CTF-HWSCTF2023 Winter WP

Reverse

easyre

用了多线程检查结果

密钥通过动调得到，srand应该在某个地方调用了但是没找到。

#include "stdio.h"

typedef u_int32_t uint32_t;

void decipher(unsigned int num_rounds, uint32_t v[2], uint32_t const key[4])
{
    unsigned int i;
    uint32_t v0 = v[0], v1 = v[1], delta = 0x9E3779B9, sum = delta * num_rounds;
    for (i = 0; i < num_rounds; i++)
    {
        v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + key[(sum >> 11) & 3]);
        sum -= delta;
        v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + key[sum & 3]);
    }
    v[0] = v0;
    v[1] = v1;
}

int main()
{
    unsigned char sec[32] = {
        0x34, 0x9B, 0xB2, 0xC0, 0x6A, 0xAF, 0x30, 0xEF, 0x38, 0xB2, 0xCC, 0x98, 0x95, 0xF1, 0xB6, 0x85,
        0x85, 0x06, 0x48, 0xA2, 0x59, 0x9B, 0x3D, 0xA6, 0x1E, 0xC7, 0x91, 0xF1, 0x7B, 0x76, 0x90, 0x67};

    uint32_t k[4] = {0x29, 0x4823, 0x18be, 0x6784};

    for (int i = 0; i < 32; i += 8)
    {
        decipher(32, (uint32_t *)(sec + i), k);
    }
    for (int i = 0; i < 32; i++)
    {
        printf("%c", sec[i]);
    }
}

babyre

在b.a中进行了代码注入，找到被加密的enc文件和加密逻辑，异或52，得到注入dex，再在jeb打开

发现是aes

写个java解密下

package org.example;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

public class Main {



    String Encrypt(String sSrc) {
        try {
            Cipher v1 = Cipher.getInstance("AES/CBC/PKCS5Padding");
            v1.init(1, new SecretKeySpec("FV8aOaQiak6txP09".getBytes("utf-8"), "AES"), new IvParameterSpec("2Aq7SR5268ZzbouE".getBytes()));

            return Base64.getEncoder().encodeToString(v1.doFinal(sSrc.getBytes()));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
    static String Decrypt(String sSrc) {
        try {
            byte[] k = Base64.getDecoder().decode(sSrc.getBytes());
            Cipher v1 = Cipher.getInstance("AES/CBC/PKCS5Padding");
            v1.init(Cipher.DECRYPT_MODE, new SecretKeySpec("FV8aOaQiak6txP09".getBytes("utf-8"), "AES"), new IvParameterSpec("2Aq7SR5268ZzbouE".getBytes()));

            return new String(v1.doFinal(k), StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
    public static void main(String[] args) {
        System.out.println(Decrypt("9Kz3YlSdD3lB9KoxeKxXQT4YOEqJTVIuNU+IjW4iFQzjpU+NikF/UqCOsL+1g4eA"));
    }
}

Misc

sound from somewhere

rxsstv

Crypto

numbers game

随机数漏洞

import hashlib
from extend_mt19937_predictor import ExtendMT19937Predictor
k1 = ['d5d97afad7ef619b4badd8d2da10ee24', '67f4660a8335fb9f4152a9fbc44c9c77', '8cd43c85ebe9cc7036a37f47ccd1d1e4', 'ee3e8c62e8b0100027589d6de82677ef', '463bb2f3731ad0e786302bf78da08330', 'e245b1852a3b92734e46eb3421bd76c9', '0b74736786b4ab94651e3b706a548e55', '79cb596b28c2b4e02738f93b5bfbe0d3', '5a9c46837952952045564b5b395acad1', 'd3c2d90a05d1a059fbeba4a05a608798', '4da0306c8ab58097d2fef9114e6fcb6d', '9707fabbd3c96de66917f15998ac9201', '9dd3e46fc930abfb523fe31e8ee8a658', '3716a8fd05f7388e7151d09431e61ee1', '9acf027679a6d7a674a43dee4f5bea35', '78702a2b125a940519337b1bf50aff8a', '262cf3b8c8072a602048a24756c83fcf', '092f8d227ec583c4734a6f449de521a3', '712aa300302b57fed458553426348fce', '834d4a0ea451cc04b469636b18c56435', '754b5284b14402c61e3b1e56cb2d41e9', '51d742ca6a341032afcb5dc645f54bfa', 'c1a33d104f47e33d6932905b483a2018', '3def7c2a14cff6b2864a2100956df07f', '7e3606e4ec1c99fe5a8593ae44f25a70', '404c6139570883dbab8e5a299d7a5017', 'f07597079e1b68ebb4e2d16b83b7b484', '0723daf5c65f8ba6cd6e43fcdf9d18dc', '4c54db12829f165837384b66978e8438', 'cd056e64e1f31461cab2e66ece9d3278', '2f6ae16fab122cbce240e32464a1ab57', 'f86e0e9ee23498340f62d8617f6f5218', 'af4ebe2535885c783c89f8d8c4815076', 'c8eae5b5c7aca2c5fdb4f284e2cf65c5', 'bec0d8ecabedd9811a8ecb6052b21d8c', '731bd3421b6517aa101357fe1c49caf3', '344f4a26cdaf1a782d9b32208e1a3e92', '892b1741d304878461dd0774a335ea3d', '56e2a484ca40f43e059bf5f0bd822bdc', 'd7c0762df71b31c14654147fb9a0595c', '57016a179ba5509f6b04a161ac628b34', 'e49a2d573522c1ee3e8348ceca0295a4', '4b0f49c7e6469e82832e9cc90b9e17c0', 'eadc9d0c8b75127fe0a7f71881de1ea7', 'db9fe5537768207bd8cdf770bcd42dfa', 'ba2f57578752628d1ecac419b3a8bc36', '3752e70b5d2b578a8d412d84aab43705', '54e97795df8781c776cbb1ce4f5f31fc', '32794880abc9f68102c24e92ad9c7cd5',
      'b5eb7e651ca298f6873694c47d1cd3da', 'a188934777d2c67e3d59692135005497', '34c308fa1644b387169ea88c1b575490']
k2 = ['2eebed894580fb900c3615d4866150e68322ff4d48e7509f85ff4543969b0cf6', '017aefd63b4ce14eb376161902d92894a15f680e7b055ce25c3b02c6b49db0a6', 'e12d945904032887c967ae03a48c8b096abc79dc64134d872693599d4f6c91cc', '0f8957f365f53a7209baa852905c5da5dba54ddb403ab17a4c9b3a051540d49c', '091e3e41815cd32f482f2cf54ac3338fc918c2a657896af1aa1b23ea528664f4', '5916cd18e8c48c545232112f2179aa7a722350a8a0ced4f1363cc61bc9d83630', '37702710d47a1c17278743253123f6eac85b16d9393432ec65100143bc8657e8', 'c3a7006293c48957cba5c010f945483cfdc47650a79d0e8a8a9a52c174244a10', 'e1a90a475dd21da64d64ea1dd50a82a622061d08e9d4b3016982c4a0b42f1251', '2f40ff85024765e58ed175927c53e0a279cda96ce755b602f89bfc171108ba3d', 'f4f8337dd7267d02638a9cc531c8a02fe0316dd5ff6f8c8aec898c060c6fb217', '0df2f3fe1eb976944a2de5729fca4a12b83c8329b4f514869856ebb94b7d7bf9', 'abb2f1277b1cb5ad07254b7f7ed346bcdb73282b306123ce0b5befe42a9e796d', '6ef31ed6a2a465bcd146c2438bf391bfd9f3187cf54afae512220a7a94714bf3', '6981f99ba288923a5cd68908ecc8795bf301f1e7d081ac6580a63902fd52da01', 'b6b07975697de1c0342e3711b59165b849125794ef2541c6c60dcf40e689df7b', '20e3af3a2bcedfd15199975cc9edcde14cb13fdff3ea0607a4747601e500aede', '606aa1daf188b9dd5fd6141312f1828846f92baa519e70e5c6923a352421fe2f', '1dc6a60112e99c5b884c0bb5430a7a54eba8aef34fada9cb96bce79a22456cf2', 'fd81e36f576119a19185cd12e87544b42f9fcc3dcb5e7ba282b1a128d73d63c5', '7a01e947ca012a5c9a8dd20e693a7788cd6157a5c3fce5fa7c7e09014ea3266e', 'ccd162b182c773062514ffc3551ed47f32293700083782d902efc55b1e9795c6', 'dbb6115aefd2638eebf44d3be6e9525e09ff036269d954469a0f925b496327a7', 'ac08696fe64bb5e58cd3e558463213ca08ab7805e33f45459ae14b35fc5858c6', '6e1594596ad1c656635af29d14b22a5ed10e545442eea5f4e056e20d11aa33b3', '4afd17e64562603c66ce0ca42d544ca48511c3d560f9180c231a9ccb28a0e55e', '06b2d2b24ca626e18fdcb3196e989e3b05150500815511f48200ddea9aacda48', '947a11e8258fd161d02b0eb1b2e8fcd9ff1684a7c75f7c506ddee91f08316f56', 'a0e58b15736cab055be1d03860dedb6b8136f6739308c2e0ef6a7490c6b4a1f1', '31476f64f96d72a398e7eb789068b8cfd61ed9cac95d76824a2bbf5b682ea72d', '974259198846a4849d318afd325d860a6e40dfd39e1ed8c7b6d87c990e35efcf', 'e93d02ba7079c488c30e377794b4fcc62eeafb6c3f02197f1ebc059e3e5f7f07', 'ded96eec0d25c05a54671a001bcd99f5c6d3991d2fdf80afb8f0861a44f3fd64', '86f34c1da65f07634de7c302a6df306dd545806022411a318900bd33b0aff9bd', '59baf4cf3d3b85fcdefd1a9b60c3d78926ff73650ac375c616b30fe9063b377d', '02f2ee251ecc19fa52dd42c0e0b609bc2e7a8ae11ce6ca35396a4bc74d12ac63', '597d09b4c43012b1b4b040d8c62d5fb02d1c4249de4eea06e1447000ba53f50c', 'bb87bd8e1903db2df41c349914e9f3591bb032400be6e86ed10e7d292243a374', 'cec38960069fdc8090cfbdd166e15ec8a77ce5b4d6b350805a63d2b54cbf0187', '1439d35a9c0caa9cacabe8e6179a02d51ebb9fb51125d5eeaba47ff6b8abcc97', '820d72d49e0fd86ef47b022a3091b326be8b0d2a42f87cbc918737b9972ea62f', 'e625e82100031fa4a4410700034859cd4b35c086f5ac2870c6909c16a6831bfc', 'f0e22f5167d29331351e1718c17b5420f6a29d84357273e1bfb24c2ff34fa675', 'a5a7991f0c5c6a44f68c5c18661611057dbabeff7847623315ce784095645f75', '07cd3f5c5c690214af5feda27b3aec257543a8f96bc509805028a0e95c5d98c6',
      '6e5dd4405c1b446b9530e4d9356c05b71d1bfcf8a79778588143c3b6fec3fded', 'a33f821d277e6f73c09a5ecd14cef80bac29ffe2b917225c27725d2447ac0489', 'c18a4a02dd1f7ee65bf5596c53549c286a754afb0e3b90b2369cdd1e43c0b986', '6b8df66aa27b40ca275bc133958b5d543167edf919e7e623a496c9afbf7594d6', 'c48124eeef995c7bb705bd240a26dbf6bdbe42ba29addf7ac78fa28dbed3debe', '040eef11dc6e0f3bb3e58e12d2a57ee274071a9c6224f27db70e19a8aa7d4df2', '4ecd0a955e52657fab8dfdac2df4d805f1d08b031df8bce22ac01fe20ca72c5b']


pre = ExtendMT19937Predictor()

for i in range(52):
    pre.setrandbits(int(k1[i], 16), 128)
    pre.setrandbits(int(k2[i], 16), 256)

_ = [pre.backtrack_getrandbits(32) for _ in range(624)]

s2 = pre.backtrack_getrandbits(256)
s1 = pre.backtrack_getrandbits(128)

s1 = hex(s1)[2:].zfill(32)
s2 = hex(s2)[2:].zfill(64)


flag = hashlib.md5((s1+s2).encode()).hexdigest()
print('flag{%s}' % flag)

math

from tqdm import tqdm
from Crypto.Util.number import *
import string
def Pell(D,numbers=100):
	temp = continued_fraction(sqrt(D))
	for i in tqdm(range(numbers)):
		denom = temp.denominator(i)
		num = temp.numerator(i)
		if num^2 - D*denom^2 == 1:
			return num,denom
	return None,None
A, B = Pell(0x1337)
p=11199186558148426014734492874345932099384932524559726349180064588241518696390926354448476750322781683505497782040786332571272422812867731614415519029276349
c=['0010101111100011101101011111111001011000100110001001000000010001111011110101110011111', '0011010010010010110010011011001100110001100010101110001010001101110001100000111011010', '0110101101011101110000100001000000010001110110001010000000010110010101100100101110000', '0100111001011010000101100111100110101100011100100111011000110001111101000110110101101', '1100100110011101010011011111000101011011010000101100011001110100101000101101111110100', '1110111110001110000101100000000100111010110000001111010001101001100001010110101010001']
dit = string.printable.encode()
def check(x):
    for xx in x:
        if xx not in dit:
            return False
    return True
a, b = A, B
while 1:
    for q1 in c:
        for q2 in c:
            for q3 in c:
                for q4 in c:
                    for q5 in c:
                        for q6 in c:
                            C = int(q1 + q2 + q3 + q4 + q5 + q6, 2)
                            x = (C - b) * inverse(a, p) % p
                            flag = long_to_bytes(x)
                            if check(flag):
                                print(a, b)
                                print(flag)
                                exit()
    a, b = a * A + 0x1337 * b * B, a * B + b * A