import sys import math defcheck_cong(k, p, q, n, xored=None): kmask = (1 << k) - 1 p &= kmask q &= kmask n &= kmask pqm = (p*q) & kmask return pqm == n and (xored isNoneor (p ^ q) == (xored & kmask)) defextend(k, a): kbit = 1 << (k-1) assert a < kbit yield a yield a | kbit deffactor(n, p_xor_q): tracked = set([(p, q) for p in [0, 1] for q in [0, 1] if check_cong(1, p, q, n, p_xor_q)]) PRIME_BITS = int(math.ceil(math.log(n, 2)/2)) maxtracked = len(tracked) for k inrange(2, PRIME_BITS+1): newset = set() for tp, tq in tracked: for newp_ in extend(k, tp): for newq_ in extend(k, tq): # Remove symmetry newp, newq = sorted([newp_, newq_]) if check_cong(k, newp, newq, n, p_xor_q): newset.add((newp, newq)) tracked = newset iflen(tracked) > maxtracked: maxtracked = len(tracked) print('Tracked set size: {} (max={})'.format(len(tracked), maxtracked)) # go through the tracked set and pick the correct (p, q) for p, q in tracked: if p != 1and p*q == n: return p, q
assertFalse, 'factors were not in tracked set. Is your p^q correct?' defmain(): iflen(sys.argv) != 3: print('Usage: xor_factor.py n p_xor_q', file=sys.stderr) print('(give both numbers in decimal)', file=sys.stderr) n = 145462084881728813723574366340552281785604069047381248513937024180816353963950721541845665931261230969450819680771925091152670386983240444354412170994932196142227905635227116456476835756039585419001941477905953429642459464112871080459522266599791339252614674500304621383776590313803782107531212756620796159703 e = 10463348796391625387419351013660920157452350067191419373870543363741187885528042168135531161031114295856009050029737547684735896660393845515549071092389128688718675573348847489182651631515852744312955427364280891600765444324519789452014742590962030936762237037273839906251320666705879080373711858513235704113 c = 60700608730139668338977678601901211800978306010063875269252006068222163102100346920465298044880066999492746508990629867396189713753873657197546664480233269806308415874191048149900822050054539774370134460339681949131037133783273410066318511508768512778132786573893529705068680583697574367357381635982316477364 leak1 = 13342820281239625174817085182586822673810894195223942279061039858850534510679297962596800315875604798047264337469828123370586584840078728059729121435462780 leak2 = 10901899434728393473569359914062349292412269512201554924835672710780580634465799069211035290729536290605761024818770843901501694556825737462457471235151530 p_xor_q = leak1 ^ leak2 p, q = factor(n, p_xor_q) phi = (p-1)*(q-1) d = inverse(e, phi) print(long_to_bytes(pow(c, d, n))) if __name__ == '__main__': main()
给你d又怎样
题目
from Crypto.Util.number import * from gmpy2 import *
from Crypto.Util.number import * c = 48794779998818255539069127767619606491113391594501378173579539128476862598083 hint = 7680157534215495795423318554486996424970862185001934572714615456147511225105 e = 65537 d = 45673813678816865674850575264609274229013439838298838024467777157494920800897 cp = 6091 cq = c//cp cd = inverse(e, (cp-1)*(cq-1)) n = pow(hint, cd, c)+c print(long_to_bytes(pow(c, d, n)))
混合密码体系
题目
# 库 from Crypto.Util.number import bytes_to_long,getPrime from Crypto.Cipher import AES from Crypto.Util.Padding import pad
# 对称加密 flag = b'ctfshow{***}'# 密文,隐藏 key = b'flag{***}'# 会话密钥,隐藏 iv = b'flag{1fake_flag}'# AES偏移向量,已知 # 对明文进行填充,使其长度符合AES加密的要求 padded_plaintext = pad(flag, AES.block_size)
@app.route('/',methods=['POST']) defindex(): username = request.form.get('username') password = request.form.get('password') session["username"] = username session["password"] = password Evil = evil() if request.data: iffilter(str(request.data)): return"NO POLLUTED!!!YOU NEED TO GO HOME TO SLEEP~" else: merge(json.loads(request.data), Evil) return"MYBE YOU SHOULD GO /ADMIN TO SEE WHAT HAPPENED" return render_template("index.html")
@app.route('/admin',methods=['POST', 'GET']) deftemplates(): username = session.get("username", None) password = session.get("password", None) if username and password: if username == "adminer"and password == app.secret_key: return render_template("flag.html", flag=open("/flag", "rt").read()) else: return"Unauthorized" else: returnf'Hello, This is the POLLUTED page.'
if __name__ == '__main__': app.run(host='0.0.0.0', port=5000)
lsb000有东西,CTF-Misc is like this. The question setter just needs to find a few unfamiliar knowledge points to fit in, but the contestants have to consider a lot of things
公式秒了()
给了两个hint https://github.com/WeChatCV/opencv_3rdparty
根据第二个提示找到的工具,https://qrcode.antfu.me
但是,怎么找到跟二维码相关的东西呢?后续等wp了
