[CTF] BUUCTFCrypto partial solution (continuously updated)

Crypto 1

Restoration Master
Buddha said: Only four days

Restoration Master

topic

We got a mysterious string: TASC?O3RJMV?WDJKX?ZM. The question mark part is an unknown capital letter. In order to determine this mysterious string, we obtained the 32-bit MD5 code of this string through other means. But the 32-bit MD5 code we obtained is also incomplete, E903???4DAB???08???51?80??8A?, please guess the original appearance of the mysterious string and submit the 32 MD5 code as the answer. Note: Please include flag{} in the obtained flag and submit it.

Problem-solving ideas

The question indicates that the unknown question mark part of the mysterious string is a capital letter. We can replace each position with a possible letter (a total of 26 26 26 possible results), calculate the MD5 encrypted value, and compare it with the MD5 given in the question.

Problem solving script

import hashlib

s = "TASC?O3RJMV?WDJKX?ZM"
s_md5 = "E903???4DAB????08?????51?80??8A?"
for i in range(26):
    # 替换第一个？
    s1 = s.replace("?", chr(65 + i), 1)
    for j in range(26):
        # 替换第二个 ？
        s2 = s1.replace("?", chr(65 + j), 1)
        for k in range(26):
            # 替换第三个 ？
            s3 = s2.replace("?", chr(65 + k), 1)
            # 将替换后的字符串进行MD5加密
            c = hashlib.md5(s3.encode("utf-8")).hexdigest().upper()
            if c.startswith(s_md5[0:4]):
                 print("flag{" + c + "}")

operation result

flag{
    
    E9032994DABAC08080091151380478A2}

Note:

 c = hashlib.md5(s3.encode("utf-8")).hexdigest().upper()

• When using hashlib to calculate the md5 value, the string needs to be converted to byte type first, and then its md5 value is calculated.
• The hexdigest function is a method of the md5 function in the hashlib library, which is used to convert the binary data calculated by the md5 function into a hexadecimal string.
  The idea comes from the original link of the boss
  

[WUSTCTF2020] Buddha said: Only four days

topic

Title description: The Bible is divided into the "Old Testament" and the "New Testament"
Title: Zun is solitude, cultivate my kalpa, cultivate like a Po, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a, a. Si Yuan Po Mo Li Suo Jia Mo Hum Ji Sai Yuan Xiu Mantra Zhuang Bo Ha Nan Shou Zhi Monk Ruo Ji Yi Ji Mika Xu Se Sha Luo Mantra Di Ruo Tuo Nan Hui Minyi Luo Bo Ruo Jie Miss Duo Curse Sai Li Mibo Duo Zha Hui heard and recited Mi Zhu's splendid truth mantra Tuo Luo Zha Lu Di Bo Li Zi Po Di 嚩 A Dou Xuan Luo Hung Se Bo Na Zhu Jie Po Po Zha Che Bo 喼 Min Mi Zun Ji Se Bo 嘚 Cha Dou A Po Ruo When Panshou hears the words, he immediately thinks of Ruo Xuan Kong Tuo, Shoumei, and he is also silent, monk Jase, Zhuangshou, humduo, venerable monk, sings, sings, and lives. Kong Zha is also muttering and color is dou Duo He is also attached to Kong Cha. Heshou color mantra Doumo Bamadhi Kalpa Zhutuo Jishou Suo Bo Zha heard such as Hema Shou Xuan Zha Mi Ji Chi Mi La Kalpa Gabo Suo Mocha Shou Bo Shou Jie Xiu Haru Chi La Sa Se Shou Sa Shou Xiu Chai Yichai is the longevity monk, Kale Jimiyan, I am like an emptiness, and my mind is descending like a heart. My wish is that my heart will be long and my heart will be long and my heart will be murmuring like a mantra, and my life will be long and my life will be long.
Hint:

1. Although it is not environmentally friendly, hints seem to be disposable and have no use value once obtained.

2. Caesar is not the last step, by the way, why is Caesar called Caesar?

Problem-solving ideas

The question routine is a bit deep, so you really need to think about the question carefully.

1. Understand the true meaning of Buddha

All the questions are Buddhist, try to use Buddhist encryption

2. Encryption of socialist values

The results obtained are all content related to socialist values. When I asked Du Niang, she did have socialist core values ​​encrypted

3. Fence encryption.
Through doyouknowfence, you can know that you need to decrypt the fence password.

4. Caesar Encryption AND Base32
Similarly, when you see doyoukonwCaesar , you know that you need to decrypt the Caesar cipher , and with the help of Hint, you can know that Caesar encryption is not the last step. Observe the previous strings, they are all capital letters and numbers 2-7, make a blind guess Wave Base32
problem solving script:

import base64


def caesarCrack(c, n):
    alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    c = c.upper()
    m = ""
    for i in c:
        index = alpha.find(i)
        if index != -1:
            index = (index + n) % 26
            m += alpha[index]
        else:
            m += i
    return m


if __name__ == '__main__':
    c = "R5UALCUVJDCGD63RQISZTBOSO54JVBORP5SAT2OEQCWY6CGEO53Z67L"
    # 用'='填充字符串使其长度为8的倍数, 方便后序进行Base32解密
    lenPadding = 8 - (len(c) % 8)
    c += lenPadding * "="
    for i in range(1, 26):
        ca = caesarCrack(c, i)
        m = base64.b32decode(ca)
        try:
            m = m.decode()
            print(m)
        except UnicodeDecodeError:
            continue

result

wctf2020{
    
    ni_hao_xiang_xiang_da_wo}

It can be seen that FLAG IS flag{ni_hao_xiang_xiang_da_wo}

Thinking about the topic

1. Buddha said: It can only last four days . At first, the author thought that four encryption methods were used, but in the actual process, five were used. So what exactly does four days mean?
2. The Bible is divided into the "Old Testament" and the "New Testament" . It can be seen that before using the barrier cipher and the Caesar cipher to decrypt, doyoukonwxxxx was deleted . This probably refers to "old and new".
3. Seeing that wp is so smooth sailing, in fact, the author has made various attempts, and my mood is just as the flag said.