2019CISCN 部分wp
毕竟是国赛,难度挺大的,种类也杂。
比赛第一天就出了一道逆向题,被大佬各种秒。
第二天倒是挺多题目,但是下午才能安心解题,emmmm。
附上我们队的wp,所有题目也包含在里边了。
https://shimo.im/docs/RcFy1DWUUK0F9nOh/read
0x0 easyGo
代码审计,发现代码。
得到字符表
6789_-abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012345
看到平台上各位大佬的解题速度,目测题目仅仅简单的魔改base64。
再翻代码,发现主要函数sub_495150。主要判断逻辑都在里边了。
lea rax, aTgrbtxmzgd6zha ;
mov , rax
mov , 38h
call sub_43F800
得到加密后的字符。
tGRBtXMZgD6ZhalBtCUTgWgZfnkTgqoNsnAVsmUYsGtCt9pEtDEYsql3
解密得到
flag{92094daf-33c9-431e-a85a-8bfbd5df98ad}
0x1 bbvvmm
打开发现。
SM4算法无疑。
username经过SM4后再base64加密后输出,先解base64。
然后网上套脚本解密。(出处:https://blog.csdn.net/songdawww/article/details/79112548)
#-*-coding:utf-8-*-
"""
SM4 GM
@author: Dawei
"""
from print_log import *
import copy
#Expanded SM4 S-boxes Sbox table: 8bits input convert to 8 bits output
SboxTable = [
0xd6,0x90,0xe9,0xfe,0xcc,0xe1,0x3d,0xb7,0x16,0xb6,0x14,0xc2,0x28,0xfb,0x2c,0x05,
0x2b,0x67,0x9a,0x76,0x2a,0xbe,0x04,0xc3,0xaa,0x44,0x13,0x26,0x49,0x86,0x06,0x99,
0x9c,0x42,0x50,0xf4,0x91,0xef,0x98,0x7a,0x33,0x54,0x0b,0x43,0xed,0xcf,0xac,0x62,
0xe4,0xb3,0x1c,0xa9,0xc9,0x08,0xe8,0x95,0x80,0xdf,0x94,0xfa,0x75,0x8f,0x3f,0xa6,
0x47,0x07,0xa7,0xfc,0xf3,0x73,0x17,0xba,0x83,0x59,0x3c,0x19,0xe6,0x85,0x4f,0xa8,
0x68,0x6b,0x81,0xb2,0x71,0x64,0xda,0x8b,0xf8,0xeb,0x0f,0x4b,0x70,0x56,0x9d,0x35,
0x1e,0x24,0x0e,0x5e,0x63,0x58,0xd1,0xa2,0x25,0x22,0x7c,0x3b,0x01,0x21,0x78,0x87,
0xd4,0x00,0x46,0x57,0x9f,0xd3,0x27,0x52,0x4c,0x36,0x02,0xe7,0xa0,0xc4,0xc8,0x9e,
0xea,0xbf,0x8a,0xd2,0x40,0xc7,0x38,0xb5,0xa3,0xf7,0xf2,0xce,0xf9,0x61,0x15,0xa1,
0xe0,0xae,0x5d,0xa4,0x9b,0x34,0x1a,0x55,0xad,0x93,0x32,0x30,0xf5,0x8c,0xb1,0xe3,
0x1d,0xf6,0xe2,0x2e,0x82,0x66,0xca,0x60,0xc0,0x29,0x23,0xab,0x0d,0x53,0x4e,0x6f,
0xd5,0xdb,0x37,0x45,0xde,0xfd,0x8e,0x2f,0x03,0xff,0x6a,0x72,0x6d,0x6c,0x5b,0x51,
0x8d,0x1b,0xaf,0x92,0xbb,0xdd,0xbc,0x7f,0x11,0xd9,0x5c,0x41,0x1f,0x10,0x5a,0xd8,
0x0a,0xc1,0x31,0x88,0xa5,0xcd,0x7b,0xbd,0x2d,0x74,0xd0,0x12,0xb8,0xe5,0xb4,0xb0,
0x89,0x69,0x97,0x4a,0x0c,0x96,0x77,0x7e,0x65,0xb9,0xf1,0x09,0xc5,0x6e,0xc6,0x84,
0x18,0xf0,0x7d,0xec,0x3a,0xdc,0x4d,0x20,0x79,0xee,0x5f,0x3e,0xd7,0xcb,0x39,0x48,
]
# System parameter
FK =
# fixed parameter
CK = [
0x00070e15,0x1c232a31,0x383f464d,0x545b6269,
0x70777e85,0x8c939aa1,0xa8afb6bd,0xc4cbd2d9,
0xe0e7eef5,0xfc030a11,0x181f262d,0x343b4249,
0x50575e65,0x6c737a81,0x888f969d,0xa4abb2b9,
0xc0c7ced5,0xdce3eaf1,0xf8ff060d,0x141b2229,
0x30373e45,0x4c535a61,0x686f767d,0x848b9299,
0xa0a7aeb5,0xbcc3cad1,0xd8dfe6ed,0xf4fb0209,
0x10171e25,0x2c333a41,0x484f565d,0x646b7279
]
ENCRYPT = 0
DECRYPT = 1
def GET_UINT32_BE(key_data):
tmp_data = int((key_data << 24) | (key_data << 16) | (key_data << 8) | (key_data))
return tmp_data
def PUT_UINT32_BE(n):
return
# rotate shift left marco definition
def SHL(x, n):
xx = int(int(x << n) & 0xffffffff)
return xx
def ROTL(x, n):
xx = SHL(x, n)
yy = xx | int((x >> (32 - n)) & 0xffffffff)
return yy
def XOR(a, b):
return list(map(lambda x, y: x ^ y, a, b))
# look up in SboxTable and get the related value.
# args: inch: 0x00~0xFF (8 bits unsigned value).
def sm4Sbox(idx):
return SboxTable
# Calculating round encryption key.
# args: a: a is a 32 bits unsigned value;
# return: sk: i{0,1,2,3,...31}.
def sm4CalciRK(ka):
b =
a = PUT_UINT32_BE(ka)
b = sm4Sbox(a)
b = sm4Sbox(a)
b = sm4Sbox(a)
b = sm4Sbox(a)
bb = GET_UINT32_BE(b)
rk = bb ^ (ROTL(bb, 13)) ^ (ROTL(bb, 23))
return rk
# private F(Lt) function:
# "T algorithm" == "L algorithm" + "t algorithm".
# args: a: a is a 32 bits unsigned value;
# return: c: c is calculated with line algorithm "L" and nonline algorithm "t"
def sm4Lt(ka):
b =
a = PUT_UINT32_BE(ka)
b = sm4Sbox(a)
b = sm4Sbox(a)
b = sm4Sbox(a)
b = sm4Sbox(a)
bb = GET_UINT32_BE(b)
c = bb ^ (ROTL(bb, 2)) ^ (ROTL(bb, 10)) ^ (ROTL(bb, 18)) ^ (ROTL(bb, 24))
return c
# private F function:
# Calculating and getting encryption/decryption contents.
# args: x0: original contents;
# args: x1: original contents;
# args: x2: original contents;
# args: x3: original contents;
# args: rk: encryption/decryption key;
# return the contents of encryption/decryption contents.
def sm4F(x0, x1, x2, x3, rk):
return (x0 ^ sm4Lt(x1 ^ x2 ^ x3 ^ rk))
class Sm4(object):
def __init__(self):
self.sk = *32
self.mode = ENCRYPT
def sm4_set_key(self, key_data, mode):
self.sm4_setkey(key_data, mode)
def sm4_setkey(self, key, mode):
MK =
k = *36
MK = GET_UINT32_BE(key)
MK = GET_UINT32_BE(key)
MK = GET_UINT32_BE(key)
MK = GET_UINT32_BE(key)
k = XOR(MK, FK)
for i in range(32):
k = k ^ (sm4CalciRK(k ^ k ^ k ^ CK))
self.sk = k
self.mode = mode
if mode == DECRYPT:
for idx in range(16):
t = self.sk
self.sk = self.sk
self.sk = t
def sm4_one_round(self, sk, in_put):
out_put = []
ulbuf = *36
ulbuf = GET_UINT32_BE(in_put)
ulbuf = GET_UINT32_BE(in_put)
ulbuf = GET_UINT32_BE(in_put)
ulbuf = GET_UINT32_BE(in_put)
for idx in range(32):
ulbuf = sm4F(ulbuf, ulbuf, ulbuf, ulbuf, sk)
out_put += PUT_UINT32_BE(ulbuf)
out_put += PUT_UINT32_BE(ulbuf)
out_put += PUT_UINT32_BE(ulbuf)
out_put += PUT_UINT32_BE(ulbuf)
return out_put
def sm4_crypt_ecb(self, input_data):
# SM4-ECB block encryption/decryption
length = len(input_data)
i = 0
output_data = []
while length > 0:
output_data += self.sm4_one_round(self.sk, input_data)
i += 16
length -= 16
return output_data
def sm4_crypt_cbc(self, iv, input_data):
#SM4-CBC buffer encryption/decryption
length = len(input_data)
i = 0
output_data = []
tmp_input = *16
if self.mode == ENCRYPT:
while length > 0:
tmp_input = XOR(input_data, iv)
output_data += self.sm4_one_round(self.sk, tmp_input)
iv = copy.deepcopy(output_data)
i += 16
length -= 16
else:
while length > 0:
output_data += self.sm4_one_round(self.sk, input_data)
output_data = XOR(output_data, iv)
iv = copy.deepcopy(input_data)
i += 16
length -= 16
return output_data
def sm4_crypt_ecb(mode, key, data):
sm4_d = Sm4()
sm4_d.sm4_set_key(key, mode)
en_data = sm4_d.sm4_crypt_ecb(data)
return en_data
def sm4_crypt_cbc(mode, key, iv, data):
sm4_d = Sm4()
sm4_d.sm4_set_key(key, mode)
en_data = sm4_d.sm4_crypt_cbc(iv, data)
return en_data
if __name__ == "__main__":
log_init()
key_data =
input_data =
#input_data = *16
#iv_data = *16
sm4_d = Sm4()
# sm4_d.sm4_set_key(key_data, ENCRYPT)#ENCRYPT 加密是0 解密是1
# en_data = sm4_d.sm4_crypt_ecb(input_data)
# print_data(en_data, "en_data:")
sm4_d.sm4_set_key(key_data, DECRYPT)##ENCRYPT 加密是0 解密是1
de_data = sm4_d.sm4_crypt_ecb(input_data)#解密
print_data(de_data, "de_data:")
得到
0x36 0x32 0x36 0x31 0x36 0x34 0x37 0x32 0x36 0x35 0x37 0x32 0x33 0x31 0x33 0x32
经过变化后得到username
badrer12
password是一个6位的字符串,然后进入vm。
发现会跟"xyz{|}"异或,但是好像没有跟别的字符串对比,尝试提交,成功。
username:badrer12
password:xyz{|}
因为nc.send的时候会把\n发过去,所以用pwntools发包。from pwn import *
context.log_level="debug"
#p=process("./bbvvmm")
p=remote("39.97.228.196",10001)
p.recv()
p.sendline("badrer12")
p.recv()
p.send("xyz{|}")
p.interactive()
0x2 where_u_are
这题目的wp是kaller师傅@zhukai055 写的。
编译成o文件:
main函数中
关键的两步。
f22:找到字符在table_32的位置,f23:每次的pos转成5bit的二进制,放在偏移0x11e0的内存上。
f24:把二进制按单双数的位置拆开,分别用 累加除法判断,结果分别放在0x12b0 0x12b8。
最后在main中判断 结果。
写脚本爆破这段的时候,结果一直不为整数,可能是浮点数在IDA反编译的时候出了问题。
0.0001>=v7 -25 >=-0.0001 #v7=0x12b0
0.0001>=(v7+8) -175 >=-0.0001
#这里的精确度也是试出来的。
附C脚本
int _tmain(int argc, _TCHAR* argv[])
{
char b32_table[] = "0123456789bcdefghjkmnpqrstuvwxyz";
unsigned int v6; //
char *v7; //
char *v8; //
double v9; //
double v10; //
double v11; //
double v12; //
double v13; //
double v14; //
int Sz_1 = {0};
int Sz_2 = { 0 };
int Sz_3 = { 0 };
v13 = -90.0;
v14 = 90.0;
int Sz = { 0 };
for (int i = 0; i < 0xfffff; i++)//爆破20位二进制
{
for (int j = 0; j < 20; j++)//int转20bit数组
{
Sz = i >> j & 1;
//cout << Sz;
}
v9 = 0.0;
v10 = 0.0;
v11 = -180.0;
v12 =180.0;
for (int j = 0; j < 20; ++j)
{
if (Sz == 1)
{
v11 = v10;
v10 = (v10 + v12) / 2.0;
}
else if (Sz == 0)
{
v12 = v10;
v10 = (v11 + v10) / 2.0;
}
}
if (v10 - 175 >= -0.0001&&v10 - 175 <= 0.0001)
{
for (int j = 0; j < 20; j++)
{
Sz_1 = Sz;
cout << Sz_1;
}
cout << endl;
}
}
for (int i = 0; i < 0xfffff; i++)
{
for (int j = 0; j < 20; j++)
{
Sz = i >> j & 1;
//cout << Sz;
}
v9 = 0.0;
v10 = 0.0;
v11 = -90.0;
v12 = 90.0;
for (int j = 0; j < 20; ++j)
{
if (Sz == 1)
{
v11 = v10;
v10 = (v10 + v12) / 2.0;
}
else if (Sz == 0)
{
v12 = v10;
v10 = (v11 + v10) / 2.0;
}
}
if (v10 - 25 >= -0.0001&&v10 - 25 <= 0.0001)
{
for (int j = 0; j < 20; j++)
{
Sz_2 = Sz;
cout << Sz_2;
}
cout << endl ;
}
}
for (int i = 0; i < 20; i++)
{
Sz_3 = Sz_2;
Sz_3 = Sz_1;
}
for (int i = 0; i < 40; i++)
{
cout << Sz_3;
}
cout << endl;
int Sz_4 = { 0 };
for (int i = 0; i < 8; i++)
{
for (int j = 0; j < 5; j++)
{
cout << Sz_3 << " " <<( Sz_3 << (5 - j-1) )<< endl;
Sz_4 = Sz_4 + (Sz_3 << (5 - j-1));
}
cout << Sz_4 << endl;
}
system("pause");
cout << "flag{";
for (int i = 0; i < 8; i++)
{
cout<<b32_table];
}
cout << "}";
system("pause");
return 0;
}
flag{xukqnpp5} 厉害!!!! 前排膜拜下大牛操作 牛!!!厉害!!! 原来这么骚。。。发不全,根本没在意这个我r 原来这么骚。。。发不全,根本没在意
91xinpian会员的能解开吗,哈哈哈 看不懂路过支持一个 来支持师傅了 师傅 tql
页:
[1]
2