分类 CTF 下的文章

$a = '%4d%c9%68%ff%0e%e3%5c%20%95%72%d4%77%7b%72%15%87%d3%6f%a7%b2%1b%dc%56%b7%4a%3d%c0%78%3e%7b%95%18%af%bf%a2%00%a8%28%4b%f3%6e%8e%4b%55%b3%5f%42%75%93%d8%49%67%6d%a0%d1%55%5d%83%60%fb%5f%07%fe%a2';
$b = '%4d%c9%68%ff%0e%e3%5c%20%95%72%d4%77%7b%72%15%87%d3%6f%a7%b2%1b%dc%56%b7%4a%3d%c0%78%3e%7b%95%18%af%bf%a2%02%a8%28%4b%f3%6e%8e%4b%55%b3%5f%42%75%93%d8%49%67%6d%a0%d1%d5%5d%83%60%fb%5f%07%fe%a2';

var_dump($a === $b);
var_dump(urldecode($a));
var_dump(urldecode($b));
var_dump(md5(urldecode($a)) === md5(urldecode($b)));

QQ截图20200920115029.png

Readme:可自动识别需要加密还是解密,如:

C:\cmd>python3 morse.py "123456"

[+]"123456"的加密结果:.----/..---/...--/....-/...../-....

C:\cmd>python3 morse.py ".----/..---/...--/....-/...../-...."

[-]".----/..---/...--/....-/...../-...."的解密结果:123456

源码如下:

#/usr/bin/python3
# _*_ coding:utf-8 _*_
import sys

"""对照表"""
t = {"A": ".-", "B": "-...", "C": "-.-.", "D": "-..", 
	 "E": ".", "F": "..-.", "G": "--.", "H": "....",
	 "I": "..", "J": ".---", "K": "-.-", "L": ".-..",
	 "M": "--", "N": "-.", "O": "---", "P": ".--.",
	 "Q": "--.-", "R": ".-.", "S": "...", "T": "-",
	 "U": "..-", "V": "...-", "W": ".--", "X": "-..-",
	 "Y": "-.--", "Z": "--..",
	 "1": ".----", "2": "..---", "3": "...--", "4": "....-",
	 "5": ".....", "6": "-....", "7": "--...", "8": "---..",
	 "9": "----.", "0": "-----",
	 "(": ".--.-", "-": "-....-", "?": "..--..", "/": "-..-.","_":"..--.-",
	 ".": ".-.-.-", "@": ".--.-.", ")": "-.--.-", "}":"-----.-","{":"----.--",
	 
	 '.-': 'A', '-...': 'B', '-.-.': 'C', '-..': 'D', '.': 'E',
	 '..-.': 'F', '--.': 'G', '....': 'H', '..': 'I', '.---': 'J',
	 '-.-': 'K', '.-..': 'L', '--': 'M', '-.': 'N', '---': 'O',
	 '.--.': 'P', '--.-': 'Q', '.-.': 'R', '...': 'S', '-': 'T',
	 '..-': 'U', '...-': 'V', '.--': 'W', '-..-': 'X', '-.--': 'Y', '--..': 'Z',
	 '.----': "1",'..---': '2', '...--': '3', '....-': '4', '.....': '5', '-....': '6',
	 '--...': '7', '---..': '8', '----.': '9', '-----': '0',
	 '.--.-': '(', '-....-': '-', '..--..': '?',"-.--.-":")", "-----.-":"}","----.--":"{",
	 '-..-.': '/', '.-.-.-': '.', '.--.-.': '@',"..--.-":"_",
	 }



def edcode(p):
	s = ''
	if './' in p or '-/' in p:   # 判断输入的字符串是要加密还是解密
		"""解密"""
		for i in p.strip('/').split('/'):   # 循环取出每一个解密的元素
			s += t[i]   # 进行对照表解密
			
		print('\n[-]"{}"的解密结果:'.format(p) + s)    # 打印结果
			
	else:
		"""加密"""
		for i in list(p):
			s += t[i.upper()] + '/'	# 每个字符加密后拼接一起,使用'/'隔开
			
		print('\n[+]"{}"的加密结果:'.format(p) + s.strip('/'))   # 首尾去'/',打印结果
	
if __name__ == '__main__':
	if len(sys.argv) == 2:   # 判断是否按照指定格式运行脚本
		try:
			p = sys.argv[1]   # 取需要加密或者解密的参数
			edcode(p)
		
		except:   # 人生如戏,难免发生意外,提示运行错误
			print("\n[!]请检查输入的参数是否合法,暂时只支持字母数字和一下特殊字符:'_','-','.','@','/','?'")
			
	else:
		print("""
[*]使用方法:python3 this.py "要加密或者解密的字符串"
[+]加密:python3 morse.py "123456"
[-]解密:python3 morse.py ".----/..---/...--/....-/...../-...."   # 解密一定要带有 '/'符号,不然识别不出
			""")

这题是关于RSA解密相关的,下载题目文件后压缩包里有两个文件,分别是公钥和加密的文件,我们的思路就是通过公钥爆破出私钥,再根据私钥解密出密文

其中 .pem格式的是openssl的文件类型,所以我们需要用到openssl来解出RSA中的N 值与 e值,这个过程完全是可计算的,并不是爆破,毕竟传统的rsa公钥是(e,N)的形式,这里只是通过openssl把他格式化了一下

kali自带有openssl,可在 pubkey.pem的当前目录运行一下命令解出N值与e值

openssl rsa -pubin -text -modulus  -in pubkey.pem

运行效果如下:

root@kali:~/CTF/openssl# ls
pubkey.pem
root@kali:~/CTF/openssl# openssl rsa -pubin -text -modulus  -in pubkey.pem
RSA Public-Key: (256 bit)
Modulus:
    00:c2:63:6a:e5:c3:d8:e4:3f:fb:97:ab:09:02:8f:
    1a:ac:6c:0b:f6:cd:3d:70:eb:ca:28:1b:ff:e9:7f:
    be:30:dd
Exponent: 65537 (0x10001)
Modulus=C2636AE5C3D8E43FFB97AB09028F1AAC6C0BF6CD3D70EBCA281BFFE97FBE30DD
writing RSA key
-----BEGIN PUBLIC KEY-----
MDwwDQYJKoZIhvcNAQEBBQADKwAwKAIhAMJjauXD2OQ/+5erCQKPGqxsC/bNPXDr
yigb/+l/vjDdAgMBAAE=
-----END PUBLIC KEY-----

或者可以使用在线工具计算,http://tool.chacuo.net/cryptrsakeyparse

其中 "65537"就是 e值,而 "C2636AE5C3D8E43FFB97AB09028F1AAC6C0BF6CD3D70EBCA281BFFE97FBE30DD" 是16进制的N值,我们需要把它转为10进制,我个人比较喜欢用python

root@kali:~/CTF/openssl# python3
Python 3.8.3 (default, May 14 2020, 11:03:12) 
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> int(0xC2636AE5C3D8E43FFB97AB09028F1AAC6C0BF6CD3D70EBCA281BFFE97FBE30DD)
87924348264132406875276140514499937145050893665602592992418171647042491658461
>>> 

这就计算出了N值,这时候我们需要通过类似爆破的方式来计算 p值与q值,可以用过在线网站进行计算,网址:http://www.factordb.com/index.php,下面是解密结果:

下面我们就可以根据rsa加密的原理进行计算出密钥,使用到的一个工具是rsatool,安装方法:

git clone https://github.com/ius/rsatool.git
cd rsatool  //进入这个目录
python setup.py install

然后可以使用下面的命令生成密钥文件:

python rsatool.py -o private.pem -p 275127860351348928173285174381581152299 -q 319576316814478949870590164193048041239 -e 65537

运行完成后即可在目录下生成一个私钥文件 private.pem,将 private.pem 与 flag.enc 放在同一个目录下,然后运行openssl解密,计算出 加密的明文信息

openssl rsautl -decrypt -in flag.enc -inkey private.pem

下面是运行效果:

root@kali:~/CTF/openssl# ls
flag.enc  private.pem
root@kali:~/CTF/openssl# openssl rsautl -decrypt -in flag.enc -inkey private.pem
PCTF{256b_i5_m3dium}
root@kali:~/CTF/openssl#

可以看到加密后的信息被解密出来了

题目描述:

快速口算分值: 350小明要参加一个高技能比赛,要求每个人都要能够快速口算四则运算,2秒钟之内就能够得到结果,但是小明就是一个小学生没有经过特殊的培训,那小明能否通过快速口算测验呢?

平台题目地址

做题地址

这个无论是直接手算或者发送到BURP上都不能完成,所以我写了个py脚本,可以一键拿key

import requests
from lxml import etree

"""发送请求包,获取式子和cookie"""
r = requests.get("http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php")
html = etree.HTML(r.text)   # 转为 lxml对象进行xpath解析
r.encoding = r.apparent_encoding
formula = str(html.xpath("/html/body/form/text()[2]")[0]).strip()[:-1]    # 获取式子,转为字符串对象
formula = eval(formula)    # 计算答案
cookie = r.headers['Set-Cookie'].split(";")[0]     # 截取服务器给的cookie

"""自定义cookie发送post包"""
headers = {'Cookie':cookie, 'Content-Type':'application/x-www-form-urlencoded'}   # 自定义header头
data = "v={}".format(str(formula))   # 要发送的post主体
p = requests.post("http://lab1.xseclab.com/xss2_0d557e6d2a4ac08b749b61473a075be1/index.php", data = data, headers =headers)
p.encoding = p.apparent_encoding
html = etree.HTML(p.text)
print(html.xpath("//body/text()")[0])   # 打印出key

拿下key

title: CTF-MD5碰撞
categories: CTF
tags: [MD5]

date: 2020-01-15 11:02:18

<p style="text-align: left;">0x00:今天天气寒冷,但是再严峻的天气也不能阻挡本屌爱学习的热心,按照国际惯例困了累了做CTF题,于是乎遇到下面这道题</p>

<!-- wp:image {"id":479,"sizeSlug":"large"} -->

<figure class="wp-block-image size-large"></figure>

<!-- /wp:image -->

<p style="text-align: left;">0x01:从源码审计上看很好理解,就是说输入个数值“a”,完了“a”的MD5值要与“QNKCDZO”的一样,而且“a”还不等于“QNKCDZO”,其实从题目“MD5碰撞“我们就已经知道了解题方法了</p>
<p>0x02:我们加密了“QNKCDZO”,发现MD5值是“0e830400451993494058024219903391”</p>
<p>这就很有意思了</p>

<!-- wp:image {"id":481,"sizeSlug":"large"} -->

<figure class="wp-block-image size-large"></figure>

<!-- /wp:image -->

<!-- wp:paragraph -->

<p>0x03:下面科普一波</p>

<!-- /wp:paragraph -->

<div>PHP在处理哈希字符串时,会利用”!=”或”==”来对哈希值进行比较,它把每一个以”0E”开头的哈希值都解释为0,所以如果两个不同的密码经过哈希以后,其哈希值都是以”0E”开头的,那么PHP将会认为他们相同,都是0。</div>
<div> <wbr></div>
<div>关于PHP hash比较缺陷详细介绍:</div>
<div>http://www.freebuf.com/news/67007.html</div>
<div> </div>
<div>下面是部分MD5值开头为0e的明文</div>
<div> </div>
<div>QNKCDZO</div>
<div>0e8304004519934940580242<wbr>19903391</div>
<div> <wbr> <wbr></div>
<div>s878926199a</div>
<div>0e5459932745177090343288<wbr>55841020</div>
<div> <wbr> <wbr></div>
<div>s155964671a</div>
<div>0e3427684168224515249741<wbr>17254469</div>
<div> <wbr> <wbr></div>
<div>s214587387a</div>
<div>0e8482404488305379244658<wbr>65611904</div>
<div> <wbr> <wbr></div>
<div>s214587387a</div>
<div>0e8482404488305379244658<wbr>65611904</div>
<div> <wbr> <wbr></div>
<div>s878926199a</div>
<div>0e5459932745177090343288<wbr>55841020</div>
<div> <wbr> <wbr></div>
<div>s1091221200a</div>
<div>0e9406242178565615578163<wbr>27384675</div>
<div> <wbr> <wbr></div>
<div>s1885207154a</div>
<div>0e5093672134182067008420<wbr>08763514</div>
<div> <wbr> <wbr></div>
<div>s1502113478a</div>
<div>0e8615801632915612474043<wbr>81396064</div>
<div> <wbr> <wbr></div>
<div>s1885207154a</div>
<div>0e5093672134182067008420<wbr>08763514</div>
<div> <wbr> <wbr></div>
<div>s1836677006a</div>
<div>0e4810364908676611132600<wbr>34900752</div>
<div> <wbr> <wbr></div>
<div>s155964671a</div>
<div>0e3427684168224515249741<wbr>17254469</div>
<div> <wbr> <wbr></div>
<div>s1184209335a</div>
<div>0e0724858203927733895231<wbr>09082030</div>
<div> <wbr> <wbr></div>
<div>s1665632922a</div>
<div>0e7311980614911630731971<wbr>28363787</div>
<div> <wbr> <wbr></div>
<div>s1502113478a</div>
<div>0e8615801632915612474043<wbr>81396064</div>
<div> <wbr> <wbr></div>
<div>s1836677006a</div>
<div>0e4810364908676611132600<wbr>34900752</div>
<div> <wbr> <wbr></div>
<div>s1091221200a</div>
<div>0e9406242178565615578163<wbr>27384675</div>
<div> <wbr> <wbr></div>
<div>s155964671a</div>
<div>0e3427684168224515249741<wbr>17254469</div>
<div> <wbr> <wbr></div>
<div>s1502113478a</div>
<div>0e8615801632915612474043<wbr>81396064</div>
<div> <wbr> <wbr></div>
<div>s155964671a</div>
<div>0e3427684168224515249741<wbr>17254469</div>
<div> <wbr> <wbr></div>
<div>s1665632922a</div>
<div>0e7311980614911630731971<wbr>28363787</div>
<div> <wbr> <wbr></div>
<div>s155964671a</div>
<div>0e3427684168224515249741<wbr>17254469</div>
<div> <wbr> <wbr></div>
<div>s1091221200a</div>
<div>0e9406242178565615578163<wbr>27384675</div>
<div> <wbr> <wbr></div>
<div>s1836677006a</div>
<div>0e4810364908676611132600<wbr>34900752</div>
<div> <wbr> <wbr></div>
<div>s1885207154a</div>
<div>0e5093672134182067008420<wbr>08763514</div>
<div> <wbr> <wbr></div>
<div>s532378020a</div>
<div>0e2204630958555115075880<wbr>41205815</div>
<div> <wbr> <wbr></div>
<div>s878926199a</div>
<div>0e5459932745177090343288<wbr>55841020</div>
<div> <wbr> <wbr></div>
<div>s1091221200a</div>
<div>0e9406242178565615578163<wbr>27384675</div>
<div> <wbr> <wbr></div>
<div>s214587387a</div>
<div>0e8482404488305379244658<wbr>65611904</div>
<div> <wbr> <wbr></div>
<div>s1502113478a</div>
<div>0e8615801632915612474043<wbr>81396064</div>
<div> <wbr> <wbr></div>
<div>s1091221200a</div>
<div>0e9406242178565615578163<wbr>27384675</div>
<div> <wbr> <wbr></div>
<div>s1665632922a</div>
<div>0e7311980614911630731971<wbr>28363787</div>
<div> <wbr> <wbr></div>
<div>s1885207154a</div>
<div>0e5093672134182067008420<wbr>08763514</div>
<div> <wbr> <wbr></div>
<div>s1836677006a</div>
<div>0e4810364908676611132600<wbr>34900752</div>
<div> <wbr> <wbr></div>
<div>s1665632922a</div>
<div>0e7311980614911630731971<wbr>28363787</div>
<div> <wbr> <wbr></div>
<div>s878926199a</div>
<div>0e5459932745177090343288<wbr>55841020</div>
<p style="text-align: left;">0x04:没错,QNKCDZO也在这里特殊的字符串里面,那么php进行处理MD5值时会认为它的MD5值为0,我们只需要用另一组特殊字符串把值赋给a,那么问题就迎刃而解了</p>

<!-- wp:image {"id":483,"sizeSlug":"large"} -->

<figure class="wp-block-image size-large"></figure>

<!-- /wp:image -->

<p>0x05:附上MD5值是0e开头的字符串生成器</p>

<!-- wp:code {"lineNumbers":true} -->

import hashlib,random,string


while True:
    s = ''.join(random.sample(string.ascii_letters + string.digits, 5))
    m = hashlib.md5(s.encode("utf-8")).hexdigest()
    if m[:2] == "0e":
        print(s)
        break

<!-- /wp:code -->