Title: 2022 Sichuan-Chongqing Network and Information Security Vocational Skills Competition-Individual Preliminary Competition Writeup

1.Web

1-1:Title name: Directory scan

Flag:

DASCTF{84a70245035ca88088a2ba6ae2378021}

1-3:Title name: MissingData

The main thing is to start ob_start(); so all outputs will be stored in the buffer, and the user will manually fetch the output.

So the file name $this-LOG_NAME is obtained by hello:

$hello=$_GET['hello'];

echo $hello;

$this-LOG_NAME=base64_decode(ob_get_contents());//Save the value passed by hello to LOG_NAME

ob_clean();

The file content is REMOTE_ADDR connection to UA:

$getlog-setIp($_SERVER['REMOTE_ADDR']);

$getlog-setUserAgent($_SERVER['HTTP_USER_AGENT']);

$getlog-echoLog();

$log_info=date('Y-m-d H:i:s ').ob_get_contents();

The last destructor will write a log

public $LOG_PATH='/log/';

file_put_contents(dirname(__FILE__).$this-LOG_PATH.$this-LOG_NAME,$log_info);

//The path is ./log/$_GET['hello']

//Write a sentence in UA and it's OK

The output is thrown into the buffer first and then stored in the file. The file name is controlled by hello. Just write a sentence in the file content ua.

2.MISC

2-3-Title name: 0101

It was found that it started with pk and was a zip compressed package, changed to a.zip

Use the following script to get flag:

importzipfilez=zipfile.ZipFile('./a.zip')foriinz.filelist:print(i)s=''foriinrange(304):x=z.getinfo(f'file/{i}.png')ifx.file_size500:s +='0'else:s +='1'# print(s)print(int.to_bytes(int(s, 2), 304//8, 'big'))

flag: DASCTF{Jo2YAKT_IcRgmzZ3GWe_Swt8vqadQO}

3.CRYPTO

3-1Title name: soeasy_rsa

from gmpy2 import *

from Crypto.Util.number import *

a=2380402194007867640834230133203689290000472813648007647953021975206512532731882164772245921609577026496538897355132363531131317883867086048778847678868666 75605015726472177258684459630640657685787850703752943907052651392339497467843371766418025796562413303338351121513907686789154886620715851548718281365666809 187058800263851824525907860039143933728304943908336579405685696188421049700292603636950535727494958939999452204939356373348680294604482825148431031457951 02173534495304156971490358608124680851055950154432367509652612855903019752959349069234185596982394068554146096092741880878895682860091022727772496856721290

p=iroot(a,2)

print(p)

p=154285520837435281376516898144008792793020984180192603663692347665042795645086703863131549256869630446819852185017005249707039620525550780754809067914632 509810226131750340822324265288338519653179637243674514007442185191001273565127093303845334544550007384054303733880561987508919843229875482519439615469904551

print(is_prime(p))

c1=

7594921197064526047784080923079517059827539466365558544650204974415163497780626659206443793638988828064232907316737135802139126460602808272827494458434164732495785719505318822019624456 1623697425292916511744852569537275299008074069250282222480373555169325242455879869868679935977005580843853804599341730525546675515324718058489296906319060874296111833437083796029771812

c2=

77907941155376849046818020584594846942386293571953448410760364023962818506838837521412252753647936913064982141652362831680077554268552176063108954360620095019160785058740575077744454461 64396927393873127062799179592524261929396489624929509403472538179516440071408622677765206119443023359819036655186448408911111449931544355548130487697653008605945892957382219567188182572

q=iroot(a-(p**2),2)

print(q)

q=888347358062191513488156436138991579826598872460149267394117

n=p*q

for e in range(2**16):

try:

d=invert(e,(p-1)*(q-1))

m=pow(c1,d,n)

m=long_to_bytes(m)

if b'DASCTF' in m:

print(e)

print(m)

except:pass

3-2Title name: middleersa1

dp low-level leak, directly restore dp sagemath

fromtqdmimport*secret=1642122247947767590084047512154856959705749371720710428047250478126321193705946117104552307567185209952017e=0x10001n=53290208062987048378703574235428685467319210471478014757229530639473548433668122104609082311237893278140109351209752453324855439700478949142631006593125874 482133364050198292529339327668306943207846561273907830779959709641714284066463679953568692820076085446240980505949826504849495848235048490118010959579651F.x=PolynomialRing(Zmod(n))d=inverse_mod(e, n)forkintrange(1, e):

f=(2^350*x+secret ) + (k-1) *d

f=f.monic()

x0=f.small_roots(X=2** (160+1), beta=0.44, epsilon=1/32)

iflen(x0) !=0:

dp=x0[0]*2^350+secret

foriinrange(2, e):

p=(e*Integer(dp) -1+i) //i

ifn%p==0:

break

ifp0:

Continue continue

else:

print('p=',p)

print('dp=',dp)

break

charon@root:~/Desktop$sage3.sage

3%|█▏ |2131/65536 [04:202:15:43, 7.79it/s]('p=', 7285247160124204278422137084033487832078298767596529079060207472774245581946206647731149570480079821873425695996881346401317790559430521087133338233749429)

('dp=', 236998137622790233327677438136615897248743961007000625548260712756987527361785137753678241058692497066300617725336085425448365495410315866728234083256081)

3%|█▏ |2131/65536 [04:202:09:08, 8.18it/s]

fromCrypto.Util.numberimport*fromgmpy2import*p=7285247160124204278422137084033487832078298767596529079060207472774245581946206647731149570480079821873425695996881346401317790559430521087133338233749429n=532902080629 87048378703574235428685467319210471478014757229530639473548433668122104609082311237893278140109351209752453324855439700478949142631006593125874482133364050198292529339327668306943207846561273907830779959709641714284 066463679953568692820076085446240980505949826504849495848235048490118010959579651c=121645839012282267235698318035557474254197947143312075093479977955202068661738134785587472593190243766519680088385628562659669034718 03669392265118265704723742518812401306445616633449971845569756343283456918105040589961351125414282181230864299705837250020888494290318050869813023592249838047791552928679622761print(is_prime(p))print(gcd(n,p))q=n//pe=0x10001d=invert(e,(p-1)*(q-1))m=pow(c,d,n)print(long_to_bytes(m))

DASCTF{6f05154b11bdf950cd2444176618139a}

3-3 Title name: middleersa3

Free, I gave it to flag directly from the source code

fromCrypto.Util.numberimport*FLAG=b'DASCTF{ed3256281d277e12d926b0e8b49f6d78}'p=getPrime(512)q=getPrime(512)e=0x10001d=inverse(e, (p-1)*(q-1))dp=d% (p-1)print('dp:', (dp(2**(512-50)-1))50)print('N:', p*q)print('c:', pow(bytes_to_long(FLAG), e, p*q))'''dp: 2128058695275696512876004752540135766587344290422001997701794179770820634047195468195463118189149674857434252592319139131895N: 6275040413237878235178265456354374763019744989404177645139779005037415862760250961966644447467228603553808644751425715077392985705893045517319192895945366689 5924318267595065857666587937426343157432947610821599765514871454429345275531144349280502167596016574278216643741963132363234498658461551550399794413383c: 55337446119274361069965649785140747071935055092480249085789478526259932536136231609682528797724708750732847686561672780887952659134484499521434824018747099 238582445758002389884725560169750050917959735297922450030075064765749276015138482194721673506034988635977907296576683118011031333035476989567847885710256'''

DASCTF{ed3256281d277e12d926b0e8b49f6d78}

4.RE

4-1Title name: simpleDispy

pydis reading questions, manually restore the pydis verification algorithm.

arr=[47378,

29475,

46200,

39869,

67243,

68695,

73129,

27171,

53832,

30653,

60541,

67276,

58816,

63571,

50131,

34471,

67922,

82293,

33259,

67538,

57810,

50339,

34632,

68754,

83192,

36077,

60424,

54547,

56308,

33565,

69425,

84024]# Verification

k=22643

flag='t'*32

for i in range(32):

num=(ord(flag[i])*255)+k

if arr[i] !=num:

print('Error')

break

k=(k+num)0xFFFF# Restore flag

k=22643

flag=''

for i in range(32):

flag +=chr(((arr[i] - k)//255))

k=(k+arr[i])0xFFFF

print(flag)

flag:

ab0c216ec63a9f984cbf8975ad63e09c

4-2Title name: stripgo

v1=encoding_base64_NewEncoding((__int64)'QWERTYUIOPASDFGHJKLZXCVBNMqwertyuioopasdfghjklzxcvbn/+m1234567890', 64LL);if ( v4==32runtime_memequal(v3, (__int64)'K/WyqBFyrUisB1Pse2KyDVYxM2CfMJ==', 32LL) )

Deformed table base64

https://gchq.github.io/CyberChef/#recipe=From_Base64('QWERTYUIOPASDFGHJKLZXCVBNMqwertyuioopasdfghjklzxcvbn/%2Bm1234567890',true,false)input=Sy9XeXFCRnlyVWlzQjFQc2UyS3lEVll4TTJDZk1KPT0