这题是真的烦,flag好多在图片上,GG。

部分write up。

Pretty Pixels

比较少见
image

Audio Problems

频谱图

image
image

姿势是这样,但不知道为啥这么不清晰,调了好几次。

R.I.P Transmission

file一下看到是ELF,linux下的可执行文件,改成rip.exe运行看到data,foremost出来爆破,密码bunny.

image
image

Corrupt Transmission

对应修改png图片头

1
2
十进制数   137 80 78 71 13 10 26 10
十六进制数 89 50 4E 47 0D 0A 1A 0A

Thor’s a hacker now

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
00000000: 4c5a 4950 01b3 007f b61b edf0 8440 58e3  LZIP.........@X.
00000010: 91de 1027 5861 8a67 4282 46a4 92f9 4cad ...'Xa.gB.F...L.
00000020: 2d5d 14eb 3099 2c31 01c2 d13a 74d2 c620 -]..0.,1...:t..
00000030: de27 3a8f fa92 0644 5468 2d02 01fa 24bb .':....DTh-...$.
00000040: 719f a0fd a191 1678 8bff a2c4 2627 9871 q......x....&'.q
00000050: 83bf cff2 f8af 99fa c465 2b7c 6bdf ee3c .........e+|k..<
00000060: b71b f61b 0b5e 0ce7 d14f f6a8 0466 6470 .....^...O...fdp
00000070: de67 02da 7be1 1abd e9f0 ac87 131a bcc0 .g..{...........
00000080: 0b0b 9f31 9400 48e3 616a 8f3f 4804 79ad ...1..H.aj.?H.y.
00000090: a6bb 863a f641 01da b1ee c4fe b338 9289 ...:.A.......8..
000000a0: 2a90 8302 4170 773c 88d3 2641 d274 f533 *...Apw<..&A.t.3
000000b0: 84cf e7d9 f687 3b12 1516 970e 04c2 cfdd ......;.........
000000c0: c1ca dc46 981d 2a7c 1b39 cb0b 4f8c 58cc ...F..*|.9..O.X.
000000d0: 46b4 9744 4cb1 fbd3 c632 f36d ecbf 4789 F..DL....2.m..G.
000000e0: 00b8 d4fc 51a8 394e de2a 1a2d 3c43 179c ....Q.9N.*.-<C..
000000f0: 9623 f971 2935 9564 9e15 c771 c3d5 d8b1 .#.q)5.d...q....
00000100: a7fa 3c0c f869 b829 f6d6 f145 6d57 b3a1 ..<..i.)...EmW..
00000110: bd3f 3fc2 a41f 7e35 089c de29 1d55 debf .??...~5...).U..
..........................................................

给的是这个,重点在16进制,然后思路是把16进制另存成个文件,写个简单脚本

1
2
3
4
5
6
7
8
import base64
file = open('thor.txt')
new = open('flag','w')
for line in file.readlines():
s = line[10:49]
new.write(s+'\n')
file.close()
new.close()

复制到winhex里面另存,拿到kali下直接提取出图片。

Blue Monday

http://ww4.sinaimg.cn/large/0060lm7Tly1fkc4nztdyfj30d90ks3zr.jpg
观察,d前面的。

Round Rabins!

这题我是没研究明白,给一个wp:https://github.com/WCSC/writeups/tree/master/icectf-2016/Round-Rabins

给个脚本,遇到直接拿来用吧。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/usr/bin/env python
'''
Rabin cryptosystem challenge:
N=0x6b612825bd7972986b4c0ccb8ccb2fbcd25fffbadd57350d713f73b1e51ba9fc4a6ae862475efa3c9fe7dfb4c89b4f92e925ce8e8eb8af1c40c15d2d99ca61fcb018ad92656a738c8ecf95413aa63d1262325ae70530b964437a9f9b03efd90fb1effc5bfd60153abc5c5852f437d748d91935d20626e18cbffa24459d786601
c=0xd9d6345f4f961790abb7830d367bede431f91112d11aabe1ed311c7710f43b9b0d5331f71a1fccbfca71f739ee5be42c16c6b4de2a9cbee1d827878083acc04247c6e678d075520ec727ef047ed55457ba794cf1d650cbed5b12508a65d36e6bf729b2b13feb5ce3409d6116a97abcd3c44f136a5befcb434e934da16808b0b
'''
# some functions from http://codereview.stackexchange.com/questions/43210/tonelli-shanks-algorithm-implementation-of-prime-modular-square-root/43267
def legendre_symbol(a, p):
"""
Legendre symbol
Define if a is a quadratic residue modulo odd prime
http://en.wikipedia.org/wiki/Legendre_symbol
"""
ls = pow(a, (p - 1)/2, p)
if ls == p - 1:
return -1
return ls
def prime_mod_sqrt(a, p):
"""
Square root modulo prime number
Solve the equation
x^2 = a mod p
and return list of x solution
http://en.wikipedia.org/wiki/Tonelli-Shanks_algorithm
"""
a %= p
# Simple case
if a == 0:
return [0]
if p == 2:
return [a]
# Check solution existence on odd prime
if legendre_symbol(a, p) != 1:
return []
# Simple case
if p % 4 == 3:
x = pow(a, (p + 1)/4, p)
return [x, p-x]
# Factor p-1 on the form q * 2^s (with Q odd)
q, s = p - 1, 0
while q % 2 == 0:
s += 1
q //= 2
# Select a z which is a quadratic non resudue modulo p
z = 1
while legendre_symbol(z, p) != -1:
z += 1
c = pow(z, q, p)
# Search for a solution
x = pow(a, (q + 1)/2, p)
t = pow(a, q, p)
m = s
while t != 1:
# Find the lowest i such that t^(2^i) = 1
i, e = 0, 2
for i in xrange(1, m):
if pow(t, e, p) == 1:
break
e *= 2
# Update next value to iterate
b = pow(c, 2**(m - i - 1), p)
x = (x * b) % p
t = (t * b * b) % p
c = (b * b) % p
m = i
return [x, p-x]
def egcd(a, b):
if a == 0:
return (b, 0, 1)
else:
g, y, x = egcd(b % a, a)
return (g, x - (b // a) * y, y)
def modinv(a, m):
g, x, y = egcd(a, m)
if g != 1:
raise Exception('modular inverse does not exist')
else:
return x % m
# This finds a solution for c = x^2 (mod p^2)
def find_solution(c, p):
'''
Hensel lifting is fairly simple. In one sense, the idea is to use
Newton's method to get a better result. That is, if p is an odd
prime, and
r^2 = n (mod p),
then you can find the root mod p^2 by changing your first
"approximation" r to
r - (r^2 - n)/(2r) (mod p^2).
http://mathforum.org/library/drmath/view/70474.html
'''
n = p ** 2
# Get square roots for x^2 (mod p)
r = prime_mod_sqrt(c,p)[0]
inverse_2_mod_n = modinv(2, n)
inverse_r_mod_n = modinv(r, n)
new_r = r - inverse_2_mod_n * (r - c * inverse_r_mod_n)
return new_r % n
if __name__ == "__main__":
# These are the given values
n = 0x6b612825bd7972986b4c0ccb8ccb2fbcd25fffbadd57350d713f73b1e51ba9fc4a6ae862475efa3c9fe7dfb4c89b4f92e925ce8e8eb8af1c40c15d2d99ca61fcb018ad92656a738c8ecf95413aa63d1262325ae70530b964437a9f9b03efd90fb1effc5bfd60153abc5c5852f437d748d91935d20626e18cbffa24459d786601L
# n is a perfect square: n = p * p
p = 0xa5cc6d4e9f6a893c148c6993e1956968c93d9609ed70d8366e3bdf300b78d712e79c5425ffd8d480afcefc71b50d85e0914609af240c981c438acd1dcb27b301L
# encrypted message
c = 0xd9d6345f4f961790abb7830d367bede431f91112d11aabe1ed311c7710f43b9b0d5331f71a1fccbfca71f739ee5be42c16c6b4de2a9cbee1d827878083acc04247c6e678d075520ec727ef047ed55457ba794cf1d650cbed5b12508a65d36e6bf729b2b13feb5ce3409d6116a97abcd3c44f136a5befcb434e934da16808b0bL
solution = find_solution(c, p)
print hex(solution)[2:-1].decode("hex")

RSA2

给了

1
2
3
4
5
N=0xee290c7a603fc23300eb3f0e5868d056b7deb1af33b5112a6da1edc9612c5eeb4ab07d838a3b4397d8e6b6844065d98543a977ed40ccd8f57ac5bc2daee2dec301aac508f9befc27fae4a2665e82f13b1ddd17d3a0c85740bed8d53eeda665a5fc1bed35fbbcedd4279d04aa747ac1f996f724b14f0228366aeae34305152e1f430221f9594497686c9f49021d833144962c2a53dbb47bdbfd19785ad8da6e7b59be24d34ed201384d3b0f34267df4ba8b53f0f4481f9bd2e26c4a3e95cd1a47f806a1f16b86a9fc5e8a0756898f63f5c9144f51b401ba0dd5ad58fb0e97ebac9a41dc3fb4a378707f7210e64c131bca19bd54e39bbfa0d7a0e7c89d955b1c9f

e=0x10001

c=0x3dbf00a02f924a70f44bdd69e73c46241e9f036bfa49a0c92659d8eb0fe47e42068eaf156a9b3ee81651bc0576a91ffed48610c158dc8d2fb1719c7242704f0d965f8798304925a322c121904b91e5fc5eb3dc960b03eb8635be53b995217d4c317126e0ec6e9a9acfd5d915265634a22a612de962cfaa2e0443b78bdf841ff901423ef765e3d98b38bcce114fede1f13e223b9bd8155e913c8670d8b85b1f3bcb99353053cdb4aef1bf16fa74fd81e42325209c0953a694636c0ce0a19949f343dc229b2b7d80c3c43ebe80e89cbe3a3f7c867fd7cee06943886b0718a4a3584c9d9f9a66c9de29fda7cfee30ad3db061981855555eeac01940b1924eb4c301

yafu分解N,然后rsatool.py脚本求d,已知cdn求明文。