NSSCTF Crypto靶场练习,21-30wp

文章目录

  • [AFCTF 2018]你能看出这是什么加密么
  • [LitCTF 2023]你是我的关键词(Keyworld)
  • [NSSCTF 2022 Spring Recruit]classic
  • [SWPUCTF 2021 新生赛]crypto4
  • [LitCTF 2023]家人们!谁懂啊,RSA签到都不会 (初级)
  • [SWPUCTF 2021 新生赛]crypto5
  • [LitCTF 2023]Is this only base?
  • [AFCTF 2018]Vigenère
  • [BJDCTF 2020]rsa
  • [SWPUCTF 2021 新生赛]crypto1

[AFCTF 2018]你能看出这是什么加密么

附件打开,RSA加密,根据rsa公式计算。

EXP:

from Crypto.Util.number import long_to_bytes
from gmpy2 import invertp = 0x928fb6aa9d813b6c3270131818a7c54edb18e3806942b88670106c1821e0326364194a8c49392849432b37632f0abe3f3c52e909b939c91c50e41a7b8cd00c67d6743b4f
q = 0xec301417ccdffa679a8dcc4027dd0d75baf9d441625ed8930472165717f4732884c33f25d4ee6a6c9ae6c44aedad039b0b72cf42cab7f80d32b74061
e = 0x10001
c = 0x70c9133e1647e95c3cb99bd998a9028b5bf492929725a9e8e6d2e277fa0f37205580b196e5f121a2e83bc80a8204c99f5036a07c8cf6f96c420369b4161d2654a7eccbdaf583204b645e137b3bd15c5ce865298416fd5831cba0d947113ed5be5426b708b89451934d11f9aed9085b48b729449e461ff0863552149b965e22b6n = p * qphi = (p - 1) * (q - 1)
d = invert(e, phi)
print(long_to_bytes(pow(c, d, n)))

[LitCTF 2023]你是我的关键词(Keyworld)

根据题目描述

题目描述: YOU are my keworld

所以YOU是关键字。找个在线网站解密。

image-20231210175859866

[NSSCTF 2022 Spring Recruit]classic

image-20231210180857875

先用凯撒密码爆破看看

def caesar_cipher_decrypt(ciphertext, shift):result = ""for char in ciphertext:if char.isalpha():if char.islower():result += chr((ord(char) - shift - ord('a')) % 26 + ord('a'))else:result += chr((ord(char) - shift - ord('A')) % 26 + ord('A'))else:result += charreturn resultdef caesar_brute_force_attack(ciphertext):for shift in range(1, 26):decrypted_text = caesar_cipher_decrypt(ciphertext, shift)print(f"Shift {shift}: {decrypted_text}")if __name__ == "__main__":encrypted_text = "UZZJAM{UIXETGR7TMWD42SKTCWEP4AG_mhrlmshnayfihzl}"caesar_brute_force_attack(encrypted_text)#Shift 7: NSSCTF{NBQXMZK7MFPW42LDMVPXI4TZ_fakeflagtrybase}

最后结果为fakeflagtrybase,提示我们常使用base编码

image-20231210180948770

试了一下,发现是base32,得到flag NSSCTF{have_a_nice_tey}

[SWPUCTF 2021 新生赛]crypto4

image-20231210181842593

一道RSA题目,考察素数分解。

用在线网站解一下,发现可以解。得到p和q

image-20231210181834103

EXP:

from gmpy2 import *
from Crypto.Util.number import *e = 0x10001
p= 7221289171488727827673517139597844534869368289455419695964957239047692699919030405800116133805855968123601433247022090070114331842771417566928809956044421
q = 7221289171488727827673517139597844534869368289455419695964957239047692699919030405800116133805855968123601433247022090070114331842771417566928809956045093
c= 10227915341268619536932290456122384969242151167487654201363877568935534996454863939953106193665663567559506242151019201314446286458150141991211233219320700112533775367958964780047682920839507351492644735811096995884754664899221842470772096509258104067131614630939533042322095150722344048082688772981180270243
n= 52147017298260357180329101776864095134806848020663558064141648200366079331962132411967917697877875277103045755972006084078559453777291403087575061382674872573336431876500128247133861957730154418461680506403680189755399752882558438393107151815794295272358955300914752523377417192504702798450787430403387076153
phi = (p-1)*(q-1)
d = invert(e,phi)
print(long_to_bytes(pow(c,d,n)))
# NSSCTF{no_why}

[LitCTF 2023]家人们!谁懂啊,RSA签到都不会 (初级)

简单rsa

image-20231210182214553

套公式。

from gmpy2 import *
from Crypto.Util.number import *p = 12567387145159119014524309071236701639759988903138784984758783651292440613056150667165602473478042486784826835732833001151645545259394365039352263846276073
q = 12716692565364681652614824033831497167911028027478195947187437474380470205859949692107216740030921664273595734808349540612759651241456765149114895216695451
c = 108691165922055382844520116328228845767222921196922506468663428855093343772017986225285637996980678749662049989519029385165514816621011058462841314243727826941569954125384522233795629521155389745713798246071907492365062512521474965012924607857440577856404307124237116387085337087671914959900909379028727767057
e = 65537
n = p*q
phi = (p-1)*(q-1)
d = invert(e,phi)
print(long_to_bytes(pow(c,d,n)))
# LitCTF{it_is_easy_to_solve_question_when_you_know_p_and_q}

[SWPUCTF 2021 新生赛]crypto5

外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传

题目也只给了 flag 和 n,flag应该是加密过后的c;所以先判断出这是RSA加密,接着判断是小明文攻击(低加密指数攻击);小明文攻击的情况就三种,e = 3,e = 2,e = 1;从3开始考虑。运用上面的关键代码:

EXP:

from gmpy2 import *  # python第三方库
from Crypto.Util.number import *c = 25166751653530941364839663846806543387720865339263370907985655775152187319464715737116599171477207047430065345882626259880756839094179627032623895330242655333
n = 134109481482703713214838023035418052567000870587160796935708584694132507394211363652420160931185332280406437290210512090663977634730864032370977407179731940068634536079284528020739988665713200815021342700369922518406968356455736393738946128013973643235228327971170711979683931964854563904980669850660628561419i = 0
while 1:if iroot(c + i * n, 3)[1] == 1:print(long_to_bytes(iroot(c + i * n, 3)[0]))breaki = i + 1# b'NSSCTF{because_i_like}'

得到flag。这里打印了一下 i = 0;实际上是俩种情况中的第一种 m**e < n ,就有c = m**e 相等于直接对c开3次方就可以了。

[LitCTF 2023]Is this only base?

image-20231210220013750

23是 个hint。题目的意思是 这只是base?意思就是除了base还有其他加密或编码。观察文本里有俩个等号,如果是base的话,这俩个等号应该在结尾才对。所以使用栅栏密码解密一下。用hint 23 。之后再base64

image-20231210220157400

出来一个flag的,但是格式不对。再用凯撒密码,试试。爆破一下

def caesar_cipher_decrypt(ciphertext, shift):result = ""for char in ciphertext:if char.isalpha():if char.islower():result += chr((ord(char) - shift - ord('a')) % 26 + ord('a'))else:result += chr((ord(char) - shift - ord('A')) % 26 + ord('A'))else:result += charreturn resultdef caesar_brute_force_attack(ciphertext):for shift in range(1, 26):decrypted_text = caesar_cipher_decrypt(ciphertext, shift)print(f"Shift {shift}: {decrypted_text}")if __name__ == "__main__":encrypted_text = "IfqZQC{IbQ_Rp_E4S3_cR0!!!!!}"caesar_brute_force_attack(encrypted_text)

得到 LitCTF{LeT_Us_H4V3_fU0!!!}

[AFCTF 2018]Vigenère

题目已经给提示了,维吉尼亚密码。

用在线网站解密https://www.guballa.de/vigenere-solver

image-20231211220559503

[BJDCTF 2020]rsa

image-20231211224352244

有一个 assert(e<100000) 的条件可以利用。

俩个模数n,以及同一个q,可以先用共享素数攻击,可以得到p和q1。

又因为我们知道了一组明文和密文(294)所以可以利用这里 爆破出 e 来。根据 294 ** e % n1 == c1

之后就可以用解出flag了。

from Crypto.Util.number import long_to_bytes
from gmpy2 import gcd, invertflag = 12641635617803746150332232646354596292707861480200207537199141183624438303757120570096741248020236666965755798009656547738616399025300123043766255518596149348930444599820675230046423373053051631932557230849083426859490183732303751744004874183062594856870318614289991675980063548316499486908923209627563871554875612702079100567018698992935818206109087568166097392314105717555482926141030505639571708876213167112187962584484065321545727594135175369233925922507794999607323536976824183162923385005669930403448853465141405846835919842908469787547341752365471892495204307644586161393228776042015534147913888338316244169120
n1 = 13508774104460209743306714034546704137247627344981133461801953479736017021401725818808462898375994767375627749494839671944543822403059978073813122441407612530658168942987820256786583006947001711749230193542370570950705530167921702835627122401475251039000775017381633900222474727396823708695063136246115652622259769634591309421761269548260984426148824641285010730983215377509255011298737827621611158032976420011662547854515610597955628898073569684158225678333474543920326532893446849808112837476684390030976472053905069855522297850688026960701186543428139843783907624317274796926248829543413464754127208843070331063037
n2 = 12806210903061368369054309575159360374022344774547459345216907128193957592938071815865954073287532545947370671838372144806539753829484356064919357285623305209600680570975224639214396805124350862772159272362778768036844634760917612708721787320159318432456050806227784435091161119982613987303255995543165395426658059462110056431392517548717447898084915167661172362984251201688639469652283452307712821398857016487590794996544468826705600332208535201443322267298747117528882985955375246424812616478327182399461709978893464093245135530135430007842223389360212803439850867615121148050034887767584693608776323252233254261047
q = gcd(n1, n2)
print(q)
p1 = n1 // q
print(p1)
phi = (q - 1) * (p1 - 1)
c1 = 381631268825806469518166370387352035475775677163615730759454343913563615970881967332407709901235637718936184198930226303761876517101208677107311006065728014220477966000620964056616058676999878976943319063836649085085377577273214792371548775204594097887078898598463892440141577974544939268247818937936607013100808169758675042264568547764031628431414727922168580998494695800403043312406643527637667466318473669542326169218665366423043579003388486634167642663495896607282155808331902351188500197960905672207046579647052764579411814305689137519860880916467272056778641442758940135016400808740387144508156358067955215018
e = 1
for i in range(100000):if 294 ** i % n1 == c1:e = ibreak
print(e)
d = invert(e, phi)
print(long_to_bytes(pow(flag,d,n1)))

爆破需要一点时间。

image-20231211224736802

这一题还有hint,e = 52361 。。。。。。。

[SWPUCTF 2021 新生赛]crypto1

image-20231211224907612

也是RSA,有了e1*e2的值。也是可以用爆破,依次爆e1和e2的值。爆出来后就用共模攻击,可以得到俩个贝祖系数。

EXP:

from Crypto.Util.number import long_to_bytes
from gmpy2 import iroot, gcdextc1 = 463634070971821449698012827631572665302589213868521491855038966879005784397309389922926838028598122795187584361359142761652619958273094398420314927073008031088375892957173280915904309949716842152249806486027920136603248454946737961650252641668562626310035983343018705370077783879047584582817271215517599531278507300104564011142229942160380563527291388260832749808727470291331902902518196932928128107067117198707209620169906575791373793854773799564060536121390593687449884988936522369331738199522700261116496965863870682295858957952661531894477603953742494526632841396338388879198270913523572980574440793543571757278020533565628285714358815083303489096524318164071888139412436112963845619981511061231001617406815056986634680975142352197476024575809514978857034477688443230263761729039797859697947454810551009108031457294164840611157524719173343259485881089252938664456637673337362424443150013961181619441267926981848009107466576314685961478748352388452114042115892243272514245081604607798243817586737546663059737344687130881861357423084448027959893402445303299089606081931041217035955143939567456782107203447898345284731038150377722447329202078375870541529539840051415759436083384408203659613313535094343772238691393447475364806171594
c2 = 130959534275704453216282334815034647265875632781798750901627773826812657339274362406246297925411291822193191483409847323315110393729020700526946712786793380991675008128561863631081095222226285788412970362518398757423705216112313533155390315204875516645459370629706277876211656753247984282379731850770447978537855070379324935282789327428625259945250066774049650951465043700088958965762054418615838049340724639373351248933494355591934236360506778496741051064156771092798005112534162050165095430065000827916096893408569751085550379620558282942254606978819033885539221416335848319082054806148859427713144286777516251724474319613960327799643723278205969253636514684757409059003348229151341200451785288395596484563480261212963114071064979559812327582474674812225260616757099890896900340007990585501470484762752362734968297532533654846190900571017635959385883945858334995884341767905619567505341752047589731815868489295690574109758825021386698440670611361127170896689015108432408490763723594673299472336065575301681055583084547847733168801030191262122130369687497236959760366874106043801542493392227424890925595734150487586757484304609945827925762382889592743709682485229267604771944535469557860120878491329984792448597107256325783346904408
n = 609305637099654478882754880905638123124918364116173050874864700996165096776233155524277418132679727857702738043786588380577485490575591029930152718828075976000078971987922107645530323356525126496562423491563365836491753476840795804040219013880969539154444387313029522565456897962200817021423704204077133003361140660038327458057898764857872645377236870759691588009666047187685654297678987435769051762120388537868493789773766688347724903911796741124237476823452505450704989455260077833828660552130714794889208291939055406292476845194489525212129635173284301782141617878483740788532998492403101324795726865866661786740345862631916793208037250277376942046905892342213663197755010315060990871143919384283302925469309777769989798197913048813940747488087191697903624669415774198027063997058701217124640082074789591591494106726857376728759663074734040755438623372683762856958888826373151815914621262862750497078245369680378038995425628467728412953392359090775734440671874387905724083226246587924716226512631671786591611586774947156657178654343092123117255372954798131265566301316033414311712092913492774989048057650627801991277862963173961355088082419091848569675686058581383542877982979697235829206442087786927939745804017455244315305118437
e1e2 = 3087
for e1 in range(2, 3087):if e1e2 % e1 == 0:  # 爆破可整除的ee2 = e1e2 // e1s, s1, s2 = gcdext(e1, e2)c = (pow(c1, s1, n) * pow(c2, s2, n)) % nm = long_to_bytes(iroot(c,s)[0])if m[0:6] == b'NSSCTF':print(m)

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.hqwc.cn/news/267364.html

如若内容造成侵权/违法违规/事实不符,请联系编程知识网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

使用Microsoft Dynamics AX 2012 - 7. 库存管理

使用Microsoft Dynamics AX 2012 - 7. 库存管理

库存和仓库管理的主要职责是按数量和价值控制物料库存。若要完成此任务&#xff0c;您只能通过过帐库存交易记录来更改Dynamics AX中的库存&#xff0c;而这些交易记录之前需要在凭证中注册。 因此&#xff0c;库存中的当前数量始终是物料出库和入库交易记录的总和。大多数交易…
阅读更多...
线程_D3(2023-12-11)

线程_D3(2023-12-11)

0> XMind
阅读更多...
ChatGPT能帮助--掌握各种AI绘图工具,随意生成各类型性图像

ChatGPT能帮助--掌握各种AI绘图工具,随意生成各类型性图像

2023年随着OpenAI开发者大会的召开&#xff0c;最重磅更新当属GPTs&#xff0c;多模态API&#xff0c;未来自定义专属的GPT。微软创始人比尔盖茨称ChatGPT的出现有着重大历史意义&#xff0c;不亚于互联网和个人电脑的问世。360创始人周鸿祎认为未来各行各业如果不能搭上这班车…
阅读更多...
google突然就发布了Gemini

google突然就发布了Gemini

一天就被刷屏了。 google发布Gemini多模态大模型&#xff0c;还发布了一个几分钟的视频&#xff0c;我相信看完视频都会说一句&#xff1a;NB。 视频可以去B站或者其他地方搜 Gemini。 感觉机器不仅有脑子了&#xff0c;还长眼睛了。 Gemini是原生多模态大模型&#xff0c;…
阅读更多...
数据库系列之简要对比下GaussDB和OpenGauss数据库

数据库系列之简要对比下GaussDB和OpenGauss数据库

GaussDB作为一款企业级的数据库产品&#xff0c;和开源数据库OpenGauss之间又是什么样的关系&#xff0c;刚开始接触的时候是一头雾水&#xff0c;因此本文简要对比下二者的区别&#xff0c;以加深了解。 1、GaussDB和OpenGauss数据库简要对比 GaussDB是华为基于PostgreSQL数据…
阅读更多...
PyQt6 表单布局Form Layout (QFormLayout)

PyQt6 表单布局Form Layout (QFormLayout)

锋哥原创的PyQt6视频教程&#xff1a; 2024版 PyQt6 Python桌面开发 视频教程(无废话版) 玩命更新中~_哔哩哔哩_bilibili2024版 PyQt6 Python桌面开发 视频教程(无废话版) 玩命更新中~共计43条视频&#xff0c;包括&#xff1a;2024版 PyQt6 Python桌面开发 视频教程(无废话版…
阅读更多...
ERROR: [BD 41-237] Bus Interface property FREQ_HZ does not match between

ERROR: [BD 41-237] Bus Interface property FREQ_HZ does not match between

在自定义IP出现以上错误时可以通过双击模块clk属性 如果是灰色无法二次编辑时&#xff0c;在封装IP时&#xff0c;选择以下菜单
阅读更多...
文献计量学方法与应用、主题确定、检索与数据采集、VOSviewer可视化绘图、Citespace可视化绘图、R语言文献计量学绘图分析

文献计量学方法与应用、主题确定、检索与数据采集、VOSviewer可视化绘图、Citespace可视化绘图、R语言文献计量学绘图分析

目录 一、文献计量学方法与应用简介 二、主题确定、检索与数据采集 三、VOSviewer可视化绘图 四、Citespace可视化绘图 五、R语言文献计量学绘图分析 六、论文写作 七、论文投稿 更多应用 文献计量学是指用数学和统计学的方法&#xff0c;定量地分析一切知识载体的交叉…
阅读更多...
【组合数学】递推关系

【组合数学】递推关系

目录 1. 递推关系建立2. 常系数齐次递推关系的求解3. 常系数非齐次递推关系的求解4. 迭代法 1. 递推关系建立 给定一个数的序列 f ( 0 ) , f ( 1 ) , . . . , f ( n ) , . . . , f (0), f(1), ..., f(n ),... , f(0),f(1),...,f(n),..., 若存在整数 n 0 n_0 n0​ &#xff…
阅读更多...
数据库系统(二)数据库关系代数 | 选择 投影 笛卡尔积 自然连接 外连接等

数据库系统(二)数据库关系代数 | 选择 投影 笛卡尔积 自然连接 外连接等

文章目录 1 单张表运算1.1 选择1.2 投影 2 多张表之间运算2.1 笛卡尔积2.2 Theta连接 操作2.3 自然连接操作2.4 外连接2.5 并&#xff0c;交&#xff0c;差运算2.6 除法 3 其他3.1 赋值操作3.2 重命名 1 单张表运算 1.1 选择 选择就是从一个表中选择满足条件的一些元组 “Pr…
阅读更多...
APP自动化测试工具大全

APP自动化测试工具大全

一、UI自动化测试工具 1. uiautomator2 openatx开源的ui自动化工具&#xff0c;支持Android和iOS。主要面向的编程语言是Python&#xff0c;API设计简洁易用&#xff0c;在开源社区也是很受欢迎。 安装&#xff1a; pip install --upgrade --pre uiautomator2# Or you can …
阅读更多...
day23_jdbc详解

day23_jdbc详解

JDBC JDBC概述 什么jdbc Java DataBase Connectivity是一种用于执行SQL语句的Java API&#xff0c;它由一组用Java语言编写的类和接口组成。通过这些类和接口&#xff0c;JDBC把SQL语句发送给不同类型的数据库进行处理并接收处理结果。 jdbc的作用 提供java 操作不同数据库…
阅读更多...
推荐文章
最新文章

Copyright @ 2022~2023