BUUCTF 部分wp

其他 2020-01-22 23:17:32 阅读次数: 0

目录

Buuctf

crypto
0x01传感器

提示是曼联,猜测为曼彻斯特密码

wp:https://www.xmsec.cc/manchester-encode/

cipher:

5555555595555A65556AA696AA6666666955

cipher='5555555595555A65556AA696AA6666666955'
def iee(cipher):
    tmp=''
    for i in range(len(cipher)):
        a=bin(eval('0x'+cipher[i]))[2:].zfill(4)
        tmp=tmp+a[1]+a[3]
        print(tmp)
    plain=[hex(int(tmp[i:i+8][::-1],2))[2:] for i in range(0,len(tmp),8)]           print(''.join(plain).upper())

iee(cipher)

要注意的是,这个编码是iee格式的曼彻斯特编码,还有就是得到二进制要8位一组,翻过来(reverse)

Flag:flag{FFFFFED31F645055F9}

坏蛋是罗宾

rabina加密

pk是公钥,可以分解成p和q。分解后,看4个解的二进制形式,找到末尾位110001的,去掉后,转为十进制,求md5

exp:

from hashlib import md5

def EX_GCD(a, b, arr):
    if b == 0:
        arr[0] = 1
        arr[1] = 0
        return a
    g = EX_GCD(b, a % b, arr)
    t = arr[0]
    arr[0] = arr[1]
    arr[1] = t - int(a // b) * arr[1]
    return g


def ModReverse(a, n):
    arr = [
        0,
        1,
    ]
    gcd = EX_GCD(a, n, arr)
    if gcd == 1:
        return (arr[0] % n + n) % n
    else:
        return -1


def decrypt_rabin(c, p, q):
    n = p * q
    m1 = pow(c, (p + 1) / 4, p)
    m2 = (-m1) % p
    m3 = pow(c, (q + 1) / 4, q)
    m4 = (-m3) % q
    a = q * ModReverse(q, p)
    b = p * ModReverse(p, q)
    M1 = (a * m1 + b * m3)%n
    M2 = (a * m1 + b * m4)%n
    M3 = (a * m2 + b * m3)%n
    M4 = (a * m2 + b * m4)%n
    print(bin(M1),bin(M2),bin(M3),bin(M4))

c = 162853095
p = 10663
q = 49123
c=c+p*q
decrypt_rabin(c, p, q)
flag=0b10010011100100100101010
print('flag{'+md5(str(flag)).hexdigest()+'}')

Flag:flag{ca5cec442b2734735406d78c88e90f35}

扫描二维码关注公众号,回复: 8784625 查看本文章
Enterprogame

伪代码,半猜半试,密钥给了,重复一下加密就出来了

Exp:

key='whoami'
s=[]
t=[]
d=0
f=open('file.txt','rb')
cipher=f.read()
for i in range(256):
    s.append(i)
    t.append(ord(key[i%6]))
j=0
for i in range(256):
    j=(j+s[i]+t[i])%256
    s[i],s[j]=s[j],s[i]
i=0
j=0
plain=[]
for m in range(38):
    i=(i+1)%256
    j=(j+s[i])%256
    s[i],s[j]=s[j],s[i]
    x=((s[i]+(s[j]%256))%256)
    plain.append(chr(cipher[m]^s[x]))
print(eval(''.join(plain)))
[GXYCTF2019]CheckIn

这题又让我得知一种偏门的编码Rot47

先base64解码,得到一串密文,再一个rot47就可以了

https://www.qqxiuzi.cn/bianma/ROT5-13-18-47.php

[HDCTF2019bbbbbabyrsa]

这题只要让我学到python的异常处理

题目:

from base64 import b64encode as b32encode
from gmpy2 import invert,gcd,iroot
from Crypto.Util.number import *
from binascii import a2b_hex,b2a_hex
import random

flag = "******************************"

nbit = 128

p = getPrime(nbit)
q = getPrime(nbit)
n = p*q

print p
print n

phi = (p-1)*(q-1)

e = random.randint(50000,70000)

while True:
        if gcd(e,phi) == 1:
                break;
        else:
                e -= 1;

c = pow(int(b2a_hex(flag),16),e,n)

print b32encode(str(c))[::-1]

ps:这个b32encode还可以再假点?

爆破e是关键

Exp:

import gmpy2
from Crypto.Util.number import *
from base64 import b64decode
from string import printable
def check(m1):
    i=1
    try:
        m=m1.decode()
    except UnicodeDecodeError:
        return 0
    else:
        for j in m:
            if j in printable:
                continue
            else:
                i=0
                break
        return i


p = 177077389675257695042507998165006460849
n = 37421829509887796274897162249367329400988647145613325367337968063341372726061
c = '==gMzYDNzIjMxUTNyIzNzIjMyYTM4MDM0gTMwEjNzgTM2UTN4cjNwIjN2QzM5ADMwIDNyMTO4UzM2cTM5kDN2MTOyUTO5YDM0czM3MjM'[::-1]

cipher=eval(b64decode(c))
q=n//p

phi=(p-1)*(q-1)

e_list=[]
for i in range(50001,70000,2):
    if gmpy2.gcd(i,phi)==1:
        e_list.append(i)
for i in e_list:
    d=gmpy2.invert(i,phi)
    m=long_to_bytes(pow(cipher,d,n))
    if check(m)==1:
        print(m)

check m是不是都是可见字符的时候,python的bytes和str之间的转换问题。不是可见字符转成str会有一个报错,就引入了python的异常处理,try语句写法

flag:flag{rs4_1s_s1mpl3!#}

[RoarCTF2019]babyRSA

题目:

import sympy
import random

def myGetPrime():
    A= getPrime(513)
    print(A)
    B=A-random.randint(1e3,1e5)
    print(B)
    return sympy.nextPrime((B!)%A)
p=myGetPrime()
#A1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467234407
#B1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467140596

q=myGetPrime()
#A2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858418927
#B2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858351026

r=myGetPrime()

n=p*q*r
#n=85492663786275292159831603391083876175149354309327673008716627650718160585639723100793347534649628330416631255660901307533909900431413447524262332232659153047067908693481947121069070451562822417357656432171870951184673132554213690123308042697361969986360375060954702920656364144154145812838558365334172935931441424096270206140691814662318562696925767991937369782627908408239087358033165410020690152067715711112732252038588432896758405898709010342467882264362733
c=pow(flag,e,n)
#e=0x1001
#c=75700883021669577739329316795450706204502635802310731477156998834710820770245219468703245302009998932067080383977560299708060476222089630209972629755965140317526034680452483360917378812244365884527186056341888615564335560765053550155758362271622330017433403027261127561225585912484777829588501213961110690451987625502701331485141639684356427316905122995759825241133872734362716041819819948645662803292418802204430874521342108413623635150475963121220095236776428
#so,what is the flag?

注意的事B!不是什么运算,是表示b的阶乘

威尔逊定理\((p-1)!\equiv-1\bmod p\)
关键步骤就是运用威尔逊定理

\(b=a-x\)
\((a-x)!\odct(a-x+1)*(a-x+2)*…(a-1)\equiv-1\bmod a\)

连乘b+1到a-1为止,并求逆。得到-b!,b!=a-b!

Exp:

import gmpy2
from Crypto.Util.number import long_to_bytes
A1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467234407
B1=21856963452461630437348278434191434000066076750419027493852463513469865262064340836613831066602300959772632397773487317560339056658299954464169264467140596

A2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858418927
B2=16466113115839228119767887899308820025749260933863446888224167169857612178664139545726340867406790754560227516013796269941438076818194617030304851858351026

n=85492663786275292159831603391083876175149354309327673008716627650718160585639723100793347534649628330416631255660901307533909900431413447524262332232659153047067908693481947121069070451562822417357656432171870951184673132554213690123308042697361969986360375060954702920656364144154145812838558365334172935931441424096270206140691814662318562696925767991937369782627908408239087358033165410020690152067715711112732252038588432896758405898709010342467882264362733

e=0x1001
c=75700883021669577739329316795450706204502635802310731477156998834710820770245219468703245302009998932067080383977560299708060476222089630209972629755965140317526034680452483360917378812244365884527186056341888615564335560765053550155758362271622330017433403027261127561225585912484777829588501213961110690451987625502701331485141639684356427316905122995759825241133872734362716041819819948645662803292418802204430874521342108413623635150475963121220095236776428

def wilison(b,a):
    p=1
    b=b+1
    while b<a:
        p*=b
        p%=a
        b+=1
    return a-p

p=gmpy2.next_prime(gmpy2.invert(wilison(B1,A1),A1))
q=gmpy2.next_prime(gmpy2.invert(wilison(B2,A2),A2))

r=n//q//p
phi=(p-1)*(q-1)*(r-1)
d=gmpy2.invert(e,phi)
m=gmpy2.powmod(c,d,n)
print(long_to_bytes(m))
[NCTF2019]childRSA

题目:


from random import choice
from Crypto.Util.number import isPrime, sieve_base as primes
from flag import flag


def getPrime(bits):
    while True:
        n = 2
        while n.bit_length() < bits:
            n *= choice(primes)
        if isPrime(n + 1):
            return n + 1

e = 0x10001
m = int.from_bytes(flag.encode(), 'big')
p, q = [getPrime(2048) for _ in range(2)]
n = p * q
c = pow(m, e, n)

# n = 32849718197337581823002243717057659218502519004386996660885100592872201948834155543125924395614928962750579667346279456710633774501407292473006312537723894221717638059058796679686953564471994009285384798450493756900459225040360430847240975678450171551048783818642467506711424027848778367427338647282428667393241157151675410661015044633282064056800913282016363415202171926089293431012379261585078566301060173689328363696699811123592090204578098276704877408688525618732848817623879899628629300385790344366046641825507767709276622692835393219811283244303899850483748651722336996164724553364097066493953127153066970594638491950199605713033004684970381605908909693802373826516622872100822213645899846325022476318425889580091613323747640467299866189070780620292627043349618839126919699862580579994887507733838561768581933029077488033326056066378869170169389819542928899483936705521710423905128732013121538495096959944889076705471928490092476616709838980562233255542325528398956185421193665359897664110835645928646616337700617883946369110702443135980068553511927115723157704586595844927607636003501038871748639417378062348085980873502535098755568810971926925447913858894180171498580131088992227637341857123607600275137768132347158657063692388249513
# c = 26308018356739853895382240109968894175166731283702927002165268998773708335216338997058314157717147131083296551313334042509806229853341488461087009955203854253313827608275460592785607739091992591431080342664081962030557042784864074533380701014585315663218783130162376176094773010478159362434331787279303302718098735574605469803801873109982473258207444342330633191849040553550708886593340770753064322410889048135425025715982196600650740987076486540674090923181664281515197679745907830107684777248532278645343716263686014941081417914622724906314960249945105011301731247324601620886782967217339340393853616450077105125391982689986178342417223392217085276465471102737594719932347242482670320801063191869471318313514407997326350065187904154229557706351355052446027159972546737213451422978211055778164578782156428466626894026103053360431281644645515155471301826844754338802352846095293421718249819728205538534652212984831283642472071669494851823123552827380737798609829706225744376667082534026874483482483127491533474306552210039386256062116345785870668331513725792053302188276682550672663353937781055621860101624242216671635824311412793495965628876036344731733142759495348248970313655381407241457118743532311394697763283681852908564387282605279108%

先讲非预期解

从加密过程中素数生成中可以看出p,q应该很接近,此时可以尝试yafu分解大素数

但是命令行模式下无法输入太长,我们新建一个n.txt,在里面写入n的值,注意最后要加换行!然后用在命令行用命令yafu-x64.exe "factor(@)" -batchfile n.txt。然后几秒钟后就得到了pq的值。

猜你喜欢

转载自www.cnblogs.com/militray-axe/p/militray_axe.html
今日推荐
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
LFOSSA 源来如此公开课 | 掌握云原生未来:CNCF 认证全面攻略与备考秘籍
国产云输入法——仅华为无云端数据上传安全问题
开源日报 | 工业开源项目OGG 1.0;姐姐,你要和我一起配置火狐吗;苹果AI遥遥落后?Fedora 40
开放签电子签章:停止新增,优化体验,前进更进(五一假期前工作)
开源日报 | 中学生开源前端动画引擎;全球首个Llama3 8B中文版开源模型;联想电脑恐出局;Linus讽刺AI炒作
周排行
浏览器对同一域名进行请求的最大并发连接数
React Hook之自定义Hook
【转】MyBatis缓存机制
-Java-泛型
自动化测试常用脚本-发送邮件
LeetCode#859: Buddy Strings
java、Python处理字符串
第二篇の博客
Hadoop伪分布式环境安装
SQL Server进阶(十一)临时表、表变量
每日归档
更多
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)
2024-04-23(26)
2024-04-22(39)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022