CRYPTO小小数学家

1、题目信息

查看代码
19+49=?96-31=?86-3=?20+47=?29+55=?35+35=?81+42=?73-16=?52+48=?0+56=?55-6=?69-20=?99-48=?100-52=?36+13=?32+13=?84-34=?90-34=?94-45=?85+13=?50-5=?55-3=?77+25=?87-35=?62+35=?88-43=?86-30=?90+10=?66-17=?34+63=?51-6=?22+76=?46+5=?45+11=?20+78=?56+45=?99/1=?47+52=?58+44=?76-26=?92-42=?12+44=?80-27=?5*25=?

2、解题方法

这种一看就是计算结果然后结果ASCII组成flag,可以试一下第一个,结果68,对应ASCII正好是D,因此想法正确

exp:

results = []# 计算每个算式的结果expressions = [  "19+49",  "96-31",  "86-3",  "20+47",  "29+55",  "35+35",  "81+42",  "73-16",  "52+48",  "0+56",  "55-6",  "69-20",  "99-48",  "100-52",  "36+13",  "32+13",  "84-34",  "90-34",  "94-45",  "85+13",  "50-5",  "55-3",  "77+25",  "87-35",  "62+35",  "88-43",  "86-30",  "90+10",  "66-17",  "34+63",  "51-6",  "22+76",  "46+5",  "45+11",  "20+78",  "56+45",  "99/1",  "47+52",  "58+44",  "76-26",  "92-42",  "12+44",  "80-27",  "5*25"]for expr in expressions:    result = eval(expr) # 计算算式结果    results.append(result) # 将结果添加到结果列表中print(results)# 输入的整数列表numbers = [68, 65, 83, 67, 84, 70, 123, 57, 100, 56, 49, 49, 51, 48, 49, 45, 50, 56, 49, 98, 45, 52, 102, 52, 97, 45, 56, 100, 49, 97, 45, 98, 51, 56, 98, 101, 99.0, 99, 102, 50, 50, 56, 53, 125]# 将每个数字转换为ASCII字符ascii_list = [chr(int(num)) for num in numbers]# 输出ASCII字符列表print(ascii_list)#['D', 'A', 'S', 'C', 'T', 'F', '{', '9', 'd', '8', '1', '1', '3', '0', '1', '-', '2', '8', '1', 'b', '-', '4', 'f', '4', 'a', '-', '8', 'd', '1', 'a', '-', 'b', '3', '8', 'b', 'e', 'c', 'c', 'f', '2', '2', '8', '5', '}']list = ['D', 'A', 'S', 'C', 'T', 'F', '{', '9', 'd', '8', '1', '1', '3', '0', '1', '-', '2', '8', '1', 'b', '-', '4', 'f', '4', 'a', '-', '8', 'd', '1', 'a', '-', 'b', '3', '8', 'b', 'e', 'c', 'c', 'f', '2', '2', '8', '5', '}']flag = ''.join(list)print(flag)#DASCTF{9d811301-281b-4f4a-8d1a-b38beccf2285}

基础数论

1、附件信息

from secret import x,yfrom hashlib import md5from sympy import isprime,nextprimep = x**2 + y**2assert isprime(p) and x*y > 0print(p)flag = 'DASCTF{'+md5(str(x+y).encode()).hexdigest()+"}"#173178061442550241596295506150572803829268102881297542445649200353047297914764783385643705889370567071577408829104128703765633248277722687055281420899564198724968491216409225857070531370724352556864154450614891750313803499101686782558259953244119778256806332589612663957000269869144555485216828399422391672121

2、解题方法

根据代码部分可知也就是求:p2 + q2 =n

利用sage里方法two_squares来求解。

参考:https://wstein.org/edu/2007/spring/ent/ent-html/node75.html

exp:

#sage#import hashlibfrom hashlib import md5p = 173178061442550241596295506150572803829268102881297542445649200353047297914764783385643705889370567071577408829104128703765633248277722687055281420899564198724968491216409225857070531370724352556864154450614891750313803499101686782558259953244119778256806332589612663957000269869144555485216828399422391672121x,y = (two_squares(p))print(x,y)flag = 'DASCTF{'+md5(str(x+y).encode()).hexdigest()+"}"print(flag)#2124080185874205807105261594884049506071023711463225511583343733907861918114771262515207146329816119356450361177578637163739714518747645791197729692842795 12987160767716970127272498846249389966243604043045970877384806399031879779694511338759174534221141662365315103597141408214751747758739021312936535825747936#DASCTF{8ef20a4873c5ec776dd34bf5f0eb56cf}

EC_Party-III

1、附件信息

查看代码
import osimport randomfrom Crypto.Util.number import *from secret import flagassert flag[:7]==b'DASCTF{' and flag[-1:]==b'}'flag = flag[7:-1]m = bytes_to_long(flag)def magic_rsa(m):    p = getPrime(384)    q = getPrime(384)    Fp = GF(p)    Fq = GF(q)    n = p*q    d = getPrime(80)    a = random.randint(0, p-1)    b = random.randint(0, p-1)        Ep = EllipticCurve(Zmod(p), [a, b])    Eq = EllipticCurve(Zmod(q), [a, b])    En = EllipticCurve(Zmod(n), [a, b])    ord_p = Ep.order()    ord_q = Eq.order()    e = inverse_mod(d, ord_p*ord_q)    xm = bytes_to_long(m+os.urandom(16))    while True:        try:            Gp = Ep.lift_x(Fp(xm))            Gq = Eq.lift_x(Fq(xm))            ym = crt([int(Gp.xy()[1]),int(Gq.xy()[1])],[p,q])            break        except :            xm += 1            continue               M = En((xm,ym))    C = e*M    pk = [a, b, n, e, C.xy()]    return pkprint(magic_rsa(flag))"""[10517482889776460226798449006280081167663671198448544453304563030553066300585088657159799516828057458092448853052920, 10402402380108575947733278581108880071660185906203575453837669489513650182676772750843558327746184945922314875098996, 452239510514900186933709062848646640558105660312444312121851933676754687850508865659206624803226663304812888272594694285123823218948165607478144589871322148031514596122654196640778853480169180864412134209693877604844174450602155353, 137939931394124279393027766586199451754893501053862574760060288577053514723631473985259186063729745515767167268309839903521149677958518517988564142828176577685619561913731155508981456507557881596602396073589127827579264760182112015, (312312975924665463422872243489714243976133330669934414246404507993066820310886215600585539115436654843078716170526368558972800117033427241194242498913898005160762151892979826292737941332916578310350510245475526522735894588645243659, 422891099305786578397746684898210811095359530216631541482542541898542508551347882962281401572399110483550691802487377837504493122807091311281569558317360479103461652558448871769150783477147866528115922507893061101403528629595165327)]"""

2、解题方法

一开始看咦?这不是做过的题吗。。。真不错。

题目来源:题目来源:“华为杯”第二届中国研究生网络安全创新大赛

但后来发现还是不一样的,同样思路解不出来,找不到泄漏值。因为本题给了低指数d,而上述题目给的是低指数e,因此换思路:

低解密指数类型,连分数直接梭,先破d

exp:

#sage#ct = [10517482889776460226798449006280081167663671198448544453304563030553066300585088657159799516828057458092448853052920, 10402402380108575947733278581108880071660185906203575453837669489513650182676772750843558327746184945922314875098996, 452239510514900186933709062848646640558105660312444312121851933676754687850508865659206624803226663304812888272594694285123823218948165607478144589871322148031514596122654196640778853480169180864412134209693877604844174450602155353, 137939931394124279393027766586199451754893501053862574760060288577053514723631473985259186063729745515767167268309839903521149677958518517988564142828176577685619561913731155508981456507557881596602396073589127827579264760182112015, (312312975924665463422872243489714243976133330669934414246404507993066820310886215600585539115436654843078716170526368558972800117033427241194242498913898005160762151892979826292737941332916578310350510245475526522735894588645243659, 422891099305786578397746684898210811095359530216631541482542541898542508551347882962281401572399110483550691802487377837504493122807091311281569558317360479103461652558448871769150783477147866528115922507893061101403528629595165327)]a,b,n,e,(Cx,Cy) = ctE = EllipticCurve(Zmod(n),[a,b])C = E(Cx,Cy)O = E(0,1,0)c = continued_fraction((e/n))for i in range(200):    d,k = (c.denominator(i),c.numerator(i))    print(d)    if C*(e*d-1) == O and d != 1:        print(d)        break

得到 d = 861078593737268627868079

最后求m

#sage#ct = [10517482889776460226798449006280081167663671198448544453304563030553066300585088657159799516828057458092448853052920, 10402402380108575947733278581108880071660185906203575453837669489513650182676772750843558327746184945922314875098996, 452239510514900186933709062848646640558105660312444312121851933676754687850508865659206624803226663304812888272594694285123823218948165607478144589871322148031514596122654196640778853480169180864412134209693877604844174450602155353, 137939931394124279393027766586199451754893501053862574760060288577053514723631473985259186063729745515767167268309839903521149677958518517988564142828176577685619561913731155508981456507557881596602396073589127827579264760182112015, (312312975924665463422872243489714243976133330669934414246404507993066820310886215600585539115436654843078716170526368558972800117033427241194242498913898005160762151892979826292737941332916578310350510245475526522735894588645243659, 422891099305786578397746684898210811095359530216631541482542541898542508551347882962281401572399110483550691802487377837504493122807091311281569558317360479103461652558448871769150783477147866528115922507893061101403528629595165327)]a,b,n,e,(Cx,Cy) = ctE = EllipticCurve(Zmod(n),[a,b])C = E(Cx,Cy)O = E(0,1,0)d = 861078593737268627868079m = C*dm = m[0]print(m)#11128701975003002451830070180124963432210643963625151562445648616092749705192497589889353199
import libnumm = 11128701975003002451830070180124963432210643963625151562445648616092749705192497589889353199print(libnum.n2s(int(m)))#Wi3ner_4ttac6_s0_m4gic

An EaSy Cipher

属于aes cbc zerepadding 6位密码爆破

exp:

import base64from Crypto.Cipher import AESimport libnumdef zeropadding(password):    password = password + b"\x00"*(16 - len(password) % 16)    return passworddef pkcs7padding(password):    l = 16 - (len(password) % 16)    password = password + (chr(l).encode())*(16 - len(password) % 16)    return passwordline = open("superdic.txt","rb").readlines()for i in line:    password = zeropadding(i[:-2])    text = base64.b64decode("Kln/qZwlOsux+b/Gv0WsxkOec5E70dNhvczSLFs+0pkHaovEOBqUApBGBDBUrH08")    aes = AES.new(password,AES.MODE_ECB)    den_text = aes.decrypt(text)    if(b"flag" in den_text or b"DASCTF" in den_text):        print(den_text)        print(password)

MISCNumber game

签到题没啥说的,这种题按道理应该是WEB签到题,不知道为啥放到MISC了。。。哎!

连接后ctrl + u查看源代码发现只有个js文件,点进去找关键代码 function_roll()这一部分,代码复制一下放到控制台,然后把if()里判断条件改为true,再次点击roll,就会弹出flag了。。。

EZ_misc

1、附件信息

2、解题方法

送分题。。。

扔到010从文件头开始看发现是一张jpg图片,但每两位16进制是反的,好好好,看我魔力大旋转,翻转即可。

exp:

f = open("yuanshen", "rb")data = f.read()fzip = open("yuanshen.jpg", "wb")s = b""for i in data:    tmp = int(("%02x" % i)[::-1], 16)    s += bytes([tmp])    # print(tmp.to_bytes(1, 'little'))fzip.write(s)

jpg隐写,试了几个工具发现是steghide无密码类型进行解密:

steghide extract -sf yuanshen.jpgEnter passphrase:wrote extracted data to "flag.txt".

打开txt文本:

DASHDOTDOTDOTDOT DASHDOTDOTDOTDOT DASHDOTDOTDOTDOT DASHDOTDASHDOT DASHDOTDOTDOTDOT DOTDASHDASHDASHDASH DASHDOTDOTDOTDOT DASHDASHDOTDOTDOT DASHDASHDOTDOTDOT DASHDOTDOTDOT DASHDOTDOTDOTDOT DOTDOTDOTDOTDASH DASHDOTDOTDOTDOT DASHDOTDOTDOTDOT DOTDOTDOTDASHDASH DOTDOTDOTDOTDASH DASHDOTDOTDOTDOT DASHDOTDOTDOTDOT DOTDOTDOTDASHDASH DASHDOTDOTDOTDOT DOTDOTDOTDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDOTDOT DASHDOTDOTDOTDOT DOTDASHDASHDASHDASH DASHDOTDOTDOTDOT DOTDOTDASHDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDOTDASH DOTDOTDOTDASHDASH DOTDOTDASHDASHDASH DASHDOTDOTDOTDOT DOTDASHDASHDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDOTDOT DASHDOTDOTDOTDOT DOTDOTDASHDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDASHDASH DASHDOTDOTDOTDOT DOTDOTDASHDASHDASH DASHDOTDOTDOTDOT DOTDOTDASHDASHDASH DOTDOTDOTDASHDASH DASHDASHDASHDOTDOT DOTDOTDOTDASHDASH DOTDOTDOTDOTDOT DOTDOTDOTDASHDASH DOTDOTDOTDOTDOT DASHDOTDOTDOTDOT DOTDASHDASHDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDOTDASH DOTDOTDOTDASHDASH DASHDOTDOTDOTDOT DOTDOTDOTDASHDASH DOTDOTDOTDOTDASH DASHDOTDOTDOTDOT DOTDOTDOTDOTDASH DOTDOTDOTDASHDASH DASHDASHDOTDOTDOT DASHDOTDOTDOTDOT DOTDOTDASHDASHDASH DASHDOTDOTDOTDOT DOTDOTDASHDASHDASH DOTDOTDOTDASHDASH DOTDOTDOTDOTDASH DASHDOTDOTDOTDOT DOTDOTDOTDOTDOT DASHDOTDOTDOTDOT DOTDOTDOTDASHDASH DASHDASHDOTDOTDOT DASHDOTDOT

这个就有一点小脑洞了,找下规律发现里面只有 DASH 和 DOT,想到摩斯密码,把DASH换成 – DOT换成 .

-.... -.... -.... -.-. -.... .---- -.... --... --... -... -.... ....- -.... -.... ...-- ....- -.... -.... ...-- -.... ...-- ...-- ...-- ..... -.... .---- -.... ..--- ...-- ...-- ...-- ....- ...-- ..--- -.... .---- ...-- ..... -.... ..--- ...-- ...-- -.... ..--- -.... ..--- ...-- ---.. ...-- ..... ...-- ..... -.... .---- ...-- ....- ...-- -.... ...-- ....- -.... ....- ...-- --... -.... ..--- -.... ..--- ...-- ....- -.... ..... -.... ...-- --... -..

摩斯解码 + HEX解码:

Steins_Gate(这个题有东西,有难度的)

1、附件信息

2、解题方法

一张png图片,这个很有意思哈哈,图片放大是一堆“嘟嘟噜”文字

仔细观察发现这些文字基本上是RGB这种颜色,根据经验猜测一下这应该是把原图的每个像素点替换成了一个文字。

简单地测量一下发现每个文字所在的正方形区域大小大概为16 * 16。

由于小正方形区域是大致,因此可以尝试读取其中16*16正方形的像素,我们会发现由于图片压缩导致部分文字像素有稍微变动。

同时发现整张背景图片像素为(211, 211, 211)

exp:

from PIL import Imageimg = Image.open('Steins_Gate.png')pix = img.load()for x in range(0,16):    for y in range(0,16):        r, g, b = pix[x, y]        print(r,g,b)

接下来我们把这些16*16小方格的像素频率统计起来并进行排序,考虑到有可能原像素频率可能有大于背景211频率的,因此进行过滤一下。

exp:

from PIL import Imageimg = Image.open('Steins_Gate.png')pix = img.load()width = img.size[0]height = img.size[1]img1 = Image.new("RGB", (int(width / 16), int(height / 16)))for i in range(0, width, 16):    for j in range(0, height, 16):        dic = {}        for x in range(i, i + 16):            for y in range(j, j + 16):                r, g, b = pix[x, y]                if (r, g, b) in dic:                    dic[(r, g, b)] += 1                else:                    dic[(r, g, b)] = 1        sorted_dict = sorted(dic.items(), key=lambda x: x[1], reverse=True)        if sorted_dict[0][0]!=(211, 211, 211):            print(sorted_dict)            img1.putpixel((int(i / 16), int(j / 16)), sorted_dict[0][0])        else:            img1.putpixel((int(i / 16), int(j / 16)), sorted_dict[1][0])img1.show()img1.save("output.png")

由此恢复出原图片。。StegSolve发现原图零通道不对劲。

查看0通道发现大量base64,提取出来。

保存文件后放到010

但我们很清晰发现每部分base64后面总会有一点没用的数据

我们写个脚本把这些数据过滤掉

exp:

with open('flag.bin','rb')as f:    with open('flag.txt','wb') as ff:        data=f.read()        for i in range(0,len(data),252):            ff.write(data[i:i+240])            ff.write(b'\n')

把最终得到的数据放到Cyber进行base64解码

不难看出又是一张图片。。。。真无语,这么会套娃!!

把图片保存下来得到:

估计又是个jpg隐写,但试了好多不需要密码的jpg隐写工具发现解不了,感觉跟密码有关,但密码在哪里?

看看我们提取出来的base64大量数据,大胆猜测是base64隐写。试一下看是不是

B神工具直接梭得到密码:

DuDuLu~T0_Ch3@t_THe_w0r1d

哈哈还真是64隐写,好好好。然后我们试试需要密码的隐写工具,经尝试发现是outguess

WEBEasy php

exp:

param1 = $c;$c->func = $a;$a->cmd = "system('cat /flag');";echo urlencode(serialize($b));

REpyccc

直接还原得py脚本:

a = input('please input your flag:\n')check = [102,109,99,100,127,52,114,88,97,122,85,125,105,127,119,80,120,112,98,39,109,52,55,106]flag = ''for idx, x in enumerate(check):flag += chr(idx ^ x)print(flag)

然后随便输入上面数组任意数字得flag

please input your flag:99flag{1t_is_very_hap4y!!}

ezapk

反编译APK

放到Cyber解码