banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。

Some Internet Cup Competition Writeup

The competition practical only has 6 questions, involving web, misc, and crypto topics. This competition was organized for the client, but the questions are not difficult; otherwise, how could it be a small competition?

Question 1: 1-1#

Find js, search keyword flag

dasctf{d6e9c56d7f078d298ed4695d899effbe}

image

Question 2: 2-1#

Open the pdf

There is a text box on the image

image

Question 3: 3-1#

The source code of the question is as follows, solved by a friend:

import libnum
import gmpy2
from Crypto.Util.number import *
import flag,e1,e2
# Generate prime numbers
p=libnum.generate_prime(1024)
q=libnum.generate_prime(1024)
ec1=pow(bytes_to_long(str(e1).ljust(20,"D").encode()),3,p*q)
ec2=pow(bytes_to_long(str(e2).ljust(20,"A").encode()),5,p*q)
m=libnum.s2n(flag)
n=p*q
c1=pow(m,e1,n)
c2=pow(m,e2,n)

print("n1=",n)
print("ec1=",ec1)
print("c1=",c1)
print("n2=",n)
print("ec2=",ec2)
print("c2=",c2)

# n1= 27929259512873502442719286790227037320417984116570178470037376373267390909685621247157535458203218619293705428397911754453556082799420494496904478215709219317542924547049229150153308059698341011305505985823374280465467094476511869541135508518055946815227085548571701115773386101962695795789178321155174729047033298389886321980592410739667139376075568555729949442873964097042006391886635957242436522435588904492484342259494858627609438654632887244523845583473711604632109405043439047289868784236481926074763997559971182741918345193506253460323445846136663027639802131457594564405906763806426256107923417802076262573737
# ec1= 24979839185643431898760549059477070141596292955202172081572583839065034831779499992829742773873064296311713734486020739853343887094398935731264
# c1= 17695186679431856780362905635257355413310120106982055323913669124182832151093921194946365178919380690844190324897933591567360925332869903671651849060145290581360223200011298757871213149464298017718829480721410479504940393501845624196721013966839230696831321482946841011452400364600924503121451272593970649100410603943321149604376033957124800064565646929720179239631538966228020882733213221035707244692798307971636126058586394357032072695921642665492919186476321028415907982915011972040971875733852055633796811898421692604356476773910338982400925245494707729878821466569634334862311750349321720627252469986162120031838
# n2= 27929259512873502442719286790227037320417984116570178470037376373267390909685621247157535458203218619293705428397911754453556082799420494496904478215709219317542924547049229150153308059698341011305505985823374280465467094476511869541135508518055946815227085548571701115773386101962695795789178321155174729047033298389886321980592410739667139376075568555729949442873964097042006391886635957242436522435588904492484342259494858627609438654632887244523845583473711604632109405043439047289868784236481926074763997559971182741918345193506253460323445846136663027639802131457594564405906763806426256107923417802076262573737
# ec2= 2838620519239658396968146844964839207179863729944843241951228382052657801460586137213053314019699976475855578055607417923815486109050614096157077528657405905877896929808094661904905136761365045387901486261011216958309860644255996588189249
# c2= 10770781309274554738409447671578241895686779262243081931452089039730277591151694112684863740412412713684216227740930573490322958500198235497947657939304932868457999239593145330718657422535271157683896034543125292529800047408131765376686654378173684648427311300423776510153307756388404568013401217965931456538849277670384454454507752525534110389604969437991055504757081225690155489265359117617764571537216746554060783131168749700810806387918510612057149583061938836035963175555630655718716139689761210220525955656039741684390906935720406757364893793459339618913268943282961044530062475057887777134887741597041684698119

Given values, public key

image

The script provides the following parameters: n1, n2, ec1, ec2, c1, c2. Since ec1 and ec2 are both small exponent encryptions, we can directly take the fifth root to obtain the encryption indices e1 and e2.

Using variable k to find a valid k value such that the expression ec2 + k * n is a perfect fifth power.

while 1:
	res=iroot(ec2+k*n,5) #print(res)

In the above loop, the script calculates the fifth root of the expression ec2 + k * n and checks if this fifth root is an integer. If it is an integer, it prints the corresponding string and breaks the loop. Otherwise, it increments k and continues the loop.

while True: 
	res = gmpy2.iroot(ec2 + k * n, 5) if res[1] == True: print(long_to_bytes(int(res[0])))

Next, the script uses the extended Euclidean algorithm to calculate the multiplicative inverses of the public keys e1 and e2, obtaining s1 and s2. Finally, the script calculates c1 raised to the power of s1 and c2 raised to the power of s2, multiplies these two results, and takes modulo n to obtain the plaintext m. These two indices are used to decrypt the ciphertext c1 and c2, thus obtaining the original message m.

s, s1, s2 = gmpy2.gcdext(e1, e2)
m = (pow(c1, s1, n) * pow(c2, s2, n)) % n  # m = (c1^s1) * (c2^s2)

The decryption script is as follows:

import gmpy2
from Crypto.Util.number import *

n = 27929259512873502442719286790227037320417984116570178470037376373267390909685621247157535458203218619293705428397911754453556082799420494496904478215709219317542924547049229150153308059698341011305505985823374280465467094476511869541135508518055946815227085548571701115773386101962695795789178321155174729047033298389886321980592410739667139376075568555729949442873964097042006391886635957242436522435588904492484342259494858627609438654632887244523845583473711604632109405043439047289868784236481926074763997559971182741918345193506253460323445846136663027639802131457594564405906763806426256107923417802076262573737

ec2 = 2838620519239658396968146844964839207179863729944843241951228382052657801460586137213053314019699976475855578055607417923815486109050614096157077528657405905877896929808094661904905136761365045387901486261011216958309860644255996588189249

c1 = 17695186679431856780362905635257355413310120106982055323913669124182832151093921194946365178919380690844190324897933591567360925332869903671651849060145290581360223200011298757871213149464298017718829480721410479504940393501845624196721013966839230696831321482946841011452400364600924503121451272593970649100410603943321149604376033957124800064565646929720179239631538966228020882733213221035707244692798307971636126058586394357032072695921642665492919186476321028415907982915011972040971875733852055633796811898421692604356476773910338982400925245494707729878821466569634334862311750349321720627252469986162120031838

c2 = 10770781309274554738409447671578241895686779262243081931452089039730277591151694112684863740412412713684216227740930573490322958500198235497947657939304932868457999239593145330718657422535271157683896034543125292529800047408131765376686654378173684648427311300423776510153307756388404568013401217965931456538849277670384454454507752525534110389604969437991055504757081225690155489265359117617764571537216746554060783131168749700810806387918510612057149583061938836035963175555630655718716139689761210220525955656039741684390906935720406757364893793459339618913268943282961044530062475057887777134887741597041684698119

e1 = 34967
e2 = 65535

# Find a valid k value
k = 0

while True:
    res = gmpy2.iroot(ec2 + k * n, 5)
    if res[1] == True:
        print(long_to_bytes(int(res[0])))  # Convert to string
        break
    k = k + 1

# Decrypt
s, s1, s2 = gmpy2.gcdext(e1, e2)
m = (pow(c1, s1, n) * pow(c2, s2, n)) % n  # m = (c1^s1) * (c2^s2)

# Print decryption result
print(long_to_bytes(m))

Question 4: 4-1#

The original code is as follows:

from uuid import *

from caser import something
from secret import flag
base_table="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
result =""

for i in range(len(flag)):
    if flag[i] in base_table:
        result +=base_table[(base_table.index(flag[i])+33)%64]
    else:
        result +=flag[i]
print(result)

#khzj0m{9caZ87VV-8X77-WW/+-78Wa-eZVdaYYe9/dZ}

Write a decryption script based on the given code

encrypted_flag = "khzj0m{9caZ87VV-8X77-WW/+-78Wa-eZVdaYYe9/dZ}"
base_table = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
flag = ""

for char in encrypted_flag:
    if char in base_table:
        index = (base_table.index(char) - 33) % 64
        flag += base_table[index]
    else:
        flag += char
print(flag)

For crypto-type questions, directly use chatgpt to solve

Question 5: 5-1#

Analyze the provided attachment pcap.pcap

image

There is a file header format for rar compressed packages. Extract the above hexadecimal content and write it in hexadecimal format using 010editor

image

After writing, the specific content is as follows:

image

Obtain the rar file, which gives a flag.rar file after extraction, but requires a password to extract.

Suspect NTFS stream steganography, use NTFS data stream processing tools to process

image

Obtain a base64 string

image

The password is this base64 value, extract the compressed package

image

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.