队伍名称

我们会下蛊

排名

图片总排位:74名 东部赛区:29名

解题思路

WEB

ez_Gadget

https://ameuu.github.io/2022/07/11/%E8%93%9D%E5%B8%BD%E6%9D%AF-EzGadget/

Crypto

corrupted_key

题目

1
2
3
4
5
6
7
8
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
from secret import flag

key = RSA.generate(1024)
open("flag.enc",'wb').write(PKCS1_OAEP.new(key.publickey()).encrypt(flag))
open('priv.pem','wb').write(key.exportKey('PEM'))

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDXFSUGqpzsBeUzXWtG9UkUB8MZn9UQkfH2Aw03YrngP0nJ3NwH
UFTgzBSLl0tBhUvZO07haiqHbuYgBegO+Aa3qjtksb+bH6dz41PQzbn/l4Pd1fXm
dJmtEPNh6TjQC4KmpMQqBTXF52cheY6GtFzUuNA7DX51wr6HZqHoQ73GQQIDAQAB








yQvOzxy6szWFheigQdGxAkEA4wFss2CcHWQ8FnQ5w7k4uIH0I38khg07HLhaYm1c
zUcmlk4PgnDWxN+ev+vMU45O5eGntzaO3lHsaukX9461mA==
-----END RSA PRIVATE KEY-----

参考pem解析

base64解码 再转hex

1
2
3
4
5
30 82 02 5e 02 01 00 02 81 81 00 d7 15 25 06 aa 9c ec 05 e5 33 5d 6b 46 f5 49 14 07 c3 19 9f d5 10 91 f1 f6 03 0d 37 62 b9 e0 3f 49 c9 dc dc 07 50 54 e0 cc 14 8b 97 4b 41 85 4b d9 3b 4e e1 6a 2a 87 6e e6 20 05 e8 0e f8 06 b7 aa 3b 64 b1 bf 9b 1f a7 73 e3 53 d0 cd b9 ff 97 83 dd d5 f5 e6 74 99 ad 10 f3 61 e9 38 d0 0b 82 a6 a4 c4 2a 05 35 c5 e7 67 21 79 8e 86 b4 5c d4 b8 d0 3b 0d 7e 75 c2 be 87 66 a1 e8 43 bd c6 41 02 03 01 00 01



c9 0b ce cf 1c ba b3 35 85 85 e8 a0 41 d1 b1 02 41 00 e3 01 6c b3 60 9c 1d 64 3c 16 74 39 c3 b9 38 b8 81 f4 23 7f 24 86 0d 3b 1c b8 5a 62 6d 5c cd 47 26 96 4e 0f 82 70 d6 c4 df 9e bf eb cc 53 8e 4e e5 e1 a7 b7 36 8e de 51 ec 6a e9 17 f7 8e b5 98

得到n和e还有dq的低120位和inv(q,p)

$edq=ed=1 mod (q-1)$

$edq=1+k(q-1)=k*q-k+1$

$edq+k-1=kq$

k<e的

那么

q的低120位

$q_{low}=inv(k,2120)(edq+k-1)mod(2120)$

$q=2*120x+q_{los}$

$f=inv(q,p)qq-qmod n=0$

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
import gmpy2
from tqdm import tqdm
n=0xD7152506AA9CEC05E5335D6B46F5491407C3199FD51091F1F6030D3762B9E03F49C9DCDC075054E0CC148B974B41854BD93B4EE16A2A876EE62005E80EF806B7AA3B64B1BF9B1FA773E353D0CDB9FF9783DDD5F5E67499AD10F361E938D00B82A6A4C42A0535C5E76721798E86B45CD4B8D03B0D7E75C2BE8766A1E843BDC641
ni=0xE3016CB3609C1D643C167439C3B938B881F4237F24860D3B1CB85A626D5CCD4726964E0F8270D6C4DF9EBFEBCC538E4EE5E1A7B7368EDE51EC6AE917F78EB598
dd=0xC90BCECF1CBAB3358585E8A041D1B1
e=0x10001
s=[]
for i in tqdm(range(65537)):
try:
tt=gmpy2.invert(i,2**120)*(e*dd+(i-1))%2**120
s.append(tt)
except:
continue
PR.<x>=PolynomialRing(Zmod(n))
for i in tqdm(range(len(s))):
f=ni*(2^120*x+int(s[i]))^2-(2^120*x+int(s[i]))
f=f.monic()
root=f.small_roots(X=2^392,beta=1,epsilon=0.1)
if root:
print(root)
print(s[i])
[9380741476733074711154157347870852768998932500826815763908882209540022808328010581994168722390477477733053186137042700]
954648658690918505830691475676983889

s倒着跑快一点

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
from Crypto.Util.number import *
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP

n=0xD7152506AA9CEC05E5335D6B46F5491407C3199FD51091F1F6030D3762B9E03F49C9DCDC075054E0CC148B974B41854BD93B4EE16A2A876EE62005E80EF806B7AA3B64B1BF9B1FA773E353D0CDB9FF9783DDD5F5E67499AD10F361E938D00B82A6A4C42A0535C5E76721798E86B45CD4B8D03B0D7E75C2BE8766A1E843BDC641
x=9380741476733074711154157347870852768998932500826815763908882209540022808328010581994168722390477477733053186137042700
s=954648658690918505830691475676983889
q=2^120*x+s
print(n%q)
p=n//q
print(p)
print(q)


e=0x10001
d=inverse(e,(p-1)*(q-1))
print(d)
with open("flag.enc","rb") as f:
c=bytes_to_long(f.read())

key = RSA.construct((n, e, d, p, q))
cipher = PKCS1_OAEP.new(key=key)
print(cipher.decrypt(long_to_bytes(c)))

MISC

domainhacker

很典型的题目,先导出rar文件

图片

直接追踪到流13,先解码一下,然后选中[2:],再去解码

图片

得到压缩包密码

图片

解压,然后尝试一个,成功,就是flag

图片

1
flag{416f89c3a5deb1d398a1a1fce93862a7}

domainhacker2

同上题,追踪到加密压缩包的流量,流27

图片

然后解码一下得到压缩包密码,注意最后还要加上那个$符号

图片

解码之后读取之前所有的history值

图片

然后尝试几个密码就行,最后得到是

1
07ab403ab740c1540c378b0f5aaa4087

电子取证

图片

手机取证_1

图片

1
360x360

手机取证_2

图片

1
SF1142358694796

计算机取证_1

1
python2 vol.py -f 1.dmp imageinfo 得到镜像版本Win7SP1x64

图片

1
python2 vol.py -f 1.dmp --profile=Win7SP1x64 hashdump hashdump查看密码的hash

图片

拿去somd5解密得到密码

图片

计算机取证_2

图片

1
2192

计算机取证_3

图片

然后解密秘钥

图片

然后解锁,得到字典跟密文

图片

hashcat爆破

图片

图片

图片

计算机取证_4

dump下TrueCrypt

图片

然后foremost分解,里面有一个zip,没啥有用信息了,爆破一下

图片

图片

解压得到flag

图片

1
flag{1349934913913991394cacacacacacc}

程序分析_1

图片

1
exec.azj.kny.d.c

程序分析_2

图片

1
minmtta.hemjcbm.ahibyws.MainActivity

程序分析_3

图片

密文即是base64编码

程序分析_4

图片

简单分析一下,b(),a()是函数,a是类名,所以就单一个a

图片

网站取证_1

火绒扫一扫

图片

图片

1
lanmaobei666

网站取证_2

图片

然后跟踪

图片

找个7.1以下版本的php跑一下,因为7.1以上没有mcxxxxxx那个函数了

图片

1
KBLT123

网站取证_3

图片

1
jyzg123456

网站取证_4

图片

加密函数

图片

张宝3,王子豪5,提取一下,先5后3

图片

然后写解密脚本,要乘上每天的汇率

1
2
3
#[['mZVymm9t', 'lpxqlXFo', 'l5xummto', 'm5Zwm3Bn', 'nJhtlGlm', 'm5tpmGtm', 'm5ptnGtu', 'mZlym25r', 'm5hpnHBu', 'm5prlm9u', 'nJlyl2hu', 'lptummhs', 'lpxrl21n'], ['mZRpnHBs', 'mZpxm2lr', 'm5dtmGls', 'mpxvlnBv', 'mJpynHBt', 'nJZwm2lu', 'mpdtnWxq', 'nJdtlmpr', 'mZtymHBm', 'nJlslmpp'], ['l5RunW1p', 'nJxplXFm', 'lZdpmm1s', 'mZZwnW9u', 'mJVrmmhp', 'lZZwl3Bs', 'm5xvm2hm', 'mpZslmpm', 'mZtrnGtp', 'lp1rm21t', 'nJxplmtp'], ['l5twlXFq', 'lphqmm9s', 'm51wmG1q', 'mJlxlWto', 'lJ1vmXFq', 'mpVpmW5r', 'm5lrlGpr', 'mpxplm9u', 'lZpxnHFn'], ['nJdymWpm', 'mJpum3Fo', 'lpRrmWto', 'lZtunXBv', 'lpprnWtt', 'lJdslnBr'], ['lJZrnWpm', 'l5Zrm21m', 'lJdul2hm', 'mphylG9q', 'lZhpm2pp', 'lZ1qnW1s', 'nJ1tlHFp', 'mZxqm2tp', 'mZdsm21t', 'mpRvlG9o', 'mJVqlmhv', 'mJRwlHBq'], ['l5dtmWtt', 'mZdylHFt', 'l5RqlWxn', 'mZ1um3Fs', 'lJ1rnWhu', 'm5pulWhv', 'lptrnW1u', 'm5xynWxn', 'lpRynGtr', 'mpxulGlm', 'nJdslm9r', 'lJhslHBq', 'nJpwnWhu'], ['mptql2tv', 'l51xmmlp', 'mZVymXFn', 'lJhqnW5q', 'm5ppmGpr', 'mZlqm21t', 'mpZslWxt'], ['mJ1pnHFm', 'l5drlXBp', 'mJlvmW1u', 'mZtxlG5t', 'nJtsnHFn', 'l5Rvm29o', 'm5xvlWxv', 'm5Zrl2xm'], ['mZlwlG1u', 'nJpvlWtr', 'mJxym25s', 'lpVqnWxv', 'mZVvl3Fq', 'lZVtlW5m', 'lZRqlGhn', 'nJxqm2hn', 'nJVtl21s'], ['lJdumWlq', 'mJtxmGtp', 'mZxsnHFv', 'lpdtl2xn', 'mphqlm5p', 'lJdxlGpn'], ['lpVvlHFu', 'lJhvmHBn', 'l5xunGtv', 'lZRul2pt', 'mpdqnGxu', 'l5Zxlmho', 'lJppmWhq', 'nJVylWpp', 'm5VxnWlr'], ['lpdsnGtq', 'mZ1tnGpt', 'mJVqmmtq', 'l5hslWhm', 'lZZtl21r', 'nJlumGlm', 'lJhsmW9t'], ['lZZym25s', 'l5tpnHBt', 'nJVunG1q', 'mJdtlHFu', 'mpVtlnFp', 'mplrnG1t', 'mJ1ylHBr', 'nJhynG5m', 'mplymG1r'], ['lJtxlGxo', 'lpRxnGlm', 'mZxwnG5s', 'mZptnWpn', 'mJZylGxq', 'mZZvm3Fo'], ['lJdxnW9t', 'lZtxmXFv', 'nJxtlXFm', 'mJZumW1r', 'nJ1tmG1p', 'mplslmpu', 'lJZxlG5p', 'nJtxmXBq'], ['lZdxmmtq', 'lJdrlG1o', 'mpZtmmlm', 'mJVxnGpm', 'mJVwmWxu', 'mplslWps']]#a=[0.04,0.06,0.05,0.07,0.10,0.15,0.17,0.23,0.22,0.25,0.29,0.20,0.28,0.33,0.35,0.35,0.37]import base64import hashlib
def decryp(data): key = b'jyzg123456' key = hashlib.md5(key).hexdigest() data = base64.b64decode(data) x = 0 lenth = len(data) l = len(key) char = '' str = '' for i in range(lenth): if (x == l): x = 0 char += key[x] x += 1 for i in range(lenth): # print(data[i]) str += chr(data[i] - (ord(char[i])) % 256) return int(str)
a1 = [['mZVymm9t', 'lpxqlXFo', 'l5xummto', 'm5Zwm3Bn', 'nJhtlGlm', 'm5tpmGtm', 'm5ptnGtu', 'mZlym25r', 'm5hpnHBu', 'm5prlm9u', 'nJlyl2hu', 'lptummhs', 'lpxrl21n'], ['mZRpnHBs', 'mZpxm2lr', 'm5dtmGls', 'mpxvlnBv', 'mJpynHBt', 'nJZwm2lu', 'mpdtnWxq', 'nJdtlmpr', 'mZtymHBm', 'nJlslmpp'], ['l5RunW1p', 'nJxplXFm', 'lZdpmm1s', 'mZZwnW9u', 'mJVrmmhp', 'lZZwl3Bs', 'm5xvm2hm', 'mpZslmpm', 'mZtrnGtp', 'lp1rm21t', 'nJxplmtp'], ['l5twlXFq', 'lphqmm9s', 'm51wmG1q', 'mJlxlWto', 'lJ1vmXFq', 'mpVpmW5r', 'm5lrlGpr', 'mpxplm9u', 'lZpxnHFn'], ['nJdymWpm', 'mJpum3Fo', 'lpRrmWto', 'lZtunXBv', 'lpprnWtt', 'lJdslnBr'], ['lJZrnWpm', 'l5Zrm21m', 'lJdul2hm', 'mphylG9q', 'lZhpm2pp', 'lZ1qnW1s', 'nJ1tlHFp', 'mZxqm2tp', 'mZdsm21t', 'mpRvlG9o', 'mJVqlmhv', 'mJRwlHBq'], ['l5dtmWtt', 'mZdylHFt', 'l5RqlWxn', 'mZ1um3Fs', 'lJ1rnWhu', 'm5pulWhv', 'lptrnW1u', 'm5xynWxn', 'lpRynGtr', 'mpxulGlm', 'nJdslm9r', 'lJhslHBq', 'nJpwnWhu'], ['mptql2tv', 'l51xmmlp', 'mZVymXFn', 'lJhqnW5q', 'm5ppmGpr', 'mZlqm21t', 'mpZslWxt'], ['mJ1pnHFm', 'l5drlXBp', 'mJlvmW1u', 'mZtxlG5t', 'nJtsnHFn', 'l5Rvm29o', 'm5xvlWxv', 'm5Zrl2xm'], ['mZlwlG1u', 'nJpvlWtr', 'mJxym25s', 'lpVqnWxv', 'mZVvl3Fq', 'lZVtlW5m', 'lZRqlGhn', 'nJxqm2hn', 'nJVtl21s'], ['lJdumWlq', 'mJtxmGtp', 'mZxsnHFv', 'lpdtl2xn', 'mphqlm5p', 'lJdxlGpn'], ['lpVvlHFu', 'lJhvmHBn', 'l5xunGtv', 'lZRul2pt', 'mpdqnGxu', 'l5Zxlmho', 'lJppmWhq', 'nJVylWpp', 'm5VxnWlr'], ['lpdsnGtq', 'mZ1tnGpt', 'mJVqmmtq', 'l5hslWhm', 'lZZtl21r', 'nJlumGlm', 'lJhsmW9t'], ['lZZym25s', 'l5tpnHBt', 'nJVunG1q', 'mJdtlHFu', 'mpVtlnFp', 'mplrnG1t', 'mJ1ylHBr', 'nJhynG5m', 'mplymG1r'], ['lJtxlGxo', 'lpRxnGlm', 'mZxwnG5s', 'mZptnWpn', 'mJZylGxq', 'mZZvm3Fo'], ['lJdxnW9t', 'lZtxmXFv', 'nJxtlXFm', 'mJZumW1r', 'nJ1tmG1p', 'mplslmpu', 'lJZxlG5p', 'nJtxmXBq'], ['lZdxmmtq', 'lJdrlG1o', 'mpZtmmlm', 'mJVxnGpm', 'mJVwmWxu', 'mplslWps']]a = [0.04, 0.06, 0.05, 0.07, 0.10, 0.15, 0.17, 0.23, 0.22, 0.25, 0.29, 0.20, 0.28, 0.33, 0.35, 0.35, 0.37]s = []for i in range(len(a1)): ss = 0 for j in range(len(a1[i])): ss += decryp(a1[i][j].encode()) s.append(ss * a[i])print(s)print(sum(s))#15758353.760000002

保留两位,提交15758353.76