[GKCTF 2021]XOR

题目

from Crypto.Util.number import *
from hashlib import md5a = getPrime(512)
b = getPrime(512)
c = getPrime(512)
d = getPrime(512)
d1 = int(bin(d)[2:][::-1] , 2)
n1 = a*b
x1 = a^b
n2 = c*d
x2 = c^d1
flag = md5(str(a+b+c+d).encode()).hexdigest()
print("n1 =",n1)
print("x1 =",x1)
print("n2 =",n2)
print("x2 =",x2)#n1 = 83876349443792695800858107026041183982320923732817788196403038436907852045968678032744364820591254653790102051548732974272946672219653204468640915315703578520430635535892870037920414827506578157530920987388471203455357776260856432484054297100045972527097719870947170053306375598308878558204734888246779716599
#x1 = 4700741767515367755988979759237706359789790281090690245800324350837677624645184526110027943983952690246679445279368999008839183406301475579349891952257846
#n2 = 65288148454377101841888871848806704694477906587010755286451216632701868457722848139696036928561888850717442616782583309975714172626476485483361217174514747468099567870640277441004322344671717444306055398513733053054597586090074921540794347615153542286893272415931709396262118416062887003290070001173035587341
#x2 = 3604386688612320874143532262988384562213659798578583210892143261576908281112223356678900083870327527242238237513170367660043954376063004167228550592110478

解题

根据已知的n1、n2、x1、x2解出a、b、c、d就行了

⾸先算a、b,

两个数异或,从低位开始爆破
当异或结果为1时,a b对应的位置上只有两种情况, 1 0或者0 1
当异或结果为0时,a b对应的位置上也只有两种情况, 1 1或者0 0

import itertoolsn1 = 83876349443792695800858107026041183982320923732817788196403038436907852045968678032744364820591254653790102051548732974272946672219653204468640915315703578520430635535892870037920414827506578157530920987388471203455357776260856432484054297100045972527097719870947170053306375598308878558204734888246779716599
x1 = 4700741767515367755988979759237706359789790281090690245800324350837677624645184526110027943983952690246679445279368999008839183406301475579349891952257846a_list, b_list = [0], [0]cur_mod = 1
for i in range(720):cur_mod *= 2nxt_as, nxt_bs = [], []for al, bl in zip(a_list, b_list):for ah, bh in itertools.product([0, 1], repeat=2):aa, bb = ah*(cur_mod // 2) + al, bh*(cur_mod // 2) + blif ((aa * bb % cur_mod == n1 % cur_mod) and ((aa ^ bb) == x1 % cur_mod)):nxt_as.append(aa)nxt_bs.append(bb)a_list, b_list = nxt_as, nxt_bsfor a, b in zip(a_list, b_list):if a * b == n1 and a*b-n1==0 and (a^b)-x1==0:breakprint(a)
print(b)

运行得到

7836147139610655223711469747200164069484878894626166870664740637786609468164555354874619497753277560280939259937394201154154977382033483373128424196987617
10703774182571073361112791376032380096360697926840362483242105878115552437021674861528714598089603406032844418758725744879476596359225265333530235803365847

然后求c、d,和a、b不同,这次是和d1异或,而d1是d的二进制的逆序

import itertoolsn1 = 65288148454377101841888871848806704694477906587010755286451216632701868457722848139696036928561888850717442616782583309975714172626476485483361217174514747468099567870640277441004322344671717444306055398513733053054597586090074921540794347615153542286893272415931709396262118416062887003290070001173035587341x1 = 3604386688612320874143532262988384562213659798578583210892143261576908281112223356678900083870327527242238237513170367660043954376063004167228550592110478a_list, b_list, aa_list, bb_list = [0], [0], [0], [0]x1_bits = [int(x) for x in f'{x1:0512b}'[::-1]]cur_mod = 1
for i in range(256):cur_mod *= 2nxt_as, nxt_bs, nxt_aas, nxt_bbs = [], [], [], []for al, bl, a2, b2 in zip(a_list, b_list, aa_list, bb_list):for ah, bh, ah2, bh2 in itertools.product([0, 1], repeat=4):aa, bb, aa2, bb2 = ah*(cur_mod // 2) + al, bh*(cur_mod // 2) + bl, ah2*(cur_mod // 2) + a2, bh2*(cur_mod // 2) + b2bb2_rev = f'{bb2:0512b}'[::-1]bb2_rev = int(bb2_rev, 2)aa2_rev = f'{aa2:0512b}'[::-1]aa2_rev = int(aa2_rev, 2)gujie = '0' * (i+1) + '1' * (510 - 2 * i) + '0' * (i+1)gujie = int(gujie, 2)if ((aa * bb % cur_mod == n1 % cur_mod) and ((ah ^ bh2) == x1_bits[i]) and (ah2 ^ bh == x1_bits[511-i]) and ((aa2_rev + aa) * (bb2_rev + bb) <= n1) and ((aa2_rev + aa + gujie) * (bb2_rev + bb + gujie) >= n1)):nxt_as.append(aa)nxt_bs.append(bb)nxt_aas.append(aa2)nxt_bbs.append(bb2)a_list, b_list, aa_list, bb_list = nxt_as, nxt_bs, nxt_aas, nxt_bbsfor a, b, aa2, bb2 in zip(a_list, b_list, aa_list, bb_list):aa2_rev = f'{aa2:0512b}'[::-1]aa2_rev = int(aa2_rev, 2)bb2_rev = f'{bb2:0512b}'[::-1]bb2_rev = int(bb2_rev, 2)a = aa2_rev + ab = bb2_rev + bif (a * b == n1):breakprint(a)
print(b)
print(a * b - n1)
print((a ^ b) - x1)

但是我没看懂这位师傅是怎么求的c、d,所以找了另一位的代码:

from hashlib import md5def get_ab(n,x):a = [0]b = [0]maskx = 1maskn = 2for i in range(1024):xbit = (x&maskx)>>inbit = n%maskntaa = []tbb = []for j in range(len(a)):for aa in range(2):for bb in range(2):if aa^bb == xbit:temp2 = n%maskntemp1 = (aa*maskn//2+a[j])*(bb*maskn//2+b[j])%masknif temp1==temp2:taa.append(aa*maskn//2+a[j])tbb.append(bb*maskn//2+b[j])maskx *= 2maskn *= 2a = taab = tbbfor a1 in a:if n % a1 == 0:a = a1b = n//a1return a,b
def get_cd(n,x):p_low = [0]p_high = [0]q_low = [0]q_high = [0]maskx = 1maskn = 2si = 2for i in range(256):x_lowbit = (x& maskx)>>in_lowbits = (n % maskn)tmppp_low = []tmpqq_low =[]tmppp_high = []tmpqq_high = []x_highbit = (x>>(511-i)) & 1n_highbits = (n) >>(1022-2*i)for j in range(len(p_low)):for pp_low in range(2):for qq_low in range(2):for pp_high in range(2):for qq_high in range(2):if pp_low^qq_high ==x_lowbit and qq_low^pp_high == x_highbit:temp1 = ((pp_low * maskn//2 +p_low[j])*(qq_low*maskn//2 +q_low[j]))% maskntemp2 = (((pp_high << (511-i))+p_high[j])* ((qq_high<<(511-i))+q_high[j]))>>(1022-2*i)if temp1 == n_lowbits:if n_highbits-temp2 >=0 and n_highbits-temp2 <=((2<<i+1)-1):tmppp_low.append(pp_low*maskn//2 + p_low[j])tmpqq_low.append(qq_low*maskn//2+q_low[j])tmppp_high.append((pp_high<<(511-i))+p_high[j])tmpqq_high.append((qq_high<<(511-i))+q_high[j])maskn  *= 2maskx *= 2p_low = tmppp_lowq_low = tmpqq_lowp_high = tmppp_highq_high = tmpqq_highfor a in p_low:for b in p_high:if n %(a+b) ==0:p = a+bq = n//preturn p,qn1 = 83876349443792695800858107026041183982320923732817788196403038436907852045968678032744364820591254653790102051548732974272946672219653204468640915315703578520430635535892870037920414827506578157530920987388471203455357776260856432484054297100045972527097719870947170053306375598308878558204734888246779716599
x1 = 4700741767515367755988979759237706359789790281090690245800324350837677624645184526110027943983952690246679445279368999008839183406301475579349891952257846
n2 = 65288148454377101841888871848806704694477906587010755286451216632701868457722848139696036928561888850717442616782583309975714172626476485483361217174514747468099567870640277441004322344671717444306055398513733053054597586090074921540794347615153542286893272415931709396262118416062887003290070001173035587341
x2 = 3604386688612320874143532262988384562213659798578583210892143261576908281112223356678900083870327527242238237513170367660043954376063004167228550592110478a = get_ab(n1,x1)[0]
b = get_ab(n1,x1)[1]
c = get_cd(n2,x2)[0]
d = get_cd(n2,x2)[1]
flag = md5(str(a+b+c+d).encode()).hexdigest()
print(flag)

运行得到:f28ed218415356b4336e2f778f2981bb

答案

GKCTF{f28ed218415356b4336e2f778f2981bb}

[GKCTF 2021]XOR相关推荐

  1. [GKCTF 2021]Random

    [GKCTF 2021]Random 题目 import random from hashlib import md5def get_mask():file = open("random.t ...

  2. CTF——MISC习题讲解(GKCTF 2021系列)

    CTF--MISC习题讲解(GKCTF 2021系列) 前言 接下来陆续给大家复现一些赛事的杂项习题讲解,因为本人也是小白入门,有些题目做的不对还请各位大佬多多包涵. 一.[GKCTF 2021]签到 ...

  3. [GKCTF 2021]RRRRsa

    复现[GKCTF 2021]RRRRsa 拿到题目后,准备操作,额,,, 看了看大佬的wp,恍然大悟,分享一下解题的思路.(部分题目如下) 一般看到这种像hint1的式子,都需要用gcd(,n)去分解 ...

  4. [GKCTF 2021]hackme

    [GKCTF 2021]hackme 进入题目后,题目如上所示,查看页面源代码 提示nosql,这里推荐WHOAMI大佬的文章 这里源代码我们也看到了php头,那我们就看大佬文章里php中的nosql ...

  5. [GKCTF 2021]babycat-revenge

    `[GKCTF 2021]babycat-revenge 一进入题目界面如上所示,简简单单,没法注册,登录试了下弱口令还有注入都不是,也没有什么其他页面 找不到线索就抓个包来看看 好家伙,这个注册页面 ...

  6. GKCTF 2021]excel 骚操作

    题目链接 https://buuoj.cn/challenges#[GKCTF%202021]excel%20%E9%AA%9A%E6%93%8D%E4%BD%9C 打开flag.xlsx 估计和wo ...

  7. [GKCTF 2021]FireFox Forensics

    题目链接 https://buuoj.cn/challenges#[GKCTF%202021]FireFox%20Forensics 解题过程 打开题目,有两个文件分别是firfox的记录文件(log ...

  8. buuctf [GKCTF 2021]你知道apng吗 <apng图片格式的考察>

    下载文件得到个 apng的文件 其可以用火狐打开查看 这里需要下载一个工具: apngdis_gui.exe 来分解这个apng图片 打开来看看 1.这张图片是扭曲的需要拉扯一下 用在线ps 扫描得到 ...

  9. [GKCTF 2021]excel 骚操作

    打开之后,基本是一个空白的excel,一开始以为是用压缩软件解压缩,然后flag藏在那里面,后来发现没有, 然后设置单元格格式为常规,可以显示出很多数字 如图所示, 看上去很像二维码.我们把有数字1的 ...

最新文章

  1. 守住你的网站:防御DDoS***指南
  2. JS循环精灵图背景-遍历背景图片
  3. 手机1像素线粗_豪威推出4800万像素手机传感器:1/2大底
  4. 12种高效率热门编程语言,你会用几个?
  5. creo配置文件config选项详解_5年资深架构师重点聚焦:SpringBoot的配置详解+内嵌Servlet容器
  6. 十八般武艺玩转GaussDB(DWS)性能调优(三):好味道表定义
  7. 使用ASP的优势和劣势
  8. HQChart 股市图表
  9. 6.网络层(4)---IP多播,NAT
  10. mysql 5.5 字符集_mysql 5.5字符集问题
  11. editplus使用php,EditPlus配置PHP调试环境详细图文介绍
  12. php 生成小程序码
  13. icarus主题的博客加载太慢
  14. 技术选型Rust——事后分析
  15. 怎么从扫描的PDF文档/图片里提取文字
  16. PLC内部等效电路怎么设计?
  17. 【防坑指南】nginx重启后出现[error] open() “/usr/local/var/run/nginx/nginx.pid” failed
  18. ArrayList.add方法底层浅析
  19. Unity DOTS学习导航
  20. 内存编址计算题--会一个题能做对一万个题

热门文章

  1. 典型数据中心能耗分析,空调系统选择很重要,想节能可以这样设计
  2. 数据中心绿色新技术的探讨
  3. 带你看看获得鲁班奖的数据中心工程建设的有多完美!!
  4. ML之FE:基于BigMartSales数据集利用Featuretools工具(1个dataframe表结构切为2个Entity表结构)实现自动特征工程之详细攻略
  5. 成功解决UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2 in position 0: invalid continuation byt
  6. Py之huaweicloud-sdk-python:huaweicloud-sdk-python的简介、安装、使用方法之详细攻略
  7. Ubuntu16.04 安装Python开发环境
  8. try-catch-finally 与返回值的修改
  9. PKG_CONFIG_PATH 、LD_LIBRARY_PATH、PATH三个的作用
  10. 彻底弄懂 HTTP 缓存机制及原理 | 干货