首页 > 其他分享 >2022 第五届强网拟态国际精英挑战赛 Rev WP

2022 第五届强网拟态国际精英挑战赛 Rev WP

时间:2022-11-07 10:46:28浏览次数:34  
标签:key AES name Rev uint8 flag 2022 WP 字节

养老选手,六个题目只来得及做了三个


windows_call

利用KiFastSystemCall进行系统调用,因此本程序中许多系统级函数都是动态调用,不过问题不大,该程序的加密验证逻辑并未用到太多系统函数,唯一用的比较多的是VirtualAlloc,比较容易识别出来。
输入必须是40个字节带有flag头的十六进制字符串,通过两次MD5调用限定输入必须为大写。随后将输入的hex为二进制,并且输入前8个字节将生成AES 128 CBC的key和iv,对后32个字节的二进制hex进行加密。如下图,可以在if处提供的约束条件解出前8个字节,并且输入前8个字节提取AES加密的iv和key。

依据上诉思路脚本如下:

from z3 import *
from Crypto.Cipher import AES
x1, x2 = BitVec('x1', 16), BitVec('x2', 16)
s = Solver()
s.add((x1 +0x3800) <= 0x800)
s.add((x2 + 0x3500) <= 0x500)
s.add(x2 & 0xff == 0xa0)
s.add((x1 & 0xFF00) < 0xCA00)
tmp = x1 ^ x2
v38 = [0]*16
for i in range(16):
    v38[i] = ((tmp&0xff) + i) ^ ((tmp>>8) + i)
v37 = [0]*16
first = 1
v28 = 0
for i in range(16):
    v29 = v38[i] ^ (i - 0x40 + 0x100)
    v37[i] = v29
    v28 += v29
s.add(v28 == 0x8A8)
s.add(x2 - x1 == 0x2b8)
if s.check() == sat:
    m = s.model()
    print(m) # [x1 = 51688, x2 = 52384]
else:
    print('no')
x1 , x2 = 51688, 52384
flag = x1.to_bytes(length=2, byteorder='little') + x2.to_bytes(length=2, byteorder='little')
iv = [ 0x4D, 0x4F, 0x4D, 0x43, 0x45, 0x47, 0x45, 0x43, 0x5D, 0x5F, 0x5D, 0x43, 0x45, 0x47, 0x45, 0x43]
key = [ 0x8D, 0x8E, 0x8F, 0x80, 0x81, 0x82, 0x83, 0x84, 0x95, 0x96, 0x97, 0x88, 0x89, 0x8A, 0x8B, 0x8C]
enc = [0X84,0x37,0Xa0,0Xf3,0Xec,0X36,0X34,0Xfc,0X94,0Xa2,0X38,0X6f,0X3f,0X34,0X7e,0X7c]
# data = [ 0x6C, 0xB0, 0xAF, 0x0D, 0x6D, 0xF6, 0x28, 0x0E, 0xAA, 0xC9, 0x5A, 0x25, 0xBB, 0xEE, 0x02, 0xBD] # test
aes = AES.new(key=bytes(key), iv=bytes(iv),mode= AES.MODE_CBC)
r = aes.decrypt(bytes(enc))
flag += r
print(len(flag))
print(flag)
for e in flag:
    print(f"{hex(e)[2:]}".upper(),end=' ')
print()
print("flag{"f"{hex(int.from_bytes(flag,byteorder='big'))[2::].upper()}""}")
# flag{E8C9A0CC8B9854CDD0AC321B790FC74EFA520FBC}


flag{E8C9A0CC8B9854CDD0AC321B790FC74EFA520FBC}

comeongo

go语言写的程序,要求输入name和password,两者长度皆要去16,并有两次check。
第一次check,拼接name和password的前8个字符,进行base58。base58解密密文,以及此时的name和password。


第二次check,对name和password后半段即后8字节,对两者后半段前4个字节中的字母进行字母表12特殊的循环移位,由于是对称的这一步可以直接输入它的密文自动解密提取即可(_NubcfFq->_BinorRe),此时password和name如下:

后面的四位,是一个二元一次的线性方程运算(如下图),password最后四位中的前2位是vG因此算出name对应位置的值是gG,那么此时如下图。


剩余的两个字节可根据下面的约束条件调用z3解出,由于代码非常少且觉得,我是直接在idapython的交互窗口解出,最终的name和password如下。

name:	GoM0bi13_BingGo@	
passwd:	G3tItEzForRevG0!
flag{GoM0bi13_BingGo@G3tItEzForRevG0!}

babyre

通过TLS回调,添加了VEH异常,并在TLS中触发除0异常来调用VEH函数,改函数替换掉原来的SBOX,此外有些许反调试。随后进入主函数逻辑,主函数中主要进行AES加密,改AES加密函数改动过,相比于标准AES改动后的AES将状态矩阵运算的行列颠倒了一下。因此,同样AES解密过程的状态矩阵,根据新的SBOX生成一个对应的RSBOX即可。
第一次AES加密的key是程序的常量,第二次AES加密的key将会与上一轮AES加密的结果异或,这是需要注意的地方。
主函数逻辑如下,

rbox如下(生成rbox的脚本写代码的时候,不小心删除掉了,此处就没贴了):

static const uint8_t rsbox[256] = {
0x9b, 0x2f, 0xff, 0x87, 0x7c, 0xe3, 0x39, 0x82, 0xc4, 0xde, 0xe9, 0xcb, 0x34, 0x8e, 0x43, 0x44,
0x30, 0x36, 0xa5, 0x38, 0x52, 0x09, 0x6a, 0xd5, 0x81, 0xf3, 0xd7, 0xfb, 0xbf, 0x40, 0xa3, 0x9e,
0x28, 0xd9, 0x24, 0xb2, 0x08, 0x2e, 0xa1, 0x66, 0x6d, 0x8b, 0xd1, 0x25, 0x76, 0x5b, 0xa2, 0x49,
0xa6, 0xc2, 0x23, 0x3d, 0x54, 0x7b, 0x94, 0x32, 0x42, 0xfa, 0xc3, 0x4e, 0xee, 0x4c, 0x95, 0x0b,
0xfd, 0xed, 0xb9, 0xda, 0x6c, 0x70, 0x48, 0x50, 0xa7, 0x8d, 0x9d, 0x84, 0x5e, 0x15, 0x46, 0x57,
0x86, 0x68, 0x98, 0x16, 0x72, 0xf8, 0xf6, 0x64, 0x5d, 0x65, 0xb6, 0x92, 0xd4, 0xa4, 0x5c, 0xcc,
0xca, 0x3f, 0x0f, 0x02, 0xd0, 0x2c, 0x1e, 0x8f, 0x01, 0x13, 0x8a, 0x6b, 0xc1, 0xaf, 0xbd, 0x03,
0x8c, 0xbc, 0xd3, 0x0a, 0x90, 0xd8, 0xab, 0x00, 0xb8, 0xb3, 0x45, 0x06, 0xf7, 0xe4, 0x58, 0x05,
0xe7, 0xad, 0x35, 0x85, 0x96, 0xac, 0x74, 0x22, 0x1c, 0x75, 0xdf, 0x6e, 0xe2, 0xf9, 0x37, 0xe8,
0x4f, 0x67, 0xdc, 0xea, 0x3a, 0x91, 0x11, 0x41, 0xf0, 0xb4, 0xe6, 0x73, 0x97, 0xf2, 0xcf, 0xce,
0xc6, 0xd2, 0x79, 0x20, 0xfc, 0x56, 0x3e, 0x4b, 0x78, 0xcd, 0x5a, 0xf4, 0x9a, 0xdb, 0xc0, 0xfe,
0x1d, 0x29, 0xc5, 0x89, 0x47, 0xf1, 0x1a, 0x71, 0xaa, 0x18, 0xbe, 0x1b, 0x6f, 0xb7, 0x62, 0x0e,
0x19, 0xb5, 0x4a, 0x0d, 0x60, 0x51, 0x7f, 0xa9, 0x93, 0xc9, 0x9c, 0xef, 0x2d, 0xe5, 0x7a, 0x9f,
0x88, 0x07, 0xc7, 0x31, 0x1f, 0xdd, 0xa8, 0x33, 0x27, 0x80, 0xec, 0x5f, 0xb1, 0x12, 0x10, 0x59,
0xba, 0x77, 0xd6, 0x26, 0x17, 0x2b, 0x04, 0x7e, 0x55, 0x21, 0x0c, 0x7d, 0xe1, 0x69, 0x14, 0x63,
0xae, 0x2a, 0xf5, 0xb0, 0xa0, 0xe0, 0x3b, 0x4d, 0x83, 0x53, 0x99, 0x61, 0xc8, 0xeb, 0xbb, 0x3c,
};

AES解密函数的部分展示(由于源文件定义的数据较多,因此展示核心部分):

static void AddRoundKey(uint8_t round, state_t* state, const uint8_t* RoundKey)
{
    int i, j, k;
    for (i = 0; i < 4; ++i)
    {
        for (j = 1, k = 0; j <= 4; ++j, k++)
        {
            //                RoundKey[ 选择轮密钥          选择轮密钥中字节]
            (*state)[i][k] ^= RoundKey[(round * Nb * 4) + (j * Nb - 1) - i];
        }
    }
}

static void InvShiftRows(state_t* state)
{
  uint8_t temp;

  // Rotate first row 1 columns to right  
  temp = (*state)[1][3];
  (*state)[1][3] = (*state)[1][2];
  (*state)[1][2] = (*state)[1][1];
  (*state)[1][1] = (*state)[1][0];
  (*state)[1][0] = temp;

  // Rotate second row 2 columns to right 
  temp = (*state)[2][0];
  (*state)[2][0] = (*state)[2][2];
  (*state)[2][2] = temp;

  temp = (*state)[2][1];
  (*state)[2][1] = (*state)[2][3];
  (*state)[2][3] = temp;

  // Rotate third row 3 columns to right
  temp = (*state)[3][0];
  (*state)[3][0] = (*state)[3][1];
  (*state)[3][1] = (*state)[3][2];
  (*state)[3][2] = (*state)[3][3];
  (*state)[3][3] = temp;
}

static void InvMixColumns(state_t* state)
{
  int i;
  uint8_t a, b, c, d;
  for (i = 0; i < 4; ++i)
  { 
    a = (*state)[0][i];
    b = (*state)[1][i];
    c = (*state)[2][i];
    d = (*state)[3][i];

    (*state)[0][i] = Multiply(a, 0x0e) ^ Multiply(b, 0x0b) ^ Multiply(c, 0x0d) ^ Multiply(d, 0x09);
    (*state)[1][i] = Multiply(a, 0x09) ^ Multiply(b, 0x0e) ^ Multiply(c, 0x0b) ^ Multiply(d, 0x0d);
    (*state)[2][i] = Multiply(a, 0x0d) ^ Multiply(b, 0x09) ^ Multiply(c, 0x0e) ^ Multiply(d, 0x0b);
    (*state)[3][i] = Multiply(a, 0x0b) ^ Multiply(b, 0x0d) ^ Multiply(c, 0x09) ^ Multiply(d, 0x0e);
  }
}

main.c代码:

#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include "aes.h"


int main() {

	uint8_t key[16] = { 23, 147,  56,  12,  17, 167, 247,  84, 247, 137, 200,  32, 212,  26, 250,  37 };
	uint8_t data1[33] = {
	37, 152, 180, 234, 78, 174, 218, 217, 106, 69, 233, 102, 120, 231, 168, 85,
	84, 204, 149, 81, 159, 131, 32, 201, 155, 62, 193, 140, 194, 145, 185, 48
	};

	uint8_t expand_key1[176] = {
	  0x0C, 0x38, 0x93, 0x17, 0x54, 0xF7, 0xA7, 0x11, 0x20, 0xC8,
	  0x89, 0xF7, 0x25, 0xFA, 0x1A, 0xD4, 0x50, 0x13, 0xAA, 0xA0,
	  0x04, 0xE4, 0x0D, 0xB1, 0x24, 0x2C, 0x84, 0x46, 0x01, 0xD6,
	  0x9E, 0x92, 0x0B, 0x7B, 0x48, 0xBD, 0x0F, 0x9F, 0x45, 0x0C,
	  0x2B, 0xB3, 0xC1, 0x4A, 0x2A, 0x65, 0x5F, 0xD8, 0x7E, 0x8A,
	  0x11, 0x62, 0x71, 0x15, 0x54, 0x6E, 0x5A, 0xA6, 0x95, 0x24,
	  0x70, 0xC3, 0xCA, 0xFC, 0xDA, 0xCF, 0x2B, 0x0A, 0xAB, 0xDA,
	  0x7F, 0x64, 0xF1, 0x7C, 0xEA, 0x40, 0x81, 0xBF, 0x20, 0xBC,
	  0xAB, 0xD7, 0x37, 0xB9, 0x00, 0x0D, 0x48, 0xDD, 0xF1, 0x71,
	  0xA2, 0x9D, 0x70, 0xCE, 0x82, 0x21, 0x42, 0x92, 0xA8, 0x9E,
	  0x42, 0x9F, 0xE0, 0x43, 0xB3, 0xEE, 0x42, 0xDE, 0xC3, 0x20,
	  0xC0, 0xFF, 0x40, 0xA8, 0x0B, 0x70, 0x02, 0x37, 0xEB, 0x33,
	  0xB1, 0xD9, 0xA9, 0xED, 0x72, 0xF9, 0x69, 0x12, 0x9D, 0xFC,
	  0x86, 0x1D, 0x9F, 0xCB, 0x6D, 0x2E, 0x2E, 0x12, 0xC4, 0xC3,
	  0x5C, 0xEB, 0xAD, 0xD1, 0xB7, 0xA2, 0x7B, 0x87, 0x28, 0x69,
	  0x16, 0xA9, 0x06, 0x7B, 0xD2, 0x6A, 0x5A, 0x90, 0x7F, 0xBB,
	  0x49, 0x08, 0x0F, 0x77, 0x61, 0x61, 0x19, 0xDE, 0x67, 0x1A,
	  0xCB, 0xB4, 0x3D, 0x8A, 0xB4, 0x0F
	};
	uint8_t expand_key2[] =
	{
	  0xE6, 0x8C, 0x0B, 0x32, 0x8D, 0x2D, 0x09, 0x5F, 0x46, 0x21,
	  0xCC, 0x9D, 0x70, 0x52, 0xFD, 0xAC, 0x63, 0xC9, 0x1F, 0x73,
	  0xEE, 0xE4, 0x16, 0x2C, 0xA8, 0xC5, 0xDA, 0xB1, 0xD8, 0x97,
	  0x27, 0x1D, 0xD3, 0xBC, 0x83, 0xA9, 0x3D, 0x58, 0x95, 0x85,
	  0x95, 0x9D, 0x4F, 0x34, 0x4D, 0x0A, 0x68, 0x29, 0x62, 0x4B,
	  0xF0, 0xFC, 0x5F, 0x13, 0x65, 0x79, 0xCA, 0x8E, 0x2A, 0x4D,
	  0x87, 0x84, 0x42, 0x64, 0x35, 0x48, 0xBB, 0xCC, 0x6A, 0x5B,
	  0xDE, 0xB5, 0xA0, 0xD5, 0xF4, 0xF8, 0x27, 0x51, 0xB6, 0x9C,
	  0xFF, 0x90, 0x7E, 0x86, 0x95, 0xCB, 0xA0, 0x33, 0x35, 0x1E,
	  0x54, 0xCB, 0x12, 0x4F, 0xE2, 0x57, 0xB0, 0x4D, 0xEE, 0x2A,
	  0x25, 0x86, 0x4E, 0x19, 0x10, 0x98, 0x1A, 0xD2, 0x02, 0xD7,
	  0xF8, 0x85, 0x33, 0x2E, 0xF4, 0x3F, 0x16, 0xA8, 0xBA, 0x26,
	  0x06, 0x30, 0xA0, 0xF4, 0x04, 0xE7, 0x58, 0x71, 0x84, 0xC8,
	  0x74, 0xC1, 0x92, 0x60, 0xCE, 0xE7, 0x94, 0x50, 0x6E, 0x13,
	  0x90, 0xB7, 0x36, 0x62, 0x3A, 0xBC, 0xC9, 0xCB, 0xA8, 0xDC,
	  0x07, 0x2C, 0x3C, 0x8C, 0x69, 0x3F, 0xAC, 0x3B, 0x5F, 0x5D,
	  0x62, 0x39, 0x3F, 0x26, 0xCA, 0xE5, 0x38, 0x0A, 0xF6, 0x69,
	  0x51, 0x35, 0x5A, 0x52, 0x0E, 0x68
	};

	struct AES_ctx ctx;


	memcpy(&(ctx.RoundKey), expand_key1, 176);
	AES_ECB_decrypt(&ctx, data1); // 2J7TE8Z1uEXjuv6i

	memcpy(&(ctx.RoundKey), expand_key2, 176);
	AES_ECB_decrypt(&ctx, data1 + 16);

	printf("flag{%s}", data1);//flag{2J7TE8Z1uEXjuv6iDr2dTBSIVmWaoc7s}
	return 0;
}

flag{2J7TE8Z1uEXjuv6iDr2dTBSIVmWaoc7s}

标签:key,AES,name,Rev,uint8,flag,2022,WP,字节
From: https://www.cnblogs.com/cx1ng/p/16865162.html

相关文章

  • 拓端tecdat荣获2022年度51CTO博主之星
    相信技术,传递价值,这是51CTO每一个技术创作者的动力与信念,2022年度,拓端tecdat作为新锐的数据分析咨询公司,在51CTO平台上,不断的输出优质的技术文章,分享前沿创新技术,输出最佳......
  • 2022,世界杯,来了
    文/ ​​王不留​​(微信公众号:考研英语笔记)TheWorldin2022:timeforfootballtoupitsgameTheFIFAWorldCupstartsinNovemberinQatar.Itusedtobetheo......
  • SetWindowPos函数详解
    1//声明:2SetWindowPos(3hWnd:HWND;{窗口句柄}4hWndInsertAfter:HWND;{窗口的Z顺序}5X,Y:Integer;{位置}6cx,cy:Integer;{大小}7uFlags:UINT{......
  • SetWindowPos函数使用详解
    1.1SetWindowPos函数说明BOOLSetWindowPos(HWNDhWndlnsertAfter,intX,intY,intcX,intcY,UNITFlags):1.1.1hWndInsertAfter此句柄用于控制对话框在Z轴上的显示顺序,它可......
  • VS2022离线安装包
    # 下载visualstudio的在线安装包下载VisualStudioTools-免费安装Windows、Mac、Linux(microsoft.com) # 在适当的位置新建一个文件夹,我是放在桌面了C:\Use......
  • CSP-S2022题解(T4待填)
    闲话\(\huge{寄}\)\(\text{T1}\)极限脑抽,删掉暴搜打错解,\(70pts\to0pts\);\(\text{T2}\)洛谷\(100pts\)但\(\infin\)\(40pts\),很慌;\(\text{T3}\)差点想到正......
  • 2022-2023-1 20221328《计算机基础与程序设计》第十周学习总结
    作业信息班级:首页-2022-2023-1-计算机基础与程序设计-北京电子科技学院-班级博客-博客园(cnblogs.com)作业要求:2022-2023-1《计算机基础与程序设计》教学进程......
  • 2022CSP-S题解
    这次是我第一次参加\(CSP-J/S\),所以我决定口胡一下这几道题目,由于\(J\)组过于简单,就不再叙述,如有问题请私信我\(/oh/oh/oh\)假期计划(holiday)我们可以先进行\(n\)......
  • 20221106
    20221106题目byGeorge_PloverNOIP模拟题目期望得分实际得分二叉树上的询问10020追逐1000荷塘月色00光华楼040二叉树上的询问competi......
  • 2022-2023-1 20221301 《计算机基础与程序设计》第十周学习总结
    2022-2023-120221301《计算机基础与程序设计》第十周学习总结作业信息这个作业属于哪个课程<班级的链接>https://edu.cnblogs.com/campus/besti/2022-2023-1-CFAP......