0%

BUUCTF【Crypto】1~12题

平台:https://buuoj.cn/

解出数从高到低排序

MD5

MD5碰撞:https://www.somd5.com/

一眼就解密

base64解码:https://base64.us/

Url编码

url解码:https://www.bejson.com/enc/urlencode/

看我回旋踢

凯撒密码解码:http://www.metools.info/code/c70.html

摩丝

摩斯电码解码:http://www.zhongguosou.com/zonghe/moErSiCodeConverter.aspx?d=123

password

根据题目提示,密码为姓名加日期:zs19900315

变异凯撒

1
afZ_r9VYfScOeO_UL^RWUc

将前四个字母对照flag可以发现,分别移了5,6,7,8位,因此用python脚本解决

1
2
3
4
5
secret = "afZ_r9VYfScOeO_UL^RWUc"
cnt = 5
for i in secret:
print(chr(ord(i)+cnt), end="")
cnt += 1

Quoted-printable

Quoted-printable解码:http://web.chacuo.net/charsetquotedprintable/

Rabbit

在线Rabbit算法加密解密:http://www.jsons.cn/rabbitencrypt/

篱笆墙的影子

观察即可发现,偶数位0、2、4、6构成了flag,用python脚本解决

1
2
3
4
5
6
7
8
9
secret = "felhaagv{ewtehtehfilnakgw}"
res = ""
cnt = 0
for i in secret:
if(cnt % 2 == 0):
print(i,end="")
res += i
cnt += 1
# flag{wethinkw

只拿到了一半flag,继续观察剩下的密文,修改代码为

1
2
3
4
5
6
7
8
9
10
11
secret = "felhaagv{ewtehtehfilnakgw}"
res_1 = ""
res_2 = ""
cnt = 0
for i in secret:
if(cnt % 2 == 0):
res_1 += i
else:
res_2 += i
cnt += 1
print(res_1+res_2)

得到flag

RSA

1
2
在一次RSA密钥对生成中,假设p=473398607161,q=4511491,e=17
求解出d作为flga提交

https://blog.csdn.net/ISHobbyst/article/details/108918079

加密过程

n=p*q

c=m^e mod n

c=pow(m,e,n)

解密过程

m=c^d mod n

m=pow(c,d,n)

求解私钥d

d = gmpy2.invert(e, (p-1)*(q-1))

一般来说,n,e是公开的,但是由于n一般是两个大素数的乘积,所以我们很难求解出d,所以RSA加密就是利用现代无法快速实现大素数的分解,所存在的一种安全的非对称加密。

用python脚本解出

1
2
3
4
5
6
7
import gmpy2
p = 473398607161
q = 4511491
e = 17
s = (p-1)*(q-1)
d = gmpy2.invert(e,s)
print ("dec: " + str(d))

丢失的MD5

1
2
3
4
5
6
7
8
9
import hashlib   
for i in range(32,127):
for j in range(32,127):
for k in range(32,127):
m=hashlib.md5()
m.update('TASC'+chr(i)+'O3RJMV'+chr(j)+'WDJKX'+chr(k)+'ZM')
des=m.hexdigest()
if 'e9032' in des and 'da' in des and '911513' in des:
print(des)

回显

1
2
3
4
Traceback (most recent call last):
File "C:/Windows/Temp/360zip$Temp/360$3/md5.py", line 6, in <module>
m.update('TASC'+chr(i)+'O3RJMV'+chr(j)+'WDJKX'+chr(k)+'ZM')
TypeError: Unicode-objects must be encoded before hashing

修改python代码,得到flag

1
m.update('TASC'.encode('utf-8')+chr(i).encode('utf-8')+'O3RJMV'.encode('utf-8')+chr(j).encode('utf-8')+'WDJKX'.encode('utf-8')+chr(k).encode('utf-8')+'ZM'.encode('utf-8'))