[buuctf] crypto全解——85-120(不建议直接抄flag)
2024-05-20 14:37:23
85.[ACTF新生赛2020]crypto-rsa3
查看题目
//output.txt
177606504836499246970959030226871608885969321778211051080524634084516973331441644993898029573612290095853069264036530459253652875586267946877831055147546910227100566496658148381834683037366134553848011903251252726474047661274223137727688689535823533046778793131902143444408735610821167838717488859902242863683
1457390378511382354771000540945361168984775052693073641682375071407490851289703070905749525830483035988737117653971428424612332020925926617395558868160380601912498299922825914229510166957910451841730028919883807634489834128830801407228447221775264711349928156290102782374379406719292116047581560530382210049
//rsa3.py
from flag import FLAG
from Cryptodome.Util.number import *
import gmpy2
import randome=65537
p = getPrime(512)
q = int(gmpy2.next_prime(p))
n = p*q
m = bytes_to_long(FLAG)
c = pow(m,e,n)
print(n)
print(c)
很明显文本里面的一堆数字就是n和c的值
那就很简单了,我们用yafu来分解N,也可以在线分解
factor(177606504836499246970959030226871608885969321778211051080524634084516973331441644993898029573612290095853069264036530459253652875586267946877831055147546910227100566496658148381834683037366134553848011903251252726474047661274223137727688689535823533046778793131902143444408735610821167838717488859902242863683)fac: factoring 177606504836499246970959030226871608885969321778211051080524634084516973331441644993898029573612290095853069264036530459253652875586267946877831055147546910227100566496658148381834683037366134553848011903251252726474047661274223137727688689535823533046778793131902143444408735610821167838717488859902242863683
fac: using pretesting plan: normal
fac: no tune info: using qs/gnfs crossover of 95 digits
div: primes less than 10000
fmt: 1000000 iterations
Total factoring time = 0.6794 seconds***factors found***P155 = 13326909050357447643526585836833969378078147057723054701432842192988717649385731430095055622303549577233495793715580004801634268505725255565021519817179293
P155 = 13326909050357447643526585836833969378078147057723054701432842192988717649385731430095055622303549577233495793715580004801634268505725255565021519817179231ans = 1pq的值youlepy文件里面还有e
那么我们直接带入脚本就可以了(前面写了那么多脚本,我觉得你可以创一个文件夹,到时候把这些带入就可以了,而不是每次都要重新敲)
import gmpy2p = 13326909050357447643526585836833969378078147057723054701432842192988717649385731430095055622303549577233495793715580004801634268505725255565021519817179293
q = 13326909050357447643526585836833969378078147057723054701432842192988717649385731430095055622303549577233495793715580004801634268505725255565021519817179231
c=1457390378511382354771000540945361168984775052693073641682375071407490851289703070905749525830483035988737117653971428424612332020925926617395558868160380601912498299922825914229510166957910451841730028919883807634489834128830801407228447221775264711349928156290102782374379406719292116047581560530382210049
n=177606504836499246970959030226871608885969321778211051080524634084516973331441644993898029573612290095853069264036530459253652875586267946877831055147546910227100566496658148381834683037366134553848011903251252726474047661274223137727688689535823533046778793131902143444408735610821167838717488859902242863683e=65537phin = (p-1)*(q-1)d=gmpy2.invert(e,phin)print(d)m = pow(c,d,n)print(m)
print(hex(m))
print(bytes.fromhex(hex(m)[2:]))
运行得到
114211034069753334213407653232239453818305554069013328909434825806153521279281576615085197039081989621124429727689023600024199258261862403729485816990985486996847830048775714906620288796636212142553235764374111120941140149895595289559560740951667825123772519353303069022288432998660657137564563315041240411393
893441512863695667867454629314548913750576288726628646106246575194731343607717680126106810553506844477056381
0x616374667b705f616e645f715f73686f756c645f6e6f745f62655f736f5f636c6f73655f696e5f76616c75657d
b'actf{p_and_q_should_not_be_so_close_in_value}'
86.[RoarCTF2019]babyRSA
查看题目
import sympy
import randomdef myGetPrime():A= getPrime(513)print(A)B=A-random.randint(1e3,1e5)print(B)return sympy.nextPrime((B!)%A)
p=myGetPrime()
#A1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467234407
#B1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467140596q=myGetPrime()
#A2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858418927
#B2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858351026r=myGetPrime()n=p*q*r
#n=85492663786275292159831603391083876175149354309327673008716627650718160585639723100793347534649628330416631255660901307533909900431413447524262332232659153047067908693481947121069070451562822417357656432171870951184673132554213690123308042697361969986360375060954702920656364144154145812838558365334172935931441424096270206140691814662318562696925767991937369782627908408239087358033165410020690152067715711112732252038588432896758405898709010342467882264362733
c=pow(flag,e,n)
#e=0x1001
#c=75700883021669577739329316795450706204502635802310731477156998834710820770245219468703245302009998932067080383977560299708060476222089630209972629755965140317526034680452483360917378812244365884527186056341888615564335560765053550155758362271622330017433403027261127561225585912484777829588501213961110690451987625502701331485141639684356427316905122995759825241133872734362716041819819948645662803292418802204430874521342108413623635150475963121220095236776428
#so,what is the flag?
做这题看到阶乘一下想到了 gxzy2020 的一题,也是考到了威尔逊定理(Wilson’s theorem):当且仅当p为素数时:( p -1 )! ≡ -1 ( mod p )。
阶乘只乘到 B ,所以把(B+1)乘到(A-1)这一段也补上就得到了威尔逊公式,反之我们可以由用 -1 乘这一段的模反数,就得到了题目中的 (B!)%A 。
from Crypto.Util.number import *
from sympy import nextprime
A1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467234407
B1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467140596A2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858418927
B2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858351026def f(a,b,P):# a*(a+1)*...*b (mod P)ans=1for i in range(a,b+1):ans*=ians%=Preturn ans%Pinv1=inverse(f(B1+1,A1-1,A1),A1)
ans1=((A1-1)*inv1)%A1
p=nextprime(ans1)inv2=inverse(f(B2+1,A2-1,A2),A2)
ans2=((A2-1)*inv2)%A2
q=nextprime(ans2)e=0x1001
c=75700883021669577739329316795450706204502635802310731477156998834710820770245219468703245302009998932067080383977560299708060476222089630209972629755965140317526034680452483360917378812244365884527186056341888615564335560765053550155758362271622330017433403027261127561225585912484777829588501213961110690451987625502701331485141639684356427316905122995759825241133872734362716041819819948645662803292418802204430874521342108413623635150475963121220095236776428
n=85492663786275292159831603391083876175149354309327673008716627650718160585639723100793347534649628330416631255660901307533909900431413447524262332232659153047067908693481947121069070451562822417357656432171870951184673132554213690123308042697361969986360375060954702920656364144154145812838558365334172935931441424096270206140691814662318562696925767991937369782627908408239087358033165410020690152067715711112732252038588432896758405898709010342467882264362733r=(n//p)//q
assert isPrime(r)
d=inverse(e,(p-1)*(q-1)*(r-1))
m=pow(c,d,n)
print(long_to_bytes(m))
运行得到
b'RoarCTF{wm-CongrAtu1ation4-1t4-ju4t-A-bAby-R4A}'
87.坏蛋是雷宾
查看题目
老牌刺客之王混进了女王的住所。一天,女王得到了一个匿名举报,说她的侍卫里有一个刺客,叫做Rabin,而他的信息就在一份文件里,文件中有附带一个Pk,是523798549,密文是162853095,校验码二进制值是110001,根据说明是放在明文后一起加密的,明文与密文长度相同。加密算法和这位老牌刺客同名。快拯救女王,答案是求得的明文,进行32位md5小写哈希字符串,提交即可。 注意:得到的 flag 请包上 flag{} 提交
n分解然后写脚本
'''// python2'''
from gmpy2 import *
import hashlib
n=523798549
p=10663
q=49123
e=2
c=162853095
inv_p = invert(p, q)
inv_q = invert(q, p)mp = pow(c, (p + 1) / 4, p)
mq = pow(c, (q + 1) / 4, q)a = (inv_p * p * mq + inv_q * q * mp) % n
b = n - int(a)
c = (inv_p * p * mq - inv_q * q * mp) % n
d = n - int(c)for i in (a, b, c, d):print(bin(i)[2:])
#在得出的四个解中,找到二进制符合题目的解
#10010011100100100101010110001
m='10010011100100100101010'
mc=str(int(m,2))
md=hashlib.md5()
md.update(mc.encode("utf8"))
flag = md.hexdigest()
print("flag{"+str(flag)+'}')
#flag{ca5cec442b2734735406d78c88e90f35}
88.[AFCTF2018]Single
查看题目
Jmqrida rva Lfmz (JRL) eu m uqajemf seny xl enlxdomrexn uajiderc jxoqarerexnu. Rvada mda rvdaa jxooxn rcqau xl JRLu: Paxqmdyc, Mrrmjs-Yalanja mny oekay.Paxqmdyc-urcfa JRLu vmu m jxiqfa xl giaurexnu (rmusu) en dmnza xl jmrazxdeau. Lxd akmoqfa, Wab, Lxdanuej, Jdcqrx, Benmdc xd uxoarvenz afua. Ramo jmn zmen uxoa qxenru lxd atadc uxftay rmus. Oxda qxenru lxd oxda jxoqfejmray rmusu iuimffc. Rva nakr rmus en jvmen jmn ba xqanay xnfc mlrad uxoa ramo uxfta qdatexiu rmus. Rvan rva zmoa reoa eu xtad uio xl qxenru uvxwu cxi m JRL wenad. Lmoxiu akmoqfa xl uijv JRL eu Yaljxn JRL gimfu.Waff, mrrmjs-yalanja eu mnxrvad enradaurenz seny xl jxoqarerexnu. Vada atadc ramo vmu xwn narwxds(xd xnfc xna vxur) werv tifnmdmbfa uadtejau. Cxid ramo vmu reoa lxd qmrjvenz cxid uadtejau mny yatafxqenz akqfxeru iuimffc. Ux, rvan xdzmnehadu jxnnajru qmdrejeqmnru xl jxoqarerexn mny rva wmdzmoa urmdru! Cxi uvxify qdxrajr xwn uadtejau lxd yalanja qxenru mny vmjs xqqxnanru lxd mrrmjs qxenru. Veurxdejmffc rveu eu m ledur rcqa xl JRLu, atadcbxyc snxwu mbxir YAL JXN JRL - uxoarvenz fesa m Wxdfy Jiq xl mff xrvad jxoqarerexnu.Oekay jxoqarerexnu omc tmdc qxuuebfa lxdomru. Er omc ba uxoarvenz fesa wmdzmoa werv uqajemf reoa lxd rmus-bmuay afaoanru (a.z. IJUB eJRL).JRL zmoau xlran rxijv xn omnc xrvad muqajru xl enlxdomrexn uajiderc: jdcqrxzdmqvc, urazx, benmdc mnmfcueu, datadua anzanaadenz, oxbefa uajiderc mny xrvadu. Zxxy ramou zanadmffc vmta urdxnz useffu mny akqadeanja en mff rvaua euuiau.Iuimffc, lfmz eu uxoa urdenz xl dmnyxo ymrm xd rakr en uxoa lxdomr. Akmoqfa mljrl{Xv_I_lxiny_er_neja_rDc}
我看到这我就直接去在线爆破了
爆破结果
0 -1.448 Capture the Flag (CTF) is a special kind of information security competitions. There are three common types of CTFs: Jeopardy, Attack-Defence and mixed. Jeopardy-style CTFs has a couple of questions (tasks) in range of categories. For example, Web, Forensic, Crypto, Binary or something else. Team can gain some points for every solved task. More points for more complicated tasks usually. The next task in chain can be opened only after some team solve previous task. Then the game time is over sum of points shows you a CTF winer. Famous example of such CTF is Defcon CTF quals. Well, attack-defence is another interesting kind of competitions. Here every team has own network(or only one host) with vulnarable services. Your team has time for patching your services and developing exploits usually. So, then organizers connects participants of competition and the wargame starts! You should protect own services for defence points and hack opponents for attack points. Historically this is a first type of CTFs, everybody knows about DEF CON CTF - something like a World Cup of all other competitions. Mixed competitions may vary possible formats. It may be something like wargame with special time for task-based elements (e.g. UCSB iCTF). CTF games often touch on many other aspects of information security: cryptography, stego, binary analysis, reverse engeneering, mobile security and others. Good teams generally have strong skills and experience in all these issues. Usually, flag is some string of random data or text in some format. Example afctf{Oh_U_found_it_nice_tRy}
1 -3.331 Capture the Flag (CTF) is a special ?ind of information security competitions. There are three common types of CTFs: ?eopardy, Attac?-Defence and mixed. ?eopardy-style CTFs has a couple of ?uestions (tas?s) in range of categories. For example, ?eb, Forensic, Crypto, Binary or something else. Team can gain some points for every solved tas?. More points for more complicated tas?s usually. The next tas? in chain can be opened only after some team solve previous tas?. Then the game time is over sum of points sho?s you a CTF ?iner. Famous example of such CTF is Defcon CTF ?uals. ?ell, attac?-defence is another interesting ?ind of competitions. Here every team has o?n net?or?(or only one host) ?ith vulnarable services. Your team has time for patching your services and developing exploits usually. So, then organi?ers connects participants of competition and the ?argame starts! You should protect o?n services for defence points and hac? opponents for attac? points. Historically this is a first type of CTFs, everybody ?no?s about DEF CON CTF - something li?e a ?orld Cup of all other competitions. Mixed competitions may vary possible formats. It may be something li?e ?argame ?ith special time for tas?-based elements (e.g. UCSB iCTF). CTF games often touch on many other aspects of information security: cryptography, stego, binary analysis, reverse engeneering, mobile security and others. Good teams generally have strong s?ills and experience in all these issues. Usually, flag is some string of random data or text in some format. Example afctf{Oh_U_found_it_nice_tRy}
2 -3.341 Capture the Flag (CTF) is a special ?in? of information security competitions. There are three common types of CTFs: ?eopar?y, Attac?-?efence an? mixe?. ?eopar?y-style CTFs has a couple of ?uestions (tas?s) in range of categories. For example, ?e?, Forensic, Crypto, ?inary or something else. Team can gain some points for e?ery sol?e? tas?. More points for more complicate? tas?s usually. The next tas? in chain can ?e opene? only after some team sol?e pre?ious tas?. Then the game time is o?er sum of points sho?s you a CTF ?iner. Famous example of such CTF is ?efcon CTF ?uals. ?ell, attac?-?efence is another interesting ?in? of competitions. Here e?ery team has o?n net?or?(or only one host) ?ith ?ulnara?le ser?ices. Your team has time for patching your ser?ices an? ?e?eloping exploits usually. So, then organi?ers connects participants of competition an? the ?argame starts! You shoul? protect o?n ser?ices for ?efence points an? hac? opponents for attac? points. Historically this is a first type of CTFs, e?ery?o?y ?no?s a?out ?EF CON CTF - something li?e a ?orl? Cup of all other competitions. Mixe? competitions may ?ary possi?le formats. It may ?e something li?e ?argame ?ith special time for tas?-?ase? elements (e.g. UCS? iCTF). CTF games often touch on many other aspects of information security: cryptography, stego, ?inary analysis, re?erse engeneering, mo?ile security an? others. Goo? teams generally ha?e strong s?ills an? experience in all these issues. Usually, flag is some string of ran?om ?ata or text in some format. Example afctf{Oh_U_foun?_it_nice_tRy}
3 -3.344 Capture twe Flag (CTF) is a special ?ind of information security competitions. Twere are twree common types of CTFs: ?eopardy, Attac?-Defence and mixed. ?eopardy-style CTFs was a couple of ?uestions (tas?s) in range of categories. For example, ?eb, Forensic, Crypto, Binary or sometwing else. Team can gain some points for every solved tas?. More points for more complicated tas?s usually. Twe next tas? in cwain can be opened only after some team solve previous tas?. Twen twe game time is over sum of points swo?s you a CTF ?iner. Famous example of sucw CTF is Defcon CTF ?uals. ?ell, attac?-defence is anotwer interesting ?ind of competitions. Were every team was o?n net?or?(or only one wost) ?itw vulnarable services. Your team was time for patcwing your services and developing exploits usually. So, twen organi?ers connects participants of competition and twe ?argame starts! You swould protect o?n services for defence points and wac? opponents for attac? points. Wistorically twis is a first type of CTFs, everybody ?no?s about DEF CON CTF - sometwing li?e a ?orld Cup of all otwer competitions. Mixed competitions may vary possible formats. It may be sometwing li?e ?argame ?itw special time for tas?-based elements (e.g. UCSB iCTF). CTF games often toucw on many otwer aspects of information security: cryptograpwy, stego, binary analysis, reverse engeneering, mobile security and otwers. Good teams generally wave strong s?ills and experience in all twese issues. Usually, flag is some string of random data or text in some format. Example afctf{Ow_U_found_it_nice_tRy}
4 -3.344 Capture the Flag (CTF) is a special ?ind of information security competitions. There are three common types of CTFs: ?eopardy, Attac?-Defence and mixed. ?eopardy-style CTFs has a couple of ?uestions (tas?s) in range of categories. For example, ?e?, Forensic, Crypto, ?inary or something else. Team can gain some points for e?ery sol?ed tas?. More points for more complicated tas?s usually. The next tas? in chain can ?e opened only after some team sol?e pre?ious tas?. Then the game time is o?er sum of points sho?s you a CTF ?iner. Famous example of such CTF is Defcon CTF ?uals. ?ell, attac?-defence is another interesting ?ind of competitions. Here e?ery team has o?n net?or?(or only one host) ?ith ?ulnara?le ser?ices. Your team has time for patching your ser?ices and de?eloping exploits usually. So, then organi?ers connects participants of competition and the ?argame starts! You should protect o?n ser?ices for defence points and hac? opponents for attac? points. Historically this is a first type of CTFs, e?ery?ody ?no?s a?out DEF CON CTF - something li?e a ?orld Cup of all other competitions. Mixed competitions may ?ary possi?le formats. It may ?e something li?e ?argame ?ith special time for tas?-?ased elements (e.g. UCS? iCTF). CTF games often touch on many other aspects of information security: cryptography, stego, ?inary analysis, re?erse engeneering, mo?ile security and others. Good teams generally ha?e strong s?ills and experience in all these issues. Usually, flag is some string of random data or text in some format. Example afctf{Oh_U_found_it_nice_tRy}
5 -3.345 Capture the Fla? (CTF) is a special ?ind of information security competitions. There are three common types of CTFs: ?eopardy, Attac?-Defence and mixed. ?eopardy-style CTFs has a couple of ?uestions (tas?s) in ran?e of cate?ories. For example, ?eb, Forensic, Crypto, Binary or somethin? else. Team can ?ain some points for every solved tas?. More points for more complicated tas?s usually. The next tas? in chain can be opened only after some team solve previous tas?. Then the ?ame time is over sum of points sho?s you a CTF ?iner. Famous example of such CTF is Defcon CTF ?uals. ?ell, attac?-defence is another interestin? ?ind of competitions. Here every team has o?n net?or?(or only one host) ?ith vulnarable services. Your team has time for patchin? your services and developin? exploits usually. So, then or?ani?ers connects participants of competition and the ?ar?ame starts! You should protect o?n services for defence points and hac? opponents for attac? points. Historically this is a first type of CTFs, everybody ?no?s about DEF CON CTF - somethin? li?e a ?orld Cup of all other competitions. Mixed competitions may vary possible formats. It may be somethin? li?e ?ar?ame ?ith special time for tas?-based elements (e.?. UCSB iCTF). CTF ?ames often touch on many other aspects of information security: crypto?raphy, ste?o, binary analysis, reverse en?eneerin?, mobile security and others. ?ood teams ?enerally have stron? s?ills and experience in all these issues. Usually, fla? is some strin? of random data or text in some format. Example afctf{Oh_U_found_it_nice_tRy}
6 -3.345 Capture the Flag (CTF) is a special ?ind of information security competitions. There are three common types of CTFs: ?eopardy, Attac?-Defence and mi?ed. ?eopardy-style CTFs has a couple of ?uestions (tas?s) in range of categories. For e?ample, ?eb, Forensic, Crypto, Binary or something else. Team can gain some points for every solved tas?. More points for more complicated tas?s usually. The ne?t tas? in chain can be opened only after some team solve previous tas?. Then the game time is over sum of points sho?s you a CTF ?iner. Famous e?ample of such CTF is Defcon CTF ?uals. ?ell, attac?-defence is another interesting ?ind of competitions. Here every team has o?n net?or?(or only one host) ?ith vulnarable services. Your team has time for patching your services and developing e?ploits usually. So, then organi?ers connects participants of competition and the ?argame starts! You should protect o?n services for defence points and hac? opponents for attac? points. Historically this is a first type of CTFs, everybody ?no?s about DEF CON CTF - something li?e a ?orld Cup of all other competitions. Mi?ed competitions may vary possible formats. It may be something li?e ?argame ?ith special time for tas?-based elements (e.g. UCSB iCTF). CTF games often touch on many other aspects of information security: cryptography, stego, binary analysis, reverse engeneering, mobile security and others. Good teams generally have strong s?ills and e?perience in all these issues. Usually, flag is some string of random data or te?t in some format. E?ample afctf{Oh_U_found_it_nice_tRy}
7 -3.357 Capture twe Fla? (CTF) is a special ?ind of information security competitions. Twere are twree common types of CTFs: ?eopardy, Attac?-Defence and mixed. ?eopardy-style CTFs was a couple of ?uestions (tas?s) in ran?e of cate?ories. For example, ?eb, Forensic, Crypto, Binary or sometwin? else. Team can ?ain some points for every solved tas?. More points for more complicated tas?s usually. Twe next tas? in cwain can be opened only after some team solve previous tas?. Twen twe ?ame time is over sum of points swo?s you a CTF ?iner. Famous example of sucw CTF is Defcon CTF ?uals. ?ell, attac?-defence is anotwer interestin? ?ind of competitions. Were every team was o?n net?or?(or only one wost) ?itw vulnarable services. Your team was time for patcwin? your services and developin? exploits usually. So, twen or?ani?ers connects participants of competition and twe ?ar?ame starts! You swould protect o?n services for defence points and wac? opponents for attac? points. Wistorically twis is a first type of CTFs, everybody ?no?s about DEF CON CTF - sometwin? li?e a ?orld Cup of all otwer competitions. Mixed competitions may vary possible formats. It may be sometwin? li?e ?ar?ame ?itw special time for tas?-based elements (e.?. UCSB iCTF). CTF ?ames often toucw on many otwer aspects of information security: crypto?rapwy, ste?o, binary analysis, reverse en?eneerin?, mobile security and otwers. ?ood teams ?enerally wave stron? s?ills and experience in all twese issues. Usually, fla? is some strin? of random data or text in some format. Example afctf{Ow_U_found_it_nice_tRy}
8 -3.357 Capture twe Flag (CTF) is a special ?ind of information security competitions. Twere are twree common types of CTFs: ?eopardy, Attac?-Defence and mi?ed. ?eopardy-style CTFs was a couple of ?uestions (tas?s) in range of categories. For e?ample, ?eb, Forensic, Crypto, Binary or sometwing else. Team can gain some points for every solved tas?. More points for more complicated tas?s usually. Twe ne?t tas? in cwain can be opened only after some team solve previous tas?. Twen twe game time is over sum of points swo?s you a CTF ?iner. Famous e?ample of sucw CTF is Defcon CTF ?uals. ?ell, attac?-defence is anotwer interesting ?ind of competitions. Were every team was o?n net?or?(or only one wost) ?itw vulnarable services. Your team was time for patcwing your services and developing e?ploits usually. So, twen organi?ers connects participants of competition and twe ?argame starts! You swould protect o?n services for defence points and wac? opponents for attac? points. Wistorically twis is a first type of CTFs, everybody ?no?s about DEF CON CTF - sometwing li?e a ?orld Cup of all otwer competitions. Mi?ed competitions may vary possible formats. It may be sometwing li?e ?argame ?itw special time for tas?-based elements (e.g. UCSB iCTF). CTF games often toucw on many otwer aspects of information security: cryptograpwy, stego, binary analysis, reverse engeneering, mobile security and otwers. Good teams generally wave strong s?ills and e?perience in all twese issues. Usually, flag is some string of random data or te?t in some format. E?ample afctf{Ow_U_found_it_nice_tRy}
9 -3.358 Capture twe Flag (CTF) is a special ?ind of information security competitions. Twere are twree common types of CTFs: ?eopardy, Attac?-Defence and mixed. ?eopardy-style CTFs was a couple of ?uestions (tas?s) in range of categories. For example, ?e?, Forensic, Crypto, ?inary or sometwing else. Team can gain some points for e?ery sol?ed tas?. More points for more complicated tas?s usually. Twe next tas? in cwain can ?e opened only after some team sol?e pre?ious tas?. Twen twe game time is o?er sum of points swo?s you a CTF ?iner. Famous example of sucw CTF is Defcon CTF ?uals. ?ell, attac?-defence is anotwer interesting ?ind of competitions. Were e?ery team was o?n net?or?(or only one wost) ?itw ?ulnara?le ser?ices. Your team was time for patcwing your ser?ices and de?eloping exploits usually. So, twen organi?ers connects participants of competition and twe ?argame starts! You swould protect o?n ser?ices for defence points and wac? opponents for attac? points. Wistorically twis is a first type of CTFs, e?ery?ody ?no?s a?out DEF CON CTF - sometwing li?e a ?orld Cup of all otwer competitions. Mixed competitions may ?ary possi?le formats. It may ?e sometwing li?e ?argame ?itw special time for tas?-?ased elements (e.g. UCS? iCTF). CTF games often toucw on many otwer aspects of information security: cryptograpwy, stego, ?inary analysis, re?erse engeneering, mo?ile security and otwers. Good teams generally wa?e strong s?ills and experience in all twese issues. Usually, flag is some string of random data or text in some format. Example afctf{Ow_U_found_it_nice_tRy}
拿第一个提交即可afctf{Oh_U_found_it_nice_tRy}
89.[RoarCTF2019]RSA
查看题目
这道题看着有A什么的但是给了NC
咱还是试一下在线分解N
结果就是一分解就分解出来了
然后有npqc直接写脚本即可(e一般为65537)
import gmpy2q = 842868045681390934539739959201847552284980179958879667933078453950968566151662147267006293571765463137270594151138695778986165111380428806545593588078365331313084230014618714412959584843421586674162688321942889369912392031882620994944241987153078156389470370195514285850736541078623854327959382156753458569p = 139916095583110895133596833227506693679306709873174024876891023355860781981175916446323044732913066880786918629089023499311703408489151181886568535621008644997971982182426706592551291084007983387911006261442519635405457077292515085160744169867410973960652081452455371451222265819051559818441257438021073941183c=41971850275428383625653350824107291609587853887037624239544762751558838294718672159979929266922528917912189124713273673948051464226519605803745171340724343705832198554680196798623263806617998072496026019940476324971696928551159371970207365741517064295956376809297272541800647747885170905737868568000101029143923792003486793278197051326716680212726111099439262589341050943913401067673851885114314709706016622157285023272496793595281054074260451116213815934843317894898883215362289599366101018081513215120728297131352439066930452281829446586562062242527329672575620261776042653626411730955819001674118193293313612128n=117930806043507374325982291823027285148807239117987369609583515353889814856088099671454394340816761242974462268435911765045576377767711593100416932019831889059333166946263184861287975722954992219766493089630810876984781113645362450398009234556085330943125568377741065242183073882558834603430862598066786475299918395341014877416901185392905676043795425126968745185649565106322336954427505104906770493155723995382318346714944184577894150229037758434597242564815299174950147754426950251419204917376517360505024549691723683358170823416757973059354784142601436519500811159036795034676360028928301979780528294114933347127e=65537phin = (p-1)*(q-1)d=gmpy2.invert(e,phin)print(d)m = pow(c,d,n)print(m)
print(hex(m))
print(bytes.fromhex(hex(m)[2:]))
运行得到
8599589881775512182490339390302384847126810744233969198532121090013876515514061191844004921719994842305490870513682688025890863319222633068753414378485078624510630709922513396281417153363777832648184544232199294766471900485392788050293515601012127448268872412182805907996901141107293140818104160339368182321217372234809523842344722549604286239338414176997138752498663184064331483582259621245748238876057665171100280468834141443144340932719393320666917904802256624401993129580989389345716562456345455121702090606106185465724822179950100180548721991615891176882567105125169912160252167465495939533501038099782250065
2222445378180646636797706006131586301300018090566246580838853918878845
0x526f61724354467b776d2d6c316c316c6c316c316c316c3131316c6c7d
b'RoarCTF{wm-l1l1ll1l1l1l111ll}'
flag包裹提交即可
90.[WUSTCTF2020]B@se
查看题目
先看一下base编码少了那四位
import string
s = "JASGBWcQPRXEFLbCDIlmnHUVKTYZdMovwipatNOefghq56rs****kxyz012789+/"
for i in string.ascii_letters + string.digits:if(i not in s):print(i)
得到
j
u
3
4
补全跑一下
from Crypto.Util.number import *
from gmpy2 import *
from functools import reduce
import sympy
import itertools# JASGBWcQPRXEFLbCDIlmnHUVKTYZdMovwipatNOefghq56rs****kxyz012789+/
# coding:utf-8
def My_base64_encode(inputs, s):bin_str = []for i in inputs:x = str(bin(ord(i))).replace('0b', '')bin_str.append('{:0>8}'.format(x))# print(bin_str)outputs = ""nums = 0while bin_str:temp_list = bin_str[:3]if (len(temp_list) != 3):nums = 3 - len(temp_list)while len(temp_list) < 3:temp_list += ['0' * 8]temp_str = "".join(temp_list)# print(temp_str)temp_str_list = []for i in range(0, 4):temp_str_list.append(int(temp_str[i * 6:(i + 1) * 6], 2))# print(temp_str_list)if nums:temp_str_list = temp_str_list[0:4 - nums]for i in temp_str_list:outputs += s[i]bin_str = bin_str[3:]outputs += nums * '='print("Encrypted String:\n%s " % outputs)def My_base64_decode(inputs, s):bin_str = []for i in inputs:if i != '=':x = str(bin(s.index(i))).replace('0b', '')bin_str.append('{:0>6}'.format(x))# print(bin_str)outputs = ""nums = inputs.count('=')while bin_str:temp_list = bin_str[:4]temp_str = "".join(temp_list)# print(temp_str)if (len(temp_str) % 8 != 0):temp_str = temp_str[0:-1 * nums * 2]for i in range(0, int(len(temp_str) / 8)):outputs += chr(int(temp_str[i * 8:(i + 1) * 8], 2))bin_str = bin_str[4:]print("Decrypted String:\n%s " % outputs)# s = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
h = ['j', 'u', '3', '4']
h1 = list(itertools.permutations(h, 4))
for i in h1:m = "".join(i)s = "JASGBWcQPRXEFLbCDIlmnHUVKTYZdMovwipatNOefghq56rs" + m + "kxyz012789+/"input_str = "MyLkTaP3FaA7KOWjTmKkVjWjVzKjdeNvTnAjoH9iZOIvTeHbvD=="# My_base64_encode(input_str)My_base64_decode(input_str, s)运行得到
Decrypted String:
wctf2220{bape64_p_v0ry_e@py_and_fuN}
Decrypted String:
wctf2320{bape64_p_v0ry_e@py_and_fuN}
Decrypted String:
wctf2120{bape64_p_v0ry_e@py_and_fuN}
Decrypted String:
wctf2120{bape64_p_v0ry_e@py_and_fuN}
Decrypted String:
wctf2320{bape64_p_v0ry_e@py_and_fuN}
Decrypted String:
wctf2220{bape64_p_v0ry_e@py_and_fuN}
Decrypted String:
wctf2220{baqe64_q_v1ry_e@qy_and_fuN}
Decrypted String:
wctf2320{baqe64_q_v1ry_e@qy_and_fuN}
Decrypted String:
wctf2120{bare64_!r_v2ry_e@ry_and_fuN}
Decrypted String:
wctf2120{base64_1s_v3ry_e@sy_and_fuN}
Decrypted String:
wctf2320{bare64_!r_v2ry_e@ry_and_fuN}
Decrypted String:
wctf2220{base64_1s_v3ry_e@sy_and_fuN}
Decrypted String:
wctf2020{baqe64_q_v1ry_e@qy_and_fuN}
Decrypted String:
wctf2020{baqe64_q_v1ry_e@qy_and_fuN}
Decrypted String:
wctf2020{bare64_!r_v2ry_e@ry_and_fuN}
Decrypted String:
wctf2020{base64_1s_v3ry_e@sy_and_fuN}
Decrypted String:
wctf2020{bare64_!r_v2ry_e@ry_and_fuN}
Decrypted String:
wctf2020{base64_1s_v3ry_e@sy_and_fuN}
Decrypted String:
wctf2320{baqe64_q_v1ry_e@qy_and_fuN}
Decrypted String:
wctf2220{baqe64_q_v1ry_e@qy_and_fuN}
Decrypted String:
wctf2320{bare64_!r_v2ry_e@ry_and_fuN}
Decrypted String:
wctf2220{base64_1s_v3ry_e@sy_and_fuN}
Decrypted String:
wctf2120{bare64_!r_v2ry_e@ry_and_fuN}
Decrypted String:
wctf2120{base64_1s_v3ry_e@sy_and_fuN} 很明显这里面的
Decrypted String:
wctf2220{base64_1s_v3ry_e@sy_and_fuN}
是最通顺的
flag包裹提交
91.[HDCTF2019]together
查看题目
看到第一个结尾两个等号就很兴奋
结果base解密不出来
看到后面两个就直接KEY就直接公钥解析
两个得到的N是一样的,
base64是一种编码方式而不是一种加密算法
所以将他转换成unicode编码,然后再转换成数
结合共模攻击,flag就出来了
import base64
f1="R3Noy6r3WLItytAmb4FmHEygoilucEEZbO9ZYXx5JN03HNpBLDx7fXd2fl+UL5+11RCs/y0qlTGURWWDtG66eNLzGwNpAKiVj6I7RtUJl2Pcm3NvFeAFwI9UsVREyh7zIV6sI9ZP8l/2GVDorLAz5ULW+f0OINGhJmZm8FL/aDnlfTElhQ87LPicWpXYoMtyr6WrxjK6Ontn8BqCt0EjQ7TeXZhxIH9VTPWjDmFdmOqaqdVIT+LZemTgLNESwM5nn4g5S3aFDFwj1YiDYl0/+8etvKfOrfoKOwR0CxsRHagwdUUTES8EcHLmMGCxCkDZn3SzmmA6Nb3lgLeSgG8P1A=="
f2="O+rRCXI3aTB6P1rYIOPUdalUp6ujpwEq4I20CoWA+HIL8xxGtqY6N5gpr0guZv9ZgOEAMFnBxOqMdVNnB9GgnhmXtt1ZWydPqIcHvlfwpd/Lyd0XSjXnjaz3P3vOQvR71cD/uXyBA0XPzmnTIMgEhuGJVFm8min0L/2qI7wg/Z7w1+4mOmi655JIXeCiG23ukDv6l9bZuqfGvWCa1KKXWDP31nLbp0ZN2obUs6jEAa1qVTaX6M4My+sks+0VvHATrAUuCrmMwVEivqIJ/nS6ymGVERN6Ohnzyr168knEBKOVj0FAOx3YLfppMM+XbOGHeqdKJRLpMvqFXDMGQInT3w=="import Crypto.Util.number
c1=Crypto.Util.number.bytes_to_long(base64.b64decode(f1))
c2=Crypto.Util.number.bytes_to_long(base64.b64decode(f2))
n=14853081277902411240991719582265437298941606850989432655928075747449227799832389574251190347654658701773951599098366248661597113015221566041305501996451638624389417055956926238595947885740084994809382932733556986107653499144588614105694518150594105711438983069306254763078820574239989253573144558449346681620784979079971559976102366527270867527423001083169127402157598183442923364480383742653117285643026319914244072975557200353546060352744263637867557162046429886176035616570590229646013789737629785488326501654202429466891022723268768841320111152381619260637023031430545168618446134188815113100443559425057634959299
e1=2333
e2=23333
import gmpy2
import binascii
def exgcd(m, n, x, y):if n == 0:x = 1y = 0return (m, x, y)a1 = b = 1a = b1 = 0c = md = nq = int(c / d)r = c % dwhile r:c = dd = rt = a1a1 = aa = t - q * at = b1b1 = bb = t - q * bq = int(c / d)r = c % dx = ay = breturn (d, x, y)
ans=exgcd(e1,e2,0,0)
s1=ans[1]
s2=ans[2]
m=(gmpy2.powmod(c1,s1,n)*gmpy2.powmod(c2,s2,n))%n
print(binascii.unhexlify(hex(m)[2:]))
运行得到
b'flag{23re_SDxF_y78hu_5rFgS}'
92.[AFCTF2018]可怜的RSA
查看题目两个附件
很明显还是一个base一个公钥解密
而且这个N也是可以分解的
分解网站我上面有就不设置超链接了
然后就是常规的求私钥
这边因为flag.enc是RSA的PKCS1_OAEP加密得来的。所以我们这边也是给生成一个私钥文件。
在做到这边的时候,如何导出一个私钥文件。找了一下百度上的方法。都是先generate后给参数分别赋值的。但是我发现我并不行,试了一下python3和python2下的Crypto库都得到一个报错
Exception has occurred: AttributeError
can’t set attribute
也就是现在无法通过这么直接赋值了。
这种情况的话,可以去看下python调用的Crypto库里面的RSA模块的一个底层的实现。
发现有一个construct函数,传入一个rsa_components参数,是一个元组型的数据,也就是tuple类型的,分别是(n,e,d,p,q)
phi=(p-1)*(q-1)
d=gmpy2.invert(e,phi)
rsa_components=(n,e,int(d),p,q)
arsa=RSA.construct(rsa_components)
arsa.exportKey()
然后导出的私钥,对加密后的密文,使用PKCS1_OAEP模块进行解密即可。
脚本如下
`from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
f=open("public.key","r")
key=RSA.import_key(f.read())
f.close()
e=key.e
n=key.n
import base64
from Crypto.Util.number import *
import gmpy2
p= 3133337
q=25478326064937419292200172136399497719081842914528228316455906211693118321971399936004729134841162974144246271486439695786036588117424611881955950996219646807378822278285638261582099108339438949573034101215141156156408742843820048066830863814362379885720395082318462850002901605689761876319151147352730090957556940842144299887394678743607766937828094478336401159449035878306853716216548374273462386508307367713112073004011383418967894930554067582453248981022011922883374442736848045920676341361871231787163441467533076890081721882179369168787287724769642665399992556052144845878600126283968890273067575342061776244939
print(p*q==n)
f=open("flag.enc","r")
c_base64=f.read().strip("\n")
c_bytes=base64.b64decode(c_base64)
c=bytes_to_long(c_bytes)
phi=(p-1)*(q-1)
d=gmpy2.invert(e,phi)
rsa_components=(n,e,int(d),p,q)
arsa=RSA.construct(rsa_components)
rsakey = RSA.importKey(arsa.exportKey())
rsakey = PKCS1_OAEP.new(rsakey)
decrypted = rsakey.decrypt(c_bytes)
print(decrypted)`
运行得到
b'afctf{R54_|5_$0_B0rin9}'
93.[网鼎杯 2020 青龙组]boom
查看题目
一个exe,先说一下我翻车的时候。。我一开始是直接打开的这个exe但是你写到最后一步,崩就没了
我这边用min+r打开cmd船靠在切换到exe的
first:this string md5:46e5efe6165a5afb361217446a2dbd01
md5在线解密
en5oy
一个三元一次方程
This time:Here are have some formulas
3x-y+z=185
2x+3y-z=321
x+y+z=173
input: x =
脚本:
from sympy import *
x = Symbol('x')
y = Symbol('y')
z = Symbol('z')
print(solve([3*x-y+z-185,2*x+3*y-z-321,x+y+z-173],[x, y,z]))
运行得到
{x: 74, y: 68, z: 31}
一元二次方程
Last time: Kill it
x*x+x-7943722218936282=0
input x:
脚本
import math
print("ax*x+bx+c=0")
a = float(input("input a:"))
b = float(input("input b:"))
c = float(input("input c:"))
p = b*b-4*a*c
if p < 0:print("None")exit()
else:X1 = (-b+math.sqrt(p))/(2*a)X2 = (-b-math.sqrt(p))/(2*a)
print("X1: " + str(X1))
print("X2: " + str(X2))
运行得到
ax*x+bx+c=0
input a:1
input b:1
input c:-7943722218936282
X1: 89127561.0
X2: -89127562.0
在cmd框里最后得到
Last time: Kill it
x*x+x-7943722218936282=0
input x: 89127561
Great This is your FLAG
flag{en5oy_746831_89127561}
D:\ctfbisai\buumima\attachment(4)>
94.[WUSTCTF2020]大数计算
查看题目
我都不知道这个wp该怎么写。。。
脚本运行吧
#Part1 = 2020*2019*2018* ... *3*2*1 的前8位
p1=1
for i in range(1,2021):p1*=i
p1=str(p1)[0:8]
#print(p1)
part1=hex(int(p1))
print(part1)
#Part2 = 520^1314 + 2333^666 的前8位
p2=520**1314 + 2333**666
p2=str(p2)[0:8]
#print(p2)
part2=hex(int(p2))
print(part2)
#Part3 = 宇宙终极问题的答案 x,y,z绝对值和的前8位
p3=80538738812075974 + 80435758145817515 + 12602123297335631
p3=str(p3)[0:8]
#print(p3)
part3=hex(int(p3))
print(part3)
#Part4 = 见图片附件,计算结果乘上1314
p4=(22**2+36)*1314
p4=str(p4)[0:8]
#print(p4)
part4=hex(int(p4))
print(part4)
print('wctf2020{'+str(part1)+'-'+str(part2)+'-'+str(part3)+'-'+str(part4)+'}')
运行得到
0x24d231f
0x403cfd3
0x108db5e
0xa6d10
wctf2020{0x24d231f-0x403cfd3-0x108db5e-0xa6d10}
去掉0x提交
95.RSA & what
查看题目
HUB1
785095419718268286866508214304816985447077293766819398728046411166917810820484759314291028976498223661229395009474063173705162627037610993539617751905443039278227583504604808251931083818909467613277587874545761074364427549966555519371913859875313577282243053150056274667798049694695703660313532933165449312949725581708965417273055582216295994587600975970124811496270080896977076946000102701030260990598181466447208054713391526313700681341093922240317428173599031624125155188216489476825606191521182034969120343287691181300399683515414809262700457525876691808180257730351707673660380698973884642306898810000633684878715402823143549139850732982897459698089649561190746850698130299458080255582312696873149210028240898137822888492559957665067936573356367589784593119016624072433872744537432005911668494455733330689385141214653091888017782049043434862620306783436169856564175929871100669913438980899219579329897753233450934770193915434791427728636586218049874617231705308003720066269312729135764175698611068808404054125581540114956463603240222497919384691718744014002554201602395969312999994159599536026359879060218056496345745457493919771337601177449899066579857630036350871090452649830775029695488575574985078428560054253180863725364147
1697412629526163150748619328091306742267675740578011800062477174189782151273970783531227579758540364970485350157944321579108232221072397135934034064481497887079641131808838242743811511451355024436983050572020925065644355566434625618133203024215941534926113892937988520918939061441606915556516246057349589921494351383160036280826024605351878408056180907759973804117263002554923041750587548819746346813966673034182913325507826219961923932100526305289894965216608254252188398580139545189681875824089456195044984585824938384521905334289906422454152976834867304693292466676355760173232407753256256317546190171995276258924613533179898467683358934751999655196790168438343198229183747091108262988777659858609744709324571850262293294975336628234767258858873839342596887193772615000676401522431518310648303975593582965021189182246986957349253156736526071639973844039068996404290548474640668851856078201093335425412842295604919065487301340901573809617549185106072798799159726375235125260509158832996701927878713084753334549129580912412168594170659605421750204835970231909591063407612779337478065175988365401590396247576709343727196106058477166945670117868989025903023998142850338956985816131805349549059377047477131270847579095628384569645636821650
494644347943710545224678831941589086572700792465459558770782213550069709458568349686998660541810166872034041584767487150140111151788221460027897193248273461607411027815984883969396220626358625041781558277804930212654296704055890683796941327712758797770820006623289146990000114915293539639766846910274034245607746230740851938158390562286057002223177609606376329007676845450142537930798148258428701466415483232670659815791064681384406494388237742330786225557303988025468036820082959712050733095860546860468575857084616069132051094882919253745234762029759124776348047587755897123575123506976140900565238840752841856713613368250071926171873213897914794115466890719123299469964019450899291410760762179836946570945555295288184698184555018368687708432612286248476073758067175481771199066581572870175460016017100414479346437034291784837132240891321931601494414908927713208448927221095745802380014441841139882391378410438764884597938773868771896252329517440068673532468372840830510218585255432000690265226016573313570977945083879214961394087065558376158826938257664840570952233832852869328785568175434516247720356520242602299510374317488182738732700078879665745909603766482100138001417023680647717824323143388857817595766172152883484274718248
152942283599728307168144137370127212672611894072038732126041098102628831053000986759260271210671922070555948023688596575415822984026159010574404359474670428678518262175033880513984372909748992727828381694416776740981021730545374002974037896534944567124543272737618380646771071804878796585983783360553761828325817820260204820004421979881871027255562690952334900616675606524933557440263648233514757200263521499508373975003431306847453046714027687108396945719803444444954079308404947126216395526551292104722047878178373207886033071857277857997932255251315982837892164421298202073945919187779856785892717251746704537315003771369737854896595170485152591013676942418134278534037654467840633528916812275267230155352077736583130992587670941654695382287023971261529987384520843829695778029311786431227409189019205818351911572757145556993606643464336196802350204616056286497246016800105003143046120608673496196758720552776772796609670537056331996894322779267635281472481559819839042424017171718303214059720568484939239370144038161541354254182769979771948759413102933987773401644506930205164891773826513161783736386604783484446345744957119469799231796368324927570694496679453313927562345656690240414624431304646248599226046524702364131095964335
79717988936247951265489157583697956031893477858854186991051529161879478488281744062318600470906120960002282886511477294555606503083169449335174864424180701080203993329996226566203834693869525797695969610065991941396723959032680019082506816443041598300477625793433080664346470586416385854692124426348587211026568667694805849554780794033764714016521711467557284846737236374990121316809833819996821592832639024026411520407330206281265390130763948165694574512140518775603040182029818771866749548761938870605590174330887949847420877829240131490902432602005681085180807294176837646062568094875766945890382971790015490163385088144673549085079635083262975154206269679142412897438231719704933258660779310737302680265445437771977749959110744959368586293082016067927548564967400845992380076107522755566531760628823374519718763740378295585535591752887339222947397184116326706799921515431185636740825707782742373783475781052674257292910213843986132987466810027275052416774693363446184518901899202502828670309452622347532932678874990809930682575738653876289384151496807194146308614368821006660626870989784697045160231069428458961107751207771093777394616856305293335603892178327520756554333365975114235981173451368131680404850832773147333013716920
123111353650401158556639983459870663057297871992927053886971224773529636525110628183715748795987525113177540092814119928708272290370336537110381023134637759740716140969662183269370676630325583385284994943164692397459103195434968057377474610500216801375394703781249039351368816958227409657934091741509357152328382960684515093945552479461382281913961956745154260686029997827565075768703774895750561575155143606297116391666385705899138085693913246313778033627210312268959737394553510894720099165193981333775907531107232556909478156441457899797515694348816961762796703443502856101079430585547997496001098926600499728389113862894833789669213630332988693669889340482430613291490613803204484751470676686041002772556117213612152322606737150858116122936539131795111263513114569794532805886643087299918196635113037777138666914296986040549274559835214505300618256105508764026461518876579387159881983544667258537064954616097750399839661065797883103731694314852301848272092388637114950059216922969842082648527035538090054093890365647676119748995243416337805666557501345234056968476142608491830438065401219751688687373709390057521910942736632126729711606256158399963682990881473178216060827021373776598901281958527655543318413664277921492723185984
36869806815936046911848195817405817350259890871483063184373728397968909458432625046025376290214729914038387534731762237978339011724858818860181178811639468996206294711495853807311240013786226884265118119546377272154555615363105236192878292703331473547623021744317034819416624562896226194523639793573028006666236271812390759036235867495803255905843636447252225413871038762657801345647584493917576263471587347202664391908570140389126903204602391093990827188675090199750617303773574821926387194478875191828814971296674530519321530805302667925998711835019806761133078403281404889374663875077339168901297819436499920958268483684335998301056068380228873524800383911402490807139268964095165069610454677558808756444381542173782815227920906224931028457073652453777424387873533280455944646592996920617956675786286711447540353883400282402551158169958389450168079568459656526911857835375748015814860506707921852997096156275804955989964215077733621769938075413007804223217091604613132253046399456747595300404564172224333936405545921819654435437072133387523533568472443532200069133022979195685683508297337961701169394794966256415112246587706103819620428258245999539040721929317130088874161577093962579487428358736401687123174207198251449851429295
HUB2
785095419718268286866508214304816985447077293766819398728046411166917810820484759314291028976498223661229395009474063173705162627037610993539617751905443039278227583504604808251931083818909467613277587874545761074364427549966555519371913859875313577282243053150056274667798049694695703660313532933165449312949725581708965417273055582216295994587600975970124811496270080896977076946000102701030260990598181466447208054713391526313700681341093922240317428173599031624125155188216489476825606191521182034969120343287691181300399683515414809262700457525876691808180257730351707673660380698973884642306898810000633684878715402823143549139850732982897459698089649561190746850698130299458080255582312696873149210028240898137822888492559957665067936573356367589784593119016624072433872744537432005911668494455733330689385141214653091888017782049043434862620306783436169856564175929871100669913438980899219579329897753233450934770193915434791427728636586218049874617231705308003720066269312729135764175698611068808404054125581540114956463603240222497919384691718744014002554201602395969312999994159599536026359879060218056496345745457493919771337601177449899066579857630036350871090452649830775029695488575574985078428560054253180863725364147
599592169079372093727306100216011395857825646323934289480976073629037543922902098120901138454462177159996376654176248238979132528728327590301098966139983157980612320563496546128644967731000716697705104079039156276714872147463350811303393260622707024952543509891692246246277965823414460326811240048060543656588688604452353899779068825120910282167004715339763187734797180326976132213325054697165320479166356562518029805927741656605174809726397565772271562066078076105491745903986597877400370206718954975288721072048333678609055008135809089304229015364348490924974097403734627265297637171818849461766523691595241613878709865506436588268999163342945070495338153600520537498539457396582804692959296612715752573140296135784933206146091436617979599749774330699946637591406356289409716084034451049094715202196203486088368791744107629271647320273259836915312794297246589501008666299165717722507702866033454215783240025504356157664454861755286285777763585177751796252655008206383024707883077513745863312079349790275094080707502392866946325796914450602264462588722052297430827681750827349094323968337670311272933785838850649376115667223821665435911506351891489985627506615492005617098615432522564204152887767244129985681083657783356557756654335186
373940646416832740878733255707567753033716583448402000789202767511920210382830343955553654111486728333980557319799362514960627879016797491389812007768832730979916230647641872759001906846747977631675704310179448857128160385701185892914523053669366534408863734305635222625590986006420486092550427301086984563126480814987024980594613542978310129247678826691418335300577577527951623696426435497835228167084738007750914270251001921329521479047662848650808989996085600197309361410863238526802127877523767262921515150984998560136647154865791163316503073285223966216441025637452229043510097323724381056976302288136843260163922706692913035222445496716008888946581535004546355744211680390731257309941902587303353139951102244865270295414474488798335404630458489706639805186573874814586736746232358849677477533671968344154242963289415569487579895910660999043578737461300406937828924818002658292769882181668784501439254131996848948120781562158861495883827848139425862249576454689133681009549361314460818658995959098228995702202268649635363105549975932395335076521137604288520082040121286614922986554652700056148966514178935952363036963217619879899671383604638416567950421350546204434902113156720006282720889591288850271076074941927715678306057176
527630926460622936571385649841758214453416849039412401087443444317101857090904711485538107058823056085840539073345920792871368232355475394571098380596835468509997340505604333730547799560998822989747473780307779717715522787724471724766494090783971030594671013168209717686720448579582618378459567979027822271918653169622428153856198907810040224340270362413432495029672123261375400927159831537760709974778708160583252613784358234858583174544777979242887938827573604837766801998381379999076416444683891078093889686055482709838668356120916040352123019019255084513769603803814947774554028717814638951416291274696771515474086351482107953150253616922787262398450376249126999644026382478413080973933173079111305142716133389111399235545279259017424722601848670061556859163943895466553927946412523750166582734005733378328468250568944945912238495877929717101722314678120172228493787964904072583905721074766711732215815561012960394537195757832959268603775112932862105945720853959285187521763557915356428113876893276879775603217718981852114599706699524551973934242045743122744146361596971245034059345915315495232135483464496114770357536576200511490922413208178149869347802988786513451486411409887164516065062084917556120712465074206435831498113605
8786437178698940322877889807009957616777351844979869726962356553244050911283984280960665761649310895230455072977431415102053987735969326553978994853162483051544656873294555116009995592043183070208706258164840540599577072097104139505857517663273929851202628854185356185647194933800084230503413037858893307713037149307477830536758283681093517617820169181420796105338681582230788318108428132051793761014952837330456262272828627355701464740578197966332613127307037255647286823496355917642353327912440019621838870388091824748629637425759125214639885130163183752378908729773517053259212525494555880921052679512582051516604297098204363525081039382358483926727008679327719083138865969291911863630382097160230960738043575559330264018212774424527719153248563876760067931499029384228993253862501939337758514377472011933279273181144830381169849387893799390755052093069179605579485710343655570028592595882436632426527654452895431758715126580164902410286422637215098476316042367916779431052267545769495994723721129943616294879642305545894912914632980455031755879087401575310699765408473606166727137934224515998416625122213056208800095077933103150699272650116151674702438463062734472714004926103668378506804002740045547964716693536349447660850580
205314962204511500352858372254132533167549960825498949618514841570703199264867431580754674275990554478140637041427842111391746883257447120035947621456863890934062044010795443059281736346976175772415034838334682726635263432655537852942177334888025283748611576171534251461847349566505628290587224150869640386437623371249743165260396675220683302142805646368906930575140628610003919131999295855501215111393294818218799982703289304596989070475000081175510085432290264502023736899104746316830742226946395027029820825791831870857382647221322734605026210073093918331247494307555600335550942340526536281372036612138713881098866303169425501998978400008829873080965592009371176208668290074288903681417933657472279670688597862835627506340169978450918788539270346340385928840299573889292189531738082166408734046381423516467694328971385421907314814283489322619386570046183556572383980777277173349209330683424343658179781015072259378576130442222984963071166207642585589822061597282467850868050737957726423713761694231879497037175627546427449730638216214828463003483408928375620315193290871300316930139260521382533279767663839278693750409419493280753368451508802658272220767624766390639285308433607255253282702383762149755935518922075584637512494819
271453634732502613378948161256470991260052778799128789839624515809143527363206813219580098196957510291648493698144497567392065251244844074992734669490296293997386198359280316655904691639367482203210051809125904410431506925238374843856343243276508280641059690938930957474434518308646618959004216831130099873532714372402117796666560677624822509159287675432413016478948594640872091688482149004426363946048517480052906306290126242866034249478040406351940088231081456109195799442996799641647167552689564613346415247906852055588498305665928450828756152103096629274760601528737639415361467941349982213641454967962723875032638267311935042334584913897338553953961877439389588793074211502597238465542889335363559052368180212013206172712561221352833891640659020253527584706465205486408990762759230842192028381048563437724528409174790022752557512795782713125166158329880702730769957185428522011430144840232256419113631679343171680631630775266488738173707357123139368825087043785842169049943237537188129367275730984789479909103397937113837824575137021012333461552176687570010445744268373840742899299977372834041925102853718964831225250407279578465008537542659673685686242773379131904890865110699190451534445434533919127658976874721029586168106207
README.txt
素数生成算法太麻烦了,有没有取巧的方法呢?
诶,这里好像有个不错的想法哟。
看起来节约了不少时间呢,嘿嘿嘿……
顺便问问,应该大家都知道base64吧,用来编码还是很方便的呢!
rsa.py
from Crypto.Util.number import bytes_to_long, getPrime
from random import randint
from gmpy2 import powmodp = getPrime(2048)
q = getPrime(2048)
N = p*q
Phi = (p-1)*(q-1)
def get_enc_key(N,Phi):e = getPrime(N)if Phi % e == 0:return get_enc_key(N, Phi)else:return e
e1 = get_enc_key(randint(10, 12), Phi)
e2 = get_enc_key(randint(10, 12), Phi)fr = open(r"./base64", "rb")#flag is in this file
f1 = open(r"./HUB1", "wb")
f2 = open(r"./HUB2", "wb")
base64 = fr.read(255)
f1.write("%d\n%d\n" % (N, e1))
f2.write("%d\n%d\n" % (N, e2))
while len(base64)>0:pt = bytes_to_long(base64)ct1 = powmod(pt, e1, N)ct2 = powmod(pt, e2, N)f1.write("\n%d" % ct1)f2.write("\n%d" % ct2)base64 = fr.read(255)
fr.close()
f1.close()
f2.close()N一样 很容易想到共模攻击
from Crypto.Util.number import*
import base64def egcd(a, b):if a == 0:return (b, 0, 1)else:g, y, x = egcd(b % a, a)return (g, x - (b // a) * y, y)def CMA(n,e1,e2,c1,c2):s = egcd(e1, e2)s1 = s[1]s2 = s[2]if s1<0:s1 = - s1c1 = inverse(c1, n)elif s2<0:s2 = - s2c2 = inverse(c2, n)m = pow(c1,s1,n)*pow(c2,s2,n) % nreturn mf1=open("HUB1")
f2=open("HUB2")
N=f1.readline()
N=f2.readline()
e1,e2=f1.readline(),f2.readline()
f1.readline()
f2.readline()
c1,c2=f1.readline(),f2.readline()
ans=b''
cnt=0
while len(c1)!=0:cnt+=1ans+=long_to_bytes(CMA(int(N),int(e1),int(e2),int(c1),int(c2)))#print(base64.b64decode(temp))c1,c2=f1.readline(),f2.readline()
temp=b''
M=b''
print(ans)
for i in ans:k=long_to_bytes(i)#print(i," ",end="")if k==b'\n':M+=base64.b64decode(temp)temp=b''continuetemp+=k
print(M)
运行得到
b'VEhJUz==\nRkxBR3==\nSVN=\nSElEREVOLo==\nQ0FO\nWU9V\nRklORM==\nSVT=\nT1VUP4==\nRE8=\nWU9V\nS05PV9==\nQkFTRTY0P5==\nWW91bmdD\nVEhJTku=\nWU9V\nQVJF\nTk9U\nVEhBVE==\nRkFNSUxJQVI=\nV0lUSO==\nQkFTRTY0Lh==\nQmFzZTY0\naXO=\nYW==\nZ3JvdXA=\nb2b=\nc2ltaWxhcn==\nYmluYXJ5LXRvLXRleHR=\nZW5jb2Rpbme=\nc2NoZW1lc0==\ndGhhdD==\ncmVwcmVzZW50\nYmluYXJ5\nZGF0YW==\naW5=\nYW6=\nQVNDSUl=\nc3RyaW5n\nZm9ybWF0\nYnk=\ndHJhbnNsYXRpbmd=\naXS=\naW50b1==\nYT==\ncmFkaXgtNjQ=\ncmVwcmVzZW50YXRpb24u\nVGhl\ndGVybc==\nQmFzZTY0\nb3JpZ2luYXRlc8==\nZnJvbd==\nYY==\nc3BlY2lmaWN=\nTUlNRT==\nY29udGVudI==\ndHJhbnNmZXI=\nZW5jb2Rpbmcu\nVGhl\ncGFydGljdWxhct==\nc2V0\nb2b=\nNjR=\nY2hhcmFjdGVyc5==\nY2hvc2Vu\ndG+=\ncmVwcmVzZW50\ndGhl\nNjQ=\ncGxhY2UtdmFsdWVz\nZm9y\ndGhl\nYmFzZd==\ndmFyaWVz\nYmV0d2Vlbt==\naW1wbGVtZW50YXRpb25zLp==\nVGhl\nZ2VuZXJhbI==\nc3RyYXRlZ3n=\naXO=\ndG9=\nY2hvb3Nl\nNjR=\nY2hhcmFjdGVyc5==\ndGhhdA==\nYXJl\nYm90aN==\nbWVtYmVyc5==\nb2a=\nYS==\nc3Vic2V0\nY29tbW9u\ndG8=\nbW9zdM==\nZW5jb2RpbmdzLA==\nYW5k\nYWxzb8==\ncHJpbnRhYmxlLg==\nVGhpc9==\nY29tYmluYXRpb25=\nbGVhdmVz\ndGhl\nZGF0YW==\ndW5saWtlbHk=\ndG/=\nYmV=\nbW9kaWZpZWS=\naW5=\ndHJhbnNpdE==\ndGhyb3VnaN==\naW5mb3JtYXRpb26=\nc3lzdGVtcyw=\nc3VjaN==\nYXM=\nRS1tYWlsLD==\ndGhhdA==\nd2VyZQ==\ndHJhZGl0aW9uYWxseQ==\nbm90\nOC1iaXQ=\nY2xlYW4uWzFd\nRm9y\nZXhhbXBsZSw=\nTUlNRSdz\nQmFzZTY0\naW1wbGVtZW50YXRpb24=\ndXNlcw==\nQahDWiw=\nYahDeiw=\nYW5k\nMKhDOQ==\nZm9y\ndGhl\nZmlyc3Q=\nNjI=\ndmFsdWVzLg==\nT3RoZXI=\ndmFyaWF0aW9ucw==\nc2hhcmU=\ndGhpcw==\ncHJvcGVydHk=\nYnV0\nZGlmZmVy\naW4=\ndGhl\nc3ltYm9scw==\nY2hvc2Vu\nZm9y\ndGhl\nbGFzdA==\ndHdv\ndmFsdWVzOw==\nYW4=\nZXhhbXBsZQ==\naXM=\nVVRGLTcu'
b"THISFLAGISHIDDEN.CANYOUFINDITOUT?DOYOUKNOWBASE64?YoungCTHINKYOUARENOTTHATFAMILIARWITHBASE64.Base64isagroupofsimilarbinary-to-textencodingschemesthatrepresentbinarydatainanASCIIstringformatbytranslatingitintoaradix-64representation.ThetermBase64originatesfromaspecificMIMEcontenttransferencoding.Theparticularsetof64characterschosentorepresentthe64place-valuesforthebasevariesbetweenimplementations.Thegeneralstrategyistochoose64charactersthatarebothmembersofasubsetcommontomostencodings,andalsoprintable.Thiscombinationleavesthedataunlikelytobemodifiedintransitthroughinformationsystems,suchasE-mail,thatweretraditionallynot8-bitclean.[1]Forexample,MIME'sBase64implementationusesA\xa8CZ,a\xa8Cz,and0\xa8C9forthefirst62values.Othervariationssharethispropertybutdifferinthesymbolschosenforthelasttwovalues;anexampleis"再看第三个提示,就知道是base隐写
我白嫖了一个隐写脚本
from Crypto.Util.number import*
import base64
c = b'VEhJUz==\nRkxBR3==\nSVN=\nSElEREVOLo==\nQ0FO\nWU9V\nRklORM==\nSVT=\nT1VUP4==\nRE8=\nWU9V\nS05PV9==\nQkFTRTY0P5==\nWW91bmdD\nVEhJTku=\nWU9V\nQVJF\nTk9U\nVEhBVE==\nRkFNSUxJQVI=\nV0lUSO==\nQkFTRTY0Lh==\nQmFzZTY0\naXO=\nYW==\nZ3JvdXA=\nb2b=\nc2ltaWxhcn==\nYmluYXJ5LXRvLXRleHR=\nZW5jb2Rpbme=\nc2NoZW1lc0==\ndGhhdD==\ncmVwcmVzZW50\nYmluYXJ5\nZGF0YW==\naW5=\nYW6=\nQVNDSUl=\nc3RyaW5n\nZm9ybWF0\nYnk=\ndHJhbnNsYXRpbmd=\naXS=\naW50b1==\nYT==\ncmFkaXgtNjQ=\ncmVwcmVzZW50YXRpb24u\nVGhl\ndGVybc==\nQmFzZTY0\nb3JpZ2luYXRlc8==\nZnJvbd==\nYY==\nc3BlY2lmaWN=\nTUlNRT==\nY29udGVudI==\ndHJhbnNmZXI=\nZW5jb2Rpbmcu\nVGhl\ncGFydGljdWxhct==\nc2V0\nb2b=\nNjR=\nY2hhcmFjdGVyc5==\nY2hvc2Vu\ndG+=\ncmVwcmVzZW50\ndGhl\nNjQ=\ncGxhY2UtdmFsdWVz\nZm9y\ndGhl\nYmFzZd==\ndmFyaWVz\nYmV0d2Vlbt==\naW1wbGVtZW50YXRpb25zLp==\nVGhl\nZ2VuZXJhbI==\nc3RyYXRlZ3n=\naXO=\ndG9=\nY2hvb3Nl\nNjR=\nY2hhcmFjdGVyc5==\ndGhhdA==\nYXJl\nYm90aN==\nbWVtYmVyc5==\nb2a=\nYS==\nc3Vic2V0\nY29tbW9u\ndG8=\nbW9zdM==\nZW5jb2RpbmdzLA==\nYW5k\nYWxzb8==\ncHJpbnRhYmxlLg==\nVGhpc9==\nY29tYmluYXRpb25=\nbGVhdmVz\ndGhl\nZGF0YW==\ndW5saWtlbHk=\ndG/=\nYmV=\nbW9kaWZpZWS=\naW5=\ndHJhbnNpdE==\ndGhyb3VnaN==\naW5mb3JtYXRpb26=\nc3lzdGVtcyw=\nc3VjaN==\nYXM=\nRS1tYWlsLD==\ndGhhdA==\nd2VyZQ==\ndHJhZGl0aW9uYWxseQ==\nbm90\nOC1iaXQ=\nY2xlYW4uWzFd\nRm9y\nZXhhbXBsZSw=\nTUlNRSdz\nQmFzZTY0\naW1wbGVtZW50YXRpb24=\ndXNlcw==\nQahDWiw=\nYahDeiw=\nYW5k\nMKhDOQ==\nZm9y\ndGhl\nZmlyc3Q=\nNjI=\ndmFsdWVzLg==\nT3RoZXI=\ndmFyaWF0aW9ucw==\nc2hhcmU=\ndGhpcw==\ncHJvcGVydHk=\nYnV0\nZGlmZmVy\naW4=\ndGhl\nc3ltYm9scw==\nY2hvc2Vu\nZm9y\ndGhl\nbGFzdA==\ndHdv\ndmFsdWVzOw==\nYW4=\nZXhhbXBsZQ==\naXM=\nVVRGLTcu'def get_base64_diff_value(s1, s2):base64chars = b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'res = 0for i in range(len(s2)):if s1[i] != s2[i]:return abs(base64chars.index(s1[i]) - base64chars.index(s2[i]))return resdef solve_stego():line=b''bin_str=''for i in c:k=long_to_bytes(i)if k==b'\n':steg_line = linenorm_line = base64.b64encode(base64.b64decode(line))diff = get_base64_diff_value(steg_line, norm_line)#print(diff)pads_num = steg_line.count(b'=')if diff:bin_str += bin(diff)[2:].zfill(pads_num * 2)else:bin_str += '0' * pads_num * 2print(goflag(bin_str))line=b''continueline+=kdef goflag(bin_str):res_str = ''for i in range(0, len(bin_str), 8):res_str += chr(int(bin_str[i:i + 8], 2))return res_strif __name__ == '__main__':solve_stego()运行得到
7c86d8f7d6de33a87f7f9d6b005ce640
flag包裹提交即可 注意(共模攻击py要和H1,2放在一个文件夹)
96.[MRCTF2020]babyRSA
查看题目一个加密脚本
'''
import sympy
import random
from gmpy2 import gcd, invert
from Crypto.Util.number import getPrime, isPrime, getRandomNBitInteger, bytes_to_long, long_to_bytes
from z3 import *
flag = b"MRCTF{xxxx}"
base = 65537def GCD(A):B = 1for i in range(1, len(A)):B = gcd(A[i-1], A[i])return Bdef gen_p():P = [0 for i in range(17)]P[0] = getPrime(128)for i in range(1, 17):P[i] = sympy.nextprime(P[i-1])print("P_p :", P[9])n = 1for i in range(17):n *= P[i]p = getPrime(1024)factor = pow(p, base, n)print("P_factor :", factor)return sympy.nextprime(p)def gen_q():sub_Q = getPrime(1024)Q_1 = getPrime(1024)Q_2 = getPrime(1024)Q = sub_Q ** Q_2 % Q_1print("Q_1: ", Q_1)print("Q_2: ", Q_2)print("sub_Q: ", sub_Q)return sympy.nextprime(Q)if __name__ == "__main__":_E = base_P = gen_p()_Q = gen_q()assert (gcd(_E, (_P - 1) * (_Q - 1)) == 1)_M = bytes_to_long(flag)_C = pow(_M, _E, _P * _Q)print("Ciphertext = ", _C)
'''
拿到加密脚本以后,发现p,q的生成方式不同,其中,q的生成方式比较简单.三数相乘以后取结果的下一个素数.p的求解则需要先求出n的欧拉函数值,然后求出base对应的逆元然后求解p,p求出来以后就可以解密密文了.
脚本如下
P_p=206027926847308612719677572554991143421
P_factor=213671742765908980787116579976289600595864704574134469173111790965233629909513884704158446946409910475727584342641848597858942209151114627306286393390259700239698869487469080881267182803062488043469138252786381822646126962323295676431679988602406971858136496624861228526070581338082202663895710929460596143281673761666804565161435963957655012011051936180536581488499059517946308650135300428672486819645279969693519039407892941672784362868653243632727928279698588177694171797254644864554162848696210763681197279758130811723700154618280764123396312330032986093579531909363210692564988076206283296967165522152288770019720928264542910922693728918198338839
Q_1=103766439849465588084625049495793857634556517064563488433148224524638105971161051763127718438062862548184814747601299494052813662851459740127499557785398714481909461631996020048315790167967699932967974484481209879664173009585231469785141628982021847883945871201430155071257803163523612863113967495969578605521
Q_2=151010734276916939790591461278981486442548035032350797306496105136358723586953123484087860176438629843688462671681777513652947555325607414858514566053513243083627810686084890261120641161987614435114887565491866120507844566210561620503961205851409386041194326728437073995372322433035153519757017396063066469743
sub_Q=168992529793593315757895995101430241994953638330919314800130536809801824971112039572562389449584350643924391984800978193707795909956472992631004290479273525116959461856227262232600089176950810729475058260332177626961286009876630340945093629959302803189668904123890991069113826241497783666995751391361028949651
Ciphertext=1709187240516367141460862187749451047644094885791761673574674330840842792189795049968394122216854491757922647656430908587059997070488674220330847871811836724541907666983042376216411561826640060734307013458794925025684062804589439843027290282034999617915124231838524593607080377300985152179828199569474241678651559771763395596697140206072537688129790126472053987391538280007082203006348029125729650207661362371936196789562658458778312533505938858959644541233578654340925901963957980047639114170033936570060250438906130591377904182111622236567507022711176457301476543461600524993045300728432815672077399879668276471832
import gmpy2
import Crypto
import sympy
base = 65537
q=sympy.nextprime(gmpy2.powmod(sub_Q,Q_2,Q_1))
print(q)
P=[]
for i in range(9):P_p=sympy.prevprime(P_p)
P.append(P_p)
for i in range(1,17):P.append(sympy.nextprime(P[i-1]))
n=1
phi=1
for i in range(17):n*=P[i]phi*=(P[i]-1)
based=gmpy2.invert(base,phi)
_p=gmpy2.powmod(P_factor,based,n)
p=sympy.nextprime(_p)
print(p)
d=gmpy2.invert(base,(p-1)*(q-1))
print(d)
plaintext=gmpy2.powmod(Ciphertext,d,p*q)
import binascii
print(binascii.unhexlify(hex(plaintext)[2:]))
我喜欢输出pq
运行得到
95170653714081687088760585440906768700419459767774333757336842864507607081809193370870747769993218256925111100260761958233280546585624501259121060195932474781731613458132842656517609786144352755126076860272047457230913808406105832246663969943550533958139118721153456230616182820319799156494938586844573835221
160735380264118564161835536782782924160005620631679929855445290207351945863258282088265202232862202180668844947205806261323713945818872852303248590355632665886900928520533421774721590935485773234619558181513033385642711706205607543347313747616062185115981201425568780146693758544521883683953378438266703113683
3511955744337428151031979941361296216306473937469271350521070131816991178710055704862733703600712476342357982869336924803925748911376184574584918758941953150462675126731117351116347003083911910314353237209197765326714926852434960139654396429654177826570243248108134609430098035237462193860046861586273475623919603502258843098488726649777621733372184366568775297877185960241115496391276974016445360524169770129867843553985769813282863097708315136140065933414254795032070451892565997026716657405669484017490256854998160723286524833187928168014734383544570549372947304031812767519366827995325795367403195819253459303793
b'MRCTF{sti11_@_b@by_qu3st10n}'
97.[BJDCTF2020]Polybius
查看题目
hint用base64解密出来The length of this plaintext: 14
,结合题目polybius 猜测这是波利比奥斯方阵密码.
但是a,e,o,i,u这五个字符的代表顺序却不知道,因此可能有54321种情况,在结合刚才所说的i,j同时占一个位置,所以情况数要再乘上2,将这些情况全部都打印出来,然后去找有真实语义的句子就可以了.
import itertools
s="aeoiu"
sumresult=[]
numsumresult=[]
ciper="ouauuuoooeeaaiaeauieuooeeiea"for i in itertools.permutations(s,5):#找出所有全排列sumresult.append("".join(i))
for i in sumresult:temp=""for j in ciper:temp+=str(i.index(j)+1)numsumresult.append(temp)
for i in numsumresult:ans_=""for j in range(0, len(i),2):xx=(int(i[j])-1)*5+int(i[j+1])+96if xx>ord('i'):xx+=1ans_+=chr(xx)print(ans_)运行得到
flagispolybius
flagkxoplubkyx
fqaghousqxbhpo
fvaghpyxvsbhop
很多的结果里面找到flagispolybius
98.[ACTF新生赛2020]crypto-classic1
查看题目
低下头看,就是看键盘 ,比如xdfv包围的就是c
按照这个规律把键盘密码解出来就是circle
这就是压缩包密码,得到
脚本如下
s = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
s1 = 'ACTF'
s2 = 'SRLU'
key = ''
for i in range(len(s1)):key += s[(s.find(s2[i]) - s.find(s1[i])) % 26]
print(key)# 解密
cipher = 'SRLU{LZPL_S_UASHKXUPD_NXYTFTJT}'
key = 'SPSP'
# decode
flag = ''
for i in range(0, len(cipher)):flag += s[(s.find(cipher[i]) + 26 - s.find(key[i % len(key)])) % 26]
print(flag)
运行得到
SPSP
ACTFHZEDQKAKZOXVPLZDIKVIGENEREH
按照原题顺序把{_}这些换回来,ACTF{WHAT_A_CLASSICAL_VIGENERE}提交发现不对
然后就越走越远了,我看别的大佬的wp,还有说题出错的直接改题目的等等
我发现他们的我提交也不行啊
最后想起一个大小写转换
flag{what_a_classical_vigenere}提交这个成功了,顿时觉得自己好沙雕
99.EasyProgram
查看题目
附件.txt
get buf unsign s[256]
get buf t[256]
we have key:whoami
we have flag:????????????????????????????????for i:0 to 256set s[i]:ifor i:0 to 256set t[i]:key[(i)mod(key.lenth)]for i:0 to 256set j:(j+s[i]+t[i])mod(256)swap:s[i],s[j]for m:0 to 38set i:(i + 1)mod(256)set j:(j + S[i])mod(256)swap:s[i],s[j]set x:(s[i] + (s[j]mod(256))mod(256))set flag[m]:flag[m]^s[x]fprint flagx to file代码是一系列运算后,最后进行异或。解题思路就是,还原源代码,再进行一次异或就可以了
#读文件方法一:
def filehex(file):fhex=[]f = open(file,'rb')ff = f.read().hex()for i in range(0,len(str(ff)),2):fhex.append(int(str(ff)[i:i+2],16))return fhexflagx2=filehex('file.txt')
print(flagx2)#读文件方法二:使用010edit 读取'file.txt'文件16进制
flagx=[0x00,0xBA,0x8F,0x11,0x2B,0x22,0x9F,0x51,0xA1,0x2F,0xAB,0xB7,0x4B,0xD7,0x3F,0xEF,0xE1,0xB5,0x13,0xBE,0xC4,0xD4,0x5D,0x03,0xD9,0x00,0x7A,0xCA,0x1D,0x51,0xA4,0x73,0xB5,0xEF,0x3D,0x9B,0x31,0xB3]s=[]
t=[]
key='whoami'
j=0
for i in range(0,256):s.append(i)for i in range(0,256):t.append(key[i % len(key)])for i in range(0,256):j=(j+int(s[i])+int(ord(t[i])))%256s[i], s[j] = s[j], s[i]i=0;j=0;x=0
for m in range(0,38):i=(i + 1)%(256)j=(j + s[i])%(256)s[i],s[j] = s[j],s[i]x=(s[i] + (s[j]%(256)))%(256)flagx[m] = flagx[m] ^ s[x]flagx2[m]=flagx2[m]^s[x]print(''.join(chr(flagx[i]) for i in range(0,38)))
print(''.join(chr(flagx2[i]) for i in range(0,38)))
得到flag{f238yu28323uf28u2yef2ud8uf289euf}
100.[WUSTCTF2020]情书
查看题目
可以看到RSA加密系统
2537分解得到43和59
a = "abcdefghijklmnopqrstuvwxyz"
c = "0156 0821 1616 0041 0140 2130 1616 0793".split(" ")
N = 2537
e = 13
d = 937
p = 43
q = 59
phi_N = (p-1)*(q-1)m = "".join(a[pow(int(i),d,N)] for i in c)
print (m)运行得到iloveyou
101.[AFCTF2018]你听过一次一密么?
查看题目
加密方法
一次一密的加密算法就是异或加密。将明文分组,与密钥按位异或即可。
我这里出的题目是用同一个密钥去加密多条明文,当密文条数较多时就很容易被攻击,例如Many Time Pad。
Many Time Pad攻击
这个攻击的原理是c1⊕c2 = m1⊕m2,而通过m1⊕m2可以分析出m1和m2,因此m1与m2不再安全。
代码搬运自GitHub。
#!/usr/bin/python
## OTP - Recovering the private key from a set of messages that were encrypted w/ the same private key (Many time pad attack) - crypto100-many_time_secret @ alexctf 2017
# Original code by jwomers: https://github.com/Jwomers/many-time-pad-attack/blob/master/attack.py)import string
import collections
import sets, sys# 11 unknown ciphertexts (in hex format), all encrpyted with the same keyc1='25030206463d3d393131555f7f1d061d4052111a19544e2e5d'
c2='0f020606150f203f307f5c0a7f24070747130e16545000035d'
c3='1203075429152a7020365c167f390f1013170b1006481e1314'
c4='0f4610170e1e2235787f7853372c0f065752111b15454e0e09'
c5='081543000e1e6f3f3a3348533a270d064a02111a1b5f4e0a18'
c6='0909075412132e247436425332281a1c561f04071d520f0b11'
c7='4116111b101e2170203011113a69001b475206011552050219'
c8='041006064612297020375453342c17545a01451811411a470e'
c9='021311114a5b0335207f7c167f22001b44520c15544801125d'
c10='06140611460c26243c7f5c167f3d015446010053005907145d'
c11='0f05110d160f263f3a7f4210372c03111313090415481d49'
ciphers = [c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11]
# The target ciphertext we want to crack
#target_cipher = "0529242a631234122d2b36697f13272c207f2021283a6b0c7908"# XORs two string
def strxor(a, b): # xor two strings (trims the longer input)return "".join([chr(ord(x) ^ ord(y)) for (x, y) in zip(a, b)])def target_fix(target_cipher):# To store the final keyfinal_key = [None]*150# To store the positions we know are brokenknown_key_positions = set()# For each ciphertextfor current_index, ciphertext in enumerate(ciphers):counter = collections.Counter()# for each other ciphertextfor index, ciphertext2 in enumerate(ciphers):if current_index != index: # don't xor a ciphertext with itselffor indexOfChar, char in enumerate(strxor(ciphertext.decode('hex'), ciphertext2.decode('hex'))): # Xor the two ciphertexts# If a character in the xored result is a alphanumeric character, it means there was probably a space character in one of the plaintexts (we don't know which one)if char in string.printable and char.isalpha(): counter[indexOfChar] += 1 # Increment the counter at this indexknownSpaceIndexes = []# Loop through all positions where a space character was possible in the current_index cipherfor ind, val in counter.items():# If a space was found at least 7 times at this index out of the 9 possible XORS, then the space character was likely from the current_index cipher!if val >= 7: knownSpaceIndexes.append(ind)#print knownSpaceIndexes # Shows all the positions where we now know the key!# Now Xor the current_index with spaces, and at the knownSpaceIndexes positions we get the key back!xor_with_spaces = strxor(ciphertext.decode('hex'),' '*150)for index in knownSpaceIndexes:# Store the key's value at the correct positionfinal_key[index] = xor_with_spaces[index].encode('hex')# Record that we known the key at this positionknown_key_positions.add(index)# Construct a hex key from the currently known key, adding in '00' hex chars where we do not know (to make a complete hex string)final_key_hex = ''.join([val if val is not None else '00' for val in final_key])# Xor the currently known key with the target cipheroutput = strxor(target_cipher.decode('hex'),final_key_hex.decode('hex'))print "Fix this sentence:"print ''.join([char if index in known_key_positions else '*' for index, char in enumerate(output)])+"\n"# WAIT.. MANUAL STEP HERE # This output are printing a * if that character is not known yet# fix the missing characters like this: "Let*M**k*ow if *o{*a" = "cure, Let Me know if you a"# if is too hard, change the target_cipher to another one and try again# and we have our key to fix the entire text!#sys.exit(0) #comment and continue if u got a good keytarget_plaintext = "cure, Let Me know if you a"print "Fixed:"print target_plaintext+"\n"key = strxor(target_cipher.decode('hex'),target_plaintext)print "Decrypted msg:"for cipher in ciphers:print strxor(cipher.decode('hex'),key)print "\nPrivate key recovered: "+key+"\n"for i in ciphers:target_fix(i)
运行得到
'afctf{OPT_1s_Int3rest1ng}'
102.[BJDCTF2020]编码与调制
查看题目 曼彻斯特
6进制024A447B4469664D616E63686573746572636F64657D
通过解码16进制即可得到flag{DifManchestercode}
103.[网鼎杯 2020 青龙组]you_raise_me_up
查看题目
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from Crypto.Util.number import *
import randomn = 2 ** 512
m = random.randint(2, n-1) | 1
c = pow(m, bytes_to_long(flag), n)
print 'm = ' + str(m)
print 'c = ' + str(c)# m = 391190709124527428959489662565274039318305952172936859403855079581402770986890308469084735451207885386318986881041563704825943945069343345307381099559075
# c = 6665851394203214245856789450723658632520816791621796775909766895233000234023642878786025644953797995373211308485605397024123180085924117610802485972584499mbytes_to_long(flag) %n=c的flag值.
m = 391190709124527428959489662565274039318305952172936859403855079581402770986890308469084735451207885386318986881041563704825943945069343345307381099559075
c = 6665851394203214245856789450723658632520816791621796775909766895233000234023642878786025644953797995373211308485605397024123180085924117610802485972584499
n = 2 ** 512
import sympy
flag=sympy.discrete_log(2**512,c,m)
import binascii
print(binascii.unhexlify(hex(flag)[2:]))运行得到
b'flag{5f95ca93-1594-762d-ed0b-a9139692cb4a}'
104.[AFCTF2018]BASE
查看题目
拿到附件是一个flag加密后的文本,其实是flag经过很多次base系列编码后的一个内容。文件有20+MB,文本编辑器发现是一行编码后的内容。
这题主要是三种编码,base64/base32/base16。base16也就是16进制。
写了一个很简单的脚本
import base64
file = open("flag_encode.txt",'r')
file2 = open("flag.txt",'w')
base = file.read()
while(1):try:base = base64.b32decode(base).decode()except:try:base = base64.b64decode(base).decode()except:try:base = base64.b16decode(base).decode()except:print("完成!")file2.write(base)break
运行得到
afctf{U_5h0u1d_Us3_T00l5}
105.[NPUCTF2020]Classical Ciphe
放在https://quipqiup.com/上解,试出来压缩包密码:the_key_is_atdash
解出密码得到图片
是象形文字和猪圈密码的结合
flag{classicalcode}
解压得到一张图,变形猪圈很容易看出来(那个鸟和狗是啥真没见过…),根据题目名称里的classical还是很容易顺出来的,答案是 classicalcode,flag{classicalcode}
106.[WUSTCTF2020]dp_leaking_1s_very_d@angerous
这个一看到题目我相信有的大佬就直接把题目flag包裹提交了哈哈哈
没错题目就是答案
查看题目
bp泄露,把以前的脚本带一下数值就可以了
import gmpy2 as gpe = 65537
n = 156808343598578774957375696815188980682166740609302831099696492068246337198792510898818496239166339015207305102101431634283168544492984586566799996471150252382144148257236707247267506165670877506370253127695314163987084076462560095456635833650720606337852199362362120808707925913897956527780930423574343287847
dp = 734763139918837027274765680404546851353356952885439663987181004382601658386317353877499122276686150509151221546249750373865024485652349719427182780275825
c = 108542078809057774666748066235473292495343753790443966020636060807418393737258696352569345621488958094856305865603100885838672591764072157183336139243588435583104423268921439473113244493821692560960443688048994557463526099985303667243623711454841573922233051289561865599722004107134302070301237345400354257869
for i in range(1, e): # 在范围(1,e)之间进行遍历if (dp * e - 1) % i == 0:if n % (((dp * e - 1) // i) + 1) == 0: # 存在p,使得n能被p整除p = ((dp * e - 1) // i) + 1q = n // (((dp * e - 1) // i) + 1)phi = (q - 1) * (p - 1) # 欧拉定理d = gp.invert(e, phi) # 求模逆m = pow(c, d, n) # 快速求幂取模运算print(m) # 10进制明文
print('------------')
print(hex(m)[2:]) # 16进制明文
print('------------')
print(bytes.fromhex(hex(m)[2:])) # 16进制转文本
运行得到
3891178547072937865927641698099974931243767865417536099629795080648874795850439816682933678973
------------
77637466323032307b64705f6c65616b696e675f31735f766572795f6440616e6765726f75737d
------------
b'wctf2020{dp_leaking_1s_very_d@angerous}'
脚本这些东西该存就存一下
107.[UTCTF2020]basic-crypto
题目是一堆二进制
str='01010101 01101000 00101101 01101111 01101000 00101100 00100000 01101100 01101111 01101111 01101011 01110011 00100000 01101100 01101001 01101011 01100101 00100000 01110111 01100101 00100000 01101000 01100001 01110110 01100101 00100000 01100001 01101110 01101111 01110100 01101000 01100101 01110010 00100000 01100010 01101100 01101111 01100011 01101011 00100000 01101111 01100110 00100000 01110100 01100101 01111000 01110100 00101100 00100000 01110111 01101001 01110100 01101000 00100000 01110011 01101111 01101101 01100101 00100000 01110011 01101111 01110010 01110100 00100000 01101111 01100110 00100000 01110011 01110000 01100101 01100011 01101001 01100001 01101100 00100000 01100101 01101110 01100011 01101111 01100100 01101001 01101110 01100111 00101110 00100000 01000011 01100001 01101110 00100000 01111001 01101111 01110101 00100000 01100110 01101001 01100111 01110101 01110010 01100101 00100000 01101111 01110101 01110100 00100000 01110111 01101000 01100001 01110100 00100000 01110100 01101000 01101001 01110011 00100000 01100101 01101110 01100011 01101111 01100100 01101001 01101110 01100111 00100000 01101001 01110011 00111111 00100000 00101000 01101000 01101001 01101110 01110100 00111010 00100000 01101001 01100110 00100000 01111001 01101111 01110101 00100000 01101100 01101111 01101111 01101011 00100000 01100011 01100001 01110010 01100101 01100110 01110101 01101100 01101100 01111001 00101100 00100000 01111001 01101111 01110101 00100111 01101100 01101100 00100000 01101110 01101111 01110100 01101001 01100011 01100101 00100000 01110100 01101000 01100001 01110100 00100000 01110100 01101000 01100101 01110010 01100101 00100000 01101111 01101110 01101100 01111001 00100000 01100011 01101000 01100001 01110010 01100001 01100011 01110100 01100101 01110010 01110011 00100000 01110000 01110010 01100101 01110011 01100101 01101110 01110100 00100000 01100001 01110010 01100101 00100000 01000001 00101101 01011010 00101100 00100000 01100001 00101101 01111010 00101100 00100000 00110000 00101101 00111001 00101100 00100000 01100001 01101110 01100100 00100000 01110011 01101111 01101101 01100101 01110100 01101001 01101101 01100101 01110011 00100000 00101111 00100000 01100001 01101110 01100100 00100000 00101011 00101110 00100000 01010011 01100101 01100101 00100000 01101001 01100110 00100000 01111001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01100110 01101001 01101110 01100100 00100000 01100001 01101110 00100000 01100101 01101110 01100011 01101111 01100100 01101001 01101110 01100111 00100000 01110100 01101000 01100001 01110100 00100000 01101100 01101111 01101111 01101011 01110011 00100000 01101100 01101001 01101011 01100101 00100000 01110100 01101000 01101001 01110011 00100000 01101111 01101110 01100101 00101110 00101001 00001010 01010100 01101101 01010110 00110011 01001001 01000111 01001110 01101111 01011001 01010111 01111000 01110011 01011010 01010111 00110101 01101110 01011010 01010011 01000101 01100111 01010001 00110010 01000110 01110101 01001001 01001000 01101100 01110110 01100100 01010011 01000010 01101101 01100001 01010111 01100100 00110001 01100011 01101101 01010101 01100111 01100010 00110011 01010110 00110000 01001001 01001000 01100100 01101111 01011001 01011000 01010001 01101110 01100011 01111001 01000010 01101110 01100010 00110010 01101100 01110101 01011010 01111001 01000010 01110110 01100010 01101001 01000010 01101111 01011010 01011000 01001010 01101100 01010000 01111001 01000010 01001010 01100100 01000011 01000010 01110011 01100010 00110010 00111001 01110010 01100011 01111001 01000010 01110011 01100001 01010111 01110100 01101100 01001001 01001000 01010010 01101111 01011010 01010011 01000010 01110011 01011010 01011000 01010010 00110000 01011010 01011000 01001010 01111010 01001001 01000111 01000110 01111001 01011010 01010011 01000010 01111010 01100001 01000111 01101100 01101101 01100100 01000111 01010110 01101011 01001001 01000111 01001010 00110101 01001001 01001000 01001110 01110110 01100010 01010111 01010101 01100111 01011001 00110010 00111001 01110101 01100011 00110011 01010010 01101000 01100010 01101110 01010001 01110101 01001001 01000011 01101000 01101111 01100001 01010111 00110101 00110000 01001111 01101001 01000010 00110101 01100010 00110011 01010101 01100111 01100010 01010111 01101100 01101110 01100001 01001000 01010001 01100111 01100100 00110010 01000110 01110101 01100100 01000011 01000010 00110000 01100010 01111001 01000010 01111010 01100100 01000111 01000110 01111001 01100100 01000011 01000010 01110011 01100010 00110010 00111001 01110010 01100001 01010111 00110101 01101110 01001001 01001000 01010110 01110111 01001001 01000110 01001010 01110110 01100010 01010111 01000110 01110101 01001001 01001000 01000010 01101100 01100010 00110011 01000010 01110011 01011010 01010011 01101011 01110101 01000011 01101101 01110100 00110010 01011001 01101110 01001110 01111000 01100011 01101101 01010001 01110011 01001001 01000111 01101100 00110101 01011010 01010011 01100100 01101001 01100010 01111001 01000010 01110010 01100100 01101110 01100100 00110101 01011001 00110010 01010001 01100111 01011010 01001000 01001010 01110110 01011001 01101101 00111000 01101000 01001001 01000110 01101000 00110101 01011010 01111001 01000010 01110111 01100101 01010111 01001001 01100111 01011010 01001000 01001010 01110110 01001001 01001000 01000010 01111010 01100101 01000111 01110100 00110010 01001001 01000011 01101000 01110010 01100101 01000111 00110100 01100111 01100100 00110010 01110100 01110000 01100010 01000111 00111000 01100111 01011010 01001000 01001010 01110110 01001001 01001000 01001010 01110010 01011001 01101101 00110101 01110110 01011001 00110010 01010001 01110101 01001100 01101001 00110100 01110000 01001001 01001000 01110000 01110010 01011001 01101101 01010001 00110110 01001001 01000111 01110011 01100111 01011001 00110010 01010110 01110011 01011001 00110010 01010010 01111010 01011010 01000111 01010110 01101011 01100011 00110011 01101100 00110100 01001001 01000111 00110001 01111010 01100101 01101110 01001010 01110110 01011001 01101001 00110100 01100111 01010101 00110011 01100111 01100111 01011010 01001000 01001010 01110110 01001001 01001000 01000010 00110101 01100100 01101110 01011010 00110101 01011010 00110011 01001110 00110100 01100011 01010011 01000010 01101011 01100010 00110010 01101000 01101011 01001100 01000011 01000010 01010100 01001010 00110010 01011010 01110110 01001001 01000111 01010010 01110010 01100100 01010111 00111001 00110100 01001001 01001000 01100100 01110000 01001001 01001000 01100100 01110110 01011001 00110010 01001110 01110010 01100011 01010111 00111000 01100111 01100001 00110011 01101000 01110101 01001001 01000111 01001010 01110110 01100101 01101110 01011010 01110010 01100010 01010111 00111001 01110101 01001001 01000111 00111001 01101101 01100010 00110010 01001010 01110000 01001001 01000111 01110100 00110010 01100101 01101110 01001010 01110010 01100010 01000111 00111001 01101011 01100011 00110010 00110000 01100111 01100010 01011000 01001010 01110010 01011001 01101101 01110100 01110100 01011010 01000111 00111001 01101001 01001001 01000111 01100100 01111010 01011010 01001000 01001001 01100111 01100001 01111001 01000010 01110100 01100101 01010111 01001010 01101001 01100010 00110010 01001110 00110110 01100101 01011000 01101000 01110101 01100010 00110011 01101000 01110100 01100010 01111001 01000010 01101011 01100101 01010011 01000010 01110010 01001001 01000111 00110101 01111010 01100011 01001000 01000010 01110110 01011001 01101101 00111001 00110100 01011010 01000011 01000010 01110100 01100011 01101101 01110100 01101001 01100001 00110010 00110001 01101011 01100010 00110010 01001001 01100111 01001100 01010011 01000010 00110001 01100101 01001000 01101100 01101110 01100101 01000011 01000010 01110010 01011001 01111001 01000010 01110010 01001001 01000111 01001110 01101100 01100010 01000111 01001110 01101011 01100011 00110010 01010010 01101100 01011010 01001000 01001110 00110101 01100101 01000011 01000010 01110100 01100011 00110011 01110000 01111001 01100010 00110010 01001001 01110101 01001001 01000101 00110001 01110010 01100101 01000011 01000010 01110000 01100101 01010111 01010101 01100111 01100011 01001000 01001110 00110100 01100010 01101001 01000010 01101011 01100011 01101101 00111000 01100111 01100011 01001000 01001110 00110100 01100001 00110011 01011001 01100111 01100011 01001000 01011010 01110010 01100011 01010100 00111000 01100111 01100011 01101110 01001110 00110100 01011010 01000100 01101111 01100111 01010010 00110010 00111000 01100111 01100100 01011000 01101000 00110101 01011010 01111001 01000010 01101011 01100011 01101101 01110100 01101011 01001001 01000111 01010010 01111001 01100010 01111001 01000010 01110111 01100100 01101101 01110100 01111000 01001001 01001000 01001110 01101010 01001001 01001000 01000110 00110101 01100011 00110011 01101000 01111000 01001001 01000111 01010010 00110101 01001001 01000111 01111000 01110110 01001001 01001000 01101100 01110111 01001001 01000111 01010010 01111001 01100010 01111001 01000010 01110111 01100101 01010111 01001010 00110011 01100001 00110010 01010001 01100111 01011010 01010111 01010010 01110111 01100100 01101101 01110100 01111000 01100101 01111001 00110100 01110101 01001100 01101110 00110000 01100111 01001100 01010011 01000010 01101110 01100011 01101110 01001110 01110100 01100011 01101001 01000010 00110011 01100010 00110010 01110100 00110100 01011001 01111001 01000010 01101011 01100011 01101101 01110100 01101011 01001001 01001000 01001110 01110111 01001001 01000111 01101100 00110101 01011010 01010011 01000010 01101010 01100010 00110010 00111000 01100111 01011010 01001000 01001010 01110010 01011010 01000011 01000010 00110110 01100001 00110010 01010010 01101011 01100010 00110010 01001010 00110100 01001100 01000011 01000010 01110000 01100101 01010111 01010101 01100111 01100100 01011000 01101000 00110101 01011010 01111001 01000010 01101110 01100011 01101101 01110100 01101011 01001001 01000111 01010010 01111001 01100010 01111001 01000010 01110100 01100101 01010111 01001010 01101001 01100010 00110010 01001110 00110110 01100101 01011000 01101000 01110101 01100010 00110011 01101000 01110100 01100010 00110010 01001101 01100111 01100011 01001000 01101100 01101001 01001001 01000111 01010101 01110011 01001001 01000111 01010001 01110011 01001001 01001000 01000001 01110011 01001001 01001000 01011001 01100111 01100001 01111001 01110111 01100111 01100001 00110011 01101000 01110101 01001001 01001000 01000101 01100111 01100001 00110010 01001010 01110110 01001100 01101001 01000010 01001010 01100101 01010111 01010101 01100111 01100010 01010111 01110100 00110100 01001001 01001000 01110000 01101001 01100101 01010111 01111000 01110010 01100010 01001000 01011010 01110000 01001001 01000111 01100100 00110101 01011001 01101110 01010101 01100111 01100101 01010111 01010110 01101011 01001001 01000111 01010010 01111001 01100010 01111001 01000010 01101001 01100010 00110011 01100100 01110010 01100011 00110011 01101000 01111010 01100101 01001000 01000101 01100111 01100010 01011000 01001010 01110010 01011001 01101101 01110100 01110100 01011010 01000111 00111001 01101001 01011001 01111001 01000010 01110011 01100001 01010011 01000010 01101001 01100010 00110011 01110000 00110010 01100001 00110010 00110001 01111010 01100101 01001000 01000101 01100111 01011010 01001000 01001010 01110110 01100100 01111001 01000010 01110010 01100101 01000111 00110100 01100111 01100011 00110011 01101000 01110111 01100010 00110010 01001010 01101001 01100011 00110011 01101000 01111000 01001001 01000111 00110001 00110101 01100100 00110011 01100100 00110101 01100101 01000011 01000010 01101110 01100101 01010111 01001010 01110101 01011001 01111001 01000010 01111010 01100101 01000011 01000010 01101011 01100011 01101101 00111000 01100111 01010100 00110011 01101000 01111000 01100100 01101110 01001110 01101010 01100011 01101001 01000010 00110010 01100001 00110011 01101000 01111000 01011010 01010111 01110100 01111000 01100010 01111001 00110100 01100111 01010011 00110011 01101000 00110101 01011010 01001000 01001010 01110110 01011001 01101001 01000010 01111000 01011001 01101101 00111001 01110010 01011010 01000011 01000010 00110011 01100010 00110010 01010010 01111001 01100101 01010111 00110100 01100111 01100011 00110010 01001101 01100111 01011010 01001000 01101011 01100111 01011010 01010111 01001110 01110110 01001001 01001000 01000010 01101001 01100010 00110010 01000110 01101100 01100010 00110011 01101000 01110100 01100001 01010011 01000010 01110010 01100101 01000111 01110100 00110010 01100001 01010111 01001110 01111010 01011001 01111010 01101111 01100111 01011010 00110010 00111000 01100111 01100100 01011000 01101000 00110101 01011010 01111001 01000010 01101011 01100011 01101101 01110100 01101011 01001001 01000011 01100100 01110110 01001010 01111001 01000010 01101010 01100011 01101110 01101100 01101110 01011001 01111001 01000010 01101100 01100101 01101001 01000010 00110011 01100101 01010111 01001110 01101011 01001001 01001000 01101100 01110111 01011010 01000111 00111001 00110100 01001001 01001000 01001110 00110100 01001001 01000111 01010010 01111001 01100010 01111001 01000010 01110010 01100100 01101110 01110000 01111001 01100001 00110010 01111000 01110110 01011010 01000011 01110111 01100111 01011001 00110011 01101011 01100111 01011010 01001000 01001010 01110010 01011010 01000011 01100100 01101010 01001001 01001000 01110000 01101001 01100101 01010111 01111000 01110010 01100010 01001000 01011010 01110000 01001001 01000111 01010010 01111001 01100010 01111001 01000010 00110011 01100101 01010111 01001110 01101011 01001001 01000111 00110001 00110101 01100100 00110011 01100100 00110101 01100101 01000011 01000010 01110100 01100011 01101101 01110100 01101001 01100001 00110010 00110001 01101011 01100010 00110010 01001001 01100111 01100011 00110011 01100111 01100111 01011010 01001000 01001010 01110110 01001001 01000111 01010010 01110110 01100001 01000111 01010001 01110011 01001001 01001000 01000010 00110101 01100100 01101110 01011010 00110101 01011010 00110010 00111001 01110101 01001001 01000111 01111000 01110000 01001001 01000011 01100100 01101011 01001010 01111001 01110111 01100111 01100001 00110011 01101000 01110101 01001001 01000111 01001110 00110101 01001001 01001000 01101100 00110100 01001100 01101001 01000010 01011010 01100101 01000111 00110001 01110110 01001001 01000111 01101100 00110101 01011010 01010011 01000010 00110001 01100101 01001000 01101100 01101110 01001001 01000111 01110011 01100111 01100011 01000111 00111001 01101110 01001001 01000111 00110001 01111001 01100001 00110010 01001010 01110010 01100010 01010111 01010010 01110110 01011001 01101101 01001101 01110011 01001001 01000111 01101100 00110101 01011010 01010011 01000010 01110100 01100001 00110011 01100111 01100111 01100011 00110011 01101000 01110111 01100010 00110010 01001001 01100111 01011010 01001000 01001010 01110110 01001001 01000111 01001010 01110110 01011001 00110010 01010001 01100111 01100101 01011000 01000001 01100111 01011010 01001000 01001010 01110110 01001001 01000111 01100100 00110101 01011001 01101101 00110101 01101010 01001001 01000111 01111000 01110010 01011001 00110010 00111001 01110101 01001001 01001000 01101100 00110100 01001001 01000111 00110001 00110101 01100100 00110011 01100100 00110101 01100101 01000011 01000010 01101110 01100101 01010111 01001010 01110101 01011001 01111001 01000010 01101011 01100011 01101101 01110100 01101011 01001001 01000111 01001110 01111001 01100101 01010111 01100011 01100111 01011010 01011000 01101111 01100111 01100011 00110011 01100111 01100111 01011010 01001000 01001010 01110110 01001001 01000101 00111001 00110100 01100011 01011000 01011010 01111010 01011001 00110011 01001001 01100111 01100100 01101101 01110100 00110100 01100011 01010111 01010110 01110010 01100011 01010111 00111000 01110101 01000011 01101110 01001010 01101110 01100001 01000111 00110101 00110100 01100011 00110010 01010010 01101101 01100101 01011000 01001110 01101011 01100100 01000111 01100100 01101111 01100100 01010011 01000101 01100111 01100011 01010111 01100100 01101101 01001001 01000111 01101100 01111010 01011001 01010111 01110011 01100111 01011001 00110011 01010010 01101111 01100100 01001000 01010110 01110000 01100001 00110010 01010101 01100111 01011010 01000111 01101100 01110010 01001001 01001000 01110000 01110010 01100010 01101110 01010010 01101111 01100001 01000111 01110100 00110100 01001001 01001000 01001010 00110100 01100011 01010111 01111000 01101011 01011010 00110010 00110101 00110100 01100011 00110010 01111000 01110000 01100011 01010011 01000010 01111001 01100001 01011000 01001110 00110101 01100101 01010111 01110100 01101111 01100010 01101101 01110011 01110101 01001001 01000111 01101100 01110010 01100101 01000111 01110011 01100111 01100100 01001000 01010101 01100111 01100011 01111001 01000010 01101010 01100101 01011000 01001110 01110101 01001001 01000111 01001110 01101110 01100101 01000011 01000010 01111010 01100101 01011000 01101011 01100111 01100011 01010111 01100100 01101101 01100101 01000011 01000010 01110000 01100011 00110011 01101000 01101100 01001001 01000111 01110100 01101010 01011001 00110010 01100100 00110100 01011010 01001000 01010101 00110110 01001001 01000111 01011010 01101011 01011001 00110011 01101100 01111010 01100010 01101110 01110100 01101111 01001101 01001000 01011010 01100110 01011010 01000111 01101011 00110000 01011010 01001000 01010110 01100110 01100100 01101101 01101011 00110000 01011010 01000110 00111001 00110000 01011000 00110011 01001001 00110000 01100101 01011000 01101100 01100110 01100011 01101110 01101000 01111000 01100010 01000111 01010001 01110111 01100110 01010011 00110100 01100111 01100011 01010111 01100100 01101101 01001001 01001000 01011010 00110000 01100101 01011000 01101011 01100111 01011001 00110011 01010010 01101111 01011010 01010011 01000010 01101011 01100001 01011000 01001110 01101011 01001001 01001000 01001101 01100111 01100101 01010111 01100100 01101011 01001001 01000111 01100100 01101010 01001001 01001000 01001010 00110100 01100011 01010111 01111000 01101011 01011010 00110010 00110101 00110100 01100011 00110010 01111000 01110000 01100011 01010011 01000010 00110000 01100100 01010011 01000010 01110111 01011010 01101110 01010110 01101011 01001001 01001000 01110000 01101101 01100100 01001000 01101100 01101100 01100100 01000111 01101000 01110101 01001001 01000111 01100100 01101010 01011001 01111001 01000010 01101011 01100001 01011000 01010010 00110001 01001001 01001000 01010110 01101110 01100101 01000111 01010001 01100111 01011010 00110010 01001101 01100111 01100101 01101110 01001110 00110001 01100100 01001000 01001001 01100111 01011001 01101101 01101000 01101110 01100100 01101110 01101100 01110010 01011010 01010111 00110101 01110010 01001100 01000011 01000010 01111010 01100001 01000111 01010101 01100111 01100100 01000111 01010001 01100111 01100101 01000111 01110100 01111010 01100101 01011000 01101100 01111000 01001001 01001000 01010010 00110001 01001001 01000111 01101000 01101110 01011010 01000011 01000010 00110001 01011010 01111001 01000010 00110110 01100011 00110010 01010101 01100111 01100011 00110010 01001110 01101011 01100001 00110011 01100111 01100111 01100011 00110011 01101100 00110101 01001100 01101001 01000010 01110000 01011010 00110010 01111000 01110010 01001001 01001000 01000110 01101110 01011010 01101001 01000010 01110010 01100001 01001000 01000010 01101110 01100011 01010111 01110100 01101100 01001001 01000111 01010010 01110000 01100001 01111001 01000010 01111001 01100001 01011000 01001110 00110101 01100101 01010111 01110100 01101111 01100010 01101101 01110011 01101000'
li=str.split(' ')
print(li)
flag_=''
for i in li:flag_+=chr(eval('0b'+i))
print(flag_)
base_='TmV3IGNoYWxsZW5nZSEgQ2FuIHlvdSBmaWd1cmUgb3V0IHdoYXQncyBnb2luZyBvbiBoZXJlPyBJdCBsb29rcyBsaWtlIHRoZSBsZXR0ZXJzIGFyZSBzaGlmdGVkIGJ5IHNvbWUgY29uc3RhbnQuIChoaW50OiB5b3UgbWlnaHQgd2FudCB0byBzdGFydCBsb29raW5nIHVwIFJvbWFuIHBlb3BsZSkuCmt2YnNxcmQsIGl5ZSdibyBrdnd5Y2QgZHJvYm8hIFh5ZyBweWIgZHJvIHBzeGt2IChreG4gd2tpbG8gZHJvIHJrYm5vY2QuLi4pIHprYmQ6IGsgY2VsY2RzZGVkc3l4IG1zenJvYi4gU3ggZHJvIHB5dnZ5Z3N4cSBkb2hkLCBTJ2ZvIGRrdW94IHdpIHdvY2NrcW8ga3huIGJvenZrbW9uIG9mb2JpIGt2enJrbG9kc20gbXJrYmttZG9iIGdzZHIgayBteWJib2N6eXhub3htbyBkeSBrIG5zcHBvYm94ZCBtcmtia21kb2IgLSB1eHlneCBrYyBrIGNlbGNkc2RlZHN5eCBtc3pyb2IuIE1reCBpeWUgcHN4biBkcm8gcHN4a3YgcHZrcT8gcnN4ZDogR28gdXh5ZyBkcmtkIGRybyBwdmtxIHNjIHF5c3hxIGR5IGxvIHlwIGRybyBweWJ3a2QgZWRwdmtxey4uLn0gLSBncnNtciB3b2t4YyBkcmtkIHNwIGl5ZSBjb28gZHJrZCB6a2Rkb2J4LCBpeWUgdXh5ZyBncmtkIGRybyBteWJib2N6eXhub3htb2MgcHliIGUsIGQsIHAsIHYgaywga3huIHEga2JvLiBJeWUgbWt4IHpieWxrbHZpIGd5YnUgeWVkIGRybyBib3drc3hzeHEgbXJrYmttZG9iYyBsaSBib3p2a21zeHEgZHJvdyBreG4gc3hwb2Jic3hxIG15d3d5eCBneWJuYyBzeCBkcm8gT3hxdnNjciB2a3hxZWtxby4gS3h5ZHJvYiBxYm9rZCB3b2RyeW4gc2MgZHkgZWNvIHBib2Flb3htaSBreGt2aWNzYzogZ28gdXh5ZyBkcmtkICdvJyBjcnlnYyBleiB3eWNkIHlwZG94IHN4IGRybyBrdnpya2xvZCwgY3kgZHJrZCdjIHpieWxrbHZpIGRybyB3eWNkIG15d3d5eCBtcmtia21kb2Igc3ggZHJvIGRvaGQsIHB5dnZ5Z29uIGxpICdkJywga3huIGN5IHl4LiBZeG1vIGl5ZSB1eHlnIGsgcG9nIG1ya2JrbWRvYmMsIGl5ZSBta3ggc3hwb2IgZHJvIGJvY2QgeXAgZHJvIGd5Ym5jIGxrY29uIHl4IG15d3d5eCBneWJuYyBkcmtkIGNyeWcgZXogc3ggZHJvIE94cXZzY3Igdmt4cWVrcW8uCnJnaG54c2RmeXNkdGdodSEgcWdmIGlzYWsgY3RodHVpa2UgZGlrIHprbnRoaGt4IHJ4cWxkZ254c2xpcSByaXN5eWtobmsuIGlreGsgdHUgcyBjeXNuIGNneCBzeXkgcWdmeCBpc3hlIGtjY2d4ZHU6IGZkY3lzbntoMHZfZGk0ZHVfdmk0ZF90X3I0eXlfcnhxbGQwfS4gcWdmIHZ0eXkgY3RoZSBkaXNkIHMgeWdkIGdjIHJ4cWxkZ254c2xpcSB0dSBwZnVkIHpmdHlldGhuIGdjYyBkaXR1IHVneGQgZ2MgenN1dHIgYmhndnlrZW5rLCBzaGUgdGQgeGtzeXlxIHR1IGhnZCB1ZyB6c2Ugc2Nka3ggc3l5LiBpZ2xrIHFnZiBraHBncWtlIGRpayByaXN5eWtobmsh'
import base64
flag_=base64.b64decode(base_).decode()
print(flag_)运行得到
['01010101', '01101000', '00101101', '01101111', '01101000', '00101100', '00100000', '01101100', '01101111', '01101111', '01101011', '01110011', '00100000', '01101100', '01101001', '01101011', '01100101', '00100000', '01110111', '01100101', '00100000', '01101000', '01100001', '01110110', '01100101', '00100000', '01100001', '01101110', '01101111', '01110100', '01101000', '01100101', '01110010', '00100000', '01100010', '01101100', '01101111', '01100011', '01101011', '00100000', '01101111', '01100110', '00100000', '01110100', '01100101', '01111000', '01110100', '00101100', '00100000', '01110111', '01101001', '01110100', '01101000', '00100000', '01110011', '01101111', '01101101', '01100101', '00100000', '01110011', '01101111', '01110010', '01110100', '00100000', '01101111', '01100110', '00100000', '01110011', '01110000', '01100101', '01100011', '01101001', '01100001', '01101100', '00100000', '01100101', '01101110', '01100011', '01101111', '01100100', '01101001', '01101110', '01100111', '00101110', '00100000', '01000011', '01100001', '01101110', '00100000', '01111001', '01101111', '01110101', '00100000', '01100110', '01101001', '01100111', '01110101', '01110010', '01100101', '00100000', '01101111', '01110101', '01110100', '00100000', '01110111', '01101000', '01100001', '01110100', '00100000', '01110100', '01101000', '01101001', '01110011', '00100000', '01100101', '01101110', '01100011', '01101111', '01100100', '01101001', '01101110', '01100111', '00100000', '01101001', '01110011', '00111111', '00100000', '00101000', '01101000', '01101001', '01101110', '01110100', '00111010', '00100000', '01101001', '01100110', '00100000', '01111001', '01101111', '01110101', '00100000', '01101100', '01101111', '01101111', '01101011', '00100000', '01100011', '01100001', '01110010', '01100101', '01100110', '01110101', '01101100', '01101100', '01111001', '00101100', '00100000', '01111001', '01101111', '01110101', '00100111', '01101100', '01101100', '00100000', '01101110', '01101111', '01110100', '01101001', '01100011', '01100101', '00100000', '01110100', '01101000', '01100001', '01110100', '00100000', '01110100', '01101000', '01100101', '01110010', '01100101', '00100000', '01101111', '01101110', '01101100', '01111001', '00100000', '01100011', '01101000', '01100001', '01110010', '01100001', '01100011', '01110100', '01100101', '01110010', '01110011', '00100000', '01110000', '01110010', '01100101', '01110011', '01100101', '01101110', '01110100', '00100000', '01100001', '01110010', '01100101', '00100000', '01000001', '00101101', '01011010', '00101100', '00100000', '01100001', '00101101', '01111010', '00101100', '00100000', '00110000', '00101101', '00111001', '00101100', '00100000', '01100001', '01101110', '01100100', '00100000', '01110011', '01101111', '01101101', '01100101', '01110100', '01101001', '01101101', '01100101', '01110011', '00100000', '00101111', '00100000', '01100001', '01101110', '01100100', '00100000', '00101011', '00101110', '00100000', '01010011', '01100101', '01100101', '00100000', '01101001', '01100110', '00100000', '01111001', '01101111', '01110101', '00100000', '01100011', '01100001', '01101110', '00100000', '01100110', '01101001', '01101110', '01100100', '00100000', '01100001', '01101110', '00100000', '01100101', '01101110', '01100011', '01101111', '01100100', '01101001', '01101110', '01100111', '00100000', '01110100', '01101000', '01100001', '01110100', '00100000', '01101100', '01101111', '01101111', '01101011', '01110011', '00100000', '01101100', '01101001', '01101011', '01100101', '00100000', '01110100', '01101000', '01101001', '01110011', '00100000', '01101111', '01101110', '01100101', '00101110', '00101001', '00001010', '01010100', '01101101', '01010110', '00110011', '01001001', '01000111', '01001110', '01101111', '01011001', '01010111', '01111000', '01110011', '01011010', '01010111', '00110101', '01101110', '01011010', '01010011', '01000101', '01100111', '01010001', '00110010', '01000110', '01110101', '01001001', '01001000', '01101100', '01110110', '01100100', '01010011', '01000010', '01101101', '01100001', '01010111', '01100100', '00110001', '01100011', '01101101', '01010101', '01100111', '01100010', '00110011', '01010110', '00110000', '01001001', '01001000', '01100100', '01101111', '01011001', '01011000', '01010001', '01101110', '01100011', '01111001', '01000010', '01101110', '01100010', '00110010', '01101100', '01110101', '01011010', '01111001', '01000010', '01110110', '01100010', '01101001', '01000010', '01101111', '01011010', '01011000', '01001010', '01101100', '01010000', '01111001', '01000010', '01001010', '01100100', '01000011', '01000010', '01110011', '01100010', '00110010', '00111001', '01110010', '01100011', '01111001', '01000010', '01110011', '01100001', '01010111', '01110100', '01101100', '01001001', '01001000', '01010010', '01101111', '01011010', '01010011', '01000010', '01110011', '01011010', '01011000', '01010010', '00110000', '01011010', '01011000', '01001010', '01111010', '01001001', '01000111', '01000110', '01111001', '01011010', '01010011', '01000010', '01111010', '01100001', '01000111', '01101100', '01101101', '01100100', '01000111', '01010110', '01101011', '01001001', '01000111', '01001010', '00110101', '01001001', '01001000', '01001110', '01110110', '01100010', '01010111', '01010101', '01100111', '01011001', '00110010', '00111001', '01110101', '01100011', '00110011', '01010010', '01101000', '01100010', '01101110', '01010001', '01110101', '01001001', '01000011', '01101000', '01101111', '01100001', '01010111', '00110101', '00110000', '01001111', '01101001', '01000010', '00110101', '01100010', '00110011', '01010101', '01100111', '01100010', '01010111', '01101100', '01101110', '01100001', '01001000', '01010001', '01100111', '01100100', '00110010', '01000110', '01110101', '01100100', '01000011', '01000010', '00110000', '01100010', '01111001', '01000010', '01111010', '01100100', '01000111', '01000110', '01111001', '01100100', '01000011', '01000010', '01110011', '01100010', '00110010', '00111001', '01110010', '01100001', '01010111', '00110101', '01101110', '01001001', '01001000', '01010110', '01110111', '01001001', '01000110', '01001010', '01110110', '01100010', '01010111', '01000110', '01110101', '01001001', '01001000', '01000010', '01101100', '01100010', '00110011', '01000010', '01110011', '01011010', '01010011', '01101011', '01110101', '01000011', '01101101', '01110100', '00110010', '01011001', '01101110', '01001110', '01111000', '01100011', '01101101', '01010001', '01110011', '01001001', '01000111', '01101100', '00110101', '01011010', '01010011', '01100100', '01101001', '01100010', '01111001', '01000010', '01110010', '01100100', '01101110', '01100100', '00110101', '01011001', '00110010', '01010001', '01100111', '01011010', '01001000', '01001010', '01110110', '01011001', '01101101', '00111000', '01101000', '01001001', '01000110', '01101000', '00110101', '01011010', '01111001', '01000010', '01110111', '01100101', '01010111', '01001001', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01001000', '01000010', '01111010', '01100101', '01000111', '01110100', '00110010', '01001001', '01000011', '01101000', '01110010', '01100101', '01000111', '00110100', '01100111', '01100100', '00110010', '01110100', '01110000', '01100010', '01000111', '00111000', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01001000', '01001010', '01110010', '01011001', '01101101', '00110101', '01110110', '01011001', '00110010', '01010001', '01110101', '01001100', '01101001', '00110100', '01110000', '01001001', '01001000', '01110000', '01110010', '01011001', '01101101', '01010001', '00110110', '01001001', '01000111', '01110011', '01100111', '01011001', '00110010', '01010110', '01110011', '01011001', '00110010', '01010010', '01111010', '01011010', '01000111', '01010110', '01101011', '01100011', '00110011', '01101100', '00110100', '01001001', '01000111', '00110001', '01111010', '01100101', '01101110', '01001010', '01110110', '01011001', '01101001', '00110100', '01100111', '01010101', '00110011', '01100111', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01001000', '01000010', '00110101', '01100100', '01101110', '01011010', '00110101', '01011010', '00110011', '01001110', '00110100', '01100011', '01010011', '01000010', '01101011', '01100010', '00110010', '01101000', '01101011', '01001100', '01000011', '01000010', '01010100', '01001010', '00110010', '01011010', '01110110', '01001001', '01000111', '01010010', '01110010', '01100100', '01010111', '00111001', '00110100', '01001001', '01001000', '01100100', '01110000', '01001001', '01001000', '01100100', '01110110', '01011001', '00110010', '01001110', '01110010', '01100011', '01010111', '00111000', '01100111', '01100001', '00110011', '01101000', '01110101', '01001001', '01000111', '01001010', '01110110', '01100101', '01101110', '01011010', '01110010', '01100010', '01010111', '00111001', '01110101', '01001001', '01000111', '00111001', '01101101', '01100010', '00110010', '01001010', '01110000', '01001001', '01000111', '01110100', '00110010', '01100101', '01101110', '01001010', '01110010', '01100010', '01000111', '00111001', '01101011', '01100011', '00110010', '00110000', '01100111', '01100010', '01011000', '01001010', '01110010', '01011001', '01101101', '01110100', '01110100', '01011010', '01000111', '00111001', '01101001', '01001001', '01000111', '01100100', '01111010', '01011010', '01001000', '01001001', '01100111', '01100001', '01111001', '01000010', '01110100', '01100101', '01010111', '01001010', '01101001', '01100010', '00110010', '01001110', '00110110', '01100101', '01011000', '01101000', '01110101', '01100010', '00110011', '01101000', '01110100', '01100010', '01111001', '01000010', '01101011', '01100101', '01010011', '01000010', '01110010', '01001001', '01000111', '00110101', '01111010', '01100011', '01001000', '01000010', '01110110', '01011001', '01101101', '00111001', '00110100', '01011010', '01000011', '01000010', '01110100', '01100011', '01101101', '01110100', '01101001', '01100001', '00110010', '00110001', '01101011', '01100010', '00110010', '01001001', '01100111', '01001100', '01010011', '01000010', '00110001', '01100101', '01001000', '01101100', '01101110', '01100101', '01000011', '01000010', '01110010', '01011001', '01111001', '01000010', '01110010', '01001001', '01000111', '01001110', '01101100', '01100010', '01000111', '01001110', '01101011', '01100011', '00110010', '01010010', '01101100', '01011010', '01001000', '01001110', '00110101', '01100101', '01000011', '01000010', '01110100', '01100011', '00110011', '01110000', '01111001', '01100010', '00110010', '01001001', '01110101', '01001001', '01000101', '00110001', '01110010', '01100101', '01000011', '01000010', '01110000', '01100101', '01010111', '01010101', '01100111', '01100011', '01001000', '01001110', '00110100', '01100010', '01101001', '01000010', '01101011', '01100011', '01101101', '00111000', '01100111', '01100011', '01001000', '01001110', '00110100', '01100001', '00110011', '01011001', '01100111', '01100011', '01001000', '01011010', '01110010', '01100011', '01010100', '00111000', '01100111', '01100011', '01101110', '01001110', '00110100', '01011010', '01000100', '01101111', '01100111', '01010010', '00110010', '00111000', '01100111', '01100100', '01011000', '01101000', '00110101', '01011010', '01111001', '01000010', '01101011', '01100011', '01101101', '01110100', '01101011', '01001001', '01000111', '01010010', '01111001', '01100010', '01111001', '01000010', '01110111', '01100100', '01101101', '01110100', '01111000', '01001001', '01001000', '01001110', '01101010', '01001001', '01001000', '01000110', '00110101', '01100011', '00110011', '01101000', '01111000', '01001001', '01000111', '01010010', '00110101', '01001001', '01000111', '01111000', '01110110', '01001001', '01001000', '01101100', '01110111', '01001001', '01000111', '01010010', '01111001', '01100010', '01111001', '01000010', '01110111', '01100101', '01010111', '01001010', '00110011', '01100001', '00110010', '01010001', '01100111', '01011010', '01010111', '01010010', '01110111', '01100100', '01101101', '01110100', '01111000', '01100101', '01111001', '00110100', '01110101', '01001100', '01101110', '00110000', '01100111', '01001100', '01010011', '01000010', '01101110', '01100011', '01101110', '01001110', '01110100', '01100011', '01101001', '01000010', '00110011', '01100010', '00110010', '01110100', '00110100', '01011001', '01111001', '01000010', '01101011', '01100011', '01101101', '01110100', '01101011', '01001001', '01001000', '01001110', '01110111', '01001001', '01000111', '01101100', '00110101', '01011010', '01010011', '01000010', '01101010', '01100010', '00110010', '00111000', '01100111', '01011010', '01001000', '01001010', '01110010', '01011010', '01000011', '01000010', '00110110', '01100001', '00110010', '01010010', '01101011', '01100010', '00110010', '01001010', '00110100', '01001100', '01000011', '01000010', '01110000', '01100101', '01010111', '01010101', '01100111', '01100100', '01011000', '01101000', '00110101', '01011010', '01111001', '01000010', '01101110', '01100011', '01101101', '01110100', '01101011', '01001001', '01000111', '01010010', '01111001', '01100010', '01111001', '01000010', '01110100', '01100101', '01010111', '01001010', '01101001', '01100010', '00110010', '01001110', '00110110', '01100101', '01011000', '01101000', '01110101', '01100010', '00110011', '01101000', '01110100', '01100010', '00110010', '01001101', '01100111', '01100011', '01001000', '01101100', '01101001', '01001001', '01000111', '01010101', '01110011', '01001001', '01000111', '01010001', '01110011', '01001001', '01001000', '01000001', '01110011', '01001001', '01001000', '01011001', '01100111', '01100001', '01111001', '01110111', '01100111', '01100001', '00110011', '01101000', '01110101', '01001001', '01001000', '01000101', '01100111', '01100001', '00110010', '01001010', '01110110', '01001100', '01101001', '01000010', '01001010', '01100101', '01010111', '01010101', '01100111', '01100010', '01010111', '01110100', '00110100', '01001001', '01001000', '01110000', '01101001', '01100101', '01010111', '01111000', '01110010', '01100010', '01001000', '01011010', '01110000', '01001001', '01000111', '01100100', '00110101', '01011001', '01101110', '01010101', '01100111', '01100101', '01010111', '01010110', '01101011', '01001001', '01000111', '01010010', '01111001', '01100010', '01111001', '01000010', '01101001', '01100010', '00110011', '01100100', '01110010', '01100011', '00110011', '01101000', '01111010', '01100101', '01001000', '01000101', '01100111', '01100010', '01011000', '01001010', '01110010', '01011001', '01101101', '01110100', '01110100', '01011010', '01000111', '00111001', '01101001', '01011001', '01111001', '01000010', '01110011', '01100001', '01010011', '01000010', '01101001', '01100010', '00110011', '01110000', '00110010', '01100001', '00110010', '00110001', '01111010', '01100101', '01001000', '01000101', '01100111', '01011010', '01001000', '01001010', '01110110', '01100100', '01111001', '01000010', '01110010', '01100101', '01000111', '00110100', '01100111', '01100011', '00110011', '01101000', '01110111', '01100010', '00110010', '01001010', '01101001', '01100011', '00110011', '01101000', '01111000', '01001001', '01000111', '00110001', '00110101', '01100100', '00110011', '01100100', '00110101', '01100101', '01000011', '01000010', '01101110', '01100101', '01010111', '01001010', '01110101', '01011001', '01111001', '01000010', '01111010', '01100101', '01000011', '01000010', '01101011', '01100011', '01101101', '00111000', '01100111', '01010100', '00110011', '01101000', '01111000', '01100100', '01101110', '01001110', '01101010', '01100011', '01101001', '01000010', '00110010', '01100001', '00110011', '01101000', '01111000', '01011010', '01010111', '01110100', '01111000', '01100010', '01111001', '00110100', '01100111', '01010011', '00110011', '01101000', '00110101', '01011010', '01001000', '01001010', '01110110', '01011001', '01101001', '01000010', '01111000', '01011001', '01101101', '00111001', '01110010', '01011010', '01000011', '01000010', '00110011', '01100010', '00110010', '01010010', '01111001', '01100101', '01010111', '00110100', '01100111', '01100011', '00110010', '01001101', '01100111', '01011010', '01001000', '01101011', '01100111', '01011010', '01010111', '01001110', '01110110', '01001001', '01001000', '01000010', '01101001', '01100010', '00110010', '01000110', '01101100', '01100010', '00110011', '01101000', '01110100', '01100001', '01010011', '01000010', '01110010', '01100101', '01000111', '01110100', '00110010', '01100001', '01010111', '01001110', '01111010', '01011001', '01111010', '01101111', '01100111', '01011010', '00110010', '00111000', '01100111', '01100100', '01011000', '01101000', '00110101', '01011010', '01111001', '01000010', '01101011', '01100011', '01101101', '01110100', '01101011', '01001001', '01000011', '01100100', '01110110', '01001010', '01111001', '01000010', '01101010', '01100011', '01101110', '01101100', '01101110', '01011001', '01111001', '01000010', '01101100', '01100101', '01101001', '01000010', '00110011', '01100101', '01010111', '01001110', '01101011', '01001001', '01001000', '01101100', '01110111', '01011010', '01000111', '00111001', '00110100', '01001001', '01001000', '01001110', '00110100', '01001001', '01000111', '01010010', '01111001', '01100010', '01111001', '01000010', '01110010', '01100100', '01101110', '01110000', '01111001', '01100001', '00110010', '01111000', '01110110', '01011010', '01000011', '01110111', '01100111', '01011001', '00110011', '01101011', '01100111', '01011010', '01001000', '01001010', '01110010', '01011010', '01000011', '01100100', '01101010', '01001001', '01001000', '01110000', '01101001', '01100101', '01010111', '01111000', '01110010', '01100010', '01001000', '01011010', '01110000', '01001001', '01000111', '01010010', '01111001', '01100010', '01111001', '01000010', '00110011', '01100101', '01010111', '01001110', '01101011', '01001001', '01000111', '00110001', '00110101', '01100100', '00110011', '01100100', '00110101', '01100101', '01000011', '01000010', '01110100', '01100011', '01101101', '01110100', '01101001', '01100001', '00110010', '00110001', '01101011', '01100010', '00110010', '01001001', '01100111', '01100011', '00110011', '01100111', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01000111', '01010010', '01110110', '01100001', '01000111', '01010001', '01110011', '01001001', '01001000', '01000010', '00110101', '01100100', '01101110', '01011010', '00110101', '01011010', '00110010', '00111001', '01110101', '01001001', '01000111', '01111000', '01110000', '01001001', '01000011', '01100100', '01101011', '01001010', '01111001', '01110111', '01100111', '01100001', '00110011', '01101000', '01110101', '01001001', '01000111', '01001110', '00110101', '01001001', '01001000', '01101100', '00110100', '01001100', '01101001', '01000010', '01011010', '01100101', '01000111', '00110001', '01110110', '01001001', '01000111', '01101100', '00110101', '01011010', '01010011', '01000010', '00110001', '01100101', '01001000', '01101100', '01101110', '01001001', '01000111', '01110011', '01100111', '01100011', '01000111', '00111001', '01101110', '01001001', '01000111', '00110001', '01111001', '01100001', '00110010', '01001010', '01110010', '01100010', '01010111', '01010010', '01110110', '01011001', '01101101', '01001101', '01110011', '01001001', '01000111', '01101100', '00110101', '01011010', '01010011', '01000010', '01110100', '01100001', '00110011', '01100111', '01100111', '01100011', '00110011', '01101000', '01110111', '01100010', '00110010', '01001001', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01000111', '01001010', '01110110', '01011001', '00110010', '01010001', '01100111', '01100101', '01011000', '01000001', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01000111', '01100100', '00110101', '01011001', '01101101', '00110101', '01101010', '01001001', '01000111', '01111000', '01110010', '01011001', '00110010', '00111001', '01110101', '01001001', '01001000', '01101100', '00110100', '01001001', '01000111', '00110001', '00110101', '01100100', '00110011', '01100100', '00110101', '01100101', '01000011', '01000010', '01101110', '01100101', '01010111', '01001010', '01110101', '01011001', '01111001', '01000010', '01101011', '01100011', '01101101', '01110100', '01101011', '01001001', '01000111', '01001110', '01111001', '01100101', '01010111', '01100011', '01100111', '01011010', '01011000', '01101111', '01100111', '01100011', '00110011', '01100111', '01100111', '01011010', '01001000', '01001010', '01110110', '01001001', '01000101', '00111001', '00110100', '01100011', '01011000', '01011010', '01111010', '01011001', '00110011', '01001001', '01100111', '01100100', '01101101', '01110100', '00110100', '01100011', '01010111', '01010110', '01110010', '01100011', '01010111', '00111000', '01110101', '01000011', '01101110', '01001010', '01101110', '01100001', '01000111', '00110101', '00110100', '01100011', '00110010', '01010010', '01101101', '01100101', '01011000', '01001110', '01101011', '01100100', '01000111', '01100100', '01101111', '01100100', '01010011', '01000101', '01100111', '01100011', '01010111', '01100100', '01101101', '01001001', '01000111', '01101100', '01111010', '01011001', '01010111', '01110011', '01100111', '01011001', '00110011', '01010010', '01101111', '01100100', '01001000', '01010110', '01110000', '01100001', '00110010', '01010101', '01100111', '01011010', '01000111', '01101100', '01110010', '01001001', '01001000', '01110000', '01110010', '01100010', '01101110', '01010010', '01101111', '01100001', '01000111', '01110100', '00110100', '01001001', '01001000', '01001010', '00110100', '01100011', '01010111', '01111000', '01101011', '01011010', '00110010', '00110101', '00110100', '01100011', '00110010', '01111000', '01110000', '01100011', '01010011', '01000010', '01111001', '01100001', '01011000', '01001110', '00110101', '01100101', '01010111', '01110100', '01101111', '01100010', '01101101', '01110011', '01110101', '01001001', '01000111', '01101100', '01110010', '01100101', '01000111', '01110011', '01100111', '01100100', '01001000', '01010101', '01100111', '01100011', '01111001', '01000010', '01101010', '01100101', '01011000', '01001110', '01110101', '01001001', '01000111', '01001110', '01101110', '01100101', '01000011', '01000010', '01111010', '01100101', '01011000', '01101011', '01100111', '01100011', '01010111', '01100100', '01101101', '01100101', '01000011', '01000010', '01110000', '01100011', '00110011', '01101000', '01101100', '01001001', '01000111', '01110100', '01101010', '01011001', '00110010', '01100100', '00110100', '01011010', '01001000', '01010101', '00110110', '01001001', '01000111', '01011010', '01101011', '01011001', '00110011', '01101100', '01111010', '01100010', '01101110', '01110100', '01101111', '01001101', '01001000', '01011010', '01100110', '01011010', '01000111', '01101011', '00110000', '01011010', '01001000', '01010110', '01100110', '01100100', '01101101', '01101011', '00110000', '01011010', '01000110', '00111001', '00110000', '01011000', '00110011', '01001001', '00110000', '01100101', '01011000', '01101100', '01100110', '01100011', '01101110', '01101000', '01111000', '01100010', '01000111', '01010001', '01110111', '01100110', '01010011', '00110100', '01100111', '01100011', '01010111', '01100100', '01101101', '01001001', '01001000', '01011010', '00110000', '01100101', '01011000', '01101011', '01100111', '01011001', '00110011', '01010010', '01101111', '01011010', '01010011', '01000010', '01101011', '01100001', '01011000', '01001110', '01101011', '01001001', '01001000', '01001101', '01100111', '01100101', '01010111', '01100100', '01101011', '01001001', '01000111', '01100100', '01101010', '01001001', '01001000', '01001010', '00110100', '01100011', '01010111', '01111000', '01101011', '01011010', '00110010', '00110101', '00110100', '01100011', '00110010', '01111000', '01110000', '01100011', '01010011', '01000010', '00110000', '01100100', '01010011', '01000010', '01110111', '01011010', '01101110', '01010110', '01101011', '01001001', '01001000', '01110000', '01101101', '01100100', '01001000', '01101100', '01101100', '01100100', '01000111', '01101000', '01110101', '01001001', '01000111', '01100100', '01101010', '01011001', '01111001', '01000010', '01101011', '01100001', '01011000', '01010010', '00110001', '01001001', '01001000', '01010110', '01101110', '01100101', '01000111', '01010001', '01100111', '01011010', '00110010', '01001101', '01100111', '01100101', '01101110', '01001110', '00110001', '01100100', '01001000', '01001001', '01100111', '01011001', '01101101', '01101000', '01101110', '01100100', '01101110', '01101100', '01110010', '01011010', '01010111', '00110101', '01110010', '01001100', '01000011', '01000010', '01111010', '01100001', '01000111', '01010101', '01100111', '01100100', '01000111', '01010001', '01100111', '01100101', '01000111', '01110100', '01111010', '01100101', '01011000', '01101100', '01111000', '01001001', '01001000', '01010010', '00110001', '01001001', '01000111', '01101000', '01101110', '01011010', '01000011', '01000010', '00110001', '01011010', '01111001', '01000010', '00110110', '01100011', '00110010', '01010101', '01100111', '01100011', '00110010', '01001110', '01101011', '01100001', '00110011', '01100111', '01100111', '01100011', '00110011', '01101100', '00110101', '01001100', '01101001', '01000010', '01110000', '01011010', '00110010', '01111000', '01110010', '01001001', '01001000', '01000110', '01101110', '01011010', '01101001', '01000010', '01110010', '01100001', '01001000', '01000010', '01101110', '01100011', '01010111', '01110100', '01101100', '01001001', '01000111', '01010010', '01110000', '01100001', '01111001', '01000010', '01111001', '01100001', '01011000', '01001110', '00110101', '01100101', '01010111', '01110100', '01101111', '01100010', '01101101', '01110011', '01101000']
Uh-oh, looks like we have another block of text, with some sort of special encoding. Can you figure out what this encoding is? (hint: if you look carefully, you'll notice that there only characters present are A-Z, a-z, 0-9, and sometimes / and +. See if you can find an encoding that looks like this one.)
TmV3IGNoYWxsZW5nZSEgQ2FuIHlvdSBmaWd1cmUgb3V0IHdoYXQncyBnb2luZyBvbiBoZXJlPyBJdCBsb29rcyBsaWtlIHRoZSBsZXR0ZXJzIGFyZSBzaGlmdGVkIGJ5IHNvbWUgY29uc3RhbnQuIChoaW50OiB5b3UgbWlnaHQgd2FudCB0byBzdGFydCBsb29raW5nIHVwIFJvbWFuIHBlb3BsZSkuCmt2YnNxcmQsIGl5ZSdibyBrdnd5Y2QgZHJvYm8hIFh5ZyBweWIgZHJvIHBzeGt2IChreG4gd2tpbG8gZHJvIHJrYm5vY2QuLi4pIHprYmQ6IGsgY2VsY2RzZGVkc3l4IG1zenJvYi4gU3ggZHJvIHB5dnZ5Z3N4cSBkb2hkLCBTJ2ZvIGRrdW94IHdpIHdvY2NrcW8ga3huIGJvenZrbW9uIG9mb2JpIGt2enJrbG9kc20gbXJrYmttZG9iIGdzZHIgayBteWJib2N6eXhub3htbyBkeSBrIG5zcHBvYm94ZCBtcmtia21kb2IgLSB1eHlneCBrYyBrIGNlbGNkc2RlZHN5eCBtc3pyb2IuIE1reCBpeWUgcHN4biBkcm8gcHN4a3YgcHZrcT8gcnN4ZDogR28gdXh5ZyBkcmtkIGRybyBwdmtxIHNjIHF5c3hxIGR5IGxvIHlwIGRybyBweWJ3a2QgZWRwdmtxey4uLn0gLSBncnNtciB3b2t4YyBkcmtkIHNwIGl5ZSBjb28gZHJrZCB6a2Rkb2J4LCBpeWUgdXh5ZyBncmtkIGRybyBteWJib2N6eXhub3htb2MgcHliIGUsIGQsIHAsIHYgaywga3huIHEga2JvLiBJeWUgbWt4IHpieWxrbHZpIGd5YnUgeWVkIGRybyBib3drc3hzeHEgbXJrYmttZG9iYyBsaSBib3p2a21zeHEgZHJvdyBreG4gc3hwb2Jic3hxIG15d3d5eCBneWJuYyBzeCBkcm8gT3hxdnNjciB2a3hxZWtxby4gS3h5ZHJvYiBxYm9rZCB3b2RyeW4gc2MgZHkgZWNvIHBib2Flb3htaSBreGt2aWNzYzogZ28gdXh5ZyBkcmtkICdvJyBjcnlnYyBleiB3eWNkIHlwZG94IHN4IGRybyBrdnpya2xvZCwgY3kgZHJrZCdjIHpieWxrbHZpIGRybyB3eWNkIG15d3d5eCBtcmtia21kb2Igc3ggZHJvIGRvaGQsIHB5dnZ5Z29uIGxpICdkJywga3huIGN5IHl4LiBZeG1vIGl5ZSB1eHlnIGsgcG9nIG1ya2JrbWRvYmMsIGl5ZSBta3ggc3hwb2IgZHJvIGJvY2QgeXAgZHJvIGd5Ym5jIGxrY29uIHl4IG15d3d5eCBneWJuYyBkcmtkIGNyeWcgZXogc3ggZHJvIE94cXZzY3Igdmt4cWVrcW8uCnJnaG54c2RmeXNkdGdodSEgcWdmIGlzYWsgY3RodHVpa2UgZGlrIHprbnRoaGt4IHJ4cWxkZ254c2xpcSByaXN5eWtobmsuIGlreGsgdHUgcyBjeXNuIGNneCBzeXkgcWdmeCBpc3hlIGtjY2d4ZHU6IGZkY3lzbntoMHZfZGk0ZHVfdmk0ZF90X3I0eXlfcnhxbGQwfS4gcWdmIHZ0eXkgY3RoZSBkaXNkIHMgeWdkIGdjIHJ4cWxkZ254c2xpcSB0dSBwZnVkIHpmdHlldGhuIGdjYyBkaXR1IHVneGQgZ2MgenN1dHIgYmhndnlrZW5rLCBzaGUgdGQgeGtzeXlxIHR1IGhnZCB1ZyB6c2Ugc2Nka3ggc3l5LiBpZ2xrIHFnZiBraHBncWtlIGRpayByaXN5eWtobmsh
New challenge! Can you figure out what's going on here? It looks like the letters are shifted by some constant. (hint: you might want to start looking up Roman people).
kvbsqrd, iye'bo kvwycd drobo! Xyg pyb dro psxkv (kxn wkilo dro rkbnocd...) zkbd: k celcdsdedsyx mszrob. Sx dro pyvvygsxq dohd, S'fo dkuox wi wocckqo kxn bozvkmon ofobi kvzrklodsm mrkbkmdob gsdr k mybboczyxnoxmo dy k nsppoboxd mrkbkmdob - uxygx kc k celcdsdedsyx mszrob. Mkx iye psxn dro psxkv pvkq? rsxd: Go uxyg drkd dro pvkq sc qysxq dy lo yp dro pybwkd edpvkq{...} - grsmr wokxc drkd sp iye coo drkd zkddobx, iye uxyg grkd dro mybboczyxnoxmoc pyb e, d, p, v k, kxn q kbo. Iye mkx zbylklvi gybu yed dro bowksxsxq mrkbkmdobc li bozvkmsxq drow kxn sxpobbsxq mywwyx gybnc sx dro Oxqvscr vkxqekqo. Kxydrob qbokd wodryn sc dy eco pboaeoxmi kxkvicsc: go uxyg drkd 'o' crygc ez wycd ypdox sx dro kvzrklod, cy drkd'c zbylklvi dro wycd mywwyx mrkbkmdob sx dro dohd, pyvvygon li 'd', kxn cy yx. Yxmo iye uxyg k pog mrkbkmdobc, iye mkx sxpob dro bocd yp dro gybnc lkcon yx mywwyx gybnc drkd cryg ez sx dro Oxqvscr vkxqekqo.
rghnxsdfysdtghu! qgf isak cthtuike dik zknthhkx rxqldgnxsliq risyykhnk. ikxk tu s cysn cgx syy qgfx isxe kccgxdu: fdcysn{h0v_di4du_vi4d_t_r4yy_rxqld0}. qgf vtyy cthe disd s ygd gc rxqldgnxsliq tu pfud zftyethn gcc ditu ugxd gc zsutr bhgvykenk, she td xksyyq tu hgd ug zse scdkx syy. iglk qgf khpgqke dik risyykhnk!词频分析得到
congratulations! you have finished the beginner cryptography challenge. here is a flag for all your hard efforts: utflag{n0w_th4ts_wh4t_i_c4ll_crypt0}. you will find that a lot of cryptography is just building off this sort of basic knowledge, and it really is not so bad after all. hope you enjoyed the challenge!flag{n0w_th4ts_wh4t_i_c4ll_crypt0}这个就是flag了
108.[GKCTF2020]Backdoor
查看题目 是一个cve漏洞
前面具体过程就不写了 那个流量的用记事本打开,然后是一个base64解密,另一个是公钥解密即可
脚本如下
from Crypto.Util import number
from gmpy2 import *
'''#密文c
02142af7ce70fe0ddae116bb7e96260274ee9252a8cb528e7fdd29809c2a6032727c05526133ae4610ed944572ff1abfcd0b17aa22ef44a2'''
'''e = 65537
n = 15518961041625074876182404585394098781487141059285455927024321276783831122168745076359780343078011216480587575072479784829258678691739
'''
'''p:3386619977051114637303328519173627165817832179845212640767197001941
q:4582433561127855310805294456657993281782662645116543024537051682479
'''
vals=39
M=1
n = mpz(15518961041625074876182404585394098781487141059285455927024321276783831122168745076359780343078011216480587575072479784829258678691739)
primes = [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997, 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999]for x in range(0, vals):M=M*primes[x]for a in range(1,20):for k in range(50):p=mpz(k*M+(65537**a %M))if is_prime(p):q = mpz(n//p)if is_prime(q):print('p=%d\nq=%d'%(p,q))import gmpy2
p =gmpy2.mpz(4582433561127855310805294456657993281782662645116543024537051682479)
q =gmpy2.mpz(3386619977051114637303328519173627165817832179845212640767197001941)
e =gmpy2.mpz(65537)
phi_n= (p - 1) * (q - 1)
d = gmpy2.invert(e, phi_n)
print("d is:%d"%(d))
# d is:11499569785990181290142150447540986299729313689398043794865222914751456271097337104622884992345120278959213140333860537563347711742153
import gmpy2,binasciifrom Crypto.Util.number import long_to_bytes
c = int("02142af7ce70fe0ddae116bb7e96260274ee9252a8cb528e7fdd29809c2a6032727c05526133ae4610ed944572ff1abfcd0b17aa22ef44a2",16)d = 11499569785990181290142150447540986299729313689398043794865222914751456271097337104622884992345120278959213140333860537563347711742153
n = 15518961041625074876182404585394098781487141059285455927024321276783831122168745076359780343078011216480587575072479784829258678691739
m = pow(c,d,n)
print('m = ',m)
print('m = ',hex(m))
print('long_to_bytes(m) =',long_to_bytes(m))
运行得到
p=4582433561127855310805294456657993281782662645116543024537051682479
q=3386619977051114637303328519173627165817832179845212640767197001941
d is:11499569785990181290142150447540986299729313689398043794865222914751456271097337104622884992345120278959213140333860537563347711742153
m = 56006392793406552883106744981771255916153714828118097099130014407421330832850082353964262145657222269
m = 0x666c61677b37363039353863392d636361392d343538622d396362652d6561303761613136363865347d
long_to_bytes(m) = b'flag{760958c9-cca9-458b-9cbe-ea07aa1668e4}'
109.[V&N2020 公开赛]easy_RSA
查看题目
from random import randint
from gmpy2 import *
from Crypto.Util.number import *def getprime(bits):while 1:n = 1while n.bit_length() < bits:n *= next_prime(randint(1,1000))if isPrime(n - 1):return n - 1m = bytes_to_long(b'flag{************************************}')p = getprime(505)
q = getPrime(512)
r = getPrime(512)
assert m < qn = p * q * r
e = 0x10001
d = invert(q ** 2, p ** 2)
c = pow(m, 2, r)
cipher = pow(c, e, n)print(n)
print(d)
print(cipher)'''7941371739956577280160664419383740967516918938781306610817149744988379280561359039016508679365806108722198157199058807892703837558280678711420411242914059658055366348123106473335186505617418956630780649894945233345985279471106888635177256011468979083320605103256178446993230320443790240285158260236926519042413378204298514714890725325831769281505530787739922007367026883959544239568886349070557272869042275528961483412544495589811933856131557221673534170105409
7515987842794170949444517202158067021118454558360145030399453487603693522695746732547224100845570119375977629070702308991221388721952258969752305904378724402002545947182529859604584400048983091861594720299791743887521228492714135449584003054386457751933095902983841246048952155097668245322664318518861440
1618155233923718966393124032999431934705026408748451436388483012584983753140040289666712916510617403356206112730613485227084128314043665913357106301736817062412927135716281544348612150328867226515184078966397180771624148797528036548243343316501503364783092550480439749404301122277056732857399413805293899249313045684662146333448668209567898831091274930053147799756622844119463942087160062353526056879436998061803187343431081504474584816590199768034450005448200'''
还是用分解N的网站在线分解得到pqr
脚本如下
from Crypto.Util.number import *
from gmpy2 import *
from sympy.ntheory.residue_ntheory import nthroot_modn = 7941371739956577280160664419383740967516918938781306610817149744988379280561359039016508679365806108722198157199058807892703837558280678711420411242914059658055366348123106473335186505617418956630780649894945233345985279471106888635177256011468979083320605103256178446993230320443790240285158260236926519042413378204298514714890725325831769281505530787739922007367026883959544239568886349070557272869042275528961483412544495589811933856131557221673534170105409
d = 7515987842794170949444517202158067021118454558360145030399453487603693522695746732547224100845570119375977629070702308991221388721952258969752305904378724402002545947182529859604584400048983091861594720299791743887521228492714135449584003054386457751933095902983841246048952155097668245322664318518861440
cipher = 1618155233923718966393124032999431934705026408748451436388483012584983753140040289666712916510617403356206112730613485227084128314043665913357106301736817062412927135716281544348612150328867226515184078966397180771624148797528036548243343316501503364783092550480439749404301122277056732857399413805293899249313045684662146333448668209567898831091274930053147799756622844119463942087160062353526056879436998061803187343431081504474584816590199768034450005448200
#分解得到的pqr
p = 102634610559478918970860957918259981057327949366949344137104804864768237961662136189827166317524151288799657758536256924609797810164397005081733039415393
q = 7534810196420932552168708937019691994681052660068275906973480617604535381306041583841106383688654426129050931519275383386503174076258645141589911492908993
r = 10269028767754306217563721664976261924407940883784193817786660413744866184645984238866463711873380072803747092361041245422348883639933712733051005791543841
phn=(p-1)*(q-1)*(r-1)
e = 0x10001
d = invert(e,phn)
print(d)
#696507389127827123706661871654450815284301235334466795840166268431469309011195076922454367593796687564813693144028411855398655084684946537577925810218190635193690686941033400271584581743511646525701770230697389808139688889055897738680146145489141461623210306152017482372340288056132947782754463871096351562634396868323861335480091797855608845695507892749062713128285934572259972389743839646950269761373893877746254763641876362977045864056456449244814748352513c=pow(cipher,d,n)
print(c)
#8081092455112516397361105816900490085355315574087538340788309885334106796325593823678787887569920404814986643819898763828872716522338864714182757065213683m=nthroot_mod(c,2,r)
print(m)
#56006392793430016468251971646527328995718100207125432393433900875091739391190683811783574991236326013print(long_to_bytes(m))
运行得到
696507389127827123706661871654450815284301235334466795840166268431469309011195076922454367593796687564813693144028411855398655084684946537577925810218190635193690686941033400271584581743511646525701770230697389808139688889055897738680146145489141461623210306152017482372340288056132947782754463871096351562634396868323861335480091797855608845695507892749062713128285934572259972389743839646950269761373893877746254763641876362977045864056456449244814748352513
8081092455112516397361105816900490085355315574087538340788309885334106796325593823678787887569920404814986643819898763828872716522338864714182757065213683
56006392793430016468251971646527328995718100207125432393433900875091739391190683811783574991236326013
b'flag{fd462593-25e4-4631-a96a-0cd5c72b2d1b}'
四方密码简介
四方密码是用四个方块,然后配合字母来完成加密。四方密码需要密钥,要用任意两个单词作为密钥。比如说题目中的security和information来作为密钥,然后去处单词里面的重复字母作为真正的密钥,也就是security和informat。
然后就是介绍四方了,四方,也就是四个方块,为4个5x5的方块,方块的左上角和右下角,也就是图中的蓝色方块,是用来按顺序存放26个字母的。
然而这里只有25个小方格,所以一般是把字母q或z删去不要,或者是把i、j放在同一个格子里面。
然后右上角和左下角的方块存放的是我们的密钥,然后分别把密钥写在田字格的右上角和左下角,然后再按字母排列表的顺序写下来。注意,密钥中已经有的字母就去除不写,不要再次出现!
加密
首先第一步,填写好这个方格,就拿security和information来说,填写之后的内容是这样的,这里是去除了q。
假设我们需要加密的内容是iamafool。首先把他拆分为两个两个一组,拆分完毕之后是ia ma fo ol。这里需要注意:四方密码加密只对偶数个字符有效,最后余下的一个字符将无法加密。然后按照顺序来,首先是ia,找到i在左上角方格中的位置和a在右下角方格中的位置。然后画出以他们连线为对角线的矩形,即为下图中的红色方块。
加密得到的字母与和明文在同一行的边角点,这里也就是i对应i,a对应o,ia加密得到的内容就是io,剩下来的字符也是同样的操作方式。
解密
揭秘也很简单了,就是加密的逆过程,比如说对应上面加密的例子,密文是io,明文就是ia,也就是现在左上角的方格中找到i,左下角找到o,然后取同一行的边角点就好了。
flag{youngandsuccessful}
110[De1CTF2019]babyrsa
查看题目
import binascii
from data import e1,e2,p,q1p,q1q,hint,flagn = [20129615352491765499340112943188317180548761597861300847305827141510465619670536844634558246439230371658836928103063432870245707180355907194284861510906071265352409579441048101084995923962148527097370705452070577098780246282820065573711015664291991372085157016901209114191068574208680397710042842835940428451949500607613634682684113208766694028789275748528254287705759528498986306494267817198340658241873024800336013946294891687591013414935237821291805123285905335762719823771647853378892868896078424572232934360940672962436849523915563328779942134504499568866135266628078485232098208237036724121481835035731201383423L, 31221650155627849964466413749414700613823841060149524451234901677160009099014018926581094879840097248543411980533066831976617023676225625067854003317018794041723612556008471579060428898117790587991055681380408263382761841625714415879087478072771968160384909919958010983669368360788505288855946124159513118847747998656422521414980295212646675850690937883764000571667574381419144372824211798018586804674824564606122592483286575800685232128273820087791811663878057827386379787882962763290066072231248814920468264741654086011072638211075445447843691049847262485759393290853117072868406861840793895816215956869523289231421L, 29944537515397953361520922774124192605524711306753835303703478890414163510777460559798334313021216389356251874917792007638299225821018849648520673813786772452822809546571129816310207232883239771324122884804993418958309460009406342872173189008449237959577469114158991202433476710581356243815713762802478454390273808377430685157110095496727966308001254107517967559384019734279861840997239176254236069001453544559786063915970071130087811123912044312219535513880663913831358790376650439083660611831156205113873793106880255882114422025746986403355066996567909581710647746463994280444700922867397754748628425967488232530303L, 25703437855600135215185778453583925446912731661604054184163883272265503323016295700357253105301146726667897497435532579974951478354570415554221401778536104737296154316056314039449116386494323668483749833147800557403368489542273169489080222009368903993658498263905567516798684211462607069796613434661148186901892016282065916190920443378756167250809872483501712225782004396969996983057423942607174314132598421269169722518224478248836881076484639837343079324636997145199835034833367743079935361276149990997875905313642775214486046381368619638551892292787783137622261433528915269333426768947358552919740901860982679180791L]
c = [19131432661217908470262338421299691998526157790583544156741981238822158563988520225986915234570037383888112724408392918113942721994125505014727545946133307329781747600302829588248042922635714391033431930411180545085316438084317927348705241927570432757892985091396044950085462429575440060652967253845041398399648442340042970814415571904057667028157512971079384601724816308078631844480110201787343583073815186771790477712040051157180318804422120472007636722063989315320863580631330647116993819777750684150950416298085261478841177681677867236865666207391847046483954029213495373613490690687473081930148461830425717614569L, 15341898433226638235160072029875733826956799982958107910250055958334922460202554924743144122170018355117452459472017133614642242411479849369061482860570279863692425621526056862808425135267608544855833358314071200687340442512856575278712986641573012456729402660597339609443771145347181268285050728925993518704899005416187250003304581230701444705157412790787027926810710998646191467130550713600765898234392350153965811595060656753711278308005193370936296124790772689433773414703645703910742193898471800081321469055211709339846392500706523670145259024267858368216902176489814789679472227343363035428541915118378163012031L, 18715065071648040017967211297231106538139985087685358555650567057715550586464814763683688299037897182845007578571401359061213777645114414642903077003568155508465819628553747173244235936586812445440095450755154357646737087071605811984163416590278352605433362327949048243722556262979909488202442530307505819371594747936223835233586945423522256938701002370646382097846105014981763307729234675737702252155130837154876831885888669150418885088089324534892506199724486783446267336789872782137895552509353583305880144947714110009893134162185382309992604435664777436197587312317224862723813510974493087450281755452428746194446L, 2282284561224858293138480447463319262474918847630148770112472703128549032592187797289965592615199709857879008271766433462032328498580340968871260189669707518557157836592424973257334362931639831072584824103123486522582531666152363874396482744561758133655406410364442174983227005501860927820871260711861008830120617056883514525798709601744088135999465598338635794275123149165498933580159945032363880613524921913023341209439657145962332213468573402863796920571812418200814817086234262280338221161622789516829363805084715652121739036183264026120868756523770196284142271849879003202190966150390061195469351716819539183797L]
f=lambda m,e,n,c:pow(m,e,n)==c
assert(sum(map(f,[p]*4,[4]*4,n,c))==4)ee1 = 42
ee2 = 3
ce1 = 45722651786340123946960815003059322528810481841378247280642868553607692149509126962872583037142461398806689489141741494974836882341505234255325683219092163052843461632338442529011502378931140356111756932712822516814023166068902569458299933391973504078898958921809723346229893913662577294963528318424676803942288386430172430880307619748186863890050113934573820505570928109017842647598266634344447182347849367714564686341871007505886728393751147033556889217604647355628557502208364412269944908011305064122941446516990168924709684092200183860653173856272384
ce2 = 13908468332333567158469136439932325992349696889129103935400760239319454409539725389747059213835238373047899198211128689374049729578146875309231962936554403287882999967840346216695208424582739777034261079550395918048421086843927009452479936045850799096750074359160775182238980989229190157551197830879877097703347301072427149474991803868325769967332356950863518504965486565464059770451458557744949735282131727956056279292800694203866167270268988437389945703117070604488999247750139568614939965885211276821987586882908159585863514561191905040244967655444219603287214405014887994238259270716355378069726760953320025828158
tmp = 864078778078609835167779565982540757684070450697854309005171742813414963447462554999012718960925081621571487444725528982424037419052194840720949809891134854871222612682162490991065015935449289960707882463387
n = 15911581555796798614711625288508309704791837516232122410440958830726078821069050404012820896260071751380436992710638364294658173571101596931605797509712839622479368850251206419748090059752427303611760004621378226431226983665746837779056271530181865648115862947527212787824629516204832313026456390047768174765687040950636530480549014401279054346098030395100387004111574278813749630986724706263655166289586230453975953773791945408589484679371854113457758157492241225180907090235116325034822993748409011554673180494306003272836905082473475046277554085737627846557240367696214081276345071055578169299060706794192776825039
assert(pow(e1,ee1,n)==ce1)
assert(pow(e2+tmp,ee2,n)==ce2)e = 46531
n = 16278524034278364842964386062476113517067911891699789991355982121084973951738324063305190630865511554888330215827724887964565979607808294168282995825864982603759381323048907814961279012375346497781046417204954101076457350988751188332353062731641153547102721113593787978587135707313755661153376485647168543680503160420091693269984008764444291289486805840439906620313162344057956594836197521501755378387944609246120662335790110901623740990451586621846212047950084207251595169141015645449217847180683357626383565631317253913942886396494396189837432429078251573229378917400841832190737518763297323901586866664595327850603
c = 14992132140996160330967307558503117255626925777426611978518339050671013041490724616892634911030918360867974894371539160853827180596100892180735770688723270765387697604426715670445270819626709364566478781273676115921657967761494619448095207169386364541164659123273236874649888236433399127407801843412677293516986398190165291102109310458304626261648346825196743539220198199366711858135271877662410355585767124059539217274691606825103355310348607611233052725805236763220343249873849646219850954945346791015858261715967952461021650307307454434510851869862964236227932964442289459508441345652423088404453536608812799355469
hint=int(binascii.hexlify(hint),16)
assert(q1p*q1q==n)
assert(q1p<q1q)
assert(c==pow(hint,e,n))flag=int(binascii.hexlify(flag),16)
q1=q1p
q2 = 114401188227479584680884046151299704656920536168767132916589182357583461053336386996123783294932566567773695426689447410311969456458574731187512974868297092638677515283584994416382872450167046416573472658841627690987228528798356894803559278308702635288537653192098514966089168123710854679638671424978221959513
c1 = 262739975753930281690942784321252339035906196846340713237510382364557685379543498765074448825799342194332681181129770046075018122033421983227887719610112028230603166527303021036386350781414447347150383783816869784006598225583375458609586450854602862569022571672049158809874763812834044257419199631217527367046624888837755311215081173386523806086783266198390289097231168172692326653657393522561741947951887577156666663584249108899327053951891486355179939770150550995812478327735917006194574412518819299303783243886962455399783601229227718787081785391010424030509937403600351414176138124705168002288620664809270046124
c2 = 7395591129228876649030819616685821899204832684995757724924450812977470787822266387122334722132760470911599176362617225218345404468270014548817267727669872896838106451520392806497466576907063295603746660003188440170919490157250829308173310715318925771643105064882620746171266499859049038016902162599261409050907140823352990750298239508355767238575709803167676810456559665476121149766947851911064706646506705397091626648713684511780456955453552020460909638016134124590438425738826828694773960514221910109473941451471431637903182205738738109429736425025621308300895473186381826756650667842656050416299166317372707709596
assert(c1==pow(flag,e1,p*q1))
assert(c2==pow(flag,e2,p*q2))
这是一道综合的rsa
包括中国剩余定理特解为解
小指数攻击(枚举爆破)
在线质因数分解factordb
rsa中e关于(p-1)*(q-1)的逆元不唯一,同时兼有中国剩余定理方程合并.
得到两个方程
c1=me1 %(pq1)
c2=me2 %(pq2)
在通常情况下,我们只需要一个方程就可以求得一个满足条件的最小解作为解
这道题目最后给了两个方程,显然我们求得的解必须满足这两个方程.
首先看第一个方程.
通过计算得知gcd(e1,(p-1)(q1-1))=14.
可以知道该rsa式子并不能用常规方法.通过变形.
c1=me1 %(pq1)=(m14)e1/14%(pq1) ,我们可以在此条件下求出m14 的通解(显然最小特解很大可能不是答案,因为这个解还需要满足第二个方程)
记pq1=n1,pq2=n2,记e1/14的逆元为d1,方程2中e2/14的逆元为d2
记该通解为方程
m14 ☰c1d1mod n1
同理可得:
gcd(e2,(p-1)(q2-1))=14
则:
m14☰c2d2 mod n2
此时尝试用中国剩余定理来求出一个特解,但是遗憾的是该特解不是最终解.
于是尝试爆破,但是同样发现过了很长时间还是爆破不了.
于是转变方法.将该同余方程组进行细化.
记c1d =a1,c2d2 =a2
得到
m14 ☰a1 mod p
m14 ☰ a1 mod q1
m14 ☰ a2 mod p
m 14 ☰ a2 mod q2
由于m的指数过大,我们尝试通过构造一个新的rsa式子来降解m的指数.
理论上4个方程有6种合并方式.但是通过计算
gcd(p-1,7)!=1所以如果选择p的话显然是行不通的.
于是舍弃p
选择q1,q2进行合并.
合并函数
脚本如下
import gmpy2
import math
def merge(a1,n1,a2,n2):d = math.gcd(n1,n2)c = a2-a1if c%d!=0:return 0c = (c%n2+n2)%n2c = c//dn1 = n1//dn2 = n2//dc *= gmpy2.invert(n1,n2)c %= n2c *= n1*dc += a1global n3global a3n3 = n1*n2*da3 = (c%n3+n3)%n3return 1
def exCRT(a,n):a1=a[0]n1=n[0]le= len(a)for i in range(1,le):a2 = a[i]n2=n[i]if not merge(a1,n1,a2,n2):return -1a1 = a3n1 = n3global modmod=n1return (a1%n1+n1)%n1
def exCRT_getequation(a,n):a1=a[0]n1=n[0]le= len(a)for i in range(1,le):a2 = a[i]n2=n[i]if not merge(a1,n1,a2,n2):return -1a1 = a3n1 = n3return (a1,n1)
#a为余数列表
#n为模数列表
n = [20129615352491765499340112943188317180548761597861300847305827141510465619670536844634558246439230371658836928103063432870245707180355907194284861510906071265352409579441048101084995923962148527097370705452070577098780246282820065573711015664291991372085157016901209114191068574208680397710042842835940428451949500607613634682684113208766694028789275748528254287705759528498986306494267817198340658241873024800336013946294891687591013414935237821291805123285905335762719823771647853378892868896078424572232934360940672962436849523915563328779942134504499568866135266628078485232098208237036724121481835035731201383423, 31221650155627849964466413749414700613823841060149524451234901677160009099014018926581094879840097248543411980533066831976617023676225625067854003317018794041723612556008471579060428898117790587991055681380408263382761841625714415879087478072771968160384909919958010983669368360788505288855946124159513118847747998656422521414980295212646675850690937883764000571667574381419144372824211798018586804674824564606122592483286575800685232128273820087791811663878057827386379787882962763290066072231248814920468264741654086011072638211075445447843691049847262485759393290853117072868406861840793895816215956869523289231421, 29944537515397953361520922774124192605524711306753835303703478890414163510777460559798334313021216389356251874917792007638299225821018849648520673813786772452822809546571129816310207232883239771324122884804993418958309460009406342872173189008449237959577469114158991202433476710581356243815713762802478454390273808377430685157110095496727966308001254107517967559384019734279861840997239176254236069001453544559786063915970071130087811123912044312219535513880663913831358790376650439083660611831156205113873793106880255882114422025746986403355066996567909581710647746463994280444700922867397754748628425967488232530303, 25703437855600135215185778453583925446912731661604054184163883272265503323016295700357253105301146726667897497435532579974951478354570415554221401778536104737296154316056314039449116386494323668483749833147800557403368489542273169489080222009368903993658498263905567516798684211462607069796613434661148186901892016282065916190920443378756167250809872483501712225782004396969996983057423942607174314132598421269169722518224478248836881076484639837343079324636997145199835034833367743079935361276149990997875905313642775214486046381368619638551892292787783137622261433528915269333426768947358552919740901860982679180791]
c = [19131432661217908470262338421299691998526157790583544156741981238822158563988520225986915234570037383888112724408392918113942721994125505014727545946133307329781747600302829588248042922635714391033431930411180545085316438084317927348705241927570432757892985091396044950085462429575440060652967253845041398399648442340042970814415571904057667028157512971079384601724816308078631844480110201787343583073815186771790477712040051157180318804422120472007636722063989315320863580631330647116993819777750684150950416298085261478841177681677867236865666207391847046483954029213495373613490690687473081930148461830425717614569, 15341898433226638235160072029875733826956799982958107910250055958334922460202554924743144122170018355117452459472017133614642242411479849369061482860570279863692425621526056862808425135267608544855833358314071200687340442512856575278712986641573012456729402660597339609443771145347181268285050728925993518704899005416187250003304581230701444705157412790787027926810710998646191467130550713600765898234392350153965811595060656753711278308005193370936296124790772689433773414703645703910742193898471800081321469055211709339846392500706523670145259024267858368216902176489814789679472227343363035428541915118378163012031, 18715065071648040017967211297231106538139985087685358555650567057715550586464814763683688299037897182845007578571401359061213777645114414642903077003568155508465819628553747173244235936586812445440095450755154357646737087071605811984163416590278352605433362327949048243722556262979909488202442530307505819371594747936223835233586945423522256938701002370646382097846105014981763307729234675737702252155130837154876831885888669150418885088089324534892506199724486783446267336789872782137895552509353583305880144947714110009893134162185382309992604435664777436197587312317224862723813510974493087450281755452428746194446, 2282284561224858293138480447463319262474918847630148770112472703128549032592187797289965592615199709857879008271766433462032328498580340968871260189669707518557157836592424973257334362931639831072584824103123486522582531666152363874396482744561758133655406410364442174983227005501860927820871260711861008830120617056883514525798709601744088135999465598338635794275123149165498933580159945032363880613524921913023341209439657145962332213468573402863796920571812418200814817086234262280338221161622789516829363805084715652121739036183264026120868756523770196284142271849879003202190966150390061195469351716819539183797]
p_4=exCRT(c,n)
p=gmpy2.iroot(p_4,4)[0]
print(p)
#中国剩余定理
ee1 = 42
ee2 = 3
ce1 = 45722651786340123946960815003059322528810481841378247280642868553607692149509126962872583037142461398806689489141741494974836882341505234255325683219092163052843461632338442529011502378931140356111756932712822516814023166068902569458299933391973504078898958921809723346229893913662577294963528318424676803942288386430172430880307619748186863890050113934573820505570928109017842647598266634344447182347849367714564686341871007505886728393751147033556889217604647355628557502208364412269944908011305064122941446516990168924709684092200183860653173856272384
ce2 = 13908468332333567158469136439932325992349696889129103935400760239319454409539725389747059213835238373047899198211128689374049729578146875309231962936554403287882999967840346216695208424582739777034261079550395918048421086843927009452479936045850799096750074359160775182238980989229190157551197830879877097703347301072427149474991803868325769967332356950863518504965486565464059770451458557744949735282131727956056279292800694203866167270268988437389945703117070604488999247750139568614939965885211276821987586882908159585863514561191905040244967655444219603287214405014887994238259270716355378069726760953320025828158
tmp = 864078778078609835167779565982540757684070450697854309005171742813414963447462554999012718960925081621571487444725528982424037419052194840720949809891134854871222612682162490991065015935449289960707882463387
n =15911581555796798614711625288508309704791837516232122410440958830726078821069050404012820896260071751380436992710638364294658173571101596931605797509712839622479368850251206419748090059752427303611760004621378226431226983665746837779056271530181865648115862947527212787824629516204832313026456390047768174765687040950636530480549014401279054346098030395100387004111574278813749630986724706263655166289586230453975953773791945408589484679371854113457758157492241225180907090235116325034822993748409011554673180494306003272836905082473475046277554085737627846557240367696214081276345071055578169299060706794192776825039
#assert(pow(e1,ee1,n)==ce1)
#assert(pow(e2+tmp,ee2,n)==ce2)
#n = 15911581555796798614711625288508309704791837516232122410440958830726078821069050404012820896260071751380436992710638364294658173571101596931605797509712839622479368850251206419748090059752427303611760004621378226431226983665746837779056271530181865648115862947527212787824629516204832313026456390047768174765687040950636530480549014401279054346098030395100387004111574278813749630986724706263655166289586230453975953773791945408589484679371854113457758157492241225180907090235116325034822993748409011554673180494306003272836905082473475046277554085737627846557240367696214081276345071055578169299060706794192776825039
def doit(ee,n,ce):k=0while True:x=ce+k*nif gmpy2.iroot(x,ee)[1]:return gmpy2.iroot(x,ee)[0]k=k+1
e1=doit(ee1,n,ce1)
e2=doit(ee2,n,ce2)-tmp
##小指数爆破
q1p=127587319253436643569312142058559706815497211661083866592534217079310497260365307426095661281103710042392775453866174657404985539066741684196020137840472950102380232067786400322600902938984916355631714439668326671310160916766472897536055371474076089779472372913037040153356437528808922911484049460342088834871
q1=q1p
##factordb爆破
q2 = 114401188227479584680884046151299704656920536168767132916589182357583461053336386996123783294932566567773695426689447410311969456458574731187512974868297092638677515283584994416382872450167046416573472658841627690987228528798356894803559278308702635288537653192098514966089168123710854679638671424978221959513
c1 = 262739975753930281690942784321252339035906196846340713237510382364557685379543498765074448825799342194332681181129770046075018122033421983227887719610112028230603166527303021036386350781414447347150383783816869784006598225583375458609586450854602862569022571672049158809874763812834044257419199631217527367046624888837755311215081173386523806086783266198390289097231168172692326653657393522561741947951887577156666663584249108899327053951891486355179939770150550995812478327735917006194574412518819299303783243886962455399783601229227718787081785391010424030509937403600351414176138124705168002288620664809270046124
c2 = 7395591129228876649030819616685821899204832684995757724924450812977470787822266387122334722132760470911599176362617225218345404468270014548817267727669872896838106451520392806497466576907063295603746660003188440170919490157250829308173310715318925771643105064882620746171266499859049038016902162599261409050907140823352990750298239508355767238575709803167676810456559665476121149766947851911064706646506705397091626648713684511780456955453552020460909638016134124590438425738826828694773960514221910109473941451471431637903182205738738109429736425025621308300895473186381826756650667842656050416299166317372707709596
#assert(c1==pow(flag,e1,p*q1))
#assert(c2==pow(flag,e2,p*q2))
phi1=(p-1)*(q1-1)
phi2=(p-1)*(q2-1)
xx1=gmpy2.gcd(e1,phi1)
xx2=gmpy2.gcd(e2,phi2)
d1=gmpy2.invert(e1//xx1,phi1)
d2=gmpy2.invert(e2//xx2,phi2)
nn=[]
aa=[]
nn.append(q1)
nn.append(q2)
a1=gmpy2.powmod(c1,d1,p*q1)%q1
a2=gmpy2.powmod(c2,d2,p*q2)%q2
aa.append(a1)
aa.append(a2)
last=exCRT_getequation(aa,nn)#最终方程组 aa=n^14%q1*q2
new_e=7
new_phi=(q1-1)*(q2-1)
new_d=gmpy2.invert(new_e,new_phi)
m_2=gmpy2.powmod(last[0],new_d,last[1])#特解m_2
flag=gmpy2.iroot(m_2,2)[0]
import binascii
print(binascii.unhexlify(hex(flag)[2:]))
运行得到
109935857933867829728985398563235455481120300859311421762540858762721955038310117609456763338082237907005937380873151279351831600225270995344096532750271070807051984097524900957809427861441436796934012393707770012556604479065826879107677002380580866325868240270494148512743861326447181476633546419262340100453
b'de1ctf{9b10a98b-71bb-4bdf-a6ff-f319943de21f}'
111.[UTCTF2020]hill
查看题目
wznqca{d4uqop0fk_q1nwofDbzg_eu}
这题就是个二阶希尔密码加密。知道密文前6位wznqca和明文前6位utflag,等于4个未知数6个一阶方程,居然还有解,那就是二阶跑不了了。求个逆乘回来就好。
from mpmath.libmp.backend import xrangea00, a01, a10, a11 = 13, 6, 3, 21
dic = 'abcdefghijklmnopqrstuvwxyz'
c = 'wznqcaduqopfkqnwofdbzgeu'
m = ''
for i in xrange(0, len(c), 2):a, b = dic.index(c[i]), dic.index(c[i+1])a0, b0 = (a00*a+a01*b)%26, (a10*a+a11*b)%26m += dic[a0]m += dic[b0]
print(m)
记得把中间下划线、空格、数字之类的补回去,还有一个字母是大写别忘了
utflag{d4nger0us_c1pherText_qq}
112.[V&N2020 公开赛]CRT
查看题目
import hashlib
from functools import reduce
from Crypto.Util.number import *ms = [getRandomNBitInteger(128) for i in range(8)]
p = reduce(lambda x,y: x*y, ms)
x = getRandomRange(1, p)
cs = [x % m for m in ms]flag = "flag{" + hashlib.sha256(str(x).encode()).hexdigest() + "}"
# assert("4b93deeb" in flag)# ms = [284461942441737992421992210219060544764, 218436209063777179204189567410606431578, 288673438109933649911276214358963643204, 239232622368515797881077917549177081575, 206264514127207567149705234795160750411, 338915547568169045185589241329271490503, 246545359356590592172327146579550739141, 219686182542160835171493232381209438048]
# cs = [273520784183505348818648859874365852523, 128223029008039086716133583343107528289, 5111091025406771271167772696866083419, 33462335595116820423587878784664448439, 145377705960376589843356778052388633917, 128158421725856807614557926615949143594, 230664008267846531848877293149791626711, 94549019966480959688919233343793910003]
中国剩余定理,模不互质
根据assert里的 说明这道题需要爆破
import hashlib
import gmpy2
import math
def merge(a1,n1,a2,n2):d = math.gcd(n1,n2)c = a2-a1if c%d!=0:return 0c = (c%n2+n2)%n2c = c//dn1 = n1//dn2 = n2//dc *= gmpy2.invert(n1,n2)c %= n2c *= n1*dc += a1global n3global a3n3 = n1*n2*da3 = (c%n3+n3)%n3return 1
def exCRT(a,n):a1=a[0]n1=n[0]le= len(a)for i in range(1,le):a2 = a[i]n2=n[i]if not merge(a1,n1,a2,n2):return -1a1 = a3n1 = n3global modmod=n1return (a1%n1+n1)%n1
ms = [284461942441737992421992210219060544764, 218436209063777179204189567410606431578, 288673438109933649911276214358963643204, 239232622368515797881077917549177081575, 206264514127207567149705234795160750411, 338915547568169045185589241329271490503, 246545359356590592172327146579550739141, 219686182542160835171493232381209438048]
cs = [273520784183505348818648859874365852523, 128223029008039086716133583343107528289, 5111091025406771271167772696866083419, 33462335595116820423587878784664448439, 145377705960376589843356778052388633917, 128158421725856807614557926615949143594, 230664008267846531848877293149791626711, 94549019966480959688919233343793910003]
x=exCRT(cs,ms)
flag=hashlib.sha256(str(x).encode()).hexdigest()
while "4b93deeb" not in flag:x=x+modflag = hashlib.sha256(str(x).encode()).hexdigest()
print(flag)
python代码需要声明
运行得到
fa71921acdc2a756897d6b0c7ee41a7397386de2e7cde5b6adb525414b93deeb
113.[MRCTF2020]Easy_RSA
查看题目
import sympy
from gmpy2 import gcd, invert
from random import randint
from Crypto.Util.number import getPrime, isPrime, getRandomNBitInteger, bytes_to_long, long_to_bytes
import base64from zlib import *
flag = b"MRCTF{XXXX}"
base = 65537def gen_prime(N):A = 0while 1:A = getPrime(N)if A % 8 == 5:breakreturn Adef gen_p():p = getPrime(1024)q = getPrime(1024)assert (p < q)n = p * qprint("P_n = ", n)F_n = (p - 1) * (q - 1)print("P_F_n = ", F_n)factor2 = 2021 * p + 2020 * qif factor2 < 0:factor2 = (-1) * factor2return sympy.nextprime(factor2)def gen_q():p = getPrime(1024)q = getPrime(1024)assert (p < q)n = p * qprint("Q_n = ", n)e = getRandomNBitInteger(53)F_n = (p - 1) * (q - 1)while gcd(e, F_n) != 1:e = getRandomNBitInteger(53)d = invert(e, F_n)print("Q_E_D = ", e * d)factor2 = 2021 * p - 2020 * qif factor2 < 0:factor2 = (-1) * factor2return sympy.nextprime(factor2)if __name__ == "__main__":_E = base_P = gen_p()_Q = gen_q()assert (gcd(_E, (_P - 1) * (_Q - 1)) == 1)_M = bytes_to_long(flag)_C = pow(_M, _E, _P * _Q)print("Ciphertext = ", _C)
'''
P_n = 14057332139537395701238463644827948204030576528558543283405966933509944444681257521108769303999679955371474546213196051386802936343092965202519504111238572269823072199039812208100301939365080328518578704076769147484922508482686658959347725753762078590928561862163337382463252361958145933210306431342748775024336556028267742021320891681762543660468484018686865891073110757394154024833552558863671537491089957038648328973790692356014778420333896705595252711514117478072828880198506187667924020260600124717243067420876363980538994101929437978668709128652587073901337310278665778299513763593234951137512120572797739181693
P_F_n = 14057332139537395701238463644827948204030576528558543283405966933509944444681257521108769303999679955371474546213196051386802936343092965202519504111238572269823072199039812208100301939365080328518578704076769147484922508482686658959347725753762078590928561862163337382463252361958145933210306431342748775024099427363967321110127562039879018616082926935567951378185280882426903064598376668106616694623540074057210432790309571018778281723710994930151635857933293394780142192586806292968028305922173313521186946635709194350912242693822450297748434301924950358561859804256788098033426537956252964976682327991427626735740
Q_n = 20714298338160449749545360743688018842877274054540852096459485283936802341271363766157976112525034004319938054034934880860956966585051684483662535780621673316774842614701726445870630109196016676725183412879870463432277629916669130494040403733295593655306104176367902352484367520262917943100467697540593925707162162616635533550262718808746254599456286578409187895171015796991910123804529825519519278388910483133813330902530160448972926096083990208243274548561238253002789474920730760001104048093295680593033327818821255300893423412192265814418546134015557579236219461780344469127987669565138930308525189944897421753947
Q_E_D = 100772079222298134586116156850742817855408127716962891929259868746672572602333918958075582671752493618259518286336122772703330183037221105058298653490794337885098499073583821832532798309513538383175233429533467348390389323225198805294950484802068148590902907221150968539067980432831310376368202773212266320112670699737501054831646286585142281419237572222713975646843555024731855688573834108711874406149540078253774349708158063055754932812675786123700768288048445326199880983717504538825498103789304873682191053050366806825802602658674268440844577955499368404019114913934477160428428662847012289516655310680119638600315228284298935201
Ciphertext = 40855937355228438525361161524441274634175356845950884889338630813182607485910094677909779126550263304194796000904384775495000943424070396334435810126536165332565417336797036611773382728344687175253081047586602838685027428292621557914514629024324794275772522013126464926990620140406412999485728750385876868115091735425577555027394033416643032644774339644654011686716639760512353355719065795222201167219831780961308225780478482467294410828543488412258764446494815238766185728454416691898859462532083437213793104823759147317613637881419787581920745151430394526712790608442960106537539121880514269830696341737507717448946962021
'''114.[MRCTF2020]Easy_RSA
查看题目
import sympy
from gmpy2 import gcd, invert
from random import randint
from Crypto.Util.number import getPrime, isPrime, getRandomNBitInteger, bytes_to_long, long_to_bytes
import base64from zlib import *
flag = b"MRCTF{XXXX}"
base = 65537def gen_prime(N):A = 0while 1:A = getPrime(N)if A % 8 == 5:breakreturn Adef gen_p():p = getPrime(1024)q = getPrime(1024)assert (p < q)n = p * qprint("P_n = ", n)F_n = (p - 1) * (q - 1)print("P_F_n = ", F_n)factor2 = 2021 * p + 2020 * qif factor2 < 0:factor2 = (-1) * factor2return sympy.nextprime(factor2)def gen_q():p = getPrime(1024)q = getPrime(1024)assert (p < q)n = p * qprint("Q_n = ", n)e = getRandomNBitInteger(53)F_n = (p - 1) * (q - 1)while gcd(e, F_n) != 1:e = getRandomNBitInteger(53)d = invert(e, F_n)print("Q_E_D = ", e * d)factor2 = 2021 * p - 2020 * qif factor2 < 0:factor2 = (-1) * factor2return sympy.nextprime(factor2)if __name__ == "__main__":_E = base_P = gen_p()_Q = gen_q()assert (gcd(_E, (_P - 1) * (_Q - 1)) == 1)_M = bytes_to_long(flag)_C = pow(_M, _E, _P * _Q)print("Ciphertext = ", _C)
'''
P_n = 14057332139537395701238463644827948204030576528558543283405966933509944444681257521108769303999679955371474546213196051386802936343092965202519504111238572269823072199039812208100301939365080328518578704076769147484922508482686658959347725753762078590928561862163337382463252361958145933210306431342748775024336556028267742021320891681762543660468484018686865891073110757394154024833552558863671537491089957038648328973790692356014778420333896705595252711514117478072828880198506187667924020260600124717243067420876363980538994101929437978668709128652587073901337310278665778299513763593234951137512120572797739181693
P_F_n = 14057332139537395701238463644827948204030576528558543283405966933509944444681257521108769303999679955371474546213196051386802936343092965202519504111238572269823072199039812208100301939365080328518578704076769147484922508482686658959347725753762078590928561862163337382463252361958145933210306431342748775024099427363967321110127562039879018616082926935567951378185280882426903064598376668106616694623540074057210432790309571018778281723710994930151635857933293394780142192586806292968028305922173313521186946635709194350912242693822450297748434301924950358561859804256788098033426537956252964976682327991427626735740
Q_n = 20714298338160449749545360743688018842877274054540852096459485283936802341271363766157976112525034004319938054034934880860956966585051684483662535780621673316774842614701726445870630109196016676725183412879870463432277629916669130494040403733295593655306104176367902352484367520262917943100467697540593925707162162616635533550262718808746254599456286578409187895171015796991910123804529825519519278388910483133813330902530160448972926096083990208243274548561238253002789474920730760001104048093295680593033327818821255300893423412192265814418546134015557579236219461780344469127987669565138930308525189944897421753947
Q_E_D = 100772079222298134586116156850742817855408127716962891929259868746672572602333918958075582671752493618259518286336122772703330183037221105058298653490794337885098499073583821832532798309513538383175233429533467348390389323225198805294950484802068148590902907221150968539067980432831310376368202773212266320112670699737501054831646286585142281419237572222713975646843555024731855688573834108711874406149540078253774349708158063055754932812675786123700768288048445326199880983717504538825498103789304873682191053050366806825802602658674268440844577955499368404019114913934477160428428662847012289516655310680119638600315228284298935201
Ciphertext = 40855937355228438525361161524441274634175356845950884889338630813182607485910094677909779126550263304194796000904384775495000943424070396334435810126536165332565417336797036611773382728344687175253081047586602838685027428292621557914514629024324794275772522013126464926990620140406412999485728750385876868115091735425577555027394033416643032644774339644654011686716639760512353355719065795222201167219831780961308225780478482467294410828543488412258764446494815238766185728454416691898859462532083437213793104823759147317613637881419787581920745151430394526712790608442960106537539121880514269830696341737507717448946962021
'''脚本如下
P_n = 14057332139537395701238463644827948204030576528558543283405966933509944444681257521108769303999679955371474546213196051386802936343092965202519504111238572269823072199039812208100301939365080328518578704076769147484922508482686658959347725753762078590928561862163337382463252361958145933210306431342748775024336556028267742021320891681762543660468484018686865891073110757394154024833552558863671537491089957038648328973790692356014778420333896705595252711514117478072828880198506187667924020260600124717243067420876363980538994101929437978668709128652587073901337310278665778299513763593234951137512120572797739181693
P_F_n = 14057332139537395701238463644827948204030576528558543283405966933509944444681257521108769303999679955371474546213196051386802936343092965202519504111238572269823072199039812208100301939365080328518578704076769147484922508482686658959347725753762078590928561862163337382463252361958145933210306431342748775024099427363967321110127562039879018616082926935567951378185280882426903064598376668106616694623540074057210432790309571018778281723710994930151635857933293394780142192586806292968028305922173313521186946635709194350912242693822450297748434301924950358561859804256788098033426537956252964976682327991427626735740
Q_n =20714298338160449749545360743688018842877274054540852096459485283936802341271363766157976112525034004319938054034934880860956966585051684483662535780621673316774842614701726445870630109196016676725183412879870463432277629916669130494040403733295593655306104176367902352484367520262917943100467697540593925707162162616635533550262718808746254599456286578409187895171015796991910123804529825519519278388910483133813330902530160448972926096083990208243274548561238253002789474920730760001104048093295680593033327818821255300893423412192265814418546134015557579236219461780344469127987669565138930308525189944897421753947
Q_E_D =100772079222298134586116156850742817855408127716962891929259868746672572602333918958075582671752493618259518286336122772703330183037221105058298653490794337885098499073583821832532798309513538383175233429533467348390389323225198805294950484802068148590902907221150968539067980432831310376368202773212266320112670699737501054831646286585142281419237572222713975646843555024731855688573834108711874406149540078253774349708158063055754932812675786123700768288048445326199880983717504538825498103789304873682191053050366806825802602658674268440844577955499368404019114913934477160428428662847012289516655310680119638600315228284298935201
Ciphertext = 40855937355228438525361161524441274634175356845950884889338630813182607485910094677909779126550263304194796000904384775495000943424070396334435810126536165332565417336797036611773382728344687175253081047586602838685027428292621557914514629024324794275772522013126464926990620140406412999485728750385876868115091735425577555027394033416643032644774339644654011686716639760512353355719065795222201167219831780961308225780478482467294410828543488412258764446494815238766185728454416691898859462532083437213793104823759147317613637881419787581920745151430394526712790608442960106537539121880514269830696341737507717448946962021
import gmpy2
import sympy
base = 65537
def getp(n,phi):p_q=n+1-phip_q_2=p_q**2-4*np_q_2=gmpy2.iroot(p_q_2,2)[0]q=(p_q_2+p_q)//2p = p_q - qfactor2 = 2021 * p + 2020 * qif factor2 < 0:factor2 = (-1) * factor2P = sympy.nextprime(factor2)return P
def getq(n,phi):p_q=n+1-phip_q_2=p_q**2-4*np_q_2=gmpy2.iroot(p_q_2,2)[0]q=(p_q_2+p_q)//2p = p_q - qfactor2 = 2021 * p -2020 * qif factor2 < 0:factor2 = (-1) * factor2Q = sympy.nextprime(factor2)return Q
p=getp(P_n,P_F_n)
K=((Q_E_D-1)//Q_n)+1
phi=(Q_E_D-1)//K
q=getq(Q_n,phi)
e=base
d=gmpy2.invert(e,(p-1)*(q-1))
M=gmpy2.powmod(Ciphertext,d,p*q)
import binascii
print(binascii.unhexlify(hex(M)[2:]))#b'MRCTF{Ju3t_@_31mp13_que3t10n}'115.[NPUCTF2020]EzRSA
查看题目
from gmpy2 import lcm , powmod , invert , gcd , mpz
from Crypto.Util.number import getPrime
from sympy import nextprime
from random import randint
p = getPrime(1024)
q = getPrime(1024)
n = p * q
gift = lcm(p - 1 , q - 1)
e = 54722
flag = b'NPUCTF{******************}'
m = int.from_bytes(flag , 'big')
c = powmod(m , e , n)
print('n: ' , n)
print('gift: ' , gift)
print('c: ' , c)#n: 17083941230213489700426636484487738282426471494607098847295335339638177583685457921198569105417734668692072727759139358207667248703952436680183153327606147421932365889983347282046439156176685765143620637107347870401946946501620531665573668068349080410807996582297505889946205052879002028936125315312256470583622913646319779125559691270916064588684997382451412747432722966919513413709987353038375477178385125453567111965259721484997156799355617642131569095810304077131053588483057244340742751804935494087687363416921314041547093118565767609667033859583125275322077617576783247853718516166743858265291135353895239981121
#gift: 2135492653776686212553329560560967285303308936825887355911916917454772197960682240149821138177216833586509090969892419775958406087994054585022894165950768427741545736247918410255804894522085720642952579638418483800243368312702566458196708508543635051350999572787188236243275631609875253617015664414032058822919469443284453403064076232765024248435543326597418851751586308514540124571309152787559712950209357825576896132278045112177910266019741013995106579484868768251084453338417115483515132869594712162052362083414163954681306259137057581036657441897428432575924018950961141822554251369262248368899977337886190114104
#c: 3738960639194737957667684143565005503596276451617922474669745529299929395507971435311181578387223323429323286927370576955078618335757508161263585164126047545413028829873269342924092339298957635079736446851837414357757312525158356579607212496060244403765822636515347192211817658170822313646743520831977673861869637519843133863288550058359429455052676323196728280408508614527953057214779165450356577820378810467527006377296194102671360302059901897977339728292345132827184227155061326328585640019916328847372295754472832318258636054663091475801235050657401857262960415898483713074139212596685365780269667500271108538319由于gift较大,直接遍历
得到p,q后,变形c=me %n=>c=(m2)e/2 %n(因为e和φ(n)不互质)
得到m2 后尝试直接开平方看是否默认最小值为解
gift=2135492653776686212553329560560967285303308936825887355911916917454772197960682240149821138177216833586509090969892419775958406087994054585022894165950768427741545736247918410255804894522085720642952579638418483800243368312702566458196708508543635051350999572787188236243275631609875253617015664414032058822919469443284453403064076232765024248435543326597418851751586308514540124571309152787559712950209357825576896132278045112177910266019741013995106579484868768251084453338417115483515132869594712162052362083414163954681306259137057581036657441897428432575924018950961141822554251369262248368899977337886190114104
import gmpy2
e=54722
c=3738960639194737957667684143565005503596276451617922474669745529299929395507971435311181578387223323429323286927370576955078618335757508161263585164126047545413028829873269342924092339298957635079736446851837414357757312525158356579607212496060244403765822636515347192211817658170822313646743520831977673861869637519843133863288550058359429455052676323196728280408508614527953057214779165450356577820378810467527006377296194102671360302059901897977339728292345132827184227155061326328585640019916328847372295754472832318258636054663091475801235050657401857262960415898483713074139212596685365780269667500271108538319
n=17083941230213489700426636484487738282426471494607098847295335339638177583685457921198569105417734668692072727759139358207667248703952436680183153327606147421932365889983347282046439156176685765143620637107347870401946946501620531665573668068349080410807996582297505889946205052879002028936125315312256470583622913646319779125559691270916064588684997382451412747432722966919513413709987353038375477178385125453567111965259721484997156799355617642131569095810304077131053588483057244340742751804935494087687363416921314041547093118565767609667033859583125275322077617576783247853718516166743858265291135353895239981121
for i in range(100):phi=gift*ipq=n+1-phip_q=gmpy2.iroot(pq**2-4*n,2)[0]if gmpy2.is_prime((pq+p_q)//2):p=(pq+p_q)//2q=pq-pbreak
new_e=e//2
new_d=gmpy2.invert(new_e,(p-1)*(q-1))
m_2=gmpy2.powmod(c,new_d,n)
m=gmpy2.iroot(m_2,2)[0]
import binascii
print(binascii.unhexlify(hex(m)[2:]))运行得到b'NPUCTF{diff1cult_rsa_1s_e@sy}'
116.[AFCTF2018]花开藏宝地
查看题目 一个zip压缩包一个txt
第80804238007977405688648566160504278593148666302626415149704905628622876270862865768337953835725801963142685182510812938072115996355782396318303927020705623120652014080032809421180400984242061592520733710243483947230962631945045134540159517488288781666622635328316972979183761952842010806304748313326215619695085380586052550443025074501971925005072999275628549710915357400946408857号藏宝图我把我的宝藏都藏在了那里!
那个神秘的地方!
于是我把藏宝图分成了5份,交给五位贤者让他们帮我妥善保管,并且只要搜集3份就可以获得宝藏的地址。第一位贤者将藏宝图放进时空门中说道:
“那么口令就是我的生日吧,那可是个好数字呢。”第二位贤者将藏宝图放进宝箱,【小】声念着自己的名字锁上了宝箱。第三位贤者将藏宝图施上咒语丢进大海:“只要【大】声喊出那句咒语就可以把水驱逐!”第四位贤者找了个破锁锁上了宝箱,狡黠地笑着:“谁知道它是坏的呢?”第五位贤者给藏宝图裹上了隐身衣,放入了一个匣子里据说,只有拥有【智慧】与【力量】就可以获得宝藏了呢!~
你是这样的勇者吗?
那么我们就直接爆破第一个zip的密码
过程不写了
• secret1是爆破生日数字:19260817
• secret2爆破英文字母:alice
• secret4伪加密
• secret5 ntfs隐写
得到四组x和m,题目说只要3组就行了
应该是e=3,然后共模攻击。即明文m不变,给出改变的c和n。可是如果是这样,为什么还需要提示一个大数?
而且实际运算以后,并无法得到flag
百度了一下,原来这是标准的门限秘密共享方案(threshold secret sharing scheme),简称门限方案:
http://www.matrix67.com/blog/archives/1261
假设公司董事会共五个人,每个人保存秘钥的一部分。要求三个人在场就可以拿到秘钥打开保险箱,而且保险箱打开后,无法知道到底是哪三个人提供的秘钥。
和这题提示正好对应:
于是我把藏宝图分成了5份,交给五位贤者让他们帮我妥善保管,并且只要搜集3份就可以获得宝藏的地址。
门限加密有多种方案,举个例子,三个平面能确定一个点。而有无数平面通过同一个点。
题目标题为花开,即Asmnth-Bloom方案
利用的就是中国剩余数定理,可以给出很多组n和c,满足m mod n =c,然后根据其中的几组就可以找到解,但要注意crt的有多解,只要是m+kn1n2……nn的都满足。
这题同理:
rom Crypto.Util.number import *z=80804238007977405688648566160504278593148666302626415149704905628622876270862865768337953835725801963142685182510812938072115996355782396318303927020705623120652014080032809421180400984242061592520733710243483947230962631945045134540159517488288781666622635328316972979183761952842010806304748313326215619695085380586052550443025074501971925005072999275628549710915357400946408857x5 = 230502064382947282343660159791611936696520807970361139469603458689311286041516767875903549263861950740778705012699983268093626403307298415066249636346303539570207577050391796770068203937723627361951969413683246596072925692670365490970847825269581004483964261491917680759091791653759514213188778401968676433284753781006738293752440186858616315727565803777032119737689210471541053061940547213
m5 = 347051559622463144539669950096658163425646411435797691973701513725701575100810446175849424000000075855070430240507732735393411493866540572679626172742301366146501862670272443070970511943485865887494229487420503750457974262802053722093905126235340380261828593508455621667309946361705530667957484731929151875527489478449361198648310684702574627199321092927111137398333029697068474762820822249
x4 = 100459779913520540098065407420629954816677926423356769524759072632219106155849450125185205557491138357760494272691949199099803239098119602186117878931534968435982565071570831032814288620974807498206233914826253433847572703407678712965098320122549759579566316372220959610814573945698083909575005303253205653244238542300266460559790606278310650849881421791081944960157781855164700773081375247
m4 = 347051559622463144539669950096658163425646411435797691973701513725701575100810446175849424000000075855070430240507732735393411493866540572679626172742301366146501862670272443070970511943485865887494229487420503750457974262802053722093905126235340380261828593508455621667309946361705530667957484731929151875527489478449361198648310684702574627199321092927111137398333029697068474762820820091
x2 = 152012681270682340051690627924586232702552460810030322267827401771304907469802591861912921281833890613186317787813611372838066924894691892444503039545946728621696590087591246339208248647926966446848123290344911662916758039134817404720512465817867255277476717353439505243247568126193361558042940352204093381260402400739429050280526212446967632582771424597203000629197487733610187359662268583
m2 = 347051559622463144539669950096658163425646411435797691973701513725701575100810446175849424000000075855070430240507732735393411493866540572679626172742301366146501862670272443070970511943485865887494229487420503750457974262802053722093905126235340380261828593508455621667309946361705530667957484731929151875527489478449361198648310684702574627199321092927111137398333029697068474762820818553
x2 = 152012681270682340051690627924586232702552460810030322267827401771304907469802591861912921281833890613186317787813611372838066924894691892444503039545946728621696590087591246339208248647926966446848123290344911662916758039134817404720512465817867255277476717353439505243247568126193361558042940352204093381260402400739429050280526212446967632582771424597203000629197487733610187359662268583
m2 = 347051559622463144539669950096658163425646411435797691973701513725701575100810446175849424000000075855070430240507732735393411493866540572679626172742301366146501862670272443070970511943485865887494229487420503750457974262802053722093905126235340380261828593508455621667309946361705530667957484731929151875527489478449361198648310684702574627199321092927111137398333029697068474762820818553x1 = 305345133911395218573790903508296238659147802274031796643017539011648802808763162902335644195648525375518941848430114497150082025133000033835083076541927530829557051524161069423494451667848236452337271862085346869364976989047180532167560796470067549915390773271207901537847213882479997325575278672917648417868759077150999044891099206133296336190476413164240995177077671480352739572539631359
m1 = 347051559622463144539669950096658163425646411435797691973701513725701575100810446175849424000000075855070430240507732735393411493866540572679626172742301366146501862670272443070970511943485865887494229487420503750457974262802053722093905126235340380261828593508455621667309946361705530667957484731929151875527489478449361198648310684702574627199321092927111137398333029697068474762820813413
c=[x1,x2,x4]
n=[m1,m2,m4]
a=crt(c,n)
#通过这一步来去除掉kn1n2n3的干扰,实际上这题题目中给你的就是n1*n2*n3*n4*n5.
r=a%z
print(long_to_bytes(r))
#b"A treasure map is a map that marks the location of buried treasure, a lost mine, a valuable secret or a hidden locale. So flag is afctf{1sn't_s0_int3Resting}."
117.[V&N2020 公开赛]Fast
查看题目
p = getPrime(1024)
q = getPrime(1024)
N = p * q
g, r1, r2 = [getRandomRange(1, N) for _ in range(3)]
g1 = pow(g, r1 * (p-1), N)
g2 = pow(g, r2 * (q-1), N)
def encrypt(m):s1, s2 = [getRandomRange(1, N) for _ in range(2)]c1 = (m * pow(g1, s1, N)) % Nc2 = (m * pow(g2, s2, N)) % Nreturn (c1, c2)
def decrypt(c1, c2):xp = c1 % pxq = c2 % q# Chinese Remainder Theoremm = (xp*inverse(q, p)*q + xq*inverse(p, q)*p) % Nreturn m
注意到后面给了一个解密方程,所以只需要求出p、q,放进去就可以解密。
考虑encrypt中给了c1/c2,那按逻辑来说,就是通过g1/g2的值,求p/q。带入解密,得到flag:
所以
g1- 1 = x*p
gcd(n,g1-1) == p
g2 - 1 = y*q
gcd(n,g2-1) == q
#事实上好像gcd(n,g1-1)并不一定等于p,有可能是k*p。所以先求出来,至少公因数会是n的因子
#本题正好求出是p和q
所以通过最大公约数可以求得pq。
再看encrypt:
def encrypt(m):s1, s2 = [getRandomRange(1, N) for _ in range(2)]c1 = (m * pow(g1, s1, N)) % Nc2 = (m * pow(g2, s2, N)) % Nreturn (c1, c2)
直接套用decrypt可以得到flag:
from Crypto.Util.number import *
p=gcd((g1-1),N)
q=gcd((g2-1),N)
phi=(p-1)*(q-1)
xp = c1 % p
xq = c2 % q
m = (xp*inverse_mod(q, p)*q + xq*inverse_mod(p, q)*p) % N
long_to_bytes(m)
#b'flag{1CE9514E-12AF-49BE-B002-6A3D7E6078FA}\x00\x0bob\xf8
118.[BJDCTF2020]伏羲六十四卦
查看题目
from secret import flagdef encrpyt5():enc=''for i in flag:enc+=chr((a*(ord(i)-97)+b)%26+97)return(enc)def encrypt4():temp=''offset=5for i in range(len(enc)):temp+=chr(ord(enc[i])-offset-i)return(temp)
这是什么,怎么看起来像是再算64卦!!!密文:升随临损巽睽颐萃小过讼艮颐小过震蛊屯未济中孚艮困恒晋升损蛊萃蛊未济巽解艮贲未济观豫损蛊晋噬嗑晋旅解大畜困未济随蒙升解睽未济井困未济旅萃未济震蒙未济师涣归妹大有嗯?为什么还有个b呢?
b=7flag:请按照格式BJD{}
脚本如下
def decrypt4(enc):temp=''offset=5for i in range(len(enc)):temp+=chr(ord(enc[i])+offset+i)return temp
def decrypt5(flag):for a in range(1,200):enc = ''for i in flag:for k in range(200):if (ord(i) - 97 - 7+26*k)%a==0:enc+= chr((ord(i) - 97 - 7 + 26 * k) // a + 97)breakprint(enc)s='升随临损巽睽颐萃小过讼艮颐小过震蛊屯未济中孚艮困恒晋升损蛊萃蛊未济巽解艮贲未济观豫损蛊晋噬嗑晋旅解大畜困未济随蒙升解睽未济井困未济旅萃未济震蒙未济师涣归妹大有'
dic={'坤': '000000', '剥': '000001', '比': '000010', '观': '000011', '豫': '000100', '晋': '000101', '萃': '000110', '否': '000111', '谦': '001000', '艮': '001001', '蹇': '001010', '渐': '001011', '小过': '001100', '旅': '001101', '咸': '001110', '遁': '001111', '师': '010000', '蒙': '010001', '坎': '010010', '涣': '010011', '解': '010100', '未济': '010101', '困': '010110', '讼': '010111', '升': '011000', '蛊': '011001', '井': '011010', '巽': '011011', '恒': '011100', '鼎': '011101', '大过': '011110', '姤': '011111', '复': '100000', '颐': '100001', '屯': '100010', '益': '100011', '震': '100100', '噬嗑': '100101', '随': '100110', '无妄': '100111', '明夷': '101000', '贲': '101001', '既济': '101010', '家人': '101011', '丰': '101100', '离': '101101', '革': '101110', '同人': '101111', '临': '110000', '损': '110001', '节': '110010', '中孚': '110011', '归妹': '110100', '睽': '110101', '兑': '110110', '履': '110111', '泰': '111000', '大畜': '111001', '需': '111010', '小畜': '111011', '大壮': '111100', '大有': '111101', '夬': '111110', '乾': '111111'}
li=[]
k=0
for i in range(len(s)):if k ==1:k=0continuetry:li.append(dic[s[i]])except:t=''t=t+s[i]+s[i+1]li.append(dic[t])k=1
ss=''.join(li)
print(ss)
enc=''
for i in range(0,len(ss),8):enc+=chr(eval('0b'+ss[i:i+8]))
import base64
print(enc)
x=base64.b64decode(enc).decode()
print(x)
x=decrypt4(x)
x=decrypt5(x)运行得到
flag包裹提交即可
119.[ACTF新生赛2020]crypto-aes
查看题目91144196586662942563895769614300232343026691029427747065707381728622849079757 b'\x8c-\xcd\xde\xa7\xe9\x7f.b\x8aKs\xf1\xba\xc75\xc4d\x13\x07\xac\xa4&\xd6\x91\xfe\xf3\x14\x10|\xf8p'
from Cryptodome.Cipher import AES
import os
import gmpy2
from flag import FLAG
from Cryptodome.Util.number import *def main():key=os.urandom(2)*16iv=os.urandom(16)print(bytes_to_long(key)^bytes_to_long(iv))aes=AES.new(key,AES.MODE_CBC,iv)enc_flag = aes.encrypt(FLAG)print(enc_flag)
if __name__=="__main__":main()
key是两个字节不断重复得到的,因此结合输出的与iv向量的异或值很容易的到key和iv
脚本如下
key_iv=91144196586662942563895769614300232343026691029427747065707381728622849079757
flag_encrypt=b'\x8c-\xcd\xde\xa7\xe9\x7f.b\x8aKs\xf1\xba\xc75\xc4d\x13\x07\xac\xa4&\xd6\x91\xfe\xf3\x14\x10|\xf8p'
#print(hex(key_iv))
key=hex(key_iv)[2:6]*16
iv=key_iv^eval('0x'+key)
import Crypto.Util.number
iv=Crypto.Util.number.long_to_bytes(iv)
key=Crypto.Util.number.long_to_bytes(eval('0x'+key))
import Crypto.Cipher.AES
decrypt=Crypto.Cipher.AES.new(key,Crypto.Cipher.AES.MODE_CBC,iv)
print(decrypt.decrypt(flag_encrypt))
运行得到b'actf{W0W_y0u_can_so1v3_AES_now!}'
120.[NCTF2019]Sore
查看题目
91144196586662942563895769614300232343026691029427747065707381728622849079757
b'\x8c-\xcd\xde\xa7\xe9\x7f.b\x8aKs\xf1\xba\xc75\xc4d\x13\x07\xac\xa4&\xd6\x91\xfe\xf3\x14\x10|\xf8p'
from Cryptodome.Cipher import AES
import os
import gmpy2
from flag import FLAG
from Cryptodome.Util.number import *def main():key=os.urandom(2)*16iv=os.urandom(16)print(bytes_to_long(key)^bytes_to_long(iv))aes=AES.new(key,AES.MODE_CBC,iv)enc_flag = aes.encrypt(FLAG)print(enc_flag)
if __name__=="__main__":main()加密脚本看起来很简单,就是一个普通的移位替换加密(有点类型维吉尼亚密码),但是题目的难点是没有key(key就是要求的flag).
在没有key的情况下要破解密文要经过3个阶段(通过概率分析明文)
Kasiski 实验
重合指数攻击
字母频率分析
其中Kasiski实验通过查找相同的子串(3个字符以上)来猜测可能的key的长度.
比如两个相同的子串的距离相差8位,那么key的长度应该为8的因子,这样当我们有足够多的数据时就可以基本确定key的长度了.
重合指数攻击
重合指数CI
key_iv=91144196586662942563895769614300232343026691029427747065707381728622849079757
flag_encrypt=b'\x8c-\xcd\xde\xa7\xe9\x7f.b\x8aKs\xf1\xba\xc75\xc4d\x13\x07\xac\xa4&\xd6\x91\xfe\xf3\x14\x10|\xf8p'
#print(hex(key_iv))
#key_iv= 0xc981c981c981c981c981c981c981c9814eed98e380b1356763849930c850b9cd
key=hex(key_iv)[2:6]*16
#print(key)
#key=c981c981c981c981c981c981c981c981c981c981c981c981c981c981c981c981
iv=key_iv^eval('0x'+key)
#print(iv)
#iv=180008198153874854856760470039650463820
import Crypto.Util.number
iv=Crypto.Util.number.long_to_bytes(iv)
#print(iv)
#iv=\x87lQbI0\xfc\xe6\xaa\x05P\xb1\x01\xd1pL
key=Crypto.Util.number.long_to_bytes(eval('0x'+key))
#print(key)
#key=\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81\xc9\x81'
import Crypto.Cipher.AES
decrypt=Crypto.Cipher.AES.new(key,Crypto.Cipher.AES.MODE_CBC,iv)
print(decrypt.decrypt(flag_encrypt))
#运行得到b'actf{W0W_y0u_can_so1v3_AES_now!}‘
[buuctf] crypto全解——85-120(不建议直接抄flag)相关推荐
- [buuctf] crypto全解——前84道(不建议直接抄flag)
buuctf crypto 1.MD5 2.Url编码 3.一眼就解密 4.看我回旋踢 5.摩丝 6.[BJDCTF 2nd]签到-y1ng 7.password 8.变异凯撒 9.Quoted-pr ...
- LiTCTF by lingfeng - (crypto全解)
LiTCTF by lingfeng - (crypto全解) 因为这两天有事/(ㄒoㄒ)/~~,错过了litctf的比赛时间,只能现在复现一下密码题了(;´༎ຶД༎ຶ`) 梦想是红色的 (初级) 社 ...
- DASCTF Apr.2023 Crypto 全解
目录 [简单]sign1n [中等]ECC? [困难]babyhash [困难]babyhash_revenge [简单]sign1n from Crypto.Util.number import * ...
- 上海市大学生CTF(华东杯CTF) Crypto 全解
Crypto 文章目录 Crypto bird dirty_flag Twice RSA_like crackme bird 什么鸟??? google搜一下bird cipher就找到了 在线解密 ...
- 跨行合并居中html标记语言,[前端Web]HTML语法最全解-建议收藏
原标题:[前端Web]HTML语法最全解-建议收藏 1. 标签全解 1.1 文件标记 作用:文档声明标签.定义该文档是html5的文档,位于标签前面 详解: HTML总共有很多的版本,那么浏览器怎么知 ...
- 箱线图怎么看_K线的48种不同类型全解(建议收藏),教你怎么看懂K线图
ID:K线助手 来源:公众号 链接:K线的48种不同类型全解(建议收藏),教你怎么看懂K线图 中国起步较晚,1990年我国股市开市时直接起用了K线,但对K线的研究.使用一直局限于日本人的研究成果,主要 ...
- 【HTML5】 Audio/Video全解(集合贴)
[HTML5] Audio/Video全解(集合贴) 2015-03-17 chenh_doc 目录[-] 一.标签解读 二.Media对象方法和属性 三.Media JS事件 四.浏览器对音视频格 ...
- Echarts数据可视化全解注释
全栈工程师开发手册 (作者:栾鹏) github地址:https://github.com/626626cdllp/echarts Echarts数据可视化开发代码注释全解 Echarts数据可视化开 ...
- 计算机在化学化工中的应用ppt绪论,化工原理_01概述全解课件.ppt
<化工原理_01概述全解课件.ppt>由会员分享,提供在线免费全文阅读可下载,此文档格式为ppt,更多相关<化工原理_01概述全解课件.ppt>文档请在天天文库搜索. 1.化工 ...
- 基于ANSYS 2019R1全解一款双吸泵的双向流固耦合方法
作者:李雷 一.导读 对于旋转机械来说,传统设计从理论计算到手工木模图,再到模型泵的加工制造,最后进行相关性能试验.当性能试验与预期效果差距较大的时候还需要修改水力模型.这种传统的设计不仅设计周期长, ...
最新文章
- SpringMVC深度探险 —— SpringMVC核心配置文件详解
- java 泛型详解-绝对是对泛型方法讲解最详细的,没有之一,大厂 HR 如何面试
- JQuery 基础:4.JQuery对象
- python求最大回文数_python最长回文串算法
- STM32F429HAL库时钟系统学习笔记
- JMS-activeMq点对点模式
- 阿里弹性云手机正式公测
- 盘点俄罗斯大神写的几款软件,你用过几个?最后1个是我的童年
- mysql 授权_MySQL的授权
- blob类型视频测试(blob加密视频源地址)
- Mac/MacBookPro解决系统升级后运行卡顿问题(非配置问题)
- 公司工作流程开发培训
- 微信小程序简易评分样式
- UG NX2007调出Drill钻孔命令的方法
- 考研证件照不能戴眼镜,不能PS,要求素颜审核非常严?
- 远程桌面连接不上是什么原因?怎么解决
- 哈佛参考文献注释体系与学术规范
- 智能基座昇腾高校行 | 昇思MindSpore携手清华大学共同培养新时代科技人才
- leetcode:范围求和 II(用点脑子)
- 【AI视野·今日NLP 自然语言处理论文速览 第三十一期】Fri, 15 Apr 2022