1.md5

打开文件获得md5加密内容,直接到在线网站https://cmd5.com/
解密得到flag
flag

flag{admin1}

2.Url编码

打开文件,一堆url编码的字符

%66%6c%61%67%7b%61%6e%64%20%31%3d%31%7d

到在线网站,http://tool.chinaz.com/tools/urlencode.aspx
得到flag

flag{and 1=1}

3.一眼就解密

根据字符串,看出是base64加密,

base64是由(A-Z、a-z、0-9、+、/)64个可见字符构成,“=”符号用作后缀填充。

解密得到flag
flag

flag{THE_FLAG_OF_THIS_STRING}

4.看我回旋踢

观察字符串格式,应该是凯撒密码,解密得到flag
flag

flag{5cd1004d-86a5-46d8-b720-beb5ba0417e1}

5.摩丝

加密方式是摩斯密码解密,直接解密,得到flag
flag

flag{ILOVEYOU}

6.[BJDCTF 2nd]签到-y1ng

观察字符串格式,为base64加密,直接解密得到flag
flag

BJD{W3lc0me_T0_BJDCTF}

7.password

观察flag包裹的是10位字符,
flag
生日的日期占8位,那么另两位应该是名字的首字母缩写,尝试flag,正确

flag{zs19900315}

8.变异凯撒

解密后,没发现合适的flag
flag

凯撒加密的原理为:
凯撒加密法,或称恺撒加密、恺撒变换、变换加密,是一种最简单且最广为人知的加密技术。它是一种替换加密的技术,明文中的所有字母都在字母表上向后(或向前)按照一个固定数目进行偏移后被替换成密文。

变异的凯撒,凯撒加密与移动位数相关,那么变异可能就变在移动上了。而密文中有“_”,这个符号在字母表中是没有的,所以想到,可能是ASCII码值得变动。

根据ascll表
密文:afZ_r9VYfScOeO_UL^RWUc,看看能否与ctf 或者flag 对应上,
此时发现

a:97   f:102   Z:106   _:95                                                              

c:99   t:116   f:102    {:123

f:102  l:108  a:97      g:103

a→f: 移动了5 f→l:移动了6, 后面依次移动了7、8。此时按照这种移动规律

#!/usr/bin/env python
# coding:utf-8

def b_kaisa(mstr):
    j = 5
    i = 0
    lmstr = []
    for i in range(len(mstr)):
        m = ord(mstr[i])          # 将密文的第i个字母变为其ascii码值
        m = m + j                 # ascii值+j
        lmstr.append(m)           # 将递进后的ascii值存入列表lmstr[]
        i = i+1
        j = j+1
    return lmstr

if __name__ == '__main__':
    m_str = 'afZ_r9VYfScOeO_UL^RWUc'    # 密文
    lstr = []
    lstr = b_kaisa(m_str)
    print lstr

得到

[102, 108, 97, 103, 123, 67, 97, 101, 115, 97, 114, 95, 118, 97, 114, 105, 97, 116, 105, 111, 110, 125]

转ascll字符串,得到flag
flag

flag{Caesar_variation}

9.Quoted-printable

根据题目,得知这是Quoted-printable加密,到在线网站http://www.mxcz.net/tools/QuotedPrintable.aspx
解密,得到flag
flag

flag{那你也很棒哦}

10.Rabbit

根据题目,这是rabbit加密,到在线网站http://www.jsons.cn/rabbitencrypt/
解密得到flag
flag

flag{Cute_Rabbit}

11.篱笆墙的影子

根据提示和字符串,推断出字符串为栅栏密码,到在线网站https://www.qqxiuzi.cn/bianma/zhalanmima.php
或者利用脚本

s = raw_input('请输入要解密的字符串\n')
factors = [fac for fac in range(2, len(s)) if len(s)%fac == 0] #取得密文长度的所有因数
for fac in factors:
    flag = ''
    for i in range(fac): #按一定的步长取几组字符,并连接起来,这里组数就等于步长数
        flag += s[i::fac]
    print(str(fac)+'栏:'+flag)

flag

flag{wethinkwehavetheflag}

12.RSA

RSA加密原理:http://www.ruanyifeng.com/blog/2013/06/rsa_algorithm_part_one.html
文件中得到q,p,e的值,开始写脚本,

# -*-coding:utf-8-*-
import gmpy2
p = 473398607161
q = 4511491
e = 17
phi = (p - 1) * (q - 1)
print gmpy2.invert(e,phi)

得到flag

flag{125631357777427553}

13.丢失的MD5

下载得到一个python脚本,运行一下,得到flag
flag

flag{e9032994dabac08080091151380478a2}

14.[BJDCTF 2nd]老文盲了

下载得到一堆字
利用文字转拼音http://www.aies.cn/pinyin2.htm
flag
根据拼音,得到flag

BJD{淛匶襫黼瀬鎶軄鶛驕鳓哵}

15.Alice与Bob

根据题目分析,这道题就是RSA的分解n,那串数字就是n的值,在线网站http://www.factordb.com/
输入n的值得到q和p
flag
又根据提示,得到了新数字:101999966233
到在线网站https://md5jiami.51240.com/
得到flag

flag{d450209323a847c8d01c6be47c81811a}

16.rsarsa

打开下载的文件
flag
这是典型的rsa题,求出明文m即可得到flag
写python脚本

# -*-coding:utf-8-*-
import gmpy2
p =  9648423029010515676590551740010426534945737639235739800643989352039852507298491399561035009163427050370107570733633350911691280297777160200625281665378483
q =  11874843837980297032092405848653656852760910154543380907650040190704283358909208578251063047732443992230647903887510065547947313543299303261986053486569407
e =  65537
c =  83208298995174604174773590298203639360540024871256126892889661345742403314929861939100492666605647316646576486526217457006376842280869728581726746401583705899941768214138742259689334840735633553053887641847651173776251820293087212885670180367406807406765923638973161375817392737747832762751690104423869019034
n = p * q
phi = (q - 1) * (p - 1)
d = gmpy2.invert(e,phi)

m = pow(c,d,n)
print m

得到flag

flag{5577446633554466577768879988}

17.大帝的密码武器

根据下载的文件,判断是凯撒密码
凯撒密码核心就是移位,所以我们将题目中给的字符串FRPHEVGL经行1-26的移位观察(总所周知,一个单词小写字母写认识,可能大写字母写就认不出来了,所以转化成小写字母)

str1 = 'frphevgl'
num = 1  # 偏移量
for i in range(26):
    print("{:<2d}".format(num), end = ' ')
    for temp in str2:
        if (ord(temp) + num > ord('z')):  # 如果超出'z',需要重新映射会a~z这26个字母上
            print(chr(ord(temp) + num - 26), end = '')
        else:
            print(chr(ord(temp) + num), end = '')
    num += 1
    print('')

得到的字符,到百度翻译查看
flag
只有第13个是英语单词,说明位移是13
用位移13解密ComeChina,得到flag

flag{PbzrPuvan}

18.Windows系统密码

打开文件,得到windows加密的密码,到网站https://cmd5.com/解密
发现只有a7fcb22a88038f35a8f39d503e7f0062能解密到flag,flag为
flag

flag{good-luck}

19.[BJDCTF 2nd]cat_flag

下载得到一个gif图,发现有两种猫,而且每行有8个猫,猜测是二进制,把不拿鸡腿的猫作为0,转为二进制后

01000010
01001010
01000100
01111011
01001101
00100001
01100001
00110000
01111110
01111101

转字符串,得到flag
flag

flag{M!a0~}

20.[BJDCTF 2nd]燕言燕语-y1ng

看到一串字符,看起来像16进制,尝试16进制转字符串
flag
得到维吉尼亚加密的字符和解密密码,https://baike.baidu.com/item/%E7%BB%B4%E5%90%89%E5%B0%BC%E4%BA%9A%E5%AF%86%E7%A0%81/4905472?fr=aladdin
到在线网站https://www.qqxiuzi.cn/bianma/weijiniyamima.php,解密
flag

BJD{yanzi_jiushige_shabi}

21.[GKCTF2020]小学生的密码学

  1. 这种形式的加密手法是仿射变换,其加解密分别是:
    flag
  2. 所以可以得到a=11,b=6a=11,b=6,需要做的工作是根据密文c,密钥a/b密文c,密钥a/b求得明文mm。这里a−1a−1计算可以利用Python的gmpy2库中invert函数完成
  3. 注意仿射变换26个字母按数字0~25记,因此在需要将密文ASCII对应的数值减去97,解密完恢复成字母即加上97
  4. 此外,题目要求最后的flag为base64形式,因此还需借助Python的base64库中b64encode函数。需要注意的是在Python3中,字符都为unicode编码,而b64encode函数的参数为byte类型,所以必须先转码。
import gmpy2
import string
import base64
m = gmpy2.invert(11,26)
table = string.ascii_lowercase
# print table
secrt = "welcylk"
plain = ''
for i in secrt:
    x = table.index(i)
    j = (x-6)*m%26
    # print j
    plain += table[j]
print plain
print base64.b64encode(plain)

解出flag

flag{c29yY2VyeQ==}

22.传统知识+古典密码

flag
根据甲子表

辛卯=28  癸巳=30  丙戌=23  辛未=8  庚辰=17  癸酉=10  己卯=16  癸巳=30  甲子=60

再加一个甲子(60),得到

88 90 83 68 77 70 76 90

10进制转ascll码,得到
flag
根据提示古典密码,根据此处得到的字符串,想到栅栏密码和凯撒密码
栅栏密码解出
flag
根据得到的两栏,进行凯撒解密
flag
得到了一个貌似合适的flag,提交正确

flag{SHUANGYU}

23.信息化时代的步伐

https://baike.baidu.com/item/%E4%B8%AD%E6%96%87%E7%94%B5%E7%A0%81/2667759?fr=aladdin
到在线网站https://dianma.51240.com/
得到flag

flag{计算机要从娃娃抓起}

24.RSA1

根据已知的q,p,dp,dp,c求m
https://blog.csdn.net/MikeCoke/article/details/105959599
写脚本

import gmpy2
p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229
q = 12640674973996472769176047937170883420927050821480010581593137135372473880595613737337630629752577346147039284030082593490776630572584959954205336880228469
dp = 6500795702216834621109042351193261530650043841056252930930949663358625016881832840728066026150264693076109354874099841380454881716097778307268116910582929
dq = 783472263673553449019532580386470672380574033551303889137911760438881683674556098098256795673512201963002175438762767516968043599582527539160811120550041
c = 24722305403887382073567316467649080662631552905960229399079107995602154418176056335800638887527614164073530437657085079676157350205351945222989351316076486573599576041978339872265925062764318536089007310270278526159678937431903862892400747915525118983959970607934142974736675784325993445942031372107342103852

I = gmpy2.invert(q,p)
mp = pow(c,dp,p)
mq = pow(c,dq,q)
m = (((mp-mq)*I)%p)*q+mq
print(hex(m))

得出16进制数,直接16进制转字符串,得到flag

flag{W31c0m3_70_Ch1n470wn}

25.凯撒?替换?呵呵!

把这串字符,凯撒解密,发现没有正确flag,于是到https://quipqiup.com/
flag
破解出的第一个去掉多余空格,转小写,得到flag

flag{substitutioncipherdecryptionisalwayseasyjustlikeapieceofcake}

26.old-fashion

词频分析,替换密码,到https://quipqiup.com/
flag
得到flag

flag{n1_2hen-d3_hu1-mi-ma_a}

27.权限获得第一步

得到一段加密密码,到https://cmd5.com/解密,
解密到最后一串密码的时候得到flag
flag

flag{3617656}

28.[BJDCTF 2nd]灵能精通-y1ng

得到一个图片,经过百度搜索图案,是猪圈密码的变形圣堂武士密码
flag
得到flag

flag{IMKNIGHTSTEMPLAR}

29.萌萌哒的八戒

猪圈密码直接对照
flag

flag{whenthepigwanttoeat}

30.RSA3

共模攻击
脚本

import  gmpy2
import  binascii
import  rsa
import math
from Crypto.Util import number
def exgcd(m, n, x, y):
    if n == 0:
        x = 1
        y = 0
        return (m, x, y)
    a1 = b = 1
    a = b1 = 0
    c = m
    d = n
    q = int(c / d)
    r = c % d
    while r:
        c = d
        d = r
        t = a1
        a1 = a
        a = t - q * a
        t = b1
        b1 = b
        b = t - q * b
        q = int(c / d)
        r = c % d
    x = a
    y = b
    return (d, x, y)
    c1=22322035275663237041646893770451933509324701913484303338076210603542612758956262869640822486470121149424485571361007421293675516338822195280313794991136048140918842471219840263536338886250492682739436410013436651161720725855484866690084788721349555662019879081501113222996123305533009325964377798892703161521852805956811219563883312896330156298621674684353919547558127920925706842808914762199011054955816534977675267395009575347820387073483928425066536361482774892370969520740304287456555508933372782327506569010772537497541764311429052216291198932092617792645253901478910801592878203564861118912045464959832566051361
c2=18702010045187015556548691642394982835669262147230212731309938675226458555210425972429418449273410535387985931036711854265623905066805665751803269106880746769003478900791099590239513925449748814075904017471585572848473556490565450062664706449128415834787961947266259789785962922238701134079720414228414066193071495304612341052987455615930023536823801499269773357186087452747500840640419365011554421183037505653461286732740983702740822671148045619497667184586123657285604061875653909567822328914065337797733444640351518775487649819978262363617265797982843179630888729407238496650987720428708217115257989007867331698397
e1=11187289
e2=9647291
n=22708078815885011462462049064339185898712439277226831073457888403129378547350292420267016551819052430779004755846649044001024141485283286483130702616057274698473611149508798869706347501931583117632710700787228016480127677393649929530416598686027354216422565934459015161927613607902831542857977859612596282353679327773303727004407262197231586324599181983572622404590354084541788062262164510140605868122410388090174420147752408554129789760902300898046273909007852818474030770699647647363015102118956737673941354217692696044969695308506436573142565573487583507037356944848039864382339216266670673567488871508925311154801
ans=exgcd(e1,e2,0,0)
s1=ans[1]
s2=ans[2]
m=(gmpy2.powmod(c1,s1,n)*gmpy2.powmod(c2,s2,n))%n
print(number.long_to_bytes(m))

flag

flag{49d91077a1abcb14f1a9d546c80be9ef}

31.[BJDCTF 2nd]Y1nglish-y1ng

网站https://quipqiup.com/解密
flag
根据提示得到flag

BJD{pyth0n_Brut3_f0rc3_oR_quipquip_AI_Cr4ck}

32.世上无难事

根据提示

1.找到key作为答案提交
2.答案是32位
3.包含小写字母
到网站https://quipqiup.com/

flag{640e11012805f211b0ab24ff02a1ed09}

33.RSA2

类型:dp+n+e+c = m dp泄露

import gmpy2
n = 248254007851526241177721526698901802985832766176221609612258877371620580060433101538328030305219918697643619814200930679612109885533801335348445023751670478437073055544724280684733298051599167660303645183146161497485358633681492129668802402065797789905550489547645118787266601929429724133167768465309665906113
e = 65537
c = 140423670976252696807533673586209400575664282100684119784203527124521188996403826597436883766041879067494280957410201958935737360380801845453829293997433414188838725751796261702622028587211560353362847191060306578510511380965162133472698713063592621028959167072781482562673683090590521214218071160287665180751
dp = 905074498052346904643025132879518330691925174573054004621877253318682675055421970943552016695528560364834446303196939207056642927148093290374440210503657
for i in range(1, e):
    if (dp * e - 1) % i == 0:
        if n % (((dp * e - 1) // i) + 1) == 0:
            p = ((dp * e - 1) // i) + 1
            q = n // (((dp * e - 1) // i) + 1)
            phi = (q - 1) * (p - 1)
            d = gmpy2.invert(e, phi)
            m = pow(c, d, n)
print(m)
print(hex(m)[2:])
flag = hex(m)[2:]
print(bytes.fromhex(flag))


flag{wow_leaking_dp_breaks_rsa?_98924743502}

34.RSA

分解key文件得到n,到http://www.factordb.com/得到p和q

import gmpy2
import rsa

e = 65537
n = 86934482296048119190666062003494800588905656017203025617216654058378322103517
p = 285960468890451637935629440372639283459
q = 304008741604601924494328155975272418463

phin = (p - 1) * (q - 1)
d = gmpy2.invert(e, phin)

with open('flag.enc','rb') as f:
    f = f.read()
    print rsa.decrypt(f,rsa.PrivateKey(n,e,int(d),p,q))

得到flag

flag{decrypt_256}

35.异性相吸

两个文件,16进制查看,转为2进制

a = '0110000101110011011000010110010001110011011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011100010111011101100101011100110111000101100110'
b = '0000011100011111000000000000001100001000000001000001001001010101000000110001000001010100010110000100101101011100010110000100101001010110010100110100010001010010000000110100010000000010010110000100011000000110010101000100011100000101010101100100011101010111010001000001001001011101010010100001010000011011'
c = ''
for i in range(len(a)):
    if(a[i] == b[i]):
        c+='0'
    else:
        c+='1'
print(c)

得到一串二进制,转字符串,得到flag
flag

flag{ea1bc0988992276b7f95b54a7435e89e}

36.还原大师

md5爆破

import hashlib

k = 'TASC?O3RJMV?WDJKX?ZM'
for i in range(26):
temp1 = k.replace('?',str(chr(65+i)),1)
for j in range(26):
    temp2 = temp1.replace('?',chr(65+j),1)
    for n in range(26):
        temp3 = temp2.replace('?',chr(65+n),1)
        s = hashlib.md5(temp3.encode('utf8')).hexdigest().upper()
        if s[:4] == 'E903':
            print (s) 


flag{E9032994DABAC08080091151380478A2}

37.[GKCTF2020]汉字的秘密

是当铺密码,笔画中有几个出头的就对应着数字几

a = '田口由中人工大土士王夫井羊壮'
b = '00123455567899'

cip = '王壮 夫工 王中 王夫 由由井 井人 夫中 夫夫 井王 土土 夫由 土夫 井中 士夫 王工 王人 土由 由口夫'
s = ''
for i in cip:
    if i in a:
        s += b[a.index(i)]
    else:
        s += ' '
#print(s)

ll = s.split(" ")
t = ''
for i in range(0,len(ll)):
    t += chr(int(ll[i])+i+1)
print(t.lower())


flag{you_are_good}

38.RSAROLL

类型:n+e+c+p+q= m + n分解
http://www.factordb.com/分解
flag

# -*-coding:utf-8-*-

import gmpy2

N,p,q,e=920139713,18443,49891,19
d=gmpy2.invert(e,(p-1)*(q-1))
result=[]

with open("1.txt","r") as f:
    for line in f.readlines():
        line=line.strip('\n')#
        result.append(chr(pow(int(line),d,N)))

for i in result:
    print (i,end='')

1.txt里放
flag
得到flag

flag{13212je2ue28fy71w8u87y31r78eu1e2}

39.robomunication

用audacity打开
听起来像摩斯密码,得到

.... . .-.. .-.. --- .-- .... .- - .. ... - .... . -.- . -.-- .. - .. ... -... --- --- -... . . .--.

解密得到

hellowhatisthekeyitisboobeep

flag是boobeep,改为大写提交

flag{BOOPBEEP}

40.Unencode

http://ctf.ssleye.com/uu.html直接解密,得到flag

flag{dsdasdsa99877LLLKK}

最后修改:2021 年 06 月 04 日 09 : 21 AM
如果觉得我的文章对你有用,请随意赞赏