IT数码 购物 网址 头条 软件 日历 阅读 图书馆
TxT小说阅读器
↓语音阅读,小说下载,古典文学↓
图片批量下载器
↓批量下载图片,美女图库↓
图片自动播放器
↓图片自动播放器↓
一键清除垃圾
↓轻轻一点,清除系统垃圾↓
开发: C++知识库 Java知识库 JavaScript Python PHP知识库 人工智能 区块链 大数据 移动开发 嵌入式 开发工具 数据结构与算法 开发测试 游戏开发 网络协议 系统运维
教程: HTML教程 CSS教程 JavaScript教程 Go语言教程 JQuery教程 VUE教程 VUE3教程 Bootstrap教程 SQL数据库教程 C语言教程 C++教程 Java教程 Python教程 Python3教程 C#教程
数码: 电脑 笔记本 显卡 显示器 固态硬盘 硬盘 耳机 手机 iphone vivo oppo 小米 华为 单反 装机 图拉丁
 
   -> Python知识库 -> [AFCTF2018]你听过一次一密么? -> 正文阅读

[Python知识库][AFCTF2018]你听过一次一密么?

[AFCTF2018]你听过一次一密么?

附件:

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-AJaXHiET-1627040926867)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721210033753.png)]

Problem.txt

25030206463d3d393131555f7f1d061d4052111a19544e2e5d
0f020606150f203f307f5c0a7f24070747130e16545000035d
1203075429152a7020365c167f390f1013170b1006481e1314
0f4610170e1e2235787f7853372c0f065752111b15454e0e09
081543000e1e6f3f3a3348533a270d064a02111a1b5f4e0a18
0909075412132e247436425332281a1c561f04071d520f0b11
4116111b101e2170203011113a69001b475206011552050219
041006064612297020375453342c17545a01451811411a470e
021311114a5b0335207f7c167f22001b44520c15544801125d
06140611460c26243c7f5c167f3d015446010053005907145d
0f05110d160f263f3a7f4210372c03111313090415481d49

题目描述“一次一密(One-Time-Pad)”特意去了解了一下。又去找了一下大佬的WP,发现还有Many-Time-Pad (MTP).

再搜索 Many-Time-Pad,居然找到了many-time-pad-attack 脚本,python2的脚本,然而并没有运行起来QAQ

#!/usr/bin/python
## OTP - Recovering the private key from a set of messages that were encrypted w/ the same private key (Many time pad attack) - crypto100-many_time_secret @ alexctf 2017
# Original code by jwomers: https://github.com/Jwomers/many-time-pad-attack/blob/master/attack.py)

import string
import collections
import sets, sys

# 11 unknown ciphertexts (in hex format), all encrpyted with the same key

c1='25030206463d3d393131555f7f1d061d4052111a19544e2e5d'
c2='0f020606150f203f307f5c0a7f24070747130e16545000035d'
c3='1203075429152a7020365c167f390f1013170b1006481e1314'
c4='0f4610170e1e2235787f7853372c0f065752111b15454e0e09'
c5='081543000e1e6f3f3a3348533a270d064a02111a1b5f4e0a18'
c6='0909075412132e247436425332281a1c561f04071d520f0b11'
c7='4116111b101e2170203011113a69001b475206011552050219'
c8='041006064612297020375453342c17545a01451811411a470e'
c9='021311114a5b0335207f7c167f22001b44520c15544801125d'
c10='06140611460c26243c7f5c167f3d015446010053005907145d'
c11='0f05110d160f263f3a7f4210372c03111313090415481d49'
ciphers = [c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11]
# The target ciphertext we want to crack
#target_cipher = "0529242a631234122d2b36697f13272c207f2021283a6b0c7908"

# XORs two string
def strxor(a, b):     # xor two strings (trims the longer input)
    return "".join([chr(ord(x) ^ ord(y)) for (x, y) in zip(a, b)])

def target_fix(target_cipher):
    # To store the final key
    final_key = [None]*150
    # To store the positions we know are broken
    known_key_positions = set()

    # For each ciphertext
    for current_index, ciphertext in enumerate(ciphers):
        counter = collections.Counter()
        # for each other ciphertext
        for index, ciphertext2 in enumerate(ciphers):
            if current_index != index: # don't xor a ciphertext with itself
                for indexOfChar, char in enumerate(strxor(ciphertext.decode('hex'), ciphertext2.decode('hex'))): # Xor the two ciphertexts
                    # If a character in the xored result is a alphanumeric character, it means there was probably a space character in one of the plaintexts (we don't know which one)
                    if char in string.printable and char.isalpha(): counter[indexOfChar] += 1 # Increment the counter at this index
        knownSpaceIndexes = []

        # Loop through all positions where a space character was possible in the current_index cipher
        for ind, val in counter.items():
            # If a space was found at least 7 times at this index out of the 9 possible XORS, then the space character was likely from the current_index cipher!
            if val >= 7: knownSpaceIndexes.append(ind)
        #print knownSpaceIndexes # Shows all the positions where we now know the key!

        # Now Xor the current_index with spaces, and at the knownSpaceIndexes positions we get the key back!
        xor_with_spaces = strxor(ciphertext.decode('hex'),' '*150)
        for index in knownSpaceIndexes:
            # Store the key's value at the correct position
            final_key[index] = xor_with_spaces[index].encode('hex')
            # Record that we known the key at this position
            known_key_positions.add(index)

    # Construct a hex key from the currently known key, adding in '00' hex chars where we do not know (to make a complete hex string)
    final_key_hex = ''.join([val if val is not None else '00' for val in final_key])
    # Xor the currently known key with the target cipher
    output = strxor(target_cipher.decode('hex'),final_key_hex.decode('hex'))

    print "Fix this sentence:"
    print ''.join([char if index in known_key_positions else '*' for index, char in enumerate(output)])+"\n"

    # WAIT.. MANUAL STEP HERE 
    # This output are printing a * if that character is not known yet
    # fix the missing characters like this: "Let*M**k*ow if *o{*a" = "cure, Let Me know if you a"
    # if is too hard, change the target_cipher to another one and try again
    # and we have our key to fix the entire text!

    #sys.exit(0) #comment and continue if u got a good key

    target_plaintext = "cure, Let Me know if you a"
    print "Fixed:"
    print target_plaintext+"\n"

    key = strxor(target_cipher.decode('hex'),target_plaintext)

    print "Decrypted msg:"
    for cipher in ciphers:
        print strxor(cipher.decode('hex'),key)

    print "\nPrivate key recovered: "+key+"\n"
    
for i in ciphers:
    target_fix(i)

没有python2环境,于是找了个在线python2(国外的网站)带入运行得到:

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-aJ8PRMKu-1627040926869)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721213339461.png)]

Fix this sentence:
Dear Frie*d**T*is tim* G*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
Dear Friend IT is time Go
nderstood muIm!stake anjo
sed One timiIp)d encrypz&
n scheme, I,e)rd that g;
is the only,n+ryption c*
hod that is,a<hematicab#
 proven to n &ot crackk+
ever if the,e1 is kept.<
cure, Let MiIk&ow if yo{o
gree with miIt' use thi}o
ncryption soe%e always 

Private key recovered: afctf{OPT_16I&t3rest1ni2

Fix this sentence:
nderstood*m**m*stake *nj*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
nderstood muIm!stake anjo
Dear Friend IT is time Go
Yd` \x&u'd<II(~'$qo?}>W&
D!wc;Wpc-n@y\(hcakd,pnJ;
Cr$t;W=io"pyW*h~1ke"jnN*
Bn` 'Z|r!'zyX=rb,~x$g/O#

qvo%Ws&u!);'usa|~,g%F+
Owars[{&u&ly\0:n2?g(t:<
ItveQcunD<IR'upavjm}!Vo
MsaesEtrind<IM&:r2z,9l'Po
Dbvy#Ftionz:\$' s{,}=

Private key recovered: Kggt5IRVU8*6p'n43z95 D2

Fix this sentence:
sed One t*m**p*d encr*pz*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
sed One timiIp)d encrypz&
Yd` \x&u'd<II(~'$qo?}>W&
Dear Friend IT is time Go
Y v1Mz,='@eA 7enb~hpZr
^s%&M7&kpeJ"*5ncprp^c
_oar@v=1nzeE5e6({~v1_j
pw=Myieh)'/b'eyx~;Vb
Rv` OAqieoleA8-:6:azl$u
Tuw7C[,e'D IO/b$esl?e?F&
Pr`7O_~=y'd IP.-&6*kt9@&
Ycw+\~&'z&A,hs$v}~e#

Private key recovered: Vff&	SXEX866m/y`7yk->T{

Fix this sentence:
n scheme,*I**e*rd tha* g*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
n scheme, I,e)rd that g;
D!wc;Wpc-n@y\(hcakd,pnJ;
Y v1Mz,='@eA 7enb~hpZr
Dear Friend IT is time Go
C62e F?c'"T D_"inpthc C~
B*v1<K~xi'^ LP5srmaueraBw

5`~>Fq,=!
bD/tc csmrkK
O3wchJy,=&H JT8;~s jiath
I0`tdSi=n`eZ/t` ig,ho[;
M7wthTvx!n@eE.;bse!xyi];
D&`h8Wvc'n^cIT,~7alvmhs

Private key recovered: K#qe.XP\s~x/o$rerx nIf

Fix this sentence:
is the on*y**n*ryptio* c*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
is the only,n+ryption c*
Cr$t;W=io"pyW*h~1ke"jnN*
^s%&M7&kpeJ"*5ncprp^c
C62e F?c'"T D_"inpthc C~
Dear Friend IT is time Go
Ey%&<K3r+kn A[7so=atkhaFf

f3i>F<&m=bI-t~pcrchkOn
H`$thJ4&jx G_:;c# kg{t
y
Nc3cdc"PeQ-t}pif"ro_*
Jd$chT;rc"peN,;#e vciY*
Cu38W;ie"ncD_.~*1lwcrs

Private key recovered: Lp"r.XV_],sss-o9"esv:nMw

Fix this sentence:
hod that *s**a*hemati*ab*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
hod that is,a<hematicab#
Bn` 'Z|r!'zyX=rb,~x$g/O#
_oar@v=1nzeE5e6({~v1_j
B*v1<K~xi'^ LP5srmaueraBw
Ey%&<K3r+kn A[7so=atkhaFf
Dear Friend IT is time Go
zw="K}=1h7bA:nbmvoee*Ng
I|` tGu=1or OP-!>5vav5p
Ow7x_x1'Ze^:nam|{$.^#
Kx`7tYzi-'zeA;!c>p=pn(X#
Biw+$Zzr+'dcLP9d6,yje2

Private key recovered: Mlf&2U\MX&s{|:u%?pnp7/L~

Fix this sentence:
 proven t* ** *ot cra*kk*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
 proven to n &ot crackk+

qvo%Ws&u!);'usa|~,g%F+
pw=Myieh)'/b'eyx~;Vb

5`~>Fq,=!
bD/tc csmrkK

f3i>F<&m=bI-t~pcrchkOn
zw="K}=1h7bA:nbmvoee*Ng
Dear Friend IT is time Go
cvovJziei!bG7&ns7piv?x
`axzP,e!	' ip ~},$W+
gvxvTu=y!)'!&rsr;xn"Q+

vad&Wu&!7!D#c'a{lm8

Private key recovered: spi0XSE^u1s= r4rrhx7%Ev

Fix this sentence:
ever if t*e**e* is ke*t.*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
ever if the,e1 is kept.<
Owars[{&u&ly\0:n2?g(t:<
Rv` OAqieoleA8-:6:azl$u
O3wchJy,=&H JT8;~s jiath
H`$thJ4&jx G_:;c# kg{t
y
I|` tGu=1or OP-!>5vav5p
cvovJziei!bG7&ns7piv?x
Dear Friend IT is time Go
Bfve,X,e&LeZ7&ms=d(l;<
Faae X}=y&leE6io 1"|}=<
Opvyp[}&&rcJT4,:28uil'I

Private key recovered: @ugtfT[EY0s}x7=)!1q|$:a

Fix this sentence:
cure, Let*M**k*ow if *o{*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
cure, Let MiIk&ow if yo{o
ItveQcunD<IR'upavjm}!Vo
Tuw7C[,e'D IO/b$esl?e?F&
I0`tdSi=n`eZ/t` ig,ho[;
Nc3cdc"PeQ-t}pif"ro_*
Ow7x_x1'Ze^:nam|{$.^#
`axzP,e!	' ip ~},$W+
Bfve,X,e&LeZ7&ms=d(l;<
Dear Friend IT is time Go
@bvr,WxynD IK!&qsx/9t&Ao
Isan|WcnZ&Z#c$aqx,e<

Private key recovered: Fvpcjq\E66v r7rx|9-!U2

Fix this sentence:
gree with*m**t* use t*i}*

Fixed:
Dear Friend IT is time Go

Decrypted msg:
gree with miIt' use thi}o
MsaesEtrind<IM&:r2z,9l'Po
Pr`7O_~=y'd IP.-&6*kt9@&
M7wthTvx!n@eE.;bse!xyi];
Jd$chT;rc"peN,;#e vciY*
Kx`7tYzi-'zeA;!c>p=pn(X#
gvxvTu=y!)'!&rsr;xn"Q+
Faae X}=y&leE6io 1"|}=<
@bvr,WxynD IK!&qsx/9t&Ao
Dear Friend IT is time Go
MtvnpErrcnz&E",&2}>xt:

Private key recovered: BqgcfJTMY866i!=5!t:m<'S2

Fix this sentence:
ncryption*s**e*e alwa*s 

Fixed:
Dear Friend IT is time Go

Decrypted msg:
ncryption soe%e always 
Dbvy#Ftionz:\$' s{,}=
Ycw+\~&'z&A,hs$v}~e#
D&`h8Wvc'n^cIT,~7alvmhs
Cu38W;ie"ncD_.~*1lwcrs
Biw+$Zzr+'dcLP9d6,yje2

vad&Wu&!7!D#c'a{lm8
Opvyp[}&&rcJT4,:28uil'I
Isan|WcnZ&Z#c$aqx,e<
MtvnpErrcnz&E",&2}>xt:
Dear Friend IT is time G

Private key recovered: K`p6ITV_&0~x#x`3}mx-=

根据题目特性不难发现flag由好几部分组成

第一key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-cD6FFpLz-1627040926872)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721213957550.png)]

Private key recovered: afctf{OPT_16I&t3rest1ni2

第二key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-FbAaH72b-1627040926875)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214108819.png)]

Private key recovered: Kggt5IRVU8*6p'n43z95 D2

第三个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-jVeEgq3o-1627040926881)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214332980.png)]

Private key recovered: Vff&	SXEX866m/y`7yk->T{

第四个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-arLMgdAZ-1627040926882)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214358178.png)]

Private key recovered: K#qe.XP\s~x/o$rerx nIf

第五个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-PVmzzMaQ-1627040926883)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214432867.png)]

Private key recovered: Lp"r.XV_],sss-o9"esv:nMw

第六个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-WOZ9q92I-1627040926885)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214500094.png)]

Private key recovered: Mlf&2U\MX&s{|:u%?pnp7/L~

第七个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-FYqFgMNj-1627040926887)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214520139.png)]

Private key recovered: spi0XSE^u1s= r4rrhx7%Ev

第八个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-s340Aie0-1627040926889)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214559498.png)]

Private key recovered: @ugtfT[EY0s}x7=)!1q|$:a

第九个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-yskcF8tl-1627040926890)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214629592.png)]

Private key recovered: Fvpcjq\E66v r7rx|9-!U2

第十个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-oKHeBrKe-1627040926891)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214706975.png)]

Private key recovered: BqgcfJTMY866i!=5!t:m<'S2

第十一个key

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-yA2gmy01-1627040926892)(C:\Users\86183\Desktop\ZERO\2ero\WP\BUUCTF\Crypto[AFCTF2018]你听过一次一密么?\image-20210721214736551.png)]

Private key recovered: K`p6ITV_&0~x#x`3}mx-=

得到:

afctf{OPT_16I&t3rest1ni2
Kggt5IRVU8*6p'n43z95 D2
Vff&	SXEX866m/y`7yk->T{
K#qe.XP\s~x/o$rerx nIf
Lp"r.XV_],sss-o9"esv:nMw
Mlf&2U\MX&s{|:u%?pnp7/L~
spi0XSE^u1s= r4rrhx7%Ev
@ugtfT[EY0s}x7=)!1q|$:a
Fvpcjq\E66v r7rx|9-!U2
BqgcfJTMY866i!=5!t:m<'S2
K`p6ITV_&0~x#x`3}mx-=

毫无头绪23333,接着找WP

大佬采用修复语句的方式寻找flag!!!看得我一愣一愣的!!!

最后得到flag为:

afctf{OPT_1s_Int3rest1ng}
  Python知识库 最新文章
Python中String模块
【Python】 14-CVS文件操作
python的panda库读写文件
使用Nordic的nrf52840实现蓝牙DFU过程
【Python学习记录】numpy数组用法整理
Python学习笔记
python字符串和列表
python如何从txt文件中解析出有效的数据
Python编程从入门到实践自学/3.1-3.2
python变量
上一篇文章      下一篇文章      查看所有文章
加:2021-07-24 23:57:56  更:2021-07-24 23:58:20 
 
开发: C++知识库 Java知识库 JavaScript Python PHP知识库 人工智能 区块链 大数据 移动开发 嵌入式 开发工具 数据结构与算法 开发测试 游戏开发 网络协议 系统运维
教程: HTML教程 CSS教程 JavaScript教程 Go语言教程 JQuery教程 VUE教程 VUE3教程 Bootstrap教程 SQL数据库教程 C语言教程 C++教程 Java教程 Python教程 Python3教程 C#教程
数码: 电脑 笔记本 显卡 显示器 固态硬盘 硬盘 耳机 手机 iphone vivo oppo 小米 华为 单反 装机 图拉丁

360图书馆 购物 三丰科技 阅读网 日历 万年历 2024年12日历 -2024/12/25 14:58:32-

图片自动播放器
↓图片自动播放器↓
TxT小说阅读器
↓语音阅读,小说下载,古典文学↓
一键清除垃圾
↓轻轻一点,清除系统垃圾↓
图片批量下载器
↓批量下载图片,美女图库↓
  网站联系: qq:121756557 email:121756557@qq.com  IT数码
数据统计