凯撒大帝的征讨之路
题目:
lnixoa{1x2azz7w8axyva7y1z2320vxy6v97v9a}
知识点:凯撒加密
我的题解:
import base64 #shift得出移位多少,移位后的字母-移位前的字母 def caesar_decrypt(ciphertext, shift=ord('l')-ord('q')): str_list = list(ciphertext) i = 0 while i < len(ciphertext): if str_list[i].isalpha(): a = "A" if str_list[i].isupper() else "a" str_list[i] = chr((ord(str_list[i]) - ord(a) - shift) % 26 + ord(a)) i += 1 return ''.join(str_list) str='lnixoa{1x2azz7w8axyva7y1z2320vxy6v97v9a}' #放入需要解密的凯撒加密过的flag kstr = caesar_decrypt(str) print("凯撒解密后的字符串:", kstr) #qsnctf{1c2fee7b8fcdaf7d1e2320acd6a97a9f}
PigPig
题目:
知识点:猪圈密码
我的题解:
解个方程
题目:
欢迎来到青少年CTF,领取你的题目,进行解答吧!这是一道数学题!! p = 285938619572571413831422228101124163683 q = 105729283011633484980933962485160648857 e = 65537 d = ?
知识点:大素数分解中求d
我的题解:
import gmpy2 from Crypto.Util.number import * import math p = 285938619572571413831422228101124163683 q = 105729283011633484980933962485160648857 e = 65537 n = p*q phi = (p-1) * (q-1) d = gmpy2.invert(e,phi) print(d) #5844184015344558481149339489808793528798898400213145852462349005651020126577
ez_log
题目:
from Crypto.Util.number import * from random import * flag=b'key{xxxxxxx}' m=bytes_to_long(flag) p=3006156660704242356836102321001016782090189571028526298055526061772989406357037170723984497344618257575827271367883545096587962708266010793826346841303043716776726799898939374985320242033037 g=3 c=pow(g,m,p) print(f'c=',c) c=2558016376919340744861283143131342116530097815936201928079539498968035304172458942066482394126279568644520885275321026125136755531717057526144375105028343943707485572136532741715583512444233
我的题解:
c = g^m mod p
g很小,m作为flag处于次方的位置
可以用sage
from Crypto.Util.number import * import gmpy2 c=2558016376919340744861283143131342116530097815936201928079539498968035304172458942066482394126279568644520885275321026125136755531717057526144375105028343943707485572136532741715583512444233 p=3006156660704242356836102321001016782090189571028526298055526061772989406357037170723984497344618257575827271367883545096587962708266010793826346841303043716776726799898939374985320242033037 e=3 flag = discrete_log(Mod(c,p),Mod(g,p)) print(long_to_bytes(flag))
#b'key{f73ra1}'
ezrsa
题目:
from Crypto.Util.number import * flag = b'qsnctf{xxx-xxxx-xxxx-xxxx-xxxxxxxxx}' m = bytes_to_long(flag) p = getPrime(512) q = getPrime(512) r = getPrime(512) n = p * q * r leak = p * q e = 0x10001 c = pow(m, e, n) print(f'c = {c}') print(f'n = {n}') print(f'leak = {leak}') # c = 173595148273920891298949441727054328036798235134009407863895058729356993814829340513336567479145746034781201823694596731886346933549577879568197521436900228804336056005940048086898794965549472641334237175801757569154295743915744875800647234151498117718087319013271748204766997008772782882813572814296213516343420236873651060868227487925491016675461540894535563805130406391144077296854410932791530755245514034242725719196949258860635915202993968073392778882692892 # n = 1396260492498511956349135417172451037537784979103780135274615061278987700332528182553755818089525730969834188061440258058608031560916760566772742776224528590152873339613356858551518007022519033843622680128062108378429621960808412913676262141139805667510615660359775475558729686515755127570976326233255349428771437052206564497930971797497510539724340471032433502724390526210100979700467607197448780324427953582222885828678441579349835574787605145514115368144031247 # leak = 152254254502019783796170793516692965417859793325424454902983763285830332059600151137162944897787532369961875766745853731769162511788354655291037150251085942093411304833287510644995339391240164033052417935316876168953838783742499485868268986832640692657031861629721225482114382472324320636566226653243762620647
我的题解:
n分解出q、p、r,但是多因子解码不可信。
可以得出单个r,进行r的简单RSA计算
from Crypto.Util.number import * import gmpy2 c = 173595148273920891298949441727054328036798235134009407863895058729356993814829340513336567479145746034781201823694596731886346933549577879568197521436900228804336056005940048086898794965549472641334237175801757569154295743915744875800647234151498117718087319013271748204766997008772782882813572814296213516343420236873651060868227487925491016675461540894535563805130406391144077296854410932791530755245514034242725719196949258860635915202993968073392778882692892 n = 1396260492498511956349135417172451037537784979103780135274615061278987700332528182553755818089525730969834188061440258058608031560916760566772742776224528590152873339613356858551518007022519033843622680128062108378429621960808412913676262141139805667510615660359775475558729686515755127570976326233255349428771437052206564497930971797497510539724340471032433502724390526210100979700467607197448780324427953582222885828678441579349835574787605145514115368144031247 leak = 152254254502019783796170793516692965417859793325424454902983763285830332059600151137162944897787532369961875766745853731769162511788354655291037150251085942093411304833287510644995339391240164033052417935316876168953838783742499485868268986832640692657031861629721225482114382472324320636566226653243762620647 e = 0x10001
r = n // leak r=9170584408726584113673965972648240491689635118606416619099032606248549219208315227501144611402976054161705877934617690915635968224924300539749199425819801 phr = r - 1 d = gmpy2.invert(e,phr) m = pow(c,d,r) print(long_to_bytes(m)) #qsnctf{12ff81e0-7646-4a96-a7eb-6a509ec01c9e}
四重加密
题目:
我的题解:
需要找出密码,在边上有
CyberChef解码
打开后出现编码
zcye{mxmemtxrzt_lzbha_kwmqzec}|key=hello
HTML解码:http://www.hiencode.com/html_en.html
zcye{mxmemtxrzt_lzbha_kwmqzec}|key=hello
然后进行维吉尼亚解密,我用了随波逐流
synt{yqitbfqnoixsxwpwpifoqv}
最后进行rot13解码
flag{ldvgosdabvkfkjcjcvsbdi}
(我最后两次解密使用了随波逐流暴力破解,嘻嘻#^.^#)
factor1
题目:
import gmpy2 import hashlib from Crypto.Util.number import * p = getPrime(512) q = getPrime(512) d = getPrime(256) e = gmpy2.invert(d, (p**2 - 1) * (q**2 - 1)) flag = "qsnctf{" + hashlib.md5(str(p + q).encode()).hexdigest() + "}" print(e) print(p * q) # 4602579741478096718172697218991734057017874575484294836043557658035277770732473025335441717904100009903832353915404911860888652406859201203199117870443451616457858224082143505393843596092945634675849883286107358454466242110831071552006337406116884147391687266536283395576632885877802269157970812862013700574069981471342712011889330292259696760297157958521276388120468220050600419562910879539594831789625596079773163447643235584124521162320450208920533174722239029506505492660271016917768383199286913178821124229554263149007237679675898370759082438533535303763664408320263258144488534391712835778283152436277295861859 # 78665180675705390001452176028555030916759695827388719494705803822699938653475348982551790040292552032924503104351703419136483078949363470430486531014134503794074329285351511023863461560882297331218446027873891885693166833003633460113924956936552466354566559741886902240131031116897293107970411780310764816053
知识点:维纳攻击(特点应该是e超级大)
e超级大,先求出d,然后e,n,d已知,求p,q
可以分为两部分代码:
给 e,n,求出 d
import gmpy2 import libnum import hashlib import random def continuedFra(x, y): cf = [] while y: cf.append(x // y) x, y = y, x % y return cf def gradualFra(cf): numerator = 0 denominator = 1 for x in cf[::-1]: numerator, denominator = denominator, x * denominator + numerator return numerator, denominator def solve_pq(a, b, c): par = gmpy2.isqrt(b * b - 4 * a * c) return (-b + par) // (2 * a), (-b - par) // (2 * a) def getGradualFra(cf): gf = [] for i in range(1, len(cf) + 1): gf.append(gradualFra(cf[:i])) return gf def wienerAttack(e, n): cf = continuedFra(e, n) gf = getGradualFra(cf) for d, k in gf: if k == 0: continue if (e * d - 1) % k != 0: continue phi = (e * d - 1) // k p, q = solve_pq(1, n - phi + 1, n) if p * q == n: return d e=4602579741478096718172697218991734057017874575484294836043557658035277770732473025335441717904100009903832353915404911860888652406859201203199117870443451616457858224082143505393843596092945634675849883286107358454466242110831071552006337406116884147391687266536283395576632885877802269157970812862013700574069981471342712011889330292259696760297157958521276388120468220050600419562910879539594831789625596079773163447643235584124521162320450208920533174722239029506505492660271016917768383199286913178821124229554263149007237679675898370759082438533535303763664408320263258144488534391712835778283152436277295861859 n=78665180675705390001452176028555030916759695827388719494705803822699938653475348982551790040292552032924503104351703419136483078949363470430486531014134503794074329285351511023863461560882297331218446027873891885693166833003633460113924956936552466354566559741886902240131031116897293107970411780310764816053 d=wienerAttack(e, n**2) print('d=',d) #d= 63691166654760611586233830170653888570050734006064722630809918076234937115339
d由上面代码得出,因此 e,n,d 已知,求出flag文章来源:https://www.toymoban.com/news/detail-837680.html
import gmpy2 import libnum import hashlib import random e=4602579741478096718172697218991734057017874575484294836043557658035277770732473025335441717904100009903832353915404911860888652406859201203199117870443451616457858224082143505393843596092945634675849883286107358454466242110831071552006337406116884147391687266536283395576632885877802269157970812862013700574069981471342712011889330292259696760297157958521276388120468220050600419562910879539594831789625596079773163447643235584124521162320450208920533174722239029506505492660271016917768383199286913178821124229554263149007237679675898370759082438533535303763664408320263258144488534391712835778283152436277295861859 n=78665180675705390001452176028555030916759695827388719494705803822699938653475348982551790040292552032924503104351703419136483078949363470430486531014134503794074329285351511023863461560882297331218446027873891885693166833003633460113924956936552466354566559741886902240131031116897293107970411780310764816053 d= 63691166654760611586233830170653888570050734006064722630809918076234937115339 k = e * d - 1 r = k t = 0 while True: r = r // 2 t += 1 if r % 2 == 1: break success = False for i in range(1, 101): g = random.randint(0, n) y = pow(g, r, n) if y == 1 or y == n - 1: continue for j in range(1, t): x = pow(y, 2, n) if x == 1: success = True break elif x == n - 1: continue else: y = x if success: break else: continue if success: p = libnum.gcd(y - 1, n) q = n // p print ('P: ' + '%s' % p) print ('Q: ' + '%s' % q) hash_result = hashlib.md5(str(p + q).encode()).hexdigest() print(b'qsnctf{' + hash_result.encode() + b'}') #qsnctf 注意格式问题 else: print ('Cannot compute P and Q') #qsnctf{8072e8b2982bc729cc74ef58f1abc862}
文章来源地址https://www.toymoban.com/news/detail-837680.html
到了这里,关于青少年CTF-Crypto(新手版本2.0)的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
![[青少年CTF训练平台]web部分题解(已完结!)](https://imgs.yssmx.com/Uploads/2024/03/837684-1.png)
![[青少年CTF]Web—Easy CheckMe1-8 by 周末](https://imgs.yssmx.com/Uploads/2024/02/464467-1.png)
![[青少年CTF]CheckMe06-07|PingMe02|2048|简简单单的题目|BASE](https://imgs.yssmx.com/Uploads/2024/02/833319-1.png)
