HGAME 2024 WEEK1 Crypto Misc
CRYPTO(已解决3/4)
ezRSA
题目描述:一个简单的RSA
from Crypto.Util.number import *
from secret import flag
m=bytes_to_long(flag)
p=getPrime(1024)
q=getPrime(1024)
n=p*q
phi=(p-1)*(q-1)
e=0x10001
c=pow(m,e,n)
leak1=pow(p,q,n)
leak2=pow(q,p,n)
print(f'leak1={leak1}')
print(f'leak2={leak2}')
print(f'c={c}')
"""
leak1=149127170073611271968182576751290331559018441805725310426095412837589227670757540743929865853650399839102838431507200744724939659463200158012469676979987696419050900842798225665861812331113632892438742724202916416060266581590169063867688299288985734104127632232175657352697898383441323477450658179727728908669
leak2=116122992714670915381309916967490436489020001172880644167179915467021794892927977272080596641785569119134259037522388335198043152206150259103485574558816424740204736215551933482583941959994625356581201054534529395781744338631021423703171146456663432955843598548122593308782245220792018716508538497402576709461
c=10529481867532520034258056773864074017027019578041866245400647840230251661652999709715919620810933437191661180003295923273655675729588558899592524235622728816065501918076120812236580344991140980991532347991252705288633014913479970610056845543523591324177567061948922552275235486615514913932125436543991642607028689762693617305246716492783116813070355512606971626645594961850567586340389705821314842096465631886812281289843132258131809773797777049358789182212570606252509790830994263132020094153646296793522975632191912463919898988349282284972919932761952603379733234575351624039162440021940592552768579639977713099971
"""
我的解答:
根据题目关系式我们可以写出:
leak1 = pq mod q
leak2 = qp mod p
根据费马小定理:
ap−1 ≡ 1 mod p
推出:
leak1 = p
leak2 = q
exp:
import gmpy2
from Crypto.Util.number import *
p=149127170073611271968182576751290331559018441805725310426095412837589227670757540743929865853650399839102838431507200744724939659463200158012469676979987696419050900842798225665861812331113632892438742724202916416060266581590169063867688299288985734104127632232175657352697898383441323477450658179727728908669
q=116122992714670915381309916967490436489020001172880644167179915467021794892927977272080596641785569119134259037522388335198043152206150259103485574558816424740204736215551933482583941959994625356581201054534529395781744338631021423703171146456663432955843598548122593308782245220792018716508538497402576709461
c= 10529481867532520034258056773864074017027019578041866245400647840230251661652999709715919620810933437191661180003295923273655675729588558899592524235622728816065501918076120812236580344991140980991532347991252705288633014913479970610056845543523591324177567061948922552275235486615514913932125436543991642607028689762693617305246716492783116813070355512606971626645594961850567586340389705821314842096465631886812281289843132258131809773797777049358789182212570606252509790830994263132020094153646296793522975632191912463919898988349282284972919932761952603379733234575351624039162440021940592552768579639977713099971
e = 65537
n = p*q
phi = (p-1) * (q-1)
d = gmpy2.invert(e, phi)
m = pow(c, d, n)
print(long_to_bytes(m))
#hgame{F3rmat_l1tt1e_the0rem_is_th3_bas1s}
ezMath
题目描述:一个简单的数学题
from Crypto.Util.number import *
from Crypto.Cipher import AES
import random,string
from secret import flag,y,x
def pad(x):
return x+b'\x00'*(16-len(x)%16)
def encrypt(KEY):
cipher= AES.new(KEY,AES.MODE_ECB)
encrypted =cipher.encrypt(flag)
return encrypted
D = 114514
assert x**2 - D * y**2 == 1
flag=pad(flag)
key=pad(long_to_bytes(y))[:16]
enc=encrypt(key)
print(f'enc={enc}')
#enc=b"\xce\xf1\x94\x84\xe9m\x88\x04\xcb\x9ad\x9e\x08b\xbf\x8b\xd3\r\xe2\x81\x17g\x9c\xd7\x10\x19\x1a\xa6\xc3\x9d\xde\xe7\xe0h\xed/\x00\x95tz)1\\\t8:\xb1,U\xfe\xdec\xf2h\xab`\xe5'\x93\xf8\xde\xb2\x9a\x9a"
我的解答:
考点:佩尔方程
解方程得到y,然后AES即可。
exp:
# sage
from Crypto.Util.number import *
from Crypto.Cipher import AES
a = 1
b = 114514
enc=b"\xce\xf1\x94\x84\xe9m\x88\x04\xcb\x9ad\x9e\x08b\xbf\x8b\xd3\r\xe2\x81\x17g\x9c\xd7\x10\x19\x1a\xa6\xc3\x9d\xde\xe7\xe0h\xed/\x00\x95tz)1\\\t8:\xb1,U\xfe\xdec\xf2h\xab`\xe5'\x93\xf8\xde\xb2\x9a\x9a"
numTry = 1500
def solve_pell(N, numTry):
cf = continued_fraction(sqrt(N))
for i in range(numTry):
denom = cf.denominator(i)
numer = cf.numerator(i)
if numer^2 - N * denom^2 == 1:
return numer, denom
return None, None
def pad(x):
return x+b'\x00'*(16-len(x)%16)
N = b//a
x,y = solve_pell(N,numTry)
print(y)
key = pad(long_to_bytes(y))[:16]
cipher = AES.new(key,AES.MODE_ECB)
flag = cipher.decrypt(enc)
print(flag)
# hgame{G0od!_Yo3_k1ow_C0ntinued_Fra3ti0ns!!!!!!!}
ezPRNG
题目描述:一个简单的随机数
from Crypto.Util.number import *
import uuid
def PRNG(R,mask):
nextR = (R << 1) & 0xffffffff
i=(R&mask)&0xffffffff
nextbit=0
while i!=0:
nextbit^=(i%2)
i=i//2
nextR^=nextbit
return (nextR,nextbit)
R=str(uuid.uuid4())
flag='hgame{'+R+'}'
print(flag)
R=R.replace('-','')
Rlist=[int(R[i*8:i*8+8],16) for i in range(4)]
mask=0b10001001000010000100010010001001
output=[]
for i in range(4):
R=Rlist[i]
out=''
for _ in range(1000):
(R,nextbit)=PRNG(R,mask)
out+=str(nextbit)
output.append(out)
print(f'output={output}')
#output
我的解答:
题目参考:2018-CISCN-oldStreamgame
#对mask提取出相与有效位1
mask = '10001001000010000100010010001001'
for i in range(len(mask)):
if int(mask[i]) == 1:
print(i, end=' ')
#0 4 7 12 17 21 24 28 31
#恢复R
output
flag = ''
for i in range(4):
nextbits = output[i]
R = []
for _ in range(32): #每次恢复1bit 一共是32bit 因为与0xffffffff 起到限制位数的作用
temp = '0' + ''.join(R) + nextbits[:(32-1-len(R))] #补全32位 第一个为猜测位0 第二个为已知R位 第三个为nextbit填充位
print(temp)
#进行猜测校验判断
if(int(temp[0]) ^ int(temp[4]) ^ int(temp[7]) ^ int(temp[12]) ^ int(temp[17]) ^ int(temp[21]) ^ int(temp[24]) ^ int(temp[28]) ^ int(temp[31]) == int(nextbits[32-1-len(R)])):
#猜测成功则填充0
R.insert(0, '0') #在第0位插入0
else:
R.insert(0, '1')
R = ''.join(R)
R = hex(int(R,2))[2:] #进制转换
flag += R
print(flag)
#fbbbee823f434f919337907880e4191a
#hgame{fbbbee82-3f43-4f91-9337-907880e4191a}
最后结果根据UUID固定格式来写
MISC(全)
SignIn
换个方式签个到
flag格式:'hgame\{[A-Z_]+\}'
我的解答:
提示说换个视角,看着像拉伸过的图片。试着还原回去看看
放到Word里面编辑
hgame{WOW_GREAT_YOU_SEE_IT_WONDERFUL}
来自星尘的问候
一个即将发售的游戏的主角薇^3带来了一条消息。这段消息隐藏在加密的图片里
但即使解开了图片的六位弱加密,看到的也是一张迷惑的图片。
也许游戏的官网上有这种文字的记录?
补充:flag格式为`hgame\{[a-z0-9_]+\}`
我的解答:
steghide隐写,密码是123456
得到一个压缩包,解压里面有一张图片
根据题目提示可知该图中的文字为游戏中的字体,然后搜索发现是来自星尘的异星字体,对照表:https://my1l.github.io/Ctrl/CtrlAstr.html
hgame{welc0me!}
simple_attack
怎么解开这个压缩包呢?
我的解答:
附件里面有一张图片和一个压缩包,发现此压缩包中的图片与压缩包外的图片是一致的,一眼丁真,明文攻击
将图片进行压缩(使用bandzip进行压缩)然后与压缩包一起放入爆破工具进行明文攻击即可
得到

base64转图片
希儿希儿希尔
Ch405是一名忠实的希儿厨,于是他出了一道这样的题,不过他似乎忘了这个加密的名字不是希儿了(x虽然经常有人叫错
补充:
图片打不开是正常现象,需要修复
最终得到的大写字母请用hgame{}包裹
我的解答:
宽高爆破
foremost分离文件得到密文
CVOCRJGMKLDJGBQIUIVXHEYLPNWR
根据题目名字希儿希儿想到希尔密码,但需要key才行。
图片放到随波逐流解出
RGB:KEY:[[8 7][3 8]]
然后希尔解码:http://www.practicalcryptography.com/ciphers/hill-cipher/
disappearintheseaofbutterfly
hgame{DISAPPEARINTHESEAOFBUTTERFLY}
签到
关注“凌武科技”微信公众号,发送“HGAME2024”获得 Flag!