shenghuo2

shenghuo2's Blog

人生得意须尽欢 莫使金樽空对月

本站所写仅表示个人拙见,如有不当多多担待

一道misc的wp

拿到手是一个图片,使用binwalk或foremost可以得到一个压缩包 里面是一个打不开的图片, 使用windows的画图可以强行打开,发现文件高度有问题 使用二进制编辑器修改高度后,打开会发现一串字符 二进制查看图片的结束之后还有一段hint: 将其16进制转换为8进制后,再作为十六进制转换为ascii码

log4j2 反弹shell

漏洞描述Apache Log4j 是 Apache 的一个开源项目,Apache Log4j2是一个基于Java的日志记录工具。该工具重写了Log4j框架,并且引入了大量丰富的特性。我们可以控制日志信息输送的目的地为控制台、文件、GUI组件等,通过定义每一条日志信息的级别,能够更加细致地控制日志的生成过程。该日志框架被大量用于

RSA解密方案

已有公钥,解密文本

公钥与私钥的产生

HKJ6Q@810_4K@S<del>PO}VD8</del>E.png

##计算过程

目的是得到 N e p q 从而解密

使用openssl计算模数N和指数e

openssl rsa -pubin -text -modulus -in warmup -in <public key file>

使用yafu对N进行因数分解

关于yafu的安装使用,请看这篇帖子:http://blog.shenghuo2.top/index.php/archives/40/

或者使用在线网站查询结果 http://factordb.com/

得到p q

使用脚本解密

import gmpy2
import rsa

p =         
q =         
N =         
e =         
d = int(gmpy2.invert((e,p - 1) * (q - 1)))
privatekey = rsa.PrivateKey(N,e,d,p,q)
s = open("xxx.enc","rb")
print rsa.decrypt(s.read().privatekey).decode()

yafu的安装与使用

介绍

YAFU (with assistance from other free software) uses the most powerful modern algorithms (and implementations of them) to factor input integers in a completely automated way. The automation within YAFU is state-of-the-art, combining factorization algorithms in an intelligent and adaptive methodology that minimizes the time to find the factors of arbitrary input integers. It is most optimized for general inputs up to 160 digits in size, although there is support for inputs much larger than that, if they have a special form. There are also specialized functions for handling lists of inputs and ranges of contiguous smaller inputs.

YAFU is primarily a command-line driven tool. You provide the number to factor and, via screen output and log files, YAFU will provide you the factors. But that’s not all! You also get an interactive environment similar to MATLAB or PARI/GP, where you can type commands and store results. The functionality of this interface is limited, but perhaps useful, and I have plans to make it better. YAFU also provides a vast amount of flexibility, through many many options and a very capable expression interpreter. If you know what you are doing, or if you read the documentation enough, you can customize the operation of YAFU a great deal. You should have received a copy of docfile.txt, which explains in some detail all of the available functions, how to use them, and how to influence their behavior.

MHSCTF-WP

官网https://mhsctf2022.ctfd.io/ 比赛差不多结束了,就打了一半的题,呜呜呜,菜 wp过两天补完,先新建文件夹 最终成绩 ![7U{1`B0HHY%CG1EWWE0S_S.png 有这位大佬的帮助@Deeemo

linux系统调用号对照表

32位 #ifndef _ASM_X86_UNISTD_32_H #define _ASM_X86_UNISTD_32_H 1 #define __NR_restart_syscall 0 #define __NR_exit 1 #define __NR_fork 2 #define __NR_read 3 #define __NR_write 4 #define __NR_open 5 #define __NR_close 6 #define __NR_waitpid 7 #define __NR_creat 8 #define __NR_link 9 #define __NR_unlink 10 #define __NR_execve 11 #define __NR_chdir 12 #define __NR_time 13 #define __NR_mknod 14 #define __NR_chmod 15 #define __NR_lchown 16 #define __NR_break 17 #define __NR_oldstat 18 #define __NR_lseek 19 #define __NR_getpid 20 #define __NR_mount 21 #define __NR_umount 22 #define __NR_setuid 23 #define __NR_getuid 24 #define __NR_stime 25 #define __NR_ptrace 26 #define __NR_alarm 27 #define __NR_oldfstat 28 #define __NR_pause 29 #define __NR_utime 30 #define __NR_stty 31 #define __NR_gtty 32 #define __NR_access 33 #define __NR_nice 34 #define __NR_ftime 35 #define __NR_sync 36 #define __NR_kill 37 #define __NR_rename 38 #define __NR_mkdir 39 #define __NR_rmdir 40 #define __NR_dup 41 #define __NR_pipe 42 #define __NR_times 43 #define __NR_prof 44 #define __NR_brk 45 #define __NR_setgid 46 #define
0%