国城杯&&HECTF2024
国城杯
这次比赛的web比较有难度(题解居然比pwn少,而且是少很多很多),交给学弟,然后学弟下午出去玩,那就没人打web了,因为我被圆锥曲线卡住了QWQ
Crypto
babyRSA
from secret import flagfrom Crypto.Util.number import*from gmpy2 import*flag = b'D0g3xGC{****************}'def gen_key(p, q): public_key = p*p*q e = public_key n = p*q phi_n = (p-1)*(q-1) private_key = inverse(e,phi_n) return public_key,private_key,ep = getPrime(512)q = getPrime(512)N,d,e = gen_key(p,q)c = gmpy2.powmod(bytes_to_long(flag),e,N)print(N)print(d)print ...
pcb2024-WriteUp
Crypto
SOLVED
babyenc-pcb2024
from Crypto.Util.number import *import randomfrom gmpy2 import *from secret import flagassert len(flag) == 42flag1 = flag[:len(flag)//2]flag2 = flag[len(flag)//2:]print(flag1.encode())print(flag2.encode())m1 = bytes_to_long(flag1.encode())m2 = bytes_to_long(flag2.encode())def e_gen(bits): e = [] for _ in range(5): e.append(getPrime(bits)) return edef enc1(m, e, shift): n = next_prime(m << shift) tmp = getPrime(256) cc = [] for i ...
SageMath10.x最新版安装指引
前言
由于懒人安装在windows11上面,最高只能获取到Sagemath9.3的版本,在wsl2+ubuntu22.04上面最新的也才sagemath9.5好像,不会升级,有些exp跑不了,遂安装了Sagemath10.x版本
在网上找了一圈,发现都没有教程是使用WSL2+ubuntu22.04+sagemath10.x的,很多都是在Arch Linux里面装的
特此,安装好了,可以运行了,写下了这篇博客
闲来无事,去敲打了一下Kimi
SageMath 10.x 版本推荐使用 Arch Linux 的原因主要有以下几点:维护良好且最新的SageMath包:从Sage 10.2开始,Arch Linux 提供了维护良好且最新的SageMath包,这意味着用户可以更容易地获得最新版本的SageMath,以及及时的安全更新和功能改进。兼容性和支持:Arch Linux 对于 SageMath 的支持较好,社区活跃,能够及时解决与SageMath 相关的兼容性问题滚动更新模型:Arch Linux 采用滚动更新模型,这意味着系统和软件包始终保持最新状态,这对于科研和开发人员来说是一个很大 ...
SHCTF2024-WriteUp
https://ctf.qlu.edu.cn
平台不知道什么时候关闭
尼玛,新生赛一堆,newstar 0xgame都只是打了一下就不想打了,忙不过来了,屁事太多了
还好山河明智,第二周就把新生标签摘了,然后我第一周打的多一些,后面基本是,下密码的附件来看看了
欸,居然有37
week1
web
单身十八年的手速
game.js
1zflask
/robots.txt,/s3recttt,/api?SSHCTFF=cat /flag
蛐蛐?蛐蛐!
/source.txt,修复乱码
<?phpif($_GET['ququ'] == 114514 && strrev($_GET['ququ']) != 415411){ if($_POST['ququ']!=null){ $eval_param = $_POST['ququ']; if(strncmp($eval_param,'ququk1',6)===0 ...
网鼎杯2024青龙组&&强网杯2024-WriteUp
写在最前面,原题杯与咸鱼CTF
网鼎杯2024青龙组
CRYPTO001
from Crypto.Util.number import *from secret import flagp = getPrime(512)q = getPrime(512)n = p * qd = getPrime(299)e = inverse(d,(p-1)*(q-1))m = bytes_to_long(flag)c = pow(m,e,n)hint1 = p >> (512-70)hint2 = q >> (512-70)print(f"n = {n}")print(f"e = {e}")print(f"c = {c}")print(f"hint1 = {hint1}")print(f"hint2 = {hint2}")n = 123789043095302886784777 ...
MoeCTF2024 WriteUp
Crypto
给两个比较完善的CRYPTO方向的wp
https://blog.csdn.net/weixin_52640415/article/details/141436804
https://www.cnblogs.com/naby/p/18466255
有一题临时下了,不知道什么情况,三题没出,质量还是非常不错的
现代密码学入门指北
from Crypto.Util.number import *print(long_to_bytes(pow(c, inverse(e, (p-1)*(q-1)), n)))Signinfrom Crypto.Util.number import*from secret import flagm = bytes_to_long(flag)p = getPrime(1024)q = getPrime(1024)n = p*qe = 65537c = pow(m,e,n)pq = (p-1)*(q-2)qp = (q-1)*(p-2)p_q = p + qprint(f"{c = }")print(f&qu ...
CNSS Summer 2024 WriteUp
Web
🦴 babyHTTP
考点GET POST Cookie,HTTP基础知识
🙋🏼♀️ PHPinfo
考点phpinfo()
http://111.229.23.244:50002/phpinfo.php
ctrl+f,搜索cnss
🥇 我得再快点
利用正则表达式获取前端数据的Key的值,进行md5加密,再Python访问payload
import requestsimport refrom hashlib import md5url = 'http://152.136.11.155:10103'# 循环获取页面内容while True: response = requests.get(url, timeout=1) # 使用正则表达式匹配Key后面的字符串 pattern = r'Key : (\w+)' # 搜索匹配的字符串 match = re.search(pattern, response.text) s = match.group(1) str = md5(s.e ...
第二届煽密杯
也是代表Sloth参加了,学长们没来,去了三个web手,我可以算半个密码手?两个web学弟干瞪眼……
还是太菜了,QWQ,最后放榜,好像排到了98……
爆零了这边,QWQ
明面上去打比赛,实际上去银川旅游(bushi)
初始谜题1
题目
from sympy import Mod, Integerfrom sympy.core.numbers import mod_inverse# 模数N_HEX = "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123"MODULUS = Integer(int(N_HEX, 16))MSG_PREFIX = "CryptoCup message:"# 加密函数def encrypt_message(message, key): # 添加前缀 message_with_prefix = MSG_PREFIX + message message_bytes = message_with_prefix.encod ...
羊城杯2024wp
Sloth战队
Rank: 60/588
下面贴我的wp
Web
Lyrics For You
借鉴https://www.cjxol.com/posts/sekaictf-2022-writeup/
/proc/self/cmdline,得到python3-u/usr/etc/app/app.py
../../app/app.py
import osimport randomfrom config.secret_key import secret_codefrom flask import Flask, make_response, request, render_templatefrom cookie import set_cookie, cookie_check, get_cookieimport pickleapp = Flask(__name__)app.secret_key = random.randbytes(16)class UserData: def __init__(self, username): self.username = usern ...
DASCTF2024八月开学季
CHECKIN
8.24
一眼评论区
Crypto
EZsquares
from Crypto.Util.number import *from gmpy2 import *from secret import flagp=getPrime(512)q=getPrime(512)n0=p**2+q**2print('n0 =',n0)e=65537n=p*qm=bytes_to_long(flag)c=pow(m,e,n)print('c =',c)# n0 = 1925737445386391308458687270140759676695136677633159341618496205316835366963761383033206819227820030880945397242381091164164562944724610756685680886882872098988509850246324632519843238887652499502695950456484351920479909405938170869183992124 ...