last_signin

from Crypto.Util.number import *

flag = b'?'

e = 65537

p, q = getPrime(1024), getPrime(1024)

N = p * q

gift = p&(2**923-2**101)

m = bytes_to_long(flag)

c = pow(m, e, N)

print("N = ",N)

print("gift = ",gift)

print("c = ",c)

"""

N =  12055968471523053394851394038007091122809367392467691213651520944038861796011063965460456285088011754895260428814358599592032865236006733879843493164411907032292051539754520574395252298997379020268868972160297893871261713263196092380416876697472160104980015554834798949155917292189278888914003846758687215559958506116359394743135211950575060201887025032694825084104792059271584351889134811543088404952977137809673880602946974798597506721906751835019855063462460686036567578835477249909061675845157443679947730585880392110482301750827802213877643649659069945187353987713717145709188790427572582689339643628659515017749

p0 =  70561167908564543355630347620333350122607189772353278860674786406663564556557177660954135010748189302104288155939269204559421198595262277064601483770331017282701354382190472661583444774920297367889959312517009682740631673940840597651219956142053575328811350770919852725338374144

c =  2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018

"""

参考:D^3CTF 官方Write Up-Crypto-Bivariate

exp:

#sage#

N =  12055968471523053394851394038007091122809367392467691213651520944038861796011063965460456285088011754895260428814358599592032865236006733879843493164411907032292051539754520574395252298997379020268868972160297893871261713263196092380416876697472160104980015554834798949155917292189278888914003846758687215559958506116359394743135211950575060201887025032694825084104792059271584351889134811543088404952977137809673880602946974798597506721906751835019855063462460686036567578835477249909061675845157443679947730585880392110482301750827802213877643649659069945187353987713717145709188790427572582689339643628659515017749

p0 =  70561167908564543355630347620333350122607189772353278860674786406663564556557177660954135010748189302104288155939269204559421198595262277064601483770331017282701354382190472661583444774920297367889959312517009682740631673940840597651219956142053575328811350770919852725338374144

c =  2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018

def bivariate(pol, XX, YY, kk=4):

    N = pol.parent().characteristic()

    f = pol.change_ring(ZZ)

    PR, (x, y) = f.parent().objgens()

    idx = [(k - i, i) for k in range(kk + 1) for i in range(k + 1)]

    monomials = list(map(lambda t: PR(x ** t[0] * y ** t[1]), idx))

    # collect the shift-polynomials

    g = []

    for h, i in idx:

        if h == 0:

            g.append(y ** h * x ** i * N)

        else:

            g.append(y ** (h - 1) * x ** i * f)

    # construct lattice basis

    M = Matrix(ZZ, len(g))

    for row in range(M.nrows()):

        for col in range(M.ncols()):

            h, i = idx[col]

            M[row, col] = g[row][h, i] * XX ** h * YY ** i

    # LLL

    B = M.LLL()

    PX = PolynomialRing(ZZ, 'xs')

    xs = PX.gen()

    PY = PolynomialRing(ZZ, 'ys')

    ys = PY.gen()

    # Transform LLL-reduced vectors to polynomials

    H = [(i, PR(0)) for i in range(B.nrows())]

    H = dict(H)

    for i in range(B.nrows()):

        for j in range(B.ncols()):

            H[i] += PR((monomials[j] * B[i, j]) / monomials[j](XX, YY))

    # Find the root

    poly1 = H[0].resultant(H[1], y).subs(x=xs)

    poly2 = H[0].resultant(H[2], y).subs(x=xs)

    poly = gcd(poly1, poly2)

    x_root = poly.roots()[0][0]

    poly1 = H[0].resultant(H[1], x).subs(y=ys)

    poly2 = H[0].resultant(H[2], x).subs(y=ys)

    poly = gcd(poly1, poly2)

    y_root = poly.roots()[0][0]

    return x_root, y_root

PR = PolynomialRing(Zmod(N), names='x,y')

x, y = PR.gens()

pol = 2 ** 923 * x + y + p0

x, y = bivariate(pol, 2 ** 101, 2 ** 101)

p = 2 ** 923 * x + y + p0

q = N // p

print(p)

print(q)

#p = 128316995030969915324601380638393686940451314028029847288048482890311391444850912731036515693294185876094548175445535907681477441597112946116144447110741965169166242532652418536974280062421433117597771884350348782061336417186073214602745554392782563801452571827824278044551188124531752043347553290530270395447

#q = 93954572959047928343011750832384121004425708514797352779274995744988621009506935222019019171047965401245311260375453924225343494879356560534244565490966730992944825873075214193169703861204568164588812686254102717072093288624081316906954278209584119401170082334613277995260895181460040974631476760070669352467
from Crypto.Util.number import *

p = 128316995030969915324601380638393686940451314028029847288048482890311391444850912731036515693294185876094548175445535907681477441597112946116144447110741965169166242532652418536974280062421433117597771884350348782061336417186073214602745554392782563801452571827824278044551188124531752043347553290530270395447

q = 93954572959047928343011750832384121004425708514797352779274995744988621009506935222019019171047965401245311260375453924225343494879356560534244565490966730992944825873075214193169703861204568164588812686254102717072093288624081316906954278209584119401170082334613277995260895181460040974631476760070669352467

c = 2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018

n = p * q

e=65537

d = inverse(e, (p - 1)*(q - 1))

m = int(pow(c, d, n))

print(long_to_bytes(m))

#flag{although_11ts_norma11_tis_still_stay_dsadsa}

School of CRC32

import secrets

from secret import flag

import zlib

ROUND = 100

LENGTH = 20

print('Extreme hard CRC32 challenge')

print('ARE YOU READY')

for i in range(ROUND):

    print('ROUND', i, '!'*int(i/75 + 1))

    target = secrets.randbits(32)

    print('Here is my CRC32 value: ', hex(target))

    dat = input('Show me some data > ')

    raw = bytes.fromhex(dat)

    if zlib.crc32(raw) == target and len(raw) == LENGTH:

        print("GREAT")

    else:

        print("OH NO")

        exit()

print("Congratulation! Here is your flag")

print(flag)

考点:crc32的逆向(碰撞),参考:https://pypi.org/project/crcsolver/

exp:

from Crypto.Util.number import *

import crcsolver

import zlib

from pwn import *

sh = remote("IP",端口号)

for i in range(100):

    data = sh.recvuntil(b"Here is my CRC32 value:")

    c = eval(sh.recvline().decode())

    m = crcsolver.solve(b'_'*20, range(8*20), c, zlib.crc32) #关键代码

    message = hex(bytes_to_long(m))[2:].zfill(40)  #传给服务器的数据需要是16进制形式,而且需填充满40位才行,否则会报错。

    sh.sendlineafter(b"Show me some data >",message)

sh.interactive()

NewStarCTF 2023 公开赛道 WEEK5|CRYPTO WP的更多相关文章

  1. bugku crypto wp上半部分汇总

    1.滴答~滴 摩斯码,在线解开. 2. 栅栏密码,在线解就出flag了. 3. Ook解密,由.?!Ook组成密文,在线网站解密 4.这不是摩斯密码 有点像jsfuck,发现又不是,因为不会出现大于号 ...

  2. BUUCTF Crypto

    BUUCTF 几道crypto WP [AFCTF2018]Morse 简单的莫尔斯密码,最直观的莫尔斯密码是直接采用空格分割的点和划线,这题稍微绕了一下使用的是斜杠来划分 所以首先将斜杠全部替换为空 ...

  3. 2021羊城杯比赛复现(Crypto)

    bigrsa 题目: from Crypto.Util.number import * from flag import * n1 = 10383529640908175186077053551474 ...

  4. 海王星给你好看!FineUI v4.0公测版发布暨《你找BUG我送书》活动开始(活动已结束!)

    <FineUI v4.0 你找BUG我送书>活动已结束,恭喜如下三位网友获得由 FineUI 作者亲自翻译的图书<jQuery实战 第二版>! 奋斗~ 吉吉﹑ purplebo ...

  5. BUUCTF Crypto_WP(2)

    BUUCTF Crypto WP 几道密码学wp [GXYCTF2019]CheckIn 知识点:Base64,rot47 下载文件后,发现一个txt文件,打开发现一串base64,界面之后出现一串乱 ...

  6. NewStarCTF 公开赛 2022 RE WP

    Week 2 Re 前可见古人,后得见来者 chipher = [0x51, 0x5B, 0x4C, 0x56, 0x59, 0x4D, 0x50, 0x56, 0x54, 0x43, 0x7D, 0 ...

  7. DawgCTF wp(re和crypto)

    简单写写思路,想看详解的..我脚本有些丢失了..师傅请移步. 挂了个vpn,算正式打这种国际赛,全是英文.上去打了两天,昨晚晚上划水了一晚上补作业...,re那时候写出来三道,Potentially ...

  8. 第二届 BJD wp(reverse和crypto)

    re 1.第一题拖入ida,flag就是直接明文摆着 2.第二题是8086的程序,拖入ida,发现有个jmp无限跳转,可能是段寄存器被修改了,ida无法将后面的汇编识别出来,所以后面才有很多无效数据, ...

  9. MRCTF (re和crypto)wp

    RE: 一.PixelShooter(这题比赛我居然没看,靠,血亏,所以做不出来就不要一直死怼,这题挺好写的,) unity一般是用c#写的,刚好又是apk,可以用dnspy来反编译看看,在源码中找到 ...

  10. HGAME 2023 WP week1

    WEEK1 web Classic Childhood Game 一眼顶真,直接翻js文件,在Events.js中找到mota(),猜测是获取flag,var a = ['\x59\x55\x64\x ...

随机推荐

  1. 有了Excel和PPT,为什么我们还需要数据可视化工具?

    在当今信息时代,数据扮演着越来越重要的角色,而数据的可视化呈现正是一种强大的工具,能够帮助我们更好地理解和利用这些数据.虽然Excel和PPT在处理数据方面有着不可否认的作用,但在处理大规模.复杂数据 ...

  2. rust 过程宏

    简介 Rust 编程语言里面有两种宏系统,一种是声明宏(Declarative Macros),另一种为过程宏(Procedural Macros).声明宏和过程宏是两种基本上完全不一样的宏系统,编写 ...

  3. ModuleNotFoundError: No module named '_pytest.resultlog'

    新环境运行Python时报错 ModuleNotFoundError: No module named '_pytest.resultlog' 上网查,看到解决方法  https://www.cnbl ...

  4. shell中 << EOF 和 EOF 使用

    转载请注明出处: EOF(End of File)在Shell中通常用于指示输入的结束,并在脚本或命令中进行多行输入.它允许用户指定一个特定的分界符来表示输入的结束,通常用于创建临时文件.重定向输入或 ...

  5. CentOS 7.3 操作系统 详解安装手册

    CentOS 7.3 操作系统 安装手册 在安装ESPC前(绿盟WAF.IPS等外置日志中心),需要确保已经在计算机中正确安装CentOS 7.3 x86_64(内核版本为3.10.0-514.el7 ...

  6. 2024-01-06:用go语言,在河上有一座独木桥,一只青蛙想沿着独木桥从河的一侧跳到另一侧 在桥上有一些石子,青蛙很讨厌踩在这些石子上 由于桥的长度和青蛙一次跳过的距离都是正整数 我们可以把独木桥

    2024-01-06:用go语言,在河上有一座独木桥,一只青蛙想沿着独木桥从河的一侧跳到另一侧 在桥上有一些石子,青蛙很讨厌踩在这些石子上 由于桥的长度和青蛙一次跳过的距离都是正整数 我们可以把独木桥 ...

  7. 请注意,你的 Pulsar 集群可能有删除数据的风险

    在上一篇 Pulsar3.0新功能介绍中提到,在升级到 3.0 的过程中碰到一个致命的问题,就是升级之后 topic 被删除了. 正好最近社区也补充了相关细节,本次也接着这个机会再次复盘一下,毕竟这是 ...

  8. Vue源码学习(十九):router基本原理

    好家伙,   0.什么是路由? 路由就是匹配到对应路径显示对应的组件! 那么我们要如何去实现? 我们来回忆一下这router怎么用的 1. 声明式路由配置:在路由配置对象中,定义路径与组件的映射关系. ...

  9. Xshell与Xftp安装与使用

    Xshell与Xftp安装 软件安装:官网或者应用商店 安装结束 nslicense.dll替换 下载文件 使用 登录 双击刚刚建立的连接 表示建立成功 点击文件传输 右边就是服务器的文件,左边就是本 ...

  10. EDS从小白到专家丨生态产业链高效协同的一计良策

    本文分享自华为云社区<[EDS从小白到专家]第3期:生态产业链高效协同的一计良策>,作者:开天aPaaS小助手 . 号外! 华为将于2023年9月20-22日,在上海世博展览馆和上海世博中 ...