image-20220527174928597

MISC

Welcome to fxxking DestCTF

签到题关注公众号回复:Give me the fxxking flag

Pngenius

使用zsteg查看是否存在LSB隐写数据

image-20220527174306747

可以看到存在一个ZIP文件,并且lsb信息当中写着压缩包密码,使用zsteg分离从图片中分离压缩包,使用密码解密得到flag

1
zsteg -e extradata:0 Dest0g3.png Dest0g3.png >> 1.zip

EasyEncode

下载得到一个有密码的压缩包,仔细检查过后没有发现关于密码的提示,使用ziperello爆破得到密码

image-20220527174359263

打开压缩包当中的文件发现是 .和-推测为摩斯密码,对摩斯密码解密得到一串16进制字符串,对16进制转ASCII得到unicode字符再进行解码得到flag

Python_jail

下载附件,打开后有三个文件一个是hint.txt,另一个是password.txt,第三个是一个有密码的压缩包,将password.txt打开后全部由空格和tab组成,这里有一个之前没有遇到的知识点就是空白字符编程,我们利用在线工具解出password后,在压缩包中提取到一张图片,用zsteg分析图片发现存在一个pyc文件,使用zsteg分离出来之后,运行得到flag

image-20220527174424912

你知道JS吗?

下载得到一个无后缀文件,使用file命令查看文件类型,看到是一个word文档,修改后缀名后打开。

image-20220527174434138

打开word文档发现是一堆表情符号,修改字体得到base64字符,对字符进行解码,得到JS代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
<application xmlns="urn:schemas-microsoft-com:asm.v3">
<dpiAwareness xmlns="http://schemas.microsoft.com/SMI/2016/WindowsSettings">Do you know js</dpiAwareness>
<script language="javascript">document.write(unescape('<html>
<body>

<!DOCTYPE html>
<html>
<head>
<title>Do You Know js</title>
<HTA:APPLICATION
APPLICATIONNAME="Do You Know js"
ID="Inception"
VERSION="1.0"
SCROLL="no"/>

<style type="text/css">
</head>
<div id="feature">
<div id="content
</style>
<h1 id="unavailable" class="loading">Building js.....</h1>
<script type="text/javascript" language="javascript">
function RunFile() {
var WshShell = new ActiveXObject("WScript.Shell");
WshShell.Run("notepad %windir%/Desktop/js.txt", 1, false);
/* var oExec = WshShell.Exec("notepad"); */
}
</script>
</div>
</div>
<body>
<input type="button" value="Implant Inception Here" onclick="RunFile();"/>
<p style="color:white;">

+++++ ++[-> +++++ ++<]> +++.. ++.-. ++.-- --.++ ++.--
-.-.- --.++ ++++.
+.--- -..++ ++.<+ ++[-> +++<] >++.< +++[-
>---< ]>--- ---.+ ++++. -----
.+++. ...-- ---.+ ++++. ---.+ ++.-- ---.+ ++++. ---.. +++++ +.--- ----.
<++++ [->++ ++<]> ++.<+ +++[- >---- <]>-. ---.+
+++++ .---- -.++. ++.+.
--.-- .<+++ +[->+ +++<] >++.< ++++[ ->--- -<]>-
.+.-. ---.+ ++.+. -.+++
+.--- --.<+ +++[- >++++ <]>++ .<+++ [->-- -<]>- ----. ----. +.+++ +.---
-.--- .+++. -..<+ +++[- >++++ <]>++
.<+++ +[->- ---<] >-.++ +++.- ----.
+++.. ---.+ ++.-- --.+. ..+++ +.-.- ----. +++++
.---- .+.++ ++.-- --.++
++.-. ----. +.-.+ ++++.
<+++[ ->+++ <]>++ ++.<
</p>
</body>
</body>
</html>
'));</script>

直接看到由+[ >组成的特殊编码,使用Brainfuck解码得到16进制数字,进行16进制转ascii得到flag

4096

打开web环境看到是一个小游戏,所以我们先查看一下他的缓存数据,可以看到存在多个JS文件,根据经验js当中往往会存在跟flag有关的信息,另外我们可以看到favicon.png的位置很特殊,并不是在网站的图标位置,所以我们一会把它下载下来查看一下。

image-20220527174446990

首先查看一下js文件在local_storage_manager.js当中发现特殊JS,两次base64解码得到部分flag。

1
2
3
4
5
function getPartFlag(score) {
if (score > 10000) {
console.log("Q29uZ3JhdHVsYXRpb25zLCB0aGlzIGlzIHBhcnQgb2YgdGhlIGZsYWc6IE5HVmxOeTFpTmpjekxUazNNV1E0TVdZNFlqRTNOMzA9Lg==");
}
}

我们再来看一下favicon.png这张图片,使用zsteg查看是否存在特殊信息,我们可以看到图片中包含一个wav文件,使用zsteg将1.wav分离。并在wav文件中分离出带密码的压缩包。

image-20220527174502462

将分离后的1.wav拖入Audacity,发现音频开头和结尾部分存在拨号音,使用拨号音识别器得到一串倒序排列的手机号码,题目做到这里我遇到了困难,因为在我了解的音频隐写中,方法都试过解不出来题目,于是把这个题先放在一边,在我翻看网上的WP的时候注意到了一种音频隐写方式–SSTVB,这里放出文章链接UTCTF2020]sstv_末 初的博客-CSDN博客,因为看到音频中间部分的频谱图和这道题目很相似,于是进行尝试,成功获得一张图片。按照图片提示知道压缩包密码。

image-20220527174510803

解开压缩包,得到一张图片,使用gaps进行拼图。

image-20220527174519343

得到下图,将图中字符串拼成一段base64得到前一段flag,与js文件中的flag组成,完整的flag。

image-20220527174532452

Easy word

原题直接上链接 word宏加密的破解_  筱的博客-CSDN博客_word宏密码

CRYPTO

babyRSA

已知n,c,e求d和m,最简单的RSA题目直接上脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
import libnum
from Crypto.Util.number import long_to_bytes

p = 165143607013706756535226162768509114446233024193609895145003307138652758365886458917899911435630452642271040480670481691733000313754732183700991227511971005378010205097929462099354944574007393761811271098947894183507596772524174007304430976545608980195888302421142266401500880413925699125132100053801973971467
q = 165143607013706756535226162768509114446233024193609895145003307138652758365886458917899911435630452642271040480670481691733000313754732183700991227511971005378010205097929462099354944574007393761811271098947894183507596772524174007304430976545608980195888302421142266401500880413925699125132100053801973969401
e = 65537
c = 14181751948841206148995320731138166924841307246014981115736748934451763670304308496261846056687977917728671991049712129745906089287169170294259856601300717330153987080212591008738712344004443623518040786009771108879196701679833782022875324499201475522241396314392429412747392203809125245393462952461525539673218721341853515099201642769577031724762640317081252046606564108211626446676911167979492329012381654087618979631924439276786566078856385835786995011067720124277812004808431347148593882791476391944410064371926611180496847010107167486521927340045188960373155894717498700488982910217850877130989318706580155251854
n = 27272410937497615429184017335437367466288981498585803398561456300019447702001403165885200936510173980380489828828523983388730026101865884520679872671569532101708469344562155718974222196684544003071765625134489632331414011555536130289106822732544904502428727133498239161324625698270381715640332111381465813621908465311076678337695819124178638737015840941223342176563458181918865641701282965455705790456658431641632470787689389714643528968037519265144919465402561959014798324908010947632834281698638848683632113623788303921939908168450492197671761167009855312820364427648296494571794298105543758141065915257674305081267
d = libnum.invmod(e, (p - 1) * (q - 1))
m = pow(c, d, n) # m 的十进制形式
print(m)
string = long_to_bytes(m) # m明文
print(string) # 结果为 b‘ m ’ 的形式

babyAES

最基础的AES直接上脚本

1
2
3
4
5
6
7
8
9
10
11
from Crypto.Cipher import AES
import os
from gmpy2 import*
from Crypto.Util.number import*

iv = b'\xd1\xdf\x8f)\x08w\xde\xf9yX%\xca[\xcb\x18\x80'
key = b'\xa4\xa6M\xab{\xf6\x97\x94>hK\x9bBe]F'
c = b'C4:\x86Q$\xb0\xd1\x1b\xa9L\x00\xad\xa3\xff\x96 hJ\x1b~\x1c\xd1y\x87A\xfe0\xe2\xfb\xc7\xb7\x7f^\xc8\x9aP\xdaX\xc6\xdf\x17l=K\x95\xd07'
aes = AES.new(key,AES.MODE_CBC,iv)
flag = aes.decrypt(c)
print(flag)

ezDLP

离散对数问题,网上找到的脚本进行改进

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
import sympy
import binascii

m = 19
c = 199533304296625406955683944856330940256037859126142372412254741689676902594083385071807594584589647225039650850524873289407540031812171301348304158895770989218721006018956756841251888659321582420167478909768740235321161096806581684857660007735707550914742749524818990843357217489433410647994417860374972468061110200554531819987204852047401539211300639165417994955609002932104372266583569468915607415521035920169948704261625320990186754910551780290421057403512785617970138903967874651050299914974180360347163879160470918945383706463326470519550909277678697788304151342226439850677611170439191913555562326538607106089620201074331099713506536192957054173076913374098400489398228161089007898192779738439912595619813699711049380213926849110877231503068464392648816891183318112570732792516076618174144968844351282497993164926346337121313644001762196098432060141494704659769545012678386821212213326455045335220435963683095439867976162
n = 335215034881592512312398694238485179340610060759881511231472142277527176340784432381542726029524727833039074808456839870641607412102746854257629226877248337002993023452385472058106944014653401647033456174126976474875859099023703472904735779212010820524934972736276889281087909166017427905825553503050645575935980580803899122224368875197728677516907272452047278523846912786938173456942568602502013001099009776563388736434564541041529106817380347284002060811645842312648498340150736573246893588079033524476111268686138924892091575797329915240849862827621736832883215569687974368499436632617425922744658912248644475097139485785819369867604176912652851123185884810544172785948158330991257118563772736929105360124222843930130347670027236797458715653361366862282591170630650344062377644570729478796795124594909835004189813214758026703689710017334501371279295621820181402191463184275851324378938021156631501330660825566054528793444353


fl=sympy.discrete_log(n,c,m)
print(binascii.unhexlify(hex(fl)[2:]))#十六进制输出
#十六进制转ascii码
ag = fl
al = []
for i in range(0, len(ag), 2):
b = ag[i:i + 2]
al.append(chr(int(b, 16)))
flag = ''.join(al)
print (flag)

ezStram

流密码题目求出seed随机数种子的值,将值带入后求出明文

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
a = 3939333498
b = 3662432446
m = 2271373817
seed = 1

def next(a,b,m,seed):
seed = (a*seed+b)%m
return seed >> 16
def next1(a,b,m,seed):
seed = (a*seed+b)%m
seedd = (a*seed+b)%m
return seedd >> 16
while(1):
seed1 = next(a,b,m,seed)
if seed1 == 17362:
seed2 = next1(a,b,m,seed)
if seed2 == 20624:
print(seed)
break
seed += 1
#104984523
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
from Crypto.Util.number import*

class LCG:
def __init__(self):
self.a = 3939333498
self.b = 3662432446
self.m = 2271373817
self.seed = 104984523

def next(self):
self.seed = (self.a*self.seed+self.b) % self.m
return self.seed >> 16

def output(self):
print("a = {}nb = {}nm = {}".format(self.a, self.b, self.m))
print("state1 = {}".format(self.next()))
print("state2 = {}".format(self.next()))
lcg = LCG()
lcg.output()
cipher = 600017039001091357643174067454938198067935635401496485588306838343558125283178792619821966678282131419050878
cipher2 = long_to_bytes(cipher)
print(cipher2)
c = b''.join([long_to_bytes(cipher2[i] ^ (lcg.next() % 10))
for i in range(len(cipher2))])
print(long_to_bytes(c))

REVERSE

simpleXOR

使用IDA打开文件找到main函数,反编译看到程序基本运行逻辑,原代码的逻辑是将v7 =247与v5[i]+i进行异或运算得到的数据与result进行比较,那我们进行逆向的话,就需要先将&result和v7进行逆向,然后得到的数-i就是最终结果,脚本放在下面。

image-20220527174548401

1
2
3
4
5
6
7
8
9
10
list1 = [0xB3,0x91,0x82,0x80,0xC3,0x9B,0xCE,0x75,0xCF,0x9C,0x9A,0x85,0x85,0xCD,0xB8,0x84,0xAA,0x7D,0xBD,0xBB,0xB1,0xB5,0x96,0x71,0x8D,0x9E,0x86,0xBF,0x73,0xA8,0xA3,0x9C,0x83,0x65,0x9E,0x57]
flag=''
i=0
while True:
if i<len(list1):
flag += chr((0xF7^list1[i])-i)
i+=1
else:
break
print(flag)

WEB

phpdest

BUUCTF上面的原题 :WMCTF2020]Make PHP Great Again_Uzero.的博客-CSDN博客