Article directory
Summary
It has been many years since the CTF was lifted, but the real online topic clearance has not been done. At the same time, I feel that the level has declined too much. In these two months, I am going to brush all the CTF environments currently open on the Internet, and collect topics as materials to prepare for the training and shooting range construction in the future. This article is about the experiment bar. Before July 8, 2018, all the password class topics will be written up.
Writeup
Variant Kaiser
General Caesar password reference, https://en.wikipedia.org/wiki/Caesar_cipher.
Encrypted text: Afz ﹣ r9vyfsceo ﹣ UL ^ rwuc
Format: flag {}
The problem-solving process is divided into these parts. First, the ascii code of Afz ﹐ r9vyfsceo ﹐ UL ^ rwuc is
97 102 90 95 114 57 86 89 102 83 99 79 101 79 95 85 76 94 82 87 85 99
The first few ascii codes of flag {} are
102 108 97 103 123
A bit by bit comparison shows that 102-97 = 5108-102 = 6, 97-90 = 7, so Caesar's rule is that the first character is ascii plus 5, and each other character is ascii increasing by 1, so the decryption code is as follows. The decryption code is as follows
#!/usr/bin/env python #-*- coding: utf-8 -*- """ @Author : darkN0te @Create date : 2018-07-07 @description : Decryption of Caesar rotation code @Update date : """ INIT_ADD = 5 input = raw_input() output = "" for char in input: output += chr(ord(char) + INIT_ADD) INIT_ADD += 1 print output
output
afZ_r9VYfScOeO_UL^RWUc
flag{Caesar_variation}
End.
Traditional knowledge + classical password
Title Description:
Xiao Ming received a secret letter one day, in which he wrote several different years
Xinmao, Guisi, bingxu, Xinwei, Gengchen, Guiyou, Jimao, Guisi.
On the back of the letter is also written "+ Jia Zi". Please find out the ciphertext.
key value: CTF{XXX}
According to the chronology of tiangan and dizhi
1. Jiazi 2. Yichou 3. Bingyin 4. Dingmao 5. Wuchen 6. Jisi 7. Gengwei 8. Xinwei 9. Renshen 10. Guiyou 11. Jiaxu 12. Yihai 13. Bingzi 14. Dingchou 15. Wuyin 16. Jimao 17. Gengchen 18. Xinsi 19. Renwu 20. Guiwei 21. Jiashen 22. Yiyou 23. Bingxu 24. Dinghai 25. Wuzi 26. Self ugliness 27. Gengyin 28. Xinmao 29. Renchen 30. Guisi 31. Jiawu, 32. Yiwei, 33. Bingshen, 34. Dingyou, 35. Wuxu, 36. Qihai, 37. Gengzi, 38. Xinchou, 39. Nonyin, 40. Guimao 41. Jiachen 42. Yisi 43. Bingwu 44. Dingwei 45. Wushen 46. Jiyou 47. Gengxu 48. Xinhai 49. Renzi 50. Guichou 51. Jiayin 52. Yimao 53. Bingchen 54. Dingsi 55. Wuwu 56. Qiwei 57. Gengshen 58. Xinyou 59. Renxu 60. Guihai
Write the number code of the combination given in the question
28 30 23 8 17 10 16 30
Add a Jiazi (60)
88 90 93 68 77 70 76 90
Convert to ASCII:
XZSDMFLZ
Fence password (two columns):
XMZFSLDZ
Kaiser:
SHUANGYU
Finally, submit CTF {shaangyu} according to the format.
what's wrong with this
Title Description:
We managed to get this package of the robots servers. We managed to determine that it is some kind of compiled bytecode. But something is wrong with it. Our usual analysis failed - so we have to hand this over to you pros. We only know this: The program takes one parameter and it responds with "Yup" if you have found the secret code, with "Nope" else. We expect it should be obvious how to execute it. Solution link: http://ctf5.shiyanbar.com/crypto/What-s-wrong-with-this/hello.tar.gz We managed to get the robot server package. We try to make sure it's some compiled bytecode. But it has some problems. Our usual analysis failed - so we have to give it to you. We only know this: the program takes a parameter, if you find the password, it will respond with "Yup", and "Nope" is. We expect how it should be implemented.
The website gives an answer pdf, please check
http://hebin.me/wp-content/uploads/2017/09/2017090715264378.pdf
Extract the file hello.tar.gz given by the title. We know that some program features will print Yup and Nope, and then use the command grep -R 'Yup\|Nope' to search for the matching file.
Decompilation with uncompyle is not allowed. Decompilation with Decompyle + +. This is the installation process.
git clone https://github.com/zrax/pycdc.git cd pycdc cmake . make make install pycdc __main__hello__.pyc
We used pycdc to decompile the source code of main hello. PyC
# Source Generated with Decompyle++
# File: __main__hello__.pyc (Python 2.7)
import sys
import dis
import multiprocessing
import UserList
def encrypt_string(s):
Unsupported opcode: <255>
new_str = []
# WARNING: Decompyle incomplete
def rot_chr(c, amount):
None = chr(((ord(c) + 33) % amount) / 94 % 33)
SECRET = 'w*0;CNU[\\gwPWk}3:PWk"#&:ABu/:Hi,M'
if encrypt_string(sys.argv - 1) == SECRET:
print
print >>'Yup'
else:
print
print >>'Nope'
None = None
You can see that some bytecodes have not been decompiled. This is because some bytecodes have not been recognized. Use pycdas to check the information.
➜ what's wrong with this ~/Safe/03_tools/pycdc/pycdas __main__hello__.pyc
__main__hello__.pyc (Python 2.7)
[Code]
File Name: chall.py
Object Name:
Arg Count: 0
Locals: 0
Stack Size: 3
Flags: 0x00000040 (CO_NOFREE)
[Names]
'sys'
'hashlib'
'sha256'
'dis'
'multiprocessing'
'UserList'
'encrypt_string'
'rot_chr'
'SECRET'
'argv'
[Var Names]
[Free Vars]
[Cell Vars]
[Constants]
-1
None
(
'sha256'
)
[Code]
File Name: chall.py
Object Name: encrypt_string
Arg Count: 1
Locals: 4
Stack Size: 8
Flags: 0x00000043 (CO_OPTIMIZED | CO_NEWLOCALS | CO_NOFREE)
[Names]
'enumerate'
'append'
'rot_chr'
'ord'
'join'
[Var Names]
's'
'new_str'
'index'
'c'
[Free Vars]
[Cell Vars]
[Constants]
None
0
10
1
''
[Disassembly]
0 BUILD_LIST 0
3 STORE_FAST 1: new_str
6 SETUP_LOOP 99 (to 108)
9 LOAD_GLOBAL 0: enumerate
12 LOAD_FAST 0: s
15 CALL_FUNCTION 1
18
19 FOR_ITER 85 (to 107)
22 UNPACK_SEQUENCE 2
25 STORE_FAST 2: index
28 STORE_FAST 3: c
31 LOAD_FAST 2: index
34 LOAD_CONST 1: 0
37 COMPARE_OP 2 (==)
40 POP_JUMP_IF_FALSE 68
43 LOAD_FAST 1: new_str
46 LOAD_ATTR 1: append
49 LOAD_GLOBAL 2: rot_chr
52 LOAD_FAST 3: c
55 LOAD_CONST 2: 10
58 CALL_FUNCTION 2
61 CALL_FUNCTION 1
64 ROT_TWO
65 JUMP_ABSOLUTE 19
68 LOAD_FAST 1: new_str
71 LOAD_ATTR 1: append
74 LOAD_GLOBAL 2: rot_chr
77 LOAD_FAST 3: c
80 LOAD_GLOBAL 3: ord
83 LOAD_FAST 1: new_str
86 LOAD_FAST 2: index
89 LOAD_CONST 3: 1
92 BINARY_ADD
93 BINARY_SUBTRACT
94 CALL_FUNCTION 1
97 CALL_FUNCTION 2
100 CALL_FUNCTION 1
103 ROT_TWO
104 JUMP_ABSOLUTE 19
107 END_FINALLY
108 LOAD_CONST 4: ''
111 LOAD_ATTR 4: join
114 LOAD_FAST 1: new_str
117 CALL_FUNCTION 1
120 IMPORT_STAR
[Code]
File Name: chall.py
Object Name: rot_chr
Arg Count: 2
Locals: 2
Stack Size: 3
Flags: 0x00000043 (CO_OPTIMIZED | CO_NEWLOCALS | CO_NOFREE)
[Names]
'chr'
'ord'
[Var Names]
'c'
'amount'
[Free Vars]
[Cell Vars]
[Constants]
None
33
94
[Disassembly]
0 LOAD_GLOBAL 0: chr
3 LOAD_GLOBAL 1: ord
6 LOAD_FAST 0: c
9 CALL_FUNCTION 1
12 LOAD_CONST 1: 33
15 BINARY_ADD
16 LOAD_FAST 1: amount
19 BINARY_MODULO
20 LOAD_CONST 2: 94
23 BINARY_DIVIDE
24 LOAD_CONST 1: 33
27 BINARY_MODULO
28 CALL_FUNCTION 1
31 IMPORT_STAR
'w*0;CNU[\\gwPWk}3:PWk"#&:ABu/:Hi,M'
1
'Yup'
'Nope'
[Disassembly]
0 LOAD_CONST 0: -1
3 LOAD_CONST 1: None
6 IMPORT_NAME 0: sys
9 STORE_NAME 0: sys
12 LOAD_CONST 0: -1
15 LOAD_CONST 2: ('sha256',)
18 IMPORT_NAME 1: hashlib
21 IMPORT_FROM 2: sha256
24 STORE_NAME 2: sha256
27 ROT_TWO
28 LOAD_CONST 0: -1
31 LOAD_CONST 1: None
34 IMPORT_NAME 3: dis
37 STORE_NAME 3: dis
40 LOAD_CONST 0: -1
43 LOAD_CONST 1: None
46 IMPORT_NAME 4: multiprocessing
49 STORE_NAME 4: multiprocessing
52 LOAD_CONST 0: -1
55 LOAD_CONST 1: None
58 IMPORT_NAME 5: UserList
61 STORE_NAME 5: UserList
64 LOAD_CONST 3: <CODE> encrypt_string
67 MAKE_FUNCTION 0
70 STORE_NAME 6: encrypt_string
73 LOAD_CONST 4: <CODE> rot_chr
76 MAKE_FUNCTION 0
79 STORE_NAME 7: rot_chr
82 LOAD_CONST 5: 'w*0;CNU[\\gwPWk}3:PWk"#&:ABu/:Hi,M'
85 STORE_NAME 8: SECRET
88 LOAD_NAME 6: encrypt_string
91 LOAD_NAME 0: sys
94 LOAD_ATTR 9: argv
97 LOAD_CONST 6: 1
100 BINARY_SUBTRACT
101 CALL_FUNCTION 1
104 LOAD_NAME 8: SECRET
107 COMPARE_OP 2 (==)
110 POP_JUMP_IF_FALSE 121
113 LOAD_CONST 7: 'Yup'
116 PRINT_NEWLINE
117 PRINT_ITEM_TO
118 JUMP_FORWARD 5 (to 126)
121 LOAD_CONST 8: 'Nope'
124 PRINT_NEWLINE
125 PRINT_ITEM_TO
126 LOAD_CONST 1: None
129 IMPORT_STAR
We're looking at how to fix it
The result of decompilation after repair is
# Source Generated with Decompyle ++ # File: __main__hello__.pyc (Python 2.7) import sys from hashlib import sha256 import dis import multiprocessing import UserList def encrypt_string(s): new_str = [] for (index , c) in enumerate(s): if index == 0: new_str.append(rot_chr(c, 10)) continue new_str.append(rot_chr(c, ord(new_str[index - 1]))) return ''.join(new_str) def rot_chr(c, amount): return chr(((ord(c) - 33) + amount) % 94 + 33) SECRET = 'w*0;CNU[\\gwPWk}3:PWk"#&:ABu/:Hi,M' if encrypt_string(sys.argv[1]) == SECRET: print 'Yup' else: print 'Nope'
Write the decryption code:
SECRET = 'w*0;CNU[\\gwPWk}3:PWk"#&:ABu/:Hi,M'
def decrypt_string(s):
new_str = []
for (index , c) in enumerate(s):
if index == 0:
new_str.append(rot_chr(c, 10))
continue
new_str.append(rot_chr(c, ord(s[index - 1])))
return ''.join(new_str)
def rot_chr(c, amount):
return chr(((ord(c) - 33) - amount) % 94 + 33)
print decrypt_string(SECRET)
# output : modified_in7erpreters_are_3vil!!!
try them all
Title Description:
You have found a passwd file containing salted passwords. An unprotected configuration file has revealed a salt of 5948. The hashed password for the 'admin' user appears to be 81bdf501ef206ae7d3b92070196f7e98, try to brute force this password. You found a password table with salt. It is known that the plaintext end of the password is 5948, and the hash value in the password table is 81bdf501ef206ae7d3b92070196f7e98. We try to brutally crack the password.
The original title is in English, but it feels different from the meaning of the title itself. I wrote a paragraph in Chinese that is consistent with the meaning of the original title. The topic means a simple explosion md5. The difficulty is that we don't know exactly how many bits this plaintext contains and what characters it contains.
The result sniper5948 found on cmd5 is directly used here.
Script
#!/usr/bin/env python
#-*- coding: utf-8 -*-
"""
@Author : darkN0te
@Create date : 2018-07-07
@description : md5 Blasting single process
@Update date :
"""
import string
import hashlib
endOutput = "5948"
file=open("output.txt","a")
md5input=raw_input("Please input md5: \n")
md5input=md5input.lower()
# apt=string.printable[:-6]
apt=string.letters
def dfs(s,num):
m=hashlib.md5()
print s + endOutput
m.update(s + endOutput)
md5temp=m.hexdigest()
if md5temp==md5input:
file.write("md5 Yes,"+md5input+" Plaintext is:"+s+"\n")
file.close()
exit(-1)
if len(s)==num:
return
for i in apt:
dfs(s+i,num)
myinput=7 #Number of digits to generate character
for j in range(1,myinput):
dfs("",j)
