base64
base64編碼之后的字符串具有的特點(diǎn):
*字符串只可能包含A-Z儡陨,a-z,0-9册舞,+翔怎,/,=字符
*字符串長(zhǎng)度是4的倍數(shù)
* =只會(huì)出現(xiàn)在字符串最后,可能沒(méi)有或者一個(gè)等號(hào)或者兩個(gè)等號(hào)
工具:https://www.sojson.com/base64.html
python代碼:(注意文件不要命名為base64.py,否則import base64錯(cuò)誤)
import base64
cipher = "Y3liZXJwZWFjZXtXZWxjb21lX3RvX25ld19Xb3JsZCF9"
plaintext = base64.b64decode(cipher)
print(plaintext)
Caesar
工具:https://www.qqxiuzi.cn/bianma/kaisamima.php
python代碼:
def caesar(cipher):
????????for j in range(26):
????????????????str_list = list(cipher)
????????????????i = 0
????????????????while i < len(cipher):
????????????????????????if not str_list[i].isalpha():
????????????????????????????????str_list[i] = str_list[i]
????????????????????????else:
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?a = "A" if str_list[i].isupper() else "a"
????????????????????????????????str_list[i] = chr((ord(str_list[i]) - ord(a) + j) % 26 + ord(a))
????????????????????????i = i + 1
????????????????????????print(''.join(str_list))
if __name__ == '__main__':
????????cipher = "oknqdbqmoq{kag_tmhq_xqmdzqp_omqemd_qzodkbfuaz}"
????????caesar(cipher)
Morse
特征:
* 用點(diǎn)(.)和劃(-)來(lái)編碼范圍0-9、A-Z的字符拧晕,字母不區(qū)分大小寫(xiě)
* 兩個(gè)字母之間的空格用斜杠(/)或者三個(gè)點(diǎn)(.)或者一個(gè)劃(-)表示,兩個(gè)單詞之間的間隔是七個(gè)點(diǎn)(.)
* 根據(jù)摩斯編碼的原理梅垄,CTF中也有出現(xiàn)過(guò)變種的摩斯編碼防症,比如點(diǎn)(.)和劃(-)用數(shù)字0和1來(lái)表示等此類(lèi)變種的思路
工具:http://ctf.ssleye.com/morse.html
python代碼:
table ={'a': ".-", 'b': "-...", 'c': "-.-.", 'd': "-..", 'e': ".", 'f': "..-.", 'g': "--.", 'h': "....", 'i': "..", 'j': ".---", 'k': "-.-", 'l': ".-..", 'm': "--", 'n': "-.", 'o': "---", 'p': ".--.", 'q': "--.-", 'r': ".-.", 's': "...", 't': "-", 'u': "..-", 'v': "...-", 'w': ".--", 'x': "-..-", 'y': "-.--", 'z': "--..", '0': '-----', '1': '.----', '2': '..---', '3': '...--', '4': '....-', '5': '.....', '6': '-....', '7': '--...', '8': '---..', '9': '----.', ',': '--..--', '.': '.-.-.-', ':': '---...', ';': '-.-.-.', '?': '..--..', '=': '-...-', "'": '.----.', '/': '-..-.', '!': '-.-.--', '-': '-....-', '_': '..--.-', '(': '-.--.', ')': '-.--.-', '$': '...-..-', '&': '. . . .', '@': '.--.-.'}
def morse(cipher):
????????msg = ''
????????codes = cipher.split(' ')
????????for code in codes:
????????????????if code == '':
????????????????????????msg += ' '
????????????????else:
????????????????????????UNCODE = dict(map(lambda t: (t[1], t[0]), table.items()))
????????????????????????msg += UNCODE[code]
????????????????return msg
if __name__ == '__main__':
????????cipher ="11 111 010 000 0 1010 111 100 0 00 000 000 111 00 10 1 0 010 0 000 1 00 10 110"
????????cipher = cipher.replace('1', '-')
????????cipher = cipher.replace('0', '.')
????????plaintext = morse(cipher)
????????print(plaintext)
混合編碼
步驟:①base64? ? ?②unicode? ? ?③base64? ? ?④unicode(要將/改為&#)
Railfence-----柵欄密碼
工具:http://www.atoolbox.net/Tool.php?Id=777
不僅僅是Morse
步驟:
①M(fèi)orse編碼(python代碼中要把“cipher = cipher.replace('1', '-')? ?cipher = cipher.replace('0', '.')”改為“cipher=cipher.repalce('/',' ')”? ? ?
②培根密碼(倍康尼密碼、Bacon's cipher):僅僅由ab構(gòu)成哎甲;求解方式如下所示
工具:https://tool.bugku.com/peigen/
python代碼:
import re
table ={'a': 'aaaaa', 'b': 'aaaab', 'c': 'aaaba', 'd': 'aaabb', 'e': 'aabaa', 'f': 'aabab', 'g': 'aabba', 'h': 'aabbb', 'i': 'abaaa', 'j': 'abaab', 'k': 'ababa', 'l': 'ababb', 'm': 'abbaa', 'n': 'abbab', 'o': 'abbba', 'p': 'abbbb', 'q': 'baaaa', 'r': 'baaab', 's': 'baaba', 't': 'baabb', 'u': 'babaa', 'v': 'babab', 'w': 'babba', 'x': 'babbb', 'y': 'bbaaa', 'z': 'bbaab'}
def bacon(cipher):
????????msg = ''
????????codes = re.findall(r'.{5}', cipher)
????????for code in codes:
????????????????if code == '':
????????????????????????msg += ' '
????????????????else:
????????????????????????UNCODE = dict(map(lambda t: (t[1], t[0]), table.items()))
????????????????????????msg += UNCODE[code]
????????return msg
if __name__ == '__main__':
????????cipher = 'aaaaabaabbbaabbaaaaaaaabaababaaaaaaabbabaaabbaaabbaabaaaababaabaaabbabaaabaaabaababbaabbbabaaabababbaaabbabaaabaabaabaaaabbabbaabbaabaabaaabaabaabaababaabbabaaaabbabaabba'
????????plaintext = bacon(cipher)
????????print(plaintext)
冪數(shù)加密/云影密碼
python代碼:
#二進(jìn)制冪數(shù)加密/云影密碼
a=str(input("密文:"))
a=a.split("0")
flag=''
for i in range(0,len(a)):
????????str = a[i]
????????list=[]
????????sum=0
????????for j in str:
????????????????list.append(j)
????????????????length = len(list)
????????for k in range(0,length):
????????????????sum+=int(list[k])
????????flag+=chr(sum+64)
print("明文為:",flag)
easy_RSA(已知p蔫敲、q、e炭玫,求d 或 已知p奈嘿、q、d吞加,求e)
python代碼:
def rsa_moder(n):
? ? ? ? base=2
? ? ? ? while base<n:
? ? ? ? ? ? ? ? if n%base==0:
? ? ? ? ? ? ? ? ? ? ? ? return base,n//base
? ? ? ? ? ? ? ? base+=1
def rsa_get_euler(prime1,prinme2):#求歐拉函數(shù)
? ? ? ? return (prime1-1)*(prime2-1)
def rsa_get_key(e,euler):
? ? ? ? k=1
? ? ? ? while True:
? ? ? ? ? ? ? ? if (((euler*k)+1)%e)==0:
? ? ? ? ? ? ? ? ? ? ? ? return (euler*k+1)//e
? ? ? ? ? ? ? ? k+=1
def get_rsa_e_d(n,e=None,d=None):
? ? ? ? if e is None and d is None:
? ? ? ? ? ? ? ? return 0
? ? ? ? arg=e
? ? ? ? if arg is None:
? ? ? ? ? ? ? ? arg=d
? ? ? ? primes=rsa_moder(n)
? ? ? ? p=primes[0]
? ? ? ? q=primes[1]
? ? ? ? d=rsa_get_key(arg,rsa_get_euler(p,q))
? ? ? ? return d
p=int(input("p="))
q=int(input("q="))
n=p*q
e=int(input("e="))
d=get_rsa_e_d(n,e,None)
print("d=",d)
easychallenge
.pyc文件:
* 由py文件經(jīng)過(guò)編譯后裙犹,生成的文件
* pip install uncompyle6? (安裝uncompyle6庫(kù),用于反編譯)
* 進(jìn)入.pyc文件所在的文件夾衔憨,然后uncomplyle6 -o . easychallenge.pyc叶圃,即可在該文件夾中得到.py文件
得到的easychallenge.py文件:
# uncompyle6 version 3.6.5
# Python bytecode 2.7 (62211)
# Decompiled from: Python 3.5.2 (v3.5.2:4def2a2901a5, Jun 25 2016, 22:18:55) [MSC v.1900 64 bit (AMD64)]
# Embedded file name: ans.py
# Compiled at: 2018-08-09 11:29:44
import base64
def encode1(ans):
????????s = ''
????????for i in ans:
????????????????x = ord(i) ^ 36
????????????????x = x + 25
????????????????s += chr(x)
????????return s
def encode2(ans):
????????s = ''
????????for i in ans:
????????????????x = ord(i) + 36
????????????????x = x ^ 36
????????????????s += chr(x)
????????return s
def encode3(ans):
????????return base64.b32encode(ans)
flag = ' '
print 'Please Input your flag:'
flag = raw_input()
final = 'UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E==='
if encode3(encode2(encode1(flag))) == final:
????????print 'correct'
else:
????????print 'wrong'
根據(jù)上面的easychallenge.py文件,寫(xiě)求逆程序(easychallenge_resolve.py):
import base64
def decode1(s):
????????ans=''
????????for x in s:
????????????????x=ord(x)-25
????????????????i=x^36
????????????????ans+=chr(i)
????????return ans
def decode2(s):
????????ans=''
????????for x in s:
????????????????x=x^36
????????????????i=x-36? ? ?
????????????????ans+=chr(i)
????????return ans
def decode3(ans):
????????return base64.b32decode(ans)
if __name__=="__main__":
????????final = 'UC7KOWVXWVNKNIC2XCXKHKK2W5NLBKNOUOSK3LNNVWW3E==='
????????flag=decode1(decode2(decode3(final)))
????????print("flag=",flag)
Normal_RSA
將flag.enc和pubkey.pem放入kali虛擬機(jī)中践图,在終端打開(kāi)掺冠,輸入“openssl rsa -pubin -text -modulus -in warmup -in pubkey.pem”
得到的Modulus即為n,Exponent即為e
將得到的Modulus=....轉(zhuǎn)化為十進(jìn)制(工具)為87924348264132406875276140514499937145050893665602592992418171647042491658461码党,即為n
大數(shù)分解德崭,得到:
p=275127860351348928173285174381581152299
q=319576316814478949870590164193048041239
在終端中輸入“python rsatool.py -o private.pem -e 65537 -p 275127860351348928173285174381581152299 -q 319576316814478949870590164193048041239”
將flag.enc放在rsatool文件夾中斥黑,在終端打開(kāi),輸入“openssl rsautl -decrypt -in flag.enc -inkey private.pem”
轉(zhuǎn)輪機(jī)加密
python代碼:
import re
sss='''1:< ZWAXJGDLUBVIQHKYPNTCRMOSFE < 2: < KPBELNACZDTRXMJQOYHGVSFUWI < 3:< BDMAIZVRNSJUWFHTEQGYXPLOCK < 4: < RPLNDVHGFCUKTEBSXQYIZMJWAO < 5:< IHFRLABEUOTSGJVDKCPMNZQWXY < 6: < AMKGHIWPNYCJBFZDRUSLOQXVET < 7:< GWTHSPYBXIZULVKMRAFDCEONJQ < 8: < NOZUTWDCVRJLXKISEFAPMYGHBQ < 9:< XPLTDSRFHENYVUBMCQWAOIKZGJ < 10: < UDNAJFBOWTGVRSCZQKELMXYIHP <11 < MNBVCXZQWERTPOIUYALSKDJFHG < 12 < LVNCMXZPQOWEIURYTASBKJDFHG <13 < JZQAWSXCDERFVBGTYHNUMKILOP <'''
m="NFQKSEVOQOFNP"
content=re.findall(r'<(.*?) <',sss,re.S)
iv=[2,3,7,5,13,12,9,1,8,10,4,11,6]
vvv=[]
ans=""
for i in range(13):??
????????index=content[iv[i]-1].index(m[i])??
????????vvv.append(index)
for i inrange(0,26):??
????????flag=""??
????????for j in range(13):??????
????????????????flag+=content[iv[j]-1][(vvv[j]+i)%26]??
????????print(flag)
easy_ECC
ECC:橢圓加密算法眉厨,ECC橢圓曲線加密學(xué)習(xí)筆記锌奴、橢圓曲線的奇妙比喻
python代碼:
import collections
def inverse_mod(k, p):
????????"""Returns the inverse of k modulo p. This function returns the only integer x such that (x * k) % p == 1. k must be non-zero and p must be a prime. """
? ? ? ? if k == 0:
? ? ? ? ? ? ? ? raise ZeroDivisionError('division by zero')
? ? ? ? if k < 0:
????????????????# k ** -1 = p - (-k) ** -1 (mod p)
? ? ? ? ? ? ? ? return p - inverse_mod(-k, p)
? ? ? ? # Extended Euclidean algorithm.
? ? ? ? s, old_s = 0, 1
? ? ? ? t, old_t = 1, 0
? ? ? ? r, old_r = p, k
? ? ? ? while r != 0:
? ? ? ? ? ? ? ? quotient = old_r // r
? ? ? ? ? ? ? ? old_r, r = r, old_r - quotient * r
? ? ? ? ? ? ? ? old_s, s = s, old_s - quotient * s
? ? ? ? ? ? ? ? old_t, t = t, old_t - quotient * t
? ? ? ? gcd, x, y = old_r, old_s, old_t
? ? ? ? assert gcd == 1
? ? ? ? assert (k * x) % p == 1
? ? ? ? return x % p# Functions that work on curve points #
def is_on_curve(point):?
?"""Returns True if the given point lies on the elliptic curve."""
? ? ? ? if point is None:
? ? ? ? ? ? ? ? # None represents the point at infinity.
? ? ? ? ? ? ? ? return True
? ? ? ? x, y = point
? ? ? ? return (y * y - x * x * x - curve.a * x - curve.b) % curve.p == 0def point_neg(point):
????????"""Returns -point."""
? ? ? ? assert is_on_curve(point)
? ? ? ? if point is None:?
? ? ? ? ? ? ? ?# -0 = 0
? ? ? ? ? ? ? ? return None
? ? ? ? x, y = point
? ? ? ? result = (x, -y % curve.p)
? ? ? ? assert is_on_curve(result)
? ? ? ? return resultdef point_add(point1, point2):
????????"""Returns the result of point1 + point2 according to the group law."""
? ? ? ? assert is_on_curve(point1)
? ? ? ? assert is_on_curve(point2)
????????if point1 is None:
?????????????????# 0 + point2 = point2
? ? ? ? ? ? ? ? return point2
? ? ? ? if point2 is None:
????????????????# point1 + 0 = point1
????????????????return point1
????????x1, y1 = point1
? ? ? ? x2, y2 = point2
? ? ? ? if x1 == x2 and y1 != y2:
? ? ? ? ? ? ? ? # point1 + (-point1) = 0
? ? ? ? ? ? ? ? return None
? ? ? ? if x1 == x2:
? ? ? ? ? ? ? ? # This is the case point1 == point2.
? ? ? ? ? ? ? ? m = (3 * x1 * x1 + curve.a) * inverse_mod(2 * y1, curve.p)
? ? ? ? else:
? ? ? ? ? ? ? ? # This is the case point1 != point2.
? ? ? ? ? ? ? ? m = (y1 - y2) * inverse_mod(x1 - x2, curve.p)
? ? ? ? x3 = m * m - x1 - x2
? ? ? ? y3 = y1 + m * (x3 - x1)
? ? ? ? result = (x3 % curve.p, -y3 % curve.p)
????????assert is_on_curve(result)
? ? ? ? return resultdef scalar_mult(k, point):
? ? ? ? """Returns k * point computed using the double and point_add algorithm."""
? ? ? ? assert is_on_curve(point)
? ? ? ? if k < 0:
? ? ? ? ? ? # k * point = -k * (-point)
? ? ? ? ? ? return scalar_mult(-k, point_neg(point))
? ? ? ? result = None
? ? ? ? addend = point
? ? ? ? while k:
? ? ? ? ? ? ????if k & 1:
? ? ? ? ? ? ? ? ? ? ? ? # Add.
????????????????????????result = point_add(result, addend)
? ? ? ? ? ? ? ? # Double.
? ? ? ? ? ? ? ? addend = point_add(addend, addend)
? ? ? ? ? ? ? ? k >>= 1
? ? ? ? assert is_on_curve(result)
? ? ? ? return result# Keypair generation and ECDHE #
def make_keypair():
? ? ? ? """Generates a random private-public key pair."""
? ? ? ? private_key = curve.n
? ? ? ? public_key = scalar_mult(private_key, curve.g)
? ? ? ? return private_key, public_keyEllipticCurve = collections.namedtuple('EllipticCurve', 'name p a b g n h')
curve = EllipticCurve(
? ? ? ? 'secp256k1',
? ? ? ? # Field characteristic.
? ? ? ? p=15424654874903,
? ? ? ? # Curve coefficients.
? ? ? ? a=16546484,
? ? ? ? b=4548674875,
? ? ? ? # Base point.
? ? ? ? g=(6478678675,5636379357093),
? ? ? ? # Subgroup order.
? ? ? ? n=546768,
? ? ? ? # Subgroup cofactor.
? ? ? ? h=1,
)
private_key, public_key = make_keypair()
print("private key:", hex(private_key))
print("public key: (0x{:x}, 0x{:x})".format(*public_key))
print("x + y = " + str(public_key[0] + public_key[1]))
