BCTF2015-writeup

正文之前还是写点废话吧,实力不行,能力不够,被虐的惨惨的 简单写个文章作为记录吧 checkin-10 登陆IRC BCTF频道后,最上面有一段字符串 看了下目测是ROT13,解密后得到flag warmup-50 c=0x1e04304936215de8e21965cfca9c245b1a8f38339875d36779c0f123c475bc24d5eef50e7d9ff5830e80c62e8083ec55f27456c80b0ab26546b9aeb8af30e82b650690a2ed7ea407dcd094ab9c9d3d25a93b2140dcebae1814610302896e67f3ae37d108cd029fae6362ea7ac1168974c1a747ec9173799e1107e7a56d783660418ebdf6898d7037cea25867093216c2c702ef3eef71f694a6063f5f0f1179c8a2afe9898ae8dec5bb393cdffa3a52a297cd96d1ea602309ecf47cd009829b44ed3100cf6194510c53c25ca7435f60ce5f4f614cdd2c63756093b848a70aade002d6bc8f316c9e5503f32d39a56193d1d92b697b48f5aa43417631846824b5e86 http://dl.bctf.cn/warmup-c6aa398e4f3e72bc2ea2742ae528ed79.pub.xz 题目给了一个加密后的c值和一个rsa的公钥文件 把公钥文件用openssl 分解出n和e 然后脑洞不够大,一直想着直接分解n,然后算出私钥d,结果跑了半天都没跑出来,后来搜到一个rsa的漏洞 rsa wiener attack, 在github上找了一个代码,修改了之后顺利跑出明文m: import ContinuedFractions, Arithmetic, RSAvulnerableKeyGenerator import sys sys.setrecursionlimit(1000000) def hack_RSA(e,n): ”’ Finds d knowing (e,n) applying the Wiener continued fraction attack ”’ frac = ContinuedFractions.rational_to_contfrac(e, n) convergents = ContinuedFractions.convergents_from_contfrac(frac) for (k,d) in convergents: #check if d is actually the […]

IDF CTF练习题——聪明的小羊 题解

题目: 一只小羊跳过了栅栏,两只小样跳过了栅栏,一坨小羊跳过了栅栏… tn c0afsiwal kes,hwit1r  g,npt  ttessfu}ua u  hmqik e {m,  n huiouosarwCniibecesnren. 看了题目描述,应该是栅栏加密,直接上代码: result = {0:”,1:”,2:”,3:”,4:”,5:”,6:”,7:”,8:”,9:”,10:”,11:”,12:”,13:”,14:”,15:”,16:”,17:”}; b = 17; s = “tn c0afsiwal kes,hwit1r g,npt ttessfu}ua u hmqik e {m, n huiouosarwCniibecesnren.” for i in range(len(s)): a = i%b; result.update({a:result[a]+s[i]}); for i in range(b): print result[i]; 最后输出结果: the a nwser is w ctf{C 01umn […]

CSCAMP 2014CTF|writeup web-7amama Book

We can see the description first: Description: 7amamaBook is a social media website where people can sign up and share with each other. It has a bug bounty program and you found a bug and reported it but they refuse to pay you so you want to give them a payback by hacking it. Then […]

XDCTF-writeup

XDCTF2014 Write-ups by 我们是来打酱油的 Member: test233 test234 本来组了一个队,但是我要复习英语就没打算做题,但是一天过后发现队友根本没有做题,我就醉了,难道题目很难么。。简单看了下题不是很难,试着做了几道web的题,然后发现狮子骑士也是一个人在做题,果断和逆向大牛重新组了一个队“我们是来打酱油的”,最后做了挺多题,可惜做的时间比较迟,奖励分都没有了,其实看了下和9、10名的队做的题是一样的,别人做的早有奖励分,不然可以进线下赛。骑士牛还是非常给力的,搞定了好几道逆向题,下面是这次比赛的writeup: l  Web WEB20 Web50 Web70 Web100 WEB200 Web150 Web180 WEB250 WEB270 l  Crack Crack100 Crack120 Crack150 Crack300 Crack180         Web20 打开题目连接,提示是Happy Easter, 网页中有张图片是个复活节的彩蛋图,抓包看了下网页是用PHP写的,上网搜了下PHP彩蛋,于是按照说明,访问下面的URL: http://game1.xdctf.com:8081/H86Ki4NnCSVv/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 在返回的页面里面找到了flag信息: Flag: flag-WhatisPhp-mtzeXAtcKA53       Web50 下载XSS编码神器,解压后发现是个chrome插件文件,把后缀改成RAR再解压: 挨个打开,在manifest.json里发现: 把 dGhlIGZvbGxvd2luZyBrZXkgaXMgbm90IHRoZSByZWFseSBrZXksIHlvdSBjYW4gZmluZCBpbiB0aGUgb3RoZXIgZmlsZSE= base64解码后得到: the following key is not the realy key, you […]