-
-
[原创]第十题 初入好望角 WriteUp
-
2019-3-19 12:57
-
第十题 初入好望角 WriteUp
Step 1
如图,使用de4dot 脱壳,得到
Step 2
载入.Net Reflector
private static void Main(string[] args)
{
Console.WriteLine("Please Input Serial:");
if (smethod_0(Console.ReadLine(), "Kanxue2019") == "4RTlF9Ca2+oqExJwx68FiA==")
{
Console.WriteLine("Congratulations! : )");
Console.ReadLine();
}
}
public static string smethod_0(string string_1, string string_2)
{
byte[] bytes = Encoding.UTF8.GetBytes("Kanxue2019CTF-Q1");
byte[] buffer = Encoding.UTF8.GetBytes(string_1);
byte[] rgbKey = new PasswordDeriveBytes(string_2, null).GetBytes(0x20);
ICryptoTransform transform = new RijndaelManaged { Mode = CipherMode.CBC }.CreateEncryptor(rgbKey, bytes);
MemoryStream stream = new MemoryStream();
CryptoStream stream1 = new CryptoStream(stream, transform, CryptoStreamMode.Write);
stream1.Write(buffer, 0, buffer.Length);
stream1.FlushFinalBlock();
byte[] inArray = stream.ToArray();
stream.Close();
stream1.Close();
return Convert.ToBase64String(inArray);
}
很明显,得到本题为des的cbc模式加密,Kanxue2019为密钥,"Kanxue2019CTF-Q1"为IV
据此写出脚本如下
public static string Decrypt(string pToDecrypt, string sKey)
{
byte[] bytes = Encoding.UTF8.GetBytes("Kanxue2019CTF-Q1");
//byte[] bytes2 = Encoding.UTF8.GetBytes(pToDecrypt);
byte[] bytes3 = new PasswordDeriveBytes(sKey, null).GetBytes(32);
ICryptoTransform transform = new RijndaelManaged
{
Mode = CipherMode.CBC
}.CreateDecryptor(bytes3, bytes);
//DESCryptoServiceProvider des = new DESCryptoServiceProvider();
byte[] inputByteArray = Convert.FromBase64String(pToDecrypt);
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, transform, CryptoStreamMode.Write);
cs.Write(inputByteArray, 0, inputByteArray.Length);
// 如果两次密匙不一样,这一步可能会引发异常
cs.FlushFinalBlock();
return System.Text.Encoding.Default.GetString(ms.ToArray());
}
static void Main(string[] args)
{
string str1 = "4RTlF9Ca2+oqExJwx68FiA==";
string str2 = "Kanxue2019";
string out1 = Program.Decrypt(str1,str2);
Console.WriteLine(out1);
System.Console.ReadKey();
}
拿到flag
over!!!
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
最后于 2019-3-20 16:40
被Simp1er编辑
,原因:
|
|
|---|---|
