菜鸡的新生赛出题

我是真的菜啊！！！

0x01 前言

这次出题大概忙了差不多有半个月吧，从只会做题不会出题，到会写简单题的源代码，到会写一些有难度的题的源码，还是学到了一些东西的。

0x02 RE

签到

题目描述

今天hnqj又不想学习了，于是他决定出道签到题给大家玩玩，懂得都懂，不懂得说了也有用。很快啊，hnqj出好了，来偷袭吧干题人！

源码

#include<stdio.h>
#include<string.h>
const char a[]="{opzfpzfzvzvfohyk";
int main()
{     
		int i =0;
		char s[50]={}; 
		strcpy(s, "abcdefghijklmnjlkj");
        for ( i = 0; i < strlen(s); ++i )
        s[i] += 7;
        puts(s);
        return 0;	
}

每个字符减七，多的不想说毕竟签到

真签到

就随便写了个程序，动调只要会下断点就能得到答案

在return 0下个断点，md5得到flag

逆向也就这么难了

这道题是因为我看着比赛已经打了一天了，也没几只队伍做出前两道签到题，这跟预想的不太一样啊，真心想鼓励学弟们多入坑嘿嘿嘿！

shift+f12 就是flag

maze

参考攻防世界新手区逆向最后一题，基本是一个类型的题目，不多说。

try

题目来自海里师傅，只有一行代码，但是还挺脑洞的

import zlib,base64,marshal
print(base64.b64decode(zlib.decompress(base64.b64decode(b'eJydUjlywzAM/JJkpnVBU5pMCkBDyipcu9DQeYBMvT64aEuOm6TALLE4uACJ52mGPpr1M3T+xb5nvMU5TtOM04UQdvF0hjc1f7XrzseXOK4w44s21iQ49Ru/N783/8t8whvN2YFhNPTz0IHkV8Su9iWkHlo/WX7tczG8HnD0CwQvSHYf1P+AQjgaXxQf/u+8Bvb+ikX8NjKfvQOusXsqEl/zF6g6AmHxLWh94XuIc9TnTlwh3Fqb8r857Uka2VBnaGIxzHJuMaslzuFc6kUxl/TcYDj1UbU3aVS9w6gc8jzZH6jPQXZXLJfOkDdn40mDo51IbpJ83pPlFe2DEnvWDps4G+3WPXqTn7L2rDrljqDcoPc4ip3sPZlfaD4+V3vDnT55d4l3VvzK+5VdcW/V6OTNi/Ab3aqHd0LIsQaD5XMex4JpDhIXrYPsyJc0Vl9noVlX7p20hv+O43vsvjU9/9VzFvpXcc8t8uey4fjAOygWjkE8Hn8AFflf5g=='
))))

-------------------------------------------------------------------------------------------------
#得到得数放入十六进制编译器里，后缀改为pyc，再转为py得

flag = '****_****_****_****'
b = 'PUALAKLVV]TQ[}QD'
c = ''
for i in range(len(flag)):
    c += chr(ord(flag[i]) ^ ord(b[i]))
else:
    print(c)
------------------------------------------------------------------------------------------------
flag=''
b = 'PUALAKLVV]TQ[}QD'
c = 'cd2512d512d5123e'
for i in range(len(c)):
    flag += chr(ord(c[i]) ^ ord(b[i]))
else:
    print(flag)
再按位加上'_'得
31sy_py(c_go0d_jOb!

easy_cpp

hl师傅写的源码比我强多了，这里就不放源码了，简单给一下exp

import base64
flag=''; base64flag = ''; dict = {};
orgin = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
for i in range(len(orgin)):
    dict[orgin[i]] = orgin[i]
for i in range(6, 15): 
    dict[orgin[i]] , dict[orgin[i+10]] = dict[orgin[i+10]] , dict[orgin[i]] # 恢复base64密钥表
print(dict)
secret = 'ZmxhZ3tiGNXlXjHfaDTzN2FfK3LycRTpc2L9'
for i in range(len(secret)):
    base64flag += dict[secret[i]]#根据恢复后的base64密钥表进行部分字符转化，想当于G~O的字符转为Q~Y,Q~Y转为G~O
print(base64flag)

#base64解码
flag = base64.b64decode(base64flag)
print(flag)


#恢复base64密钥表相当于以下算法
secret1 = 'ZmxhZ3tiGNXlXjHfaDTzN2FfK3LycRTpc2L9'
a=''
for i in range(len(secret1)):
    if ord(secret1[i])<80 and ord(secret1[i])>=71:
        a += chr(ord(secret1[i]) + 10)
    else:
        if ord(secret1[i])<90 and ord(secret1[i])>=81:
            a += chr(ord(secret1[i]) - 10)
        else:
            a += chr(ord(secret1[i]))
print(a)

大三才学的密码学

这道题，在上一篇博客有详细题解，可以参考。

0x03 密码

最最最基础密码

仿射密码，澳神直接手算！

Rsa

from Crypto.Util.number import *
from gmpy2 import *
from sympy.ntheory.residue_ntheory import nthroot_mod
n = 7941371739956577280160664419383740967516918938781306610817149744988379280561359039016508679365806108722198157199058807892703837558280678711420411242914059658055366348123106473335186505617418956630780649894945233345985279471106888635177256011468979083320605103256178446993230320443790240285158260236926519042413378204298514714890725325831769281505530787739922007367026883959544239568886349070557272869042275528961483412544495589811933856131557221673534170105409
d = 7515987842794170949444517202158067021118454558360145030399453487603693522695746732547224100845570119375977629070702308991221388721952258969752305904378724402002545947182529859604584400048983091861594720299791743887521228492714135449584003054386457751933095902983841246048952155097668245322664318518861440
cipher = 1618155233923718966393124032999431934705026408748451436388483012584983753140040289666712916510617403356206112730613485227084128314043665913357106301736817062412927135716281544348612150328867226515184078966397180771624148797528036548243343316501503364783092550480439749404301122277056732857399413805293899249313045684662146333448668209567898831091274930053147799756622844119463942087160062353526056879436998061803187343431081504474584816590199768034450005448200
p = 102634610559478918970860957918259981057327949366949344137104804864768237961662136189827166317524151288799657758536256924609797810164397005081733039415393
q = 7534810196420932552168708937019691994681052660068275906973480617604535381306041583841106383688654426129050931519275383386503174076258645141589911492908993
r = 10269028767754306217563721664976261924407940883784193817786660413744866184645984238866463711873380072803747092361041245422348883639933712733051005791543841
phn = (p-1)*(q-1)*(r-1)
e = 0x10001
dec = invert(e,phn)
print(dec)
c = pow(cipher,dec,n)
print(c)
m = nthroot_mod(c,2,r)
print(m)
print(long_to_bytes(m))

维吉尼亚

维吉尼亚源码，懂得都懂，密码我也不太会出，也没怎么专研，就这样吧！

0x04 总结

没啥好说的，觉得自己还是太菜了，源码就只放给大家一道吧，有的学弟水平应该已经远高于我。自己还是的多学多练啊，另外老师说大三也不能一直打比赛做题了，最近准备搞一搞实战了奥里给！