码,按照提示包裹BuildCTF{}
老色批 - by abbb
stegsolve 查看 lsb 隐写,得到:
QnVpbGRDVEZ7MV9h6bV9uMHRfTFNCISEhfQ==
base64解码得到flag
Crypto
OVO开门爽!开到南天门了兄弟 - by abbb
经典rsa,给出了p,q的平方,直接开根就行
exp:
from Crypto.Util.number import *
import gmpy2
P = 8279853330757234669136483032750824826175777927506575083710166412897012079466955769715275604152872242147320194640165649152928984919315754419447729793483984130396358578571137956571302516202649076619076831997922675572705848199504309232044502957866317011212505985284129365522570368395368427388904223782742850616983130885152785650513046301920305069822348366931825404271695876688539675285303882189060671184911139742554710018755565518014777733322795522710234091353878298486498244829638878949389690384488573338138825642381687749888102341379254137445546306796258092762099409409285871651688611387507673794784257901946892698481
Q = 9406643503176766688113904226702477322706664731714272632525763533395380298320140341860043591350428258361089106233876240175767826293976534568274153276542755524620138714767338820334748140365080856474253334033236457092764244994983837914955286808153784628739327217539701134939748313123071347697827279169952810727995681780717719971161661561936180553161888359929479143712061627854343656949334882218260141557768868222151468471946884225370009706900640851492798538458384449294042930831359723799893581568677433868531699360789800449077751798535497117004059734670912829358793175346866262442550715622833013235677926312075950550681
n = 8825283482190476005946253343638820879559355306860912268128891241513310054066424567824202757539757712177309282694997613217968336164050770152277369601415394249781577415456224120102543968285035647514461364611734338073523454354376992783551035395558194171202680855182868766563277697325690226849316944101739491659812174054898519492145495098671439125714086449826697343692081109131564556220174583970363431110462222473013021825770267803249515893736989430146194199936335153936611196467225599746830873958085287665223190767137404366840055297859554490123389877396965710177279558954630222879974581602069901175074777191362537419581
e = 65537
c = 27915082942179758159664000908789091022294710566838766903802097394437507062054409033932303966820096232375646873480427485844733381298467171069985418237873120984132166343258345389477844339261488318588760125230979340678006871754125487279212120945061845738130108370814509280317816067243605608952074687396728904772649873860508240809541545939219624254878900291126739390967820141036260712208555574522131446556595562330969209665291757386246648060990840787769772160549862538116370905306402293764494501838709895355570646716245976733542014165663539815972755562821443411642647981898636761822107221203966296758350547477576411216744594534002057673625678188824476543288048956124565509473100550838563085585434675727358831610724920550213350035792170323729397796947598697983084347567191009236345815968927729025919066227704728180060805553787151862426034275526605154807840695498644070184681962311639338273469859838505348823417234722270798882384367058630064108155240680307754557472476430983184039474907188578578484589833812196216551783354411797156409948499012005963943728564803898150155735762695825658678475746559900705796814512838380193603178657226033406812810314960142251012223576984115642351463684724512456778548853002653596485899854303126091917273560
p = gmpy2.iroot(P, 2)[0]
q = gmpy2.iroot(Q, 2)[0]
phi = (p-1)*(q-1)
d = inverse(e, phi)
m = pow(c, d, n)
print(long_to_bytes(m))
# BuildCTF{We1c0Me_b@cK_To_7uNiOr_h19H!!!}
ez_matrix - by abbb
\[P*G=Q\\ P*(G+I)=Q+P=X\\ P=X*(G+I)^{-1} \]推导发现求出p后异或可以得到q,然后是正常rsa
exp:
from Crypto.Util.number import *
c = 5750862006780374919287214285692236210204656897730327429454502213453716609006462693326927544526483929921956237739564314742381291228170724611684726314766300684189083862768843433748971907962075938141567163713163231477418107343867114651242407427262164467193346523730926798966915657982552864539513197192523866321569716738540583056085357621328692775578162692288348251605475475005408200801081747601745630186390866011595954211521326069111983199120520535552104591110478015154646709731714695120857959832894595677697407284511806934799265823961155753765208975629786832407640872204810033141414096894416317703257346937008503926274
x= 89144063720545532404936347749976033995959352088369581593483294017916269127126015515514164556238892315116219488234599276283755643115494368387307879815221830970632672104176330851649236203019768799744400071934922875736029236458980333704716550922984411453411523931115952319603510996580835848026227775168231757398
g=[[0,0,1,0,1,1,1,0,0,1,0,0,0,0,1,1,0,0,1,0,0,1,0,0,0,1,0,0,1,1,0,0],
[1,0,1,0,0,0,0,1,0,1,1,1,1,1,0,1,0,1,1,1,0,1,0,0,0,1,1,0,0,0,0,1],
[0,1,0,1,1,1,1,1,0,1,1,0,1,0,0,1,0,0,0,1,1,0,1,1,0,1,1,1,1,0,0,0],
[0,1,1,1,0,1,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,1,1,1,1,0,1,0,1,1,0,1],
[0,1,0,1,1,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,1,0,1,0,0,1,0,0,1,0,1,1],
[1,1,1,0,0,1,0,0,0,1,0,1,0,0,0,0,1,0,0,0,0,1,0,1,0,0,0,0,0,0,1,1],
[1,0,1,0,1,1,1,0,1,1,1,0,1,1,1,1,0,0,0,0,0,0,1,0,1,0,1,0,0,1,0,0],
[1,0,1,0,1,0,1,0,1,1,0,1,1,1,0,0,1,0,1,0,0,1,0,0,0,1,1,1,1,0,1,0],
[0,0,1,0,1,1,1,0,1,1,1,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,1,0,1,1],
[1,0,0,0,0,0,0,1,1,1,1,1,1,0,1,1,0,0,0,0,0,0,0,1,0,1,1,0,1,1,1,1],
[1,0,0,0,1,1,0,0,1,1,0,1,1,0,1,1,1,1,1,1,0,0,0,0,0,0,0,0,0,1,1,1],
[0,0,1,1,1,0,1,0,0,0,1,0,1,0,1,1,1,0,0,1,1,1,0,1,0,1,1,1,1,0,0,0],
[1,1,0,0,1,1,0,1,0,1,0,1,0,0,1,0,0,0,0,0,1,0,1,1,1,0,1,0,1,1,0,1],
[1,0,0,0,1,1,0,0,1,1,1,1,0,0,0,1,0,0,1,1,1,1,0,0,1,0,0,1,0,1,1,0],
[1,0,0,1,1,1,0,1,1,1,0,0,0,1,1,0,0,0,1,1,0,0,1,1,0,0,0,0,0,1,1,1],
[1,0,0,1,0,0,1,0,1,1,1,1,0,0,1,1,1,1,0,0,1,0,1,1,0,0,0,0,1,1,1,0],
[0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,1,0,1,1,0,0,1,0,1,1,1,1,1,0,0,1],
[0,0,0,1,0,1,1,1,1,0,1,1,1,1,0,0,0,0,1,0,0,0,0,0,0,1,1,0,1,1,0,1],
[0,0,1,1,1,1,1,0,0,1,0,0,1,1,1,0,0,0,0,1,1,1,0,0,1,0,0,1,0,1,0,0],
[0,1,0,0,0,0,1,0,1,1,0,1,0,1,0,1,1,0,0,1,0,0,0,0,0,0,1,1,0,0,1,1],
[1,0,0,0,0,0,0,0,1,1,1,1,0,1,1,0,0,1,0,1,0,1,1,1,1,0,1,1,0,0,0,1],
[0,0,0,0,0,0,1,0,1,1,1,1,1,0,1,0,0,0,1,1,0,1,1,1,0,0,1,1,1,1,1,1],
[0,1,0,1,1,0,0,1,0,0,1,1,1,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,0,1,1,1],
[1,1,0,0,0,1,1,0,1,1,0,0,0,0,0,0,1,0,0,1,0,1,1,0,0,1,0,0,1,0,1,1],
[1,1,0,0,0,0,0,1,1,0,0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0,0,1,0,1,1,0],
[0,1,1,1,0,1,0,1,0,0,1,0,0,0,0,1,1,1,0,0,0,0,1,1,1,0,0,0,0,1,0,0],
[0,1,0,1,1,0,0,0,0,1,1,1,1,1,1,0,1,0,1,0,1,0,1,1,0,0,1,1,0,0,1,0],
[1,1,1,1,1,0,1,1,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,1,0,1,1,0,0,0,1,1],
[1,1,1,1,1,1,1,0,1,1,1,0,0,1,0,1,0,1,1,0,0,0,0,1,1,1,0,1,0,0,0,0],
[0,1,1,1,1,0,0,1,1,0,1,1,1,0,1,1,0,1,0,0,0,1,0,1,1,0,0,0,0,0,1,1],
[0,1,1,0,1,0,1,0,1,0,1,0,0,0,1,1,1,1,0,0,0,0,1,1,0,1,0,1,1,1,1,1],
[0,1,1,0,1,1,0,1,1,0,1,0,0,1,0,0,0,1,1,0,1,0,1,1,0,0,1,1,0,1,1,1]]
xor_binary = bin(x).replace('0b', '').zfill(1024)
X = matrix(GF(2), [list(map(int, xor_binary[i:i+32])) for i in range(0, len(xor_binary), 32)])
G = matrix(GF(2),g)
E = identity_matrix(GF(2),32)
L = E+G
I = L^(-1)
P = X*I
p = ''
for i in range(32):
for j in range(32):
p += str(P[i][j])
p = int(p,2)
q = x^^p
d = inverse(65537,(p-1)*(q-1))
m = pow(c,d,p*q)
print(long_to_bytes(m))
#BuildCTF{78e09053-bc0a-4fdc-9dec-0f107bf9ba43}
ezzzzz_RSA - by abbb
\[h_1 = \text{pow}(2024 \cdot p_1 + 2023 \cdot q, 113, n_1) \]\[h_2 = \text{pow}(2023 \cdot p_1 + 2024 \cdot q, 629, n_1) \]\[a = \text{pow}(2023, 113 \cdot 629, n_1) \]\[b = \text{pow}(2024, 113 \cdot 629, n_1) \]\[c = \text{pow}(h_1, 629, n_1) \]\[d = \text{pow}(h_2, 113, n_1) \]\[w = \left( (c \cdot a) \mod n_1 - (d \cdot b) \mod n_1 \right) \mod n_1 \]对h1和h2进行变形构造相减消去p1的部分,然后和n1做gcd就可以还原q,尝试把p也还原,结果搞不出来,发现flag不是很长,就直接用q解rsa了(话说h0有什么用)
exp:
from Crypto.Util.number import *
import gmpy2
n1 = 19957426023169626195602761840035904096149402534966487535713447987366768645542881124782551268978342063458430846877824210659778126281705984711061190351636497944943321988950188171159903717348936556346198638311950016136865425015037098270040031872702873264144372191898253134939805153141701819590164140250130420280491966786900651186941317959556066730959744279963976065565436153399679475410040773637142677936926894677919242351610457296203864806991539480593546084449323017670431590012312526757477514457145686070196978477495658962519391041011847512041022828710693830661412217389320600888361578917153088073678587422269955710471
n2 = 11933661747067216317642315621042074566046499785197709817779978157416906347669444374234313329064859622960743743511735672614999566264025648698589886185056758071718319964262619819143757922916624196354313322456534266520150543008117888101349920396737532937616502689667208207329048979872222563877933742673021891249520999021187404065706388700711208445628041386956459398271230236018476964839399245143666534359113777846535151773174701732284280083586580489995666306373839417946648196140879978268472361473557375951972193618245984950374326806423407152520541682571610372434453778172497925696535270204943842467472100237854318244291
c = 20080676122944896238797522372441559951736929534371084097400233944319893926800196694449564534150770085554349952433141815637324753386484549616573636001763815852095984830828952020047938406909274311785306299061021662484544371813739713520361343350959698642021322243662988875917088108399877176033404097457939417134483333264562602633853694382014472747500159100723626314928476484037666519857604568300967071868151508142784271042600815406853978696857309760951105852288354603503207383899902135741426285551161292195639862478256231538619968275273876467583013024899054710124331145912185471501398910765579441956531091561893256832468
h0 = 2996726009726260695732821166504040344731102637047682432884058857493935625094258046641569918904978173116793673563730117949606727933902262668880339210084101176866383602543966179840353633735507442926707342258391362245904850297416642271123328980812931025677857373199540129280097315832907023777052101133649877194495480543646472133854655383755313968952550827443970931104462445312146328606862802196901953935238972759852435882720786570965542286278549107402918041194008845717507735786897968734831064393337773557817839343449001368565856921138408039931608804233595980497557733714560035682416265029819340316734845279080134432704
h1 = 19843160604742228074331688651361052208481287636527838615063387670722213224954610448720065937378201545177278841575633697012434074186046556843292068835752113384756149944114298949115412819730843598288637259467085268861201775723817790428386595559040938133481222229290199923979132846871398172318539492741755408720073350962388138453341677009547616238262211176727424067946020683742262782319735286357465817786446238528187722959357444676512705451504136333336415880020502524009647940182721264953084120705872870651891290569527156804993340563927419561415555818468261824287933683736509372616293569615247228388443284457740072850735
h2 = 15147052684674827267989051566164167603473413362261253296001082161136918959833294463185335416662127368473980239667918561600741667513285708843081475074688239507330230558331408877583246661862040918410036936505307437329914363201630212163952357444441705663871720438955166472073576526814546767805314463827075388036712200327696168965762177567346966479399896578190111819130000991594490932388132188241726654756368698998232826340969288082645860324404980143489489946490266439447342461483490582149239131554246756547000945718737195930407251232848166108751122870333559461452459416252942341423373918245090162970624108991537972775066
a = pow(2023,113*629,n1)
b = pow(2024,113*629,n1)
c = pow(h1,629,n1)
d = pow(h2,113,n1)
w = ((c*a)%n1-(d*b)%n1)%n1
q = gmpy2.gcd(w,n1)
d = inverse(65537,q-1)
m = pow(c,d,q)
print(long_to_bytes(m))
#BuildCTF{29g5blh5-7829-5k38-a836-9bk54h291h6}
gift - by abbb
给了关于p,q的方程,由于gift只有40位,先求p,q的近似,再用高位copper去还原准确的p,q,创建一个实数域,定义多项式f,并求解它的根来得到近似。然后创建多项式环,通过small_roots找到小根,相加得到准确值
exp:
from Crypto.Util.number import *
c = 101383046356447336426623798470530695448361708798731382238747567108067236241251384089401506320741815081024352908156466877907424203888923965647318146770258139921360377246187637085549628797640957048672797430217647039035455011311505942632107576730906489223641894279483592789523228409885925263914621255862261546919
n = 131097719698687108485813302886652389604731026998272796315024695395496199386497660846418712521921387496051077394308820230360184411431376692252923609505060476542577219656866593501271690536991944882324175509626138475159461332403161471880082192150081456601522403673111515117219716055561941951891570977025178643791
gift = 46635322848619790584491725916282901439691751328335921415278638528896063068132242718070261114525516272650970256270551306096774004921902972838212903368063625872
gift = gift // 2024
# 创建实数域和多项式
RF = RealField(512)
x = polygen(RF)
# 定义多项式并求根
f = x * (gift - x) - n
e = 0x10001
p = int(f.roots()[1][0]) # 获取p的近似值
# 计算p的高位
p4 = int(p >> 100)
pbits = 512
p4 = p4 << 100
# 寻找小根
PR.<y> = PolynomialRing(Zmod(n))
f = y + p4
x0 = f.small_roots(X=2**100, beta=0.4)[0]
# 计算准确的p,q
p = p4 + x0
assert n % p == 0
q = n // int(p)
d = inverse(e, (int(p) - 1) * (int(q) - 1))
m = int(pow(c, d, n))
print(long_to_bytes(m))
#BuildCTF{M@y_b3_S0m3th1ng_go_wr0ng}
girls_band_cry_pto - by abbb
通过
\[ 标签:addr,libc,BuildCTF,py,涉海,name,2024,lambda,p64 From: https://www.cnblogs.com/ShallowDream7933/p/18508971