0%

[柏鹭杯 2021]baby_python

2024-07-31 03:03By
Fear1ess
PythonZ3逆向

Problem: [柏鹭杯 2021]baby_python

[[toc]]

思路

  • 解题大致思路
    exeinfope分析:pyinstaller打包exe,直接使用pyinstxtractor-ng解包

注:看好多wp说用pyinstxtractor必须要用对应python3.7解包,而且要获取key,用脚本AES解密

pyinstxtractor-ng完全没有这个烦恼,直接一键解包+解密,(本人是3.10的环境一样解包成功)

使用pycdc反编译,baby.pyc显示

if __name__ == '__main__':
    main()

找到该import包,反编译得到python问题如下

# File: baby_core.pyc (Python 3.7)
import hashlib

def md5(s=None):
    m = hashlib.md5()
    m.update(s)
    return m.hexdigest().lower()

def main():
    secret = input('secret: ')
    if len(secret) != 48:
        return None
    if not None.isnumeric():
        return None
    values = []
    for i in range(0, 48, 3):
        values.append(int(secret[i:i + 3]))

    co = [
        [158, 195, 205, 229, 213, 238, 211, 198, 190, 226, 135, 119, 145, 205, 113, 122],
        [234, 256, 185, 253, 244, 134, 102, 117, 190, 106, 131, 205, 198, 234, 162, 218],
        [164, 164, 209, 200, 168, 226, 189, 151, 253, 241, 232, 151, 193, 119, 226, 193],
        [213, 117, 151, 103, 249, 148, 103, 213, 218, 222, 104, 228, 100, 206, 218, 177],
        [217, 202, 126, 214, 195, 125, 144, 105, 152, 118, 167, 137, 171, 173, 206, 240],
        [160, 134, 131, 135, 186, 213, 146, 129, 125, 139, 174, 205, 177, 240, 194, 181],
        [183, 213, 127, 136, 136, 209, 199, 191, 150, 218, 160, 111, 191, 226, 154, 191],
        [247, 188, 210, 219, 179, 204, 155, 220, 215, 127, 225, 214, 195, 162, 214, 239],
        [108, 112, 104, 133, 178, 138, 110, 176, 232, 124, 193, 239, 131, 138, 161, 218],
        [140, 213, 142, 181, 179, 173, 203, 208, 184, 129, 129, 119, 122, 152, 186, 124],
        [105, 205, 124, 142, 175, 184, 234, 119, 195, 218, 141, 122, 202, 202, 190, 178],
        [183, 178, 256, 124, 241, 132, 163, 209, 204, 104, 175, 211, 196, 136, 158, 210],
        [224, 144, 189, 106, 177, 251, 206, 163, 167, 144, 208, 254, 117, 253, 100, 106],
        [251, 251, 136, 170, 145, 177, 175, 124, 193, 188, 193, 198, 208, 171, 151, 230],
        [143, 200, 143, 150, 243, 148, 136, 213, 161, 224, 170, 208, 185, 117, 189, 242],
        [234, 188, 226, 194, 248, 168, 250, 244, 166, 106, 113, 218, 209, 220, 158, 228]
    ]
    r = [472214, 480121, 506256, 449505, 433390, 435414, 453899, 536361, 423332, 427624, 440268, 488759, 469049, 484574, 480266, 522818]
    for i in range(16):
        v = 0
        for j in range(16):
            v += co[i][j] * values[j]

        if v != r[i]:
            return None

    print('flag{ISEC-%s}' % md5(secret.encode()))

代码解释:

定义一个MD5函数,要输出小写结果

secret的长度为48,values列表的值是secret每3位为一个int

加密逻辑:

co为16×16矩阵

该行第n个值×values[n] 总和为v

v与r对应的值比较,即 r[n] = v = co[0]×values[0]+...+co[15]×values[15]

EXP

  • 具体攻击代码
import hashlib


def md5(s: bytes) -> str:
    m = hashlib.md5()
    m.update(s)
    return m.hexdigest().lower()


co = [[158, 195, 205, 229, 213, 238, 211, 198, 190, 226, 135, 119, 145, 205, 113, 122],
      [
    234, 256, 185, 253, 244, 134, 102, 117, 190, 106, 131, 205, 198, 234, 162, 218],
    [
    164, 164, 209, 200, 168, 226, 189, 151, 253, 241, 232, 151, 193, 119, 226, 193],
    [
    213, 117, 151, 103, 249, 148, 103, 213, 218, 222, 104, 228, 100, 206, 218, 177],
    [
    217, 202, 126, 214, 195, 125, 144, 105, 152, 118, 167, 137, 171, 173, 206, 240],
    [
    160, 134, 131, 135, 186, 213, 146, 129, 125, 139, 174, 205, 177, 240, 194, 181],
    [
    183, 213, 127, 136, 136, 209, 199, 191, 150, 218, 160, 111, 191, 226, 154, 191],
    [
    247, 188, 210, 219, 179, 204, 155, 220, 215, 127, 225, 214, 195, 162, 214, 239],
    [
    108, 112, 104, 133, 178, 138, 110, 176, 232, 124, 193, 239, 131, 138, 161, 218],
    [
    140, 213, 142, 181, 179, 173, 203, 208, 184, 129, 129, 119, 122, 152, 186, 124],
    [
    105, 205, 124, 142, 175, 184, 234, 119, 195, 218, 141, 122, 202, 202, 190, 178],
    [
    183, 178, 256, 124, 241, 132, 163, 209, 204, 104, 175, 211, 196, 136, 158, 210],
    [
    224, 144, 189, 106, 177, 251, 206, 163, 167, 144, 208, 254, 117, 253, 100, 106],
    [
    251, 251, 136, 170, 145, 177, 175, 124, 193, 188, 193, 198, 208, 171, 151, 230],
    [
    143, 200, 143, 150, 243, 148, 136, 213, 161, 224, 170, 208, 185, 117, 189, 242],
    [
    234, 188, 226, 194, 248, 168, 250, 244, 166, 106, 113, 218, 209, 220, 158, 228]]
r = [
    472214, 480121, 506256, 449505, 433390, 435414, 453899, 536361, 423332, 427624, 440268, 488759, 469049, 484574,
    480266, 522818]

s = Solver()
values = [Int('v%d' % i) for i in range(16)]
#print(values)
for i in range(16):
    v = 0
    for j in range(16):
        v += co[i][j] * values[j]
    s.add(v == r[i])

for j in range(16):
    s.add(values[j] > 0)

s.check()
answer = s.model()
print(answer)
#print([str(answer[each]) for each in values])
# [v13 = 103, v9 = 109, v12 = 152, v14 = 124, v10 = 244, v2 = 188, v0 = 113, v3 = 123, v15 = 165, v6 = 154, v7 = 241, v4 = 164, v8 = 163, v11 = 215, v1 = 201, v5 = 176]
result = "".join([str(answer[each]) for each in values])
# print(result)
# 113201188123164176154241163109244215152103124165
len(result)
# 48
print('flag{ISEC-%s}' % md5(result.encode()))

定义values为16个未知数,正向写方程式解密
将v0——v15排列 md5加密即可

总结

还没有人赞赏,快来当第一个赞赏的人吧!
  
© 著作权归作者所有
加载失败
广告
×
评论区
添加新评论
文章信息
板块REVERSE
作者
Fear1ess
目录导航