攻防世界新⼿练习题_CRYPTO(加密)
攻防世界新⼿练习题_CRYPTO(加密)
0x01 base64
Y3liZXJwZWFjZXtXZWxjb21lX3RvX25ld19Xb3JsZCF9
直接base64 Decode 得到flag cyberpeace{Welcome_to_new_World!}
0x02 Caesar
拿到附件内容是⼀串字母的组合,tiltle提⽰为凯撒密码。形式像极了flag答案cyberpeace{},并没有其他编码加密的特征。经过oknqdbqmoq和cyberpeace的对应字母关系,可以推出字母的偏移量是12,如此便得到flag。
key为12 的恺撒密码,解密flag cyberpeace{you_have_learned_caesar_encryption}
0x03 Morse
摩斯密码 1替换成-,0替换成.,直接解密
11 111 010 000 0 1010 111 100 0 00 000 000 111 00 10 1 0 010 0 000 1 00 10 110
-- --- .-. ... . -.-. --- -.. . .. ... ... --- .. -. - . .-. . ... - .. -. --.
解密得到flag cyberpeace{morsecodeissointeresting}
贴出⼤佬的代码
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
CODE_TABLE = {
# 26 个英⽂字符
'A': '.-', 'B': '-...', 'C': '-.-.',
'D': '-..', 'E': '.', 'F': '..-.',
'G': '--.', 'H': '....', 'I': '..',
'J': '.---', 'K': '-.-', 'L': '.-..',
'M': '--', 'N': '-.', 'O': '---',
'P': '.--.', 'Q': '--.-', 'R': '.-.',
'S': '...', 'T': '-', 'U': '..-',
'V': '...-', 'W': '.--', 'X': '-..-',
'Y': '-.--', 'Z': '--..',
# 10 个数字
'0': '-----', '1': '.----', '2': '..---',
'3': '...--', '4': '....-', '5': '.....',
'6': '-....', '7': '--...', '8': '---..',
'9': '----.',
# 16 个特殊字符
',': '--..--', '.': '.-.-.-', ':': '---...', ';': '-.-.-.',
'?': '..--..', '=': '-...-', "'": '.----.', '/': '-..-.',
'!': '-.-.--', '-': '-....-', '_': '..--.-', '(': '-.--.',
')': '-.--.-', '$': '...-..-', '&': '. . . .', '@': '.--.-.'
# 你还可以⾃定义
}
def morsedecode(morse):
msg =''
codes = morse.split('')
for code in codes:
if code =='':
msg += ''
else:
UNCODE =dict(map(lambda t:(t[1],t[0]),CODE_TABLE.items()))
msg += UNCODE[code]
return msg
a = open(r'E:/3.txt','r')
ciphertext = a.read()
ciphertext = place('1','-')
ciphertext = place('0','.')
FLAG = morsedecode(ciphertext)
flag = FLAG.lower()
flag = 'cyberpeace{'+flag+'}'
print('flag is ',flag)
0x04 Railfence
栅栏密码,栏数为5,解出来flag为 cyberpeace{railfence_cipher_gogogo}0
⽹上很多⼈都在这⾥遇到了问题,表⽰⽆法得出答案,其实这⾥主要的原因是国内外对栅栏密码的加密原理相同当实际过程有些不同,这道题就需要⽤国外的解密⽅法来解密
贴张⽹图了解⼀下
0x05 easy RSA
⼀个RSA加密,直接贴出代码
import gmpy2
p = 473398607161
q = 4511491
e = 17
s = (p-1)*(q-1)
d = gmpy2.invert(e,s)
print(‘flag is :‘,d)
得flag : cyberpeace{125631357777427553}
0X06 不仅仅是Morse
下载得⽂件是这样的
--/.-/-.--/..--.-/-..././..--.-/..../.-/...-/./..--.-/.-/-./---/-/...././.-./..--.-/-.././-.-./---/-.././..../..../..../..../.-/.-/.-/.-/.-/-.../.-/.-/-.../-.../-.../.-/.-/-.../-.../.-/.-/.-/.-/.-/.-/.-/.-/-.../.-/.-/-.../.-/-.../.-/.-/.-/.-/.-/.-/.-/-.../-.../.-/-.../.-/.-/.-/-.../-.../.-/.-/.-/-.../-.../.-/.-/-.../.-/.-/.-/.-/-讲/替换成空格,可得到⼀串摩斯密码,解密后AAAAABAABBBAABBAAAAAAAABAABABAAAAAAA
BBABAAABBAAABBAABAAAABABAABAAABBABAAABAAABAABABBAABBBABAAABABABBAAABBABAAABAABAABAAAABBABBAABBAABAABAAABAABAABAABABAABBABA 培根密码,贴出(⼤佬的)解密代码
import re
# 密⽂转化为指定格式
s = ‘AAAAABAABBBAABBAAAAAAAABAABABAAAAAAABBABAAABBAAABBAABAAAABABAABAAABBABAAABAAABAABABBAABBBABAAABABABBAAABBABAAABAABAABAAAABBABBAABBAABAABAAABAABAABAABABAABB a = s.lower()
# 字典
CODE_TABLE = {
‘a‘:‘aaaaa‘,‘b‘:‘aaaab‘,‘c‘:‘aaaba‘,‘d‘:‘aaabb‘,‘e‘:‘aabaa‘,‘f‘:‘aabab‘,‘g‘:‘aabba‘,
‘h‘:‘aabbb‘,‘i‘:‘abaaa‘,‘j‘:‘abaab‘,‘k‘:‘ababa‘,‘l‘:‘ababb‘,‘m‘:‘abbaa‘,‘n‘:‘abbab‘,
‘o‘:‘abbba‘,‘p‘:‘abbbb‘,‘q‘:‘baaaa‘,‘r‘:‘baaab‘,‘s‘:‘baaba‘,‘t‘:‘baabb‘,‘u‘:‘babaa‘,
‘v‘:‘babab‘,‘w‘:‘babba‘,‘x‘:‘babbb‘,‘y‘:‘bbaaa‘,‘z‘:‘bbaab‘
}
# 5个⼀组进⾏切割并解密
def peigendecode(peigen):
msg =‘‘
codes = re.findall(r‘.{5}‘, a)
for code in codes:
if code ==‘‘:
msg += ‘ ‘
else:
UNCODE =dict(map(lambda t:(t[1],t[0]),CODE_TABLE.items()))
msg += UNCODE[code]
return msg
flag = peigendecode(a)
print(‘flag is ‘,flag)
得到flag cyberpeace{attackanddefenceworldisinteresting}
0x07 混合编码
先base64 Decode 解得
LzExOS8xMDEvMTA4Lzk5LzExMS8xMDkvMT
更具ASCII转成字符串可得
LzExOS8xMDEvMTA4Lzk5LzExMS8xMDkvMTAxLzExNi8xMTEvOTcvMTE2LzExNi85Ny85OS8xMDcvOTcvMTEwLzEwMC8xMDAvMTAxLzEwMi8xMDEvMTEwLzk5LzEwMS8xMTkvMTExLzExNC8xMDgvMTAw
在进⾏⼀次base64 Decode
/
119/101/108/99/111/109/101/116/111/97/116/116/97/99/107/97/110/100/100/101/102/101/110/99/101/119/111/114/108/100
去掉/再转⼀次字符串得到答案welcometoattackanddefenceworld
顺便贴⼀个⼤佬的代码
import base64
a = open(r'C:/Users/14158/','r')
s = a.read()
# base64解密⼀下
b = base64.b64decode(s).decode('ascii')
# 对解密后的字符串进⾏处理
b = b.strip('&#;')
c = []
c = b.split(';&#')
# unicode解密
d = ''
for i in c:
d += chr(int(i))
# base64再次解密
e = base64.b64decode(d).decode('ascii')
# 对字符进⾏处理
e = e.strip('/')
f = []
f = e.split('/')
# 转化为ascii码
flag =''
for i in f:
flag += chr(int(i))
print('flag is ',flag)
flag : cyberpeace{welcometoattackanddefenceworld}
0x08 Normal RSApython新手代码练习
这道题主要考察得是RSAtool的使⽤,我都在kail⾥操作
先准备rsatool
下载⽂件解压后得到和pubkey.pem两个⽂件
openssl提取出pubkey.pem中的参数;
openssl rsa -pubin -text -modulus -in warmup -in pubkey.pem
将得到的Modulus 16进制转为10进制,得到
87924348264132406875276140514499937145050893665602592992418171647042491658461
使⽤kail的factor()将这个数分解成两个素数的乘积时,直接报错了,应该是太长了,所以使⽤在线⼯具进⾏分解
275127860351348928173285174381581152299
319576316814478949870590164193048041239
知道两个素数,随机定义⼤素数e,求出密钥⽂件
python rsatool.py -o private.pem -e 65537 -p 275127860351348928173285174381581152299 -q 319576316814478949870590164193048041239
这时候我们会得到⼀个private.pem⽂件,利⽤这个⽂件进⾏解密
openssl rsautl -decrypt - -inkey private.pem
得到flag : PCTF{256b_i5_m3dium}
0x09 轮转机加密
题⽬如此,轮转机加密
1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <
2: < KPBELNACZDTRXMJQOYHGVSFUWI <
3: < BDMAIZVRNSJUWFHTEQGYXPLOCK <
4: < RPLNDVHGFCUKTEBSXQYIZMJWAO <
5: < IHFRLABEUOTSGJVDKCPMNZQWXY <
6: < AMKGHIWPNYCJBFZDRUSLOQXVET <
7: < GWTHSPYBXIZULVKMRAFDCEONJQ <
8: < NOZUTWDCVRJLXKISEFAPMYGHBQ <
9: < XPLTDSRFHENYVUBMCQWAOIKZGJ <
10: < UDNAJFBOWTGVRSCZQKELMXYIHP <
11: < MNBVCXZQWERTPOIUYALSKDJFHG <
12: < LVNCMXZPQOWEIURYTASBKJDFHG <
13: < JZQAWSXCDERFVBGTYHNUMKILOP <
密钥为:2,3,7,5,13,12,9,1,8,10,4,11,6
密⽂为:NFQKSEVOQOFNP
直接贴出⼤佬的代码
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
import re
sss = ‘1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE < 2: < KPBELNACZDTRXMJQOYHGVSFUWI < 3: < BDMAIZVRNSJUWFHTEQGYXPLOCK < 4: < RPLNDVHGFCUKTEBSXQYIZMJWAO < 5: < IHFRLABEUOTSGJVDKCPMN m = ‘NFQKSEVOQOFNP‘
# 将sss转化为列表形式
content=re.findall(r‘< (.*?) <‘,sss,re.S)
# re.S:DOTALL,此模式下,"."的匹配不受限制,可匹配任何字符,包括换⾏符
iv=[2,3,7,5,13,12,9,1,8,10,4,11,6]
print(content)
vvv=[]
for i in range(13):
index=content[iv[i]-1].index(m[i])
vvv.append(index)
print(vvv)
for i in range(0,26):
flag=""
for j in range(13):
flag += content[iv[j]-1][(vvv[j]+i)%26]
print(flag.lower())
得到flag cyberpeace{fireinthehole}
0x10 easychallenge
pyc时是将python的py程序编译成的中间式⽂件,这道题我们需要将其反编译成我们可读的py代码
反编译结果
#!/usr/bin/env python
# encoding: utf-8
# 如果觉得不错,可以推荐给你的朋友!tool.lu/pyc
import base64
def encode1(ans):
s = ‘‘
for i in ans:
x = ord(i) ^ 36
x = x + 25
s += chr(x)
return s
def encode2(ans):
s = ‘‘
for i in ans:
x = ord(i) + 36
x = x ^ 36
s += chr(x)
return s
def encode3(ans):
return base64.b32encode(ans)
flag = ‘ ‘
print ‘Please Input your flag:‘
flag = raw_input()
final = ‘UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E===‘
if encode3(encode2(encode1(flag))) == final:
print ‘correct‘
else:
print ‘wrong‘
分析代码,输⼊的flag需要进⾏三次加密(??),想求答案,写段代码
import base64
key = ‘UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E===‘
temp = base64.b32decode(key)
#可得temp为‘\xa0\xbe\xa7Z\xb7\xb5Z\xa6\xa0Z\xb8\xae\xa3\xa9Z\xb7Z\xb0\xa9\xae\xa3\xa4\xad\xad\xad\xad\xad\xb2‘
#⼿动赋值进⾏接下来的解密
b = "\xa0\xbe\xa7Z\xb7\xb5Z\xa6\xa0Z\xb8\xae\xa3\xa9Z\xb7Z\xb0\xa9\xae\xa3\xa4\xad\xad\xad\xad\xad\xb2"
s = ‘‘
for i in b:
s += chr((ord(i) ^ 36) - 36)
l = ‘‘
for i in s:
l += chr((ord(i) - 25) ^ 36)
print (‘flag is ‘,l)
得到flag :cyberpeace{interestinghhhhh}
0x11 幂数加密
下载下来分析后,式云影密码8842101220480224404014224202480122 884211224822444142242248122 2351212415145
w e l l d o n e
就这样,以0为分界,每组加起来,去对应顺序字母
贴⼀段⼤佬的代码
#!/user/bin/env python
# -*-coding:utf-8 -*-
a = open(r‘‘,‘r‘)
ciphertext = a.read()
s = ciphertext.split(‘0‘)
flag = ‘‘
for i in range(len(s)):
list = []
for j in s[i]:
list.append(j)
b = 0
for k in list:
b += int(k)
# 字母ascii值与字母顺序相差为96
flag += chr(b+96)
print(‘flag is ‘,flag)
flag : cyberpeace{welldone}
0x12 easy ECC
ECC(椭圆曲线加密)
我现在还是⼀脸懵逼,只能⽤着⼤佬的脚本,苟延残喘
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
def get_inverse(mu, p):
"""
获取y的负元
"""
for i in range(1, p):
if (i*mu)%p == 1:
return i
return -1
def get_gcd(zi, mu):
"""
获取最⼤公约数
"""
if mu:
return get_gcd(mu, zi%mu)
else:
return zi
def get_np(x1, y1, x2, y2, a, p):
"""
获取n*p,每次+p,直到求解阶数np=-p
"""
flag = 1 # 定义符号位(+/-)
# 如果 p=q k=(3x2+a)/2y1mod p
if x1 == x2 and y1 == y2:
zi = 3 * (x1 ** 2) + a # 计算分⼦【求导】
mu = 2 * y1 # 计算分母
# 若P≠Q,则k=(y2-y1)/(x2-x1) mod p
else:
zi = y2 - y1
mu = x2 - x1
if zi* mu < 0:
flag = 0 # 符号0为-(负数)
zi = abs(zi)
mu = abs(mu)
# 将分⼦和分母化为最简
gcd_value = get_gcd(zi, mu) # 最⼤公約數
zi = zi // gcd_value # 整除
mu = mu // gcd_value
# 求分母的逆元逆元:∀a ∈G ,ョb∈G 使得 ab = ba = e # P(x,y)的负元是 (x,-y mod p)= (x,p-y) ,有P+(-P)= O∞
inverse_value = get_inverse(mu, p)
k = (zi * inverse_value)
if flag == 0: # 斜率负数 flag==0
k = -k
k = k % p
# 计算x3,y3 P+Q
x3 = (k ** 2 - x1 - x2) % p
y3 = (k * (x1 - x3) - y1) % p
return x3,y3
def get_rank(x0, y0, a, b, p):
"""
获取椭圆曲线的阶
"""
x1 = x0 #-p的x坐标
y1 = (-1*y0)%p #-p的y坐标
tempX = x0
tempY = y0
n = 1
while True:
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论