Cyber Security Summer Camp 2024 - Crypto writeup

小提醒

講師Curious的get-flag function:

1
print(f'FLAG{{{hashlib.sha256(東東.encode()).hexdigest()}}}')

1 - Classical Cipher

1 - Crypto Playground - ASCII & 進位轉換

1
把以下三段數字轉成 ASCII 編碼後的字串
2

3
70 76 65 71 123 74 117 115 116 95 //這是十進位> FLAG{Just_
4

5
1110011 1101111 1101101 1100101 1011111 1100011 1101111 //這是二進位> some_co
6

7
6e 76 65 72 73 69 6f 6e 7e 7e 7e 7d //這是十六進位> nversion~~~}

FLAG{Just_some_conversion~~~}

2 - ASCII & 進位轉換

1
寫 Python 來把以下的數字轉成 ASCII 編碼後的字串
2

3
46 4c 41 47 7b 4a 75 73 74 5f 61 5f 73 69 6d 70 6c 65 5f 50 79 74 68 6f 6e 5f 73 63 72 69 70 74 21 7d

1
def hex_to_ascii(hex_string):
2
    hex_list = hex_string.split()
3
    ascii_string = ''.join([chr(int(hex_num, 16)) for hex_num in hex_list])
4
    return ascii_string
5
hex_string = "46 4c 41 47 7b 4a 75 73 74 5f 61 5f 73 69 6d 70 6c 65 5f 50 79 74 68 6f 6e 5f 73 63 72 69 70 74 21 7d"
6
ans = hex_to_ascii(hex_string)
7
print(ans)

FLAG{Just_a_simple_Python_script!}

3 - Crypto Playground - Hex String

1
把以下的 hex string 轉成一般被 ASCII 編碼後的字串
2

3
464c41477b495f6b6e6f775f7468655f616e737765725f69735f6062797465732e66726f6d686578602e2e2e7d

1
def hex_to_ascii(hex_string):
2
    byte_data = bytes.fromhex(hex_string)
3
    ascii_string = byte_data.decode('ascii')
4
    return ascii_string
5

6
hex_string = "464c41477b495f6b6e6f775f7468655f616e737765725f69735f6062797465732e66726f6d686578602e2e2e7d"
7
ans = hex_to_ascii(hex_string)
8
print(ans)

FLAG{Iknow_the_answer_isbytes.fromhex…}

4 - Chinese To Hex String

1
把以下的中文用 Python 轉換成電腦內儲存原始數據的 hex string，再把這個 hex string 放到 FLAG{} 的大括號之間（hex string 的英文全部都小寫）
2

3
蹦蹦炸彈

1
ans = '蹦蹦炸彈'.encode()
2
ans = ans.hex()
3
print(f'FLAG{{{ans}}}')

FLAG{e8b9a6e8b9a6e782b8e5bd88}

5 - Crypto Playground - Base64

1
把以下的字串拿去做 base64 解碼
2

3
RkxBR3tCYXNlNjRfaXNfbW9yZV9vZnRlbl91c2VkX2luX3JlYWxpdHl9

1
import base64
2
ans = base64.b64decode("RkxBR3tCYXNlNjRfaXNfbW9yZV9vZnRlbl91c2VkX2luX3JlYWxpdHl9").decode('utf-8')
3
print(ans)

FLAG{Base64_is_more_often_used_in_reality}

6 - Base64 & Hex String

1
把以下的字串用 Python 先 base64 解碼然後再從 hex string 轉成一般經過 ASCII 編碼的字串
2

3
NDY0YzQxNDc3YjYwNjI3OTc0NjU3MzYwNWYyNjVmNjA3Mzc0NzI2MDVmNjE3MjY1NWY2NDY5NjY2NjY1NzI2NTZlNzQ1ZjY5NmU1ZjUwNzk3NDY4NmY2ZTdk

1
import base64
2
ans = base64.b64decode("NDY0YzQxNDc3YjYwNjI3OTc0NjU3MzYwNWYyNjVmNjA3Mzc0NzI2MDVmNjE3MjY1NWY2NDY5NjY2NjY1NzI2NTZlNzQ1ZjY5NmU1ZjUwNzk3NDY4NmY2ZTdk").decode('utf-8')
3
ans = bytes.fromhex(ans).decode('ascii')
4
print(ans)

FLAG{`bytes`_&_`str`_are_different_in_Python}

7 - Caesar Cipher With

1
cipher.txt 裡面是一段被凱薩加密的數據，把這段數據解密後（不需要分析這段數據解密後在講什麼，理論上解密後會拿到一段是全大寫的數據）直接丟到 Crypto Playground 的 Get Flag 裡拿 flag
2

3
ZNKIGKYGXIOVNKXOYGXKGRREURJIOVNKXCNOINOYXKGRRECKGQOSTUZYAXKNUCURJHKIGAYKOSZUURGFEZURUUQGZZNKCOQOVGMKGZZNKSUSKTZHAZOLOMAXKOZYMUZZUHKGZRKGYZROQKLOLZEEKGXYURJUXCNGZKBKXBGPJADLIVBAYKZNUYKRGYZZKTINGXGIZKXYGYZNKYURAZOUT

8 - Caesar Cipher With Python

1
cipher.txt 裡面是一段被凱薩加密的數據（和上一題一模一樣的數據），這題的目標是用 Python 把這段數據解密，解密後的操作和上一題一樣
2

3
ZNKIGKYGXIOVNKXOYGXKGRREURJIOVNKXCNOINOYXKGRRECKGQOSTUZYAXKNUCURJHKIGAYKOSZUURGFEZURUUQGZZNKCOQOVGMKGZZNKSUSKTZHAZOLOMAXKOZYMUZZUHKGZRKGYZROQKLOLZEEKGXYURJUXCNGZKBKXBGPJADLIVBAYKZNUYKRGYZZKTINGXGIZKXYGYZNKYURAZOUT

1
import hashlib
2
def caesar_decrypt(ciphertext, shift):
3
    plaintext = ""
4
    for char in ciphertext:
5
        if 'A' <= char <= 'Z':
6
            decrypted_char = chr((ord(char) - ord('A') - shift) % 26 + ord('A'))
7
        else:
8
            decrypted_char = char
9
        plaintext += decrypted_char
10
    return plaintext
11

12
cipher_text='ZNKIGKYGXIOVNKXOYGXKGRREURJIOVNKXCNOINOYXKGRRECKGQOSTUZYAXKNUCURJHKIGAYKOSZUURGFEZURUUQGZZNKCOQOVGMKGZZNKSUSKTZHAZOLOMAXKOZYMUZZUHKGZRKGYZROQKLOLZEEKGXYURJUXCNGZKBKXBGPJADLIVBAYKZNUYKRGYZZKTINGXGIZKXYGYZNKYURAZOUT'
13

14
for shift in range(26):
15
    decrypted_text = caesar_decrypt(cipher_text, shift)
16
    if decrypted_text.isupper():
17
        print(f"{shift}:")
18
        print(decrypted_text)
19

20
# 發現6的時候最像，帶入get-flag
21
plain = 'THECAESARCIPHERISAREALLYOLDCIPHERWHICHISREALLYWEAKIMNOTSUREHOWOLDBECAUSEIMTOOLAZYTOLOOKATTHEWIKIPAGEATTHEMOMENTBUTIFIGUREITSGOTTOBEATLEASTLIKEFIFTYYEARSOLDORWHATEVERVAJDUXFCPVUSETHOSELASTTENCHARACTERSASTHESOLUTION'
22
print(f'FLAG{{{hashlib.sha256(plain.encode()).hexdigest()}}}')

FLAG{e241bb8575436ca05489e433b3f0782bf30c5ec286459cccd3a0830e718b6ded}

9 - Substitution Cipher

1
cipher.txt 裡面是一段被替換式加密後的數據，把這段數據解密後（不需要分析這段數據解密後在講什麼，理論上解密後會拿到一段是全大寫的數據）直接丟到 Crypto Playground 的 Get Flag 裡拿 flag
2

3
EANOEHHNFJLFXDGFANOYDJINTNOEDJXFOSBFESDOLGDWWSNUEDJNQCSJNUFEFFOUIDTTCOSIFESDOLNJKSINLEDNOXSONNJEZNSJMJDUCIELEDXCFJFOENNGFANOYDJINTNOEFIINLLEDFGGUFEFFYENJGNOXEZHUNWFENFOUKSXDJDCLMJNUSIESDOLDYNOYDJINTNOEIZFOONGLXDSOXUFJREZNLNFEENTMELEDJNXCGFENEZNNTNJXSOXSOENJONEANJNFWFOUDONUSOEZNSOENJKNOSOXHNFJLSOODKFESDODOEZNSOENJONEYGDCJSLZNUFOUGFANOYDJINTNOEFXNOISNLYDCOUONAFOUTDJNNYYNIESKNTNFOLDYFIINLLSOXKFLEGHGFJXNJQCFOESESNLDYUFEFEDUFHANFJNFXFSOZNFJSOXIFGGLYDJJNXCGFESDOEDTFOUFENEZNMJDKSLSDODYNPINMESDOFGFIINLLTNIZFOSLTLSOEZSLJNMDJEFXJDCMDYIDTMCENJLISNOESLELFOULNICJSEHNPMNJELTFOHDYAZDTMFJESISMFENUSOFLECUHDYEZNLNLFTNEDMSILZFLIDOKNONUEDNPMGDJNEZNGSRNGHNYYNIELDYSTMDLSOXNPEJFDJUSOFJHFIINLLTFOUFENLANZFKNYDCOUEZFEEZNUFTFXNEZFEIDCGUWNIFCLNUWHGFANOYDJINTNOENPINMESDOFGFIINLLJNQCSJNTNOELADCGUWNNKNOXJNFENJEDUFHEZFOSEADCGUZFKNWNNOHNFJLFXDSOEZNAFRNDYEZNXJDASOXNIDODTSIFOULDISFGIDLEDYEZNYCOUFTNOEFGSOLNICJSEHDYEDUFHLSOENJONENOKSJDOTNOEFOHMJDMDLFGLEZFEFGENJEZNLNICJSEHUHOFTSILDOGSONLZDCGUWNFMMJDFIZNUASEZIFCESDONPINMESDOFGFIINLLADCGUYDJINSOENJONELHLENTUNKNGDMNJLEDJNKNJLNYDJAFJULNIJNIHUNLSXOMJFIESINLEZFELNNREDTSOSTSBNEZNSTMFIEDOCLNJMJSKFIHAZNOLHLENTLFJNWJNFIZNUEZNIDTMGNPSEHDYEDUFHLSOENJONENOKSJDOTNOEASEZTSGGSDOLDYFMMLFOUXGDWFGGHIDOONIENULNJKSINLTNFOLEZFEONAGFANOYDJINTNOEJNQCSJNTNOELFJNGSRNGHEDSOEJDUCINCOFOESISMFENUZFJUEDUNENIELNICJSEHYGFALWNHDOUEZNLNFOUDEZNJENIZOSIFGKCGONJFWSGSESNLEZNMJDLMNIEDYXGDWFGGHUNMGDHNUNPINMESDOFGFIINLLLHLENTLJFSLNLUSYYSICGEMJDWGNTLFWDCEZDALCIZFONOKSJDOTNOEADCGUWNXDKNJONUFOUZDAEDNOLCJNEZFELCIZLHLENTLADCGUJNLMNIEZCTFOJSXZELFOUEZNJCGNDYGFA

1
from collections import Counter
2
import string
3
import hashlib
4

5
cipher_text = 'TWENTYYEARSAGOLAWENFORCEMENTORGANIZATIONSLOBBIEDTOREQUIREDATAANDCOMMUNICATIONSERVICESTOENGINEERTHEIRPRODUCTSTOGUARANTEELAWENFORCEMENTACCESSTOALLDATAAFTERLENGTHYDEBATEANDVIGOROUSPREDICTIONSOFENFORCEMENTCHANNELSGOINGDARKTHESEATTEMPTSTOREGULATETHEEMERGINGINTERNETWEREABANDONEDINTHEINTERVENINGYEARSINNOVATIONONTHEINTERNETFLOURISHEDANDLAWENFORCEMENTAGENCIESFOUNDNEWANDMOREEFFECTIVEMEANSOFACCESSINGVASTLYLARGERQUANTITIESOFDATATODAYWEAREAGAINHEARINGCALLSFORREGULATIONTOMANpubDateTHEPROVISIONOFEXCEPTIONALACCESSMECHANISMSINTHISREPORTAGROUPOFCOMPUTERSCIENTISTSANDSECURITYEXPERTSMANYOFWHOMPARTICIPATEDINASTUDYOFTHESESAMETOPICSHASCONVENEDTOEXPLORETHELIKELYEFFECTSOFIMPOSINGEXTRAORDINARYACCESSMANpubDateSWEHAVEFOUNDTHATTHEDAMAGETHATCOULDBECAUSEDBYLAWENFORCEMENTEXCEPTIONALACCESSREQUIREMENTSWOULDBEEVENGREATERTODAYTHANITWOULDHAVEBEENYEARSAGOINTHEWAKEOFTHEGROWINGECONOMICANDSOCIALCOSTOFTHEFUNDAMENTALINSECURITYOFTODAYSINTERNETENVIRONMENTANYPROPOSALSTHATALTERTHESECURITYDYNAMICSONLINESHOULDBEAPPROACHEDWITHCAUTIONEXCEPTIONALACCESSWOULDFORCEINTERNETSYSTEMDEVELOPERSTOREVERSEFORWARDSECRECYDESIGNPRACTICESTHATSEEKTOMINIMIZETHEIMPACTONUSERPRIVACYWHENSYSTEMSAREBREACHEDTHECOMPLEXITYOFTODAYSINTERNETENVIRONMENTWITHMILLIONSOFAPPSANDGLOBALLYCONNECTEDSERVICESMEANSTHATNEWLAWENFORCEMENTREQUIREMENTSARELIKELYTOINTRODUCEUNANTICIPATEDHARDTODETECTSECURITYFLAWSBEYONDTHESEANDOTHERTECHNICALVULNERABILITIESTHEPROSPECTOFGLOBALLYDEPLOYEDEXCEPTIONALACCESSSYSTEMSRAISESDIFFICULTPROBLEMSABOUTHOWSUCHANENVIRONMENTWOULDBEGOVERNEDANDHOWTOENSURETHATSUCHSYSTEMSWOULDRESPECTHUMANRIGHTSANDTHERULEOFLAW'
6
def calculate_frequencies(text):
7
    text = text.upper()
8
    total = len(text)
9
    frequencies = {ch: text.count(ch) / total for ch in string.ascii_uppercase}
10
    return frequencies
11

12
#  https://en.wikipedia.org/wiki/Letter_frequency
13
english_frequencies = {
14
    'A': 0.0817, 'B': 0.0150, 'C': 0.0278, 'D': 0.0425, 'E': 0.1270,
15
    'F': 0.0223, 'G': 0.0202, 'H': 0.0609, 'I': 0.0697, 'J': 0.0015,
16
    'K': 0.0077, 'L': 0.0403, 'M': 0.0241, 'N': 0.0675, 'O': 0.0751,
17
    'P': 0.0193, 'Q': 0.0010, 'R': 0.0599, 'S': 0.0633, 'T': 0.0906,
18
    'U': 0.0276, 'V': 0.0098, 'W': 0.0236, 'X': 0.0015, 'Y': 0.0197,
19
    'Z': 0.0007
20
}
21

22
def caesar_decrypt(text, shift):
23
    decrypted_text = ""
24
    for char in text:
25
        if 'A' <= char <= 'Z':
26
            decrypted_char = chr((ord(char) - ord('A') - shift) % 26 + ord('A'))
27
        else:
28
            decrypted_char = char
29
        decrypted_text += decrypted_char
30
    return decrypted_text
31

32
cipher_frequencies = calculate_frequencies(cipher_text)
33

34
most_frequent_cipher_letter = max(cipher_frequencies, key=cipher_frequencies.get)
35
shift = (ord(most_frequent_cipher_letter) - ord('E')) % 26
36

37
decrypted_text = caesar_decrypt(cipher_text, shift)
38

39
print(f"Decrypted text with shift {shift}:")
40
print(decrypted_text)
41
print(f'FLAG{{{hashlib.sha256(decrypted_text.encode()).hexdigest()}}}')

10 - Frequency Analysis On Caesar Cipher

1
cipher.txt 裡面是一段被凱薩加密的數據（和前面凱薩加密題目一樣的數據），這題的目標是用 Python 把這段數據用頻率分析的方法解密，解密後的操作和上一題一樣
2

3
ZNKIGKYGXIOVNKXOYGXKGRREURJIOVNKXCNOINOYXKGRRECKGQOSTUZYAXKNUCURJHKIGAYKOSZUURGFEZURUUQGZZNKCOQOVGMKGZZNKSUSKTZHAZOLOMAXKOZYMUZZUHKGZRKGYZROQKLOLZEEKGXYURJUXCNGZKBKXBGPJADLIVBAYKZNUYKRGYZZKTINGXGIZKXYGYZNKYURAZOUT

1
from collections import Counter
2
import string
3
import hashlib
4

5
cipher_text = 'ZNKIGKYGXIOVNKXOYGXKGRREURJIOVNKXCNOINOYXKGRRECKGQOSTUZYAXKNUCURJHKIGAYKOSZUURGFEZURUUQGZZNKCOQOVGMKGZZNKSUSKTZHAZOLOMAXKOZYMUZZUHKGZRKGYZROQKLOLZEEKGXYURJUXCNGZKBKXBGPJADLIVBAYKZNUYKRGYZZKTINGXGIZKXYGYZNKYURAZOUT'
6
def calculate_frequencies(text):
7
    text = text.upper()
8
    total = len(text)
9
    frequencies = {ch: text.count(ch) / total for ch in string.ascii_uppercase}
10
    return frequencies
11

12
#  https://en.wikipedia.org/wiki/Letter_frequency
13
english_frequencies = {
14
    'A': 0.0817, 'B': 0.0150, 'C': 0.0278, 'D': 0.0425, 'E': 0.1270,
15
    'F': 0.0223, 'G': 0.0202, 'H': 0.0609, 'I': 0.0697, 'J': 0.0015,
16
    'K': 0.0077, 'L': 0.0403, 'M': 0.0241, 'N': 0.0675, 'O': 0.0751,
17
    'P': 0.0193, 'Q': 0.0010, 'R': 0.0599, 'S': 0.0633, 'T': 0.0906,
18
    'U': 0.0276, 'V': 0.0098, 'W': 0.0236, 'X': 0.0015, 'Y': 0.0197,
19
    'Z': 0.0007
20
}
21

22
def caesar_decrypt(text, shift):
23
    decrypted_text = ""
24
    for char in text:
25
        if 'A' <= char <= 'Z':
26
            decrypted_char = chr((ord(char) - ord('A') - shift) % 26 + ord('A'))
27
        else:
28
            decrypted_char = char
29
        decrypted_text += decrypted_char
30
    return decrypted_text
31

32
cipher_frequencies = calculate_frequencies(cipher_text)
33

34
most_frequent_cipher_letter = max(cipher_frequencies, key=cipher_frequencies.get)
35
shift = (ord(most_frequent_cipher_letter) - ord('E')) % 26
36

37
decrypted_text = caesar_decrypt(cipher_text, shift)
38

39
print(f"Decrypted text with shift {shift}:")
40
print(decrypted_text)
41
print(f'FLAG{{{hashlib.sha256(decrypted_text.encode()).hexdigest()}}}')

FLAG{e241bb8575436ca05489e433b3f0782bf30c5ec286459cccd3a0830e718b6ded}

11 - Affine Cipher

1
cipher.txt 裡面是一段被仿射密碼加密後的數據，把這段數據用 Python 解密後（不需要分析這段數據解密後在講什麼，理論上解密後會拿到一段是全大寫的數據）直接丟到 Crypto Playground 的 Get Flag 裡拿 flag
2

3
注意仿射密碼的 charset 是 ABCDEFGHIJKLMNOPQRSTUVWXYZ ,.
4

5
//cipher.txt
6
BOHHIKBI,OZ,REI,WZRIKZIR,EX.,BOHI,RO,KISU,XSHO.R,ICBSG.WYISU,OZ, WZXZBWXS,WZ.RWRGRWOZ.,.IKYWZP,X.RKG.RIT,REWKT,DXKRWI.,RO,DKOBI..,ISIBRKOZWB,DXUHIZR.F,NEWSI,REI,.U.RIH,NOKA.,NISS,IZOGPE, OKHO.R,RKXZ.XBRWOZ.Q,WR,.RWSS,.G  IK., KOH,REI,WZEIKIZR,NIXAZI..I.,O ,REI,RKG.R,MX.IT,HOTISF,BOHDSIRISU,ZOZKIYIK.WMSI,RKXZ.XBRWOZ.,XKI,ZOR,KIXSSU,DO..WMSIQ,.WZBI, WZXZBWXS,WZ.RWRGRWOZ.,BXZZORXYOWT,HITWXRWZP,TW.DGRI.F,REI,BO.R,O ,HITWXRWOZ,WZBKIX.I.,RKXZ.XBRWOZ,BO.R.Q,SWHWRWZP,REIHWZWHGH,DKXBRWBXS,RKXZ.XBRWOZ,.WJI,XZT,BGRRWZP,O  ,REI,DO..WMWSWRU, OK,.HXSS,BX.GXS,RKXZ.XBRWOZ.QXZT,REIKI,W.,X,MKOXTIK,BO.R,WZ,REI,SO..,O ,XMWSWRU,RO,HXAI,ZOZKIYIK.WMSI,DXUHIZR., OK,ZOZKIYIK.WMSI.IKYWBI.F,NWRE,REI,DO..WMWSWRU,O ,KIYIK.XSQ,REI,ZIIT, OK,RKG.R,.DKIXT.F,HIKBEXZR.,HG.RMI,NXKU,O ,REIWK,BG.ROHIK.Q,EX..SWZP,REIH, OK,HOKI,WZ OKHXRWOZ,REXZ,REIU,NOGST,OREIKNW.I,ZIITF,X,BIKRXWZ,DIKBIZRXPI,O , KXGT,W.,XBBIDRIT,X.,GZXYOWTXMSIF,REI.I,BO.R.,XZT,DXUHIZR,GZBIKRXWZRWI.BXZ,MI,XYOWTIT,WZ,DIK.OZ,MU,G.WZP,DEU.WBXS,BGKKIZBUQ,MGR,ZO,HIBEXZW.H,ICW.R.,RO,HXAI,DXUHIZR.OYIK,X,BOHHGZWBXRWOZ.,BEXZZIS,NWREOGR,X,RKG.RIT,DXKRUF

先用 https://www.guballa.de/substitution-solver↗ ~~我是人工刪除標點符號~~ 要把標點符號考量在內

1
import hashlib
2
ans = 'COMMERCE ON THE INTERNET HAS COME TO RELY ALMOST EXCLUSIVELY ON FINANCIAL INSTITUTIONS SERVING ASTRUSTED THIRD PARTIES TO PROCESS ELECTRONIC PAYMENTS. WHILE THE SYSTEM WORKS WELL ENOUGH FORMOST TRANSACTIONS, IT STILL SUFFERS FROM THE INHERENT WEAKNESSES OF THE TRUST BASED MODEL. COMPLETELY NONREVERSIBLE TRANSACTIONS ARE NOT REALLY POSSIBLE, SINCE FINANCIAL INSTITUTIONS CANNOTAVOID MEDIATING DISPUTES. THE COST OF MEDIATION INCREASES TRANSACTION COSTS, LIMITING THEMINIMUM PRACTICAL TRANSACTION SIZE AND CUTTING OFF THE POSSIBILITY FOR SMALL CASUAL TRANSACTIONS,AND THERE IS A BROADER COST IN THE LOSS OF ABILITY TO MAKE NONREVERSIBLE PAYMENTS FOR NONREVERSIBLESERVICES. WITH THE POSSIBILITY OF REVERSAL, THE NEED FOR TRUST SPREADS. MERCHANTS MUSTBE WARY OF THEIR CUSTOMERS, HASSLING THEM FOR MORE INFORMATION THAN THEY WOULD OTHERWISE NEED. A CERTAIN PERCENTAGE OF FRAUD IS ACCEPTED AS UNAVOIDABLE. THESE COSTS AND PAYMENT UNCERTAINTIESCAN BE AVOIDED IN PERSON BY USING PHYSICAL CURRENCY, BUT NO MECHANISM EXISTS TO MAKE PAYMENTSOVER A COMMUNICATIONS CHANNEL WITHOUT A TRUSTED PARTY.'
3
print(f'FLAG{{{hashlib.sha256(ans.encode()).hexdigest()}}}')

FLAG{510fc8a1bf88260c1a1f24491927d5419fadafafc3764aaba07900cf9f4b397a}

2 - Symmetric Cipher

1 - Crypto Playground - AES

1
cipher 是一段被 AES 加密後的密文，加密的金鑰是 key，解密 cipher 並嘗試不同的 key、cipher 對解密有什麼影響（同樣也可以試試看不同的 key 和 plain 對加密有什麼影響）
2

3
cipher : beb500cb0298d5a427d3c6532fa0d88e
4
key : e4cb2aa8ff51a7209a923d59932b5841

1
from Crypto.Cipher import AES
2
from binascii import *
3

4
key = unhexlify("e4cb2aa8ff51a7209a923d59932b5841")
5
cipher = unhexlify("beb500cb0298d5a427d3c6532fa0d88e")
6
# 一定要16N，而且要對齊
7

8
cipher_aes = AES.new(key, AES.MODE_ECB)
9
ans = cipher_aes.decrypt(cipher).decode("utf-8")
10
print(ans)

FLAG{A—E—S}

2 - AES

1
cipher 是一段被 AES 加密後的密文，加密的金鑰是 key，用 Python 來解密 cipher
2

3
cipher : 75924759583675f4a56c2c322c72be86
4
key : 77e9ed71d1d4ea27816aa0538c091f14

1
from Crypto.Cipher import AES
2
from binascii import *
3

4
key = unhexlify("77e9ed71d1d4ea27816aa0538c091f14")
5
cipher = unhexlify("75924759583675f4a56c2c322c72be86")
6
# 一定要16N，而且要對齊
7

8
cipher_aes = AES.new(key, AES.MODE_ECB)
9
ans = cipher_aes.decrypt(cipher).decode("utf-8")
10
print(ans)

FLAG{PyCrypt…}

3 - Crypto Playground - AES ECB Mode

1
cipher 是一段被 AES ECB Mode 加密後的密文，加密的金鑰是 key，嘗試把 cipher 解密
2

3
cipher : 8d8f543098319a54c0c44c265a50bc2f3ff33f67cc44c6c4f992bdc0b0adcbc86aece1f2f0b59772a59c5060d9669d0b
4
key : 872b456c9b4e3b320555e62b6ad9ee32

1
from Crypto.Cipher import AES
2
from binascii import *
3

4
key = unhexlify("872b456c9b4e3b320555e62b6ad9ee32")
5
cipher1 = unhexlify("8d8f543098319a54c0c44c265a50bc2f")
6
cipher2 = unhexlify("3ff33f67cc44c6c4f992bdc0b0adcbc8")
7
cipher3 = unhexlify("6aece1f2f0b59772a59c5060d9669d0b")
8
# 一定要16N，而且要對齊
9

10
ans=''
11
cipher_aes = AES.new(key, AES.MODE_ECB)
12
ans += cipher_aes.decrypt(cipher1).decode("utf-8")
13
ans += cipher_aes.decrypt(cipher2).decode("utf-8")
14
ans += cipher_aes.decrypt(cipher3).decode("utf-8")
15
print(ans)

FLAG{Plain’s_length_needs_to_be_multiple_of_16}

4 - AES ECB Mode

1
cipher 是一段被 AES ECB Mode 加密後的密文，加密的金鑰是 key，用 Python 把 cipher 解密
2

3
cipher : 6b2f26db534ee26ab1c987cea73a2fecd1a3f8335c50412ffa785d3ce5b90ad310a064dfa4bf824bc7968d876c9e5d6917e1157fc27a29c2e042a82f08ed6c96
4
key : 85f1c9f80a5b9e440380cf9b02b31ff46de4f864cd7c2ba32f7ec2881b07d71c

1
from Crypto.Cipher import AES
2
from binascii import *
3

4
key = unhexlify("85f1c9f80a5b9e440380cf9b02b31ff46de4f864cd7c2ba32f7ec2881b07d71c")
5
cipher1 = unhexlify("6b2f26db534ee26ab1c987cea73a2fecd1a3f8335c50412ffa785d3ce5b90ad3")
6
cipher2 = unhexlify("10a064dfa4bf824bc7968d876c9e5d6917e1157fc27a29c2e042a82f08ed6c96")
7
# 一定要16N，而且要對齊
8

9
ans=''
10
cipher_aes = AES.new(key, AES.MODE_ECB)
11
ans += cipher_aes.decrypt(cipher1).decode("utf-8")
12
ans += cipher_aes.decrypt(cipher2).decode("utf-8")
13
print(ans)

FLAG{Check_plain’s_length_before_AES_ECB_Encrypt~}

5 - Cut & Paste - 0

1
理解 Cut & Paste 後端的所有邏輯

一個買旗子的網頁要觀察他的cookie token 觀察甚麼被加密了

FLAG{Now_you_know_Flask!!!}

6 - Cut & Paste - 1

1
嘗試更改 money 來拿到 flag

利用token拼接的方式去將100元替換掉

1
username=aaaaaaa
2
1234567891234567
3
cccccc&money=100

用這樣的結構去看以及對比token

1
token =
2
26c90abbbe466b6536a86d0153096a3e  >username=aaaaaaa
3
f27e4b014aaa9dd6620ab19c810729c6  >1234567891234567
4
4ffeda74080d40ea1384c26ee231aab5  >cccccc&money=100
5
146af8b1750e6b69fcb3fc0d5e9a938a  >空值，AES的特性

我們只要轉成

1
token =
2
26c90abbbe466b6536a86d0153096a3e  >username=aaaaaaa
3
4ffeda74080d40ea1384c26ee231aab5  >cccccc&money=100
4
f27e4b014aaa9dd6620ab19c810729c6  >1234567891234567
5
146af8b1750e6b69fcb3fc0d5e9a938a  >空值，AES的特性

這樣金額就被遞補的數字銜接上了

1
完整token =
2
26c90abbbe466b6536a86d0153096a3e4ffeda74080d40ea1384c26ee231aab5f27e4b014aaa9dd6620ab19c810729c6146af8b1750e6b69fcb3fc0d5e9a938a

FLAG{why_do_you_have_so_much_money???}

7 - Crypto Playground - XOR

1
已知
2

3
A ⊕ FLAG = a3eb43a265fb02a62f6db2e7bf749b6aab4350fb004031c920d1
4
FLAG ⊕ B = e322463f629716f9c07bd310a1ffcd84c5bcf2baf736b7b749b8
5
A ⊕ B ⊕ FLAG = 068544da7c287b00967914a875e53999319fe507df44af1e5614
6
求 FLAG

用XOR的特性 (A ⊕ FLAG) ⊕ (FLAG ⊕ B) = (A ⊕ B) 接著 (A ⊕ B) ⊕ (A ⊕ B ⊕ FLAG) = FLAG

1
from pwn import *
2
from binascii import *
3

4
A_XOR_FLAG = unhexlify("a3eb43a265fb02a62f6db2e7bf749b6aab4350fb004031c920d1")
5
FLAG_XOR_B = unhexlify("e322463f629716f9c07bd310a1ffcd84c5bcf2baf736b7b749b8")
6
A_XOR_B_XOR_FLAG = unhexlify("068544da7c287b00967914a875e53999319fe507df44af1e5614")
7

8
A_XOR_B = xor(A_XOR_FLAG, FLAG_XOR_B)
9
FLAG = xor(A_XOR_B, A_XOR_B_XOR_FLAG)
10
FLAG = FLAG.decode('ascii')
11
print(FLAG)

FLAG{Doyou_knowGF(2)?}

8 - Crypto Playground - AES CBC Mode

1
cipher 是一段被 AES CBC Mode 加密後的密文，加密的金鑰是 key，嘗試把 cipher 解密
2

3
cipher : 829ad9df660fd928274eb552bc6bc88dd00a62c48d221f37b427a0db7b6d9e5dbcf0f8a52d156fa0fa881dc46eb5555b
4
key : 62bdc4885ca8a8be1d1e8826a2187528
5
iv : 7ae66a4b7e87a6d374ce66e73a112bf0

1
from Crypto.Cipher import AES
2
from Crypto.Util.Padding import unpad
3
import binascii
4

5
def hex_to_ascii(hex_string):
6
    byte_data = bytes.fromhex(hex_string)
7
    ascii_string = byte_data.decode('ascii')
8
    return ascii_string
9

10
cipher_hex = '829ad9df660fd928274eb552bc6bc88dd00a62c48d221f37b427a0db7b6d9e5dbcf0f8a52d156fa0fa881dc46eb5555b'
11
key_hex = '62bdc4885ca8a8be1d1e8826a2187528'
12
iv_hex = '7ae66a4b7e87a6d374ce66e73a112bf0'
13

14
cipher = binascii.unhexlify(cipher_hex)
15
key = binascii.unhexlify(key_hex)
16
iv = binascii.unhexlify(iv_hex)
17

18
cipher_obj = AES.new(key, AES.MODE_CBC, iv)
19

20
try:
21
    decrypted_padded = cipher_obj.decrypt(cipher)
22
    ans = binascii.hexlify(decrypted_padded).decode('utf-8')
23
    ans = hex_to_ascii(ans)
24
    print(ans)
25
except ValueError as e:
26
    print("Error:", e)

FLAG{AES_CBC_Mode_needs_padding_too!}

9 - AES CBC Mode

1
cipher 是一段被 AES CBC Mode 加密後的密文，加密的金鑰是 key，嘗試用 Python 把 cipher 解密
2

3
cipher : af6ab08a9380c038328bec3c47e70b915bbf4faf0e4b72db5f56d274bd6be5458552b6023e64f10a492bb88e839e51516b50903363bc637a1fe2550317392564
4
key : d1e138810051ac8deaef9fd33c969e080003d3f87d264dd431190f0e7795528b
5
iv : 25741419227aece3cb4f715f1c2b3878

1
from Crypto.Cipher import AES
2
from Crypto.Util.Padding import unpad
3
import binascii
4

5
def hex_to_ascii(hex_string):
6
    byte_data = bytes.fromhex(hex_string)
7
    ascii_string = byte_data.decode('ascii')
8
    return ascii_string
9

10
cipher_hex = 'af6ab08a9380c038328bec3c47e70b915bbf4faf0e4b72db5f56d274bd6be5458552b6023e64f10a492bb88e839e51516b50903363bc637a1fe2550317392564'
11
key_hex = 'd1e138810051ac8deaef9fd33c969e080003d3f87d264dd431190f0e7795528b'
12
iv_hex = '25741419227aece3cb4f715f1c2b3878'
13

14
cipher = binascii.unhexlify(cipher_hex)
15
key = binascii.unhexlify(key_hex)
16
iv = binascii.unhexlify(iv_hex)
17

18
cipher_obj = AES.new(key, AES.MODE_CBC, iv)
19

20
try:
21
    decrypted_padded = cipher_obj.decrypt(cipher)
22
    ans = binascii.hexlify(decrypted_padded).decode('utf-8')
23
    ans = hex_to_ascii(ans)
24
    print(ans)
25
except ValueError as e:
26
    print("Error:", e)

FLAG{It’s_better_to_know_to_use_Python_to_encrypt/decrypt}

3 - Asymmetric Cipher

1 - Crypto Playground - Calculate RSA

1
首先嘗試照著 Crypto Playground 的 RSA 步驟一步一步（每一步都要讓右邊的檢查通過才能繼續下一步）把字元 w 加密後解密
2

3
接著嘗試把要加密的東西從 w 變成 www 後再操作一次
4

5
操作完成後就可以繳交這題的 flag : FLAG{w->www}

2 - Calculate RSA

1
如果有以下的參數，想辦法還原 m（也就是 c 對應的明文）
2

3
p : 9835210563207632773
4
q : 10100395802203591453
5
e : 65537
6
c : 38901730400489769669866798139902101966

1
import sympy
2

3
p = 9835210563207632773
4
q = 10100395802203591453
5
e = 65537
6
c = 38901730400489769669866798139902101966
7
n = p * q
8
phi_n = (p - 1) * (q - 1)
9
d = sympy.mod_inverse(e, phi_n)
10
m = pow(c, d, n)
11
m_bytes = m.to_bytes((m.bit_length() + 7) // 8)
12
ans = m_bytes.decode('utf-8')
13

14
print(ans)

FLAG{^_^}

3 - Baby RSA

https://factordb.com/↗

1
嘗試利用以下參數破解 c
2

3
n : 13910994564373802167
4
e : 65537
5
c : 1407190981767527409

1
import sympy
2

3
p = 3538692379
4
q = 3931111573
5
e = 65537
6
c = 1407190981767527409
7
# n = 3538692379 * 3931111573
8

9
n = 13910994564373802167
10
phi_n = (p - 1) * (q - 1)
11
d = sympy.mod_inverse(e, phi_n)
12
m = pow(c, d, n)
13
m_bytes = m.to_bytes((m.bit_length() + 7) // 8)
14
ans = m_bytes.decode('utf-8')
15

16
print(ans)

FLAG{><}

4 - Fermat Factorization

1
n, e = (19587702115512625820726258933115749290382334844612502424053794718163357592187340905802291862587895104495960381932789753299005813251948996260611184897562326247682666901501448353047521698592249729834516283480674732105780439116269761997349396715933581609849899129728708922840663620676291576240621853120362443923808843760440882014006768364922012481526403094238006375367123013507968974573352190073292257633888791365308369702512213666185905143646188820887176281342149612272108589506611923214505057652995032329959141214241834219457937303114204179131653711364915208078857401621642027638259900918528159843126369443751432654581, 65537)
2
c = 14809508634249394893558452640498090344470474977233370068642995529577239063125903654339193829089342286599958099423774430315364606689897708158792085795087913537413061325614538809362728179967067658551451631961128472298086158947566207472019480325726689080054858772427589292753172987340834339682656397647927344725017560020482638665085591254911640209651814182071721929923296769089646566223761778492179802372108005014115841061248387428023122508966754739541458191646360889128169311625988454734758608425890600356875991590804236732489527856297719688715806423429351972578716069190339992852705790784452278002937884704968039421527

1
from Crypto.Util.number import getPrime, bytes_to_long, isPrime
2

3
from secret import FLAG
4

5
base = getPrime(1024) + 1
6

7
p = base + getPrime(32)
8
while not isPrime(p):
9
    p = base + getPrime(32)
10

11
q = base + getPrime(32)
12
while not isPrime(q):
13
    q = base + getPrime(32)
14

15
n = p * q
16
e = 65537
17

18
c = pow(bytes_to_long(FLAG), e, n)
19

20
print(f'{n, e = }')
21
print(f'{c = }')

1
from sympy import isprime, factorint
2
from Crypto.Util.number import long_to_bytes
3
n = 19587702115512625820726258933115749290382334844612502424053794718163357592187340905802291862587895104495960381932789753299005813251948996260611184897562326247682666901501448353047521698592249729834516283480674732105780439116269761997349396715933581609849899129728708922840663620676291576240621853120362443923808843760440882014006768364922012481526403094238006375367123013507968974573352190073292257633888791365308369702512213666185905143646188820887176281342149612272108589506611923214505057652995032329959141214241834219457937303114204179131653711364915208078857401621642027638259900918528159843126369443751432654581
4
e = 65537
5
c = 14809508634249394893558452640498090344470474977233370068642995529577239063125903654339193829089342286599958099423774430315364606689897708158792085795087913537413061325614538809362728179967067658551451631961128472298086158947566207472019480325726689080054858772427589292753172987340834339682656397647927344725017560020482638665085591254911640209651814182071721929923296769089646566223761778492179802372108005014115841061248387428023122508966754739541458191646360889128169311625988454734758608425890600356875991590804236732489527856297719688715806423429351972578716069190339992852705790784452278002937884704968039421527
6
factors = factorint(n)
7
p, q = list(factors.keys())
8
phi_n = (p - 1) * (q - 1)
9
d = pow(e, -1, phi_n)
10
m = pow(c, d, n)
11
ans = long_to_bytes(m).decode('utf-8')
12

13
print(ans)

5 - Crypto Playground - RSA Signature

1
首先嘗試照著 Crypto Playground 的 RSA Signature 步驟一步一步（每一步都要讓右邊的檢查通過才能繼續下一步）把字元 w 簽張後驗證簽章
2

3
接著嘗試把要簽張的東西從 w 變成 www 後再操作一次
4

5
操作完成後就可以繳交這題的 flag : FLAG{w->www_AGAIN!!!}

6 - Easy RSA 0

1
嘗試利用以下參數破解 c
2

3
n : 2639362258825246588480470347939064671401603842072135672799
4
e : 65537
5
c : 1746618984754679181914163060955061486968283106432500087220

1
from sympy import *
2

3
n = 2639362258825246588480470347939064671401603842072135672799
4
e = 65537
5
c = 1746618984754679181914163060955061486968283106432500087220
6

7
p = 11469368108335263743
8
q = 12783666266952877523
9
r = 18001308980066920891
10

11
phi_n = (p - 1) * (q - 1) * (r - 1)
12

13
d = mod_inverse(e, phi_n)
14
m = pow(c, d, n)
15
ans = bytes.fromhex(hex(m)[2:]).decode('utf-8')
16

17
print(ans)

FLAG{3_Primes?}

7 - Easy RSA 1

1
嘗試利用以下參數破解 c
2

3
n : 558098643612442982869412022469246232193159102034581572625352272974227508724473952162960296832221266344918324209865053779262023996763482052514433441095525096832124022399320433830134804734321051616877085252534068802372830522359759248304816981536234329416042954494512044857893369730186700141160304115005148441761425180202201733261896417588308517257278921240631686899602960449771608786644313798116795435002176570933880511306119378180015212643414069934184998512031405143417
4
e : 65537
5
c : 516159413447458442301604958221763534692609641988597871082605764283823956573795619128264278802865129137415684054075645301940202655838462944593710475306765753445494124622433361044097665307358761301082095390555467396319971408496508662769321921809765119753151071758945708372163145352828897339448061094186267610588750722986326168345483999990218154775909728920834392462419411374276336477276222786342486282130486976724901696575277929058329049260487708653226358970107854753057

要注意有平方為^2 第二個要+1

1
from sympy import mod_inverse
2
n = 558098643612442982869412022469246232193159102034581572625352272974227508724473952162960296832221266344918324209865053779262023996763482052514433441095525096832124022399320433830134804734321051616877085252534068802372830522359759248304816981536234329416042954494512044857893369730186700141160304115005148441761425180202201733261896417588308517257278921240631686899602960449771608786644313798116795435002176570933880511306119378180015212643414069934184998512031405143417
3
e = 65537
4
c = 516159413447458442301604958221763534692609641988597871082605764283823956573795619128264278802865129137415684054075645301940202655838462944593710475306765753445494124622433361044097665307358761301082095390555467396319971408496508662769321921809765119753151071758945708372163145352828897339448061094186267610588750722986326168345483999990218154775909728920834392462419411374276336477276222786342486282130486976724901696575277929058329049260487708653226358970107854753057
5
phin = (33493-1)*(33637-1)*(33647-1)*(34313-1)*(34781-1)*(35153-1)*(35447-1)*(35573-1)*(35801-1)*(35899-1)*(35993-1)*(36277-1)*(36353-1)*(36653-1)*(37021-1)*(37139-1)*(37273-1)*(37619-1)*(37897-1)*(38287-1)*(38723-1)*(39251-1)*(39419-1)*(39727-1)*(39863-1)*(40609-1)*(40639-1)*(41269-1)*(41579-1)*(41621-1)*(42179-1)*(42181-1)*(42571-1)*(42899-1)*(43189-1)*(43271-1)*(43607-1)*(43711-1)*(44053-1)*(44621-1)*(44641-1)*(44657-1)*(44711-1)*(45307-1)*(45863-1)*(45971)* (45971-1)* (45917-1)*(46723-1)*(47123-1)*(47513-1)*(47743-1)*(47857-1)*(48023-1)*(48491-1)*(49069-1)*(49261-1)*(49871-1)*(49937-1)*(49999-1)*(51059-1)*(51109-1)*(51203-1)*(51817-1)*(51869-1)*(52223-1)*(52999-1)*(53593-1)*(54293-1)*(54323-1)*(54449-1)*(55163-1)*(55667-1)*(55843-1)*(56431-1)*(56509-1)*(56941-1)*(56951-1)*(57037-1)*(57269-1)*(57809-1)*(58679-1)*(61091-1)*(61141-1)*(61297-1)*(61543-1)*(61651-1)*(62401-1)*(62683-1)*(63031-1)*(63131-1)*(63197-1)*(63601-1)*(63617-1)*(63781-1)*(63977-1)*(64037-1)*(64067-1)*(64567-1)*(65119-1)*(65203-1)
6
d = mod_inverse(e, phin)
7
m = pow(c, d, n)
8
ans = bytes.fromhex(hex(m)[2:]).decode('utf-8')
9
print(ans)

FLAG{WWWait???_Too_many_primes!!!}

Thanks for reading!

Cyber Security Summer Camp 2024 - Crypto writeup

Sun Jul 28 2024

2769 words · 22 minutes

Daily writeup