吾杯

CTF

太极

给了提示

部分flag组成: wucup tieny-

太极生两仪-两仪生四象-四象生八卦-八卦定吉凶-吉凶生大业,可以看出是拼音,顺序取每个字的1,2,3,4,5个字母,超出长度的就取余得到flag

tieny-lieig-sieau-bunig-jieay

原神启动

直接lsb拿到第一个压缩包密码

解压拿到world,找到一个图片也有一段flag 在这个图片下面有隐藏的flag

之后解压压缩包即可拿到flag

misc 签到

直接cyberchef hex解密即可拿到flag

旋转木马

编写脚本53轮base64解密即可拿16进制的字符直接cyberchef解密得到flag

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
import base64

with open('misc/flag1', 'r') as f:
    flag1 = f.read()

with open('misc/flag2', 'r') as f:
    flag2 = f.read()

flag = flag1 + flag2

i = 0
while True:
    try:
        print(i)
        flag = base64.b64decode(flag)
        i += 1
    except:
        print(flag)
        break

Sign

签到题,蚁剑连接即可

Easy

丢给gpt,直接出脚本:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# Flag.txt 中的密文
flag_hex = """
d8d2 963e 0d8a b853 3d2a 7fe2 96c5 2923
3924 6eba 0d29 2d57 5257 8359 322c 3a77
892d fa72 61b8 4f
"""
# 转换密文为字节数组
ciphertext = bytes.fromhex(flag_hex.replace("\n", "").replace(" ", ""))

# 密钥
key = b"hello world"

# 初始化 S 和 T
s = list(range(256))
t = [(key[i % len(key)]) for i in range(256)]

# KSA (Key Scheduling Algorithm)
j = 0
for i in range(256):
    j = (j + s[i] + t[i]) % 256
    s[i], s[j] = s[j], s[i]

# 解密
i = j = 0
plaintext = bytearray(len(ciphertext))
for m in range(len(ciphertext)):
    i = (i + 1) % 256
    j = (j + s[i]) % 256
    s[i], s[j] = s[j], s[i]
    x = (s[i] + s[j]) % 256
    plaintext[m] = ciphertext[m] ^ s[x]

# 输出明文
print("Decrypted flag:", plaintext.decode())

HotDog

进入程序后我们可以看见有按钮,所以我们用jadx逆向一下看看有没有onclick,来到onclick可以看见有verify函数

但是verify里面是空的

我们在另一个类里可以看见其引用类动态链接库,我们去动态链接库里看一看

然后我们看一下so文件发现有个解密函数我们解密一下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
key1= 0x7b
key2= 0xc2
enc=[0x29, 0x00, 0x00, 0x00, 0xD5, 0xD1, 0xD1, 0xCD, 0xCA, 0x03,
  0x16, 0x16, 0xCD, 0xDC, 0xD7, 0x17, 0xCE, 0xD0, 0xDA, 0xD0,
  0xCD, 0x17, 0xDA, 0xD7, 0x16, 0xDA, 0xD5, 0xDC, 0xD9, 0xD9,
  0xE0, 0xD7, 0xDE, 0xE0, 0x16, 0xD5, 0xD6, 0xD1, 0xE1, 0xD6,
  0xDE, 0x17, 0xE1, 0xE0, 0xC5, 0x3D]
i=0
for i in range(4,len(enc)):
  enc[i] = enc[i] - key2 ^ key1
  if enc[i]< 0:
    enc[i]+=256
  enc[i]  = chr(ennagc[i])
print(''.join(enc[4:]))

解出来是一个网址,可以下载补全apk的dex文件,然后我们打开dex文件进行分析

在encryptCbc中,实现了3des加密,然后key和iv都是从data里面读取的。

由于不清楚一段长数据如何转化为IV和key,所以直接把他代码拿来用:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package WB;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.zip.InflaterInputStream;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;

public class HotDog {
    private static final String ALGORITHM_3DES = "DESEDE";
    public IvParameterSpec IV_PARAMETER_SPEC;

    private Key keyGenerator(byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance(ALGORITHM_3DES).generateSecret(new DESedeKeySpec(bArr));
    }

    public void test() {
        try {
            ObjectInputStream objectInputStream = new ObjectInputStream(new InflaterInputStream(new FileInputStream("/Users/lemon/Desktop/pwn/pwn-enclosure/5-compi/WB/hotdog/data")));
            try {
                this.IV_PARAMETER_SPEC = new IvParameterSpec((byte[]) objectInputStream.readObject());
                System.out.println(Arrays.toString(this.IV_PARAMETER_SPEC.getIV()));
                System.out.println(new String(this.encryptCbc((byte[]) objectInputStream.readObject(), (byte[]) objectInputStream.readObject(), Padding.PKCS5_PADDING)));
            } catch (ClassNotFoundException e) {
                e.printStackTrace();
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public enum Padding {
        NO_PADDING("NoPadding"),
        PKCS5_PADDING("PKCS5Padding");

        private String value;

        Padding(String str) {
            this.value = str;
        }
    }

    public byte[] encryptCbc(byte[] bArr, byte[] bArr2, Padding padding) {
        try {
            Key keyGenerator = keyGenerator(bArr);
            Cipher cipher = Cipher.getInstance("DESEDE/CBC/" + padding.value);
            cipher.init(Cipher.DECRYPT_MODE, keyGenerator, this.IV_PARAMETER_SPEC);
            return cipher.doFinal(bArr2);
        } catch (InvalidAlgorithmParameterException unused) {
            throw new UnsupportedOperationException("Illegal algorithm parameter");
        } catch (InvalidKeyException unused2) {
            throw new UnsupportedOperationException("Invalid Key");
        } catch (NoSuchAlgorithmException unused3) {
            throw new UnsupportedOperationException("No such algorithm");
        } catch (InvalidKeySpecException unused4) {
            throw new UnsupportedOperationException("Invalid key spec");
        } catch (BadPaddingException unused5) {
            throw new UnsupportedOperationException("Bad padding");
        } catch (IllegalBlockSizeException unused6) {
            throw new UnsupportedOperationException("Illegal block size");
        } catch (NoSuchPaddingException unused7) {
            throw new UnsupportedOperationException("No such padding");
        }
    }

    public static void main(String[] args) {
        HotDog hotDog = new HotDog();
        hotDog.test();
//        System.out.println(Arrays.toString(hotDog.IV_PARAMETER_SPEC.getIV()));

    }

}

If you know

程序有upx的壳,去壳后:

在fini中有flag加密逻辑:

加密2:

加密1:

简单的异或后偏移,解密脚本:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
l = [
    0xF5, 0x200, 0x208, 0x1EF, 0x235, 0x274, 0x23A, 0x276, 0x2B7,
    0x306, 0x2B2, 0x313, 0x2E2, 0x32F, 0x371, 0x440, 0x338, 0x3E9,
    0x3E2, 0x3B6, 0x407, 0x43E, 0x3BA, 0x3F4, 0x415, 0x473, 0x4DA
]

def decrypt_flag(cipher):
    length = len(cipher)
    flag = [0] * length

    for idx in range(length):
        flag[idx] = cipher[idx]

    for j in reversed(range(length)):
        if j % 2 == 1:
            for i in range(length - 1, 0, -1):
                flag[i] = flag[i] - (i + j + 2) ^ i
        else: 
            for i in range(length):
                flag[i] = flag[i] - (i + j + 1) ^ i

    flag_string = ''.join(chr(f) for f in flag)
    return flag_string

flag = decrypt_flag(l)
print(flag)