2022DASCTF Apr X FATE 防疫挑战赛WP

已于 2022-04-26 11:51:21 修改
阅读量3.7k 收藏 6
点赞数 5
CC 4.0 BY-SA版权
分类专栏: CTF_WP 文章标签: python wireshark
于 2022-04-24 15:49:22 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/LaniakeaHarry/article/details/124384460
本文介绍了Maple战队在2022DASCTF Crypto和Misc类挑战的解题情况,包括special_rsa和easy_real等题目。special_rsa通过RSA加密的循环逻辑,利用数学方法找到解;easy_real则涉及基础RSA解密和爆破。同时,文章还回顾了CVE OF RSA的赛后复现,学习了ROCA漏洞的利用,并分享了Misc类题目中通过Wireshark分析网络流量获取flag的方法。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

NEFU-NSILAB下Maple战队分队于4月23日10:00 - 18:00所产
您也可以点击此处观看

文章目录

队伍信息

  • 名称:村通网队

  • 成员:4人

    Members

  • 排名:30

    rank

解题情况

  • 2道Crypto,总3道

  • 2道Misc, 总5道
    detail

  • 其中Crypto方向第8名
    rank for cry

Crypto

special_rsa

题目
from Crypto.Util.number import *
def getPrime1(bitLength, e):
    while True:
        i = getPrime(bitLength)
        if (i - 1) % e ** 2 == 0:
            return i
flag=b'DASCTF{????????????????????}'
m = bytes_to_long(flag)
lenth = ((len(bin(m)) - 2) // 2) + 9
e=113
p = getPrime1(lenth, e)
q = getPrime1(lenth, e)
n=p*q
print(f"n = {
     
     n}")
c1 = pow(m, e, n)
for i in range(26):
    lenth = ((len(bin(c)) - 2) // 2) + 9
    p = getPrime1(lenth, e)
    q = getPrime1(lenth, e)
    n=p*q
    print(f"n = {
     
     n}")
    c=pow(c,e,n)
print(f"e = {
     
     e}")
print(f"c = {
     
     c}")

# output.txt
n = 1134876149917575363176366704410565158549594427794901202977560677131703617
n = 68506321231437453734007374706367120760326482177047006099953454136095248103663
n = 7783503593765446343363083302704731608384677185199537317445372251030064778965500447
n = 1070135687488356161164202697449500843725645617129661751744246979913699130211505096520493
n = 84012402115704505952834528733063574032699054524475028392540927197962976150657887637275643641
n = 4497278582433699034700211877087309784829036823057043402314297478185216205338241432310114079123771
n = 222438508972972285373674471797570608108219830357859030918870564627162064662598790037437036093579139489
n = 19116847751264029874551971240684579996570601026679560309305369168779130317938356692609176166515369250878437
n = 1549903986709797721131070830901667744892392382636347158789834851868638863292232718716074359148785900673192362699
n = 62387766690725996279968636478698222263235233511074646032501495855928095611796694112573478405813305623307157261619643
n = 1496134688150941811618178638810353297864345150241986530472328508974364124440160181353848429438725939837967063441528305921
n = 128744123633657656499069966444992201456797762973822340505291131642660343436783413140023509983315177426811890315424928661125061
n = 6917342652058596217869122177298094984415751234677039849514181349685079073411591975537016273056773954075238307918266361998553646469
n = 1999306851167477770905800721615579416365273707414308684419794311809177595829473632853128686208533753019224536487399393397120864878000113
n = 138594056023048386926766329537127538558164718841925506735112367176642328352257472034381662493666299220910783237918231719166519833124529218331
n = 8397272388904583425531462714999219642572091279898695377838194583995214737828538895164195817973441184775814069396690436662985593377966417476040659
n = 83372889332166088651413254885376085265561130214754686361784964744744711092668473281132249352040520639092871294276293287744276919265091479681667169671
n = 10684953914628370830889219903654707140968094024767031366624595731918523435466123514094659595357231410471738736952266383928737163485550013190959149252435167
n = 428359134899960532964729749713513106760306719712194950954567619156985067322564731294653991204666853689688900339268764469280769569535109069729404621290809120793
n = 24491413133428851306933688733518898516890217803647806829002775935975741568422047344206442746983871735723486865901743352102305801200224958166496937663406627341150101
n = 2247517335600310176909964109060502815240207684510918447209767597511414934626668616704865548059751008841620288545344598917362752622130186820039265603312354963258673860579
n = 157978379942536176944325875241196121764116712487226808271002140500926678942090491383544034591205964958130852055691446362753906164711087278555153881606839791499207025307202087
n = 43938571869497484913682975192955012614794498816057204091016374302341854100775132924321569876797699342959191646206571444845883942305710956894334106963321644724361549027630634869933
n = 2609065298534470914730686454716224905333131812890643378630636043224255484662185236061585264231004975072801053316107165770342161619265243081616632312934742288262985830181883449780965531
n = 222235907202454132555071455958700740228567465616560859711214102245461514428187391909176054661864893645713338391509536653547350134615807194339839952004333949540567943568810413945779642106201
n = 44890472824427626252451120059527486677662371033945481542195354255473403815853320591468917295474578271680865394304946847791535710766947049195816261224382109115684638995528332538466194474846836399
n = 1062789633774349417938788353001516763303743389381120380522262327123099728631034935663418832664265833959487018276693680850987382421521055508477988016246558095545925414048663082368488342633334571240563
e=113
c=1028324919038104683475485759234995158466543298184637219012354053883391759172761125802189697762778242175407876548832454351014064525118465877297277847501477586955680645311999174005606833294172830817159

可知

  • flag被rsa加密后产生的密文C 就是 下次一次加密的明文,即:循环加密密文

  • 附件给出了e、所有的n 、最后的C

  • 根据n,利用分解网站依次写出对应p、q

  • 由p、q生成过程发现,e|(q-1) 且 e|(p-1)

    简单的e,phi不互素不能处理gcd(e, phi) = e的情况

    参考以下原理

    e 和 p−1 (或 q−1)的最大公约数就是 e 本身,也就是说 e∣(p−1),只有对 c 开 e 次方根才行。

    可以将同余方程 m^e ≡ c (modn) 化成

    m^e ≡ c (modp)

    m^e ≡ c (modq)

    然后分别在 GF§ 和 GF(q) 上对 c 开 e 次方根,再用CRT组合一下即可得到在 modn 下的解。

    问题是,如何在有限域内开根

    这里 e 与 p−1 和 q−1 都不互素,不能简单地求个逆元就完事。

    这种情况下,开平方根可以用Tonelli–Shanks algorithmWiki说这个算法可以扩展到开n次方根

    在这篇paper里给出了具体的算法:Adleman-Manders-Miller rth Root Extraction Method

    这个算法只能开出一个根,实际上开 e 次方,最多会有 e 个根(这题的情况下有0x1337个根)。

    如何找到其他根?

    StackOverflow – Cube root modulo P 给出了方法。

    如何找到所有的primitive 0x1337th root of 1?

    StackExchange – Finding the n-th root of unity in a finite field 给出了方法。

    Exploit(以 e=0x1337 为例)

    • 先用Adleman-Manders-Miller rth Root Extraction Method在 GF§ 和 GF(q) 上对 c 开 e 次方根,分别得到一个解。大概不到10秒。
    • 然后去找到所有的0x1336primitive nth root of 1,乘以上面那个解,得到所有的0x1337个解。大概1分钟。
    • 再用CRT对 GF§ 和 GF(q) 上的两组0x1337个解组合成 modn 下的解,可以得到0x1337**2=24196561个 modn 的解。最后能通过check()的即为flag。大概十几分钟。

    解出后,发现不止一个解,需要初步筛选

    由c = m^e mod n 原理 以及 循环加密的逻辑,不难发现解出来的 m 得小于 上一个n

    即使加上以上限定条件,仍有些m解出来不只1个

    所以,当解到一组无解时,需要更换 无解这组之前的m(下面会用 列表表示 每次解得的 所有符合条件的m

    直到打印出预期的c0 (flag加密得来)

#脚本2
#Sage

n0 = 1134876149917575363176366704410565158549594427794901202977560677131703617
n1 = 68506321231437453734007374706367120760326482177047006099953454136095248103663
n2 = 7783503593765446343363083302704731608384677185199537317445372251030064778965500447
n3 = 1070135687488356161164202697449500843725645617129661751744246979913699130211505096520493
n4 = 84012402115704505952834528733063574032699054524475028392540927197962976150657887637275643641
n5 = 4497278582433699034700211877087309784829036823057043402314297478185216205338241432310114079123771
n6 = 222438508972972285373674471797570608108219830357859030918870564627162064662598790037437036093579139489
n7 = 19116847751264029874551971240684579996570601026679560309305369168779130317938356692609176166515369250878437
n8 = 1549903986709797721131070830901667744892392382636347158789834851868638863292232718716074359148785900673192362699
n9 = 62387766690725996279968636478698222263235233511074646032501495855928095611796694112573478405813305623307157261619643
n10 = 1496134688150941811618178638810353297864345150241986530472328508974364124440160181353848429438725939837967063441528305921
n11 = 128744123633657656499069966444992201456797762973822340505291131642660343436783413140023509983315177426811890315424928661125061
n12 = 6917342652058596217869122177298094984415751234677039849514181349685079073411591975537016273056773954075238307918266361998553646469
n13 = 1999306851167477770905800721615579416365273707414308684419794311809177595829473632853128686208533753019224536487399393397120864878000113
n14 = 138594056023048386926766329537127538558164718841925506735112367176642328352257472034381662493666299220910783237918231719166519833124529218331
n15 = 8397272388904583425531462714999219642572091279898695377838194583995214737828538895164195817973441184775814069396690436662985593377966417476040659
n16 = 83372889332166088651413254885376085265561130214754686361784964744744711092668473281132249352040520639092871294276293287744276919265091479681667169671
n17 = 10684953914628370830889219903654707140968094024767031366624595731918523435466123514094659595357231410471738736952266383928737163485550013190959149252435167
n18 = 428359134899960532964729749713513106760306719712194950954567619156985067322564731294653991204666853689688900339268764469280769569535109069729404621290809120793
n19 = 24491413133428851306933688733518898516890217803647806829002775935975741568422047344206442746983871735723486865901743352102305801200224958166496937663406627341150101
n20 = 2247517335600310176909964109060502815240207684510918447209767597511414934626668616704865548059751008841620288545344598917362752622130186820039265603312354963258673860579
n21 = 157978379942536176944325875241196121764116712487226808271002140500926678942090491383544034591205964958130852055691446362753906164711087278555153881606839791499207025307202087
n22 = 43938571869497484913682975192955012614794498816057204091016374302341854100775132924321569876797699342959191646206571444845883942305710956894334106963321644724361549027630634869933
n23 = 2609065298534470914730686454716224905333131812890643378630636043224255484662185236061585264231004975072801053316107165770342161619265243081616632312934742288262985830181883449780965531
n24 = 222235907202454132555071455958700740228567465616560859711214102245461514428187391909176054661864893645713338391509536653547350134615807194339839952004333949540567943568810413945779642106201
n25 = 44890472824427626252451120059527486677662371033945481542195354255473403815853320591468917295474578271680865394304946847791535710766947049195816261224382109115684638995528332538466194474846836399
n26 = 1062789633774349417938788353001516763303743389381120380522262327123099728631034935663418832664265833959487018276693680850987382421521055508477988016246558095545925414048663082368488342633334571240563
e = 113
c = 1028324919038104683475485759234995158466543298184637219012354053883391759172761125802189697762778242175407876548832454351014064525118465877297277847501477586955680645311999174005606833294172830817159

p26 = 978009050697262759337388871320370165458800566798280419667959552859180906066907114053826258140106617
q26 = 1086686910531802445146659484012613083647370307628438760118376029969836222533970554565751069314622539
p25 = 5952590790902091635268726673538951527433355660839816621733964706901441977862333411532558667717227
q25 = 7541333580839789645678699855290145212677767915429008863004397257213367753100058966625356835737037
p24 = 14702310219802004876082313481498680940324963613770096574742182597840558294030859405666549879531
q24 = 15115713372931874518523751684548940147062395364112500028355694776530968944848166318295947674571
p23 = 43870497594014737833600078975099212558645315030912084285417550950854483979406797450479252891
q23 = 59471978701477648587546053450213894562580907285714122639903144859545186463681183925646967041
p22 = 206721456778089912780641186795393376537372828449722520397829606593267585681448641482345737
q22 = 212549643149353357950643557614966235999942509894271006476145929120541407503538644651435909
p21 = 368461902207817023013078031477042541053987571003677386333567043030477451518424731838173
q21 = 428750921047556327595864876619292414694543668237320723518704707914310601565770504401619
p20 = 1328165608715012145707239303399129070657427496129541416861187541092152796676371237057
q20 = 1692196606246085729483398884059069884182535824953762329164855466589577530953493347747
p19 = 4479430800690915874719403516331677127806963529247809966024777708496270901092401687
q19 = 5467527956822382309398095704409409074818664888285375307055715842283183939297839923
p18 = 15874438801602936764330936047390981280096007684699625987478211613419079727910193
q18 = 26984206512970181742033712455904984758134288864531714209886622060356697128804201
p17 = 102366458668689911004027849640392002821642295855327735994412634235696717329671
q17 = 104379442774418262390337411577160146519860415840398189010112686742489182665577
p16 = 262775599542220820608778738911414710660835549772895468394761119434220071003
q16 = 317277895959173163347650321012213555955385929418622006880521870012130207557
p15 = 2623629589005115152329094552749299711026240699896424120660145647226563547
q15 = 3200631836176555526009533059891690177091538103904679780020639896015937897
p14 = 11136261905010083405430254612464029672882837025885682392810368001188527
q14 = 12445294229358634680867170058509842935273054334385354032543323581223253
p13 = 43449898447639409732732812916430042263570178747794530133229640125923
q13 = 46014074200352892806829193743016415423205917845271691428043440245531
p12 = 66882708962198932251728043152245270662769508317424500666902658099
q12 = 103424977238409568447978495499643051307907366367259219393937014631
p11 = 350121371461894793578110243222665782247737840410076591434903787
q11 = 367712839396521757736384350030802803477965822058616833553305103
p10 = 954412804126450754097808991490470782833291028309980575506163
q10 = 1567597041534155679238655992215022394597376421096298363211067
p9 = 6623023178993627032758350846838617937710601663528839184727
q9 = 9419832152875820180139633405089278278408407453522978357309
p8 = 37185691759470013533730603170661686570987787098353146897
q8 = 41680117092754807988080699273322244961911189757589699867
p7 = 135813272566456906193934636644217527100917542578856697
q7 = 140758317578347635848563045232314610161039815135897421
p6 = 385788223643735590500185001710758495904528462058461
q6 = 576581905150085393327734090419529952232186498060949
p5 = 1656848589754467667368312855929759764100120657831
q5 = 2714357008989072105081411295741540337141142641741
p4 = 7832299017937880395583715032476962329929226581
q4 = 10726403821316775206273675267109184566904426261
p3 = 24335212484189159197840692460327461505035059
q3 = 43974782968656404951924524450501283426052127
p2 = 88067722275537586769787599991567203589751
q2 = 88380889077762105057154017276462714444697
p1 = 232079231415308325450092906880606082069
q1 = 295185057334340451492588650872876746227
p0 = 953730950786751671162019537171974567
q0 = 1189933229053113361422958527792232151


def solve(p, q, c, e, n_):

    P.<a>= PolynomialRing(Zmod(p), implementation='NTL')
    f = a ^ e - c
    mps = f.monic().roots()

    P.<a>= PolynomialRing(Zmod(q), implementation='NTL')
    g = a ^ e - c
    mqs = g.monic().roots()

    for mpp in mps:
        x = mpp[0]
        for mqq in mqs:
            y = mqq[0]
            solution = CRT_list([int(x), int(y)], [p, q])
            if solution < n_:
                solutions.append(solution)


p = []
q = []
n_ =
最低0.47元/天 解锁文章

200万优质内容无限畅学
2022DASCTF Apr X FATE 防疫挑战赛 WriteUP
Huamang的博客
04-25 2532
文章目录MiscSimpleFlowWebwarmup-phpsoeasy_php Misc SimpleFlow 看流量大概是上传了一个后门,但是会对payload加密,这里发现有flag.txt被打包 后面的包里面发现flag.zip 但是打开需要密码,那么我们就要回去压缩的地方,看看给的什么密码,所以我们就得解开这个流量 @eval(@base64_decode($_POST['m8f8d9db647ecd'])); &e57fb9c067c677=o3 &g479cf6f058c
Java安全(十四) CTF-Java题目复现
WDWAGAAFGAGDADSA的博客
05-04 2791
最近复现学习的java题目
[Misc]2022DASCTF Apr X FATE 防疫挑战赛 wp
mumuzi的博客
04-24 4700
das4
2022DASCTF Apr X FATE 防疫挑战赛 Crypto-wp
mxx307的博客
04-26 2384
2022 DASCTF Apr X FATE 防疫挑战赛 Crypto Wp
2022DASCTF Apr X FATE 防疫挑战赛
Todog的博客
08-18 3807
2022DASCTF Apr X FATE 防疫挑战赛
[Re]2022DASCTF Apr X FATE 防疫挑战赛
PMR的博客
04-24 847
[Re]2022DASCTF Apr X FATE Crackme
Visual Assist X 2025.2 v10.9.2556.0 (07 Apr 2025) + CRACK 适用于VS2022
最新发布
06-17
Visual Assist X 2025.2 v10.9.2556.0 (07 Apr 2025) + CRACK 适用于VS2022
UL 2225 -2022Apr 11, 2022 )危险(分类)场所用电缆和电缆配件标准.pdf
07-06
UL 2225 -2022Apr 11, 2022 )危险(分类)场所用电缆和电缆配件标准.pdf
[MISC]2022DASCTF Apr X FATE 防疫挑战赛
RookieMOR的博客
05-06 1527
1.SimpleFlow; 2.熟悉的猫; 3.冰墩墩; 1.SimpleFlow: 下载得到SimpleFlow的压缩包,解压得到SimpleFlow.pcapng,流量分析题目。查找 flag. ,可以知道一共有四个flag.txt文件,一个flag.zip文件。用kali的foremost指令可以分离出flag.zip文件,发现flag.zip需要密码。 再追踪每个flag.txt。 发现蚁剑流量,一个一个base64解码, 在其中一个txt文件中得到: Y2QgIi9Vc2Vy.
2022DASCTF Apr X FATE 防疫挑战赛 good_luck
臭nana的博客
04-24 873
这道题最开始的附件,代码是随机生成一个0~199的数,然后0触发格式化字符串漏洞,1触发栈溢出漏洞,修改后的附件随机数是0或者1 下面是脚本,脚本逻辑:通过栈溢出返回到格式化字符串漏洞函数,泄露libc地址,然后再返回到main函数,通过栈溢出执行onegadget 几率:第一次执行栈溢出1/2,第二次再次执行栈溢出1/2,1/4的概率执行成功 from pwn import * from LibcSearcher import * context(log_level = "debug") csu
2022DASCTF Apr X FATE 防疫挑战赛 CRYPTO easy_real
Todog的博客
04-23 1092
逆向一道都不会,寄了。只做了密码的签到题 题目描述 import random import hashlib flag = 'xxxxxxxxxxxxxxxxxxxx' key = random.randint(1,10) for i in range(len(flag)): crypto += chr(ord(flag[i])^key) m = crypto的ascii十六进制 e = random.randint(1,100) print(hashlib.md5(e)) p = 6431...
2022DASCTF Apr X FATE 防疫挑战赛 Re wp
07-24 273
MFC程序找到md5 的k[0:4],及sha1的 key[5:8]。使用在线网站解码。得到md5的hash明文为NocT提取sha1的hash爆破解出 sha1 key为 b'uRne' ,在线网站解的 uRnE 的sha1为F72C7BCCEA714AF5FA65102C8B1C1E7C7E0852CE不一样 自己爆破!提取密文用wincrypto带的API来处理。用python解码不太成功。
2022DASCTF Apr X FATE 防疫挑战赛——【Misc】熟悉的猫
更多知识欢迎访问我的博客园:https://www.cnblogs.com/2ha0yuk7on/
04-27 1588
熟悉的猫 下载文件,补上zip后缀名,解压得到两个文件: flag.zip有密码保护 len5.kdbx文件经过搜索,可以使用keepass打开。打开时发现需要密码。 根据文件名,猜测密码为5位字符,则开始爆破。 首先使用John The Ripper工具转换一下John支持的格式。 然后使用hashcat爆破hash值得到密码。 hashcat -m 13400 keepass.txt -a 0 password.txt --force # m:破解的hash类型,hashcat -h 何查看类
2022DASCTF Apr X FATE 防疫挑战赛个人Writeup
更多知识欢迎访问我的博客园:https://www.cnblogs.com/2ha0yuk7on/
04-24 911
这次下午有事,上午做了两道就溜了,简单记录一下。 Crypto easy_real 读题目代码: import random import hashlib flag = 'xxxxxxxxxxxxxxxxxxxx' key = random.randint(1,10) for i in range(len(flag)): crypto += chr(ord(flag[i])^key) m = crypto的ascii十六进制 e = random.randint(1,100) print(hashlib
【Web】2022DASCTF Apr X FATE 防疫挑战赛 题解(全)
uuzeray的博客
04-16 952
spl_autoload_register函数实现了当程序遇到调用没有定义过的函数时,会去找./class/函数名.php路径下的php文件,并把它包含在程序中。于是退一步,用同样的方式去读/var/www/html目录下的upload.php和edit.php。尝试去读/proc/1/environ和/flag均响应403,显然权限不够。访问/uploads/head.png,成功读到/etc/passwd。建立了链接,同时flag也没有被覆盖,然后访问。监听,反弹shell,拿flag。
2022DASCTF Apr X FATE 防疫挑战赛 warmup-php
weixin_43610673的博客
04-24 2489
主页代码逻辑就是自动加载class下类文件,然后动态调用一个类,并设置成员变量。最后调用类的run()方法。 看uml类图其实就大致有数该实例化哪个类了,TestView 看这几个类文件的内容,很明显的页面模板生成代码,感觉是根据YII2框架的模板渲染提取的主要逻辑 先找漏洞点,在Base类中 再去找调用链,搜索run()方法,在ListView类中 接着跟到renderContent,会去调用类中的renderSection方法,$this->template需为{test}形式,才会被正则
2022DASCTF Apr X FATE 防疫挑战赛 部分web复现
errorr0
04-28 1755
DAS的部分web复现
2022DASCTF Apr X FATE 防疫挑战赛web复现
qq_58970968的博客
05-05 312
打开可看到是代码审计,现在的我的水平显然不会做: 所以参考了其他师父的wp;勉勉强强知道点流程,大概就是不断调用各种类中的方法; 首先拿到四个代码,如下: Base.php <?php class Base { public function __get($name) { $getter = 'get' . $name; if (method_exists($this, $getter)) { return $t
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值