![【WP】第四届SQCTF大赛Crypto方向题目全解]( "【WP】第四届SQCTF大赛Crypto方向题目全解")
点击上方蓝字关注我们 并设为星标
点击上方蓝字关注我们 并设为星标
失落矿洞中的密码
先用脚本爆破secretKey然后计算secretKey = 1584718
definverse_mod(k, p):"""计算 k 模 p 的逆元"""if k == 0:raise ZeroDivisionError("除以 0")return pow(k, -1, p)defis_on_curve(x, y, a, b, p):return (y ** 2 - (x ** 3 + a * x + b)) % p == 0defpoint_add(P, Q, a, p):"""椭圆曲线加法"""if P isNone:return Qif Q isNone:return P (x1, y1) = P (x2, y2) = Qif x1 == x2 and y1 != y2:returnNoneif x1 == x2: m = (3 * x1 * x1 + a) * inverse_mod(2 * y1, p)else: m = (y2 - y1) * inverse_mod(x2 - x1, p) m %= p x3 = (m * m - x1 - x2) % p y3 = (m * (x1 - x3) - y1) % preturn (x3, y3)defscalar_mult(k, P, a, p):"""标量乘法""" result = None addend = Pwhile k:if k & 1: result = point_add(result, addend, a, p) addend = point_add(addend, addend, a, p) k >>= 1return resultdefpoint_neg(P, p):"""点的负元"""if P isNone:returnNone x, y = Preturn (x, (-y) % p)# 椭圆曲线参数a = 1234577b = 3213242p = 7654319G = (5234568, 2287747)Public_Key = (2366653, 1424308)crypted_data = [(5081741, 6744615), (610619, 6218)]# 解密步骤defdecrypt(cipher, secret_key): C1, C2 = cipher S = scalar_mult(secret_key, C1, a, p) S_neg = point_neg(S, p) M = point_add(C2, S_neg, a, p)return M# 为验证,我们可以尝试 brute force 找出 secretKey# 假设 secretKey 在 1 到 100000 之间for sk in range(1, 9999999999999 ):if scalar_mult(sk, G, a, p) == Public_Key: print(f"找到 secretKey: {sk}") m_point = decrypt(crypted_data, sk) print(f"解密后的点 m(x, y): {m_point}") print(f"x + y = {sum(m_point) % p}")breakezCRT
deffind_integer_root(x, power): low = 0 high = xwhile low <= high: mid = (low + high) // 2 product = pow(mid, power)if product < x: low = mid + 1elif product > x: high = mid - 1else:return midreturn highdefdecode_message(modules, remainders): combined_remainder = 0 combined_module = 1for mod, rem in zip(modules, remainders): difference = (rem - combined_remainder) % mod inverse = pow(combined_module, -1, mod) adjustment = (difference * inverse) % mod combined_remainder += adjustment * combined_module combined_module *= modreturn combined_remaindermoduli = [64461804435635694137780580883118542458520881333933248063286193178334411181758377012632600557019239684067421606269023383862049857550780830156513420820443580638506617741673175086647389161551833417527588094693084581758440289107240400738205844622196685129086909714662542181360063597475940496590936680150076590681,82768789263909988537493084725526319850211158112420157512492827240222158241002610490646583583091495111448413291338835784006756008201212610248425150436824240621547620572212344588627328430747049461146136035734611452915034170904765831638240799554640849909134152967494793539689224548564534973311777387005920878063,62107516550209183407698382807475681623862830395922060833332922340752315402552281961072427749999457737344017533524380473311833617485959469046445929625955655230750858204360677947120339189429659414555499604814322940573452873813507553588603977672509236539848025701635308206374413195614345288662257135378383463093]ciphertexts = [36267594227441244281312954686325715871875404435399039074741857061024358177876627893305437762333495044347666207430322392503053852558456027453124214782206724238951893678824112331246153437506819845173663625582632466682383580089960799423682343826068770924526488621412822617259665379521455218674231901913722061165,58105410211168858609707092876511568173640581816063761351545759586783802705542032125833354590550711377984529089994947048147499585647292048511175211483648376727998630887222885452118374649632155848228993361372903492029928954631998537219237912475667973649377775950834299314740179575844464625807524391212456813023,23948847023225161143620077929515892579240630411168735502944208192562325057681298085309091829312434095887230099608144726600918783450914411367305316475869605715020490101138282409809732960150785462082666279677485259918003470544763830384394786746843510460147027017747048708688901880287245378978587825576371865614]# 使用中国剩余定理合并同余方程resultant_value = decode_message(moduli, ciphertexts)# 计算立方根message = find_integer_root(resultant_value, 3)assert pow(message, 3) == resultant_value, "立方根验证未通过"# 转换为字节序列flag = message.to_bytes((message.bit_length() + 7) // 8, 'big').decode('utf-8', 'ignore')print("解密后的信息:", flag)
SQCTF{CRT_Unl0cks_RSA_Eff1c13ncy}
小白兔白又白
解码过程:Base91 -> Base64 -> Base62 -> Base16
别阴阳我了行吗?
直接解码
base?
一把梭
简单RSA
from sympy import isprime, factorintfrom Crypto.Util.number import inverse, long_to_bytes# 已知参数e = 65537n = 7349515423675898192891607474991784569723846586810596813062667159281369435049497248016288479718926482987176535358013000103964873016387433732111229186113030853959182765814488023742823409594668552670824635376457830121144679902605863066189568406517231831010468189513762519884223049871926129263923438273811831862385651970651114186155355541279883465278218024789539073180081039429284499039378226284356716583185727984517316172565250133829358312221440508031140028515954553016396884149904097959425582366305748700291610280675014390376786701270107136492645593662763444032174543205008326706371954830419775515459878227148997362533c = 3514741378432598036735573845050830323348005144476193092687936757918568216312321624978086999079287619464038817665467748860146219342413630364856274551175367026504110956407511224659095481178589587424024682256076598582558926372354316897644421756280217349588811321954271963531507455604340199167652015645135632177429144241732132275792156772401511326430069756948298403519842679923368990952555264034164975975945747016304948179325381238465171723427043140473565038827474908821764094888942553863124323750256556241722284055414264534546088842593349401380142164927188943519698141315554347020239856047842258840826831077835604327616# 第一步:尝试分解 n(有些题目 n 是两个小素数乘积)factors = factorint(n)print("[*] n 的因子分解结果:", factors)# 如果确实只有两个素因子 p 和 qif len(factors) == 2: p, q = list(factors.keys()) print("[+] 找到 p 和 q")# 计算 φ(n) phi = (p - 1) * (q - 1)# 计算 d d = inverse(e, phi)# 解密 m = pow(c, d, n) flag = long_to_bytes(m) print("[+] 解密后的消息(flag)为:", flag.decode(errors="ignore"))else: print("[-] 无法分解 n,可能需要更多信息或爆破手段")SQCTF{be7e48547356cdf16649fd29e0ff9e1f}
春风得意马蹄疾
直接多层解码
密室逃脱的终极挑战
非预期随波逐流好像直接出
字母的轮舞与维吉尼亚的交响曲
压缩包密码直接爆破123456
拿到密钥flag解码
丢给随波逐流凯撒直接出
丢三落四的小I
交给AI
from Crypto.Util.number import inverse, long_to_bytesimport mathn = 15124759435262214519214613181859115868729356369274819299240157375966724674496904855757710168853212365134058977781083245051947523020090726851248565503324715984500225724227315777864292625995636236219359256979887906731659848125792269869019299002807101443623257106289957747665586226912446158316961637444556237354422346621287535139897525295200592525427472329815100310702255593134984040293233780616515067333512830391860868933632383433431739823740865023004008736555299772442805617275890761325372253913686933294732259451820332316315205537055439515569011020072762809613676347686279082728000419370190242778504490370698336750029e = 65537dp = 1489209342944820124277807386023133257342259912189247976569642906341314682381245025918040456151960704964362424182449567071683886673550031774367531511627163525245627333820636131483140111126703748875380337657189727259902108519674360217456431712478937900720899137512461928967490562092139439552174099755422092113c = 4689152436960029165116898717604398652474344043493441445967744982389466335259787751381227392896954851765729985316050465252764336561481633355946302884245320441956409091576747510870991924820104833541438795794034004988760446988557417649875106251230110075290880741654335743932601800868983384563972124570013568709773861592975182534005364811768321753047156781579887144279837859232399305581891089040687565462656879173423137388006332763262703723086583056877677285692440970845974310740659178040501642559021104100335838038633269766591727907750043159766170187942739834524072423767132738563238283795671395912593557918090529376173# 使用费马小定理攻击分解na = 2b = pow(a, e * dp, n)p = math.gcd(b - a, n)q = n // p# 计算私钥并解密phi = (p - 1) * (q - 1)d = inverse(e, phi)m = pow(c, d, n)flag = long_to_bytes(m).decode()print(flag)玩的挺变态啊清茶哥
csdn里面可以搜到猪圈密码[https://blog.csdn.net/Aluxian_/article/details/141812967](https://blog.csdn.net/Aluxian_/article/details/141812967)
对应解码SQCTF{jijibaotonghualizuoyingxiong}
你的天赋是什么
摩斯密码解
SQCTF{YOU-HAVE-TALENT}
Common Modulus attack
两个密文使用相同的模数 n 但不同的指数 e1 和 e2 加密,且 e1 和 e2 互质。可以通过扩展欧几里得算法找到系数,组合两个密文恢复明文。
import mathfrom libnum import n2sdefextended_gcd(a, b):if b == 0:return (a, 1, 0)else: g, x, y = extended_gcd(b, a % b)return (g, y, x - (a // b) * y)n = 13650503560233612352420237787159267432351878281073422449253560365809461612884248041710373755322100953953257608601227381211434513766352420535096028618735289379355710140356003114010103377509526452574385251495847301426845768427018504464757671958803807138699056193259160806476941875860254288376872925837127208612702688503022494109785623082365323949385021488106289708499091818714253710552213982060745736652306892896670424179736886691685639988637188591805479432332714690818805432648223229601082431517091667297328748597580733946557364100555781113940729296951594110258088501146224322799560159763097710814171619948719257894889c1 = 3366500968116867439746769272799247895217647639427183907930755074259056811685671593722389247697636905214269760325119955242254171223875159785479900114989812511815466122321484289407596620307636198001794029251197349257235827433633936216505458557830334779187112907940003978773672225479445837897135907447625387990203145231671233038707457396631770623123809080945314083730185110252441203674945146889165953135351824739866177205127986576305492490242804571570833778440870959816207461376598067538653432472043116027057204385251674574207749241503571444801505084599753550983430739025050926400228758055440679102902069032768081393253c2 = 7412517103990148893766077090616798338451607394614015195336719617426935439456886251056015216979658274633552687461145491779122378237012106236527924733047395907133190110919550491029113699835260675922948775568027483123730185809123757000207476650934095553899548181163223066438602627597179560789761507989925938512977319770704123979102211869834390476278761480516444396187746843654541476645830961891622999425268855097938496239480682176640906218645450399785130931214581370821403077312842724336393674718200919934701268397883415347122906912693921254353511118129903752832950063164459159991128903683711317348665571285175839274346e1 = 4217054819e2 = 2800068527# 检查 e1 和 e2 是否互质assert math.gcd(e1, e2) == 1, "e1 和 e2 必须互质"# 扩展欧几里得求系数 a 和 bg, a, b = extended_gcd(e1, e2)print(f"系数 a={a}, b={b}")# 处理负指数的情况defmod_pow(c, exp, n):if exp < 0: c_inv = pow(c, -1, n) # 求模逆元return pow(c_inv, -exp, n)else:return pow(c, exp, n)part1 = mod_pow(c1, a, n)part2 = mod_pow(c2, b, n)# 合并计算结果m = (part1 * part2) % nflag = n2s(m)print("Flag:", flag.decode())
SQCTF{06774dcf-b9d1-3c2d-8917-7d2d86b6721c}
《1789年的密文》
# ========== 杰斐逊圆盘密码解密 ==========# 原始圆盘定义(0号盘对应密钥1)disks_raw = ["QWXZRJYVKSLPDTMACFNOGIEBHU", # 1号盘"BXZPMTQOIRVHKLSAFUDGJYCEWN", # 2号盘"LKJHGFDSAQZWXECRVBYTNUIMOP", # 3号盘"POIUYTREWQASDFGHJKLMNBVCXZ", # 4号盘"ZXCVBNMASDFGHJKLPOIUYTREWQ", # 5号盘"MNHBGVCFXDRZESWAQPLOKMIJUY", # 6号盘"YUJIKMOLPQAWSZEXRDCFVGBHNM", # 7号盘"EDCRFVTGBYHNUJMIKOLPQAZWSX", # 8号盘"RFVGYBHNUJMIKOLPQAZWSXEDCT", # 9号盘"TGBYHNUJMIKOLPQAZWSXEDCRFV", # 10号盘"WSXEDCRFVTGBYHNUJMIKOLPQAZ", # 11号盘"AZQWSXEDCRFVTGBYHNUJMIKOLP", # 12号盘"VFRCDXESZWAQPLOKMIJNUHGBTG", # 13号盘"IKOLPQAZWSXEDCRFVTGBYHNUJM"# 14号盘]# 密钥和密文配置key = [4, 2, 11, 8, 9, 12, 3, 6, 10, 14, 1, 5, 7, 13] # 密钥使用1-based编号ciphertext = "UNEHJPBIUOMAVZ"# ========== 解密流程 ==========# 步骤1:按密钥顺序重组圆盘reordered_disks = [disks_raw[k-1] for k in key] # 将密钥转换为0-based索引# 步骤2:对齐每个圆盘,使密文字符位于首位aligned_disks = []for disk, c in zip(reordered_disks, ciphertext): idx = disk.find(c)if idx == -1:raise ValueError(f"错误:字符 {c} 不在圆盘中: {disk}") aligned_disk = disk[idx:] + disk[:idx] # 旋转圆盘对齐 aligned_disks.append(aligned_disk)# 步骤3:生成所有可能的明文行(全部转为小写)possible_plaintexts = ["".join(disk[i] for disk in aligned_disks).lower() # 直接生成小写for i in range(26)]# 步骤4:自动检测可能的flag关键词keywords = ["traditional", "rotor"] # 小写关键词candidates = []for i, line in enumerate(possible_plaintexts):if any(word in line for word in keywords): candidates.append((i+1, line)) # 行号保持1-based# ========== 结果输出 ==========print("所有可能的解密结果(共26行,小写输出):")for i, line in enumerate(possible_plaintexts): mark = " <-- 候选"if any(word in line for word in keywords) else"" print(f"行 {i+1:02d}: {line}{mark}")if candidates: print("n[高概率候选]")for idx, line in candidates: print(f"行 {idx}: {line}") print(f"解密Flag: SQCTF{{{line}}}") # 使用SQCTF包裹结果else: print("n[警告] 未检测到有效关键词,请手动检查输出")对输出结果一个一个是过去,最后发现17行是答案
SQCTF{maketysecgreat}
原文始发于微信公众号(深玄安全):【WP】第四届SQCTF大赛Crypto方向题目全解
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论