HGAME—2024—week1

HGAME 2024网络攻防大赛—week1部分题目题解

web

2048*16

题目hint说达到要求分数即可得到flag，猜测是改网页源码，让游戏直接win

查看网页源码，应该是被混淆了，但是题目给出了游戏的原版网页

看原版网页的源码，找到

里面判断出win = !1就是游戏输赢的判断，改成1就可以，对照原版网页去改混淆过的网页

对应this[x(460)] = !1这句

改源码后本地创建同样目录，进行替换

因为调试时断点非常多，所以调试时取消断点

启用调式，刷新页面，等待几秒后就出现flag

ezHTTP

启动时，提示访问从vidar.club查看

用hackbar添加一个Referer

添加后提示

这是一个明显的UA头

改UA后提示从本地访问，加了XFF后不行，从网上查找得知UA还有别的添加方式

添加X-Real-IP:127.0.0.1，后提示Ok, the flag has been given to you ^-^，但是没有找到flag，猜测藏在源码里

找到响应头里有个字符串，base64解码后出flag

reverse

ezASM

汇编代码

加密就是这个异或flag，密文也已经给出

exp：

1
2
3

v = [74, 69, 67, 79, 71, 89, 99, 113, 111, 125, 107, 81, 125, 107, 79, 82, 18, 80, 86, 22, 76, 86, 125, 22, 125, 112, 71, 84, 17, 80, 81, 17, 95, 34]
for i in range(len(v)):
    print(chr(v[i] ^ 0x22),end='')

ezPYC

解包后反编译

# Version: Python 3.11

flag = [
    87,
    75,
    71,
    69,
    83,
    121,
    83,
    125,
    117,
    106,
    108,
    106,
    94,
    80,
    48,
    114,
    100,
    112,
    112,
    55,
    94,
    51,
    112,
    91,
    48,
    108,
    119,
    97,
    115,
    49,
    112,
    112,
    48,
    108,
    100,
    37,
    124,
    2]
c = [
    1,
    2,
    3,
    4]
input = input('plz input flag:')

不知道是不是反编译没成功，信息有点少，但是猜测加密就是key和flag逐个异或

exp：

flag = [
    87,
    75,
    71,
    69,
    83,
    121,
    83,
    125,
    117,
    106,
    108,
    106,
    94,
    80,
    48,
    114,
    100,
    112,
    112,
    55,
    94,
    51,
    112,
    91,
    48,
    108,
    119,
    97,
    115,
    49,
    112,
    112,
    48,
    108,
    100,
    37,
    124,
    2]
c = [
    1,
    2,
    3,
    4]
for i in range(len(flag)):
    print(chr(flag[i]^c[i%4]),end='')

ezUPX

upx壳

脱壳后用IDA打开

int __cdecl main(int argc, const char **argv, const char **envp)
{
  int v3; // edx
  __int64 i; // rax
  __int128 v6[2]; // [rsp+20h] [rbp-38h] BYREF
  int v7; // [rsp+40h] [rbp-18h]

  memset(v6, 0, sizeof(v6));
  v7 = 0;
  sub_140001020("plz input your flag:\n");
  sub_140001080("%36s");
  v3 = 0;
  for ( i = 0i64; (*((_BYTE *)v6 + i) ^ 0x32) == byte_1400022A0[i]; ++i )
  {
    if ( (unsigned int)++v3 >= 37 )
    {
      sub_140001020("Cooool!You really know a little of UPX!");
      return 0;
    }
  }
  sub_140001020("Sry,try again plz...");
  return 0;
}

byte_1400022A0[i]是密文，加密也就只有一个异或0x32

exp：

v = [0x64, 0x7B, 0x76, 0x73, 0x60, 0x49, 0x65, 0x5D, 0x45, 0x13,
  0x6B, 0x02, 0x47, 0x6D, 0x59, 0x5C, 0x02, 0x45, 0x6D, 0x06,
  0x6D, 0x5E, 0x03, 0x46, 0x46, 0x5E, 0x01, 0x6D, 0x02, 0x54,
  0x6D, 0x67, 0x62, 0x6A, 0x13, 0x4F, 0x32]
for i in range(len(v)):
    print(chr(v[i]^0x32),end='')

ezIDA

逆向签到题，IDA打开就有

crypto

ezRSA

attachment.py

from Crypto.Util.number import *
from secret import flag
m=bytes_to_long(flag)
p=getPrime(1024)
q=getPrime(1024)
n=p*q
phi=(p-1)*(q-1)
e=0x10001
c=pow(m,e,n)
leak1=pow(p,q,n)
leak2=pow(q,p,n)

print(f'leak1={leak1}')
print(f'leak2={leak2}')
print(f'c={c}')

"""
leak1=149127170073611271968182576751290331559018441805725310426095412837589227670757540743929865853650399839102838431507200744724939659463200158012469676979987696419050900842798225665861812331113632892438742724202916416060266581590169063867688299288985734104127632232175657352697898383441323477450658179727728908669
leak2=116122992714670915381309916967490436489020001172880644167179915467021794892927977272080596641785569119134259037522388335198043152206150259103485574558816424740204736215551933482583941959994625356581201054534529395781744338631021423703171146456663432955843598548122593308782245220792018716508538497402576709461
c=10529481867532520034258056773864074017027019578041866245400647840230251661652999709715919620810933437191661180003295923273655675729588558899592524235622728816065501918076120812236580344991140980991532347991252705288633014913479970610056845543523591324177567061948922552275235486615514913932125436543991642607028689762693617305246716492783116813070355512606971626645594961850567586340389705821314842096465631886812281289843132258131809773797777049358789182212570606252509790830994263132020094153646296793522975632191912463919898988349282284972919932761952603379733234575351624039162440021940592552768579639977713099971
"""

exp:

import gmpy2 as gp
import binascii
p = 149127170073611271968182576751290331559018441805725310426095412837589227670757540743929865853650399839102838431507200744724939659463200158012469676979987696419050900842798225665861812331113632892438742724202916416060266581590169063867688299288985734104127632232175657352697898383441323477450658179727728908669
q = 116122992714670915381309916967490436489020001172880644167179915467021794892927977272080596641785569119134259037522388335198043152206150259103485574558816424740204736215551933482583941959994625356581201054534529395781744338631021423703171146456663432955843598548122593308782245220792018716508538497402576709461
e = 0x10001
c = 10529481867532520034258056773864074017027019578041866245400647840230251661652999709715919620810933437191661180003295923273655675729588558899592524235622728816065501918076120812236580344991140980991532347991252705288633014913479970610056845543523591324177567061948922552275235486615514913932125436543991642607028689762693617305246716492783116813070355512606971626645594961850567586340389705821314842096465631886812281289843132258131809773797777049358789182212570606252509790830994263132020094153646296793522975632191912463919898988349282284972919932761952603379733234575351624039162440021940592552768579639977713099971

n = p*q
phi = (p-1)*(q-1)
d = gp.invert(e,phi)
m = pow(c,d,n)
print(m)
print(bytes.fromhex(hex(m)[2:]))

ezMath

attachment.py

from Crypto.Util.number import *
from Crypto.Cipher import AES
import random,string
x = 3058389164815894335086675882217709431950420307140756009821362546111334285928768064662409120517323199
y = 9037815138660369922198555785216162916412331641365948545459353586895717702576049626533527779108680
enc=b"\xce\xf1\x94\x84\xe9m\x88\x04\xcb\x9ad\x9e\x08b\xbf\x8b\xd3\r\xe2\x81\x17g\x9c\xd7\x10\x19\x1a\xa6\xc3\x9d\xde\xe7\xe0h\xed/\x00\x95tz)1\\\t8:\xb1,U\xfe\xdec\xf2h\xab`\xe5'\x93\xf8\xde\xb2\x9a\x9a"

def pad(x):
    return x+b'\x00'*(16-len(x)%16)
def encrypt(KEY):
    cipher= AES.new(KEY,AES.MODE_ECB)
    encrypted =cipher.decrypt(enc)
    return encrypted
D = 114514
assert x**2 - D * y**2 == 1
key=pad(long_to_bytes(y))[:16]
flag=encrypt(key)
print(flag)
#enc=b"\xce\xf1\x94\x84\xe9m\x88\x04\xcb\x9ad\x9e\x08b\xbf\x8b\xd3\r\xe2\x81\x17g\x9c\xd7\x10\x19\x1a\xa6\xc3\x9d\xde\xe7\xe0h\xed/\x00\x95tz)1\\\t8:\xb1,U\xfe\xdec\xf2h\xab`\xe5'\x93\xf8\xde\xb2\x9a\x9a"

解佩尔方程得到y

exp:

from math import ceil,floor,sqrt

def pell_minimum_solution(n):
    a = []
    m = floor(sqrt(n))
    sq = sqrt(n)
    a.append(m)
    b = m
    c = 1
    i = 1
    while a[i-1] != 2 * a[0]:
        c = (n - b * b) / c
        tmp = (sq + b) / c
        a.append(floor(tmp))
        i += 1
        b = a[i-1] * c - b
    p = 1
    q = 0
    for j in range(i-2,-1,-1):
        t = p
        p = q + p * a[j]
        q = t
    if (i-1) % 2 == 0:
        x0 = p
        y0 = q
    else:
        x0 = 2 * p ** 2 + 1
        y0 = 2 * p * q
    return x0,y0

print(pell_minimum_solution(114514))

from Crypto.Util.number import *
from Crypto.Cipher import AES
import random,string
x = 3058389164815894335086675882217709431950420307140756009821362546111334285928768064662409120517323199
y = 9037815138660369922198555785216162916412331641365948545459353586895717702576049626533527779108680
enc=b"\xce\xf1\x94\x84\xe9m\x88\x04\xcb\x9ad\x9e\x08b\xbf\x8b\xd3\r\xe2\x81\x17g\x9c\xd7\x10\x19\x1a\xa6\xc3\x9d\xde\xe7\xe0h\xed/\x00\x95tz)1\\\t8:\xb1,U\xfe\xdec\xf2h\xab`\xe5'\x93\xf8\xde\xb2\x9a\x9a"

def pad(x):
    return x+b'\x00'*(16-len(x)%16)
def encrypt(KEY):
    cipher= AES.new(KEY,AES.MODE_ECB)
    encrypted =cipher.decrypt(enc)
    return encrypted
D = 114514
assert x**2 - D * y**2 == 1
key=pad(long_to_bytes(y))[:16]
flag=encrypt(key)
print(flag)

misc

签到

查看图片是一堆字符叠在一起，将图片拉伸一下得到flag

simple_attack

zip被加密了

查看zip里面刚好有这张图片

明文攻击，将jpg压缩后用appr进行明文攻击，得到解密后的压缩包内容

图像base64解码

希儿希儿希尔

附件得到一个png图片，打不开，进行crc32校验

crc爆破宽高

import binascii
import struct

crcbp = open("secret.png", "rb").read()  # 打开图片
crc32frombp = int(crcbp[29:33].hex(), 16)  # 读取图片中的CRC校验值
print(crc32frombp)

for i in range(4000):  # 宽度1-4000进行枚举
    for j in range(4000):  # 高度1-4000进行枚举
        data = crcbp[12:16] + \
               struct.pack('>i', i) + struct.pack('>i', j) + crcbp[24:29]
        crc32 = binascii.crc32(data) & 0xffffffff
        if (crc32 == crc32frombp):  # 计算当图片大小为i:j时的CRC校验值，与图片中的CRC比较，当相同，则图片大小已经确定
            print(i, j)
            print('hex:', hex(i), hex(j))
            exit(0)
#303792205
#1394 1999
#hex: 0x572 0x7cf

修改宽高后，使用binwalk看看能不能提取出什么内容

提取出txt，应该就是密文，根据题目hint，应该是希尔密码，那么还需要key

用Stegsolve看看有没有什么信息

lsb隐写拿到key，最后希尔密码解密密文得到flag

来自星辰的问候

jpg文件，使用stegdetect查看是什么加密

stegdetect查出来是jphide，使用jphs解密发现需要口令

用steghide爆破出口令

steghide本身不提供爆破功能，需要用额外的脚本来完成这个功能

#bruteStegHide.sh 
#!/bin/bash

for line in `cat $2`;do
    steghide extract -sf $1 -p $line > /dev/null 2>&1
    if [[ $? -eq 0 ]];then
        echo 'password is: '$line
        exit
    fi  
done

爆破得到来自星辰文字图片

有点难懂，但是根据hint，需要去官网找对照表

到官网f12，找到对照文件，译出密码

web

2048*16

ezHTTP

reverse

ezASM

ezPYC

ezUPX

ezIDA

crypto

ezRSA

ezMath

misc

签到

SignIn

simple_attack

希儿希儿希尔

来自星辰的问候