last_signin

from Crypto.Util.number import *

flag = b'?'

e = 65537

p, q = getPrime(1024), getPrime(1024)

N = p * q

gift = p&(2**923-2**101)

m = bytes_to_long(flag)

c = pow(m, e, N)

print("N = ",N)

print("gift = ",gift)

print("c = ",c)

"""

N =  12055968471523053394851394038007091122809367392467691213651520944038861796011063965460456285088011754895260428814358599592032865236006733879843493164411907032292051539754520574395252298997379020268868972160297893871261713263196092380416876697472160104980015554834798949155917292189278888914003846758687215559958506116359394743135211950575060201887025032694825084104792059271584351889134811543088404952977137809673880602946974798597506721906751835019855063462460686036567578835477249909061675845157443679947730585880392110482301750827802213877643649659069945187353987713717145709188790427572582689339643628659515017749

p0 =  70561167908564543355630347620333350122607189772353278860674786406663564556557177660954135010748189302104288155939269204559421198595262277064601483770331017282701354382190472661583444774920297367889959312517009682740631673940840597651219956142053575328811350770919852725338374144

c =  2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018

"""

参考:D^3CTF 官方Write Up-Crypto-Bivariate

exp:

#sage#

N =  12055968471523053394851394038007091122809367392467691213651520944038861796011063965460456285088011754895260428814358599592032865236006733879843493164411907032292051539754520574395252298997379020268868972160297893871261713263196092380416876697472160104980015554834798949155917292189278888914003846758687215559958506116359394743135211950575060201887025032694825084104792059271584351889134811543088404952977137809673880602946974798597506721906751835019855063462460686036567578835477249909061675845157443679947730585880392110482301750827802213877643649659069945187353987713717145709188790427572582689339643628659515017749

p0 =  70561167908564543355630347620333350122607189772353278860674786406663564556557177660954135010748189302104288155939269204559421198595262277064601483770331017282701354382190472661583444774920297367889959312517009682740631673940840597651219956142053575328811350770919852725338374144

c =  2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018

def bivariate(pol, XX, YY, kk=4):

    N = pol.parent().characteristic()

    f = pol.change_ring(ZZ)

    PR, (x, y) = f.parent().objgens()

    idx = [(k - i, i) for k in range(kk + 1) for i in range(k + 1)]

    monomials = list(map(lambda t: PR(x ** t[0] * y ** t[1]), idx))

    # collect the shift-polynomials

    g = []

    for h, i in idx:

        if h == 0:

            g.append(y ** h * x ** i * N)

        else:

            g.append(y ** (h - 1) * x ** i * f)

    # construct lattice basis

    M = Matrix(ZZ, len(g))

    for row in range(M.nrows()):

        for col in range(M.ncols()):

            h, i = idx[col]

            M[row, col] = g[row][h, i] * XX ** h * YY ** i

    # LLL

    B = M.LLL()

    PX = PolynomialRing(ZZ, 'xs')

    xs = PX.gen()

    PY = PolynomialRing(ZZ, 'ys')

    ys = PY.gen()

    # Transform LLL-reduced vectors to polynomials

    H = [(i, PR(0)) for i in range(B.nrows())]

    H = dict(H)

    for i in range(B.nrows()):

        for j in range(B.ncols()):

            H[i] += PR((monomials[j] * B[i, j]) / monomials[j](XX, YY))

    # Find the root

    poly1 = H[0].resultant(H[1], y).subs(x=xs)

    poly2 = H[0].resultant(H[2], y).subs(x=xs)

    poly = gcd(poly1, poly2)

    x_root = poly.roots()[0][0]

    poly1 = H[0].resultant(H[1], x).subs(y=ys)

    poly2 = H[0].resultant(H[2], x).subs(y=ys)

    poly = gcd(poly1, poly2)

    y_root = poly.roots()[0][0]

    return x_root, y_root

PR = PolynomialRing(Zmod(N), names='x,y')

x, y = PR.gens()

pol = 2 ** 923 * x + y + p0

x, y = bivariate(pol, 2 ** 101, 2 ** 101)

p = 2 ** 923 * x + y + p0

q = N // p

print(p)

print(q)

#p = 128316995030969915324601380638393686940451314028029847288048482890311391444850912731036515693294185876094548175445535907681477441597112946116144447110741965169166242532652418536974280062421433117597771884350348782061336417186073214602745554392782563801452571827824278044551188124531752043347553290530270395447

#q = 93954572959047928343011750832384121004425708514797352779274995744988621009506935222019019171047965401245311260375453924225343494879356560534244565490966730992944825873075214193169703861204568164588812686254102717072093288624081316906954278209584119401170082334613277995260895181460040974631476760070669352467
from Crypto.Util.number import *

p = 128316995030969915324601380638393686940451314028029847288048482890311391444850912731036515693294185876094548175445535907681477441597112946116144447110741965169166242532652418536974280062421433117597771884350348782061336417186073214602745554392782563801452571827824278044551188124531752043347553290530270395447

q = 93954572959047928343011750832384121004425708514797352779274995744988621009506935222019019171047965401245311260375453924225343494879356560534244565490966730992944825873075214193169703861204568164588812686254102717072093288624081316906954278209584119401170082334613277995260895181460040974631476760070669352467

c = 2475592349689790551418951263467994503430959303317734266333382586608208775837696436139830443942890900333873206031844146782184712381952753718848109663188245101226538043101790881285270927795075893680615586053680077455901334861085349972222680322067952811365366282026756737185263105621695146050695385626656638309577087933457566501579308954739543321367741463532413790712419879733217017821099916866490928476372772542254929459218259301608413811969763001504245717637231198848196348656878611788843380115493744125520080930068318479606464623896240289381601711908759450672519228864487153103141218567551083147171385920693325876018

n = p * q

e=65537

d = inverse(e, (p - 1)*(q - 1))

m = int(pow(c, d, n))

print(long_to_bytes(m))

#flag{although_11ts_norma11_tis_still_stay_dsadsa}

School of CRC32

import secrets

from secret import flag

import zlib

ROUND = 100

LENGTH = 20

print('Extreme hard CRC32 challenge')

print('ARE YOU READY')

for i in range(ROUND):

    print('ROUND', i, '!'*int(i/75 + 1))

    target = secrets.randbits(32)

    print('Here is my CRC32 value: ', hex(target))

    dat = input('Show me some data > ')

    raw = bytes.fromhex(dat)

    if zlib.crc32(raw) == target and len(raw) == LENGTH:

        print("GREAT")

    else:

        print("OH NO")

        exit()

print("Congratulation! Here is your flag")

print(flag)

考点:crc32的逆向(碰撞),参考:https://pypi.org/project/crcsolver/

exp:

from Crypto.Util.number import *

import crcsolver

import zlib

from pwn import *

sh = remote("IP",端口号)

for i in range(100):

    data = sh.recvuntil(b"Here is my CRC32 value:")

    c = eval(sh.recvline().decode())

    m = crcsolver.solve(b'_'*20, range(8*20), c, zlib.crc32) #关键代码

    message = hex(bytes_to_long(m))[2:].zfill(40)  #传给服务器的数据需要是16进制形式,而且需填充满40位才行,否则会报错。

    sh.sendlineafter(b"Show me some data >",message)

sh.interactive()

NewStarCTF 2023 公开赛道 WEEK5|CRYPTO WP的更多相关文章

  1. bugku crypto wp上半部分汇总

    1.滴答~滴 摩斯码,在线解开. 2. 栅栏密码,在线解就出flag了. 3. Ook解密,由.?!Ook组成密文,在线网站解密 4.这不是摩斯密码 有点像jsfuck,发现又不是,因为不会出现大于号 ...

  2. BUUCTF Crypto

    BUUCTF 几道crypto WP [AFCTF2018]Morse 简单的莫尔斯密码,最直观的莫尔斯密码是直接采用空格分割的点和划线,这题稍微绕了一下使用的是斜杠来划分 所以首先将斜杠全部替换为空 ...

  3. 2021羊城杯比赛复现(Crypto)

    bigrsa 题目: from Crypto.Util.number import * from flag import * n1 = 10383529640908175186077053551474 ...

  4. 海王星给你好看!FineUI v4.0公测版发布暨《你找BUG我送书》活动开始(活动已结束!)

    <FineUI v4.0 你找BUG我送书>活动已结束,恭喜如下三位网友获得由 FineUI 作者亲自翻译的图书<jQuery实战 第二版>! 奋斗~ 吉吉﹑ purplebo ...

  5. BUUCTF Crypto_WP(2)

    BUUCTF Crypto WP 几道密码学wp [GXYCTF2019]CheckIn 知识点:Base64,rot47 下载文件后,发现一个txt文件,打开发现一串base64,界面之后出现一串乱 ...

  6. NewStarCTF 公开赛 2022 RE WP

    Week 2 Re 前可见古人,后得见来者 chipher = [0x51, 0x5B, 0x4C, 0x56, 0x59, 0x4D, 0x50, 0x56, 0x54, 0x43, 0x7D, 0 ...

  7. DawgCTF wp(re和crypto)

    简单写写思路,想看详解的..我脚本有些丢失了..师傅请移步. 挂了个vpn,算正式打这种国际赛,全是英文.上去打了两天,昨晚晚上划水了一晚上补作业...,re那时候写出来三道,Potentially ...

  8. 第二届 BJD wp(reverse和crypto)

    re 1.第一题拖入ida,flag就是直接明文摆着 2.第二题是8086的程序,拖入ida,发现有个jmp无限跳转,可能是段寄存器被修改了,ida无法将后面的汇编识别出来,所以后面才有很多无效数据, ...

  9. MRCTF (re和crypto)wp

    RE: 一.PixelShooter(这题比赛我居然没看,靠,血亏,所以做不出来就不要一直死怼,这题挺好写的,) unity一般是用c#写的,刚好又是apk,可以用dnspy来反编译看看,在源码中找到 ...

  10. HGAME 2023 WP week1

    WEEK1 web Classic Childhood Game 一眼顶真,直接翻js文件,在Events.js中找到mota(),猜测是获取flag,var a = ['\x59\x55\x64\x ...

随机推荐

  1. 【Python】【OpenCV】定位二维码

    相较于BarCode,QRCode有明显的特征区域,也就是左上角.右上角.左下角三个"回"字区域,得益于hierarchy中,父子关系的轮廓是连续的(下标),所以这个时候我们就可以 ...

  2. Python——第五章:time模块、datetime模块

    time模块 在平常的代码中,我们常常需要与时间打交道.在Python中,与时间处理有关的模块就包括:time,datetime,calendar(很少用,不讲),下面分别来介绍. 我们写程序时对时间 ...

  3. AES加密技术:原理与应用

    一.引言 随着信息技术的飞速发展,数据安全已成为越来越受到重视的领域.加密技术作为保障数据安全的重要手段,在信息安全领域发挥着举足轻重的作用.AES(Advanced Encryption Stand ...

  4. 华为云GaussDB助力工商银行、华夏银行斩获“十佳卓越实践奖”

    近日,2023金融街论坛年会在北京成功举办.活动期间,由北京金融科技产业联盟举办的全球金融科技大会系列活动--分布式数据库金融应用研究与实践大赛获奖结果正式公布.其中,由华为云GaussDB参与支持的 ...

  5. 数据湖探索DLI新功能:基于openLooKeng的交互式分析

    摘要:基于华为开源openLooKeng引擎的交互式分析功能,将重磅发布便于用户构建轻量级流.批.交互式全场景数据湖. 在这个"信息爆炸"的时代,大数据已经成为这个时代的关键词之一 ...

  6. 从中心到边缘,IoT正变为互联网之上的一张大网

    摘要:当我们从Cloud Native走到Edge Native,需要面临哪些挑战,它们各自的特点又是什么,IoT行业会迎来变革吗? 云原生.边缘计算,都是这两年的技术热词. 那么,当我们从Cloud ...

  7. 分布式缓存服务DCS:企业版性能更强,稳定性更高

    摘要:企业版性能指标达到业界TOP1,行业领先30%,内核态实现真正多线程. 一.背景介绍 近年来,随着各行业业务需求急速增加,数据量和并发访问量呈指数级增长,原来只能依附于关系型数据库的传统&quo ...

  8. 这项评测,华为云GaussDB(for MySQL)顺利通过

    摘要:近日,中国信息通信研究院(简称"中国信通院")公布了第十五批"可信数据库"评测结果.华为云GaussDB(for MySQL)凭借过硬的技术实力顺利通过& ...

  9. 深度解析9种ScheduledThreadPoolExecutor的构造方法

    摘要:今天我们就来一起手撕ScheduledThreadPoolExecutor类的源代码. 本文分享自华为云社区<深度解析ScheduledThreadPoolExecutor类的源代码> ...

  10. 鸿蒙轻内核M核源码分析:中断Hwi

    摘要:本文带领大家一起剖析了鸿蒙轻内核的中断模块的源代码,掌握中断相关的概念,中断初始化操作,中断创建.删除,开关中断操作等. 本文分享自华为云社区<鸿蒙轻内核M核源码分析系列五 中断Hwi&g ...