第六届信息安全与网络攻防竞赛WP

计算机-李灿-202408064310

misc

比赛须知

![](C:\Users\21649\Pictures\Screenshots\屏幕截图 2024-12-22 134835.png)

全选变颜色

隐藏的加密标志

打开以后发现是一段有空格,特殊重叠的文本,猜测是零宽隐写,得到隐文以后,发现是base64编码,解码以后得到flag

![](C:\Users\21649\Pictures\Screenshots\屏幕截图 2024-12-22 135250.png)

![](C:\Users\21649\Pictures\Screenshots\屏幕截图 2024-12-22 135309.png)

EZ-antsword

将流量包放在wireshark中追踪http流

image-20241222155422485

decode

先进行凯撒解密,逐次去尝试偏移量,然后把解码后的结果放在随波逐流进行解码

ing

将图片拖入图片隐藏信息网站

![2ae0775f54781eff4e6aa09ba03f4d6](C:\Users\21649\Documents\WeChat Files\wxid_riesr7t61bvs22\FileStorage\Temp\2ae0775f54781eff4e6aa09ba03f4d6.jpg)

密码学

简单恺撒

打开文件以后发现是一段类似flag形式的字母,根据题目进行恺撒解密,由于偏移量不知道,可以一个个试,当偏移量为5时,得到flag

![](C:\Users\21649\Pictures\Screenshots\屏幕截图 2024-12-22 135744.png)

hash

将文件中四个片段分别进行md5解密

解得分别是 dum hackers vs md5

拼凑在一起得到flag

dqdp

exp

from Crypto.Util.number import long_to_bytes import gmpy2 c =

95272795986475189505518980251137003509292621140166383887854853863720692420204142448424074834657149326853553097626486371206617513769930277580823116437975487148956107509247564965652417450550680181691869432067892028368985007229633943149091684419834136214793476910417359537696632874045272326665036717324623992885

p = 11387480584909854985125335848240384226653929942757756384489381242206157197986555243995335158328781970310603060671486688856263776452654268043936036556215243

q = 12972222875218086547425818961477257915105515705982283726851833508079600460542479267972050216838604649742870515200462359007315431848784163790312424462439629

dp = 8191957726161111880866028229950166742224147653136894248088678244548815086744810656765529876284622829884409590596114090872889522887052772791407131880103961

dq = 3570695757580148093370242608506191464756425954703930236924583065811730548932270595568088372441809535917032142349986828862994856575730078580414026791444659
def crt_decrypt(c, p, q, dp, dq):
m1 = pow(c, dp, p)
m2 = pow(c, dq, q)

q_inv = gmpy2.invert(q, p)
p_inv = gmpy2.invert(p, q)
h = (q_inv * (m1 - m2)) % p
m = m2 + h * q
return mm = crt_decrypt(c, p, q, dp, dq)
decrypted_message = long_to_bytes(m)
print(f”Decrypted message: {decrypted_message.decode(‘utf-8’)}”)

最简单的rsa

exp

from sympy import mod_inverse
p = 17640059727611604989

q = 16047050854299782197

n = 283070935521868989079397739112298580833

e = 5 c = 145201805583017946226008699617573671555
phi_n = (p - 1) * (q - 1)
d = mod_inverse(e, phi_n)
m = pow(c, d, n)
message = m.to_bytes((m.bit_length() + 7) // 8, ‘big’).decode(‘utf-8’)
print(“解密后的消息:”, message)

web

猜数字

直接看网页的源代码,寻找flag,找到flag后面字母是base64,进行base64解码,得到flag

image-20241222160745368

![](C:\Users\21649\Pictures\Screenshots\屏幕截图 2024-12-22 140126.png)

pwn

this is for you

将网址复制,放在虚拟机,进行查找flag

reverse

easyre

upx脱壳shift加f12查看字符串。

map

跟据地图

根据键盘上的上为w,下为s,左为a,右为d,的顺序,选出最短的路径,然后将得到的字母进行MD5加密得到结果为0105cbd4e70f11b6a982b82f43ad6272

xor

![7473edb667ba659e894abfd0e737d3e](C:\Users\21649\Documents\WeChat Files\wxid_riesr7t61bvs22\FileStorage\Temp\7473edb667ba659e894abfd0e737d3e.png)

发现是异或,将代码输入异或解密网站进行解密,得到flag