攻防世界CRYPTO新手練習
0x01 base64
直接base64 Decode 獲得flag cyberpeace{Welcome_to_new_World!}php
0x02 Caesar
key爲12 的愷撒密碼,解密德flag cyberpeace{you_have_learned_caesar_encryption}html
Tools:http://www.zjslove.com/3.decode/kaisa/index.htmlpython
摩斯密碼 1替換成-,0替換成.,直接解密git
11 111 010 000 0 1010 111 100 0 00 000 000 111 00 10 1 0 010 0 000 1 00 10 110github
-- --- .-. ... . -.-. --- -.. . .. ... ... --- .. -. - . .-. . ... - .. -. --.算法
解密獲得flag cyberpeace{morsecodeissointeresting}app
貼出大佬的代碼dom
# python3
# -*- coding:utf-8 -*-
CODE_TABLE = {
# 26 個英文字符
'A': '.-', 'B': '-...', 'C': '-.-.',
'D': '-..', 'E': '.', 'F': '..-.',
'G': '--.', 'H': '....', 'I': '..',
'J': '.---', 'K': '-.-', 'L': '.-..',
'M': '--', 'N': '-.', 'O': '---',
'P': '.--.', 'Q': '--.-', 'R': '.-.',
'S': '...', 'T': '-', 'U': '..-',
'V': '...-', 'W': '.--', 'X': '-..-',
'Y': '-.--', 'Z': '--..',
# 10 個數字
'0': '-----', '1': '.----', '2': '..---',
'3': '...--', '4': '....-', '5': '.....',
'6': '-....', '7': '--...', '8': '---..',
'9': '----.',
# 16 個特殊字符
',': '--..--', '.': '.-.-.-', ':': '---...', ';': '-.-.-.',
'?': '..--..', '=': '-...-', "'": '.----.', '/': '-..-.',
'!': '-.-.--', '-': '-....-', '_': '..--.-', '(': '-.--.',
')': '-.--.-', '$': '...-..-', '&': '. . . .', '@': '.--.-.'
# 你還能夠自定義
}
def morsedecode(morse):
msg =''
codes = morse.split(' ')
for code in codes:
if code =='':
msg += ' '
else:
UNCODE =dict(map(lambda t:(t[1],t[0]),CODE_TABLE.items()))
msg += UNCODE[code]
return msg
a = open(r'crypto3.txt','r')
ciphertext = a.read()
ciphertext = ciphertext.replace('1','-')
ciphertext = ciphertext.replace('0','.')
FLAG = morsedecode(ciphertext)
flag = FLAG.lower()
flag = 'cyberpeace{'+flag+'}'
print('flag is ',flag)
0x04 Railfence
柵欄密碼,欄數爲5,解出來flag爲 cyberpeace{railfence_cipher_gogogo}0ide
網上不少人都在這裏遇到了問題,表示沒法得出答案,其實這裏主要的緣由是國內外對柵欄密碼的加密原理相同當實際過程有些不一樣,這道題就須要用國外的解密方法來解密工具
貼張網圖瞭解一下
國內解密 https://www.qqxiuzi.cn/bianma/zhalanmima.php
國外解密 http://www.atoolbox.net/Tool.php?Id=777
0x05 easy RSA
一個RSA加密,直接貼出代碼
import gmpy2
p = 473398607161
q = 4511491
e = 17
s = (p-1)*(q-1)
d = gmpy2.invert(e,s)
print('flag is :',d)
得flag : cyberpeace{125631357777427553}
0X06 不單單是Morse
下載得文件是這樣的
--/.-/-.--/..--.-/-..././..--.-/..../.-/...-/./..--.-/.-/-./---/-/...././.-./..--.-/-.././-.-./---/-.././..../..../..../..../.-/.-/.-/.-/.-/-.../.-/.-/-.../-.../-.../.-/.-/-.../-.../.-/.-/.-/.-/.-/.-/.-/.-/-.../.-/.-/-.../.-/-.../.-/.-/.-/.-/.-/.-/.-/-.../-.../.-/-.../.-/.-/.-/-.../-.../.-/.-/.-/-.../-.../.-/.-/-.../.-/.-/.-/.-/-.../.-/-.../.-/.-/-.../.-/.-/.-/-.../-.../.-/-.../.-/.-/.-/-.../.-/.-/.-/-.../.-/.-/-.../.-/-.../-.../.-/.-/-.../-.../-.../.-/-.../.-/.-/.-/-.../.-/-.../.-/-.../-.../.-/.-/.-/-.../-.../.-/-.../.-/.-/.-/-.../.-/.-/-.../.-/.-/-.../.-/.-/.-/.-/-.../-.../.-/-.../-.../.-/.-/-.../-.../.-/.-/-.../.-/.-/-.../.-/.-/.-/-.../.-/.-/-.../.-/.-/-.../.-/.-/-.../.-/-.../.-/.-/-.../-.../.-/-.../.-/.-/.-/.-/-.../-.../.-/-.../.-/.-/-.../-.../.-
講/替換成空格,可獲得一串摩斯密碼,解密後
AAAAABAABBBAABBAAAAAAAABAABABAAAAAAABBABAAABBAAABBAABAAAABABAABAAABBABAAABAAABAABABBAABBBABAAABABABBAAABBABAAABAABAABAAAABBABBAABBAABAABAAABAABAABAABABAABBABAAAABBABAABBA
培根密碼,貼出(大佬的)解密代碼
import re
# 密文轉化爲指定格式
s = 'AAAAABAABBBAABBAAAAAAAABAABABAAAAAAABBABAAABBAAABBAABAAAABABAABAAABBABAAABAAABAABABBAABBBABAAABABABBAAABBABAAABAABAABAAAABBABBAABBAABAABAAABAABAABAABABAABBABAAAABBABAABBA'
a = s.lower()
# 字典
CODE_TABLE = {
'a':'aaaaa','b':'aaaab','c':'aaaba','d':'aaabb','e':'aabaa','f':'aabab','g':'aabba',
'h':'aabbb','i':'abaaa','j':'abaab','k':'ababa','l':'ababb','m':'abbaa','n':'abbab',
'o':'abbba','p':'abbbb','q':'baaaa','r':'baaab','s':'baaba','t':'baabb','u':'babaa',
'v':'babab','w':'babba','x':'babbb','y':'bbaaa','z':'bbaab'
}
# 5個一組進行切割並解密
def peigendecode(peigen):
msg =''
codes = re.findall(r'.{5}', a)
for code in codes:
if code =='':
msg += ' '
else:
UNCODE =dict(map(lambda t:(t[1],t[0]),CODE_TABLE.items()))
msg += UNCODE[code]
return msg
flag = peigendecode(a)
print('flag is ',flag)
獲得flag cyberpeace{attackanddefenceworldisinteresting}
0x07 混合編碼
先base64 Decode 解得
LzExOS8xMDEvMTA4Lzk5LzExMS8xMDkvMTAxLzExNi8xMTEvOTcvMTE2LzExNi85Ny85OS8xMDcvOTcvMTEwLzEwMC8xMDAvMTAxLzEwMi8xMDEvMTEwLzk5LzEwMS8xMTkvMTExLzExNC8xMDgvMTAw
更具ASCII轉成字符串可得
LzExOS8xMDEvMTA4Lzk5LzExMS8xMDkvMTAxLzExNi8xMTEvOTcvMTE2LzExNi85Ny85OS8xMDcvOTcvMTEwLzEwMC8xMDAvMTAxLzEwMi8xMDEvMTEwLzk5LzEwMS8xMTkvMTExLzExNC8xMDgvMTAw
在進行一次base64 Decode
/119/101/108/99/111/109/101/116/111/97/116/116/97/99/107/97/110/100/100/101/102/101/110/99/101/119/111/114/108/100
去掉/再轉一次字符串獲得答案welcometoattackanddefenceworld
順便貼一個大佬的代碼
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
import base64
a = open(r'crypto8.txt','r')
s = a.read()
# base64解密一下
b = base64.b64decode(s).decode('ascii')
# 對解密後的字符串進行處理
b = b.strip('&#;')
c = []
c = b.split(';&#')
# unicode解密
d = ''
for i in c:
d += chr(int(i))
# base64再次解密
e = base64.b64decode(d).decode('ascii')
# 對字符進行處理
e = e.strip('/')
f = []
f = e.split('/')
# 轉化爲ascii碼
flag =''
for i in f:
flag += chr(int(i))
print('flag is ',flag)
flag : cyberpeace{welcometoattackanddefenceworld}
0x08 Normal RSA
這道題主要考察得是RSAtool的使用,我都在kail裏操做
先準備rsatool
git clone https://github.com/ius/rsatool
下載文件解壓後獲得flag.enc和pubkey.pem兩個文件
openssl提取出pubkey.pem中的參數;
openssl rsa -pubin -text -modulus -in warmup -in pubkey.pem
將獲得的Modulus 16進制轉爲10進制,獲得
87924348264132406875276140514499937145050893665602592992418171647042491658461
使用kail的factor()將這個數分解成兩個素數的乘積時,直接報錯了,應該是太長了,因此使用在線工具進行分解
在線:http://www.factordb.com/ 分解得:
275127860351348928173285174381581152299 319576316814478949870590164193048041239
知道兩個素數,隨機定義大素數e,求出密鑰文件
python rsatool.py -o private.pem -e 65537 -p 275127860351348928173285174381581152299 -q 319576316814478949870590164193048041239
這時候咱們會獲得一個private.pem文件,利用這個文件進行解密
openssl rsautl -decrypt -in flag.enc -inkey private.pem
獲得flag : PCTF{256b_i5_m3dium}
0x09 輪起色加密
題目如此,輪起色加密
1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE < 2: < KPBELNACZDTRXMJQOYHGVSFUWI < 3: < BDMAIZVRNSJUWFHTEQGYXPLOCK < 4: < RPLNDVHGFCUKTEBSXQYIZMJWAO < 5: < IHFRLABEUOTSGJVDKCPMNZQWXY < 6: < AMKGHIWPNYCJBFZDRUSLOQXVET < 7: < GWTHSPYBXIZULVKMRAFDCEONJQ < 8: < NOZUTWDCVRJLXKISEFAPMYGHBQ < 9: < XPLTDSRFHENYVUBMCQWAOIKZGJ < 10: < UDNAJFBOWTGVRSCZQKELMXYIHP < 11: < MNBVCXZQWERTPOIUYALSKDJFHG < 12: < LVNCMXZPQOWEIURYTASBKJDFHG < 13: < JZQAWSXCDERFVBGTYHNUMKILOP < 密鑰爲:2,3,7,5,13,12,9,1,8,10,4,11,6 密文爲:NFQKSEVOQOFNP
直接貼出大佬的代碼
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
import re
sss = '1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE < 2: < KPBELNACZDTRXMJQOYHGVSFUWI < 3: < BDMAIZVRNSJUWFHTEQGYXPLOCK < 4: < RPLNDVHGFCUKTEBSXQYIZMJWAO < 5: < IHFRLABEUOTSGJVDKCPMNZQWXY < 6: < AMKGHIWPNYCJBFZDRUSLOQXVET < 7: < GWTHSPYBXIZULVKMRAFDCEONJQ < 8: < NOZUTWDCVRJLXKISEFAPMYGHBQ < 9: < XPLTDSRFHENYVUBMCQWAOIKZGJ < 10: < UDNAJFBOWTGVRSCZQKELMXYIHP < 11 < MNBVCXZQWERTPOIUYALSKDJFHG < 12 < LVNCMXZPQOWEIURYTASBKJDFHG < 13 < JZQAWSXCDERFVBGTYHNUMKILOP <'
m = 'NFQKSEVOQOFNP'
# 將sss轉化爲列表形式
content=re.findall(r'< (.*?) <',sss,re.S)
# re.S:DOTALL,此模式下,"."的匹配不受限制,可匹配任何字符,包括換行符
iv=[2,3,7,5,13,12,9,1,8,10,4,11,6]
print(content)
vvv=[]
for i in range(13):
index=content[iv[i]-1].index(m[i])
vvv.append(index)
print(vvv)
for i in range(0,26):
flag=""
for j in range(13):
flag += content[iv[j]-1][(vvv[j]+i)%26]
print(flag.lower())
獲得flag cyberpeace{fireinthehole}
0x10 easychallenge
pyc時是將python的py程序編譯成的中間式文件,這道題咱們須要將其反編譯成咱們可讀的py代碼
反編譯結果
#!/usr/bin/env python
# encoding: utf-8
# 若是以爲不錯,能夠推薦給你的朋友!http://tool.lu/pyc
import base64
def encode1(ans):
s = ''
for i in ans:
x = ord(i) ^ 36
x = x + 25
s += chr(x)
return s
def encode2(ans):
s = ''
for i in ans:
x = ord(i) + 36
x = x ^ 36
s += chr(x)
return s
def encode3(ans):
return base64.b32encode(ans)
flag = ' '
print 'Please Input your flag:'
flag = raw_input()
final = 'UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E==='
if encode3(encode2(encode1(flag))) == final:
print 'correct'
else:
print 'wrong'
分析代碼,輸入的flag須要進行三次加密(??),想求答案,寫段代碼
import base64
key = 'UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E==='
temp = base64.b32decode(key)
#可得temp爲'\xa0\xbe\xa7Z\xb7\xb5Z\xa6\xa0Z\xb8\xae\xa3\xa9Z\xb7Z\xb0\xa9\xae\xa3\xa4\xad\xad\xad\xad\xad\xb2'
#手動賦值進行接下來的解密
b = "\xa0\xbe\xa7Z\xb7\xb5Z\xa6\xa0Z\xb8\xae\xa3\xa9Z\xb7Z\xb0\xa9\xae\xa3\xa4\xad\xad\xad\xad\xad\xb2"
s = ''
for i in b:
s += chr((ord(i) ^ 36) - 36)
l = ''
for i in s:
l += chr((ord(i) - 25) ^ 36)
print ('flag is ',l)
獲得flag :cyberpeace{interestinghhhhh}
0x11 冪數加密
下載下來分析後,式雲影密碼
8842101220480224404014224202480122 88421 122 48 2244 4 142242 248 122 23 5 12 12 4 15 14 5 w e l l d o n e
就這樣,以0爲分界,每組加起來,去對應順序字母
貼一段大佬的代碼
#!/user/bin/env python
# -*-coding:utf-8 -*-
a = open(r'crypto11.txt','r')
ciphertext = a.read()
s = ciphertext.split('0')
flag = ''
for i in range(len(s)):
list = []
for j in s[i]:
list.append(j)
b = 0
for k in list:
b += int(k)
# 字母ascii值與字母順序相差爲96
flag += chr(b+96)
print('flag is ',flag)
flag : cyberpeace{welldone}
0x12 easy ECC
ECC(橢圓曲線加密)
橢圓曲線加密原理 ECC橢圓曲線詳解 ECC加密算法入門介紹
我如今仍是一臉懵逼,只能用着大佬的腳本,苟延殘喘
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
def get_inverse(mu, p):
"""
獲取y的負元
"""
for i in range(1, p):
if (i*mu)%p == 1:
return i
return -1
def get_gcd(zi, mu):
"""
獲取最大公約數
"""
if mu:
return get_gcd(mu, zi%mu)
else:
return zi
def get_np(x1, y1, x2, y2, a, p):
"""
獲取n*p,每次+p,直到求解階數np=-p
"""
flag = 1 # 定義符號位(+/-)
# 若是 p=q k=(3x2+a)/2y1mod p
if x1 == x2 and y1 == y2:
zi = 3 * (x1 ** 2) + a # 計算分子 【求導】
mu = 2 * y1 # 計算分母
# 若P≠Q,則k=(y2-y1)/(x2-x1) mod p
else:
zi = y2 - y1
mu = x2 - x1
if zi* mu < 0:
flag = 0 # 符號0爲-(負數)
zi = abs(zi)
mu = abs(mu)
# 將分子和分母化爲最簡
gcd_value = get_gcd(zi, mu) # 最大公約數
zi = zi // gcd_value # 整除
mu = mu // gcd_value
# 求分母的逆元 逆元: ∀a ∈G ,ョb∈G 使得 ab = ba = e
# P(x,y)的負元是 (x,-y mod p)= (x,p-y) ,有P+(-P)= O∞
inverse_value = get_inverse(mu, p)
k = (zi * inverse_value)
if flag == 0: # 斜率負數 flag==0
k = -k
k = k % p
# 計算x3,y3 P+Q
x3 = (k ** 2 - x1 - x2) % p
y3 = (k * (x1 - x3) - y1) % p
return x3,y3
def get_rank(x0, y0, a, b, p):
"""
獲取橢圓曲線的階
"""
x1 = x0 #-p的x座標
y1 = (-1*y0)%p #-p的y座標
tempX = x0
tempY = y0
n = 1
while True:
n += 1
# 求p+q的和,獲得n*p,直到求出階
p_x,p_y = get_np(tempX, tempY, x0, y0, a, p)
# 若是 == -p,那麼階數+1,返回
if p_x == x1 and p_y == y1:
return n+1
tempX = p_x
tempY = p_y
def get_param(x0, a, b, p):
"""
計算p與-p
"""
y0 = -1
for i in range(p):
# 知足取模約束條件,橢圓曲線Ep(a,b),p爲質數,x,y∈[0,p-1]
if i**2%p == (x0**3 + a*x0 + b)%p:
y0 = i
break
# 若是y0沒有,返回false
if y0 == -1:
return False
# 計算-y(負數取模)
x1 = x0
y1 = (-1*y0) % p
return x0,y0,x1,y1
def get_ng(G_x, G_y, key, a, p):
"""
計算nG
"""
temp_x = G_x
temp_y = G_y
while key != 1:
temp_x,temp_y = get_np(temp_x,temp_y, G_x, G_y, a, p)
key -= 1
return temp_x,temp_y
def ecc_main():
while True:
a = int(input("請輸入橢圓曲線參數a(a>0)的值:"))
b = int(input("請輸入橢圓曲線參數b(b>0)的值:"))
p = int(input("請輸入橢圓曲線參數p(p爲素數)的值:")) #用做模運算
# 條件知足判斷
if (4*(a**3)+27*(b**2))%p == 0:
print("您輸入的參數有誤,請從新輸入!!!\n")
else:
break
# 選點做爲G點
print("在如上座標系中選一個值爲G的座標")
G_x = int(input("請輸入選取的x座標值:"))
G_y = int(input("請輸入選取的y座標值:"))
# 獲取橢圓曲線的階
n = get_rank(G_x, G_y, a, b, p)
# user1生成私鑰,小key
key = int(input("請輸入私鑰小key(<{}):".format(n)))
# user1生成公鑰,大KEY
KEY_x,kEY_y = get_ng(G_x, G_y, key, a, p)
print('flag is ',KEY_,KEY_Y)
if __name__ == "__main__":
ecc_main()
然而題目的給的數值貌似太大,這個腳本的跑不出來,悲傷.jpg
等之後看有沒有機會補上(咕咕咕)
20191021,今天忽然想起來了,找到了其餘大佬的py代碼,因而補上
import collections
import random
EllipticCurve = collections.namedtuple('EllipticCurve', 'name p a b g n h')
curve = EllipticCurve(
'secp256k1',
# Field characteristic.
p=int(input('p=')),
# Curve coefficients.
a=int(input('a=')),
b=int(input('b=')),
# Base point.
g=(int(input('Gx=')),
int(input('Gy='))),
# Subgroup order.
n=int(input('k=')),
# Subgroup cofactor.
h=1,
)
# Modular arithmetic ##########################################################
def inverse_mod(k, p):
"""Returns the inverse of k modulo p.
This function returns the only integer x such that (x * k) % p == 1.
k must be non-zero and p must be a prime.
"""
if k == 0:
raise ZeroDivisionError('division by zero')
if k < 0:
# k ** -1 = p - (-k) ** -1 (mod p)
return p - inverse_mod(-k, p)
# Extended Euclidean algorithm.
s, old_s = 0, 1
t, old_t = 1, 0
r, old_r = p, k
while r != 0:
quotient = old_r // r
old_r, r = r, old_r - quotient * r
old_s, s = s, old_s - quotient * s
old_t, t = t, old_t - quotient * t
gcd, x, y = old_r, old_s, old_t
assert gcd == 1
assert (k * x) % p == 1
return x % p
# Functions that work on curve points #########################################
def is_on_curve(point):
"""Returns True if the given point lies on the elliptic curve."""
if point is None:
# None represents the point at infinity.
return True
x, y = point
return (y * y - x * x * x - curve.a * x - curve.b) % curve.p == 0
def point_neg(point):
"""Returns -point."""
assert is_on_curve(point)
if point is None:
# -0 = 0
return None
x, y = point
result = (x, -y % curve.p)
assert is_on_curve(result)
return result
def point_add(point1, point2):
"""Returns the result of point1 + point2 according to the group law."""
assert is_on_curve(point1)
assert is_on_curve(point2)
if point1 is None:
# 0 + point2 = point2
return point2
if point2 is None:
# point1 + 0 = point1
return point1
x1, y1 = point1
x2, y2 = point2
if x1 == x2 and y1 != y2:
# point1 + (-point1) = 0
return None
if x1 == x2:
# This is the case point1 == point2.
m = (3 * x1 * x1 + curve.a) * inverse_mod(2 * y1, curve.p)
else:
# This is the case point1 != point2.
m = (y1 - y2) * inverse_mod(x1 - x2, curve.p)
x3 = m * m - x1 - x2
y3 = y1 + m * (x3 - x1)
result = (x3 % curve.p,
-y3 % curve.p)
assert is_on_curve(result)
return result
def scalar_mult(k, point):
"""Returns k * point computed using the double and point_add algorithm."""
assert is_on_curve(point)
if k < 0:
# k * point = -k * (-point)
return scalar_mult(-k, point_neg(point))
result = None
addend = point
while k:
if k & 1:
# Add.
result = point_add(result, addend)
# Double.
addend = point_add(addend, addend)
k >>= 1
assert is_on_curve(result)
return result
# Keypair generation and ECDHE ################################################
def make_keypair():
"""Generates a random private-public key pair."""
private_key = curve.n
public_key = scalar_mult(private_key, curve.g)
return private_key, public_key
private_key, public_key = make_keypair()
print("private key:", hex(private_key))
print("public key: (0x{:x}, 0x{:x})".format(*public_key))
3個月過去了,我仍是同樣的菜啊!!!
相關文章
- 1. 攻防世界Crypto新手練習
- 2. 攻防世界crypto練習3
- 3. 攻防世界crypto新手區writeup
- 4. 攻防世界 —— Crypto新手練習區2題(Caesar)題解
- 5. [攻防世界]crypto新手練習區base64
- 6. XCTF-攻防世界-密碼學crypto-新手練習區-writeup
- 7. 攻防世界 —— Crypto新手練習區7題(easy_RSA)題解
- 8. 攻防世界CRYPTO
- 9. 攻防世界--misc新手練習區
- 10. XCTF 攻防世界 web 新手練習
- 更多相關文章...
- • MySQL 5.7的新特性(新功能) - MySQL教程
- • ionic 下拉刷新 - ionic 教程
- • Tomcat學習筆記(史上最全tomcat學習筆記)
- • Kotlin學習(二)基本類型
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 升級Gradle後報錯Gradle‘s dependency cache may be corrupt (this sometimes occurs
- 2. Smarter, Not Harder
- 3. mac-2019-react-native 本地環境搭建(xcode-11.1和android studio3.5.2中Genymotion2.12.1 和VirtualBox-5.2.34 )
- 4. 查看文件中關鍵字前後幾行的內容
- 5. XXE萌新進階全攻略
- 6. Installation failed due to: ‘Connection refused: connect‘安卓studio端口占用
- 7. zabbix5.0通過agent監控winserve12
- 8. IT行業UI前景、潛力如何?
- 9. Mac Swig 3.0.12 安裝
- 10. Windows上FreeRDP-WebConnect是一個開源HTML5代理,它提供對使用RDP的任何Windows服務器和工作站的Web訪問
歡迎關注本站公眾號,獲取更多信息
