北京电子科技学院2024密码保密与网络对抗宣传赛WP

个人赛

20211108_俞振阳

排名

第六名
image

解题思路

ctf1 签到题 类型:Misc

image

文件最后出现明显字符提示,尝试base64编码
image

flag{ae9603a1-a905-f9be-5143-660bac605401}

ctf5 伪装者 类型:Web

image
尝试注入此ip值
curl -H "X-Forwarded-For: 1.1.1.1" http://39.106.48.123:13504/
image
flag{4404c26d-cd6b-43a7-b8f4-1a844dcae940}

simple 类型:Crypto

image
有很规整的答案的格式,而且提示“放射”,猜测是仿射密码
image

ciphertext="kgws{m8u8cm65-ue9k-44k5-8361-we225m76eeww}"
decrypted_text=""
 
for i in ciphertext:
    if ord(i)>=ord('a') and ord(i)<=ord('z'):
        text=ord(i)-ord('a')
        for j in range(26):
            if pow(123456*j+321564,1,26)==text:
                decrypted_text=decrypted_text+chr(ord('a')+j)
                break
    else:
        decrypted_text=decrypted_text+i
print(decrypted_text)

flag{c8d8ec65-db9f-44f5-8361-ab225c76bbaa}

b64 类型:Crypto

将泄露的明文进行base64编码,结果YXNobGtqIUBzajEyMjMlXiYqU2Q0NTY0c2Q4NzlzNWQxMmYyMzFhNDZxd2prZDEySjtESmpsO0xqTDtLSjg3MjkxMjg3MTM=
与泄露的的密文存在对应关系pTjMwJ9WiQHfvC+eFCFKTBpWQtmgjopgqtmPjfKfjSmdFLpeFf/Aj2ud3tN7u2+enC9+nLN8kgdWo29ZnCrOFCDdFCrOFoF=
但是字母['E', 'G', 'I', 's', 'X', 'z']的映射关系未知,需要进行穷举。
这里是对已知关系进行解密的一次结果:
image
ZmxhZ3sxZTNhMmElNI0xYzGyLTEmNGYtOWIyZIshNGFmYWXkZjGxZTZz

# 已知的明密文对
known_plain = "YXNobGtqIUBzajEyMjMlXiYqU2Q0NTY0c2Q4NzlzNWQxMmYyMzFhNDZxd2prZDEySjtESmpsO0xqTDtLSjg3MjkxMjg3MTM="
known_cipher = "pTjMwJ9WiQHfvC+eFCFKTBpWQtmgjopgqtmPjfKfjSmdFLpeFf/Aj2ud3tN7u2+enC9+nLN8kgdWo29ZnCrOFCDdFCrOFoF="

# 新的密文
new_cipher = "uLdAuO8duojAFLEKjIgdpfGeZoELjJp9kSieuIsAjJ/LpSXDuCGduouz"

# 解密函数
def decrypt(ciphertext, known_plain, known_cipher):
    # 构建替换密码字典
    substitution_dict = {}
    for p, c in zip(known_plain, known_cipher):
        substitution_dict[c] = p
    
    # 解密新的密文
    plaintext = ""
    for char in ciphertext:
        if char in substitution_dict:
            plaintext += substitution_dict[char]
        else:
            plaintext += char
    return plaintext

# 解密新的密文
decrypted_text = decrypt(new_cipher, known_plain, known_cipher)
print("Decrypted text:", decrypted_text)

image
与结果格式flag{XX-XX-XX-XX}十分接近,之前未知的几个字母的映射关系就可以进行猜测。
最后筛选符合格式的编码后结果有

flag{1e3a2be4-1c02-2f4f-9b2d-a4afaddf01e6}
flag{1e3a2be4-1c02-2f4f-9b2d-a4afaedf01e6}
flag{1e3a2de4-1c02-4f4f-9b2d-a4afabdf01e6}
flag{1e3a2de4-1c02-4f4f-9b2d-a4afaedf01e6}
flag{1e3a2ee4-1c02-5f4f-9b2d-a4afabdf01e6}
flag{1e3a2ee4-1c02-5f4f-9b2d-a4afaddf01e6}

最后一个一个尝试提交,正确的结果是
flag{1e3a2de4-1c02-4f4f-9b2d-a4afabdf01e6}

posted @ 2024-03-31 21:55  20211108俞振阳  阅读(16)  评论(0编辑  收藏  举报