【0】前言
本文简记我做的一些ctf上的crypt,及其python脚本的编写。
【1】2021年莲城杯crypt
(1)题目描述:本题给了一个加密脚本,让咱们写一个解密脚本。
# 莲城杯加密解密的一道题,这道题做题方法是确定随机数和一个解密算法
# 加密源码
import random
flag = 'flag{********************************}'
b = [ ord(i) for i in flag ]
a = random.randint(65, max(b))
encflag=""
for i in range(len(flag)):
encflag += str(bin((ord(flag[i])^a)<<2)[2:]) + ' '
print (encflag)
# 11011000 11110000 11000100 11011100 10101100 11001000 110011000 11001100 110001100 110011100
# 110001000 11010100 110011100 110100100 11000100 110100100 11001000 110010100 110011100
# 110011000 110001000 110001000 110001100 11001100 110000100 11010100 110010000 110000100
# 11010000 110010100 11000100 110100100 110010000 110010000 110000000 11001000 110000000 10110100
(2)解题方法:
本题要先确定加密试用的随机数,后根据加密过程逆向编写脚本,确定随机数的脚本和解密脚本如下。
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
# 下面的函数用来确定随机数是什么的函数
def liancheng_crypt_sure_random():
FirstChar = 110110
Forming = "A"
Judge = 64
while (Judge<125):
Judge = Judge+1
MiddleNum = int(str(FirstChar),2)
Forming = chr(MiddleNum^Judge)
if(Forming == "f"):
break
print (Judge)
# 下面的函数用来解密flag
def liancheng_ctypt_sure_flag():
Result = ''
CipherText = [110110,111100,110001,110111,101011,110010,1100110,110011,1100011,1100111,1100010,110101,
1100111,1101001,110001,1101001,110010,1100101,1100111,1100110,1100010,1100010,1100011,110011,1100001,
110101,1100100,1100001,110100,1100101,110001,1101001,1100100,1100100,1100000,110010,1100000,101101]
for Element in CipherText:
Forming = chr(int(str(Element),2)^80)
Result += str(Forming)
print(Result)
if __name__=='__main__':
# 【2】莲城杯crypt
# 下面的两个参数是连城杯上一道ctypt题的脚本,两个函数上面一个是用来看加密的随机数是什么的,下面的一个是解密flag的
liancheng_crypt_sure_random()
liancheng_ctypt_sure_flag()
【2】buuctf中的异性相吸
(1)题目描述:题目中给了两个由0和1组成的字符串。
(2)解题方法:根据题目《异性相吸》可知是要用异或运算解题,脚本如下:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
# buu上的异性相吸,010editor打开文件的二进制码然后异或之后二换十,十换十六,然后binascii,a2b_hex解码
def buu_different_come(forming,handsome):
realy = ''
for i in range(len(forming)):
if (forming[i]==handsome[i]):
realy += '0'
else:
realy += '1'
print(realy)
print(hex(int(realy,2)))
if __name__=='__main__':
# 【3】buu上的异性相吸
forming = '00000111 00011111 00000000 00000011 00001000 00000100 00010010 0101010100000011 00010000 01010100 01011000 01001011 01011100 01011000 0100101001010110 01010011 01000100 01010010 00000011 01000100 00000010 0101100001000110 00000110 01010100 01000111 00000101 01010110 01000111 0101011101000100 00010010 01011101 01001010 00010100 00011011'.replace(' ','')
handsome = '01100001 01110011 01100001 01100100 01110011 01100001 01110011 0110010001100001 01110011 01100100 01100001 01110011 01100100 01100001 0111001101100100 01100001 01110011 01100100 01100001 01110011 01100100 0110000101110011 01100100 01100001 01110011 01100100 01100001 01110011 0110010001110001 01110111 01100101 01110011 01110001 01100110'.replace(' ','')
buu_different_come(forming,handsome)
【3】buuctf中的还原大师
(1)题目描述:本题给了一个部分字符未知的字符串,同时给了其md5编码之后的部分字符未知的字符串;
(2)解题方法:用穷举的思想不断尝试,直到解出结果,有两种大同小异的脚本一个是自己做题时候写的,但是后来发现了别人写的脚本,确实别人写的好,但是把我写的分享出来,希望大家能有对比反证己身:
1、自己写的:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
# buu上还原大师的题,函数的原理是爆破,调用choice结合到字符串中,加密后看是否符合要求
def buu_restore_master_number_two():
chr = 'ABCDEFGHIJKLMNOPQESTUVWXYZ0123456789'
first = random.choice(chr)
second = random.choice(chr)
third = random.choice(chr)
forming = 'TASC'+first+'O3RJMV'+second+'WDJKX'+third+'ZM'
result = hashlib.md5(forming.encode()).hexdigest().upper()
print('start test ' + forming)
# E903???4DAB????08?????51?80??8A?
# E9032994DABAC08080091151380478A2
while ((result[0:4] != 'E903') or (result[7:11] != '4DAB') or (result[15:17] != '08') or (result[22:24] != '51') or (result[25:27] != '80') or (result[29:31] != '8A')) :
first = random.choice(chr)
second = random.choice(chr)
third = random.choice(chr)
forming = 'TASC'+first+'O3RJMV'+second+'WDJKX'+third+'ZM'
result = hashlib.md5(forming.encode()).hexdigest().upper()
print('start test ' + forming)
print('the origin string is : ' + forming)
print('the crypted string is : ' + result)
if __name__=='__main__':
# 【4】buu上的还原大师
buu_restore_master_number_two()
2、别人写的:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
# buu上还原大师的题 ,用穷举26个英文字母的方式爆破出符合规定的字符串
# E9032994DABAC08080091151380478A2
def buu_restore_master_number_one():
judge = 0
chr = 'ABCDEFGHIJKLMNOPQESTUVWXYZ0123456789'
for forming in chr:
for very in chr:
handsome = 'TASC'+forming+'O3RJMV'+very+'WDJKX'
for realy in chr:
handsome += realy + 'ZM'
print('start test ' + handsome)
crypted = hashlib.md5(handsome.encode()).hexdigest().upper()
if ((crypted[0:4] == 'E903') or (crypted[7:11] == '4DAB') or (crypted[15:17] == '08') or (crypted[22:24] == '51') or (crypted[25:27] == '80') or (crypted[29:31] == '8A')):
print('the origin string is : ' + handsome)
print('the crypted string by md5 is : ' + crypted)
judge = 1
break
handsome = 'TASC'+forming+'O3RJMV'+very+'WDJKX'
if judge:
break
if judge:
break
if __name__=='__main__':
buu_restore_master_number_one()
【4】buuctf上的rsa1
(1)题目描述:标准的rsa加密算法,两个公式记住就能写,但是想要直到原理的的话可以看我这一篇博客;
(2)脚本编写:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
# buu上的crypt,rsa1
def buu_rsa1():
p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229
q = 12640674973996472769176047937170883420927050821480010581593137135372473880595613737337630629752577346147039284030082593490776630572584959954205336880228469
dp = 6500795702216834621109042351193261530650043841056252930930949663358625016881832840728066026150264693076109354874099841380454881716097778307268116910582929
dq = 783472263673553449019532580386470672380574033551303889137911760438881683674556098098256795673512201963002175438762767516968043599582527539160811120550041
c = 24722305403887382073567316467649080662631552905960229399079107995602154418176056335800638887527614164073530437657085079676157350205351945222989351316076486573599576041978339872265925062764318536089007310270278526159678937431903862892400747915525118983959970607934142974736675784325993445942031372107342103852
mp = gmpy2.powmod(c,dp,p)
mq = gmpy2.powmod(c,dq,q)
i = gmpy2.invert(p,q)
mid_one = mq-mp
mid_two = mid_one*i
mid_three = gmpy2.powmod(mid_two,1,q)
mid_four = mid_three*p
m_int = mid_four + mp
print('the original string is {0}'.format(m_int))
mid_hex = hex(m_int)
print('the hex string is {0}'.format(mid_hex))
if __name__=='__main__':
buu_rsa1()
【5】buuctf上的rsa2
(1)题目描述:标准的rsa钟中的dp泄露,看原理看这一篇博客。
(2)脚本编写:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
def buu_rsa2():
p = 0
e = 65537
dp = 905074498052346904643025132879518330691925174573054004621877253318682675055421970943552016695528560364834446303196939207056642927148093290374440210503657
c = 140423670976252696807533673586209400575664282100684119784203527124521188996403826597436883766041879067494280957410201958935737360380801845453829293997433414188838725751796261702622028587211560353362847191060306578510511380965162133472698713063592621028959167072781482562673683090590521214218071160287665180751
n = 48254007851526241177721526698901802985832766176221609612258877371620580060433101538328030305219918697643619814200930679612109885533801335348445023751670478437073055544724280684733298051599167660303645183146161497485358633681492129668802402065797789905550489547645118787266601929429724133167768465309665906113
# 248254007851526241177721526698901802985832766176221609612258877371620580060433101538328030305219918697643619814200930679612109885533801335348445023751670478437073055544724280684733298051599167660303645183146161497485358633681492129668802402065797789905550489547645118787266601929429724133167768465309665906113
temp=dp*e - 1
for i in range(2,e) :
if temp%i==0:
p=temp//i+1
q=n//p
d=gmpy2.invert(e,(p-1)*(q-1))
m=pow(c,d,n)
print(m)
# p = 913127778735150773404608108707415336420768487291895507949690875024961998723921084218161740762247806472238721460807860416768595691382327159766463278002713
# 之后复制m的值调用binascii.a2b_hex()方法进行十六进制编码
# m = 198684253432954596193345784793734665149302336175065992640002388748307071802369561479775356746782694904065947170519261584314403457835655705269315447475440706251964502468599639100901659265781324059990023263154237810704131086853449073568846031342829740365587788703247933638196834034686786623463634700146737869245
# 这个函数或许因为vscode上插件的原因对n赋正确的值之后会报错,所以要放到cmd中去跑,上面就是m的值
if __name__=='__main__':
buu_rsa2()
【6】buuctf上的rsa3
(1)题目描述:标准的共模攻击,原理看这一篇。
(2)脚本编写:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
def buu_rsa3():
s1 = 1
s2 = 1
c1 = 5
# c1 = 22322035275663237041646893770451933509324701913484303338076210603542612758956262869640822486470121149424485571361007421293675516338822195280313794991136048140918842471219840263536338886250492682739436410013436651161720725855484866690084788721349555662019879081501113222996123305533009325964377798892703161521852805956811219563883312896330156298621674684353919547558127920925706842808914762199011054955816534977675267395009575347820387073483928425066536361482774892370969520740304287456555508933372782327506569010772537497541764311429052216291198932092617792645253901478910801592878203564861118912045464959832566051361
n = 2
# n = 22708078815885011462462049064339185898712439277226831073457888403129378547350292420267016551819052430779004755846649044001024141485283286483130702616057274698473611149508798869706347501931583117632710700787228016480127677393649929530416598686027354216422565934459015161927613607902831542857977859612596282353679327773303727004407262197231586324599181983572622404590354084541788062262164510140605868122410388090174420147752408554129789760902300898046273909007852818474030770699647647363015102118956737673941354217692696044969695308506436573142565573487583507037356944848039864382339216266670673567488871508925311154801
e1 = 11187289
c2 = 1
# c2 = 18702010045187015556548691642394982835669262147230212731309938675226458555210425972429418449273410535387985931036711854265623905066805665751803269106880746769003478900791099590239513925449748814075904017471585572848473556490565450062664706449128415834787961947266259789785962922238701134079720414228414066193071495304612341052987455615930023536823801499269773357186087452747500840640419365011554421183037505653461286732740983702740822671148045619497667184586123657285604061875653909567822328914065337797733444640351518775487649819978262363617265797982843179630888729407238496650987720428708217115257989007867331698397
e2 = 9647291
temp1 = gmpy2.powmod(c1,s1,0)
temp2 = gmpy2.powmod(c2,s2,0)
m = gmpy2.powmod(temp1*temp2,1,n)
m = gmpy2.iroot(m,gcd(e1,e2))
print(m)
# 直接将m复制下来十进制换十六进制放到binascii.a2b_hex()方法中对其十六进制解码
# 与rsa2一样因为vscode插件的原因要放到cmd命令行中执行才行,代码要合理转换
if __name__=='__main__':
buu_rsa3()
【7】buuctf上的rsaroll
(1)题目描述:根据rsa解密脚本编写就行。
(2)脚本编写:
from colorsys import rgb_to_yiq
import io
from math import gcd
from multiprocessing import cpu_count
import os
import struct
from tkinter import E
from click import formatting
from markupsafe import string
import base64
import binascii
from urllib import parse
import hashlib
import random
import re
import threading
import os
import gmpy2
# buu上的rsaroll
def buu_rsaroll():
N,p,q,e=920139713,18443,49891,19
d=gmpy2.invert(e,(p-1)*(q-1))
result=[]
with open("D:\Code\python\buu_rsaroll.txt","r") as f:
for line in f.readlines():
line=line.strip('n')
result.append(chr(gmpy2.powmod(int(line),d,N)))
for i in result:
print(i,end='')
if __name__=='__main__':
buu_rsaroll()
本文作者:, 转载请注明来自FreeBuf.COM
# CTF # 数据安全