中龙技术 | HSCSEC CRY + MISC WP
CRYPTOEasy SignIn
5445705857464579517A4A48546A4A455231645457464243566B5579556C7053546C4A4E524564565646644D515670455130354C5755644F5231685256314A5452315A5552304E57576C5A49525430395054303950513D3D
Cyber一把梭
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113124506929-1333951467.png
RSA
import gmpy2
import sympy
from Crypto.Util.number import *
flag = b'????'
z=getPrime(1024)
p=sympy.nextprime(z)
q=sympy.prevprime(10*z)
n=p*q
m=bytes_to_long(flag)
e=0xe18e
c=pow(m,e,n)
print("n=",n)
print("c=",c)
#n= 124689085077258164778068312042204623310499608479147230303784397390856552161216990480107601962337145795119702418941037207945225700624828698479201514402813520803268719496873756273737647275368178642547598433774089054609501123610487077356730853761096023439196090013976096800895454898815912067003882684415072791099101814292771752156182321690149765427100411447372302757213912836177392734921107826800451961356476403676537015635891993914259330805894806434804806828557650766890307484102711899388691574351557274537187289663586196658616258334182287445283333526057708831147791957688395960485045995002948607600604406559062549703501
#c= 57089349656454488535971268237112640808678921972499308620061475860564979797594115551952530069277022452969364212192304983697546604832633827546853055947447207342333989645243311993521374600648715233552522771885346402556591382705491510591127114201773297304492218255645659953740107015305266722841039559992219190665868501327315897172069355950699626976019934375536881746570219967192821765127789432830133383612341872295059056728626931869442945556678768428472037944494803103784312535269518166034046358978206653136483059224165128902173951760232760915861623138593103016278906012134142386906130217967052002870735327582045390117565考点:费马分解 + 罗宾
gcd(e,φ(n)) = 2, 设e' = e/2 ,m' = m2 , 求出 m ′ 再利用Rabin求 m 。
EXP
n= 124689085077258164778068312042204623310499608479147230303784397390856552161216990480107601962337145795119702418941037207945225700624828698479201514402813520803268719496873756273737647275368178642547598433774089054609501123610487077356730853761096023439196090013976096800895454898815912067003882684415072791099101814292771752156182321690149765427100411447372302757213912836177392734921107826800451961356476403676537015635891993914259330805894806434804806828557650766890307484102711899388691574351557274537187289663586196658616258334182287445283333526057708831147791957688395960485045995002948607600604406559062549703501
c= 57089349656454488535971268237112640808678921972499308620061475860564979797594115551952530069277022452969364212192304983697546604832633827546853055947447207342333989645243311993521374600648715233552522771885346402556591382705491510591127114201773297304492218255645659953740107015305266722841039559992219190665868501327315897172069355950699626976019934375536881746570219967192821765127789432830133383612341872295059056728626931869442945556678768428472037944494803103784312535269518166034046358978206653136483059224165128902173951760232760915861623138593103016278906012134142386906130217967052002870735327582045390117565
e = 0xe18e
import gmpy2
p = gmpy2.iroot(n//10,2)
while 1:
p = gmpy2.next_prime(p)
if n%p==0:
break
q = n//p
f = (p-1)*(q-1)
d = gmpy2.invert(e//2,f)
mm = pow(c,d,n)
print(mm)
def rabin_decrypt(c, p, q, e=2):
n = p * q
mp = pow(c, (p + 1) // 4, p)
mq = pow(c, (q + 1) // 4, q)
yp = gmpy2.invert(p, q)
yq = gmpy2.invert(q, p)
r = (yp * p * mq + yq * q * mp) % n
rr = n - r
s = (yp * p * mq - yq * q * mp) % n
ss = n - s
return (r, rr, s, ss)
m = rabin_decrypt(mm,p,q)
for i in range(4):
try:
print(bytes.fromhex(hex(m)))
except:
pass
# b'flag{6d22773623d3d5c871692e9985de5f16}'AFFINE
查看代码 # -*- coding: utf-8 -*-
import string
import hashlib
letter=string.ascii_letters+string.digits
def encrypt(m, c, a, b):
for i in range(len(m)):
ch=m
t=(letter.index(ch) * a + b) % 62
c.append(letter)
d = ''.join(c)
print(d)
m =
c = []
a =
b =
assert ("flag" in m)
print("加密后的密文为:")
Cipher = encrypt(m, c, a, b)
flag = hashlib.md5("".join(str(m)).encode("utf8")).hexdigest()
#print(flag)
"""
加密后的密文为:
xGJ13kkRK9QDfORQomFOf9NZs9LKVZvGqVIsVO9NOkorv
"""思路:仿射密码加密,先根据密文和明文,爆破各位置存在 flag 字符串情况下对应的 a,b 值,再解密整串密文。
EXP
import string
import hashlib
#爆破
letter=string.ascii_letters+string.digits
def encrypt(m, a, b):
c = []
for i in range(len(m)):
ch=m
t=(letter.index(ch) * a + b) % 62
c.append(letter)
d = ''.join(c)
return d
s='xGJ13kkRK9QDfORQomFOf9NZs9LKVZvGqVIsVO9NOkorv'
for a in range(50):
for b in range(50):
Cipher = encrypt('flag', a, b)
for k in range(len(s)-3):
if Cipher==s:
print(Cipher,a,b)
#11 17
#解密
a=11
b=17
def decrypt(m, a, b):
import gmpy2
c = []
for i in range(len(m)):
ch=m
t=((letter.index(ch) - b) * gmpy2.invert(a,62)) % 62
c.append(letter)
d = ''.join(c)
return d
m=decrypt(s, a, b)
print(m)
flag = hashlib.md5("".join(str(m)).encode("utf8")).hexdigest()
print(flag)
#2b9b99caae1cc49e5b5aacbc8cc22350LINE-GENERATION-TEST
"Sorry, Tazmi, I can't hold you in my arms anymore" Who said that? flag{md5(result)}
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113130457880-795264054.png
根据enc结果,猜测为 mod 26 下的矩阵运算,数值对应字母顺序,可用z3解:
EXP
from z3 import *
f=
out=
ss=Solver()
ss.add((f+f)%26==out)
ss.add((f+f)%26==out)
ss.add((f+f+f)%26==out)
ss.add((f+f+f)%26==out)
ss.add((f)%26==out)
for i in range(5):
ss.add(f>=0)
ss.add(f<26)
ss.check()
m=ss.model()
print(m)
res=''
for i in range(5):
res+=chr(m].as_long()+ord('A'))
print(res)最后解flag
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from Crypto.Util.number import *
from gmpy2 import *
flag = b'flag{******}'.strip(b'flag{').strip(b'}')
_length = len(flag)
f1, f2, f3 = for _ in range(3)]
e = 0x10001
# part1
m1 = bytes_to_long(f1)
p1 = getPrime(1024)
q1 = getPrime(1024)
n1 = p1 * q1
phi1 = n1 - p1 - q1 + 1
c1 = pow(m1, e, n1)
e1 = invert(getPrime(730), phi1)
e2 = invert(getPrime(730), phi1)
print(f"c1={c1}")
print(f"n1={n1}")
print(f"e1, e2={e1}, {e2}")
# c1=18256586437688071179499177390976877033843124074731118595784275706275462549393575070193713157285247155052783040660186349191946243206621283417854114947512338510120090494075462629459661733719232454448765943733550405428870484328139300079099605288398777526459160412929323065084297815106233447065396152086777361372972058145457645409788067204097788931227023450019519408351421367564315618548463098307984698849151129213729707495350390245146946120917928822783651413957541976992382340037410396051196233685887265029041398105471757470103910841819186967349443174641098166881199762042452259613391893862411694579851230262676110579543
# n1=23818305284450407798474543841442778164118430521610043726789505700531857211139233983927667740426681473611421781216471548321033175378524550659451949200683096575646597770420333524204176282763665882864564388471765969302954420394630419303362777912490426962573169221783887636684177478144311692343348905299751465406910364431823004781961449409682714094129123403882257872835302752664170847941259148324938528680748942030111986004367624657807913886922193265189704092735093802344832636336165737460259604641005316302692291726246828545907406645433265956061936110408800751546469158181520009116013316133121377819590970122050812854789
# e1, e2=9835783673095553446058291384176228043002331943350999034534623274992838739022521971236805050273046260025059987203730927700121664052723407432747645871296445872656798765584552764267628989278697521984943241908192986396530077301150942289434104385028360155639928443785704472753619847188084726935475600846835326073460115218216212785556408708462269105328394030996217916556873627266842330668453858483713498138654428487949944189108261563568558572124107380903712891578297171120862197369764331518753921684965420121318071916309204747667657476806551055584210466752436702176078704990826846481952895354353484344820523539218467328609, 17375316355314118406320219911734421029944943076411309671685926390155316380478008061756850363872585667159388923531318955662085005614917843442976105969167039475936924220396528915648168982023113542542201704319766653086540015877222620054173299245668195344488548155446059033287516207223970884670005185996184076538885012087996848877993859469631166842992572290730174768464087877396078823473042762659765399198326507762349243538341205082556290883091174177379098626493382561067493560893603313231705260729621890489619111083150474886626958850812093915647702385689897792432029133765456750687073104627271449802966450876185872407293
# part2
m2 = bytes_to_long(f2)
p2 = getPrime(1024)
q2 = getPrime(1024)
n2 = p2 * q2
phi2 = n2 - p2 - q2 + 1
c2 = pow(m2, e, n2)
e1 = invert(getPrime(818), phi2)
e2 = invert(getPrime(818), phi2)
e3 = invert(getPrime(818), phi2)
print(f"c2={c2}")
print(f"n2={n2}")
print(f"e1, e2, e3={e1}, {e2}, {e3}")
# c2=7397948118661629179431783988040895458789705611348057007436744924286606845506855024757017008422428346125155256072479048132488726422383082177040419485079781614025786874885731238970838063149169856879853922252545180431913045657720759213963468939845495598431323068663802344702417525106006065710075781595178977530059183311799912042111388947291033904817085717108188090145344450358175045073581429955014610154068361313141588492645221701328206295786968873864994686829696270486416698396375950394734029806666802284536304945414547079574607730266434796754246916153856829680842431766222116151718709429059719233175642356185763549753
# n2=26292951661012369717063123837935212187841837990937409862727543775909692635777293262933237685397758431603024805843199727419651370601525732880424359196307914374216191509283135963748357779924092043495625603225506028009487151069654694577076720362009705789203840905789543087928861357322986605749368970969266743654319969904026952962322268379225380213707065355992305857296471145718799765135536018612126827479085590220735158169406914216754985647564372724826515679007973592809045174602317195367577976810859435543162819060475161099374850589836987534136681356679103268055423382163949544464079781246652055582200248909247668623499
# e1, e2, e3=22694706397978285590465671518110674052151119930148512503108564673150680783241121101786666274181726238526861523022918702466855620573530844233715770144139721716134989018155976236479107110312927457994481310468761498848616794416315070862907683495124078074007557127579845015890427714070653740357339462879130069957999436928214586731086684031472873906400037412726424268791786559621038152550518294176306295751353922800351665127092290118894154132754742176211704948795270899801653386827500439967394284110599220882384625850203226545462281069378693815073612231125489131101884329197443266832244811697310523718069196439987874560039, 19757693768817797436014051982525313310314202171979163256271236145574495661645212918338708496186679729064506769796601795165991111866727894236670818742409747080245075024690888305402144135268609274687612318745424595896798226707126823118123835608467111180582358621936132151152853801341025288787721743741457146001947620952829255159920921457848946646082875838154605722012404441365333587571345884871498937612639283634536627265761252205175359486536891516203565325566130199281073669565197277276475101795697133209290035232673428798516588817127360784579513454813838885851841273303461997814139565597376680331988797853669080243125, 11389981852832984357137509986679549123500155102837206910639496363918096101772914255008780837117260552841880430413524483339337830003709650579991621915081444343612271861556752359650402097545780278089588646712811404815644175255214558530767310601635041857471275711027346133308388815005294337668424266111374150795611611729636047618889325059128343980592920017154112277259693587094401884519031089809597582576905458587648918184434226675368577535209126874445550629139076565822733137255015869694623787301488148409890116680369767358783472079078515354151433058595644462125347850789885910919439106962937134732744338568617745128967
# part3
m3 = bytes_to_long(f3)
nl = []
cl = []
el = []
d = getPrime(890)
for _ in range(7):
p3 = getPrime(1024)
q3 = getPrime(1024)
n3 = p3 * q3
phi3 = n3 - p3 - q3 + 1
e3 = invert(d, phi3)
c3 = pow(m3, e3, n3)
nl.append(n3)
el.append(int(e3))
cl.append(int(c3))
print(f"nl={nl}")
print(f"el={el}")
print(f"cl={cl}")
# nl=
# el=
# cl=CRYPTO
EZVC
# Sage
import gmpy2
N =
e1 =
e2 =
c =
for i in range(1000):
alpha2 = i/1000
M1 = int(gmpy2.mpz(N)**0.5)
M2 = int( gmpy2.mpz(N)**(1+alpha2) )
D = diagonal_matrix(ZZ, )
B = Matrix(ZZ, [ ,
,
,
]) * D
L = B.LLL()
v = Matrix(ZZ, L)
x = v * B**(-1)
phi = (x/x*e1).floor()
try:
d = inverse_mod(65537, phi)
m = bytes.fromhex(hex(power_mod(c, d, N)))
if len(m)<20:
print(m)
break
except:
pass
# b'89c63fd5-00c'由于每一位都是一一对应的,因此找到对应关系暴力枚举即可。
EXP
# Sage
import gmpy2
N =
e1 =
e2 =
e3 =
c =
for i in range(1000):
alpha2 = i/1000
M1 = int(gmpy2.mpz(N)**(3./2))
M2 = int( gmpy2.mpz(N) )
M3 = int(gmpy2.mpz(N)**(3./2 + alpha2))
M4 = int( gmpy2.mpz(N)**(0.5) )
M5 = int( gmpy2.mpz(N)**(3./2 + alpha2) )
M6 = int( gmpy2.mpz(N)**(1.+alpha2) )
M7 = int( gmpy2.mpz(N)**(1.+alpha2) )
D = diagonal_matrix(ZZ, )
B = Matrix(ZZ, [ ,
,
,
,
,
,
,
]) * D
L = B.LLL()
v = Matrix(ZZ, L)
x = v * B**(-1)
phi_ = (e1*x/x).floor()
try:
d = inverse_mod(65537, phi_)
m = hex(power_mod(c, d, N))
m = bytes.fromhex(hex(power_mod(c, d, N)))
if len(m)<20:
print(m)
break
except:
pass
# b'f-4ae0-b369-' Operator
查看代码from gmpy2 import *
nl=[...]
el=[...]
cl=[...]
ind=[]
nl_s=sorted(nl)
for i in range(7):
ind.append(nl.index(nl_s))
print(ind)
e=[]
n=[]
c=[]
for i in range(7):
e.append(el])
n.append(nl])
c.append(cl])
M=iroot(int(n),int(2))
a=*8
a=,e,e,e,e,e,e]
a=,0,0,0,0,0,0]
a=,0,0,0,0,0]
a=,0,0,0,0]
a=,0,0,0]
a=,0,0]
a=,0]
a=]
Mat = matrix(ZZ,a)
Mat_LLL=Mat.LLL()
d = abs(Mat_LLL)//M
print(d)
print(bytes.fromhex(hex(pow(c,int(d),int(n)))))
# b'5a3d94a20a2c'EXP
0101110100100111011011011000111010000111101000101010100100100011010111011000010010100101110110011101110110010100010111001110010011101010111011001100011011010110001010011111111110100110101010101110100110011010110101110110000110010101010000010110100110110110001110101011000011110100011011100101101101001000110010100111000111001111010101011011111110010111100101111001010000100010100001000111010011011111010011101100011101011010011010110001101110110110000110010011001101100000110000110100101010010010110101100101111101110000010011101110010101110100011101100110111111001010EZRSA
from Crypto.Util.number import *
def lfsr(status,mask):
out = (status << 1) & 0xffffffff
i=(status&mask)&0xffffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
out^=lastbit
return (out,lastbit)
status= 1
mask = 0b10110001110010011100100010110101
num = bytes_to_long(m)
p = getPrime(1024)
q = getPrime(1024)
n = p*q
e = 65537
hp = bin(p)
c = pow(num, e, n)
print("n=",n)
print("c=",c)
f=open("key","w+",encoding='utf-8')
for i in range(568):
curnum = int(hp)
(status,out)=lfsr(status,mask)
f.write(str(curnum ^ out))
f.close()
'''
n= 9363543374665338283861145656340115756598328744870620756798779080826725774691364161648335378062705433999048117564356637094421930886166369832353405527855104576202658647651524758179962855692461154859961903531990172279764099199157181167775307950690492969859829926808950964120678082460448847927074487568619536568740301649988555476490206693181162301088156855926656544441682939839165455244630182978802660669255401576213941067679888164237586879364615664942234247896214195262510935345922512831632385741735810122730130366521612834556565838623708828780093323310348242654778247293430853566054703991781432542625271396246500576703
c= 3641304537029815746727163894554557322382012539953948183406308231174259571263608621970973671202001456955622458371303424750815017578104069924877881162707673935496925529412748663209884628320657034190702348924814794263041483260377960569530869386619921425415323912964305979776909598200202236912823968867485696101691879580799000240715778010424877093758489309380968229017074542588151574195295436881889313935734282141447498134543053106463951864974512375314091440713165047188590693431938599822340588934591712592995622334522799914563528630705687647950894928965913199772209825508001274120556508220248069647851360567609656517789
'''这个就很简单,M = m * e * 1 * 2022 * p, n = p * q 因此gcd(M,n) = p,有了p就好说了
EXP
def lfsr(status,mask):
out = (status << 1) & 0xffffffff
i=(status&mask)&0xffffffff
lastbit=0
while i!=0:
lastbit^=(i&1)
i=i>>1
out^=lastbit
return (out,lastbit)
status= 1
mask = 0b10110001110010011100100010110101
c = list('0101110100100111011011011000111010000111101000101010100100100011010111011000010010100101110110011101110110010100010111001110010011101010111011001100011011010110001010011111111110100110101010101110100110011010110101110110000110010101010000010110100110110110001110101011000011110100011011100101101101001000110010100111000111001111010101011011111110010111100101111001010000100010100001000111010011011111010011101100011101011010011010110001101110110110000110010011001101100000110000110100101010010010110101100101111101110000010011101110010101110100011101100110111111001010')
c=
hp = ''
for i in range(568):
(status,out) = lfsr(status,mask)
hp += str(c^out)
hp = int(hp, 2)
print(hp)
# 484896331241166236766986322307256381427323829969266475890843705533431739217993785274442520213477613786483789873490025705365184544110819157393140954140256890174240795425112MISC
Sign-in
前往红客突击队公众号发送“HSC2019”并签到吧!
# Sage
n = 9363543374665338283861145656340115756598328744870620756798779080826725774691364161648335378062705433999048117564356637094421930886166369832353405527855104576202658647651524758179962855692461154859961903531990172279764099199157181167775307950690492969859829926808950964120678082460448847927074487568619536568740301649988555476490206693181162301088156855926656544441682939839165455244630182978802660669255401576213941067679888164237586879364615664942234247896214195262510935345922512831632385741735810122730130366521612834556565838623708828780093323310348242654778247293430853566054703991781432542625271396246500576703
hp = 484896331241166236766986322307256381427323829969266475890843705533431739217993785274442520213477613786483789873490025705365184544110819157393140954140256890174240795425112
import string
dic = string.digits + "abcdef"
for a in dic:
for b in dic:
pp = hex(hp) + a + b
#p需要用0补全到1024位
pp += '0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
#要加的数字与补全p时0的个数有关
pp = int(pp, 16)
p_fake = pp+0x10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pbits = 1024
kbits = pbits-576
pbar = p_fake & (2^pbits-2^kbits)
#print("upper %d bits (of %d bits) is given" % (pbits-kbits, pbits))
PR.<x> = PolynomialRing(Zmod(n))
f = x + pbar
try:
x0 = f.small_roots(X=2^kbits, beta=0.4)# find root < 2^kbits with factor >= n^0.4
print(x0 + pbar)
except:
pass
# 90225006288627020933267024425797647042965554486273674145474629022335483579168020321334177600624475358419458781387021577078957978886555066264514364951229871833611713144617155837023313756741716041993159155093522769416742461683810041045361926334946115547487234272520914249496954864904467634471167509689549908477DORAEMON
解压压缩包时得到提示
p = 90225006288627020933267024425797647042965554486273674145474629022335483579168020321334177600624475358419458781387021577078957978886555066264514364951229871833611713144617155837023313756741716041993159155093522769416742461683810041045361926334946115547487234272520914249496954864904467634471167509689549908477
n = 9363543374665338283861145656340115756598328744870620756798779080826725774691364161648335378062705433999048117564356637094421930886166369832353405527855104576202658647651524758179962855692461154859961903531990172279764099199157181167775307950690492969859829926808950964120678082460448847927074487568619536568740301649988555476490206693181162301088156855926656544441682939839165455244630182978802660669255401576213941067679888164237586879364615664942234247896214195262510935345922512831632385741735810122730130366521612834556565838623708828780093323310348242654778247293430853566054703991781432542625271396246500576703
c = 3641304537029815746727163894554557322382012539953948183406308231174259571263608621970973671202001456955622458371303424750815017578104069924877881162707673935496925529412748663209884628320657034190702348924814794263041483260377960569530869386619921425415323912964305979776909598200202236912823968867485696101691879580799000240715778010424877093758489309380968229017074542588151574195295436881889313935734282141447498134543053106463951864974512375314091440713165047188590693431938599822340588934591712592995622334522799914563528630705687647950894928965913199772209825508001274120556508220248069647851360567609656517789
q = n//p
e = 0x10001
import gmpy2
f = (p-1)*(q-1)
d = gmpy2.invert(e,f)
m = pow(c,d,n)
print(bytes.fromhex(hex(m)))
# b'flag{fbbce1e3aa690ebb49039241f940ed26}'六位数字密码爆破即可
# -*- coding: utf-8 -*-
import flag
alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~'
key = 'HSC'
assert flag.startswith('HSCSEC{')
flag_num_list = []
c = []
for item in flag:
flag_num_list.append(alphabet.find(item) + 1)
key_num = alphabet.find(key) + 1
for i in flag_num_list:
m = (i + key_num) % 94 - 1
if m == 0:
c.append("□")
c.append(alphabet)
print("c = {}".format(''.join(c)))
# c = GRBRDB`jg10ij2g01i,g201gi,2gi2,012igaigagi|得到图片宽高有问题修改下即可
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113134131109-1760767337.png
然后PS补全上方两个角扫码得到
flag = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~'
c = '□abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!"#$%&\'()*+,-./:;<=>?@[\]^_`{|}'
big_dic = {}
for index in range(len(c)):
big_dic] = flag
cipher = 'GRBRDB`jg10ij2g01i,g201gi,2gi2,012igaigagi|'
for i in cipher:
print(big_dic, end='')
if __name__ == '__main__':
pass
#HSCSEC{kh21jk3h12j-h312hj-3hj3-123jhbjhbhj}汝闻,人言否
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113135430047-2058576669.png
哈哈!!!好图
010打开发现末尾有压缩包,把最后的4B 50改过来提取
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113141506986-104201974.png
根据最后的注释得到压缩包密码:键盘密码qazsedcftrfvgycft6yhntgbnytfvbhyik,.;p,找出字母WVALOU,解压得到flag文件,010发现为wav文件结构
使用audacity查看wav文件,在频谱图发现flag:flag:e5353bb7b57578bd4da1c898a8e2d767
PERFORMANCE-ART
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113142108865-1205989364.png
图片信息是两种图形替换密码的混合,其中一种为标准银河字母,猜测另一种代表数字,根据形状和出现概率,猜测出前几位 504B0304140000000,为zip压缩包文件头。
依次还原所有字符:
#!/bin/python3
from Crypto.Util.number import bytes_to_long, getPrime
FLAG = "*******************MASK****************"
# print(FLAG)
number1 = getPrime(512)
number2 = getPrime(1024)
print(number1)
result = FLAG * number1 % number2
print(result)
"""
Output:
11488359375916816818731868252559119400126174593041608170883818546254791846479664455120194350355087017477744828351806157930199157462913063513512421460678471
1890846045246997191702622225497063073251667816125412875121879991742654650976309481716690792328873189601779812108551290078049710826355501933349874438201643986975141068179879506727213209273645848165732801667704040761771
"""保存为zip文件打开,得到ZmxhZ3tnNUEwIWkyZjF9base64解码得到flag{g5A0!i2f1}
WIRESHARK
010发现压缩包后有png
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113143353563-591676292.png
分离得到
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113143501540-908593575.png
zsteg发现0通道有图片
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113143642111-105134001.png
提取出来是一张二维码,扫码得到wrsak..iehr370
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113143803255-1499747652.png
栅栏解码得到 wireshark3.7.0即压缩包密码
解压打开得到文件010分析发现是PDF结构,但文件头修改了,还原为25 50 44 46打开
发现是PDF隐写,使用wbStego工具提取出flag:flag{Go0dJ0B_y0ufIndLt}
PCXP
百度网盘https://pan.baidu.com/s/12q5ULEp_RD62MwbV5eE11A
提取码:1qih
奶牛快传https://cowtransfer.com/s/b76470ddc9e04a
蓝奏云https://wwo.lanzouy.com/b030r1x4j
密码:cvi0
本题目文件PCXP1与PCXP2均需要下载!
本题文件中flag{raw_Imfig3_mLs3}属于干扰项
Hint
看起来里面有个镜子,你能找到吗?
两个raw文件,分别用volatility分析。
先分析:
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113150021642-2053185532.png
首先查看系统版本,然后从PCXP镜像中找到并dump出rar文件,即ffflaaagggg.rar
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113145907707-549619342.png
根据提示,从PCXP1镜像中找到并dump出mirror.rar
mirror.rar的解压密码在注释地方,解压出png之后010查看发现后半部分有多余数据反序了
提取出来,然后脚本逆序一下得到key
from Crypto.Util.number import long_to_bytes
n1 = 11488359375916816818731868252559119400126174593041608170883818546254791846479664455120194350355087017477744828351806157930199157462913063513512421460678471
c = 1890846045246997191702622225497063073251667816125412875121879991742654650976309481716690792328873189601779812108551290078049710826355501933349874438201643986975141068179879506727213209273645848165732801667704040761771
print(long_to_bytes(c // n1))
#flag{qMmZqWvmj70bBsCfmVLT}https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113151037634-2072783371.jpg
然后使用密码解压ffflaaagggg.rar得到secret.pcap,foremost分离发现两张几乎一模一样的图片,盲水印。
from Crypto.Util.number import *
import gmpy2
from flag import m
p = getPrime(1024)
q = getPrime(1024)
n = p * q
print('n =',n)
e = 0x10001
M = m * e * 1 * 2022 * p
c = pow(M,e,n)
print('c =',c)
# n = 16266043783454053154037197753138388613864200794483663334493856481522764684650995230938142916968470804276539967429581472897698022852787399956166067156691430593337430691851251036378709799238876668312530223697905925939542713491015517460139150765778057817475571231361809654951289718071760502692960235551663466242938669673675870151921605230499603814070711617511206013584605131901906195136038060653121164252894949526861390984185085201067988694831398388037080993820517447099157891181179389949333832439004857436617834100885739716577641892686620423154860716308518151628754780994043553863224363539879909831811888663875989774849
# c = 12716190507848578560760116589677996073721225715245215495257947887969923319693501568134141757778665747980229898129090929698368855086594836111461700857934476682700625486249555753323344759513528101651108919161794915999809784961533946922607642974500946026677116418317599095703217004064379100607278317877894742815660315660254853364776654303066021672567442581774299847661025422994141801987588151758971034155714424052693627277202951522779716696303237915400201362585413354036973117149974017434406560929491956957193491445847385625481870256240443170803497196783872213746269940877814806857222191433079944785910813364137603874411https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113151206724-1878213166.jpg
flag{Wat3rMarkPtysc}
MISC
SIGNIN
关注公众号:中龙 红客突击队 发送:HSCCTF{TELLMEFLAG}获取flag!
from Crypto.Util.number import long_to_bytes
from gmpy2 import *
e = 0x10001
c = 12716190507848578560760116589677996073721225715245215495257947887969923319693501568134141757778665747980229898129090929698368855086594836111461700857934476682700625486249555753323344759513528101651108919161794915999809784961533946922607642974500946026677116418317599095703217004064379100607278317877894742815660315660254853364776654303066021672567442581774299847661025422994141801987588151758971034155714424052693627277202951522779716696303237915400201362585413354036973117149974017434406560929491956957193491445847385625481870256240443170803497196783872213746269940877814806857222191433079944785910813364137603874411
n = 16266043783454053154037197753138388613864200794483663334493856481522764684650995230938142916968470804276539967429581472897698022852787399956166067156691430593337430691851251036378709799238876668312530223697905925939542713491015517460139150765778057817475571231361809654951289718071760502692960235551663466242938669673675870151921605230499603814070711617511206013584605131901906195136038060653121164252894949526861390984185085201067988694831398388037080993820517447099157891181179389949333832439004857436617834100885739716577641892686620423154860716308518151628754780994043553863224363539879909831811888663875989774849
p = gmpy2.gcd(c, n)
q = n // p
phi = (p - 1) * (q - 1)
d = gmpy2.invert(e, phi)
# M = m * e * 1 * 2022 * p
M = pow(c, d, n)
M //= e * 2022 * p
print(long_to_bytes(M))
#flag{3e5e2789a93a80615cc35edbff397c05}QR
Hint1
比lsb信息隐藏量更大的算法,安全性更高
Hint2
图像是按位隐藏的,所以要按位提取像素值,如果第八位是最高的非零位,那么对于rgb通道分别提取二进制数的后4 3 5位,每8位就合成一次灰度值,全部提取完再重新排列得到真正的flag图像。 ps: 原图、真正flag的图、合成后形成的这个附件图,三者像素尺寸大小一致
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113152800415-1401582677.png
给了一个二维码,我们按照提示二写脚本即可
flag{HSC_W3LC0M3}运行得到隐藏图片
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113155042547-1905881122.png
扫码得到SFNDU0VDe1lvdV9BcmVfU29fQ29vSX0base64解码得到HSCSEC{You_Are_So_CooI}
DISK
010打开图片发现文件尾有段没有特征的文件,结合题目名猜测需要用VeraCrypt
用png作为密钥文件挂载成功后目录下找到flag
哆啦A梦把泡好的QR放进口袋后,用六位数字把自己放好了。你能找到它吗?base64解码得到
376852反一下得
HSCSEC{disklooksunsafe}
EZIMG
提示:flag3未尝不可尝试Online decode。
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113160033431-972407214.png
png图片尾部有01串+反转的png
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113160353171-599736015.png
1、将反转的png还原得到flag1: HSCSEC{p3G_h
2、提取所有01串画二维码,扫出 flag2:aQR_c0de_and
3、根据提示使用PixelJihad解码:https://www.mzy0.com/ctftools/pjh/
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113161405050-1636687382.png
HSCSEC{p3G_haQR_c0de_and_3nc}
Salute
1.没有文件特征?勒索者最爱。
2.某张看不清的图片?
flag2/key:xxxx_xx
可以使用python还原
010分析看到文件尾有32位的MD5串
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113162450553-1447888827.png
解密得到qwer1234,还发现一段奇怪的输出猜测为xor qwer1234
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113163020381-817769660.png
得到压缩包保存下来,打开得到两张图片。
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113163139690-1012175748.png
zsteg查看salute1.png发现信息。结合提示可知flag2/key:that_is这个应该就是第一张的密码,秒选steghide解码
https://img2023.cnblogs.com/blog/3167109/202311/3167109-20231113163340087-1010135266.png
得到HSCSEC{qwer1234that_is_c0ol}
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!
页:
[1]