1.md5
打开文件获得md5加密内容,直接到在线网站https://cmd5.com/ 解密得到flag
flag{admin1}2.Url编码
打开文件,一堆url编码的字符
代码语言:javascript复制flag{and 1=1}到在线网站,http://tool.chinaz.com/tools/urlencode.aspx 得到flag
代码语言:javascript复制flag{and 1=1}3.一眼就解密
根据字符串,看出是base64加密,
base64是由(A-Z、a-z、0-9、 、/)64个可见字符构成,“=”符号用作后缀填充。
解密得到flag
flag{THE_FLAG_OF_THIS_STRING}4.看我回旋踢
观察字符串格式,应该是凯撒密码,解密得到flag
flag{5cd1004d-86a5-46d8-b720-beb5ba0417e1}5.摩丝
加密方式是摩斯密码解密,直接解密,得到flag
flag{ILOVEYOU}6.[BJDCTF 2nd]签到-y1ng
观察字符串格式,为base64加密,直接解密得到flag
BJD{W3lc0me_T0_BJDCTF}7.password
观察flag包裹的是10位字符,
生日的日期占8位,那么另两位应该是名字的首字母缩写,尝试flag,正确
代码语言:javascript复制flag{zs19900315}8.变异凯撒
解密后,没发现合适的flag
凯撒加密的原理为: 凯撒加密法,或称恺撒加密、恺撒变换、变换加密,是一种最简单且最广为人知的加密技术。它是一种替换加密的技术,明文中的所有字母都在字母表上向后(或向前)按照一个固定数目进行偏移后被替换成密文。
变异的凯撒,凯撒加密与移动位数相关,那么变异可能就变在移动上了。而密文中有“_”,这个符号在字母表中是没有的,所以想到,可能是ASCII码值得变动。
根据ascll表 密文:afZ_r9VYfScOeO_UL^RWUc,看看能否与ctf 或者flag 对应上, 此时发现
代码语言:javascript复制a:97 f:102 Z:106 _:95
c:99 t:116 f:102 {:123
f:102 l:108 a:97 g:103a→f: 移动了5 f→l:移动了6, 后面依次移动了7、8。此时按照这种移动规律
代码语言:javascript复制#!/usr/bin/env python
# coding:utf-8
def b_kaisa(mstr):
j = 5
i = 0
lmstr = []
for i in range(len(mstr)):
m = ord(mstr[i]) # 将密文的第i个字母变为其ascii码值
m = m j # ascii值 j
lmstr.append(m) # 将递进后的ascii值存入列表lmstr[]
i = i 1
j = j 1
return lmstr
if __name__ == '__main__':
m_str = 'afZ_r9VYfScOeO_UL^RWUc' # 密文
lstr = []
lstr = b_kaisa(m_str)
print lstr得到
代码语言:javascript复制[102, 108, 97, 103, 123, 67, 97, 101, 115, 97, 114, 95, 118, 97, 114, 105, 97, 116, 105, 111, 110, 125]转ascll字符串,得到flag
flag{Caesar_variation}9.Quoted-printable
根据题目,得知这是Quoted-printable加密,到在线网站http://www.mxcz.net/tools/QuotedPrintable.aspx 解密,得到flag
flag{那你也很棒哦}10.Rabbit
根据题目,这是rabbit加密,到在线网站http://www.jsons.cn/rabbitencrypt/ 解密得到flag
flag{Cute_Rabbit}11.篱笆墙的影子
根据提示和字符串,推断出字符串为栅栏密码,到在线网站https://www.qqxiuzi.cn/bianma/zhalanmima.php 或者利用脚本
代码语言:javascript复制s = raw_input('请输入要解密的字符串n')
factors = [fac for fac in range(2, len(s)) if len(s)�c == 0] #取得密文长度的所有因数
for fac in factors:
flag = ''
for i in range(fac): #按一定的步长取几组字符,并连接起来,这里组数就等于步长数
flag = s[i::fac]
print(str(fac) '栏:' flag)
flag{wethinkwehavetheflag}12.RSA
RSA加密原理:http://www.ruanyifeng.com/blog/2013/06/rsa_algorithm_part_one.html 文件中得到q,p,e的值,开始写脚本,
代码语言:javascript复制# -*-coding:utf-8-*-
import gmpy2
p = 473398607161
q = 4511491
e = 17
phi = (p - 1) * (q - 1)
print gmpy2.invert(e,phi)得到flag
代码语言:javascript复制flag{125631357777427553}13.丢失的MD5
下载得到一个python脚本,运行一下,得到flag
flag{e9032994dabac08080091151380478a2}14.[BJDCTF 2nd]老文盲了
下载得到一堆字 利用文字转拼音http://www.aies.cn/pinyin2.htm
根据拼音,得到flag
代码语言:javascript复制BJD{淛匶襫黼瀬鎶軄鶛驕鳓哵}15.Alice与Bob
根据题目分析,这道题就是RSA的分解n,那串数字就是n的值,在线网站http://www.factordb.com/ 输入n的值得到q和p
又根据提示,得到了新数字:101999966233 到在线网站https://md5jiami.51240.com/ 得到flag
代码语言:javascript复制flag{d450209323a847c8d01c6be47c81811a}16.rsarsa
打开下载的文件
这是典型的rsa题,求出明文m即可得到flag 写python脚本
代码语言:javascript复制# -*-coding:utf-8-*-
import gmpy2
p = 9648423029010515676590551740010426534945737639235739800643989352039852507298491399561035009163427050370107570733633350911691280297777160200625281665378483
q = 11874843837980297032092405848653656852760910154543380907650040190704283358909208578251063047732443992230647903887510065547947313543299303261986053486569407
e = 65537
c = 83208298995174604174773590298203639360540024871256126892889661345742403314929861939100492666605647316646576486526217457006376842280869728581726746401583705899941768214138742259689334840735633553053887641847651173776251820293087212885670180367406807406765923638973161375817392737747832762751690104423869019034
n = p * q
phi = (q - 1) * (p - 1)
d = gmpy2.invert(e,phi)
m = pow(c,d,n)
print m得到flag
代码语言:javascript复制flag{5577446633554466577768879988}17.大帝的密码武器
根据下载的文件,判断是凯撒密码
凯撒密码核心就是移位,所以我们将题目中给的字符串FRPHEVGL经行1-26的移位观察(总所周知,一个单词小写字母写认识,可能大写字母写就认不出来了,所以转化成小写字母)
str1 = 'frphevgl'
num = 1 # 偏移量
for i in range(26):
print("{:<2d}".format(num), end = ' ')
for temp in str2:
if (ord(temp) num > ord('z')): # 如果超出'z',需要重新映射会a~z这26个字母上
print(chr(ord(temp) num - 26), end = '')
else:
print(chr(ord(temp) num), end = '')
num = 1
print('')得到的字符,到百度翻译查看
只有第13个是英语单词,说明位移是13
用位移13解密ComeChina,得到flag
flag{PbzrPuvan}18.Windows系统密码
打开文件,得到windows加密的密码,到网站https://cmd5.com/解密
发现只有a7fcb22a88038f35a8f39d503e7f0062能解密到flag,flag为
flag{good-luck}19.[BJDCTF 2nd]cat_flag
下载得到一个gif图,发现有两种猫,而且每行有8个猫,猜测是二进制,把不拿鸡腿的猫作为0,转为二进制后
代码语言:javascript复制01000010
01001010
01000100
01111011
01001101
00100001
01100001
00110000
01111110
01111101转字符串,得到flag
flag{M!a0~}20.[BJDCTF 2nd]燕言燕语-y1ng
看到一串字符,看起来像16进制,尝试16进制转字符串
得到维吉尼亚加密的字符和解密密码,https://baike.baidu.com/item/维吉尼亚密码/4905472?fr=aladdin 到在线网站https://www.qqxiuzi.cn/bianma/weijiniyamima.php,解密
BJD{yanzi_jiushige_shabi}21.[GKCTF2020]小学生的密码学
- 这种形式的加密手法是仿射变换,其加解密分别是:
- 所以可以得到a=11,b=6a=11,b=6,需要做的工作是根据密文c,密钥a/b密文c,密钥a/b求得明文mm。这里a−1a−1计算可以利用Python的gmpy2库中invert函数完成
- 注意仿射变换26个字母按数字0~25记,因此在需要将密文ASCII对应的数值减去97,解密完恢复成字母即加上97
- 此外,题目要求最后的flag为base64形式,因此还需借助Python的base64库中b64encode函数。需要注意的是在Python3中,字符都为unicode编码,而b64encode函数的参数为byte类型,所以必须先转码。
import gmpy2
import string
import base64
m = gmpy2.invert(11,26)
table = string.ascii_lowercase
# print table
secrt = "welcylk"
plain = ''
for i in secrt:
x = table.index(i)
j = (x-6)*m&
# print j
plain = table[j]
print plain
print base64.b64encode(plain)解出flag
代码语言:javascript复制flag{c29yY2VyeQ==}22.传统知识 古典密码
根据甲子表
代码语言:javascript复制辛卯=28 癸巳=30 丙戌=23 辛未=8 庚辰=17 癸酉=10 己卯=16 癸巳=30 甲子=60再加一个甲子(60),得到
代码语言:javascript复制88 90 83 68 77 70 76 9010进制转ascll码,得到
根据提示古典密码,根据此处得到的字符串,想到栅栏密码和凯撒密码 栅栏密码解出
根据得到的两栏,进行凯撒解密
得到了一个貌似合适的flag,提交正确
代码语言:javascript复制flag{SHUANGYU}23.信息化时代的步伐
https://baike.baidu.com/item/中文电码/2667759?fr=aladdin 到在线网站https://dianma.51240.com/ 得到flag
代码语言:javascript复制flag{计算机要从娃娃抓起}24.RSA1
根据已知的q,p,dp,dp,c求m https://blog.csdn.net/MikeCoke/article/details/105959599 写脚本
代码语言:javascript复制import gmpy2
p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229
q = 12640674973996472769176047937170883420927050821480010581593137135372473880595613737337630629752577346147039284030082593490776630572584959954205336880228469
dp = 6500795702216834621109042351193261530650043841056252930930949663358625016881832840728066026150264693076109354874099841380454881716097778307268116910582929
dq = 783472263673553449019532580386470672380574033551303889137911760438881683674556098098256795673512201963002175438762767516968043599582527539160811120550041
c = 24722305403887382073567316467649080662631552905960229399079107995602154418176056335800638887527614164073530437657085079676157350205351945222989351316076486573599576041978339872265925062764318536089007310270278526159678937431903862892400747915525118983959970607934142974736675784325993445942031372107342103852
I = gmpy2.invert(q,p)
mp = pow(c,dp,p)
mq = pow(c,dq,q)
m = (((mp-mq)*I)%p)*q mq
print(hex(m))得出16进制数,直接16进制转字符串,得到flag
代码语言:javascript复制flag{W31c0m3_70_Ch1n470wn}25.凯撒?替换?呵呵!
把这串字符,凯撒解密,发现没有正确flag,于是到https://quipqiup.com/
破解出的第一个去掉多余空格,转小写,得到flag
代码语言:javascript复制flag{substitutioncipherdecryptionisalwayseasyjustlikeapieceofcake}26.old-fashion
词频分析,替换密码,到https://quipqiup.com/
得到flag
代码语言:javascript复制flag{n1_2hen-d3_hu1-mi-ma_a}27.权限获得第一步
得到一段加密密码,到https://cmd5.com/解密, 解密到最后一串密码的时候得到flag
flag{3617656}28.[BJDCTF 2nd]灵能精通-y1ng
得到一个图片,经过百度搜索图案,是猪圈密码的变形圣堂武士密码
得到flag
代码语言:javascript复制flag{IMKNIGHTSTEMPLAR}29.萌萌哒的八戒
猪圈密码直接对照
flag{whenthepigwanttoeat}30.RSA3
共模攻击 脚本
代码语言:javascript复制import gmpy2
import binascii
import rsa
import math
from Crypto.Util import number
def exgcd(m, n, x, y):
if n == 0:
x = 1
y = 0
return (m, x, y)
a1 = b = 1
a = b1 = 0
c = m
d = n
q = int(c / d)
r = c % d
while r:
c = d
d = r
t = a1
a1 = a
a = t - q * a
t = b1
b1 = b
b = t - q * b
q = int(c / d)
r = c % d
x = a
y = b
return (d, x, y)
c1=22322035275663237041646893770451933509324701913484303338076210603542612758956262869640822486470121149424485571361007421293675516338822195280313794991136048140918842471219840263536338886250492682739436410013436651161720725855484866690084788721349555662019879081501113222996123305533009325964377798892703161521852805956811219563883312896330156298621674684353919547558127920925706842808914762199011054955816534977675267395009575347820387073483928425066536361482774892370969520740304287456555508933372782327506569010772537497541764311429052216291198932092617792645253901478910801592878203564861118912045464959832566051361
c2=18702010045187015556548691642394982835669262147230212731309938675226458555210425972429418449273410535387985931036711854265623905066805665751803269106880746769003478900791099590239513925449748814075904017471585572848473556490565450062664706449128415834787961947266259789785962922238701134079720414228414066193071495304612341052987455615930023536823801499269773357186087452747500840640419365011554421183037505653461286732740983702740822671148045619497667184586123657285604061875653909567822328914065337797733444640351518775487649819978262363617265797982843179630888729407238496650987720428708217115257989007867331698397
e1=11187289
e2=9647291
n=22708078815885011462462049064339185898712439277226831073457888403129378547350292420267016551819052430779004755846649044001024141485283286483130702616057274698473611149508798869706347501931583117632710700787228016480127677393649929530416598686027354216422565934459015161927613607902831542857977859612596282353679327773303727004407262197231586324599181983572622404590354084541788062262164510140605868122410388090174420147752408554129789760902300898046273909007852818474030770699647647363015102118956737673941354217692696044969695308506436573142565573487583507037356944848039864382339216266670673567488871508925311154801
ans=exgcd(e1,e2,0,0)
s1=ans[1]
s2=ans[2]
m=(gmpy2.powmod(c1,s1,n)*gmpy2.powmod(c2,s2,n))%n
print(number.long_to_bytes(m))
flag{49d91077a1abcb14f1a9d546c80be9ef}31.[BJDCTF 2nd]Y1nglish-y1ng
网站https://quipqiup.com/解密
根据提示得到flag
代码语言:javascript复制BJD{pyth0n_Brut3_f0rc3_oR_quipquip_AI_Cr4ck}32.世上无难事
根据提示
1.找到key作为答案提交 2.答案是32位 3.包含小写字母 到网站https://quipqiup.com/
代码语言:javascript复制flag{640e11012805f211b0ab24ff02a1ed09}33.RSA2
类型:dp n e c = m dp泄露
代码语言:javascript复制import gmpy2
n = 248254007851526241177721526698901802985832766176221609612258877371620580060433101538328030305219918697643619814200930679612109885533801335348445023751670478437073055544724280684733298051599167660303645183146161497485358633681492129668802402065797789905550489547645118787266601929429724133167768465309665906113
e = 65537
c = 140423670976252696807533673586209400575664282100684119784203527124521188996403826597436883766041879067494280957410201958935737360380801845453829293997433414188838725751796261702622028587211560353362847191060306578510511380965162133472698713063592621028959167072781482562673683090590521214218071160287665180751
dp = 905074498052346904643025132879518330691925174573054004621877253318682675055421970943552016695528560364834446303196939207056642927148093290374440210503657
for i in range(1, e):
if (dp * e - 1) % i == 0:
if n % (((dp * e - 1) // i) 1) == 0:
p = ((dp * e - 1) // i) 1
q = n // (((dp * e - 1) // i) 1)
phi = (q - 1) * (p - 1)
d = gmpy2.invert(e, phi)
m = pow(c, d, n)
print(m)
print(hex(m)[2:])
flag = hex(m)[2:]
print(bytes.fromhex(flag))
flag{wow_leaking_dp_breaks_rsa?_98924743502}34.RSA
分解key文件得到n,到http://www.factordb.com/得到p和q
代码语言:javascript复制import gmpy2
import rsa
e = 65537
n = 86934482296048119190666062003494800588905656017203025617216654058378322103517
p = 285960468890451637935629440372639283459
q = 304008741604601924494328155975272418463
phin = (p - 1) * (q - 1)
d = gmpy2.invert(e, phin)
with open('flag.enc','rb') as f:
f = f.read()
print rsa.decrypt(f,rsa.PrivateKey(n,e,int(d),p,q))得到flag
代码语言:javascript复制flag{decrypt_256}35.异性相吸
两个文件,16进制查看,转为2进制
代码语言:javascript复制a = '0110000101110011011000010110010001110011011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011000010111001101100100011100010111011101100101011100110111000101100110'
b = '0000011100011111000000000000001100001000000001000001001001010101000000110001000001010100010110000100101101011100010110000100101001010110010100110100010001010010000000110100010000000010010110000100011000000110010101000100011100000101010101100100011101010111010001000001001001011101010010100001010000011011'
c = ''
for i in range(len(a)):
if(a[i] == b[i]):
c ='0'
else:
c ='1'
print(c)得到一串二进制,转字符串,得到flag
flag{ea1bc0988992276b7f95b54a7435e89e}36.还原大师
md5爆破
代码语言:javascript复制import hashlib
k = 'TASC?O3RJMV?WDJKX?ZM'
for i in range(26):
temp1 = k.replace('?',str(chr(65 i)),1)
for j in range(26):
temp2 = temp1.replace('?',chr(65 j),1)
for n in range(26):
temp3 = temp2.replace('?',chr(65 n),1)
s = hashlib.md5(temp3.encode('utf8')).hexdigest().upper()
if s[:4] == 'E903':
print (s)
flag{E9032994DABAC08080091151380478A2}37.[GKCTF2020]汉字的秘密
是当铺密码,笔画中有几个出头的就对应着数字几
代码语言:javascript复制a = '田口由中人工大土士王夫井羊壮'
b = '00123455567899'
cip = '王壮 夫工 王中 王夫 由由井 井人 夫中 夫夫 井王 土土 夫由 土夫 井中 士夫 王工 王人 土由 由口夫'
s = ''
for i in cip:
if i in a:
s = b[a.index(i)]
else:
s = ' '
#print(s)
ll = s.split(" ")
t = ''
for i in range(0,len(ll)):
t = chr(int(ll[i]) i 1)
print(t.lower())
flag{you_are_good}38.RSAROLL
类型:n e c p q= m n分解 到http://www.factordb.com/分解
# -*-coding:utf-8-*-
import gmpy2
N,p,q,e=920139713,18443,49891,19
d=gmpy2.invert(e,(p-1)*(q-1))
result=[]
with open("1.txt","r") as f:
for line in f.readlines():
line=line.strip('n')#
result.append(chr(pow(int(line),d,N)))
for i in result:
print (i,end='')1.txt里放
得到flag
代码语言:javascript复制flag{13212je2ue28fy71w8u87y31r78eu1e2}39.robomunication
用audacity打开 听起来像摩斯密码,得到
代码语言:javascript复制.... . .-.. .-.. --- .-- .... .- - .. ... - .... . -.- . -.-- .. - .. ... -... --- --- -... . . .--.解密得到
代码语言:javascript复制hellowhatisthekeyitisboobeepflag是boobeep,改为大写提交
代码语言:javascript复制flag{BOOPBEEP}40.Unencode
到http://ctf.ssleye.com/uu.html直接解密,得到flag
代码语言:javascript复制flag{dsdasdsa99877LLLKK}
