banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。
HomeArchives图文

Some Internet Cup Competition Writeup

#ctf630
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The competition consists of 6 practical questions related to web, misc, and crypto. The questions are not difficult as it is a small competition. The first question involves searching for a flag in JavaScript code. The second question involves opening a PDF file with a text box. The third question involves solving a mathematical problem using given values and public keys. The script provided decrypts the encrypted messages using the calculated values.

The competition practical only has 6 questions, involving web, misc, and crypto topics. This competition is organized for the client, but the questions are not difficult; otherwise, how could it be a small competition?

Question 1: 1-1#

Search for js, search keyword flag

dasctf{d6e9c56d7f078d298ed4695d899effbe}

image

Question 2: 2-1#

Open the pdf

There is a text box in the image

image

Question 3: 3-1#

The source code of the question is as follows, solved by a friend:

import libnum
import gmpy2
from Crypto.Util.number import *
import flag,e1,e2
# Generate prime numbers
p=libnum.generate_prime(1024)
q=libnum.generate_prime(1024)
ec1=pow(bytes_to_long(str(e1).ljust(20,"D").encode()),3,p*q)
ec2=pow(bytes_to_long(str(e2).ljust(20,"A").encode()),5,p*q)
m=libnum.s2n(flag)
n=p*q
c1=pow(m,e1,n)
c2=pow(m,e2,n)

print("n1=",n)
print("ec1=",ec1)
print("c1=",c1)
print("n2=",n)
print("ec2=",ec2)
print("c2=",c2)

# n1= 27929259512873502442719286790227037320417984116570178470037376373267390909685621247157535458203218619293705428397911754453556082799420494496904478215709219317542924547049229150153308059698341011305505985823374280465467094476511869541135508518055946815227085548571701115773386101962695795789178321155174729047033298389886321980592410739667139376075568555729949442873964097042006391886635957242436522435588904492484342259494858627609438654632887244523845583473711604632109405043439047289868784236481926074763997559971182741918345193506253460323445846136663027639802131457594564405906763806426256107923417802076262573737
# ec1= 24979839185643431898760549059477070141596292955202172081572583839065034831779499992829742773873064296311713734486020739853343887094398935731264
# c1= 17695186679431856780362905635257355413310120106982055323913669124182832151093921194946365178919380690844190324897933591567360925332869903671651849060145290581360223200011298757871213149464298017718829480721410479504940393501845624196721013966839230696831321482946841011452400364600924503121451272593970649100410603943321149604376033957124800064565646929720179239631538966228020882733213221035707244692798307971636126058586394357032072695921642665492919186476321028415907982915011972040971875733852055633796811898421692604356476773910338982400925245494707729878821466569634334862311750349321720627252469986162120031838
# n2= 27929259512873502442719286790227037320417984116570178470037376373267390909685621247157535458203218619293705428397911754453556082799420494496904478215709219317542924547049229150153308059698341011305505985823374280465467094476511869541135508518055946815227085548571701115773386101962695795789178321155174729047033298389886321980592410739667139376075568555729949442873964097042006391886635957242436522435588904492484342259494858627609438654632887244523845583473711604632109405043439047289868784236481926074763997559971182741918345193506253460323445846136663027639802131457594564405906763806426256107923417802076262573737
# ec2= 2838620519239658396968146844964839207179863729944843241951228382052657801460586137213053314019699976475855578055607417923815486109050614096157077528657405905877896929808094661904905136761365045387901486261011216958309860644255996588189249
# c2= 10770781309274554738409447671578241895686779262243081931452089039730277591151694112684863740412412713684216227740930573490322958500198235497947657939304932868457999239593145330718657422535271157683896034543125292529800047408131765376686654378173684648427311300423776510153307756388404568013401217965931456538849277670384454454507752525534110389604969437991055504757081225690155489265359117617764571537216746554060783131168749700810806387918510612057149583061938836035963175555630655718716139689761210220525955656039741684390906935720406757364893793459339618913268943282961044530062475057887777134887741597041684698119

Given values, public key

image

The script specifies the following parameters: n1, n2, ec1, ec2, c1, c2. Both ec1 and ec2 are obtained through small exponent encryption, so we can directly take the fifth root to get the encryption indices e1 and e2.

Use variable k to find a valid k value such that the expression ec2 + k * n is a perfect fifth power.

while 1:
    res=iroot(ec2+k*n,5) #print(res)

In the above loop, the script calculates the fifth root of the expression ec2 + k * n and checks if this fifth root is an integer. If it is an integer, it prints the corresponding string and breaks the loop. Otherwise, it increments the k value and continues the loop.

while True: 
    res = gmpy2.iroot(ec2 + k * n, 5) 
    if res[1] == True: 
        print(long_to_bytes(int(res[0])))

Next, the script uses the extended Euclidean algorithm to calculate the multiplicative inverses of the public keys e1 and e2, obtaining s1 and s2. Finally, the script calculates the s1-th power of c1 and the s2-th power of c2, multiplies these two results, and takes modulo n to obtain the plaintext m. These two indices are used to decrypt the ciphertext c1 and c2, thus obtaining the original message m.

s, s1, s2 = gmpy2.gcdext(e1, e2)
m = (pow(c1, s1, n) * pow(c2, s2, n)) % n  # m = (c1^s1) * (c2^s2)

The decryption script is as follows:

import gmpy2
from Crypto.Util.number import *

n = 27929259512873502442719286790227037320417984116570178470037376373267390909685621247157535458203218619293705428397911754453556082799420494496904478215709219317542924547049229150153308059698341011305505985823374280465467094476511869541135508518055946815227085548571701115773386101962695795789178321155174729047033298389886321980592410739667139376075568555729949442873964097042006391886635957242436522435588904492484342259494858627609438654632887244523845583473711604632109405043439047289868784236481926074763997559971182741918345193506253460323445846136663027639802131457594564405906763806426256107923417802076262573737

ec2 = 2838620519239658396968146844964839207179863729944843241951228382052657801460586137213053314019699976475855578055607417923815486109050614096157077528657405905877896929808094661904905136761365045387901486261011216958309860644255996588189249

c1 = 17695186679431856780362905635257355413310120106982055323913669124182832151093921194946365178919380690844190324897933591567360925332869903671651849060145290581360223200011298757871213149464298017718829480721410479504940393501845624196721013966839230696831321482946841011452400364600924503121451272593970649100410603943321149604376033957124800064565646929720179239631538966228020882733213221035707244692798307971636126058586394357032072695921642665492919186476321028415907982915011972040971875733852055633796811898421692604356476773910338982400925245494707729878821466569634334862311750349321720627252469986162120031838

c2 = 10770781309274554738409447671578241895686779262243081931452089039730277591151694112684863740412412713684216227740930573490322958500198235497947657939304932868457999239593145330718657422535271157683896034543125292529800047408131765376686654378173684648427311300423776510153307756388404568013401217965931456538849277670384454454507752525534110389604969437991055504757081225690155489265359117617764571537216746554060783131168749700810806387918510612057149583061938836035963175555630655718716139689761210220525955656039741684390906935720406757364893793459339618913268943282961044530062475057887777134887741597041684698119

e1 = 34967
e2 = 65535

# Find a valid k value
k = 0

while True:
    res = gmpy2.iroot(ec2 + k * n, 5)
    if res[1] == True:
        print(long_to_bytes(int(res[0])))  # Convert to string
        break
    k = k + 1

# Decrypt
s, s1, s2 = gmpy2.gcdext(e1, e2)
m = (pow(c1, s1, n) * pow(c2, s2, n)) % n  # m = (c1^s1) * (c2^s2)

# Print decryption result
print(long_to_bytes(m))

Question 4: 4-1#

The original code is as follows:

from uuid import *

from caser import something
from secret import flag
base_table="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
result =""

for i in range(len(flag)):
    if flag[i] in base_table:
        result +=base_table[(base_table.index(flag[i])+33)%64]
    else:
        result +=flag[i]
print(result)

#khzj0m{9caZ87VV-8X77-WW/+-78Wa-eZVdaYYe9/dZ}

Write a decryption script based on the given code

encrypted_flag = "khzj0m{9caZ87VV-8X77-WW/+-78Wa-eZVdaYYe9/dZ}"
base_table = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
flag = ""

for char in encrypted_flag:
    if char in base_table:
        index = (base_table.index(char) - 33) % 64
        flag += base_table[index]
    else:
        flag += char
print(flag)

For crypto-type questions, directly use chatgpt to solve.

Question 5: 5-1#

Analyze the given attachment pcap.pcap

image

There is a file header format for rar compressed packages. Extract the above hexadecimal content and write it in hexadecimal format in 010editor.

image

After writing, the specific content is as follows:

image

Obtain the rar file, extracting it gives a flag.rar file, but a password is needed to extract.

Suspect NTFS stream steganography, use NTFS data stream processing tools to process.

image

Get a base64 string

image

The password is this base64 value, extract the compressed package.

image

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.