Facker007's blog

bugku-crypto-下篇

2022-01-08 分类 作者 Facker007 ~19.55K 字
  • affine
  • rsa
  • 黄道十二宫
  • 托马斯.杰斐逊
  • 简单的rsa
  • 缝合加密
  • python_jail
  • 这是个盲兔子,竟然在唱歌!
  • Math&English
  • 7+1+0
  • 给你私钥吧
  • 11月11日是个好日子
  • 道友不来算一算凶吉?
  • Double
  • python(N1CTF)
  • Funny Number

affine

了解仿射密码的原理即可做

1
2
3
y = 17x-8 flag{szzyfimhyzd}

就是从26个字母表中替换,当取a时,相当于数字0。x就等于0。代入(17*0-8) mod 26 = 18。就是字母表里的s,然后写脚本逆着爆破就可以了
1
2
3
4
5
6
7
8
9
仿射密码是一种替换密码,利用加密函数一个字母对一个字母的加密。

加密函数:E(x) = (ax + b) (mod m),其中

a和m互质
m是字母的数量
解密函数:D(x) = a-1(x - b) (mod m),其中a-1是a在Zm群的乘法逆元。

仿射密码 为单表加密的一种,字母系统中所有字母都藉一简单数学方程加密,对应至数值,或转回字母。 其仍有所有替代密码之弱处。所有字母皆借由方程E(x) = (ax + b) (mod m)加密,b 为移动大小。
1
2
3
4
5
6
7
8
9
10
# 爆破的方法
from string import ascii_lowercase
key="szzyfimhyzd"
flag=""
for s in key:
    for i in range(26):
        if(s==ascii_lowercase[((17*(i)-8) % 26)]):
            flag+=ascii_lowercase[i]
print(flag)
# print(ascii_lowercase[12])
1
2
3
4
5
6
7
8
9
10
11
12
# 求逆方法
import gmpy2
from string import ascii_lowercase
r=gmpy2.invert(17,26)    #求乘法逆元
key="szzyfimhyzd"
flag=""
for s in key:
    tmp=ascii_lowercase.find(s)
    a=r*(tmp+8) % 26
    flag+=ascii_lowercase[a]
print(flag)

rsa

方法一:

1
python3 RsaCtfTool.py -n 460657813884289609896372056585544172485318117026246263899744329237492701820627219556007788200590119136173895989001382151536006853823326382892363143604314518686388786002989248800814861248595075326277099645338694977097459168530898776007293695728101976069423971696524237755227187061418202849911479124793990722597 -e 354611102441307572056572181827925899198345350228753730931089393275463916544456626894245415096107834465778409532373187125318554614722599301791528916212839368121066035541008808261534500586023652767712271625785204280964688004680328300124849680477105302519377370092578107827116821391826210972320377614967547827619 --uncipher 38230991316229399651823567590692301060044620412191737764632384680546256228451518238842965221394711848337832459443844446889468362154188214840736744657885858943810177675871991111466653158257191139605699916347308294995664530280816850482740530602254559123759121106338359220242637775919026933563326069449424391192

方法二:
先用wiener攻击的脚本求出d

1
2
3
4
5
import  RSAwienerHacker,hashlib
N=460657813884289609896372056585544172485318117026246263899744329237492701820627219556007788200590119136173895989001382151536006853823326382892363143604314518686388786002989248800814861248595075326277099645338694977097459168530898776007293695728101976069423971696524237755227187061418202849911479124793990722597
e=354611102441307572056572181827925899198345350228753730931089393275463916544456626894245415096107834465778409532373187125318554614722599301791528916212839368121066035541008808261534500586023652767712271625785204280964688004680328300124849680477105302519377370092578107827116821391826210972320377614967547827619
d =  RSAwienerHacker.hack_RSA(e,N)
print(d)

在用c,d,n求出m

1
2
3
4
5
6
7
8
9
import binascii
from Crypto.Util.number import long_to_bytes

d=8264667972294275017293339772371783322168822149471976834221082393409363691895
n=460657813884289609896372056585544172485318117026246263899744329237492701820627219556007788200590119136173895989001382151536006853823326382892363143604314518686388786002989248800814861248595075326277099645338694977097459168530898776007293695728101976069423971696524237755227187061418202849911479124793990722597
c=38230991316229399651823567590692301060044620412191737764632384680546256228451518238842965221394711848337832459443844446889468362154188214840736744657885858943810177675871991111466653158257191139605699916347308294995664530280816850482740530602254559123759121106338359220242637775919026933563326069449424391192
m=pow(c,d,n)
print(long_to_bytes(m))
# flag{Wien3r_4tt@ck_1s_3AsY}

黄道十二宫

开局一张图,典型的十二宫,杀手密码
把图中按行列写出来
原理参考

1
2
3
4
5
6
7
8
9
% . . @ * > @ ? = = % 8 8 % 5
. @ % # @ @ 9 0 – 7 $ ^ = * @
1 7 . ( > ( ) 1 @ # # - $ 4 0
~ . * 6 ? # % # 8 # = 7 5 + 1
( * @ * 1 % # > . 0 @ 5 ) % ?
% * ^ = ) & > = 1 % . + 7 & #
8 6 8 1 ( + 8 * @ @ ( . @ @ @
# * = # $ 3 * # % . # % % . 3
. * + 7 . 7 + @ = = = + ) 6 1

处理之后用脚本,转换排列,参考完要改不然结果是错的。因为行列之间的关系
脚本参考或或师傅

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
en_s="%..@*>@?==%88%5.@%#@@90–7$^=*@17.(>()1@##-$40~.*6?#%#8#=75+1(*@*1%#>.0@5)%?%*^=)&>=1%.+7&#8681(+8*@@(.@@@#*=#$3*#%.#%%.3.*+7.7+@===+)61"
en_str=[]
width=15
height=9
a=[8, 17, 26, 35, 44, 53, 62, 71, 80, 89, 98, 107, 116, 125, 134]
for i in range(9):
    en_str.append(str(en_s[i*15:(i+1)*15]))
sign_width=0
sign_height=0
flag=""
for i in range(height*width):
    flag += en_str[sign_height][sign_width]    
    if(i not in a):
        sign_width = (sign_width+2)%width
    sign_height = (sign_height+1)%height
print(flag)

在扔AZdecrypt里直接solve
12g-1.jpg

托马斯.杰斐逊

原理可以参考:https://blog.csdn.net/pdsu161530247/article/details/73604729

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
1: <ZWAXJGDLUBVIQHKYPNTCRMOSFE <
2: <KPBELNACZDTRXMJQOYHGVSFUWI <
3: <BDMAIZVRNSJUWFHTEQGYXPLOCK <
4: <RPLNDVHGFCUKTEBSXQYIZMJWAO <
5: <IHFRLABEUOTSGJVDKCPMNZQWXY <
6: <AMKGHIWPNYCJBFZDRUSLOQXVET <
7: <GWTHSPYBXIZULVKMRAFDCEONJQ <
8: <NOZUTWDCVRJLXKISEFAPMYGHBQ <
9: <QWATDSRFHENYVUBMCOIKZGJXPL <
10: <WABMCXPLTDSRJQZGOIKFHENYVU <
11: <XPLTDAOIKFZGHENYSRUBMCQWVJ <
12: <TDSWAYXPLVUBOIKZGJRFHENMCQ <
13: <BMCSRFHLTDENQWAOXPYVUIKZGJ <
14: <XPHKZGJTDSENYVUBMLAOIRFCQW <

密钥: 2,5,1,3,6,4,9,7,8,14,10,13,11,12

密文:HCBTSXWCRQGLES

先通过密钥找到行数,然后在找到的行数用密文中的第一个字符H来找,找到他的位置到最后,然后提出,把他拉到前面

1
KPBELNACZDTRXMJQOYHGVSFUWI-->KPBELNACZDTRXMJQOY-->GVSFUWIKPBELNACZDTRXMJQOY

拿脚本直接处理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
f=open("file.txt","r")
f1=open("answer.txt","w")
key=[2,5,1,3,6,4,9,7,8,14,10,13,11,12]
str_a="HCBTSXWCRQGLES"
a=['',]
for i in range(1,15):
    a.insert(i,f.readline().split("<")[1].strip())
for i in range(len(key)):
    # print(a[key[i]])
    tmp_num=a[key[i]].find(str_a[i])
    # print(a[key[i]],tmp_num)
    tmp=a[key[i]][tmp_num:]
    b=a[key[i]].replace(tmp,"")
    f1.write(tmp+b+"\n")
    # print(tmp+b)

最后在倒数第六列找到flag
zl-1.jpg

简单的rsa

可以在线pyc
或者就uncompyle6
p、q、e、c都给齐了直接写脚本就出

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
import gmpy2,base64
from Crypto.Util.number import long_to_bytes
# p = "ED7FCFABD3C81C78E212323329DC1EE2BEB6945AB29AB51B9E3A2F9D8B0A22101E467"
# print(int(p,16))
# q = "AD85852F9964DA87880E48ADA5C4487480AA4023A4DE2C0321C170AD801C9"
# print(int(q,16))
p=112642194654268090332522091159424262740464136131997744454746325563669794921845482599
q=19161629072279418019517626544923006382220342887636329814814280445997875657
n = p * q
e=65537
c=0x75AB3202DE3E103B03C680F2BEBBD1EA689C8BF260963FE347B3533B99FB391F0A358FFAE5160D6DCB9FCD75CD3E46B2FE3CFFE9FA2E9508702FD6E4CE43486631
epi=((p-1)*(q-1))
d=gmpy2.invert(e,epi)
m=pow(c,d,n)
flag=long_to_bytes(m)
print(base64.b64decode(flag))
# flag{IlikeCTFbutCTFdon'tlikeme}

缝合加密

太套了。
参考了两篇文件
1
2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
猜猜怎么圈下num(e)只Pig?
0=Pig x=fence

x x x 	          x x x x	           ? ? ?
x 0 x      ----->    x 00 x             ----->  ? n ?
x x x	          x x x x	            ? ? ?

WCuUhtAcE10AGA1YJKRhGtX5ur0BLRlPIOGTtJMGTRPQVj0FmK4RvOuXzd14GYKgBpUNKJQFYeDsAk21CZxSJFwDqUPe5dJkKTmuDJWynSlQT2NzOlvZs8K0o5RK1Qh9

配对钥匙:
	1) qwedc ewqaz ewqazxcs awd edcxz ewqazxcds qazxcde edcxz qsz qsz ewqaz axd qsz edcxz qazxcde ewqazxcd qazxcs qazxcs edcxz axd ewqazxcs(解出来的密文请去除空格并小写)

	2) 👢👜👰👲👫👘👦👮👘👢👠👥👞👴

?????锁呢?

请你破解这个缝合密码
Good Job

e在字母表里是第5位,就代表里面关了5只猪,在文本中关一只猪需要8个栅栏,两只猪需要10个栅栏。那5只猪就是16个栅栏了。解出来就是
Wt15IR44KAJ5DTs182JdFkJGRPOuYACcJrGQvYQ2wJWNKQ0zykD1FKOVT0KEu1RBtjugYCqKnOoh5lSTUZeBX0JLh0UAGRMFzpDxPmlvR9KZQueSsUdmGltGhAXPTK1N

在看钥匙1,确实是键盘,但比划出来发现不是什么字母。看了wp发现是猪圈密码。对照着转出来去google发现跟维吉尼亚有关
giovanbattistabellaso

再去维吉尼亚解密
QWVzIGlzIFUyRnNkR1ZrWDEvbjZHSSs5b0J0OW41UCtEbldDOStGTDQ4NzZwcXZJdVVLbHpYWFJ5QSs1aHlZQjNUYzFlV28KS1JqM0hJQ2dQOVRhbU5EVFFsZ1Vwdz09

解出来在base64
Aes is U2FsdGVkX1/n6GI+9oBt9n5P+DnWC9+FL4876pqvIuUKlzXXRyA+5hyYB3Tc1eWo KRj3HICgP9TamNDTQlgUpw==

然后在emoji解密(base100)得到key在aes解密

python_jail

jail=监狱
一题python的逃逸题,理应扔misc
应该有什么限制。
用help(flag)来绕过

1
2
3
4
5
>>> flag="asdsad12312"
>>> help(flag)
No Python documentation found for 'asdsad12312'.
Use help() to get the interactive help utility.
Use help(str) for help on the str class.

这是个盲兔子,竟然在唱歌!

盲文解密
rabbit解密
音乐符号解密

U2Fsd开头的不一定是aes

1
2
3
4
5
6
7
8
9
10
11
12
13
⡥⠂⡶⡃⡔⡷⡦⡛⡨⠁⠟⡚⠉⠇⡳⡜⡉⡤⡴⡑⡓⡆⡑⡔⡆⡠⡩⡹⠂⡢⡪⡵⡢⡟⡶⡹⠃⡒⠁⡥⡞⠟⡚⡞⡣⡣⡤⡀⡡⡆⠉⡼⡻⠀⠉⡧⡙⠇⡦⡇⡧⡅⡺⡑⠺⡑⡉⡑⠂⡞⡱⡳⠁⡊⡢⡩⡊⡚⡊⡕⡛⠀⡕⠂⡩⡱⡾⡴⠂⡶⡛⠈⡹⡇⡗⡑⠃⠁⡆⡝⡽⡺⡨⡙⠛⠅⠁⡠⡇⡩⡅⡸⡑⡧⡑⡸⠅⡆⡨⠛⡣⡨⡑⡢⡝⠁⡟⡚⡿⠺⠛⡿⡕⡴⡛⡡⠀⡔⠉⠂⡴⡃⠃⠀⡿⡹⠄⡺⡀⡵⡊⡝⡪⡨⡛⡦⡖⡛⡧⡡⡪⠈⡲⠟⡝⡔⡕⠅⡄⡞⠟⠂⡵⡉⠅⡩⡦⡼⡈⡴⡩⡈⠟⡞⡦⡩⡆⡛⡴⡾⡈⡁⡁⡗⠺⡹⡾⡆⡢⡹⡠⡈⡃⡛⠆⡁⡖⡻⡉⡡⡻⡓⠆⡁⡼⡷⠃⡛⠅⡵⠈⡝⡂⠉⡃⡄⡠⡠⡡⡒⡁⡃⡁⠅⡾⡨⠆⡘⠇⡄⡁⡲⠅⡖⠛⡓⡤⡃⡕⡺⡃⡝⡛⡳⠀⡢⡒⡙⠂⠺⡱⡉⡻⡒⡨⡄⡒⡒⡈⡱⡧⡽⠆⡉⡷⡹⠛⡊⠟⡥⡜⡳⡶⠆⡺⠉⠂⡂⡛⡥⡓⡝⡴⠆⡽⡟⠅⡿⡻⡸⡺⠆⡇⠂⠈⡼⡤⡕⠂⠈⡤⠅⠛⠁⡇⡟⡧⡈⡗⡲⡊⡸⠉⡻⠺⡱⡻⡥⠍=


U2FsdGVkX1/j97ClyTDacvadvPYI2RZERoFI3b1Un/jnSSTpQv9LK09Wi7VwWuJa
aya2nAC1zRYzjzek0e2YAND2Fk8Iwga31vmMJXi+51PwYuHaWaH5vX+SXaRm1ojO
+OeDkQ0d92Ds30OI4JpEzmZXkVfkWQZ8B/mde5tn/2Ey5YVLxDYx/nVYvkDNxqqg
INvRIPxsk6qfKyQKc6qLG3k5E8mr9stPPQbqsq5NX6h7tqB5f+cTseJsmkC0Rbi2
AyKbXtbbxAWM6yGI+z/UlCF6J92rkUcmD6Mo5OKHJ6w28LTe28T5+1woWxgBzH9K
AKU=

♬♯♩¶♬♫¶♭♩¶♫♪‖♯♬♭♩♬‖♫‖∮‖♩♬§‖♪¶‖♬♩♬§‖♩¶∮♬♬‖♪¶♭¶♯♫♯♩♫‖‖♬§‖♫♬♯♬§♫‖♩♩♫∮♬♩♫‖‖♪¶∮♫‖♫♫♯=

bugku{2at746c5jfc6nh5klxs0c7bcvrzfv5nv}

Math&English

把每行计算出来,去转元音字母
21 33 1 22 3 44 54 5 1 35 54 3 35 41 52 13

yyzm-1.png

bugku{yuanyinpwd}

7+1+0

起手是给了一串字符串
4nXna/V7t2LpdLI44mn0fQ==
base64解密后有的位比较奇怪,我就把第1位和第三位拿去转unicode,并与bugku的格式对比。发现相差128。写脚本处理
unicode

1
2
3
4
5
6
7
8
9
10
âuçkõ{·bét²8âiô}
bugku

e2
62
128

e7
67
128
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
import base64
str1="4nXna/V7t2LpdLI44mn0fQ=="
a=0
flag=""
tmp=base64.b64decode(str1)
try:
    for i in tmp:
        if(a%2==0):
            # print(chr(i-128))
            flag+=chr(i-128)
        else:
            flag+=chr(i)
        a+=1
    print(flag)
except:
    pass

bugku{7bit28bit}

给你私钥吧

python3 RsaCtfTool.py --publickey pubkey.pem --uncipherfile flag.enc
sy-1.jpg

还有一种是factordb解n。数太大,只能去在线找

1
2
3
4
5
6
7
8
9
10
11
12
13
openssl rsa -pubin -in pubkey.pem -text -modulus
pubkey.pem
给了n和e


openssl rsa -in privatekey.pem -text -modulus
私钥n


D12B639DF759A99C9ADB57500BBD635041AA70F8E73F6EA158B23B9AF575915CF68CF8E57B045BBEBCF78A9BCA72BF0E63CB6EC353D66142048CB69EB5F20CDC6BAF6C85E77E6F2AA906DC5868FCB0F0330DEB55076EDF1B226EF54926DD2AD3C943C8EB35CB8C85848E05EA8680988A182701B6A0DC54967760CAC28136AD5B3D9F1CF7952B898CFAAF863A90BFD58DF0FA3F358A7EB8BCBE1BFCF13872BBB9FCC2B330A38F3FD689467FEF22F027549F53D460E9FEBB48F1AE15F7BFBA93069641FD53C46FC971560F5955D8F6E419F5981A9BA393718D785F58659607F511F6CC4077834E059F368EB05BCA7964EA2DC8CD1B13F62A29EA244A3876FF5967


26405201714915839490865227813246218372938736243516916108608439705738170543023112509150522274284238701776297205717958250714972924576706985074311737321016048409831557758205687745692399643151467933196930799657476449865271038382866908177517793954543176769652784274788769353482450910551831498252972857285424471782215525406445071432588374802623485148684255853068532820859835479998199886719945699488858505070686919320144576280217196858823521754407597888769668827432569034617434944912323704501156532854074083408527717809315663187405585840074689387865750105223058720511199252150772925124516509254841404742306560035497627834727

然后解出来用脚本写回去

PKCS1_OAEP是一种基于RSA和OAEP加密算法。所以就要用PKCS1_OAEP写回去
脚本参考

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
import gmpy2,libnum,base64
n = 26405201714915839490865227813246218372938736243516916108608439705738170543023112509150522274284238701776297205717958250714972924576706985074311737321016048409831557758205687745692399643151467933196930799657476449865271038382866908177517793954543176769652784274788769353482450910551831498252972857285424471782215525406445071432588374802623485148684255853068532820859835479998199886719945699488858505070686919320144576280217196858823521754407597888769668827432569034617434944912323704501156532854074083408527717809315663187405585840074689387865750105223058720511199252150772925124516509254841404742306560035497627834727
e = 65537
q = 157790417717035275943197904823645145281147085252905247447260034051878691034747684303715336348507267921249655103263347914128144476912685213431110454636244692224328066884510063590700506729345331153483633231327359450199822698241355428609085077662488946173655043172957247264543259611018596088670385591091710018977
p = 167343506005974003380506069679607737381940204686173214188860057004909006055220516074283090160430833007424970980655748310232878462615469792561310560310363430669700009093597847018287568821792168143170329382585883857083334915378884054389878477389765792275111293420203613159303898365894897865177093362621517279751
d=int(gmpy2.invert(e,(p-1)*(q-1)))
u=int(gmpy2.invert(p,q))
# d = libnum.invmod(e, (p - 1) * (q - 1))
# u = libnum.invmod(p, q)
# print(type(d),type(u))
private_key=RSA.construct((n,e,d,p,q,u))
with open(r"flag.enc", "rb") as f:
    cipher_txt = f.read()
cipher_txt = base64.decodebytes(cipher_txt)
decipher = PKCS1_OAEP.new(private_key)
flag = decipher.decrypt(cipher_txt)
print(flag)
# bugku{tw0_Tig3rs_l0V3_d4nc1ng~ei!}

11月11日是个好日子

base套娃+affine爆破题

1
2
3
base58->base16->base32->base64
en,i5d8{unw_ad1_f2_pg_8gea}
en应该是密文的意思

hint是阴阳怪气编码
先套娃,alp只在最后一步用,注意数字哦

36位的仿射,这里 我其实不知道为什么是仿射,看了wp才知道

参考脚本

脚本所用原理就是,求了
1-36位里的所有质数的逆元,然后b就是1-36。然后代进去算,匹配开头是flag的形式

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
from itertools import permutations
import gmpy2
alp_list = []
for agvr in permutations("agvr", 4):
    alp_list.append("slbn7q6u0w2pf3m9tzjx8o51yke%sdhc4i" % "".join(agvr))
a_list = [1, 5, 7, 11, 13, 17, 19, 23, 25, 29, 31, 35]
b_list = range(36)
en_sec = "i5d8{unw_ad1_f2_pg_8gea}"
en_sec_list = list(en_sec)
a_inv = []
for a in a_list:
    a_inv.append(gmpy2.invert(a, 36))
for alp in alp_list:
    s_i = []
    for s in en_sec_list:
        if s not in ["{", "}", "_"]:
            s_i.append(alp.index(s))
    for a in a_inv:
        for b in b_list:
            m_a_b_i = []
            for i in s_i:
                m_a_b_i.append((a * (i - b)) % 36)
            key = ""
            for j in m_a_b_i[:4]:
                key += alp[j]
            if key[:4] == "flag":
                print("a={}, b={}".format(a, b))
                for j in m_a_b_i[4:]:
                    key += alp[j]
                print(key)
                print(alp)
                exit(0)

道友不来算一算凶吉?

参考链接

encrypt4就是简单加减计算,encrypt5就是仿射的加密
先把密文转成易经中对应的8个二进制,然后二进制8位分割转成字符串。然后在逆encrypt4,在逆encrypt5

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#coding:utf-8
import base64,gmpy2
dic = {'坤': '000000', '剥': '000001', '比': '000010', '观': '000011', '豫': '000100', '晋': '000101', '萃': '000110', '否': '000111', '谦': '001000', '艮': '001001', '蹇': '001010', '渐': '001011', '小过': '001100', '旅': '001101', '咸': '001110', '遁': '001111', '师': '010000', '蒙': '010001', '坎': '010010', '涣': '010011', '解': '010100', '未济': '010101', '困': '010110', '讼': '010111', '升': '011000', '蛊': '011001', '井': '011010', '巽': '011011', '恒': '011100', '鼎': '011101', '大过': '011110', '姤': '011111',
       '复': '100000', '颐': '100001', '屯': '100010', '益': '100011', '震': '100100', '噬嗑': '100101', '随': '100110', '无妄': '100111', '明夷': '101000', '贲': '101001', '既济': '101010', '家人': '101011', '丰': '101100', '离': '101101', '革': '101110', '同人': '101111', '临': '110000', '损': '110001', '节': '110010', '中孚': '110011', '归妹': '110100', '睽': '110101', '兑': '110110', '履': '110111', '泰': '111000', '大畜': '111001', '需': '111010', '小畜': '111011', '大壮': '111100', '大有': '111101', '夬': '111110', '乾': '111111'}
l = []
str1="升益艮归妹井萃旅离旅困未济屯未济中孚未济升困噬嗑鼎震巽噬嗑解节井萃离未济蒙归妹大畜无妄解兑临睽升睽未济无妄遁涣归妹"

# a=0
# for i in range(len(str1)):
#     try:
#         l.append(dic[str1[a]])
#     except:
#         if(a<=len(str1)):
#             l.append(dic[str1[a]+str1[a+1]])
#             a+=1
#     a+=1
#     ss="".join(l)
#     print(ss)
binar_ss="011000100011001001110100011010000110001101101101001101010110010101100010010101110011010101011000010110100101011101100100011011100101010100110010011010000110101101010101010001110100111001100111010100110110110000110101011000110101010101100111001111010011110100"
hex_ss="b2thcm5ebW5XZWdnU2hkUGNgSl5cUg=="
base64_ss=base64.b64decode(hex_ss)

temp=''
offset=5
for i in range(len(base64_ss)):
    temp+=chr(base64_ss[i]+offset+i)
print(temp)

flag=""
for i in temp:
    # flag+=chr((5*(ord(i)-97)+7)%26+97)
    a_inv=int(gmpy2.invert(5,26))
    flag+=chr(a_inv*(ord(i)-97-7)%26+97)
print(flag)
# shaodayouxiduoduyijing

Double

原理没看懂
参考链接-1
参考链接-2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
import gmpy2
from Crypto.Util.number import long_to_bytes
n = 2627832721798532654645633759787364870195582649392807630554510880534973280751482201937816738488273589173932960856611147584617677312265144131447658399933331448791094639659769069406481681017795446858858181106274806005669388289349727511470680972
c = 96830301447792999743877932210925094490214669785432172099311147672020980136112114653571739648595225131425493319224428213036136642899189859618195566355934768513439007527385261977662612094503054618556883356183687422846428828606638722387070581
e = int('0x10001',16)
p_list = [2,2,3,3,13,101,443,1087,15527,47363,111309491243,5738160242986813,118881536167887307517887651928306109231371669715927208908931577713837,2067526976195544603847619621425435706797374170280528431947550231604621041865531599319428120598265860512130517815755608596553793]
phi_n = 1
for p in p_list:
    phi_n *= (p-1)

d = gmpy2.invert(e,phi_n)
m = pow(c,d,n)
flag = long_to_bytes(m)
print(flag)
# flag{D4mn_e45y_eCC_4Nd_R54_m1XeD}

python(N1CTF)

未清楚原理,还是不太好写=。=
参考链接-1

参考链接-2

N1CTF{F3istel_n3tw0rk_c4n_b3_ea5i1y_s0lv3d_/--/}

Funny Number

数论题。我也爬了。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
from gmpy2 import invert

n = pow(5,175)
p = 5845718273413614238047854434058144506973237928951593664100212455023083304425941087047510727554535833686148194478724602632928856425119454505382766186798132132909079456410238976

y = p // pow(2,175)
k = pow(2, 9825, n)
kinv = int(invert(k, n))
t = (y * kinv) % n
print(t)
#t=int.from_bytes(str(s).encode(), byteorder='little')

flag = bytes.fromhex(hex(t)[2:])[::-1]
print(flag)
#flag{NuM8eR_7HE0rY_1s_S0_Funny~}
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可
,
最后编辑:2022-01-09