主页 > 创业 >

2023-Moectf-wp

创业
2025-09-21 01:00:02

不包含web； misc；pwn；web misc太基础；pwn不会！！我是菜鸡

一：古典密码 1、ezrot

考点：ROT系列

题解：

（1）题目

@64E7LC@Ecf0:D0;FDE020D:>!=60=6EE6C0DF3DE:EFE:@?04:!96C0tsAJdEA6d;F}%0N

rot系列解密得到flag

oectf{rot47_is_just_a_simPle_letter_substitution_ciPher_EDpy5tpe5juNT_}

2、vigenere

考点：vigenere

题解：

（1）题目

scsfct{wOuSQNfF_IWdkNf_Jy_o_zLchmK_voumSs_zvoQ_loFyof_FRdiKf_4i4x4NLgDn}

开头是moectf；可以推测出密钥为goodjob

moectf{vIgENErE_CIphEr_Is_a_lIttlE_hardEr_thaN_caEsar_CIphEr_4u4u4EXfXz} 3、不是“皇帝的新密码”

考点：vigenere

题解：

（1)题目：

scsfct{wOuSQNfF_IWdkNf_Jy_o_zLchmK_voumSs_zvoQ_loFyof_FRdiKf_4i4x4NLgDn}

（2）还是vigenere

4、可可的新围墙

考点：栅栏密码

题解：

moectf{F3nc3_ciph3r_shiFTs_3ach_l3TT3r_By_a_Giv3n_nuMB3r_oF_plac3s_Ojpj} 5、猫言喵语

考点：

题解：

（1）题目

喵喵？喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵喵喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵喵喵喵喵喵喵？喵喵喵喵喵？喵喵喵喵喵喵喵喵喵喵喵？喵喵喵喵喵喵喵喵喵喵喵？喵喵喵喵喵喵喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵？喵喵喵喵喵喵喵喵？喵喵？喵喵？喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵喵喵喵喵喵喵？喵喵喵喵喵？喵喵？喵喵喵喵喵喵喵喵？喵喵？喵喵喵喵喵？喵喵喵喵喵？喵喵喵喵喵？喵喵喵喵喵喵喵喵？

（2）Morse code”，是摩斯密码；斯密码只有两种符号，所以得把文件内容根据特征划分成两块。内容中的空格相当于分隔符，根据观察，可以看出”喵喵？”是一组，”喵喵喵”是一组，根据这个规律进行转换，得到如下内容

./----/-/--..-./.-./-./-../-./--/--/--..-./.-.-/-././--..-./.---/--././--..-./.---/-/--..-./.-.-/-./-.--/-.--/-/.--/--..-./..-/.../--./..--/--/--..-./.---/.-../--..-./-.-/.--. moectf{THE_KAWAII_CAT_BUT_BE_CALLED_GOUZI_BY_RX} 二：Reverse 1、“天网”

考点：so文件提取分析

参考链接： blog.csdn.net/ULGANOY/article/details/136780906

2、ANDROID

考点：APK逆向

题解：

（1)签到题目

用户输入一个字符串；然后与key进行异或操作之后与enc进行比较

enc = [25, 7, 0, 14, 27, 3, 16, ord('/'), 24, 2, ord('\t'), ord(':'), 4, 1, ord(':'), ord('*'), 11, 29, 6, 7, ord('\f'), ord('\t'), ord('0'), ord('T'), 24, ord(':'), 28, 21, 27, 28, 16] key = ['t', 'h', 'e', 'm', 'o', 'e', 'k', 'e', 'y'] def decrypt(enc, key): result = [] key_length = len(key) for i in range(len(enc)): # 对每个字符进行 XOR 操作 decrypted_char = enc[i] ^ ord(key[i % key_length]) result.append(chr(decrypted_char)) return ''.join(result) decrypted_text = decrypt(enc, key) print("解密后的字符串:", decrypted_text) 3、Base64

考点：bse64魔改 pyc在线反编译

题解：

(1)pyc文件；首先在线反编译拿到源码

import base64 from string import * str1 = 'yD9oB3Inv3YAB19YynIuJnUaAGB0um0=' string1 = 'ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba0123456789+/' string2 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' flag = input('welcome to moectf\ninput your flag and I wiil check it:') enc_flag = base64.b64encode(flag.encode()).decode() enc_flag = enc_flag.translate(str.maketrans(string2, string1)) if enc_flag == str1: print('good job!!!!') else: print('something wrong???') exit(0)

（2）简单的一个换表base64；用户输入字符串之后base64加密与目标值进行对比；解密str1就行

import base64 str1 = 'yD9oB3Inv3YAB19YynIuJnUaAGB0um0=' string1 = 'ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba0123456789+/' string2 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' translation_table = str.maketrans(string1, string2) replaced_str = str1.translate(translation_table) try: flag = base64.b64decode(replaced_str).decode() print("解密后的 flag:", flag) except Exception as e: print("解密失败:", e) 4、EQUATION

考点:Z3求解

5、GUI

考点：签到题目：只是增加了一个反调试而已

data= [0x0F, 0x3E, 0x30, 0x27, 0x13,0x01, 0x7D, 0x70, 0x70, 0x03,0x7D, 0x38, 0x0E, 0x7A, 0x23,0x7C, 0x0B, 0x1A, 0x3C, 0x7D,0x39, 0x7F, 0x3C, 0x4D, 0x4D,0x4D, 0x29] for i in data: print(chr((i ^ 0x51) + 5), end='') 6、RRRRRc4

考点：RC4

题解：

（1）题目

sub_7FF710DF3581("welcome to moectf!!!"); sub_7FF710DF3581("This is a very common algorithm "); sub_7FF710DF3581("show your flag:"); sub_7FF710DF27F8("%s", input); // 输入 if ( sumlen(input) == 37 ) // 验证输入长度 { RC4((int)v5, (int)v6, (int)input, 38, (__int64)v7, 10);// RC4加密 for ( j = 0; (unsigned __int64)j < 0x26; ++j ) { if ( enc[j] == (unsigned __int8)input[j] )// RC4加密之后与enc内容比较 ++v8; } } if ( v8 == 37 ) sub_7FF710DF3973("right!flag is your input!"); else sub_7FF710DF3973("try again~"); sub_7FF710DF4BCF(v3, &unk_7FF710EE2100); return 0i64;

用户就是输入字符串之后然后进行RC4加密；然后在与enc进行比较；现在就需要找到密钥就行，密文已经知道；简单调试以下就知道密钥是v7

然后直接RC4解密

def rc4_decrypt(ciphertext, key): S = list(range(256)) # 初始化 S-box j = 0 key_length = len(key) for i in range(256): j = (j + S[i] + key[i % key_length]) % 256 S[i], S[j] = S[j], S[i] # 交换 S[i] 和 S[j] i = j = 0 plaintext = [] for byte in ciphertext: i = (i + 1) % 256 j = (j + S[i]) % 256 S[i], S[j] = S[j], S[i] # 交换 S[i] 和 S[j] k = S[(S[i] + S[j]) % 256] # 生成伪随机字节 plaintext.append(byte ^ k) # 异或解密 return bytes(plaintext) enc = [ 27, 155, 251, 25, 6, 106, 181, 59, 124, 186, 3, 243, 145, 184, 182, 61, 138, 193, 72, 46, 80, 17, 231, 199, 79, 177, 39, 207, 243, 174, 3, 9, 178, 8, 251, 220, 34 ] key = b"moectf2023" plaintext = rc4_decrypt(enc, key) print("解密结果:", plaintext.decode('utf-8', errors='ignore')) 7、RUST

考点：XOR

题解：

（1）首先搜索定位main函数（2）分析main函数；发现了数据和异或操作；输入的值和0x88进行异或操作

v25 = [ -27, -25, -19, -21, -4, -18, -13, -38, -3, -5, -4, -41, -6, -19, -2, -41, -1, -31, -28, -28, -41, -22, -19, -41, -23, -1, -18, -3, -71, -11 ] v25_unsigned = [x & 0xFF for x in v25] xor_key = 0x88 decrypted = [] for byte in v25_unsigned: decrypted.append(byte ^ xor_key) flag = ''.join([chr(b) for b in decrypted]) print("解密结果:", flag) 8、Reverse入门指北

考点：签到；flag直接放你脸上了

moectf{F1rst_St3p_1s_D0ne}

9、SMC

考点：动态调试 SMC

（1）main函数

sub_401087(aPlzInputYourFl, v4); sub_401023(aS, (char)v6); sub_4011E0();//SMC函数 if ( sub_401050(v6) ) sub_401087(aGood, v5); else sub_401087(aTryAgainPlease, v5); return 0; }

发现SMC函数对sub_401050函数进行了加密；无法查看sub_401050函数；需要先调试对sub_401050函数解密；然后再看解密逻辑；发现就一个异或的逻辑；解密就行

10、UPX!

考点：upx脱壳

题解：

（1)首先脱壳处理；定位main函数很简单；输入内容；然后与0x67异或；最后和enc比较；提取enc内容逆向

enc = [ 10, 8, 2, 4, 19, 1, 28, 87, 15, 56, 30, 87, 18, 56, 44, 9, 87, 16, 56, 47, 87, 16, 56, 19, 8, 56, 53, 2, 17, 84, 21, 20, 2, 56, 50, 55, 63, 70, 70, 70, 26 ] xor_key = 0x67 decrypted = [] for byte in enc: decrypted.append(byte ^ xor_key) flag = ''.join([chr(b) for b in decrypted]) print("解密结果:", flag) 11、Xor

考点：XOR

enc = [ 84, 86, 92, 90, 77, 95, 66, 96, 86, 76, 102, 82, 87, 9, 78, 102, 81, 9, 78, 102, 77, 9, 102, 97, 9, 107, 24, 68 ] xor_key = 0x39 decrypted = [] for byte in enc: decrypted.append(byte ^ xor_key) flag = ''.join([chr(b) for b in decrypted]) print("解密结果:", flag) 12、ezandroid

考点：APK逆向迷宫问题 so文件

题解：

（1）定位代码：提示Try to reverse the native lib!

（2）将apk修改为zip找so文件；将so文件进行逆向

while ( 2 ) { v3 = 0; if ( *a1 ) v3 = *v4 != 42; if ( v3 ) { v1 = a1++; switch ( *v1 ) { case 'a': --v4; continue; case 'd': ++v4; continue; case 's': v4 += 15; continue; case 'w': v4 -= 15; continue; default: v6 = 0; break; } } else { v6 = *v4 == 35; } break; } return v6; }

找到了迷宫和迷宫函数；那么正确的路径就是flag (15个一行）ssaassssdddddwwddddssss

13、junk_code

考点：花指令

题解：

（1)sub_45A9A0((int)Str, 18)和sub_459EBF((int)v7, 18)加密函数被加了花指令；无法反汇编；首先nop掉花指令（2）nop花指令（3）分析sub_459EBF函数发现是简单的XOR操作

for ( i = 0; i < MaxCount; ++i ) Str2[i] ^= 0x66u;

还原得到一部分flag _th3_junk_c0d3!!!}

encrypted_data = [ 57, 18, 14, 85, 57, 12, 19, 8, 13, 57, 5, 86, 2, 85, 71, 71, 71, 27 ] xor_key = 0x66 decrypted_data = [] for byte in encrypted_data: decrypted_data.append(byte ^ xor_key) flag = ''.join([chr(b) for b in decrypted_data]) print("解密结果:", flag)

分析sub_45A9A0函数逆向还原得到第二部分flag

# 密文数组 encrypted_data = [ 0x68, 0x6A, 0x60, 0x5E, 0x6F, 0x61, 0x76, 0x74, 0x2B, 0x70, 0x5A, 0x6D, 0x60, 0x68, 0x2B, 0x71, 0x2E, 0x5F ] decrypted_data = [] for byte in encrypted_data: decrypted_data.append(byte + 5) flag = ''.join([chr(b) for b in decrypted_data]) print("解密结果:", flag) 14、unwind

考点：tea加密反调试

题解：

（1）根据题目提示是tea加密和SEH；定位main函数发现有混淆的操作和反调试；我先将MEMORY[0] = 0;的汇编代码nop掉就可以去除混淆操作了

nop掉这一段然后nop掉mov；去除反调试函数可以看出是TEA加密；提取一下密文

#include <stdint.h> #include<stdio.h> #include<iostream> using namespace std; void tea_decrypt(uint32_t* v, uint32_t* k) { uint32_t sum = 0xC6EF3720; uint32_t delta = 0x9e3779b9; uint32_t v0 = v[0], v1 = v[1]; uint32_t k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3]; for (int i = 0; i < 32; i++) { v1 -= ((v0 << 4) + k2) ^ (v0 + sum) ^ ((v0 >> 5) + k3); v0 -= ((v1 << 4) + k0) ^ (v1 + sum) ^ ((v1 >> 5) + k1); sum -= delta; } v[0] = v0; v[1] = v1; } void fun(uint32_t *plaintext, uint32_t *key,int ok ) { tea_decrypt(plaintext, key); for (int i = 0 ; i < 2 ; i ++ ) { int tmp = plaintext[i]; while (tmp) { if(ok) printf("%c", tmp % 0x100); tmp /= 0x100; } } } int main() { //0x55, 0x1A, 0x27, 0x6D, 0xEA, 0x8E, 0x4C, 0x5A unsigned int byte_B8A000[16] = { 3832275802u, 1325565702u, 3251494723u, 3681261687u, 2571319439u, 3038942179u, 481361187u, 3471762405u, 732765487u, 4187493796u, 4196789208u, 1924604267u, 775095225u, 2079018201u, 4182288373u, 4231568784u, }; uint32_t key[18] = {959666244, 13872, 0, 0, 1952673636u, 3371631u, 0u, 0u, 827872582u, 1431916353u, 78u, 0u, 1702245202u, 1919248754u, 0u, 0u, }; int cd = 0; for (int i = 0 ; i < 8 ; i += 2) { fun(byte_B8A000 + i, key + cd , 1); cd += 4; } cd = 0; for (int i = 8 ; i < 16 ; i += 2) { fun(byte_B8A000 + i, key + cd , 0); cd += 4; } cd= 0; for (int i = 8 ; i < 16 ; i += 2 , 1) { fun(byte_B8A000 + i, key + cd,1); cd += 4; } }

moectf{WoOo00Oow_S0_interesting_y0U_C4n_C41l_M3tW1c3_BY_Unw1Nd~}

三：Crypto 1、ABC

考点：二进制转二维码

题解：

（1)题目给出了a.npy b.npy c.npy Code in My Matrix A∗B∗CA∗B∗C；题目要求计算矩阵的乘积 A×B×CA×B×C，其中 AA、BB、CC 是从 .npy 文件中加载的矩阵

import numpy as np # 从 .npy 文件中加载矩阵 A = np.load('a.npy') B = np.load('b.npy') C = np.load('c.npy') # 计算矩阵乘积 A * B * C result = np.dot(np.dot(A, B), C) # 输出结果 print("Result of A * B * C:") print(result)

得到了一个矩阵只包含 -1 1；猜测是二进制转二维码

import numpy as np # 给定的二进制矩阵 binary_matrix = np.array([ [0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0], [0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0], [0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 0], [0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0], [0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0], [0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0], [0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0], [1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1], [1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0], [1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1], [0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0], [1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1], [0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0], [0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1], [1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0], [0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0], [1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1], [0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0], [0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1], [1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0], [0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1], [1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1], [0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0], [0, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0], [0, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1], [0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0], [0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1], [0, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1], [0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1] ]) # 将二进制矩阵转换为二进制字符串 binary_string = ''.join(str(bit) for row in binary_matrix for bit in row) print("Binary String:", binary_string)

然后二进制转二维码（在线）

扫码得到flag

moectf{U_C4n_D0_uR_AipH4_B_See_2023}

2、Crypto 入门指北

考点：rsa

题解：

（1）题目给了一个python脚本；运行就是flag

moectf{weLCome_To_moeCTf_CRypTo_And_enjoy_THis_gAme!_THis_is_yoUR_fLAg!} 3、baby_e

考点：RSA—小e攻击（低解密指数攻击）

题解：

（1）属于比较弱智的题目：直接上脚本

from gmpy2 import iroot import libnum e= n= k = 0 while 1: res=iroot(c+k*n,7) if(res[1]==True): print(libnum.n2s(int(res[0]))) break k=k+1 3、bad_E

考点：RSA-e phi有限域不互素

from gmpy2 import * from Crypto.Util.number import * e = 65537 p= q= c= n = p * q phi_n = (p - 1) * (q - 1) print(gcd(e, p - 1)) d = invert(e, (q - 1)) m = pow(c, d, q) print(long_to_bytes(m)) 4、bad_random

考点：MD5爆破

from itertools import product import string import hashlib target_hash = "83990600a2ddb3a57dd150050df128f3" suffix = "ZhZe" # 生成所有4位字母+数字组合（共36^4=1,679,616种） charset = string.digits + string.ascii_letters # 0-9 + a-z + A-Z for chars in product(charset, repeat=4): candidate = ''.join(chars) + suffix if hashlib.md5(candidate.encode()).hexdigest() == target_hash: print(f"Found: {''.join(chars)}") exit() 5、crypto指北

考点：RSA

from Crypto.Util.number import * # 一个非常好用的crypto库 p = 0xe82a76eeb5ac63e054128e040171630b993feb33e0d3d38fbb7c0b54df3a2fb9b5589d1205e0e4240b8fcb4363acaa4c3c44dd6e186225ebf3ce881c7070afa7 q = 0xae5c2e450dbce36c8d6d1a5c989598fc01438f009f9b4c29352d43fd998d10984d402637d7657d772fb9f5e4f4feee63b267b401b67704979d519ad7f0a044eb c = 0x4016bf1fe655c863dd6c08cbe70e3bb4e6d4feefacaaebf1cfa2a8d94051d21e51919ea754c1aa7bd1674c5330020a99e2401cb1f232331a2da61cb4329446a17e3b9d6b59e831211b231454e81cc8352986e05d44ae9fcd30d68d0ce288c65e0d22ce0e6e83122621d2b96543cec4828f590af9486aa57727c5fcd8e74bd296 e = 65537 n = p*q phi = (p-1) * (q-1) # 你知道什么是欧拉函数吗 [1] d = pow(e, -1, phi) # 什么是乘法逆元？ [2] m = pow(c,d,n) print(long_to_bytes(m)) 6、ez_chain

考点：AES加密

题解：不会！

7、factor_signin

考点:RSA分解n

8、factorize_me!

题解：RSA

(1)题目

from Crypto.Util.number import getPrime from math import prod from sympy import nextprime from random import choices with open('flag.txt', 'rb') as fs: flag = fs.read().strip() primes = [getPrime(512) for _ in range(9)]#生成9个512素数 print(f"{prod(primes) = }")#输出素数的乘积 print(f"{prod(p - 1 for p in primes) = }")#每个素数减1的成绩 primes2 = [nextprime(p) for p in choices(primes, k=3)]#选取三个素数 n = prod(primes2)#三个素数的成绩 e = 65537 c = pow(int.from_bytes(flag, 'big'), e, n) print(f'n = {n}') print(f'e = {e}') print(f'c = {c}')

（2）解密：很简单的一个逻辑

from Crypto.Util.number import * e = 65537 c = 841335863342518623856757469220437045493934999201203757845757404101093751603513457430254875658199946020695655428637035628085973393246970440054477600379027466651143466332405520374224855994531411584946074861018245519106776529260649700756908093025092104292223745612991818151040610497258923925952531383407297026038305824754456660932812929344928080812670596607694776017112795053283695891798940700646874515366341575417161087304105309794441077774052357656529143940010140 p = 6991223361118904775931217829045348785013077549030883418924453538830605687999480005714979700653172534877541317997174968789510984315425270755055110913347349 q = 9987009117206906203158749743824168660291275882852229158070368815160479543708376165641735042845357978292384303332559592302507789120810447986634662721490849 r = 12876877424944854147075816504195994138450356002779004886384584287813869165469217718717854027672044903401715370348223932937626725119320180795716270261309141 n = p * q * r phi = (p-1)*(q-1)*(r-1) d = pow(e,-1,phi) m = pow(c,d,n) print(long_to_bytes(m)) #moectf{you_KNow_how_to_faCtorize_N_right?_9?WPIBung6?WPIBung6?WPIBund6?} 9、feistel

考点：DES Feistel算法

题解：（1）有点类似于==梅森旋转算法==

题目：

from Crypto.Util.number import * round = 2 flag = open("./secret", "rb").read().strip() def f(m, key): m = m ^ (m >> 4) m = m ^ (m << 5) m = m ^ (m >> 8) m ^= key m = (m * 1145 + 14) % 2**64 m = (m * 1919 + 810) % 2**64 m = (m * key) % 2**64 return m def enc(m, key, round): key = bytes_to_long(key) left = bytes_to_long(m[:8]) right = bytes_to_long(m[8:]) for i in range(round): left, right = right, f(right, key) ^ left left, right = right, left return long_to_bytes(left).rjust(8, b"\x00") + long_to_bytes(right).rjust(8, b"\x00") def padding(m): mlen = len(m) pad = 16 - mlen % 16 return m + pad * bytes([pad]) def ecb_enc(m, key): m = padding(m) mlen = len(m) c = b"" for i in range(mlen // 16): c += enc(m[i * 16 : i * 16 + 16], key, round) return c print(ecb_enc(flag, b"wulidego")) # b'\x0b\xa7\xc6J\xf6\x80T\xc6\xfbq\xaa\xd8\xcc\x95\xad[\x1e\'W5\xce\x92Y\xd3\xa0\x1fL\xe8\xe1"^\xad'

feistel加密结构，加解密过程一样，就是轮密钥相反；而这里每轮密钥都是wulidego，所以说这个加解密是完全一样的

moectf{M@g1cA1_Encr1tion!!!} 10、feistel_promax

考点：DES Feistel算法

题解：

（1）相比于上一题，这题key不知，仅根据此条件根本无从下手，不过观察仔细的话会发现最后一行，加密的主体是padding(flag)，而加密过程中又进行了一次padding，所以说进行了两次padding

from Crypto.Util.number import * round = 2 def f(m, key): m = m ^ (m >> 4) m = m ^ (m << 5) m = m ^ (m >> 8) m ^= key m = (m * 1145 + 14) % 2**64 m = (m * 1919 + 810) % 2**64 m = (m * key) % 2**64 return m def dec(m, key, round): key = bytes_to_long(key) left = bytes_to_long(m[:8]) right = bytes_to_long(m[8:]) for i in range(round): left, right = right, f(right, key) ^ left left, right = right, left return long_to_bytes(left).rjust(8, b"\x00") + long_to_bytes(right).rjust(8, b"\x00") def ecb_dec(c, key): clen = len(c) m = b"" for i in range(clen // 16): m += dec(c[i * 16 : i * 16 + 16], key, 2) return m m = b'\x10\x10\x10\x10\x10\x10\x10\x10' ct = b'B\xf5\xd8gy\x0f\xaf\xc7\xdf\xabn9\xbb\xd0\xe3\x1e0\x9eR\xa9\x1c\xb7\xad\xe5H\x8cC\x07\xd5w9Ms\x03\x06\xec\xb4\x8d\x80\xcb}\xa9\x8a\xcc\xd1W\x82[\xd3\xdc\xb4\x83P\xda5\xac\x9e\xb0)\x98R\x1c\xb3h' c = bytes_to_long(ct[-8:]) ^ bytes_to_long(m) bin_c = bin(c)[2:].rjust(64,'0') # = f(M[8:],key)，其中M = m * 2 k1 = [b''] for i in range(1,5): k2 = [] for KEY in k1: for j in range(2**16): key1 = long_to_bytes(j) + KEY cc = f(bytes_to_long(m),bytes_to_long(key1)) # = f(M[8:],key) bin_cc = bin(cc)[2:].rjust(64,'0') if bin_cc[-16*i:] == bin_c[-16*i:]: k2.append(key1) k1 = k2 # print(k1) # k1= [b'4t*zFD\xac\xb4', b'\xb4t*zFD\xac\xb4', b'\\q\x0f\x00w\xeb\xc1"', b'\xdcq\x0f\x00w\xeb\xc1"'] for KEY in k1: flag = ecb_dec(ct,KEY) print(flag) # moectf{F_func_1s_n1t_Ve5y_$EcU%e} 11、giant_e

考点：rsa-维纳攻击

题解：

（1）题目给出的e很大；猜测可能是维纳攻击

12、minipack

考点：

13、n&n

考点：RSA—共模攻击

import gmpy2 from Crypto.Util.number import getPrime,long_to_bytes e1 = e2 = n = c1 = c2 = _,s1, s2 = gmpy2.gcdext(e1, e2) m = pow(c1, s1, n) * pow(c2, s2, n) % n print(long_to_bytes(m)) 14、rsa_signin

考点：RSA—广播攻击

题解：

（1）题目给出了多组nc ；可能是广播攻击或者中国剩余定理；最后发现是广播攻击

from Crypto.Util.number import * from gmpy2 import * e = 65537 n1 = 17524722204224696445172535263975543817720644608816706978363749891469511686943372362091928951563219068859089058278944528021615923888948698587206920445508493551162845371086030869059282352535451058203615402089133135136481314666971507135484450966505425514285114192275051972496161810571035753943880190780759479521486741046704043699838021850105638224212696697865987677760179564370167062037563913329993433080123575434871852732981112883423565015771421868680113407260917902892944119552200927337996135278491046562185003012971570532979090484837684759828977460570826320870379601193678304983534424368152743368343335213808684523217 c1 = 6870605439714128574950893771863182370595667973241984289208050776870220326525943524507319708560433091378319367164606150977103661770065561661544375425887970907060665421562712515902428061727268441585629591525591001533188276465911918724808701356962871139957343861919730086334623932624184172272488406793955068827527130338853980609365042071290967556159598511667974987218999253443575482949258292953639729393456515185185102248985930422080581185292420347510600574229080211050520146551505605537486989306457793451086767402197128573781597156939709237045132856159368959981648969874765462190363842275826077556314448408825308218451 n2 = 24974121071274650888046048586598797033399902532613815354986756278905133499432183463847175542164798764762683121930786715931063152122056911933710481566265603626437742951648885379847799327315791800670175616973945640322985175516271373004547752061826574576722667907302681961850865961386200909397231865804894418194711076667760169256682834206788730947602211228930301853348503098156592000286467190760378847541148772869356389938999094673945092387627113807899212568399028514283219850734634544982646070106811651490010946670117927664594365986238107951837041859682547029079035013475238052160645871718246031144694712586073789250183 c2 = 10324627733161143472233272675096997859064721978612320424254305978486200326061730105384511258706433940176741256952824288120499229240005823611541292676234913505775165761543820764046537413943393325463602612485849366939102550336256797820440347815027443410399157963547486098366749815425187247171697678576246606105486928212486117878157055321965270364583625270716186820068538749425299073309429589410882809098930213978117176627031795312102177342499674234163614021182116065492884880492891668658240362567156235958605768725892407536211503981819707919444725863397622629226309480836486427388484176463279384813974310500625102568341 n3 = 14215826065753265334521416948225868542990756976323308408298887797364519400310818641526401662106853573185085731682502059761982246604277475488691297554851873224516934619888327644352138127883043558424300092247604877819821625587944308487310522092440517150600171819145803937177931473336108429889165189521078678397694303305705260759351843006130968234071638035667854938070597400634242396852782331461576526836227336952718230741560369621645218729592233657856104560425642219241082727756696967324334634822771842625681505869025740662258929200756109704988223034840699133778958569054445520305361142302393767439478256174414187983763 c3 = 415916446053083522663299405080903121619846594209033663622616979372099135281363175464579440520262612010099820951944229484417996994283898028928384268216113118778734726335389504987546718739928112684600918108591759061734340607527889972020273454098314620790710425294297542021830654957828983606433731988998097351888879368160881316237557097381718444193741788664735559392675419489952796677690968481917700683813252460912749931286739585465657312416977086336732056497161860235343155953578618273940135486362350057858779130960380833359506761436212727289297656191243565734621757889931250689354508999144817518599291078968866323093 n4 = 12221355905532691305226996552124162033756814028292708728711809229588190407700199452617060657420166395065565154239801465361510672853972152857415394695376825120759202857555325904640144375262531345320714166285999668052224661520834318497234299585219832943519644095197479639328120838919035625832361810964127485907587199925564724081163804724975965691571850962714258888527902920462746795712011579424322515292865504642938090200503979483095345893697972170153990274670257331483858538617460680462369680572833191232126527727222302641204529110948993583190295067970240051042000918629138767209918572311469915774910003970381965123241 c4 = 2248834602646305164283014556051672824689884721514190813323189875541899566338153534858709617544459297836048770439230174669883719627734394673012731609952869246171300132019334542245094425654362711870373095782083791160029789553806741967408922001051006100049326921742208757147339981269528740944842177729701945606827918253016001436218891580980192743564642120923356793292885805519110411357830040053435569937296612987581482128241218218550319154933831743819546558930918761162723110000328532730751591375727881221199739397698390594797621758011191224528339478784930214820615602510460640307707682865125229937141010351138099874025 n5 = 18152103454920389919231636321286527841833809319334215885641536161086810144890443857211776387914779781628740172079478910188540146498426564211851629962338413488555121865779016981727229209606498886170396500155102635962395243364899026418106378234307821492609778555173516000309435730752571818439328803899462791834490025768785383592935046996428331508608555503567191807692523852530836008436655164751054189301721070209363416058642811329040202582026786024825518381761299547703962502636888833428457116986351812252188468878701301184044948733274488264320930936362549028124581962244201377136969591119942276742760215403738913067567 c5 = 2797812094994121597295362327809389195134238119144547570610194659000554967367804835006774413888965325870488368112707535584687083342412367127561646136089638402907513075405746055834487062923240856950047936297155455745928810738711368950139327254040579266046642851362228893522740216519732851152162928545416236075387903789535000820423985522550638100049857678600662008021574841083416323980817348573062083159710189689337626277009675683473560325178417766400002763719953723259300977655801234386662217462862844994462505601804422871991694828697337752697234180117437785537788728412520613916334045368736691714704501962513954509705 n6 = 22877887459293720334652698748191453972019668578065068224653972884599636421200068659750242304040301306798039254241668648594556654589309801728248683586229288074709849246660525799452637187132633064172425677552176203292787732404537215347782229753837476655088638984496409603054524994383358547132112778403912563916886533181616856401929346567686400616307916690806467019665390260267596320840786982457521423178851498130935577260638269429250197050326097193841333205073650802709022947551398142692735680419453533128176592587955634333425401930362881423044363132586170013458300714163531162544301477356808388416864173949089028317961 c6 = 12271947322974809255127222556723394446467844330408506340843897575503534175121932185624776713618037572593449207329510171212097269297133492090526270770286000839978630002819714376964416081198925899119135271459404333829811516667576167576916805217016117373027245648473458331936273975110163065432285322832123169216976420362833557809289561705091817949915218278430834098156335989014645979633658818904753942786129126233956314517292746008579152368541316795082120147520597254020266752859205131887527661767589367756335766220841483940854397440079467053684289006956034944336788288196391829411432383541473132962783883758561108297747 n7 = 19844333358004073542783728196775487079202832688982038135532362073659058674903791697765527614270399097276261983744620537925712167578187109058145015032736796457938148615396547198728652435169126585595701228287449135664667959433491335769206692390262797325133960778920452511673878233190120432257482339068405290918739453464061987163074129048150451046315248186376609350095502130018696275764450248681787926130463463923862832714969425813770847493135627599129546112143050369344208092649256659330284904392961574494907186727388685504929586018639846040474616307662546605623294842316524163106100888851228858194942825157286544846177 c7 = 9531264751315473345056673937611382755236533664089452852716992791452558274873158812669513178040971923528201631609089069182049526587423864397527252061341857426422965190913745048414029690931254119437249218321954899956104589066479231204536856131403590472063496956452030342299863907499976917750846369802185896519725837163530049157920978007252920334447236842959033879772444475877613295594785710745889554296655932909212643500877218304116451889820444820534937901427158918411546484157737612926382420354101675658160847653151539420222526999426483473829341628599881460824765758346670633385844187252696874025582747177333702736465 n8 = 16956880944655068255446705024149899655327230949463546092744762226005904114738078692036960935391303255804754787864713189658290361949509917704853428701870609882427423574672772606814823959758208695540116440342488334213300943604780971422918744381486937517952553797134323570131582724393100092308466968491068503301604506186521656059375518680612292667310641047190088814753025794048591445267711939066523165042651430468971452726568222388482323097260496415484997546126185688914792795834046855221759289007609518312601640548469651358391745947588643697900883634533872314566389446271647587564348026861264979727062157272541149018781 c8 = 16110326928338602237561005337578085623028116490564329920738844771341250444164294693848130674347672763073995755532723894042946521372321947507527854966013459795492930736187058535665041545095683801386814190612817128504426590828954205050425979880047802547011117626354405687170961272200066258220699329112978151044633994329352673342582175349200008181837211288847301836681860817044391028992501763375849046751094019224570802498414368189170656992427042010362385494565216988561215657424755648213390551881450141899860811844684546992754530755092358644968088017107313907435586729574798046187046145596726569637758312033849476689378 n9 = 16472195897077185060734002588086375750797253422014472876266294484788862733424113898147596402056889527985731623940969291811284437034420929030659419753779530635563455664549165618528767491631867637613948406196511848103083967995689432928779805192695209899686072900265108597626632371718430059561807147486376536203800038054012500244392964187780217667805308512187849789773573138494622201856638931435423778275004491853486855300574479177472267767506041000072575623287557610576406578525902565241580838652860552046216587141709709405062150243990097835181557208274750462554811004137033087430556692966525170882625891516050207318491 c9 = 11867731823522211833301190385669833752050387304375114576570892885641949969365352586215693183003550684262313893105989683214739695968039039944442567581277252581988489020834299896625977474857889570528169919064941042132119301236852358823696947330423679033138054012027878783478922023431469564210485180679933264749281963405243082505688901662659030897104957499953192201440290084373968716271056483463909282407034181891901928790601973222643210525000717355062752079302291729448234374709852429885984987094307177760741403086538949190424454337896501402430653783597070178968921411867485584517214777073301007918941216316241784521708 n10 = 13890749889361612188368868998653029697326614782260719535555306236512452110708495623964530174188871342332417484996749651846510646453983388637377706674890018646246874688969342600780781646175634455109757266442675502522791531161284420286435654971819525519296719668701529481662071464145515727217108362496784024871976015116522898184301395037566514980846499856316532479656908169681719288258287756566886281183699239684997698487409138330229321935477734921670373632304542254938831218652340699024011371979519574576890581492623709896310465567043899767342676912434857372520308852745792360420376574037705943820090308501053778144141 c10 = 6250115196713939477947942995075509357173312813431601073354390451609559579925704891503987992181988654989477525811826607070378476102616752398280691012244301950194800995432882828020405062344160270290542566163969692748126314259624623341922057435728127596172871894887055305291345372720594481096374310285437492746765510292863238933163142677773310305789984897974266961231555124787205980411992251387207335655129551950825339766848166539671565212408741432649813058363660321480995187545006718837863674527475323414266732366507905974800565463011676462244368010182725161416783875646259625352308599198614681446394427674340328493047 n11 = 21457499145521259498911107987303777576783467581104197687610588208126845121702391694574491025398113729462454256070437978257494064504146718372095872819969887408622112906108590961892923178192792218161103488204912792358327748493857104191029765218471874759376809136402361582721860433355338373725980783308091544879562698835405262108188595630215081260699112737457564998798692048522706388318528370551365364702529068656665853097899157141017378975007689790000067275142731212069030175682911154288533716549782283859340452266837760560153014200605378914071410125895494331253564598702942990036163269043699029806343766286247742865671 c11 = 6269656777204332618433779865483197625538144405832409880710764183039800286008967127279281167109250083159801218370191973055663058165456565194979210256278526713608759141588082614531352489547674696723140599892318118960648862531538435596775798128845789504910467783731144808685373807716609662688064728614003904579841055786083326311313295311152563668422289435606771091246147867715987583149743032723028324394173498623642539175178996531881058274717907066845565199058931743481410454382746158558886667761300257488769795092777021292335562818583719708133179974425584610403335487082478848975656282384575767178925517257692365828720 for i in range(1, 12): for j in range(i + 1, 12): ni = eval("n" + str(i)) nj = eval("n" + str(j)) p = gcd(ni, nj) if p > 1: c = eval("c" + str(i)) q = ni // p d = invert(e, (p - 1) * (q - 1)) flag = long_to_bytes(pow(c, d, ni)) print(flag) 14、|p-q|

考点：rsa p q很接近

题解：

（1）核心代码

p = getPrime(2048) q = next_prime(p)

发现p 和q 很接近；直接对n进行开方得到p；然后计算下一个素数可以算出p

from Crypto.Util.number import * from gmpy2 import * flag = 307746143297103281117512771170735061509547958991947416701685589829711285274762039205145422734327595082350457374530975854337055433998982493020603245187129916580627539476324521854057990929173492940833073106540441902619425074887573232779899379436737429823569006431370954961865581168635086246592539153824456681688944066925973182272443586463636373955966146029489121226571408532284480270826510961605206483011204059402338926815599691009406841471142048842308786000059979977645988396524814553253493672729395573658564825709547262230219183672493306100392069182994445509803952976016630731417479238769736432223194249245020320183199001774879893442186017555682902409661647546547835345461056900610391514595370600575845979413984555709077635397717741521573798309855584473259503981955303774208127361309229536010653615696850725905168242705387575720694946072789441481191449772933265705810128547553027708513478130258801233619669699177901566688737559102165508239876805822898509541232565766265491283807922473440397456701500524925191214292669986798631732639221198138026031561329502985577205314190565609214349344303324429408234237832110076900414483795318189628198913032900272406887003325858236057373096880675754802725017537119549989304878960436575670784578550 n = 329960318345010350458589325571454799968957932130539403944044204698872359769449414256378111233592533561892402020955736786563103586897940757198920737583107357264433730515123570697570757034221232010688796344257587359198400915567115397034901247038275403825404094129637119512164953012131445747740645183682571690806238508035172474685818036517880994658466362305677430221344381425792427288500814551334928982040579744048907401043058567486871621293983772331951723963911377839286050368715384227640638031857101612517441295926821712605955984000617738833973829140899288164786111118033301974794123637285172303688427806450817155786233788027512244397952849209700013205803489334055814513866650854230478124920442832221946442593769555237909177172933634236392800414176981780444770542047378630756636857018730168151824307814244094763132088236333995807013617801783919113541391133267230410179444855465611792191833319172887852945902960736744468250550722314565805440432977225703650102517531531476188269635151281661081058374242768608270563131619806585194608795817118466680430500830137335634289617464844004904410907221482919453859885955054140320857757297655475489972268282336250384384926216818756762307686391740965586168590784252524275489515352125321398406426217 q = next_prime(isqrt(n)) p = n // q assert p*q == n e = 0x10001 phi = (p - 1)*(q - 1) d = inverse(e, phi) m = pow(flag, d, n) print(long_to_bytes(m))

不包含web； misc；pwn；web misc太基础；pwn不会！！我是菜鸡

标签：

2023-Moectf-wp由讯客互联创业栏目发布，感谢您对讯客互联的认可，以及对我们原创作品以及文章的青睐，非常欢迎各位朋友分享到个人网站或者朋友圈，但转载请说明文章出处“2023-Moectf-wp”

上一篇
linux-docker及docker-compose相关命

下一篇
算法（三）——最大公约数、最小公倍数、同余原理