-
-
[原创] KCTF 2019 Q1 第十题 Powershell for .NET
-
发表于: 2019-3-24 00:16
-
0x00 .NET 样例,代码逻辑比较清晰,用powershell直接模拟解密即可
C:\>powershell
Windows PowerShell
版权所有 (C) Microsoft Corporation。保留所有权利。
PS C:\> $bytes = [System.Text.Encoding]::UTF8.GetBytes("Kanxue2019CTF-Q1");
PS C:\> $rgb = New-Object -TypeName System.Security.Cryptography.PasswordDeriveBytes -ArgumentList "Kanxue2019",$null
PS C:\> $rgbKey = $rgb.GetBytes(0x20)
PS C:\> $rm = New-Object -TypeName System.Security.Cryptography.RijndaelManaged
PS C:\> $rm.Key = $rgbKey
PS C:\> $rm.IV = $bytes
PS C:\> $dec = $rm.CreateDecryptor()
PS C:\> $encstr = [System.Convert]::FromBase64String("4RTlF9Ca2+oqExJwx68FiA==")
PS C:\> $decstr = $dec.TransformFinalBlock($encstr, 0, $encstr.Length);
PS C:\> [System.Text.Encoding]::UTF8.GetString($decstr)
Kanxue2019Q1CTF
PS C:\>C:\>powershell
Windows PowerShell
版权所有 (C) Microsoft Corporation。保留所有权利。
PS C:\> $bytes = [System.Text.Encoding]::UTF8.GetBytes("Kanxue2019CTF-Q1");
PS C:\> $rgb = New-Object -TypeName System.Security.Cryptography.PasswordDeriveBytes -ArgumentList "Kanxue2019",$null
PS C:\> $rgbKey = $rgb.GetBytes(0x20)
PS C:\> $rm = New-Object -TypeName System.Security.Cryptography.RijndaelManaged
PS C:\> $rm.Key = $rgbKey
PS C:\> $rm.IV = $bytes
PS C:\> $dec = $rm.CreateDecryptor()
PS C:\> $encstr = [System.Convert]::FromBase64String("4RTlF9Ca2+oqExJwx68FiA==")
PS C:\> $decstr = $dec.TransformFinalBlock($encstr, 0, $encstr.Length);
PS C:\> [System.Text.Encoding]::UTF8.GetString($decstr)
Kanxue2019Q1CTF
PS C:\>[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
