比较新颖的一个题目,内容如下:
Crypto-crossword (by a0su, maczilla, dm)
----------------
Can use use the clues to decode the flag?
1 2 3 4 5
+---+---+---+---+---+ }
| | | | | | |
|---+---+---+---+---| |
6 | | | | | | |
|---+---+---+---+---| \
7 | | | | | | -> WKYQMRKNQLMESZLBSTIKSIPTSLELQLEFEHZZQPNBEZKNOTKJVDHWWRVAULIHXUTYUIHCJMEIXTHDVWCANBMHS
|---+---+---+---+---| /
8 | | | | | | |
|---+---+---+---+---| |
9 | | | | | | |
+---+---+---+---+---+ }
1: ;fH;aCh7-"@UWb^G@>N&F#kFRDf'?"DIal3D]iJ!C3=T>+EqL-F<G%(Ci=3(F!,RC+EqL;D'3b7+B;0.==s
2: GUR FZNYYRFG EFN RKCBARAG RIRE VA JVQRFCERNQ HFR.
3: 4261636b77617264733a2074776f20666f722062696e6172792c2074656e20666f7220646563696d616c2c20616e64
207369787465656e20666f72206865782e20
4: KLHHRYOB GSV URIHG QZEZHXIRKG UFMXGRLM BLF VEVI XZOOVW.
5: Ecceilnort cdemnostu ahtt eoprv ehinoprsw fo ,eksy cddeeru ot efiv .eelrstt
6: FRPPRQ UHVHUYHG ZRUG LQ F++ DQG SBWKRQ.
7: TW9kZXJuIGNyeXB0byBlc3BlY2lhbGx5IGxpa2VzIGdyb3VwcyBvZiBwcmltZSBfX19fXy4=
8: ooOo00oo0oOo0ooo0O0000oooo0oO0oOoo0ooOo0000OOO0ooOo0000oO0000ooOo0oO0OO0OOO0ooO0ooo0000OOO0oOO
o0o0Oo0ooo0ooo0oOoo0000oooO0ooO0oOoo0Oo0o0oOo0oO0Oooo00oo0oOoo00oo0O0OoOO0oOoOoO0
9: 7x4 2x1 6x1 3x2 # 2x1 7x4 # 2x1 6x2 7x4 9x1 3x2 7x3 # 6x2 8x2 6x1 2x2 3x2 7x3 # 3x3 4x3 8x3 3x2
1x1
提示图片:
看到这个题目大概的理解是需要完成一个5x5的填词游戏,填写的内容应该是和下方9个小题有关。
第一题
;fH;aCh7-"@UWb^G@>N&F#kFRDf'?"DIal3D]iJ!C3=T>+EqL-F<G%(Ci=3(F!,RC+EqL;D'3b7+B;0.==s
看到这种都是可打印字符的密文大概率是Base系列编码,大概对比了一下应该是用的Base85。
解密看一下:
import base64
cipher_text=b';fH;aCh7-"@UWb^G@>N&F#kFRDf\'?"DIal3D]iJ!C3=T>+EqL-F<G%(Ci=3(F!,RC+EqL;D\'3b7+B;0.==s'
###ASCII85型(ctf常用)
c = base64.a85decode(cipher_text).decode() #解密
#m = base64.a85encode(plain_text.encode('utf-8')).decode()#加密
###RFC1924型(没什么卵用,就是花里胡哨)
#c = base64.b85decode(cipher_text).decode() #解密
#m = base64.b85encode(plain_text.encode('utf-8')).decode()#加密
'''
Spelled backwards: command to adjust what belongs to whom on UNIX.
'''
反过来读:Unix中调整什么归属于谁的命令,那么也就是chown反过来,即nwohc。
1 2 3 4 5
+---+---+---+---+---+ }
| n | | | | | |
|---+---+---+---+---| |
6 | w | | | | | |
|---+---+---+---+---| \
7 | o | | | | |
|---+---+---+---+---| /
8 | h | | | | | |
|---+---+---+---+---| |
9 | c | | | | | |
+---+---+---+---+---+ }
第二题
GUR FZNYYRFG EFN RKCBARAG RIRE VA JVQRFCERNQ HFR.
这个题看上就就是个置换密码,试了一下几种算法发现就是简单的rot13。
message='GUR FZNYYRFG EFN RKCBARAG RIRE VA JVQRFCERNQ HFR.'
import codecs
codecs.encode(message, 'rot_13')
#THE SMALLEST RSA EXPONENT EVER IN WIDESPREAD USE.
普遍使用的最小的RSA加密指数,这地方大概判断一下应该是three,刚好五个字母。
1 2 3 4 5
+---+---+---+---+---+ }
| n | t | | | | |
|---+---+---+---+---| |
6 | w | h | | | | |
|---+---+---+---+---| \
7 | o | r | | | |
|---+---+---+---+---| /
8 | h | e | | | | |
|---+---+---+---+---| |
9 | c | e | | | | |
+---+---+---+---+---+ }
第三题
4261636b77617264733a2074776f20666f722062696e6172792c2074656e20666f7220646563696d616c2c20616e64207369787465656e20666f72206865782e20
试一下直接转字符。
from Crypto.Util.number import *
s=long_to_bytes(0x4261636b77617264733a2074776f20666f722062696e6172792c2074656e20666f7220646563696d616c2c20616e64207369787465656e20666f72206865782e20)
#Backwards: two for binary, ten for decimal, and sixteen for hex.
也是反过来:二进制中的2,十进制中的10,十六进制中的16。说的应该是基数或者底数,找到5个字母的单词radix,反过来就是xidar。
1 2 3 4 5
+---+---+---+---+---+ }
| n | t | x | | | |
|---+---+---+---+---| |
6 | w | h | i | | | |
|---+---+---+---+---| \
7 | o | r | d | | |
|---+---+---+---+---| /
8 | h | e | a | | | |
|---+---+---+---+---| |
9 | c | e | r | | | |
+---+---+---+---+---+ }
第四题
KLHHRYOB GSV URIHG QZEZHXIRKG UFMXGRLM BLF VEVI XZOOVW.
这次也是替换密码,但不是rot13了。试一下爆破quipiup。得到结果: POSSIBLY THE FIRST JAVASCRIPT FUNCTION YOU EVER CALLED.
第一次使用的js函数?反正写helloworld的时候要不就是log要不就是alert,按照字母个数肯定选alert。
1 2 3 4 5
+---+---+---+---+---+ }
| n | t | x | a | | |
|---+---+---+---+---| |
6 | w | h | i | l | | |
|---+---+---+---+---| \
7 | o | r | d | e | |
|---+---+---+---+---| /
8 | h | e | a | r | | |
|---+---+---+---+---| |
9 | c | e | r | t | | |
+---+---+---+---+---+ }
第五题
Ecceilnort cdemnostu ahtt eoprv ehinoprsw fo ,eksy cddeeru ot efiv .eelrstt
目测就是把一句话中每个单词的字母顺序打乱,尚未发现有专门的工具处理这种情况。肉眼排序:
Electronic documents that prove ownership of keys, reduced to five letters.
证明密钥所有者的电子文档,这不就是证书?certificate简化为五个字母,linux中保存证书的目录/etc/pki/tls/certs。
1 2 3 4 5
+---+---+---+---+---+ }
| n | t | x | a | c | |
|---+---+---+---+---| |
6 | w | h | i | l | e | |
|---+---+---+---+---| \
7 | o | r | d | e | r |
|---+---+---+---+---| /
8 | h | e | a | r | t | |
|---+---+---+---+---| |
9 | c | e | r | t | s | |
+---+---+---+---+---+ }
实际到此为止已经填满了所有格子,其他几题感兴趣的话可以继续看一下。
第六题
FRPPRQ UHVHUYHG ZRUG LQ F++ DQG SBWKRQ.
替换密码,老规矩上quipiup。得到结果:COMMON RESERVED WORD IN C++ AND PYTHON.
C++和python中的保留字,五个字母的很明确就是while。
第七题
TW9kZXJuIGNyeXB0byBlc3BlY2lhbGx5IGxpa2VzIGdyb3VwcyBvZiBwcmltZSBfX19fXy4=
等号结尾直接上base64
import base64
cipher_text=b'TW9kZXJuIGNyeXB0byBlc3BlY2lhbGx5IGxpa2VzIGdyb3VwcyBvZiBwcmltZSBfX19fXy4='
c = base64.b64decode(cipher_text).decode()
#Modern crypto especially likes groups of prime _____.
这地方填order具体原因不深究。
第八题
ooOo00oo0oOo0ooo0O0000oooo0oO0oOoo0ooOo0000OOO0ooOo0000oO0000ooOo0oO0OO0OOO0ooO0ooo0000OOO0oOOo0o0Oo0ooo0ooo0oOoo0000oooO0ooO0oOoo0Oo0o0oOo0oO0Oooo00oo0oOoo00oo0O0OoOO0oOoOoO0
应该是摩斯密码变形,不深究。
第九题
7x4 2x1 6x1 3x2 # 2x1 7x4 # 2x1 6x2 7x4 9x1 3x2 7x3 # 6x2 8x2 6x1 2x2 3x2 7x3 # 3x3 4x3 8x3 3x2 1x1
手机键盘密码,对照看一下就知。
得到结果很蛋疼SAME # AS # ANSWER # NUMBER # FIVE
求明文
通过提示图片可知最后一步考的是希尔密码(图中小山也就是hill),就要将以下格子转换为加密矩阵。
1 2 3 4 5
+---+---+---+---+---+ }
| n | t | x | a | c | |
|---+---+---+---+---| |
6 | w | h | i | l | e | |
|---+---+---+---+---| \
7 | o | r | d | e | r |
|---+---+---+---+---| /
8 | h | e | a | r | t | |
|---+---+---+---+---| |
9 | c | e | r | t | s | |
+---+---+---+---+---+ }
加密矩阵为: K = [ 13 19 23 0 2 22 7 8 11 4 14 17 3 4 17 7 4 0 17 19 2 4 17 19 18 ] K= \begin{bmatrix} 13 & 19 & 23 & 0 & 2 \\ 22 & 7 & 8 & 11 & 4 \\ 14 & 17 & 3 & 4 & 17 \\ 7 & 4 & 0 & 17 & 19 \\ 2 & 4 & 17 & 19 & 18 \end{bmatrix} K=⎣⎢⎢⎢⎢⎡13221472197174423830170114171924171918⎦⎥⎥⎥⎥⎤
解密过程实际就是密文每5个字母分一组,与密钥矩阵的逆相乘得到明文。脚本为:
from sympy import Matrix
alphabet_length = 26
def decrypt(matrix, words):
cipher = ""
M = Matrix(matrix)
M = M.inv_mod(alphabet_length)
length = len(M)
d = {}
d2 = {}
alph = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
for x in range(len(alph)):
d[alph[x]] = x
d2[x] = alph[x]
# print d
count = 0
l = []
for ch in words:
if (count + 1) % (5 + 1) == 0:
m = Matrix(l)
dot_pr_m = M * m
n = []
for i in dot_pr_m:
cipher += d2[i % alphabet_length]
count = 0
l = []
l.append(d[ch])
count += 1
if (count + 1) % (5 + 1) == 0:
m = Matrix(l)
dot_pr_m = M * m
n = []
for i in dot_pr_m:
cipher += d2[i % alphabet_length]
return cipher
if __name__ == "__main__":
key = [
[13, 19, 23, 0, 2],
[22, 7, 8, 11, 4],
[14, 17, 3, 4, 17],
[7, 4, 0, 17, 19],
[2, 4, 17, 19, 18],
]
ciphertext = "WKYQMRKNQLMESZLBSTIKSIPTSLELQLEFEHZZQPNBEZKNOTKJVDHWWRVAULIHXUTYUIHCJMEIXTHDVWCANBMHS"
m=decrypt(key, ciphertext)
# MESSAGEXISXNOXBLACKXSQUARESXAMIGOXSEPARATEDXBYXSPACEXANDXENCLOSEDXINXTHEXUSUALXFORMAT
X是分隔符,去掉以后明文就是:MESSAGE IS NO BLACK SQUARES AMIGO SEPARATED BY SPACE AND ENCLOSED IN THE USUAL FORMAT
扫一扫
993
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
