(1)16进制字符串文本转换https://www.bejson.com/convert/ox2str/
(2)unicode在线编解码:https://www.css-js.com/tools/unicode.html
(3)在线摩斯密码解密 https://www.bejson.com/enc/morse/
(4)MD5在线爆破 https://www.cmd5.com/
(5)维吉利亚在线解密 https://guballa.de/startseite
https://www.guballa.de/vigenere-solver
(6)在线大素数分解 http://factordb.com/
(7)在线将cap包修复为pcap包 http://f00l.de/hacking/pcapfix.php
(8)在线PS网址https://www.uupoop.com/
:
1.uncompyle2是Python2.7的反编译工具,它可以把python生成的pyo、pyc字节码文件反编译为十分完美的源码,并可以将反编译后的源码再次生成字节码文件
安装方法:
git clone https://github.com/wibiti/uncompyle2
cd uncompyle2
python setup.py install
使用方法示例:
使用帮助:
uncompyle2 -h
例如有一个pcat.pyc,想反编译输出文件为pcat.py,你必须这样写:
uncompyle2 -o pcat.py pcat.pyc
2.git泄露:考虑 git 泄露 下载 Git_Extract 使用 python git_extract.py 加上.git 所在目录,还原出另一个 flag.txt,及 s.py, 删除原来的 flag.txt,将新抽取的 flag.txt.xxx 重命名为 flag.txt,运行 s.py 得到 flag
提取远程 git 泄露或本地 git 的工具
下载地址:https://github.com/gakki429/Git_Extract
3.压缩包解密工具除了一个archpr工具外还有一个azpr
4.winhex进行16进制搜索查找简单编辑,hdx可以大量文本编辑,下载地址l
5.要复制winhex16进制对应的文本内容,可以先吧16进制复制出来进行字符串转换即可
6.流量包分析时对请求方式筛选很有用:http.request.method==POST
7.除了使用binwalk提取文件以外,kali自带了foremost工具用来提取文件
8.存储该文件电脑的一个内存快照题目解法参考:https://www.ichunqiu.com/writeup/detail/1415
9.zsteg可以检测PNG和BMP图片里的隐写数据。
git clone http://www.github.com/zed-0xff/zsteg
安装方法:
git clone https://github.com/zed-0xff/zsteg
cd zsteg/
gem install zsteg
直接文本搜索
使用strings.exe对kill.pcapng中的可打印字符进行提取,保存到strings.txt文件中,命令【strings.exe ****.pcapng >strings.txt】
或者直接使用notepad++打开搜索
CTFcrack这个工具尝试一下
RSA题目
from pwn import *
from hashlib import sha256
from gmpy2 import *
n=p*q
e=65537
p = 289540461376837531747468286266019261659
q = 306774653454153140532319815768090345109
phi = (p-1)*(q-1)
d = invert(e, phi)
m = pow(c, d, n)
i = 0
while True:
if iroot(c + i * n, 3)[1] == True:
m = int(iroot(c + i * n, 3)[0])
break
i += 1
n = [n1, n2, n3]
C = [c1, c2, c3]
N = 1
for i in n:
N *= i
Ni = []
for i in n:
Ni.append(N / i)
T = []
for i in xrange(3):
T.append(long(invert(Ni[i], n[i])))
X = 0
for i in xrange(3):
X += C[i] * Ni[i] * T[i]
m3 = X % N
m = int(iroot(m3, 3)[0])
p = gcd(n1, n2)
q1 = n1/p
q2 = n2/p
phi1 = (p-1)*(q1-1)
phi2 = (p-1)*(q2-1)
d1 = invert(e1, phi1)
d2 = invert(e2, phi2)
m1 = pow(c1, d1, n1)
m2 = pow(c2, d2, n2)
_, s1, s2= gcdext(e1, e2)
if s1 < 0:
s1 = -s1
c1 = invert(c1, n)
if s2 < 0:
s2 = -s2
c2 = invert(c2, n)
m = (pow(c1, s1, n) * pow(c2, s2, n)) % n
d = 42043
m = pow(c, d, n)
nn=nextprime(p)*nextprime(q)
t = nn - n
f1 = lambda x, y: pow(x * y - t, 2) - 4 * n * x * y
f2 = lambda x, y, s: (t - x * y - s) / (2 * x)
token = 0
for x in xrange(1, 3000):
if token == 1:
break
for y in xrange(1, 3000):
if f1(x, y) >= 0:
s, b = iroot(f1(x, y), 2)
if b:
if is_prime(f2(x, y, int(s))):
p = f2(x, y, int(s))
token = 1
break
q = n/p
phi = (p-1)*(q-1)
d = invert(e, phi)
m = pow(c, d, n)
为快速实现RSA,会使用 dp = d%(p-1) 来进行计算,若该参数泄露,私钥d可被求出。
for i in range(1,65538):
if (dp*e-1) % i == 0:
if n%(((dp*e-1)/i)+1) == 0:
p = ((dp*e-1)/i)+1
break
q = n/(((dp*e-1)/i)+1)
phi = (p-1)*(q-1)
d = invert(e, phi)
m = pow(c, d, n)
对于一个较小的e来讲(例如e≤65537),d的上半部分可以被有效的估计出来,根据RSA定义我们有: .10 AES解密(需要key) 2.工具winhex 和010Editor都需要安装 3.AES秘钥解密 另附上青龙组misc图片相关的解密程序供参考: 运行代码得到 111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111100000001111001000000001100000001111101111111110011000010011111111101111101000001111111001001001100000101111101011111110101011000000111110101111101010001110101001001110100010101111101010001101101010101111100010101111101010001011001011101111100010101111111111111010101010000110111111111111111111111111101010110011000100111111110010011100101001111111011011011111110000010101111010101100011111001111101010111101001000000110000111111111101110010110011001100110000001111111111111111111111001110111110000111111100000000000000000001101101110101111100010110110111101001111000010111111100010101111010010001100101001011111101010101011001000110001101110001111101111010011110111010000111100001111100101001111000000010001011010001111100100100001101100001000010011101111100010110001101011110100110111001111111001000111011001000101111111111111111111111010001010000010111111111111101010001110000111111111100010101111101010001101111111111111100010101111101010001010100111111111100010101111101011111011111111111111111110101111101000001101001111111111100000101111101111111111111111111111111111101111100000001100111111111111100000001111111111111111111111111111111111111111111111111111111111111111111111111 弄成36*36的汉信码,并旋转,反色: 得到汉信码的图片之后根据汉信码的图片格式修复图片在专门解密汉信码的网站上解密得到flag
ed ≡ 1 (mod phi)
即:
ed ≡ k * phi + 1
由于:
phi = (p-1) * (q-1)
= p * q - p - q + 1
= n - p - q + 1
所以我们有:
ed = k * (n+1) - k * (p+q ) + 1
由RSA定义可知d<φ(n),而我们知道ed-k*φ(n)=1>0,因此可知k d = 45159787940421567053389692873525016894044126603328403245044194862092560129767800975750759211073400677059431669599774212169729239464284386884805500875685229194812299619146481787869685766869964059719162131058049898494414974095097245336649442253594573283986866909860634867511559228592972738243031410781238959467
m = pow(c, d, n)
#coding=utf-8
from Crypto.PublicKey import RSA
from Crypto.Cipher import AES
key="copy__white__key"
obj=AES.new(key,AES.MODE_ECB)
s=open("AES.encryt","rb").read()
str=obj.decrypt(s)
with open(r'next.zip','wb') as f:
f.write(str)#解密后得到文件
#coding=utf-8
from Crypto.Cipher import AES
key="copy__white__key"
obj=AES.new(key,AES.MODE_ECB)
path="/home/adworld/MISC/i_chunqiu/CryMisc_E1C844B98C4CAC14060994BD1933AF9F/gogogo/AES.encryt"
s=open(path,"rb").read()
str=obj.decrypt(s)
with open(r'next.zip','wb') as f:
f.write(str)#解密后得到文件
文件是PNG头,修改文件后缀为png,该文件像素为12*36#对该文件的RGB进行识别
#255 记为1 0记为0
from PIL import Image
#import sys
#im = Image.open(sys.argv[1])
im = Image.open('file.png')
width = im.size[0]
height = im.size[1]
temp = ''
#竖着识别
for w in range(width):
for h in range(height):
pixel = im.getpixel((w, h))
temp += '1' if pixel[0] == 255 else '0'
temp += '1' if pixel[1] == 255 else '0'
temp += '1' if pixel[2] == 255 else '0'
print(temp)
#incoding:utf-8
from PIL import Image
str = "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111100101101101101101101111111110110101101111100100100101101100100100111111101101101101101101100111111111111111000111000011010010010111111010000010110111000010010010111101100010001111010010010011000111000111111111111111001111001111001001001111111011010111010111000110101101010001100110000111001001001111001111001111111111111111111110111110110101011010111100101101110111000110111011011111001001111010110101010011101111100111111111111111001011111101101101001101101101111001011111000111010001110000101101011001000111100111001111111111111111111111000000001011001010011010010001010000001001000101010000111000100011001010111111111111111111111111111111111111000010001000001101101000110111101000100110001001001110010010001110000000111111111111111111111111111111111111001011001000110111111110011111100110110111101111100001000001000100101010111111111111111111111111111111111111100111100111100100100111000011011000000110101000101101111011010110111111100100100111100111100111111111111111000111000110010010010111100011111111001000110010001110100010011111111111010010010110000111000111111111111111001101101101101101101111111011001111111111101111011001001001101001111111101101101101101101001111111"
length_str = len(str)
print (length_str)
MAX = int(len(str)**0.5) #根据01的个数生成黑白二维码的 size
print (MAX)
pic = Image.new("RGB",(MAX,MAX))
i=0
for y in range (0,MAX):
for x in range (0,MAX):
if(str[i] == '1'):
pic.putpixel([x,y],(0,0,0))
else:
pic.putpixel([x,y],(255,255,255))
i = i+1
pic.show()
pic.save("flag.png")