講師:堇姬 @ Izcc-ctf
2023.12.15
成電二年級/幽夜工作室繪師/台灣好厲駭學員
DC : naup_sumire_hime
IG : ckcsc36th_naup
涉獵C++、C、python、遊戲(tkinter、pygame)、資安(Web、Crypto)、AI、flask、html/css/js、 PHP、DC bot。
喜歡看輕小說、動畫、Vtuber、打音遊,也喜歡看百合,就是一個長年混跡ACG的宅女。
夢想是可以成為很電的駭客跟繪師,也想自己寫出一個AI老婆。
msg:安安
jg7LzS3fpcH15kKScqUMdg==(加密->ECB)
TmF1cEpqaW4= (編碼->base64)
9bb2508637df52b17523e4a4a9f727fca1923134a8ace76f09220a3b908e03d2(雜湊->sha256)
基於64個可列印字元來表示
6Ji/6I6J5o6n
蘿莉控
WIN11娘
V0lOMTHlqJg=
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpad
import base64
def encrypt_ecb(key, plaintext):
cipher = AES.new(key, AES.MODE_ECB)
padded_plaintext = pad(plaintext.encode('utf-8'), AES.block_size)
encrypted = cipher.encrypt(padded_plaintext)
return base64.b64encode(encrypted).decode('utf-8')
def decrypt_ecb(key, ciphertext):
cipher = AES.new(key, AES.MODE_ECB)
encrypted_bytes = base64.b64decode(ciphertext.encode('utf-8'))
decrypted = cipher.decrypt(encrypted_bytes)
return unpad(decrypted, AES.block_size).decode('utf-8')
if __name__ == "__main__":
key = b'YourSecretKey123'
plaintext = "NaupJjin"
encrypted = encrypt_ecb(key, plaintext)
print("加密後:", encrypted)
decrypted = decrypt_ecb(key, encrypted)
print("解密後:", decrypted)
加密後: jg7LzS3fpcH15kKScqUMdg==
解密後: NaupJjin
密鑰:YourSecretKey123
雜湊像果汁機一樣
神秘物質
WE ARE DISCOVERED. FLEE AT ONCE
不只關注保密性,也包含了防止暴力破解及更關注以下幾點
(本篇皆以一個block 16bytes)
00 00 00 00
01
02 02
03 03 03
......role=
user;id=2,msg=12
456789
我可以輸入東西填到msg,並且如果role=admin,id=1,就可以登入管理員
......role=
userv12
admin;
......role=
user;id=2,msg=12
admin;id=1,msg=1
......role=
user;id=2,msg=AA
admin;id=1,msg=1
......role=
admin;id=1,msg=1
from pwn import *
r = remote('127.0.0.1', 20000)
r.sendlineafter('user = ', 'A' * 11 + '9' * 16 + 'A' * 9)
token = r.recvline().strip().partition(b' = ')[2].decode()
token = bytes.fromhex(token)
token = token[:16] + token[32:48] + token[16:32] + token[48:]
r.sendlineafter('token = ', token.hex())
r.interactive()