2020-01-31发表2020-05-23更新CTF24 分钟读完 (大约3534个字)0次访问

HGAME 2020 Week2 wp

武汉加油！

Reverse

1. Classic_CrackMe

file查看文件类型

.net的逆向可以用dnSpy
核心代码为

private void button1_Click(object sender, EventArgs e)
{
	if (this.status == 1)
	{
		MessageBox.Show("你已经激活成功啦，快去提交flag吧~~~");
		return;
	}
	string text = this.textBox1.Text;
	if (text.Length != 46 || text.IndexOf("hgame{") != 0 || text.IndexOf("}") != 45)
	{
		MessageBox.Show("Illegal format");
		return;
	}
	string base64iv = text.Substring(6, 24);
	string str = text.Substring(30, 15);
	try
	{
		Aes aes = new Aes("SGc0bTNfMm8yMF9XZWVLMg==", base64iv);
		Aes aes2 = new Aes("SGc0bTNfMm8yMF9XZWVLMg==", "MFB1T2g5SWxYMDU0SWN0cw==");
		string text2 = aes.DecryptFromBase64String("mjdRqH4d1O8nbUYJk+wVu3AeE7ZtE9rtT/8BA8J897I=");
		if (text2.Equals("Same_ciphertext_"))
		{
			byte[] array = new byte[16];
			Array.Copy(aes2.EncryptToByte(text2 + str), 16, array, 0, 16);
			if (Convert.ToBase64String(array).Equals("dJntSWSPWbWocAq4yjBP5Q=="))
			{
				MessageBox.Show("注册成功！");
				this.Text = "已激活，欢迎使用！";
				this.status = 1;
			}
			else
			{
				MessageBox.Show("注册失败！\nhint: " + aes2.DecryptFromBase64String("mjdRqH4d1O8nbUYJk+wVu3AeE7ZtE9rtT/8BA8J897I="));
			}
		}
		else
		{
			MessageBox.Show("注册失败！\nhint: " + aes2.DecryptFromBase64String("mjdRqH4d1O8nbUYJk+wVu3AeE7ZtE9rtT/8BA8J897I="));
		}
	}
	catch
	{
		MessageBox.Show("注册失败！");
	}
}

flag由字符串base64iv和str拼接而成。
AES加密类型可看出为CBC加密，填补方式为PKCS7.

例子中的第一次AES加密明文长度为块大小，填充一个与块大小相同，内容为块大小的数据，因而第二次加密数据的明文和密文均不需要进行分析。根据AES-CBC加密的流程，先将明文P与初始化向量IV进行异或，再进行AES加密置换，解密流程为先将密文C进行AES解密置换，再与初始化向量IV进行异或。密文已知，只取前16字节（块大小）。

from Crypto.Cipher import AES
import base64

def xor(s1, s2):
    return bytes(map( (lambda x: x[0]^x[1]), zip(s1, s2) ))

key = base64.b64decode(b"SGc0bTNfMm8yMF9XZWVLMg==")
cipher = base64.b64decode(b"mjdRqH4d1O8nbUYJk+wVu3AeE7ZtE9rtT/8BA8J897I=")
aes = AES.new(key, AES.MODE_ECB)
msg = aes.decrypt(cipher)[:16]
target = b"Same_ciphertext_"
iv = xor(msg, target)

即可获得IV。
第二次加密总共两块，已知第二块的密文，第一块的明文，求第二块的明文。要注意解密后的为填补后的(15填补为16)，应去除最后一字节。

1
2
3

aes2 = AES.new(key, AES.MODE_CBC, base64.b64decode(b"MFB1T2g5SWxYMDU0SWN0cw=="))
cipher1 = aes2.encrypt(target)
msg = aes.decrypt(base64.b64decode(b"dJntSWSPWbWocAq4yjBP5Q=="))

综合一下，即可得到对应的flag

1	print(b"hgame{" + base64.b64encode(iv) + xor(msg, cipher1)[:-1] + b"}")

2. babyPy

https://docs.python.org/zh-cn/3/library/dis.html
根据官方文档，可还原Python字节码。

def encrypt(OOo):
    O0O = OOo[::-1]
    O0o = list(O0O)
    for O0 in range(1, len(O0o)):
        Oo = O0o[O0 - 1] ^ O0o[O0]
        O0o[O0] = Oo
    O = bytes(O0o)
    return O.hex()

因此，脚本如下

from binascii import unhexlify
def encrypt(OOo):
    O0O = OOo[::-1]
    O0o = list(O0O)
    for O0 in range(1, len(O0o)):
        Oo = O0o[O0 - 1] ^ O0o[O0]
        O0o[O0] = Oo
    O = bytes(O0o)
    return O.hex()
def decrypt(bhstr):
    bhstr = unhexlify(bhstr)
    bhstr = list(bhstr)
    for i in range(len(bhstr)-1, 0, -1):
        bhstr[i] = bhstr[i-1] ^ bhstr[i]
    return bytes(bhstr[::-1])
print(decrypt('7d037d045717722d62114e6a5b044f2c184c3f44214c2d4a22'))

3. babyPyc

使用uncompyle6反编译代码失败。

# uncompyle6 version 3.6.2
# Python bytecode 3.7 (3394)
# Decompiled from: Python 3.7.2 (tags/v3.7.2:9a3ffc0492, Dec 23 2018, 23:09:28) [MSC v.1916 64 bit (AMD64)]
# Embedded file name: task.py
# Size of source mod 2**32: 1056 bytes


# file babyPyc_task_a1f4a8cf21.cpython-37.pyc
# --- This code section failed: ---

   3       0  JUMP_ABSOLUTE         2  'to 2'
           2  LOAD_CONST               0
           4  LOAD_CONST               None
           6  IMPORT_NAME              os
           8  STORE_NAME               os
          10  LOAD_CONST               0
          12  LOAD_CONST               None
          14  IMPORT_NAME              sys

   4      16  STORE_NAME               sys
          18  LOAD_CONST               0
          20  LOAD_CONST               ('b64encode',)
          22  IMPORT_NAME              base64
          24  IMPORT_FROM              b64encode
          26  STORE_NAME               b64encode

   6      28  POP_TOP
          30  LOAD_CONST               b'/KDq6pvN/LLq6tzM/KXq59Oh/MTqxtOTxdrqs8OoR3V1X09J'

   8      32  STORE_GLOBAL             O0o
          34  LOAD_CODE                <code_object getFlag>
          36  LOAD_STR                 'getFlag'
          38  MAKE_FUNCTION_0          ''

  16      40  STORE_NAME               getFlag
          42  LOAD_NAME                getFlag
          44  CALL_FUNCTION_0       0  ''

  18      46  STORE_NAME               flag
          48  LOAD_NAME                flag
          50  LOAD_CONST               None
          52  LOAD_CONST               6
          54  BUILD_SLICE_2         2
          56  BINARY_SUBSCR
          58  LOAD_CONST               b'hgame{'
          60  COMPARE_OP               !=
          62  POP_JUMP_IF_TRUE     76  'to 76'
          64  LOAD_NAME                flag
          66  LOAD_CONST               -1
          68  BINARY_SUBSCR
          70  LOAD_CONST               125
          72  COMPARE_OP               !=

  19      74  POP_JUMP_IF_FALSE    94  'to 94'
        76_0  COME_FROM            62  '62'
          76  LOAD_NAME                print
          78  LOAD_STR                 'Incorrect format!'
          80  CALL_FUNCTION_1       1  ''

  20      82  POP_TOP
          84  LOAD_NAME                sys
          86  LOAD_METHOD              exit
          88  LOAD_CONST               1
          90  CALL_METHOD_1         1  ''

  22      92  POP_TOP
        94_0  COME_FROM            74  '74'
          94  LOAD_NAME                flag
          96  LOAD_CONST               6
          98  LOAD_CONST               -1
         100  BUILD_SLICE_2         2
         102  BINARY_SUBSCR

  23     104  STORE_NAME               raw_flag
         106  LOAD_NAME                len
         108  LOAD_NAME                flag
         110  CALL_FUNCTION_1       1  ''
         112  LOAD_CONST               7
         114  BINARY_SUBTRACT
         116  LOAD_CONST               36
         118  COMPARE_OP               !=

  24     120  POP_JUMP_IF_FALSE   140  'to 140'
         122  LOAD_NAME                print
         124  LOAD_STR                 'Wrong length!'
         126  CALL_FUNCTION_1       1  ''

  25     128  POP_TOP
         130  LOAD_NAME                sys
         132  LOAD_METHOD              exit
         134  LOAD_CONST               2
         136  CALL_METHOD_1         1  ''

  27     138  POP_TOP
       140_0  COME_FROM           120  '120'
         140  LOAD_NAME                raw_flag
         142  LOAD_CONST               None
         144  LOAD_CONST               None
         146  LOAD_CONST               -1
         148  BUILD_SLICE_3         3
         150  BINARY_SUBSCR

  28     152  STORE_NAME               raw_flag
         154  LOAD_LISTCOMP            '<code_object <listcomp>>'
         156  LOAD_STR                 '<listcomp>'
         158  MAKE_FUNCTION_0          ''
         160  LOAD_NAME                range
         162  LOAD_CONST               6
         164  CALL_FUNCTION_1       1  ''
         166  GET_ITER
         168  CALL_FUNCTION_1       1  ''

  30     170  STORE_NAME               ciphers
         172  SETUP_LOOP          260  'to 260'
         174  LOAD_NAME                range
         176  LOAD_CONST               5
         178  CALL_FUNCTION_1       1  ''
         180  GET_ITER
         182  FOR_ITER            258  'to 258'

  31     184  STORE_NAME               row
         186  SETUP_LOOP          256  'to 256'
         188  LOAD_NAME                range
         190  LOAD_CONST               6
         192  CALL_FUNCTION_1       1  ''
         194  GET_ITER
         196  FOR_ITER            254  'to 254'

  32     198  STORE_NAME               col
         200  LOAD_NAME                ciphers
         202  LOAD_NAME                row
         204  BINARY_SUBSCR
         206  LOAD_NAME                col
         208  DUP_TOP_TWO
         210  BINARY_SUBSCR
         212  LOAD_NAME                ciphers
         214  LOAD_NAME                row
         216  LOAD_CONST               1
         218  BINARY_ADD
         220  BINARY_SUBSCR
         222  LOAD_NAME                col
         224  BINARY_SUBSCR
         226  INPLACE_ADD
         228  ROT_THREE

  33     230  STORE_SUBSCR
         232  LOAD_NAME                ciphers
         234  LOAD_NAME                row
         236  BINARY_SUBSCR
         238  LOAD_NAME                col
         240  DUP_TOP_TWO
         242  BINARY_SUBSCR
         244  LOAD_CONST               256
         246  INPLACE_MODULO
         248  ROT_THREE
         250  STORE_SUBSCR
         252  JUMP_BACK           196  'to 196'
         254  POP_BLOCK
       256_0  COME_FROM_LOOP      186  '186'
         256  JUMP_BACK           182  'to 182'

  35     258  POP_BLOCK
       260_0  COME_FROM_LOOP      172  '172'
         260  LOAD_CONST               b''

  36     262  STORE_NAME               cipher
         264  SETUP_LOOP          336  'to 336'
         266  LOAD_NAME                range
         268  LOAD_CONST               6
         270  CALL_FUNCTION_1       1  ''
         272  GET_ITER
         274  FOR_ITER            334  'to 334'

  37     276  STORE_NAME               row
         278  LOAD_CONST               0

  38     280  STORE_NAME               col
         282  SETUP_LOOP          330  'to 330'
         284  LOAD_NAME                col
         286  LOAD_CONST               6
         288  COMPARE_OP               <
         290  POP_JUMP_IF_FALSE   328  'to 328'
         294  LOAD_NAME                cipher
         296  LOAD_NAME                bytes
         298  LOAD_NAME                ciphers
         300  LOAD_NAME                row
         302  BINARY_SUBSCR
         304  LOAD_NAME                col
         306  BINARY_SUBSCR
         308  BUILD_LIST_1          1
         310  CALL_FUNCTION_1       1  ''
         312  INPLACE_ADD

  40     314  STORE_NAME               cipher
         316  LOAD_NAME                col
         318  LOAD_CONST               1
         320  INPLACE_ADD
         322  STORE_NAME               col
         324  JUMP_BACK           284  'to 284'
       328_0  COME_FROM           290  '290'
         328  POP_BLOCK
       330_0  COME_FROM_LOOP      282  '282'
         330  JUMP_BACK           274  'to 274'

  42     334  POP_BLOCK
       336_0  COME_FROM_LOOP      264  '264'
         336  LOAD_NAME                b64encode
         338  LOAD_NAME                cipher
         340  CALL_FUNCTION_1       1  ''

  44     342  STORE_NAME               cipher
         344  LOAD_NAME                cipher
         346  LOAD_GLOBAL              O0o
         348  COMPARE_OP               ==
         350  POP_JUMP_IF_FALSE   364  'to 364'
         354  LOAD_NAME                print
         356  LOAD_STR                 'Great, this is my flag.'
         358  CALL_FUNCTION_1       1  ''
         360  POP_TOP

  47     362  JUMP_FORWARD        372  'to 372'
       364_0  COME_FROM           350  '350'
         364  LOAD_NAME                print
         366  LOAD_STR                 'Wrong flag.'
         368  CALL_FUNCTION_1       1  ''
         370  POP_TOP
       372_0  COME_FROM           362  '362'

Parse error at or near `None' instruction at offset -1

根据以上，可还原出部分代码。

import os
import sys
from base64 import b64encode
O0o = b'/KDq6pvN/LLq6tzM/KXq59Oh/MTqxtOTxdrqs8OoR3V1X09J'
flag = getFlag()
if b'hgame{' != flag[:6] or flag[-1] != b'}':
    print('Incorrect format!')
    sys.exit(1)
raw_flag = flag[6:-1]
if len(flag) - 7 != 36:
    print('Wrong length!')
    sys.exit(2)
raw_flag = raw_flag[::-1]
# ciphers = 一个列表推导式
for row in range(5):
    for col in range(6):
        ciphers[row][col] += ciphers[row + 1][col]
        ciphers[row][col] %= 256
cipher = b''
for row in range(6):
    col = 0
    while col < 6:
        cipher += bytes([ciphers[row][col]])
        col += 1
# assert O0o == b64encode(cipher)

中间的列表推导式部分无法使用uncompyle6查看，但可使用dis和marshal来反编译代码。
结合资料可知，3.7的pyc文件，头部大小为16字节，因此略过16字节，获得的字节码对象如下。

>>> import dis, marshal
>>> f = open("babyPyc_task_a1f4a8cf21.cpython-37.pyc", "rb")
>>> f.read(16)
b'B\r\r\n\x00\x00\x00\x00\xdaR%^ \x04\x00\x00'
>>> code = marshal.load(f)
>>> code
<code object <module> at 0x000001E7C7F45C90, file "task.py", line 3>
>>> dis.dis(code)
  3           0 JUMP_ABSOLUTE            2
        >>    2 LOAD_CONST               0 (0)
              4 LOAD_CONST               1 (None)
              6 IMPORT_NAME              0 (os)
              8 STORE_NAME               0 (os)
             10 LOAD_CONST               0 (0)
             12 LOAD_CONST               1 (None)
             14 IMPORT_NAME              1 (sys)

  4          16 STORE_NAME               1 (sys)
             18 LOAD_CONST               0 (0)
             20 LOAD_CONST               2 (('b64encode',))
             22 IMPORT_NAME              2 (base64)
             24 IMPORT_FROM              3 (b64encode)
             26 STORE_NAME               3 (b64encode)

  6          28 POP_TOP
             30 LOAD_CONST               3 (b'/KDq6pvN/LLq6tzM/KXq59Oh/MTqxtOTxdrqs8OoR3V1X09J')

  8          32 STORE_GLOBAL             4 (O0o)
             34 LOAD_CONST               4 (<code object getFlag at 0x000001E7C7F23030, file "task.py", line 8>)
             36 LOAD_CONST               5 ('getFlag')
             38 MAKE_FUNCTION            0

 16          40 STORE_NAME               5 (getFlag)
             42 LOAD_NAME                5 (getFlag)
             44 CALL_FUNCTION            0

 18          46 STORE_NAME               6 (flag)
             48 LOAD_NAME                6 (flag)
             50 LOAD_CONST               1 (None)
             52 LOAD_CONST               6 (6)
             54 BUILD_SLICE              2
             56 BINARY_SUBSCR
             58 LOAD_CONST               7 (b'hgame{')
             60 COMPARE_OP               3 (!=)
             62 POP_JUMP_IF_TRUE        76
             64 LOAD_NAME                6 (flag)
             66 LOAD_CONST               8 (-1)
             68 BINARY_SUBSCR
             70 LOAD_CONST               9 (125)
             72 COMPARE_OP               3 (!=)

 19          74 POP_JUMP_IF_FALSE       94
        >>   76 LOAD_NAME                7 (print)
             78 LOAD_CONST              10 ('Incorrect format!')
             80 CALL_FUNCTION            1

 20          82 POP_TOP
             84 LOAD_NAME                1 (sys)
             86 LOAD_METHOD              8 (exit)
             88 LOAD_CONST              11 (1)
             90 CALL_METHOD              1

 22          92 POP_TOP
        >>   94 LOAD_NAME                6 (flag)
             96 LOAD_CONST               6 (6)
             98 LOAD_CONST               8 (-1)
            100 BUILD_SLICE              2
            102 BINARY_SUBSCR

 23         104 STORE_NAME               9 (raw_flag)
            106 LOAD_NAME               10 (len)
            108 LOAD_NAME                6 (flag)
            110 CALL_FUNCTION            1
            112 LOAD_CONST              12 (7)
            114 BINARY_SUBTRACT
            116 LOAD_CONST              13 (36)
            118 COMPARE_OP               3 (!=)

 24         120 POP_JUMP_IF_FALSE      140
            122 LOAD_NAME                7 (print)
            124 LOAD_CONST              14 ('Wrong length!')
            126 CALL_FUNCTION            1

 25         128 POP_TOP
            130 LOAD_NAME                1 (sys)
            132 LOAD_METHOD              8 (exit)
            134 LOAD_CONST              15 (2)
            136 CALL_METHOD              1

 27         138 POP_TOP
        >>  140 LOAD_NAME                9 (raw_flag)
            142 LOAD_CONST               1 (None)
            144 LOAD_CONST               1 (None)
            146 LOAD_CONST               8 (-1)
            148 BUILD_SLICE              3
            150 BINARY_SUBSCR

 28         152 STORE_NAME               9 (raw_flag)
            154 LOAD_CONST              16 (<code object <listcomp> at 0x000001E7C7F280C0, file "task.py", line 28>)
            156 LOAD_CONST              17 ('<listcomp>')
            158 MAKE_FUNCTION            0
            160 LOAD_NAME               11 (range)
            162 LOAD_CONST               6 (6)
            164 CALL_FUNCTION            1
            166 GET_ITER
            168 CALL_FUNCTION            1

 30         170 STORE_NAME              12 (ciphers)
            172 SETUP_LOOP              86 (to 260)
            174 LOAD_NAME               11 (range)
            176 LOAD_CONST              18 (5)
            178 CALL_FUNCTION            1
            180 GET_ITER
        >>  182 FOR_ITER                74 (to 258)

 31         184 STORE_NAME              13 (row)
            186 SETUP_LOOP              68 (to 256)
            188 LOAD_NAME               11 (range)
            190 LOAD_CONST               6 (6)
            192 CALL_FUNCTION            1
            194 GET_ITER
        >>  196 FOR_ITER                56 (to 254)

 32         198 STORE_NAME              14 (col)
            200 LOAD_NAME               12 (ciphers)
            202 LOAD_NAME               13 (row)
            204 BINARY_SUBSCR
            206 LOAD_NAME               14 (col)
            208 DUP_TOP_TWO
            210 BINARY_SUBSCR
            212 LOAD_NAME               12 (ciphers)
            214 LOAD_NAME               13 (row)
            216 LOAD_CONST              11 (1)
            218 BINARY_ADD
            220 BINARY_SUBSCR
            222 LOAD_NAME               14 (col)
            224 BINARY_SUBSCR
            226 INPLACE_ADD
            228 ROT_THREE

 33         230 STORE_SUBSCR
            232 LOAD_NAME               12 (ciphers)
            234 LOAD_NAME               13 (row)
            236 BINARY_SUBSCR
            238 LOAD_NAME               14 (col)
            240 DUP_TOP_TWO
            242 BINARY_SUBSCR
            244 LOAD_CONST              19 (256)
            246 INPLACE_MODULO
            248 ROT_THREE
            250 STORE_SUBSCR
            252 JUMP_ABSOLUTE          196
        >>  254 POP_BLOCK
        >>  256 JUMP_ABSOLUTE          182

 35     >>  258 POP_BLOCK
        >>  260 LOAD_CONST              20 (b'')

 36         262 STORE_NAME              15 (cipher)
            264 SETUP_LOOP              70 (to 336)
            266 LOAD_NAME               11 (range)
            268 LOAD_CONST               6 (6)
            270 CALL_FUNCTION            1
            272 GET_ITER
        >>  274 FOR_ITER                58 (to 334)

 37         276 STORE_NAME              13 (row)
            278 LOAD_CONST               0 (0)

 38         280 STORE_NAME              14 (col)
            282 SETUP_LOOP              46 (to 330)
        >>  284 LOAD_NAME               14 (col)
            286 LOAD_CONST               6 (6)
            288 COMPARE_OP               0 (<)
            290 EXTENDED_ARG             1

 39         292 POP_JUMP_IF_FALSE      328
            294 LOAD_NAME               15 (cipher)
            296 LOAD_NAME               16 (bytes)
            298 LOAD_NAME               12 (ciphers)
            300 LOAD_NAME               13 (row)
            302 BINARY_SUBSCR
            304 LOAD_NAME               14 (col)
            306 BINARY_SUBSCR
            308 BUILD_LIST               1
            310 CALL_FUNCTION            1
            312 INPLACE_ADD

 40         314 STORE_NAME              15 (cipher)
            316 LOAD_NAME               14 (col)
            318 LOAD_CONST              11 (1)
            320 INPLACE_ADD
            322 STORE_NAME              14 (col)
            324 EXTENDED_ARG             1
            326 JUMP_ABSOLUTE          284
        >>  328 POP_BLOCK
        >>  330 EXTENDED_ARG             1
            332 JUMP_ABSOLUTE          274

 42     >>  334 POP_BLOCK
        >>  336 LOAD_NAME                3 (b64encode)
            338 LOAD_NAME               15 (cipher)
            340 CALL_FUNCTION            1

 44         342 STORE_NAME              15 (cipher)
            344 LOAD_NAME               15 (cipher)
            346 LOAD_GLOBAL              4 (O0o)
            348 COMPARE_OP               2 (==)
            350 EXTENDED_ARG             1

 45         352 POP_JUMP_IF_FALSE      364
            354 LOAD_NAME                7 (print)
            356 LOAD_CONST              21 ('Great, this is my flag.')
            358 CALL_FUNCTION            1
            360 POP_TOP

 47         362 JUMP_FORWARD             8 (to 372)
        >>  364 LOAD_NAME                7 (print)
            366 LOAD_CONST              22 ('Wrong flag.')
            368 CALL_FUNCTION            1
            370 POP_TOP
        >>  372 LOAD_CONST               1 (None)
            374 RETURN_VALUE

Disassembly of <code object getFlag at 0x000001E7C7F23030, file "task.py", line 8>:
 10           0 LOAD_GLOBAL              0 (print)
              2 LOAD_CONST               1 ('Give me the flag')
              4 CALL_FUNCTION            1
              6 POP_TOP

 11           8 LOAD_GLOBAL              1 (input)
             10 LOAD_CONST               2 ('> ')
             12 CALL_FUNCTION            1
             14 STORE_FAST               0 (flag)

 12          16 LOAD_FAST                0 (flag)
             18 LOAD_METHOD              2 (encode)
             20 CALL_METHOD              0
             22 STORE_FAST               0 (flag)

 13          24 LOAD_CONST               3 (b'Qn/ZgNOeWqXCoNKYceeX3NO8n7h0lL+tzrdbkM2pZ3IwZX5Q')
             26 STORE_GLOBAL             3 (O0o)

 14          28 LOAD_FAST                0 (flag)
             30 RETURN_VALUE

Disassembly of <code object <listcomp> at 0x000001E7C7F280C0, file "task.py", line 28>:
 28           0 BUILD_LIST               0
              2 LOAD_FAST                0 (.0)
        >>    4 FOR_ITER                26 (to 32)
              6 STORE_DEREF              0 (col)
              8 LOAD_CLOSURE             0 (col)
             10 BUILD_TUPLE              1
             12 LOAD_CONST               0 (<code object <listcomp> at 0x000001E7C7F28B70, file "task.py", line 28>)
             14 LOAD_CONST               1 ('<listcomp>.<listcomp>')
             16 MAKE_FUNCTION            8
             18 LOAD_GLOBAL              0 (range)
             20 LOAD_CONST               2 (6)
             22 CALL_FUNCTION            1
             24 GET_ITER
             26 CALL_FUNCTION            1
             28 LIST_APPEND              2
             30 JUMP_ABSOLUTE            4
        >>   32 RETURN_VALUE

Disassembly of <code object <listcomp> at 0x000001E7C7F28B70, file "task.py", line 28>:
 28           0 BUILD_LIST               0
              2 LOAD_FAST                0 (.0)
        >>    4 FOR_ITER                20 (to 26)
              6 STORE_FAST               1 (row)
              8 LOAD_GLOBAL              0 (raw_flag)
             10 LOAD_CONST               0 (6)
             12 LOAD_FAST                1 (row)
             14 BINARY_MULTIPLY
             16 LOAD_DEREF               0 (col)
             18 BINARY_ADD
             20 BINARY_SUBSCR
             22 LIST_APPEND              2
             24 JUMP_ABSOLUTE            4
        >>   26 RETURN_VALUE

根据以上字节码，可还原源码为

import os
import sys
from base64 import b64encode
O0o = b'/KDq6pvN/LLq6tzM/KXq59Oh/MTqxtOTxdrqs8OoR3V1X09J'
flag = input()
O0o = b'Qn/ZgNOeWqXCoNKYceeX3NO8n7h0lL+tzrdbkM2pZ3IwZX5Q'
if b'hgame{' != flag[:6] or flag[-1] != b'}':
    print('Incorrect format!')
    sys.exit(1)
raw_flag = flag[6:-1]
if len(flag) - 7 != 36:
    print('Wrong length!')
    sys.exit(2)
raw_flag = raw_flag[::-1]
ciphers = [ [ raw_flag[6*j+i] for j in range(6) ] for i in range(6) ]
for row in range(5):
    for col in range(6):
        ciphers[row][col] += ciphers[row + 1][col]
        ciphers[row][col] %= 256
cipher = b''
for row in range(6):
    col = 0
    while col < 6:
        cipher += bytes([ciphers[row][col]])
        col += 1
assert O0o == b64encode(cipher)

因此，脚本如下：

from base64 import b64decode
cipher = b'Qn/ZgNOeWqXCoNKYceeX3NO8n7h0lL+tzrdbkM2pZ3IwZX5Q'
cipher = b64decode(cipher)
ciphers = [ [ cipher[j + 6*i] for j in range(6)] for i in range(6) ]
for row in range(5):
    for col in range(6):
        ciphers[4 - row][col] -= ciphers[5 - row][col]
        ciphers[4 - row][col] %= 256
cipher = b""
for row in range(6):
    col = 0
    while col < 6:
        cipher += bytes([ciphers[col][row]])
        col += 1
cipher = cipher[::-1]
print(b"hgame{" + cipher + b"}")

Crypto

1. Verification_code

爆破就好啦

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import string
import time
from hashlib import sha256
from socket import socket

L = string.ascii_letters+string.digits
sock = socket()
sock.connect(("47.98.192.231", 25678))
s = sock.recv(1024).split(b"\n")[0]
_hexdigest = s[-64:].decode()
sub = s[12:28]
print(sock.recv(1024))
for a in L:
    for b in L:
        for c in L:
            for d in L:
                pre = (a+b+c+d).encode()
                hexstr = sha256(pre + sub).hexdigest()
                if hexstr == _hexdigest:
                    print(pre)
                    sock.send(pre)
                    print(sock.recv(1024))
                    sock.recv(1024)
                    sock.send(b"I like playing Hgame")
                    print(sock.recv(1024))
                    print(sock.recv(1024))
                    exit()

Remainder
中国剩余定理就Vans啦

#!/usr/bin/env python2
# -*- coding: utf-8 -*-
from Crypto.Util.number import inverse

p = 94598296305713376652540411631949434301396235111673372738276754654188267010805522542068004453137678598891335408170277601381944584279339362056579262308427544671688614923839794522671378559276784734758727213070403838632286280473450086762286706863922968723202830398266220533885129175502142533600559292388005914561
q = 150088216417404963893679242888992998793257903343994792697939121738029477790454833496600101388493792476973514786401036309378542808470513073408894727406158296404360452232777491992630316999043165374635001806841520490997788796152678742544032835808854339130676283497122770901196468323977265095016407164510827505883
r = 145897736096689096151704740327665176308625097484116713780050311198775607465862066406830851710261868913835866335107146242979359964945125214420821146670919741118254402096944139483988745450480989706524191669371208210272907563936516990473246615375022630708213486725809819360033470468293100926616729742277729705727
e = 65537

cp = 78430786011650521224561924814843614294806974988599591058915520397518526296422791089692107488534157589856611229978068659970976374971658909987299759719533519358232180721480719635602515525942678988896727128884803638257227848176298172896155463813264206982505797613067215182849559356336015634543181806296355552543 
cq = 49576356423474222188205187306884167620746479677590121213791093908977295803476203510001060180959190917276817541142411523867555147201992480220531431019627681572335103200586388519695931348304970651875582413052411224818844160945410884130575771617919149619341762325633301313732947264125576866033934018462843559419 
cr = 48131077962649497833189292637861442767562147447040134411078884485513840553188185954383330236190253388937785530658279768620213062244053151614962893628946343595642513870766877810534480536737200302699539396810545420021054225204683428522820350356470883574463849146422150244304147618195613796399010492125383322922
m = p*q*r
Mp = q*r
Mq = p*r
Mr = p*q
dp = inverse(Mp, p)
dq = inverse(Mq, q)
dr = inverse(Mr, r)
msg = (dp*Mp*cp+dq*Mq*cq+dr*Mr*cr) % m
phim = (p-1)*(q-1)*(r-1)
de = inverse(e, phim)
msg = pow(msg, de, m)
msg = hex(msg)[2:-1]
if len(msg) % 2 == 1:
    msg = "0" + msg
msg = msg.decode("hex")
print(msg)
s = ""
for st in msg.split("\n")[3:-3]:
    s += st[:2]
print(s)

3. Inv

求置换群的逆元，之后仿照欧几里得除法。

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
def Subs(S, X):
    return bytes([ S[x] for x in X ])

def Mul(A, B):
    assert len(A)==len(B)
    return Subs(A, B)

def Pow(X, E):
    Y = X
    E = bin(E)[3:]
    for e in E:
        Y = Mul(Y, Y)
        if e=='1':
            Y = Mul(X, Y)
    return Y

def Inv(G : bytes):
    ans = [0] * 256
    for i in range(256):
        ans[G[i]] = i.to_bytes(1, "little")
    return b"".join(ans)

A = b'\xc8&\xc1E\xbe*\xc5\x84\xdb1\x05\x9b\xc0\xf2\xac/\x0b0\x8d\'\xc2b\x89\x93\xa6\xcd\xe1\x1b\xf4H\xffa\x90A\xf7,(\xea?\xa8\xa0\x8b\xf1\xf9"X\n\x86fj\x074\x7fBO\xd4F\xbd\xe6\xd9\xa7\xaf\x8a\x8c\xde\xab;!PT\x15)+w\xbc\x00>\xc6g\xc3\x85=9K\xb6<\xb7x\xaeUG\x83vk\xa9\xf6{\x03Y\x87\x14e\xfd\xed@i\xcc.\xd1\xebo\x106\xe2\xe7\xd7\xeeu\x9e\xfe\x95^R\xfb8\x04\xb4S\x16\xe0\xad\xd8\x98n\xca\xe4\xdd\xd2\xc7\x99l\xb3\\2L\xa3\x1d:_\x12\xb87\x17\x01\xb1#~q\x1c\t\xe8\xdar\xef\xcb\x0c\xe5\x80\xdf\xc9y\x0e`\xe9\x94\xd0\xcfW\x1f5\xf5h\xbf\xba\x91\xb9d\xfcM\x81\xec\x88\xb2c\x9f\xa4J|\xd3m\xd6s\xd5\x92\x9d\x9a3\xa2\xb5\xfa\x19N\xa1\x82][\xf8\x06\x13\xdcC\x1e\x1a\xaa\xc4tz\x08\x8f%$D\xbb\x97 \xce\x96V\xe3\x02I\x18\x11\x0f\r\xf3p\x8e\xa5Z-\xf0}\xb0Q\x9c'
B = b'U\x17\x8aE\xa6\x19\xab\x7fd0\xd2)\xc0\xae\xcc/G_\xe3\'\r\xfb\xaf\x00\xb1hgi-\xc1\xffa\x8d\t&\x99k\x95\x93\xa8.\x07\xcd\x87\x01\xe8\x89\x86\xf6f48F\xdc\x96\xd4`P\xd6!\xfe\xc4B:\xd31C\x9f\x1dT{2c9\x0bY5#\xf7\xb8H\xe0Db\xb6wv\xe1\xbbI\x8f\x83l\x80\xa9\x04q\x03\xf0m\xf4\x1bp\x8e\xc6u\xfd\x16$\x06\xf9Z\xec\xa2\xcb\xd7V\xb9\xd1\xbdt^\xe7\xe2\xac\x18\xb4\x15=n\xad\xd8S+\xca\xeb\xdd\xd0;\x84\xe6\x08\x8c3\xb3\x90\x02\xc8}\xee\xea7K\x98\xde\x8b~\xcf\xfa\x11\n\xda\xa4L\xa3\x0cWQ\xdf\xc9yj\x9d\xe9\xfcJO\x1a\x1f\xdb\xf5M\xbf\x9e e\x1c*\x9b\x85\xe5\x88\xb2\xc7\xf2\x91\x10\x0e,\xd9<s\xd5\xef\xb0@|\xc3\xbc(\xb5"\xa1\x82\xa7[\xf8A\x13\x14\xc2\x1eN\xaao\xedr\xba\xcex]\x92\x05\x97\x12\xc5%\\\xb7>R\x9a\x94\x0fX\xf3\xbe?\xa5\xe4\xa0z\xf16\x81\x9c'
E = b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff'
a = 595
b = 739
enc = b"\\-\xa5{\xb9\x85J @\xfa\x91\x0b\x88\r4I\x7f\xb9\xe5\r\xc0\x84\x8f\xa6\xc0i\xb0\xa4\x1b\x8fIw\x84'\xa2\xa4\x00\x91\x87\x10\r\\\x8c\x12"
a, b = b, a
A, B = B, A
q = a // b
r = a - b*q
R = B
while True:
    B_ = Inv(B)
    R = Mul(A, Pow(B_, q))
    a, b = b, r
    A, B = B, R
    if b <= 1:
        break
    q = a // b
    r = a - b*q
S = B
print(S)
flag = b""
for c in enc:
    index = S.find(c)
    flag += index.to_bytes(1, "little")
print(flag)

MISC

2.所见即为假

ZIP伪加密，之后F5-JPG隐写，最后出来base16，之后RAR，之后出FLAG。

HGAME 2020 Week2 wp

http://example.com/2020/01/31/2020-01-31-HGAME-2020-Week2-WriteUp/

作者

Uchiha Kakashi

发布于

2020-01-31

更新于

2020-05-23

许可协议

#CTF

HGAME 2020 Week2 wp

Reverse

1. Classic_CrackMe

2. babyPy

3. babyPyc

Crypto

1. Verification_code

3. Inv

MISC

2.所见即为假

作者

发布于

更新于

许可协议

链接

分类

最新文章

归档

标签