BugKu encryption question type

This is the fifth day of my participation in the August More text Challenge. For details, see:August is more challenging


1. The juice

Morse code -… . -. – – – -.. – -.. . -…..

Decrypt KEY{bkctfmisc}

The tools used ctf.ssleye.com/morse.html >

Local fcCode tool github.com/findneo/fco…

2. Smart lamb

Enter using the FCcode tool

git clone https://github.com/findneo/fcode.git
Copy the code

or

git clone [email protected]:findneo/fcode.git
Copy the code

KYsd3js2E{a2jda}, a lamb climbed two fences, using the online tool tool.bugku.com/jiemi/

Column number is 2

KEY{sad23jjdsa2}

3.ok

Ook! Solution of confusion

From www.splitbrain.org/services/oo…

flag{ok-ctf-1234-admin}

www.splitbrain.org/services/oo…

Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook? Ook. Ook? Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook! Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook. Ook? Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook! Ook! Ook! Ook!
Ook! Ook! Ook? Ook. Ook? Ook! Ook. Ook? Ook! Ook! Ook! Ook! Ook! Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook. Ook? Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook? Ook. Ook? Ook! Ook. Ook? Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook! Ook! Ook! Ook! Ook! Ook! Ook? Ook.
Ook? Ook! Ook. Ook? Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook. Ook! Ook! Ook!
Ook! Ook! Ook! Ook! Ook! Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook!
Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook? Ook.
Ook? Ook! Ook. Ook? Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook!
Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook!
Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook? Ook. Ook? Ook! Ook. Ook? Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook. Ook? Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook? Ook. Ook? Ook! Ook. Ook? Ook. Ook. Ook! Ook.
Ook? Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook!
Ook! Ook! Ook! Ook! Ook! Ook? Ook. Ook? Ook! Ook. Ook? Ook! Ook! Ook! Ook!
Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook?
Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook?
Ook. Ook? Ook! Ook. Ook? Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook!
Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook! Ook. Ook. Ook. Ook! Ook. Ook. Ook. Ook! Ook. Ook. Ook. Ook! Ook.
Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook!
Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook? Ook. Ook? Ook! Ook. Ook? Ook. Ook.
Ook. Ook. Ook. Ook. Ook! Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook! Ook. Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook! Ook. Ook.
Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook! Ook. Ook? Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook! Ook? Ook! Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook.
Ook. Ook? Ook. Ook? Ook! Ook. Ook? Ook. Ook. Ook. Ook. Ook. Ook. Ook. Ook.
Ook. Ook. Ook. Ook. Ook! Ook. Ook? Ook.
Copy the code

From ctf.bugku.com/challenges#…

4. This is not Morse code

Confuse Brainfuck solution

From www.splitbrain.org/services/oo…

flag{ok-c2tf-3389-admin}

5. Simple encryption

e6Z9i~]8R~U~QHE{RnY{QXg~QnQ{^XVlRXlp^XI5Q6Q6SKY8jUAA

Cesar, run in Python

Method 1 code:

str = "e6Z9i~]8R~U~QHE{RnY{QXg~QnQ{^XVlRXlp^XI5Q6Q6SKY8jUAA"
for a in range(127):
key = ""
for i in str:
temp = chr((ord(i)+a)%127)
if 32<ord(temp)<127:
key = key + temp
feel = 1
else:
feel = 0
break
if feel == 1:
print(key)
Copy the code

From the CTF. Yuanlichenai. Cn / 2018/05/07 /…

The segment into base64 encoding: a2V5ezY4NzQzMDAwNjUwMTczMjMwZTRhNThlZTE1M2M2OGU4fQ = = then use base64 decoding

Tool.chinaz.com/Tools/Base6…

Get the flag: key {68743000650173230 e4a58ee153c68e8}

6. Scattered ciphertext

Lf5 {ag024c483549d7fd@@1} 2 1 6 5 3 4 2 1 6 5 3 4 L f5{ag024 C 483549d7fd@@1 f25dl03fa4d1g87}{c9@544@

On the fence, the fence is equal to 6 www.qqxiuzi.cn/bianma/zhal… Get flag{52048c453d794df1}@@, remove two @@

7. Minister Caesar’s award

Key points: Word frequency analysis

Or scripts, pay attention to the code format

#! /usr/bin/env python
# -*- coding: utf-8 -*- 
 
upperDict=['A'.'B'.'C'.'D'.'E'.'F'.'G'.'H'.'I'.'J'.'K'.'L'.'M'.'N'.'O'.'P'.'Q'.'R'.'S'.'T'.'U'.'V'.'W'.'X'.'Y'.'Z']
lowerDict=['a'.'b'.'c'.'d'.'e'.'f'.'g'.'h'.'i'.'j'.'k'.'l'.'m'.'n'.'o'.'p'.'q'.'r'.'s'.'t'.'u'.'v'.'w'.'x'.'y'.'z']
 
def cesarWithLetter(ciphertext,offset) :
Parameter: cipherText: plaintext offset: offset
result = ""
for ch in ciphertext:
if ch.isupper():
result=result+upperDict[((upperDict.index(ch)+offset)%26)]
elif ch.islower():
result=result+lowerDict[((lowerDict.index(ch)+offset)%26)]
elif ch.isdigit():
result=result+ch
else:
result=result+ch
return result
 
def printAllResult(ciphertext) :
Print all offset results
for i in range(len(upperDict)):
print cesarWithLetter(ciphertext,i)
 
#ciphertext=input("Please input the words : ")
ciphertext = "MSWbyly_Cm_sIol_lYqUlx_yhdIs_Cn_Wuymul_il_wuff_bcg_pCwnIl_cm_u_Yrwyffyhn_guh_cz_sio_quhn_ni_ayn_bcm_chzilguncihm_sio_wu h_dich_om"
printAllResult(ciphertext)
 
 
Copy the code

We can confirm that MSW=SYC

SYChere_Is_yOur_rEwArd_enjOy_It_Caesar_or_call_him_vIctOr_is_a_Excellent_man_if_you_want_to_get_his_informations_you_can _join_us, add {} to flag

8. A Base64

Method 1. Salt-neko.com/2018/02/14/… Solution 2: Using the encoding tool Converter, copy the Text contents in and Decode base64, Unescape, Hex to Text, Unescape (as long as the arguments in brackets), Dec to Text, Decode HTML in the following order. The resulting Unicode: from the CTF. Yuanlichenai. Cn / 2018/05/07 /… The & # 102; The & # 108; The & # 97; The & # 103; & # 37; & # 55; The & # 66; The & # 99; The & # 116; The & # 102; The & # 95; The & # 116; The & # 102; The & # 99; & # 50; & # 48; & # 49; & # 55; & # 49; & # 55; The & # 113; The & # 119; The & # 101; & # 37; & # 55; The & # 68;

Flag (manual decoding *^▽^* : “%7B” = “{“,” %7D “=”} “) solution 3

#coding:utf-8
# python 2.7
import urllib
import re
#1. The first layer of Base64
with open('8base64.txt') as f:
    cipher1 = f.read()
plain1 = cipher1.decode('base64')
# print plain1, type(plain1)

#2. The second layer, based on the form of plain1 (integers 0-7), is presumed to be encrypted in base 8
cipher2 = plain1
cipher2 = re.findall(r'\d+', cipher2)
# print cipher2
plain2 = ' '
for i in cipher2:
    plain2 += chr(int(i, 8))
# print plain2
#3. The third layer, based on the form of Plain2 (\ XDD), is presumed to be hexadecimal encryption
cipher3 = plain2
cipher3 = re.findall(r'\d+', cipher3)
# print cipher3
plain3 = ' '
for i in cipher3:
    plain3 += chr(int(i, 16))
# print plain3
#4. The fourth layer, based on the form of Plain3 (UDD *), is presumed to be Unicode
cipher4 = plain3
cipher4 = re.findall(r'u[\d\w]+', cipher4)
# print cipher4
cipher4 = ' '.join(cipher4).replace('u'.'\u')
# print cipher4
plain4 = cipher4.decode('unicode-escape').encode('utf-8')Convert Unicode to Chinese from Zhihu
# print plain4
#5. On the fifth layer, convert all numbers to ASCII according to plain4 form
cipher5 = plain4
cipher5 = re.findall('\d+', cipher5)
# print cipher5
plain5 = ' '
for i in cipher5:
    plain5 += chr(int(i))
# print plain5
#6. The sixth layer, Baidu Plain5 encoding format (&#x) to get the decoding method
cipher6 = plain5
# print cipher6
cipher6 = re.findall(r'\d+\w? ', cipher6)
# print cipher6
plain6 = ' '
for i in cipher6:
    plain6 += chr(int(i, 16))
# print plain6
#7. On the seventh layer, the baidu Plain6 encoding format (&#) gets the decoding method
cipher7 = plain6
cipher7 = re.findall('\d+', cipher7)
# print cipher7
flag = ' '
for i in cipher7:
    flag += unichr(int(i))
# print flag
flag = urllib.unquote(flag)
print flag
Copy the code

# # author: hidden 々 xuanyuan links: www.jianshu.com/p/3f19c1690… The copyright of the brief book belongs to the author, and any form of reprinting, please contact the author to obtain authorization and indicate the source.

For flag

flag{ctf_tfc201717qwe}

9 .!?

From ctf.bugku.com/challenges#… Ook! Solution of confusion

. . . . ! ? !!!!! .? . . . . .? .? ! .? . .! . . . ! .? . . ! ? !!!!! .? !!!!!!!!!! !!!!! ? .? ! .? !!!!! !!!!!!!!! . . . .! .? . . ! ? !!!!! .? . . ? .? ! .? . . .! .? . . ! ? !!!!! .? !!!!!!!!!! !!!!!!!!!!!!!! ! ? .? ! .? ! .? . . ! ? !!!!! .? . . ? .? ! .? . ! .? . . ! ? !!!!! .? !!!!!!!!!! !!!!! ? .? ! .? !!!!! !!!!!!!!!!!!!! !!!!!!!!!! . . ! .? . . ! ? !!!!! .? . ? .? ! .? . ! .? . . ! ? !!!!! .? !!!!!!!!!! !!!!!!!!!! ? .? ! .? !!!!!!!!!!!!!! !!!!!!!!!!!!!! !!!!!!!!! .? . . ! ? ! ! .? . . ? .? ! .? . ! .!!!!!! .!!!!!!!!!!! !!!!!!!!!!!!!! !!!!!!!!!!!!!! !!!!! .? . .! ? !!!!! .? . . ? .? ! .? . ! .!!!!!! !!!!!!!!!!!!!! ! .? . . . ! ? ! ! .? . . .? .? ! .? . . ! .? .Copy the code

From ctf.bugku.com/challenges#…

flag{bugku_jiami}

10. + []

Brainfuck confuses from ctf.bugku.com/challenges#…

+ + + + + + + + + + / - > + + + + + + + + + + > <] + +. + + + + + +. The + + + (- > - <) > - - + + + + + +. The + + + + (- > + + + + + + + + <] >. < + + + + + / - > -- -- -- -- <] >. < + + + + + + + + / - > <) > + + +. The + + + (- > - - - > <]. + + + +. The + + + (+ + + - > <) > +. The + + + + (- > - <) > -- -- -- -- -- - "+ + + [+ + + - > <) > + +. -. -- -- -- -- -- -. "+ + + [+ + + - > <) > + + +. -." + + + [- > -- -- -- <] >. < + + + + + + / - > -- -- -- <] > -- -- -- -- -- -. +. The + + + + + + + + (- > + + + + + + + + > <] + + + + + + + + + +.Copy the code

flag{bugku_jiami_23}

11. Weird passwords

Main point: Mutated Caesar

Python scripts l

ist = 'GNDK euro RLQHMTKWWP} z'
flag = ' '
num = 1
for i in list:
a = ord(i)
a -= num
flag += chr(a)
num +=1
 
print(flag)
Copy the code

From the CTF. Yuanlichenai. Cn / 2018/05/07 /…

11 strangepasswd python3.5. Py

Flag ₧lei_ci_jiami flag {lei_ci_jiami}

Thomas Jefferson

1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <2: < KPBELNACZDTRXMJQOYHGVSFUWI <3: < BDMAIZVRNSJUWFHTEQGYXPLOCK <4: < RPLNDVHGFCUKTEBSXQYIZMJWAO <5: < IHFRLABEUOTSGJVDKCPMNZQWXY <6: < AMKGHIWPNYCJBFZDRUSLOQXVET <7: < GWTHSPYBXIZULVKMRAFDCEONJQ <8: < NOZUTWDCVRJLXKISEFAPMYGHBQ <9: < QWATDSRFHENYVUBMCOIKZGJXPL <10: < WABMCXPLTDSRJQZGOIKFHENYVU <11: < XPLTDAOIKFZGHENYSRUBMCQWVJ <12: < TDSWAYXPLVUBOIKZGJRFHENMCQ <13: < BMCSRFHLTDENQWAOXPYVUIKZGJ <14: < XPHKZGJTDSENYVUBMLAOIRFCQW <Copy the code

Key: 2,5,1,3,6,4,9,7,8,14,10,13,11,12 cipher: HCBTSXWCRQGLES do know:

① Reorder the rows according to the key

2: < KPBELNACZDTRXMJQOYHGVSFUWI <5: < IHFRLABEUOTSGJVDKCPMNZQWXY <1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE <3: < BDMAIZVRNSJUWFHTEQGYXPLOCK <6: < AMKGHIWPNYCJBFZDRUSLOQXVET <4: < RPLNDVHGFCUKTEBSXQYIZMJWAO <9: < QWATDSRFHENYVUBMCOIKZGJXPL <7: < GWTHSPYBXIZULVKMRAFDCEONJQ <8: < NOZUTWDCVRJLXKISEFAPMYGHBQ <14: < XPHKZGJTDSENYVUBMLAOIRFCQW <10: < WABMCXPLTDSRJQZGOIKFHENYVU <13: < BMCSRFHLTDENQWAOXPYVUIKZGJ <11: < XPLTDAOIKFZGHENYSRUBMCQWVJ <12: < TDSWAYXPLVUBOIKZGJRFHENMCQ <Copy the code

(2) at the same time have a one-to-one correspondence, namely the keys: 2,5,1,3,6,4,9,7,8,14,10,13,11,12 cipher: H, C, B, T, S, X, W, C, R, Q, G, L, E, S ③ Then determine the position of the first ciphertext, and move each ciphertext and its following letters to the front of each line. For example:

HGVSFUWIKPBELNACZDTRXMJQOY
CPMNZQWXYIHFRLABEUOTSGJVDK
BVIQHKYPNTCRMOSFEZWAXJGDLU
TEQGYXPLOCKBDMAIZVRNSJUWFH
SLOQXVETAMKGHIWPNYCJBFZDRU
XQYIZMJWAORPLNDVHGFCUKTEBS
WATDSRFHENYVUBMCOIKZGJXPLQ
CEONJQGWTHSPYBXIZULVKMRAFD
RJLXKISEFAPMYGHBQNOZUTWDCV
QWXPHKZGJTDSENYVUBMLAOIRFC
GOIKFHENYVUWABMCXPLTDSRJQZ
LTDENQWAOXPYVUIKZGJBMCSRFH
ENYSRUBMCQWVJXPLTDAOIKFZGH
SWAYXPLVUBOIKZGJRFHENMCQTD
Copy the code

(4) Use the script to iterate through each column after the ing shift, and find the special sentence that is flag 1

a ="""HGVSFUWIKPBELNACZDTRXMJQOY
CPMNZQWXYIHFRLABEUOTSGJVDK
BVIQHKYPNTCRMOSFEZWAXJGDLU
TEQGYXPLOCKBDMAIZVRNSJUWFH
SLOQXVETAMKGHIWPNYCJBFZDRU
XQYIZMJWAORPLNDVHGFCUKTEBS
WATDSRFHENYVUBMCOIKZGJXPLQ
CEONJQGWTHSPYBXIZULVKMRAFD
RJLXKISEFAPMYGHBQNOZUTWDCV
QWXPHKZGJTDSENYVUBMLAOIRFC
GOIKFHENYVUWABMCXPLTDSRJQZ
LTDENQWAOXPYVUIKZGJBMCSRFH
ENYSRUBMCQWVJXPLTDAOIKFZGH
SWAYXPLVUBOIKZGJRFHENMCQTD"""
b="HCBTSXWCRQGLES"
a=a.splitlines()
for j in range(26) :for i in range(len(b)):
print(a[i][j],end=' '),
print(a)Copy the code

From the CTF. Yuanlichenai. Cn / 2018/05/07 /…

2) Generic scripts

list1 = """ Because of key, So it's very important to this line line feed ZWAXJGDLUBVIQHKYPNTCRMOSFE KPBELNACZDTRXMJQOYHGVSFUWI BDMAIZVRNSJUWFHTEQGYXPLOCK RPLNDVHGFCUKTEBSXQYIZMJWAO IHFRLABEUOTSGJVDKCPMNZQWXY AMKGHIWPNYCJBFZDRUSLOQXVET GWTHSPYBXIZULVKMRAFDCEONJQ NOZUTWDCVRJLXKISEFAPMYGHBQ XPLTDSRFHENYVUBMCQWAOIKZGJ UDNAJFBOWTGVRSCZQKELMXYIHP MNBVCXZQWERTPOIUYALSKDJFHG LVNCMXZPQOWEIURYTASBKJDFHG JZQAWSXCDERFVBGTYHNUMKILOP"""
key = [2 ,3 ,7 ,5 ,13 ,12 ,9 ,1 ,8 ,10 ,4 ,11 ,6]
crypto = 'NFQKSEVOQOFNP'
 
# Newline operation
list2 = []
list1 = list1.splitlines()
for i in key:
list2.append(list1[i])
 
# Move the ciphertext to the first column to generate the password table
def Table() :
table = []
for i in range(len(key)):
num = list2[i].find(crypto[i])
list = ' '
for j in range(26) :if num >= 25:
num -= 26
list += list2[i][num]
num += 1
table.append(list)
return table
 
# traversal
def Flag(table) :
for j in range(26) :for i in range(len(key)):
print(table[i][j] ,end=' '),
print(a)if __name__ == '__main__':
table = Table()
Flag(table)
 
# FIREINTHEHOLE
Copy the code

From the CTF. Yuanlichenai. Cn / 2018/05/07 /…

⑤ flag{XSXSBUGKUADMIN} = lower case flag{XSXSBUGKUADMIN}

13. Zip pseudo encryption

Example Change the global encryption of the compressed source file data area to 00 00 and the global mode bit of the compressed source file directory area to 00 00

flag{Adm1N-B2G-kU-SZIP}

14. Tell you a Secret (ISCCCTF)

636A56355279427363446C4A49454A7154534230526D6843 56445A31614342354E326C4B4946467A5769426961453067

Convert hexadecimal to ASCII first

Get: cjV5RyBscDlJIEJqTSB0RmhCVDZ1aCB5N2lKIFFzWiBiaE0g www.rapidtables.com/convert/num…

To get base64 decoding: r5yG lp9I BjM tFhBT6uh y7iJ QsZ bhM tool.chinaz.com/Tools/Base6…

Combined with the group of characters, look at the position on the keyboard, r5yG is t in the middle, and so on and so on. The answer is tongyuan. After several tries, type tongyuan in capital

15 This is not MD5

666c61677b616537333538376261353662616566357d

Direct hexadecimal conversion to a string

www.rapidtables.com/convert/num…

flag{ae73587ba56baef5}

16 The Bess family

Base family, which should not be Base64, and retrograde attempts

Base16/32/36/58/62 decoding fails. Procedure

Ctf.ssleye.com/base64.html ctf.ssleye.com/ trying base91 decoding, the decoding success. ctf.ssleye.com/base91.html

flag{554a5058c9021c76}

17 Prosperity and democracy

Core values decoding questions, online decoding

Ctf.ssleye.com/cvencode.ht…

flag{90025f7fb1959936}

18Python(N1CTF)

The title provides two files, challenge.py and n1es.py.

Although it seems to mimic AES, the plaintext and ciphertext are actually mapped one by one. The complexity is not the disgusting 100^48 but only 100*48. The exhaustive is fast. One small snag is L, R = R, L, line 71 of n1es.py, This led to a clear [0:8], [6], [so], [he], [so], [side], respectively is the corresponding ciphertext [6], [0:8], [he], [so], [side], [so], Be careful when writing an exhaustive script.

From findneo. Making. IO / 180310 n1ctf…

Write the crack.py file

import base64,string,N1ES
key = "wxy191iss00000000000cute"
c = base64.b64decode("HRlgC2ReHW1/WRk2DikfNBo1dl1XZBJrRR9qECMNOjNHDktBJSxcI1hZIz07YjVx")
n1es = N1ES.N1ES(key)
f=""
for i in xrange(3) :for j in xrange(16) :for k in string.printable:
s="x"*i*16+"x"*j+k+"x"* (48-i*16-j-1)
e=n1es.encrypt(s)
check=c[i*16+j+8]==e[i*16+j+8] if j<8 else c[i*16+j-8]==e[i*16+j-8]
if check:
f+=k
break
print f
# N1CTF{F3istel_n3tw0rk_c4n_b3_ea5i1y_s0lv3d_/--/}
Copy the code

From findneo. Making. IO / 180310 n1ctf…

The encryption process and round_add are reversible. Add the decryption code directly to the source file as follows:

Base 19 conversion

Key programming basis, base conversion problem solving

import binascii
text = "d87 x65 x6c x63 o157 d109 o145 b100000 d116 b1101111 o40 x6b b1100101 b1101100 o141 d105 x62 d101 b1101001 d46 o40 d71 x69 d118 x65 x20 b1111001 o157 b1110101 d32 o141 d32 d102 o154 x61 x67 b100000 o141 d115 b100000 b1100001 d32 x67 o151 x66 d116 b101110 b100000 d32 d102 d108 d97 o147 d123 x31 b1100101 b110100 d98 d102 b111000 d49 b1100001 d54 b110011 x39 o64 o144 o145 d53 x61 b1100010 b1100011 o60 d48 o65 b1100001 x63 b110110 d101 o63 b111001 d97 d51 o70 d55 b1100010 d125 x20 b101110 x20 b1001000 d97 d118 o145 x20 d97 o40 d103 d111 d111 x64 d32 o164 b1101001 x6d o145 x7e"
solution = ' '
text2 = text.split(' ')
for x in text2:
    print x
    if x[0] = ='b': #binary
        solution += chr(int(x[1:].2))    
    elif x[0] = ='x': # hexadecimal
        solution += x[1:].decode("hex")    
    elif x[0] = ='d': # decimal
        solution += chr(int(x[1:))elif x[0] = ='o': # octal
        solution += chr(int(x[1:].8))
print solution
Copy the code

From www.sdnisc.cn/detail_285_…

flag{1e4bf81a6394de5abc005ac6e39a387b}

20afine

Affine encryption

The problem solving process

def affine(a,b) :
pwd = {}
for i in range(26):
pwd_dic[chr(((a*i+b)%26+97=))]chr(i+97)
return pwd_dic
if __name__ == '__main__':
pwd_dic = {}
pwd = 'szzyfimhyzd'
plain = []
pwd_dic = affine(17, -8)
for i in pwd:
plain.append(pwd_dic[i])
print "Flag is : " + "".join(plain)
Copy the code

flag{affineshift}

21Crack it

Shadow file cracking, in Kali directly under the use of John to crack

flag{hellokitty}

22.RSA

Their thinking blog.csdn.net/shenzhang73…

It can be seen that E is very large. When E is very large, the method of Wiener attack can be used to crack it. As RsaCtfTool is integrated with the method of Wiener attack, the private key can be directly calculated using RsaCtfTool

1) Installation tool Ganapati/RsaCtfTool Github source github.com/Ganapati/Rs… Github.com/Ganapati/Rs…

Installation and use of RsaCtfTool

From www.freebuf.com/sectool/185…

Installation failed

After the installation is complete, go

python /mnt/d/security/emulation/ctftools/RsaCtfTool/R
saCtfTool.py --createpub -n 460657813884289609896372056585544172485318117026246263899744329237492701820627219556007788200590119136173895989001382151 536006853823326382892363143604314518686388786002989248800814861248595075326277099645338694977097459168530898776007293695 728101976069423971696524237755227187061418202849911479124793990722597 -e 354611102441307572056572181827925899198345350228753730931089393275463916544456626894245415096107834465778409532373187125 318554614722599301791528916212839368121066035541008808261534500586023652767712271625785204280964688004680328300124849680 477105302519377370092578107827116821391826210972320377614967547827619 > 22rsa.pem
Copy the code
python /mnt/d/security/emulation/ctftools/RsaCtfTool/RsaCtfTool.py --publickey 22rsa.pem --private > 22rsa.key
Copy the code
python /mnt/d/security/emulation/ctftools/RsaCtfTool/RsaCtfTool.py --key 22rsa.key --dumpkey
Copy the code

Get P, q, e, directly decrypt the ciphertext, get Flag,

The code looks like this:

#coding:utf-8
from libnum import n2s,s2n
import base64
def gcd(a, b) :   # Find the greatest common divisor
if a < b:
    a, b = b, a
whileb ! =0:
    temp = a % b
    a = b
    b = temp
return a
 
def egcd(a, b) :
if a == 0:
    return (b, 0.1)
else:
    g, y, x = egcd(b % a, a)
    return (g, x - (b // a) * y, y)
 
def modinv(a, m) :
g, x, y = egcd(a, m)
ifg ! =1:
    raise Exception('modular inverse does not exist')
else:
    return x % m
    
if __name__ == "__main__":
p=159918469709932133220726269015607499326863257664034048640233418107353192490663709160906409262190793688455104440314003222 29147771682961132420481897362843199
q=288057917712602594868569027290204386866703544412962471482078628360646578497353436182070981639017872873685697684725213446 35567334299356760080507454640207003
e = 354611102441307572056572181827925899198345350228753730931089393275463916544456626894245415096107834465778409532373187125 318554614722599301791528916212839368121066035541008808261534500586023652767712271625785204280964688004680328300124849680 477105302519377370092578107827116821391826210972320377614967547827619
# tmp = base64.b64decode("qzogS7X8M3ZOpkUhJJcbukaRduLyqHAPblmabaYSm9iatuulrHcEpBmil7V40N7gbsQXwYx5EBH5r5V2HRcEIOXjgfk5vpGLjPVxBL yXh2DajHPX6KvbFpQ8jNpCQbUNq8Hst00yDSO/6ri9dk6bk7+uyuN0b2K1bNG5St6sCQ4qYEA3xJbsHFvMqtvUdhMiqO7tNCUVTKZdN7iFvSJqK2IHosIf7F qO24zkHZpHi31sYU7pcgYEaGkVaKs8pjq6nbnffr4URfoexZHeQtq5UAkr95zD6WgvGcxaTDKafFntboX9GR9VUZnHePiio7nJ3msfue5rkIbISjmGCAlj+w = = ")
# =
d = modinv(e, (p - 1) * (q - 1))
# c=s2n(tmp)
c = 382309913162293996518235675906923010600446204121917377646323846805462562284515182388429652213947118483378324594438444468 894683621541882148407367446578858589438101776758719911114666531582571911396056999163473082949956645302808168504827405306 02254559123759121106338359220242637775919026933563326069449424391192
#c = 225031483444634056931067907865853799650197225351377050632290334721073031287701730297815850654473721939907812470206115171 738967740183098960272963323728747481560137205796840356532306950935686580268408289864109695494835661414073083573249882362 332920722000099781994315336570711188934565379141406727420346806389405536474102730682155998263607095718543239272202402139 286809779368710600842078606046563228470023546348908618719147790859257980882643030144242048154566691808688844513142261099 020381730517293884263384819159874220288293023868919557980548807831273449743064237407705987056818011286315950476959812697 067649075359373253
n = p*q
m=pow(c,d,n)
print n2s(m)
Copy the code

Author: period of _Ross source: CSDN, blog.csdn.net/shenzhang73… Copyright statement: this article is the original article of the blogger, reprint please attach the link of the blog!

flag{Wien3r_4tt@ck_1s_3AsY}

23 Signals from the universe

Check the password table to get flag, refer to Baidu Encyclopedia: standard Galaxy letters: baike.baidu.com/item/%E6%A0…

flag{nopqrst}