陇原战"疫"2021网络安全大赛

一个人打比赛……逆向题目质量一般。嗯就这样。

小吐槽：今年一大堆”xx杯”，题目质量参差不齐，一点不想打……还是多参加点大型比赛吧

findme

标准RC4，key为SETCTF2021

q = [hex(i & 0xff)[2:].zfill(2) for i in [0xFFFFFFB7, 0x00000052, 0xFFFFFF85, 0xFFFFFFC1, 0xFFFFFF90, 0xFFFFFFE9, 0x00000007, 0xFFFFFFB8, 0xFFFFFFE4, 0x0000001A, 0xFFFFFFC3, 0xFFFFFFBD, 0x0000001D, 0xFFFFFF8E, 0xFFFFFF85, 0x00000046, 0x00000000, 0x00000021, 0x00000044, 0xFFFFFFAF, 0xFFFFFFEF, 0x00000070, 0x00000032, 0xFFFFFFB5, 0x00000011, 0xFFFFFFC6]]
print("".join(q))

Eat_something

WASM逆向，文件不大，动调分析字节码。定位到0x325进行了与密文的对比。也可直接JEB

arr = [0xAFF089AC85AA8B86, 0xE56EBFB2DDD669D8, 0x7DF28BBCD5CC99AE, 0xE37A]
arr = [struct.pack("<Q", i) for i in arr]
data = b''.join(arr).replace(b"\x00", b'')
print(data)
print("".join([chr(((v ^ i) // 2)) for i, v in enumerate(data)]))

power

arm汇编

arm-linux-gnueabi-as power -o power.o

标准AES

int __cdecl main(int argc, const char **argv, const char **envp)
{
  aes *v3; // r4
  int i; // [sp+0h] [bp+0h]
  char v6[20]; // [sp+8h] [bp+8h] BYREF
  int v7[25]; // [sp+1Ch] [bp+1Ch] BYREF
  char v8[100]; // [sp+80h] [bp+80h] BYREF

  strcpy(v6, "this_is_a_key!!!");
  memset(v7, 0, sizeof(v7));
  memset(v8, 0, sizeof(v8));
  puts("input flag:");
  fgets((char *)v7, 100, (FILE *)stdin);
  v3 = (aes *)operator new(0xB0u);
  aes::aes(v3, v6);
  if ( strlen((const char *)v7) != 33 )
    exit(0);
  LOBYTE(v7[8]) = 0;
  for ( i = 0; i <= 31; i += 16 )
    aes::encryption_cbc(v3, (char *)&v7[i / 4u], &v8[2 * i]);
  if ( !strcmp(v8, "1030a9254d44937bed312da03d2db9adbec5762c2eca7b5853e489d2a140427b") )
    puts("yeah, you get it!");
  else
    puts("wrong!");
  return 0;
}

解密

EasyRe

Shift+F12

EasyRE_Revenge

跟EasyRe结构相同，去除花指令

上脚本

from z3 import *

key = [0] * 8
v = [0] * 8
key[0] = BitVecVal(0x271E150C, 32)
key[1] = BitVecVal(0x3B322920, 32)
key[2] = BitVecVal(0x5F564D44, 32)
key[3] = BitVecVal(0x736A6158, 32)
key[4] = BitVecVal(0x978E857C, 32)
key[5] = BitVecVal(0xABA29990, 32)
key[6] = BitVecVal(0xCFC6BDB4, 32)
key[7] = BitVecVal(0xE3DAD1C8, 32)

flag = [BitVec(f"flag[{i}]", 32) for i in range(8)]
sol = Solver()

for i in range(8):
    v[i] = flag[i] ^ key[(7 * i + 2) % 8]

for j in range(8):
    v[j] ^= v[j] << 7
    v[j] ^= key[(7 * j + 3) % 8]
    v[j] ^= v[(5 * j + 3) % 8]
    v[j] ^= v[j] << 13
    v[j] ^= key[(7 * j + 5) % 8]
    v[j] ^= v[j] << 17

enc = [0xEEE8B042, 0x57D0EE6C, 0xF3F54B32, 0xD3F0B7D6, 0x0A61C389, 0x38C7BA40, 0x0C3D9E2C, 0xD64A9284]
for i in range(8):
    sol.add(v[i] == enc[i])
assert sol.check() == sat
mol = sol.model()
flag = [int.to_bytes(mol.eval(i).as_long(), 4, byteorder="little").decode() for i in flag]
print("".join(flag))

O

原题出自TCTF 2021 Final bali

参考

0CTF/TCTF 2021 Finals Writeup | r3kapig

赛后有空复现补上（