buuctf-crypto


buuctf-crypto

MD5

flag{admin1}

一眼就解密

flag{THE_FLAG_OF_THIS_STRING}

Url编码

flag{and 1=1}

看我回旋踢

flag{5cd1004d-86a5-46d8-b720-beb5ba0417e1}

synt{5pq1004q-86n5-46q8-o720-oro5on0417r1}

rot13编码

套用ROT13到一段文字上仅仅只需要检查字元字母顺序并取代它在13位之后的对应字母, 有需要超过时则重新绕回26英文字母开头即可。

在线转换http://www.rot13.de/index.php

摩丝

flag{ILOVEYOU}

在线转换http://www.zhongguosou.com/zonghe/moersicodeconverter.aspx

password

flag{zs19900315}

弱口令

变异凯撒

flag{Caesar_variation}

a = 'afZ_r9VYfScOeO_UL^RWUc'
j = 5
for i in a:
    print(chr(ord(i) + j),end="")
    j = j + 1

Quoted-printable

flag{那你也很棒哦}

Quoted-printable编码

在线转换http://web.chacuo.net/charsetquotedprintable

Rabbit

flag{5cd1004d-86a5-46d8-b720-beb5ba0417e1}

篱笆墙的影子

fhetlehhafaiglvn{aekwgtwe}

felhaagv{ewtehtehfilnakgw}

这里看出来flag是嵌套在前8位中,符合栅栏密码

在线转换https://www.qqxiuzi.cn/bianma/zhalanmima.php

RSA

flag{125631357777427553}

import gmpy2
p=473398607161
q=4511491
e=17
d=gmpy2.invert(e,(q-1)*(p-1))
print (d)

丢失的MD5

flag{e9032994dabac08080091151380478a2 }

import hashlib
for i in range(32,127):
    for j in range(32,127):
        for k in range(32,127):
            m=hashlib.md5()
            m.update('TASC'.encode('utf-8')+chr(i).encode('utf-8')+'O3RJMV'.encode('utf-8')+chr(j).encode('utf-8')+'WDJKX'.encode('utf-8')+chr(k).encode('utf-8')+'ZM'.encode('utf-8'))
            des=m.hexdigest()
            if 'e9032' in des and 'da' in des and '911513' in des:
                print (des)

Alice与Bob

flag{d450209323a847c8d01c6be47c81811a}

素数拆分网站

在线转换http://www.factordb.com/index.php

rsarsa

flag{5577446633554466577768879988}

import libnum
import gmpy2
p = 9648423029010515676590551740010426534945737639235739800643989352039852507298491399561035009163427050370107570733633350911691280297777160200625281665378483
n = 114573516752272714750064227635008832737477859608443481000717283425702025029279291376859256856603741797722497252841363753834114679306784379319341824813349417007577541466886971550474580368413974382926969910999462429631003527365143148445405716553105750338796691010126879918594076915709977585368841428779903869581
e = 65537
c = 83208298995174604174773590298203639360540024871256126892889661345742403314929861939100492666605647316646576486526217457006376842280869728581726746401583705899941768214138742259689334840735633553053887641847651173776251820293087212885670180367406807406765923638973161375817392737747832762751690104423869019034
d = 56632047571190660567520341028861194862411428416862507034762587229995138605649836960220619903456392752115943299335385163216233744624623848874235303309636393446736347238627793022725260986466957974753004129210680401432377444984195145009801967391196615524488853620232925992387563270746297909112117451398527453977
q = n/p
m = pow(c, d, n)
print(m)

大帝的密码武器

flag{PbzrPuvan}

FRPHEVGL

进行凯撒密码偏移测试,当偏移量是13时,得到security,同样的道理对ComeChina加密

得到PbzrPuvan

Windows系统密码

flag{good-luck}

https://www.cmd5.com/ NTLM

信息化时代的步伐

flag{计算机要从娃娃抓起}

中文电码在线转换http://code.mcdvisa.com/

传统知识+古典密码

flag{SHUANGYU}

辛卯 28 ,癸巳 30,丙戌 23,辛未 8,庚辰 17,癸酉 10,己卯 16 ,癸巳30

然后是加一甲子 60,即

88 90 83 68 77 70 76 90,得到八个数字,尝试用ASCII码解密,得到XZSDMFLZ。

栅栏解密后得到:

第1栏:XSMLZDFZ
第2栏:XMZFSLDZ

分别用凯撒解密,其中第二组得到解密得到SHUANGYU

凯撒?替换?呵呵!

flag{substitutioncipherdecryptionisalwayseasyjustlikeapieceofcake}

在线转换https://quipqiup.com/

RSA1

flag{W31c0m3_70_Ch1n470wn}

p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229
q = 12640674973996472769176047937170883420927050821480010581593137135372473880595613737337630629752577346147039284030082593490776630572584959954205336880228469
dp = 6500795702216834621109042351193261530650043841056252930930949663358625016881832840728066026150264693076109354874099841380454881716097778307268116910582929
dq = 783472263673553449019532580386470672380574033551303889137911760438881683674556098098256795673512201963002175438762767516968043599582527539160811120550041
c = 24722305403887382073567316467649080662631552905960229399079107995602154418176056335800638887527614164073530437657085079676157350205351945222989351316076486573599576041978339872265925062764318536089007310270278526159678937431903862892400747915525118983959970607934142974736675784325993445942031372107342103852

import gmpy2
I = gmpy2.invert(q,p)
mp = pow(c,dp,p)
mq = pow(c,dq,q)               #求幂取模运算

m = (((mp-mq)*I)%p)*q+mq       #求明文公式

print(hex(m))          #转为十六进制

得到0x6e6f784354467b57333163306d335f37305f4368316e343730776e7d,16进制转字符串

在线转换https://www.sojson.com/hexadecimal.html,得到noxCTF{W31c0m3_70_Ch1n470wn}

flag{whenthepigwanttoeat}

猪圈密码在线转换http://www.hiencode.com/pigpen.html
IHnAsK.png

权限获得第一步

flag{3617656}

NTLM,前面md5网站有解密

old-fashion

flag{n1_2hen-d3_hu1-mi-ma_a}

https://quipqiup.com/

世上无难事

flag{640e11012805f211b0ab24ff02a1ed09}

https://quipqiup.com/

RSA3

flag{49d91077a1abcb14f1a9d546c80be9ef}

共模攻击,直接上工具

RSA2

Unencode

flag{dsdasdsa99877LLLKK}

http://www.hiencode.com/uu.html

异性相吸

flag{ea1bc0988992276b7f95b54a7435e89e}

a = '0110000101110011011000010110010001110011011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011100010111011101100101011100110111000101100110'
b = '0000011100011111000000000000001100001000000001000001001001010101000000110001000001010100010110000100101101011100010110000100101001010110010100110100010001010010000000110100010000000010010110000100011000000110010101000100011100000101010101100100011101010111010001000001001001011101010010100001010000011011'
c = ''

for i in range(len(a)):
    if(a[i] == b[i]):
        c+='0'
    else:
        c+='1'
print(c)

之后的二进制再转换字符串

http://tool.huixiang360.com/str/from-binary.php

[AFCTF2018]Morse

flag{1s’t_s0_345y}

https://www.sojson.com/hexadecimal.html

还原大师

flag{E9032994DABAC08080091151380478A2}

考点:python脚本编写

import hashlib
k = 'TASC?O3RJMV?WDJKX?ZM'
for i in range(26):
    temp1 = k.replace('?', str(chr(65+i)), 1)
    for j in range(26):
        temp2 = temp1.replace('?', chr(j + 65), 1)
        for z in range(26):
            temp3 = temp2.replace('?', chr(z + 65), 1)
            s = hashlib.md5(temp3.encode('utf8')).hexdigest().upper()
            if s[:4] == 'E903':
                print(s)


文章作者: Lightning
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 Lightning !
评论
  目录