1.md5
打开文件获得md5加密内容,直接到在线网站https://cmd5.com/
解密得到flag/MD5.PNG "flag")
flag{admin1}
2.Url编码
打开文件,一堆url编码的字符
%66%6c%61%67%7b%61%6e%64%20%31%3d%31%7d
到在线网站,http://tool.chinaz.com/tools/urlencode.aspx
得到flag
flag{and 1=1}
3.一眼就解密
根据字符串,看出是base64加密,
base64是由(A-Z、a-z、0-9、+、/)64个可见字符构成,“=”符号用作后缀填充。
解密得到flag/%E4%B8%80%E7%9C%BC%E5%B0%B1%E8%A7%A3%E5%AF%86.PNG "flag")
flag{THE_FLAG_OF_THIS_STRING}
4.看我回旋踢
观察字符串格式,应该是凯撒密码,解密得到flag/%E7%9C%8B%E6%88%91%E5%9B%9E%E6%97%8B%E8%B8%A2.PNG "flag")
flag{5cd1004d-86a5-46d8-b720-beb5ba0417e1}
5.摩丝
加密方式是摩斯密码解密,直接解密,得到flag/%E6%91%A9%E4%B8%9D.PNG "flag")
flag{ILOVEYOU}
6.[BJDCTF 2nd]签到-y1ng
观察字符串格式,为base64加密,直接解密得到flag/[BJDCTF%202nd]%E7%AD%BE%E5%88%B0-y1ng.PNG "flag")
BJD{W3lc0me_T0_BJDCTF}
7.password
观察flag包裹的是10位字符,/password.PNG "flag")
生日的日期占8位,那么另两位应该是名字的首字母缩写,尝试flag,正确
flag{zs19900315}
8.变异凯撒
解密后,没发现合适的flag/%E5%8F%98%E5%BC%82%E5%87%AF%E6%92%921.PNG "flag")
凯撒加密的原理为:
凯撒加密法,或称恺撒加密、恺撒变换、变换加密,是一种最简单且最广为人知的加密技术。它是一种替换加密的技术,明文中的所有字母都在字母表上向后(或向前)按照一个固定数目进行偏移后被替换成密文。
变异的凯撒,凯撒加密与移动位数相关,那么变异可能就变在移动上了。而密文中有“_”,这个符号在字母表中是没有的,所以想到,可能是ASCII码值得变动。
根据ascll表
密文:afZ_r9VYfScOeO_UL^RWUc,看看能否与ctf 或者flag 对应上,
此时发现
a:97 f:102 Z:106 _:95
c:99 t:116 f:102 {:123
f:102 l:108 a:97 g:103
a→f: 移动了5 f→l:移动了6, 后面依次移动了7、8。此时按照这种移动规律
#!/usr/bin/env python
# coding:utf-8
def b_kaisa(mstr):
j = 5
i = 0
lmstr = []
for i in range(len(mstr)):
m = ord(mstr[i]) # 将密文的第i个字母变为其ascii码值
m = m + j # ascii值+j
lmstr.append(m) # 将递进后的ascii值存入列表lmstr[]
i = i+1
j = j+1
return lmstr
if __name__ == '__main__':
m_str = 'afZ_r9VYfScOeO_UL^RWUc' # 密文
lstr = []
lstr = b_kaisa(m_str)
print lstr
得到
[102, 108, 97, 103, 123, 67, 97, 101, 115, 97, 114, 95, 118, 97, 114, 105, 97, 116, 105, 111, 110, 125]
转ascll字符串,得到flag/%E5%8F%98%E5%BC%82%E5%87%AF%E6%92%922.PNG "flag")
flag{Caesar_variation}
9.Quoted-printable
根据题目,得知这是Quoted-printable加密,到在线网站http://www.mxcz.net/tools/QuotedPrintable.aspx
解密,得到flag/Quoted-printable.PNG "flag")
flag{那你也很棒哦}
10.Rabbit
根据题目,这是rabbit加密,到在线网站http://www.jsons.cn/rabbitencrypt/
解密得到flag/Rabbit.PNG "flag")
flag{Cute_Rabbit}
11.篱笆墙的影子
根据提示和字符串,推断出字符串为栅栏密码,到在线网站https://www.qqxiuzi.cn/bianma/zhalanmima.php
或者利用脚本
s = raw_input('请输入要解密的字符串\n')
factors = [fac for fac in range(2, len(s)) if len(s)%fac == 0] #取得密文长度的所有因数
for fac in factors:
flag = ''
for i in range(fac): #按一定的步长取几组字符,并连接起来,这里组数就等于步长数
flag += s[i::fac]
print(str(fac)+'栏:'+flag)
/%E7%AF%B1%E7%AC%86%E5%A2%99%E7%9A%84%E5%BD%B1%E5%AD%90.PNG "flag")
flag{wethinkwehavetheflag}
12.RSA
RSA加密原理:http://www.ruanyifeng.com/blog/2013/06/rsa_algorithm_part_one.html
文件中得到q,p,e的值,开始写脚本,
# -*-coding:utf-8-*-
import gmpy2
p = 473398607161
q = 4511491
e = 17
phi = (p - 1) * (q - 1)
print gmpy2.invert(e,phi)
得到flag
flag{125631357777427553}
13.丢失的MD5
下载得到一个python脚本,运行一下,得到flag/%E4%B8%A2%E5%A4%B1%E7%9A%84MD5.PNG "flag")
flag{e9032994dabac08080091151380478a2}
14.[BJDCTF 2nd]老文盲了
下载得到一堆字
利用文字转拼音http://www.aies.cn/pinyin2.htm/[BJDCTF%202nd]%E8%80%81%E6%96%87%E7%9B%B2%E4%BA%86.PNG "flag")
根据拼音,得到flag
BJD{淛匶襫黼瀬鎶軄鶛驕鳓哵}
15.Alice与Bob
根据题目分析,这道题就是RSA的分解n,那串数字就是n的值,在线网站http://www.factordb.com/
输入n的值得到q和p/Alice%E4%B8%8EBob1.PNG "flag")
又根据提示,得到了新数字:101999966233
到在线网站https://md5jiami.51240.com/
得到flag
flag{d450209323a847c8d01c6be47c81811a}
16.rsarsa
打开下载的文件/rsarsa.PNG "flag")
这是典型的rsa题,求出明文m即可得到flag
写python脚本
# -*-coding:utf-8-*-
import gmpy2
p = 9648423029010515676590551740010426534945737639235739800643989352039852507298491399561035009163427050370107570733633350911691280297777160200625281665378483
q = 11874843837980297032092405848653656852760910154543380907650040190704283358909208578251063047732443992230647903887510065547947313543299303261986053486569407
e = 65537
c = 83208298995174604174773590298203639360540024871256126892889661345742403314929861939100492666605647316646576486526217457006376842280869728581726746401583705899941768214138742259689334840735633553053887641847651173776251820293087212885670180367406807406765923638973161375817392737747832762751690104423869019034
n = p * q
phi = (q - 1) * (p - 1)
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
print m
得到flag
flag{5577446633554466577768879988}
17.大帝的密码武器
根据下载的文件,判断是凯撒密码
凯撒密码核心就是移位,所以我们将题目中给的字符串FRPHEVGL经行1-26的移位观察(总所周知,一个单词小写字母写认识,可能大写字母写就认不出来了,所以转化成小写字母)
str1 = 'frphevgl'
num = 1 # 偏移量
for i in range(26):
print("{:<2d}".format(num), end = ' ')
for temp in str2:
if (ord(temp) + num > ord('z')): # 如果超出'z',需要重新映射会a~z这26个字母上
print(chr(ord(temp) + num - 26), end = '')
else:
print(chr(ord(temp) + num), end = '')
num += 1
print('')
得到的字符,到百度翻译查看/%E5%A4%A7%E5%B8%9D%E7%9A%84%E5%AF%86%E7%A0%81%E6%AD%A6%E5%99%A8.PNG "flag")
只有第13个是英语单词,说明位移是13
用位移13解密ComeChina,得到flag
flag{PbzrPuvan}
18.Windows系统密码
打开文件,得到windows加密的密码,到网站https://cmd5.com/解密
发现只有a7fcb22a88038f35a8f39d503e7f0062能解密到flag,flag为/Windows%E7%B3%BB%E7%BB%9F%E5%AF%86%E7%A0%81.PNG "flag")
flag{good-luck}
19.[BJDCTF 2nd]cat_flag
下载得到一个gif图,发现有两种猫,而且每行有8个猫,猜测是二进制,把不拿鸡腿的猫作为0,转为二进制后
01000010
01001010
01000100
01111011
01001101
00100001
01100001
00110000
01111110
01111101
转字符串,得到flag/[BJDCTF%202nd]cat_flag.PNG "flag")
flag{M!a0~}
20.[BJDCTF 2nd]燕言燕语-y1ng
看到一串字符,看起来像16进制,尝试16进制转字符串/[BJDCTF%202nd]%E7%87%95%E8%A8%80%E7%87%95%E8%AF%AD-y1ng.PNG "flag")
得到维吉尼亚加密的字符和解密密码,https://baike.baidu.com/item/%E7%BB%B4%E5%90%89%E5%B0%BC%E4%BA%9A%E5%AF%86%E7%A0%81/4905472?fr=aladdin
到在线网站https://www.qqxiuzi.cn/bianma/weijiniyamima.php,解密/[BJDCTF%202nd]%E7%87%95%E8%A8%80%E7%87%95%E8%AF%AD-y1ng1.PNG "flag")
BJD{yanzi_jiushige_shabi}
21.[GKCTF2020]小学生的密码学
- 这种形式的加密手法是仿射变换,其加解密分别是:
/[GKCTF2020]%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%9A%84%E5%AF%86%E7%A0%81%E5%AD%A6.PNG "flag")
- 所以可以得到a=11,b=6a=11,b=6,需要做的工作是根据密文c,密钥a/b密文c,密钥a/b求得明文mm。这里a−1a−1计算可以利用Python的gmpy2库中invert函数完成
- 注意仿射变换26个字母按数字0~25记,因此在需要将密文ASCII对应的数值减去97,解密完恢复成字母即加上97
- 此外,题目要求最后的flag为base64形式,因此还需借助Python的base64库中b64encode函数。需要注意的是在Python3中,字符都为unicode编码,而b64encode函数的参数为byte类型,所以必须先转码。
import gmpy2
import string
import base64
m = gmpy2.invert(11,26)
table = string.ascii_lowercase
# print table
secrt = "welcylk"
plain = ''
for i in secrt:
x = table.index(i)
j = (x-6)*m%26
# print j
plain += table[j]
print plain
print base64.b64encode(plain)
解出flag
flag{c29yY2VyeQ==}
22.传统知识+古典密码
/%E4%BC%A0%E7%BB%9F%E7%9F%A5%E8%AF%86%20%E5%8F%A4%E5%85%B8%E5%AF%86%E7%A0%81.PNG "flag")
根据甲子表
辛卯=28 癸巳=30 丙戌=23 辛未=8 庚辰=17 癸酉=10 己卯=16 癸巳=30 甲子=60
再加一个甲子(60),得到
88 90 83 68 77 70 76 90
10进制转ascll码,得到/%E4%BC%A0%E7%BB%9F%E7%9F%A5%E8%AF%86%20%E5%8F%A4%E5%85%B8%E5%AF%86%E7%A0%811.PNG "flag")
根据提示古典密码,根据此处得到的字符串,想到栅栏密码和凯撒密码
栅栏密码解出/%E4%BC%A0%E7%BB%9F%E7%9F%A5%E8%AF%86%20%E5%8F%A4%E5%85%B8%E5%AF%86%E7%A0%812.PNG "flag")
根据得到的两栏,进行凯撒解密/%E4%BC%A0%E7%BB%9F%E7%9F%A5%E8%AF%86%20%E5%8F%A4%E5%85%B8%E5%AF%86%E7%A0%813.PNG "flag")
得到了一个貌似合适的flag,提交正确
flag{SHUANGYU}
23.信息化时代的步伐
https://baike.baidu.com/item/%E4%B8%AD%E6%96%87%E7%94%B5%E7%A0%81/2667759?fr=aladdin
到在线网站https://dianma.51240.com/
得到flag
flag{计算机要从娃娃抓起}
24.RSA1
根据已知的q,p,dp,dp,c求m
https://blog.csdn.net/MikeCoke/article/details/105959599
写脚本
import gmpy2
p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229
q = 12640674973996472769176047937170883420927050821480010581593137135372473880595613737337630629752577346147039284030082593490776630572584959954205336880228469
dp = 6500795702216834621109042351193261530650043841056252930930949663358625016881832840728066026150264693076109354874099841380454881716097778307268116910582929
dq = 783472263673553449019532580386470672380574033551303889137911760438881683674556098098256795673512201963002175438762767516968043599582527539160811120550041
c = 24722305403887382073567316467649080662631552905960229399079107995602154418176056335800638887527614164073530437657085079676157350205351945222989351316076486573599576041978339872265925062764318536089007310270278526159678937431903862892400747915525118983959970607934142974736675784325993445942031372107342103852
I = gmpy2.invert(q,p)
mp = pow(c,dp,p)
mq = pow(c,dq,q)
m = (((mp-mq)*I)%p)*q+mq
print(hex(m))
得出16进制数,直接16进制转字符串,得到flag
flag{W31c0m3_70_Ch1n470wn}
25.凯撒?替换?呵呵!
把这串字符,凯撒解密,发现没有正确flag,于是到https://quipqiup.com//%E5%87%AF%E6%92%92%EF%BC%9F%E6%9B%BF%E6%8D%A2%EF%BC%9F%E5%91%B5%E5%91%B5!.PNG "flag")
破解出的第一个去掉多余空格,转小写,得到flag
flag{substitutioncipherdecryptionisalwayseasyjustlikeapieceofcake}
26.old-fashion
词频分析,替换密码,到https://quipqiup.com//old-fashion.PNG "flag")
得到flag
flag{n1_2hen-d3_hu1-mi-ma_a}
27.权限获得第一步
得到一段加密密码,到https://cmd5.com/解密,
解密到最后一串密码的时候得到flag/%E6%9D%83%E9%99%90%E8%8E%B7%E5%BE%97%E7%AC%AC%E4%B8%80%E6%AD%A5.PNG "flag")
flag{3617656}
28.[BJDCTF 2nd]灵能精通-y1ng
得到一个图片,经过百度搜索图案,是猪圈密码的变形圣堂武士密码/[BJDCTF%202nd]%E7%81%B5%E8%83%BD%E7%B2%BE%E9%80%9A-y1ng.PNG "flag")
得到flag
flag{IMKNIGHTSTEMPLAR}
29.萌萌哒的八戒
猪圈密码直接对照/%E8%90%8C%E8%90%8C%E5%93%92%E7%9A%84%E5%85%AB%E6%88%92.PNG "flag")
flag{whenthepigwanttoeat}
30.RSA3
共模攻击
脚本
import gmpy2
import binascii
import rsa
import math
from Crypto.Util import number
def exgcd(m, n, x, y):
if n == 0:
x = 1
y = 0
return (m, x, y)
a1 = b = 1
a = b1 = 0
c = m
d = n
q = int(c / d)
r = c % d
while r:
c = d
d = r
t = a1
a1 = a
a = t - q * a
t = b1
b1 = b
b = t - q * b
q = int(c / d)
r = c % d
x = a
y = b
return (d, x, y)
c1=22322035275663237041646893770451933509324701913484303338076210603542612758956262869640822486470121149424485571361007421293675516338822195280313794991136048140918842471219840263536338886250492682739436410013436651161720725855484866690084788721349555662019879081501113222996123305533009325964377798892703161521852805956811219563883312896330156298621674684353919547558127920925706842808914762199011054955816534977675267395009575347820387073483928425066536361482774892370969520740304287456555508933372782327506569010772537497541764311429052216291198932092617792645253901478910801592878203564861118912045464959832566051361
c2=18702010045187015556548691642394982835669262147230212731309938675226458555210425972429418449273410535387985931036711854265623905066805665751803269106880746769003478900791099590239513925449748814075904017471585572848473556490565450062664706449128415834787961947266259789785962922238701134079720414228414066193071495304612341052987455615930023536823801499269773357186087452747500840640419365011554421183037505653461286732740983702740822671148045619497667184586123657285604061875653909567822328914065337797733444640351518775487649819978262363617265797982843179630888729407238496650987720428708217115257989007867331698397
e1=11187289
e2=9647291
n=22708078815885011462462049064339185898712439277226831073457888403129378547350292420267016551819052430779004755846649044001024141485283286483130702616057274698473611149508798869706347501931583117632710700787228016480127677393649929530416598686027354216422565934459015161927613607902831542857977859612596282353679327773303727004407262197231586324599181983572622404590354084541788062262164510140605868122410388090174420147752408554129789760902300898046273909007852818474030770699647647363015102118956737673941354217692696044969695308506436573142565573487583507037356944848039864382339216266670673567488871508925311154801
ans=exgcd(e1,e2,0,0)
s1=ans[1]
s2=ans[2]
m=(gmpy2.powmod(c1,s1,n)*gmpy2.powmod(c2,s2,n))%n
print(number.long_to_bytes(m))
/RSA3.PNG "flag")
flag{49d91077a1abcb14f1a9d546c80be9ef}
31.[BJDCTF 2nd]Y1nglish-y1ng
网站https://quipqiup.com/解密/[BJDCTF%202nd]Y1nglish-y1ng.PNG "flag")
根据提示得到flag
BJD{pyth0n_Brut3_f0rc3_oR_quipquip_AI_Cr4ck}
32.世上无难事
根据提示
1.找到key作为答案提交
2.答案是32位
3.包含小写字母
到网站https://quipqiup.com/
flag{640e11012805f211b0ab24ff02a1ed09}
33.RSA2
类型:dp+n+e+c = m dp泄露
import gmpy2
n = 248254007851526241177721526698901802985832766176221609612258877371620580060433101538328030305219918697643619814200930679612109885533801335348445023751670478437073055544724280684733298051599167660303645183146161497485358633681492129668802402065797789905550489547645118787266601929429724133167768465309665906113
e = 65537
c = 140423670976252696807533673586209400575664282100684119784203527124521188996403826597436883766041879067494280957410201958935737360380801845453829293997433414188838725751796261702622028587211560353362847191060306578510511380965162133472698713063592621028959167072781482562673683090590521214218071160287665180751
dp = 905074498052346904643025132879518330691925174573054004621877253318682675055421970943552016695528560364834446303196939207056642927148093290374440210503657
for i in range(1, e):
if (dp * e - 1) % i == 0:
if n % (((dp * e - 1) // i) + 1) == 0:
p = ((dp * e - 1) // i) + 1
q = n // (((dp * e - 1) // i) + 1)
phi = (q - 1) * (p - 1)
d = gmpy2.invert(e, phi)
m = pow(c, d, n)
print(m)
print(hex(m)[2:])
flag = hex(m)[2:]
print(bytes.fromhex(flag))
flag{wow_leaking_dp_breaks_rsa?_98924743502}
34.RSA
分解key文件得到n,到http://www.factordb.com/得到p和q
import gmpy2
import rsa
e = 65537
n = 86934482296048119190666062003494800588905656017203025617216654058378322103517
p = 285960468890451637935629440372639283459
q = 304008741604601924494328155975272418463
phin = (p - 1) * (q - 1)
d = gmpy2.invert(e, phin)
with open('flag.enc','rb') as f:
f = f.read()
print rsa.decrypt(f,rsa.PrivateKey(n,e,int(d),p,q))
得到flag
flag{decrypt_256}
35.异性相吸
两个文件,16进制查看,转为2进制
a = '0110000101110011011000010110010001110011011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011100010111011101100101011100110111000101100110'
b = '0000011100011111000000000000001100001000000001000001001001010101000000110001000001010100010110000100101101011100010110000100101001010110010100110100010001010010000000110100010000000010010110000100011000000110010101000100011100000101010101100100011101010111010001000001001001011101010010100001010000011011'
c = ''
for i in range(len(a)):
if(a[i] == b[i]):
c+='0'
else:
c+='1'
print(c)
得到一串二进制,转字符串,得到flag/%E5%BC%82%E6%80%A7%E7%9B%B8%E5%90%B8.PNG "flag")
flag{ea1bc0988992276b7f95b54a7435e89e}
36.还原大师
md5爆破
import hashlib
k = 'TASC?O3RJMV?WDJKX?ZM'
for i in range(26):
temp1 = k.replace('?',str(chr(65+i)),1)
for j in range(26):
temp2 = temp1.replace('?',chr(65+j),1)
for n in range(26):
temp3 = temp2.replace('?',chr(65+n),1)
s = hashlib.md5(temp3.encode('utf8')).hexdigest().upper()
if s[:4] == 'E903':
print (s)
flag{E9032994DABAC08080091151380478A2}
37.[GKCTF2020]汉字的秘密
是当铺密码,笔画中有几个出头的就对应着数字几
a = '田口由中人工大土士王夫井羊壮'
b = '00123455567899'
cip = '王壮 夫工 王中 王夫 由由井 井人 夫中 夫夫 井王 土土 夫由 土夫 井中 士夫 王工 王人 土由 由口夫'
s = ''
for i in cip:
if i in a:
s += b[a.index(i)]
else:
s += ' '
#print(s)
ll = s.split(" ")
t = ''
for i in range(0,len(ll)):
t += chr(int(ll[i])+i+1)
print(t.lower())
flag{you_are_good}
38.RSAROLL
类型:n+e+c+p+q= m + n分解
到http://www.factordb.com/分解/RSAROLL.PNG "flag")
# -*-coding:utf-8-*-
import gmpy2
N,p,q,e=920139713,18443,49891,19
d=gmpy2.invert(e,(p-1)*(q-1))
result=[]
with open("1.txt","r") as f:
for line in f.readlines():
line=line.strip('\n')#
result.append(chr(pow(int(line),d,N)))
for i in result:
print (i,end='')
1.txt里放/RSAROLL1.PNG "flag")
得到flag
flag{13212je2ue28fy71w8u87y31r78eu1e2}
39.robomunication
用audacity打开
听起来像摩斯密码,得到
.... . .-.. .-.. --- .-- .... .- - .. ... - .... . -.- . -.-- .. - .. ... -... --- --- -... . . .--.
解密得到
hellowhatisthekeyitisboobeep
flag是boobeep,改为大写提交
flag{BOOPBEEP}
40.Unencode
到http://ctf.ssleye.com/uu.html直接解密,得到flag
flag{dsdasdsa99877LLLKK}
