那天做了挺久,最后终于搞出来了:)
1.放到ida中判断出该文件使用pyinstaller打包
2.使用pyinstxtractor对exe进行反编译
3.得到奇怪的交易.pyc和PYZ-00.pyz_extracted文件夹中的pyc文件
4.反编译pyimod00_crypto_key.pyc,得到pyc.encrypted加密密钥为0000000000000tea
|
1
2
|
#!/usr/bin/env python
key
=
'0000000000000tea'
|
5.使用tinyaes对cup.pyc.encrypted进行解密,得到解密后的pyc
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
#!/usr/bin/env python3
import
tinyaes
import
zlib
CRYPT_BLOCK_SIZE
=
16
# key obtained from pyimod00_crypto_key
key
=
bytes(
'0000000000000tea'
,
'utf-8'
)
inf
=
open
(
'cup.pyc.encrypted'
,
'rb'
)
# encrypted file input
outf
=
open
(
'cup310.pyc'
,
'wb'
)
# output file
# Initialization vector
iv
=
inf.read(CRYPT_BLOCK_SIZE)
cipher
=
tinyaes.AES(key, iv)
# Decrypt and decompress
plaintext
=
zlib.decompress(cipher.CTR_xcrypt_buffer(inf.read()))
# Write pyc header
# The header below is for Python 3.10
outf.write(b
'\x6f\x0d\x0d\x0a\0\0\0\0\0\0\0\0\0\0\0\0'
)
# Write decrypted data
outf.write(plaintext)
inf.close()
outf.close()
|
6.反编译奇怪的交易.pyc和cup.pyc,得到main函数和encrypt函数。判断出加密函数为xxtea加密算法,得到加密的密文和密钥。
main函数不完整,但是猜测bbb就是xxtea加密后的密文,[54,54,54,54]就是密钥。
cup.py文件源码:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/usr/bin/env python
# visit https://tool.lu/pyc/ for more information
import
libnum
from
ctypes
import
*
def
MX(z, y, total, key, p, e):
temp1
=
(z.value >>
5
^ y.value <<
2
)
+
(y.value >>
3
^ z.value <<
4
)
temp2
=
(total.value ^ y.value)
+
(key[p &
3
^ e.value] ^ z.value)
return
c_uint32(temp1 ^ temp2)
def
encrypt(v, k, z):
delte
=
0x9E3779B9L
ᘛ
=
6
+
52
/
/
v
total
=
c_uint32(
0
)
ᘔ
=
c_uint32(k[v
-
1
])
ᘕ
=
c_uint32(
0
)
if
ᘛ >
0
:
total.value
+
=
delte
ᘕ.value
=
total.value >>
2
&
3
ᘚ
=
c_uint32(k[
0
])
k[v
-
1
]
=
c_uint32(k[v
-
1
]
+
MX(ᘔ, ᘚ, total, z, v
-
1
, ᘕ).value).value
ᘔ.value
=
k[v
-
1
]
ᘛ
-
=
1
if
not
ᘛ >
0
:
return
k
|
反编译奇怪的交易.py文件源码:(源码不完整)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
|
#!/usr/bin/env python
# visit https://tool.lu/pyc/ for more information
from
cup
import
*
if
__name__
=
=
'__main__'
:
flag
=
input
(
'\xe8\xaf\xb7\xe8\xbe\x93\xe5\x85\xa5flag'
)
pub_key
=
[
0x649EE967E7916A825CC9FD3320BEABF263BEAC68C080F52824A0F521EDB6B78577EC52BF1C9E78F4BB71192F9A23F1A17AA76E5979E4D953329D3CA65FB4A71DA57412B59DFD6AEDF0191C5555D3E5F582B81B5E6B23163E9889204A81AFFDF119FE25C92F4ED59BD3285BCD7AAE14824240D2E33C5A97848F4EB7AAC203DE6330D2B4D8FF61691544FBECD120F99A157B3D2F58FA51B2887A9D06CA383C44D071314A12B17928B96F03A06E959A5AFEFA0183664F52CD32B9FC72A04B45913FCB2D5D2D3A415A14F611CF1EAC2D6C785142A8E9CC41B67A6CD85001B06EDB8CA767D367E56E0AE651491BF8A8C17A38A1835DB9E4A9292B1D86D5776C98CC25
,
0x647327833ACFEF1F9C83E74E171FC300FA347D4A6769476C33DA82C95120ACB38B62B33D429206FE6E9BB0BB7AB748A1036971BEA36EC47130B749C1C9FF6FE03D0F7D9FC5346EB0E575BDFA6C530AA57CD676894FC080D2DD049AB59625F4B9C78BCFD95CDCD2793E440E26E189D251121CB6EB177FEDB596409034E8B0C5BBD9BD9342235DBB226C9170EFE347FF0FD2CFF9A1F7B647CC83E4D8F005FD7125A89251C768AFE70BDD54B88116814D5030F499BCAC4673CCCC342FB4B6AC58EA5A64546DC25912B6C430529F6A7F449FD96536DE269D1A1B015A4AC6B6E46EE19DCE8143726A6503E290E4BAE6BD78319B5878981F6CFFDB3B818209341FD68B
]
m
=
libnum.s2n(flag)
c
=
str
(
pow
(m, pub_key[
1
], pub_key[
0
]))
aaa
=
[]
bbb
=
[
0xD28ED952
,
1472742623
,
0xD91BA938
,
0xF9F3BD2D
,
0x8EF8E43D
,
617653972
,
1474514999
,
1471783658
,
1012864704
,
0xD7821910
,
993855884
,
438456717
,
0xC83555B7
,
0xE8DFF468
,
198959101
,
0xC5B84FEB
,
0xD9F837C6
,
613157871
,
0x8EFA4EDD
,
97286225
,
0x8B4B608C
,
1471645170
,
0xC0B62792
,
583597118
,
0xAAB1C22D
,
0xBDB9C266
,
1384330715
,
0xAE9F9816
,
0xD1F40B3C
,
0x8206DDC3
,
0xC4E0BADC
,
0xE407BD26
,
145643141
,
0x8016C6A5
,
0xAF4AB9D3
,
506798154
,
994590281
,
0x85082A0B
,
0xCA0BC95A
,
0xA7BE567C
,
1105937096
,
1789727804
,
0xDFEFB591
,
0x93346B38
,
1162286478
,
680814033
,
0xAEE1A7A2
,
0x80E574AE
,
0xF154F55F
,
2121620700
,
0xFCBDA653
,
0x8E902444
,
0xCA742E12
,
0xB8424071
,
0xB4B15EC2
,
0x943BFA09
,
0xBC97CD93
,
1285603712
,
798920280
,
0x8B58328F
,
0xF9822360
,
0xD1FD15EE
,
1077514121
,
1436444106
,
0xA2D6C17E
,
1507202797
,
500756149
,
198754565
,
0x8E014807
,
880454148
,
1970517398
,
0xBFC6EE25
,
1161840191
,
560498076
,
1782600856
,
0x9D93FEBE
,
1285196205
,
788797746
,
1195724574
,
0xF2174A07
,
103427523
,
0x952BFE83
,
0xF730AC4C
,
617564657
,
978211984
,
1781482121
,
0x8379D23A
,
0xEAD737EE
,
0xE41555FB
,
659557668
,
0x99F3B244
,
1561884856
,
0x842C31A4
,
1189296962
,
169145316
,
0xA5CE044C
,
1323893433
,
824667876
,
408202876
,
0xE0178482
,
0xF412BBBC
,
1508996065
,
162419237
,
0xDE740B00
,
0xB7CB64FD
,
0xEBCADB1F
,
0x8EAE2326
,
0x933C216C
,
0xD7D1F649
,
481927014
,
0xA448AC16
,
0xBC082807
,
1261069441
,
2063238535
,
0x8474A61D
,
101459755
,
0xBC5654D1
,
1721190841
,
1078395785
,
176506553
,
0xD3C5280F
,
1566142515
,
1938949000
,
1499289517
,
0xC59872F8
,
829714860
,
0xE51502A2
,
952932374
,
1283577465
,
2045007203
,
0xEBE6A798
,
0xE09575CD
,
0xADDF4157
,
0xC4770191
,
482297421
,
1734231412
,
0xDAC71054
,
0x99807E43
,
0xA88D74B1
,
0xCB77E028
,
1533519803
,
0xEEEBC3B6
,
0xE7E680E5
,
272960248
,
317508587
,
0xC4B10CDC
,
0x91776399
,
27470488
,
1666674386
,
1737927609
,
750987808
,
0x8E364D8F
,
0xA0985A77
,
562925334
,
0x837D6DC3
]
i
=
0
if
i <
len
(c):
ᘞ
=
0
aaa.append(ᘞ)
i
+
=
4
if
not
i < en(c):
ᘝ
=
[
54
,
54
,
54
,
54
]
ccc
=
len
(aaa)
res
=
encrypt(ccc, aaa, ᘝ)
if
aaa
=
=
bbb:
print
(
'You are right!'
)
input
('')
quit()
print
(
'Why not drink a cup of tea and have a rest?'
)
continue
|
7.对密文进行解密,得到flag变换后的明文
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
|
from
ctypes
import
*
def
MX(z, y, total, key, p, e):
temp1
=
(z.value>>
5
^ y.value<<
2
)
+
(y.value>>
3
^ z.value<<
4
)
temp2
=
(total.value ^ y.value)
+
(key[(p&
3
) ^ e.value] ^ z.value)
return
c_uint32(temp1 ^ temp2)
def
decrypt(n, v, key):
delta
=
0x9e3779b9
rounds
=
6
+
52
/
/
n
total
=
c_uint32(rounds
*
delta)
y
=
c_uint32(v[
0
])
e
=
c_uint32(
0
)
while
rounds >
0
:
e.value
=
(total.value >>
2
) &
3
for
p
in
range
(n
-
1
,
0
,
-
1
):
z
=
c_uint32(v[p
-
1
])
v[p]
=
c_uint32((v[p]
-
MX(z,y,total,key,p,e).value)).value
y.value
=
v[p]
z
=
c_uint32(v[n
-
1
])
v[
0
]
=
c_uint32(v[
0
]
-
MX(z,y,total,key,
0
,e).value).value
y.value
=
v[
0
]
total.value
-
=
delta
rounds
-
=
1
return
v
import
binascii
if
__name__
=
=
"__main__"
:
v
=
[
0xD28ED952
,
1472742623
,
0xD91BA938
,
0xF9F3BD2D
,
0x8EF8E43D
,
617653972
,
1474514999
,
1471783658
,
1012864704
,
0xD7821910
,
993855884
,
438456717
,
0xC83555B7
,
0xE8DFF468
,
198959101
,
0xC5B84FEB
,
0xD9F837C6
,
613157871
,
0x8EFA4EDD
,
97286225
,
0x8B4B608C
,
1471645170
,
0xC0B62792
,
583597118
,
0xAAB1C22D
,
0xBDB9C266
,
1384330715
,
0xAE9F9816
,
0xD1F40B3C
,
0x8206DDC3
,
0xC4E0BADC
,
0xE407BD26
,
145643141
,
0x8016C6A5
,
0xAF4AB9D3
,
506798154
,
994590281
,
0x85082A0B
,
0xCA0BC95A
,
0xA7BE567C
,
1105937096
,
1789727804
,
0xDFEFB591
,
0x93346B38
,
1162286478
,
680814033
,
0xAEE1A7A2
,
0x80E574AE
,
0xF154F55F
,
2121620700
,
0xFCBDA653
,
0x8E902444
,
0xCA742E12
,
0xB8424071
,
0xB4B15EC2
,
0x943BFA09
,
0xBC97CD93
,
1285603712
,
798920280
,
0x8B58328F
,
0xF9822360
,
0xD1FD15EE
,
1077514121
,
1436444106
,
0xA2D6C17E
,
1507202797
,
500756149
,
198754565
,
0x8E014807
,
880454148
,
1970517398
,
0xBFC6EE25
,
1161840191
,
560498076
,
1782600856
,
0x9D93FEBE
,
1285196205
,
788797746
,
1195724574
,
0xF2174A07
,
103427523
,
0x952BFE83
,
0xF730AC4C
,
617564657
,
978211984
,
1781482121
,
0x8379D23A
,
0xEAD737EE
,
0xE41555FB
,
659557668
,
0x99F3B244
,
1561884856
,
0x842C31A4
,
1189296962
,
169145316
,
0xA5CE044C
,
1323893433
,
824667876
,
408202876
,
0xE0178482
,
0xF412BBBC
,
1508996065
,
162419237
,
0xDE740B00
,
0xB7CB64FD
,
0xEBCADB1F
,
0x8EAE2326
,
0x933C216C
,
0xD7D1F649
,
481927014
,
0xA448AC16
,
0xBC082807
,
1261069441
,
2063238535
,
0x8474A61D
,
101459755
,
0xBC5654D1
,
1721190841
,
1078395785
,
176506553
,
0xD3C5280F
,
1566142515
,
1938949000
,
1499289517
,
0xC59872F8
,
829714860
,
0xE51502A2
,
952932374
,
1283577465
,
2045007203
,
0xEBE6A798
,
0xE09575CD
,
0xADDF4157
,
0xC4770191
,
482297421
,
1734231412
,
0xDAC71054
,
0x99807E43
,
0xA88D74B1
,
0xCB77E028
,
1533519803
,
0xEEEBC3B6
,
0xE7E680E5
,
272960248
,
317508587
,
0xC4B10CDC
,
0x91776399
,
27470488
,
1666674386
,
1737927609
,
750987808
,
0x8E364D8F
,
0xA0985A77
,
562925334
,
0x837D6DC3
]
k
=
[
54
]
*
4
n
=
len
(v)
res
=
decrypt(n, v, k)
res1
=
''
for
i
in
res:
j
=
hex
(i)[
2
:]
#print ( binascii.unhexlify(i))
print
( binascii.a2b_hex(j))
res1
+
=
j
#res1 = bytes(res1)
print
(res1)
print
( binascii.a2b_hex(res1) )
|
8.根据代码flag = str( pow(m, pub_key[1], pub_key[0]))等价与求RSA解密后明文。通过pub_key的值发现e和n非常大且十分接近,那么可以利用RSA的维纳攻击直接解出flag。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
from
Crypto.Util.number
import
*
from
gmpy2
import
*
from
RSAwienerHacker
import
*
import
libnum
n
=
0x649EE967E7916A825CC9FD3320BEABF263BEAC68C080F52824A0F521EDB6B78577EC52BF1C9E78F4BB71192F9A23F1A17AA76E5979E4D953329D3CA65FB4A71DA57412B59DFD6AEDF0191C5555D3E5F582B81B5E6B23163E9889204A81AFFDF119FE25C92F4ED59BD3285BCD7AAE14824240D2E33C5A97848F4EB7AAC203DE6330D2B4D8FF61691544FBECD120F99A157B3D2F58FA51B2887A9D06CA383C44D071314A12B17928B96F03A06E959A5AFEFA0183664F52CD32B9FC72A04B45913FCB2D5D2D3A415A14F611CF1EAC2D6C785142A8E9CC41B67A6CD85001B06EDB8CA767D367E56E0AE651491BF8A8C17A38A1835DB9E4A9292B1D86D5776C98CC25
e
=
0x647327833ACFEF1F9C83E74E171FC300FA347D4A6769476C33DA82C95120ACB38B62B33D429206FE6E9BB0BB7AB748A1036971BEA36EC47130B749C1C9FF6FE03D0F7D9FC5346EB0E575BDFA6C530AA57CD676894FC080D2DD049AB59625F4B9C78BCFD95CDCD2793E440E26E189D251121CB6EB177FEDB596409034E8B0C5BBD9BD9342235DBB226C9170EFE347FF0FD2CFF9A1F7B647CC83E4D8F005FD7125A89251C768AFE70BDD54B88116814D5030F499BCAC4673CCCC342FB4B6AC58EA5A64546DC25912B6C430529F6A7F449FD96536DE269D1A1B015A4AC6B6E46EE19DCE8143726A6503E290E4BAE6BD78319B5878981F6CFFDB3B818209341FD68B
c
=
10610336534759505889607399322387179316771488492347274741918862678692508953185876570981227584004676580623553664818853686933004290078153620168054665086468417541382824708104480882577200529822968531743002301934310349005341104696887943182074473298650903541494918266823037984054778903666406545980557074219162536057146090758158128189406073809226361445046225524917089434897957301396534515964547462425719205819342172669899546965221084098690893672595962129879041507903210851706793788311452973769358455761907303633956322972510500253009083922781934406731633755418753858930476576720874219359466503538931371444470303193503733920039
d
=
hack_RSA(e,n)
flag
=
long_to_bytes(
pow
(c,d,n))
print
(flag)
b
'flag{You_Need_Some_Tea}'
|
工具来源:
https://github.com/extremecoders-re/pyinstxtractor
https://tool.lu/pyc/
https://github.com/pablocelayes/rsa-wiener-attack
更多【2022DASCTF Apr X FATE 防疫挑战赛-Reverse-奇怪的交易】相关视频教程:www.yxfzedu.com