Web

代码审计

#! /usr/bin/env python 
# encoding=utf-8 
from flask import Flask 
from flask import request 
import hashlib 
import urllib.parse 
import os 
import json 
app = Flask(__name__) 
secret_key = os.urandom(16) 
class Task: 
    def __init__(self, action, param, sign, ip): 
        self.action = action 
        self.param = param 
        self.sign = sign 
        self.sandbox = md5(ip) 
        if not os.path.exists(self.sandbox): 
            os.mkdir(self.sandbox) 
    def Exec(self): 
        result = {} 
        result['code'] = 500 
        if self.checkSign(): 
            if "scan" in self.action: 
                resp = scan(self.param) 
        if resp == "Connection Timeout": 
            result['data'] = resp 
        else: 
            print(resp) 
        self.append_to_file(resp) # 追加内容到已存在的文件 
        result['code'] = 200 
        if "read" in self.action: 
            result['code'] = 200 
            result['data'] = self.read_from_file() # 从已存在的文件中读取 
        if result['code'] == 500: 
            result['data'] = "Action Error" 
        else: 
            result['code'] = 500 
            result['msg'] = "Sign Error" 
            return result 
def checkSign(self): 
    if get_sign(self.action, self.param) == self.sign: 
        return True 
    else: 
        return False 
@app.route("/geneSign", methods=['GET', 'POST']) 
def geneSign(): 
    param = urllib.parse.unquote(request.args.get("param", "")) 
    action = "scan" 
    return get_sign(action, param) 
@app.route('/De1ta', methods=['GET', 'POST']) 
def challenge(): 
    action = urllib.parse.unquote(request.cookies.get("action")) 
    param = urllib.parse.unquote(request.args.get("param", "")) 
    sign = urllib.parse.unquote(request.cookies.get("sign")) 
    ip = request.remote_addr 
    if waf(param): 
        return "No Hacker!!!!" 
    task = Task(action, param, sign, ip) 
    return json.dumps(task.Exec()) 
@app.route('/') 
def index(): 
    return open("code.txt", "r").read() 
def scan(param): 
    try: 
        with open(param, 'r') as file: 
            content = file.read() 
            return content 
    except FileNotFoundError: 
        return "The file does not exist" 
def md5(content): 
    return hashlib.md5(content.encode()).hexdigest() 

def get_sign(action, param): 
    return hashlib.md5(secret_key + param.encode('latin1') + action.encode('latin1')).hexdigest() 

def waf(param): 
    check = param.strip().lower() 
    if check.startswith("gopher") or check.startswith("file"): 
        return True 
    else: 
        return False 
if __name__ == '__main__': 
    app.debug = False 
    app.run()

审计代码，最终要访问的是De1ta，并且提供action，sign作为cookie，param中是我们要读取的flag.txt。

随后调用Task类，通过scan动作，把flag.txt读取并写入到临时文件中，然后通过read动作，把写在临时文件中的字符串返回。

在执行action之前会有个checksign的验签函数，调用getsign函数，把key，param，action进行拼接。

虽然我们不知道key，但是发现存在genesign函数，同样使用了key和param，并且action固定为scan。

因此我们先调用genesign并把param传值为flag.txtread，就可以构造出checksign要使用的key+flag.txtreadscan这个串的md5

最后构造payload即可获取flag。

Reverse

迷失之门

逆向代码后可发现存在check1和check2两个函数，check2是比对最终flag，可以跟据比对内容反推出最终flag应为“FSBBhKguIibsScDqgKzakWsVoa6”

check1函数是将输入与v3串做差值，然后跟据差值进行不同的处理，逆向操作该函数即可得到flag。

v16="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
v10="abcdefghijklmnopqrstuvwxyz"
v4="0123456789+/-=!#&*()?;:*^%"
v3="DABBZXQESVFRWNGTHYJUMKIOLPC"
flag="FSBBhKguIibsScDqgKzakWsVoa6"
f=""
i=0
for c in flag:
    temp=0
    if c>='A' and c<='Z':
        temp=ord(c)-ord('A')
    else:
        if c>='a' and c<='z':
            temp=ord(c)-ord('a')+26
        else:
            temp=ord(c)-ord('0')+52
    f=f+chr(ord(v3[i])+temp)
    i=i+1
print(f)

Misc

一道简单的RSA

题目给出n,e,c,(p-2)*(q-1),(p-1)*(q-2)

# n=p*q
# phi=(p-1)*(q-1)
# 
# (p-2)*(q-1)=pq-p-2q+2
# (p-1)*(q-2)=pq-2p-q+2
# (p-2)*(q-1)+(p-1)*(q-2)=2pq-3p-3q+4=2n-3(p+q)+4
# 
# p+q={2n-[(p-2)*(q-1)+(p-1)*(q-2)]+4}/3
# 
# phi=(p-1)*(q-1)=qp-p-q+1=n-(p+q)+1

import gmpy2
from Crypto.Util.number import *
n=129699330328568350681562198986490514508637584957167129897472522138320202321246467459276731970410463464391857177528123417751603910462751346700627325019668100946205876629688057506460903842119543114630198205843883677412125928979399310306206497958051030594098963939139480261500434508726394139839879752553022623977
e=65537
c=51518667118381278477627700350423102429776676581577331085270368196272060145548342984043810743618087606163386279307047292933106493569541976939050254974252244013831301960071316341468330608281341872211745059683319875591139239345816548949447864182443966627910451617628300085919745530446373374581794092552290729186
n1=129699330328568350681562198986490514508637584957167129897472522138320202321246467459276731970410463464391857177528123417751603910462751346700627325019668067056973833292274532016607871906443481233958300928276492550916101187841666991944275728863657788124666879987399045804435273107746626297122522298113586003834 #(p-2)*(q-1)
n2=129699330328568350681562198986490514508637584957167129897472522138320202321246467459276731970410463464391857177528123417751603910462751346700627325019668066482326285878341068180156082719320570801770055174426452966817548862938770659420487687194933539128855877517847711670959794869291907075654200433400668220458 #(p-1)*(q-2)
ppq=(n-n1+n-n2+4)//3 #p+q
phi=n-ppq+1
d=gmpy2.invert(e,phi)
flag=long_to_bytes((pow(c,d,n)))
print(flag)