• 注:复现,并非全是比赛时解出来的,该题解主要用于个人记录与分享

misc

bash-fu

Description

1
2
3
BASH <3 UPPERCASE

nc 13.234.130.76 7002

Analysis

1
2
3
4
5
6
7
8
bash: cannot set terminal process group (1): Not a tty
bash: no job control in this shell
bash-4.4$ ls
ls
bash: LS: command not found
bash-4.4$ pwd
pwd
bash: PWD: command not found

该题将命令变成大写以至于失效,该如何绕过呢

Solve

Methods 1

思路来源于

创造出小写字母,发现可以使用字符串传参,然后执行字符串即可,

如:

1
2
3
[root@vultr ~]# l='ls /'
[root@vultr ~]# ${l,,}
bin ....

详细解题过程看上方链接

Methods 2

使用Linux自带参数跳出大写锁定。

思路来源:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
linux中shell变量$#,$@,$0,$1,$2的含义解释: 
变量说明:
$$
Shell本身的PID(ProcessID)
$!
Shell最后运行的后台Process的PID
$?
最后运行的命令的结束代码(返回值)
$-
使用Set命令设定的Flag一览
$*
所有参数列表。如"$*"用「"」括起来的情况、以"$1 $2 … $n"的形式输出所有参数。
$@
所有参数列表。如"$@"用「"」括起来的情况、以"$1" "$2" … "$n" 的形式输出所有参数。
$#
添加到Shell的参数个数
$0
Shell本身的文件名
$1~$n
添加到Shell的各参数值。$1是第1参数、$2是第2参数…。

这里有bashPDF文档一份:

本题解法:

1
2
3
4
$0
ls
ls /jail
cat /jail/flag.txt
Methods 3

思路来源

正统解法,将命令改回小写锁定(谷歌得)

1
${command,,} - the , denotes lowercase

然后正常操作即可

flag:

1
flag{b@$h_jails_are_3asy_p3@sy}

Let it go

Description

1
So come on, let it go Just let it be Why don't you be you And I'll be me....

一个challenge.pcap文件

Analysis

文件全程进行NTP协议(网络时间协定)交互。

NTP协议介绍:

Solve

额,解题其实跟会不会NTP协议没有一点关系。。。。我服了

脑洞题(题解来自ctftime–PwnaSonic战队):

1
2
3
4
5
6
7
8
9
10
11
challenge.pcap is a file that captures only NTP packets.

I checked the IP address carefully. Then I found that the first byte of the IP address (xxx.168.43.105) is a flag.

No.12: 70 .168.43.105   70=F
No.14: 76 .168.43.105   76=L
No.16: 65 .168.43.105   65=A
No.18: 71 .168.43.105   71=G
No.20: 123 .168.43.105   123={
...
No.82: 125 .168.43.105   125=}

flag:

1
FLAG{WH3R3_H4V3_U_B33n_All_MY_LiF3}

vish

Description

1
2
3
Vim is a versatile piece of technology. But can it hold?

http://13.234.130.76:7003

Analysis

进入vim编辑界面,可以通过Ctrl+W进入命令行,可以通过执行

1
:![随便附加命令]

Solve

1
2
:!ls /
:!cat /flag.txt

flag:

1
flag{bram_loves_jails}

crypto

oldschool

Description

1
Csj mexp vz gvmM3wjkCMwnHCs3XmMvkjDvQs3w

Analysis

使用的是affine cipher加密

这里有一个中英双语的affine cipher解读:

Solve

暴力破解,或手动写脚本暴力破解

在线解(参数设置,3 ——23)

1
the flag is diff3rentfromth3affineciph3r

提交不对,注意大小写,将对应大写改为大写即可

1
2
gvmM3wjkCMwnHCs3XmMvkjDvQs3w
difF3renTFroMTh3AfFineCiPh3r

flag:

1
flag{difF3renTFroMTh3AfFineCiPh3r}

RivestShamirAdleman

Description

就一个txt文件。

e = 3
n = 22272129080562722886614022632205442705494455272860112814093083500097723366897651161029102178806468364810560145326674298943748926312059319333104024877629414355081997511170571841726554870330438449136414942769879449909945280622679982416961505259605748700527626064176345428348075666618966413358066674766244602120334405919054045097465042177827566762056612497539403392371174259602854649957161582616110665358774209954483243807893225011511670025850800717182535575577848500527430246259134071980979951803599863210705004134764027126983838884518704239682964897619030091789047630556807645411417077149617559860988186649846538955623
c = 56274920108122478990888092521371739605513959053322262229138771723654033167756128122086229722406180593128664696512912311575327724724695863345048713415525599333

Analysis

低指数攻击(这个n太大了,按照flag的长度,hex(flag)**3远小于n,可以直接开方)

有关rsa的其他操作可以看本人以前的文章:

Solve

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
import binascii
import gmpy2

e = 3
n = 22272129080562722886614022632205442705494455272860112814093083500097723366897651161029102178806468364810560145326674298943748926312059319333104024877629414355081997511170571841726554870330438449136414942769879449909945280622679982416961505259605748700527626064176345428348075666618966413358066674766244602120334405919054045097465042177827566762056612497539403392371174259602854649957161582616110665358774209954483243807893225011511670025850800717182535575577848500527430246259134071980979951803599863210705004134764027126983838884518704239682964897619030091789047630556807645411417077149617559860988186649846538955623
c = 56274920108122478990888092521371739605513959053322262229138771723654033167756128122086229722406180593128664696512912311575327724724695863345048713415525599333
i = 0
while 1:
if(gmpy2.iroot(c+i*n,e)[1]==1):
m,s = gmpy2.iroot(c+i*n,e)
print(m)
print(i)
print(hex(int(m)))
flag = binascii.unhexlify(hex(int(m))[2:-1])
print(flag)
break
i = i+1
#i=0

flag:

1
flag{nO_paDDing00_rsa}

veryAsymmetric

Description

题目给了3个文件

1
2
3
publickey.pem
privatekey.pem
ciphertext.txt

Analysis

题目服务器关了,无法下载文件了(我比赛时没有看这个题)

不过只要是对于n的分解,可以采用

分解,然后求出n的欧拉值

Solve

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
import gmpy2
import binascii
factor = [115792089237316195423570985008687907853269984665640564039457584007913129619947,
115792089237316195423570985008687907853269984665640564039457584007913129622923,
115792089237316195423570985008687907853269984665640564039457584007913129592533,
115792089237316195423570985008687907853269984665640564039457584007913129565927,
115792089237316195423570985008687907853269984665640564039457584007913129541417,
115792089237316195423570985008687907853269984665640564039457584007913129526203,
115792089237316195423570985008687907853269984665640564039457584007913129507009,
115792089237316195423570985008687907853269984665640564039457584007913129472659]
n = 32317006071311007300714876688669951960444102669715484032130345427524654951631353355419877650806916212276402500548858834151025886661601982160629740366812343760839221218796456588791364620661035477524068742062486001097578134510998674555248555977747978320447065884046895815192913148345135256027099316122532348924259238397978283369582137813597737466275611732114098373554060037893185561621885934653748989988135247387463949515190516437670638317207973599216865318816980188306165655166925075452855367348439305737609452524641689752934451982713102744691251509730280711661703014774940296810705133733436287195960150698286350156051
phi = 1
e = 257
for i in factor:
phi = phi*(i-1)

d = gmpy2.invert(e,phi)
print (d*e)%phi
c = 0xe51dadb138bcfc8f132fb353cb49f1c8c5543f4e7b81a071882b1e278c7b96db88f2dc0a73b6cb4f827f3fe6b83344ab625c1060a36754eae25d1cf96a2885c6d81706ef9e041a9f7e4c688a65d35b47cdbb0aa8759c8e60f46a070c0dd289d57f4bf9b5f37a687c104d00bb4b732d26ab042b624431c071ab35e351613504fe4c2de6bc0d9be0a856f2f6d89a883c134351469f7489ad28cc6795e35dc6fb2e207c736d8d37863c09aec376e74af3ec37ae0d3b18083681989ad6394d6837fe66fccd506c85daf8b2b5ff3e544cc7098a1e3b67e5737037217fe7a0df79d002420db69c561d2f0c420d74898fd120540d32dfb63cf5059db2c7ef41697bcb8f
m = pow(c,d,n)
print binascii.unhexlify(hex(int(m))[2:-1])

flag:

1
flag{s0_youH_ave_found_Al1_7h3_PrIm3s}

veryAsymmetric

Description

1
2
3
Start with this one!

nc 13.233.66.116 5000

题目给了个文件 bb.py

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/usr/bin/python3 -u
import os
from binascii import hexlify, unhexlify

flag = open("./flag","rb").read()

class bb(object):
def __init__(self, key):
self.meh = [x for x in range(256)]
j = 0
for i in range(256):
j = (j + self.meh[i] + key[i%len(key)])&0xff
self.meh[i], self.meh[j] = self.meh[j], self.meh[i]
self.cat = 0
self.mouse = 0

def crypt(self, string):
out = []
for c in string:
self.cat = (self.cat+1)&0xff
self.mouse = (self.cat+self.meh[self.cat])&0xff
self.meh[self.cat], self.meh[self.mouse] = self.meh[self.mouse], self.meh[self.cat]
k = self.meh[ (self.meh[self.cat]+self.meh[self.mouse])&0xff ]//2
out.append((c+k)&0xff)
return bytearray(out)


cipher = bb(os.urandom(32))

while True:
print("Commands: \n(e)ncrypt msg or (p)rint flag")
choice = input()

if choice == 'e':
message = input()
print(hexlify(cipher.crypt(unhexlify(message))))
elif choice == 'p':
print(hexlify(cipher.crypt(flag)))
else:
print("meh!")

Analysis

这个是在积累知识点,阅读大佬的writeup

Solve

大佬的代码在我本地跑有点问题

1
2
3
q = (L[k][i] - o) & 255
改为:
q = (ord(L[k][i]) - ord(o)) & 255

完整代码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
import socket
from binascii import unhexlify as unhex

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('13.233.66.116', 5000))
s.recv(4096)

L = []
charset = b'{}ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'

count = 0
while True:
s.send(b'p\n')
res = s.recv(4096)
try:
res = unhex(res.split(b'\n')[0].split(b"'")[1])
except:
continue
L.append(res)

plaintext = b''
for i in range(43):
for o in charset:
good = True
for k in range(len(L)):
q = (ord(L[k][i]) - ord(o)) & 255
if q >= 128:
good = False
break
if good:
plaintext += bytes([o])
break

print(count, plaintext)
count += 1

flag:

1
flag{4r3_dyn4m1c_sb0x3s_a_th1ng_0f_b34uty}