2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

admin 2021年10月28日02:00:50CTF专场评论103 views3655字阅读12分11秒阅读模式
2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

Crypto

密码学


01


Crypto_system


之前比赛原题


脚本:

# These three are constantsp = 12039102490128509125925019010000012423515617235219127649182470182570195018265927223g = 10729072579307052184848302322451332192456229619044181105063011741516558110216720725
# random generationm1 = "test1"m2 = "test2"
# Initializationr1, s1 = sign(m1)# r1 will be provided to player
def int2str(data, mode="big"): if mode == "little": return sum([ord(data[_]) * 2 ** (8 * _) for _ in range(len(data))]) elif mode == "big": return sum([ord(data[::-1][_]) * 2 ** (8 * _) for _ in range(len(data))])
def get_parameter(m): x = int2str(m, 'little') y = powmod(g, x, p) a = bytes_to_long(hashlib.sha256(long_to_bytes(y).rjust(128, "")).digest()) b = powmod(a, a, p - 1) h = powmod(g, b, p)
return y, h, b
def sign(m): y, h, b = get_parameter(m) r = getStrongPrime(512) s = (y * powmod(h, r, p)) % p
return str(r),str(s)
def verify(m, r, s): y, h, b = get_parameter(m) if s == ((y * powmod(h, r, p)) % p): return True else: return False
# Give me the (r2,s2)if r2 != r1 and s2 == s1 and verify(m2, r2, s2): print("Congratulation!Here is your flag: %s" % flag)



02


ECDSA


比赛原题


脚本:

from pwn import *from Crypto.Util.number import *sh=remote("139.129.98.9","30002")from pwnlib.util.iters import mbruteforcefrom hashlib import sha256import hashlibfrom math import gcdcontext.log_level = 'debug'
a=0b=7q=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2Fgx=0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798gy=0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8order=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
ecc = EllipticCurve(GF(q), [a,b])G = ecc(gx,gy)
import hashlib
def sha1(content): return hashlib.sha1(content).digest()

def proof_of_work(sh): sh.recvuntil("XXXX+") suffix = sh.recvuntil(')').decode("utf8")[:-1] log.success(suffix) sh.recvuntil("== ") cipher = sh.recvline().strip().decode("utf8") proof = mbruteforce(lambda x: sha256((x + suffix).encode()).hexdigest() == cipher, string.ascii_letters + string.digits, length=4, method='fixed') sh.sendlineafter("Give me XXXX:", proof)
proof_of_work(sh)
sh.recvuntil("Here is the frist message(64 bytes):")msg1 = sh.recvuntil("n")[:-1]
sh.recvuntil("Here is the second message(64 bytes):")msg2 = sh.recvuntil("n")[:-1]message = hex(bytes_to_long(msg1))[2:]e1=bytes_to_long(sha1(msg1))e2=bytes_to_long(sha1(msg2))
#######################################################解题核心#pubkey = sh.recvuntil("n")[:-2].decode()#r=[d * G].xd=12321r=int((d*G)[0])new_k = ((-e1-e2)*inverse(2*r,order))%ordernew_Q = new_k * Gnew_S = ((e1 + new_k*r)*inverse(d,order))%ordernewpubkey = hex(new_Q[0]).replace("0x","").rjust(64,"0")+hex(new_Q[1]).replace("0x","").rjust(64,"0")newsignature = hex(r).replace("0x","").rjust(64,"0")+hex(new_S).replace("0x","").rjust(64,"0")
######################################################
sh.recvuntil("Please choice your options:")sh.sendline("3")sh.recvuntil("Please give me your public_key(hex):")sh.sendline(newpubkey)
sh.recvuntil("Please choice your options:")sh.sendline("6")sh.recvuntil("Please give me the signature(hex) of the frist message:n")sh.sendline(newsignature)sh.recvuntil("Please give me the signature(hex) of the second message:n")sh.sendline(newsignature)
sh.interactive()


2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

Reverse

逆向


01


ReverseMe


2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集


Figure 1: 

满足check, x[i] <=x[i+1]。


2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

Figure 2: 

要达到SIGFPE,让translate1返回0即可。


from z3 import *
s = "FLAG{[email protected][email protected]_Easy_FOr_y0u!}x0a"sol = Solver()x = [BitVec("x%s" % i, 8) for i in range(49)]for i in range(48): sol.add(x[i] <= x[i+1])for i in range(49): sol.add(0x30 <= x[i]) sol.add(x[i] <= ord("}"))v3 = 0for i in range(49): d1 = x[i] ^ ord(s[48-i]) v3 ^= d1sol.add(v3 == 0)
if (sol.check() == sat): model = sol.model() print(model) flag = "" for i in range(49): if (model[x[i]] != None): flag += chr(model[x[i]].as_long().real) else: flag += " "    print("FLAG{" + flag + "}")


2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集


Figure 3: 

FLAG{[email protected]@AEEFFFGHKLOPR_aceejllmrssuyyy{}}



- END -
2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

原文始发于微信公众号(山石网科安全技术研究院):2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2021年10月28日02:00:50
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                  2021网络安全领军人才攻防大赛 | Crypto及Reverse方向WP合集 http://cn-sec.com/archives/602143.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: