-
-
[原创]2019看雪CTF 团队赛 第十题 初入好望角WP
-
发表于: 2019-3-19 01:18
-
cm是.net程序,直接用dnSpy打开,定位到处理输入的方法。
private static void a(string[] A_0)
{
Console.WriteLine("Please Input Serial:");
if (a.a(Console.ReadLine(), "Kanxue2019") == "4RTlF9Ca2+oqExJwx68FiA==")
{
Console.WriteLine("Congratulations! : )");
Console.ReadLine();
}
}查看a.a方法
private static void a(string[] A_0)
{
Console.WriteLine("Please Input Serial:");
if (a.a(Console.ReadLine(), "Kanxue2019") == "4RTlF9Ca2+oqExJwx68FiA==")
{
Console.WriteLine("Congratulations! : )");
Console.ReadLine();
}
}查看a.a方法
public static string a(string A_0, string A_1)
{
byte[] bytes = Encoding.UTF8.GetBytes("Kanxue2019CTF-Q1");
byte[] bytes2 = Encoding.UTF8.GetBytes(A_0);
byte[] bytes3 = new PasswordDeriveBytes(A_1, null).GetBytes(32);
ICryptoTransform transform = new RijndaelManaged
{
Mode = CipherMode.CBC
}.CreateEncryptor(bytes3, bytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write);
cryptoStream.Write(bytes2, 0, bytes2.Length);
cryptoStream.FlushFinalBlock();
byte[] inArray = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(inArray);
}cm先对输入的字符做aes cbc加密,密钥为PasswordDeriveBytes("Kanxue2019", null).GetBytes(32)的返回值,iv为Kanxue2019CTF-Q1,最后再base64编码。
结合调试可以判断是aes256加密,也可以提取出密钥
public static string a(string A_0, string A_1)
{
byte[] bytes = Encoding.UTF8.GetBytes("Kanxue2019CTF-Q1");
byte[] bytes2 = Encoding.UTF8.GetBytes(A_0);
byte[] bytes3 = new PasswordDeriveBytes(A_1, null).GetBytes(32);
ICryptoTransform transform = new RijndaelManaged
{
Mode = CipherMode.CBC
}.CreateEncryptor(bytes3, bytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write);
cryptoStream.Write(bytes2, 0, bytes2.Length);
cryptoStream.FlushFinalBlock();
byte[] inArray = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(inArray);
}cm先对输入的字符做aes cbc加密,密钥为PasswordDeriveBytes("Kanxue2019", null).GetBytes(32)的返回值,iv为Kanxue2019CTF-Q1,最后再base64编码。
结合调试可以判断是aes256加密,也可以提取出密钥
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
