一、[NCTF 2019]Keyboard——键盘密码

1.题目：

ooo yyy ii w uuu ee uuuu yyy uuuu y w uuu i i rr w i i rr rrr uuuu rrr uuuu t ii uuuu i w u rrr ee www ee yyy eee www w tt ee

2.解题：

这些字母是26键盘上的第一行，每个字母对应上面的数字，而且每个字母数为1-4位，说明是九键键盘。

这种题写法就是比如o,对应9，就在九键键盘上9的位置，看o有多少位，3位的话，就是9那个位置字符串的第三个字符。得到

youaresosmartthatthisisjustapieceofcake

二、[MoeCTF 2022]vigenere——维吉尼亚密码

1.题目：

fwoslehgl wcw ecfxshmw lcoaju dk rhsxwhnlrhf
mt voswxzkiluw cbhl ilnurjkbsh, vujxdfnfn swx oktizkbcngfon uxfktgrmscy sh tiawa atbidiun, jnenfdwb, umw nqymbnqr xwvfmuqwx ri hjmrptuy, swnhonupk biembdmw, ocqxbdgd, nhbkdsoaxh rhkwrsay, kxldg druabqloq, bybnwloq jqzkjqzkb umw yuvawcmz, fqy kx znkyk. ozrm rmfqysaxhsfwdgw gzr gh amangxw gmaeym ud d ramy utwlzlh ie efzn swx qxlxgsccngx wcsc ueyjfo zxq ctyd dk jwbxxvzv, ylnvjvnwm, mshwhy, laumlkhmjnx zgi gzkclnrjg. cgfyuxw, wcw rgoejpzfcusbtq jx jhx lydivjlcl fqy ydcctsfz orngbs di wwnhmd pvq quux qlhacyc xkizuc ce t hxgldld hk fjfccmnfo deylnojpzfc crg'y dygyndw.

2.

使用在线网站解码，得到：

information security, sometimes shortened to infosec, is the practice of protecting information by mitigating information risks. it is part of information risk management. it typically involves preventing or reducing the probability of unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. it also involves actions intended to reduce the adverse impacts of such incidents. protected information may take any form, e.g. electronic or physical, tangible (e.g. paperwork) or intangible (e.g. knowledge). information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the cia triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. this is largely achieved through a structured risk management process that involves:
1. identifying information and related assets, plus potential threats, vulnerabilities, and impacts;
2. evaluating the risks
3. deciding how to address or treat the risks i.e. to avoid, mitigate, share or accept them
4. where risk mitigation is required, selecting or designing appropriate security controls and implementing them
5. monitoring the activities, making adjustments as necessary to address any issues, changes and improvement opportunities
6. i won't tell you that the flag is moectf attacking the vigenere cipher is interesting
to standardize this discipline, academics and professionals collaborate to offer guidance, policies, and industry standards on password, antivirus software, firewall, encryption software, legal liability, security awareness and training, and so forth. this standardization may be further driven by a wide variety of laws and regulations that affect how data is accessed, processed, stored, transferred and destroyed. however, the implementation of any standards and guidance within an entity may have limited effect if a culture of continual improvement isn't adopted.

翻译一下，得到flag

NSSCTF{attacking the vigenere cipher is interesting}

三、[GDOUCTF 2023]Absolute_Baby_Encrytpion

1.题目：

Alice用脚本向Bob发送了以下消息。 这是用JS写的。 Bob对JS一无所知。 你能帮忙看看留言吗？+}!q")hiim)#}-nvm)i-$#mvn#0mnbm)im#n+}!qnm8)i-$#mvnoc#0nz<$9inm!>-n1:1-nm8)i-$~c58n!}qhij#0[noic##m8nc8n?!8c}w!n]>&

let messagetoEncrypt = prompt("Enter a string: ").toLowerCase();
let charArray = messagetoEncrypt.split("");
let encryptedString = "";
let hasInvalidCharacter = false;for (let i = 0; i < charArray.length; i++) {switch (charArray[i]) {case 'a':encryptedString = encryptedString.concat('!')break;case 'b':encryptedString = encryptedString.concat('1')break;case 'c':encryptedString = encryptedString.concat(')')break;case 'd':encryptedString = encryptedString.concat('v')break;case 'e':encryptedString = encryptedString.concat('m')break;case 'f':encryptedString = encryptedString.concat('+')break;case 'g':encryptedString = encryptedString.concat('q')break;case 'h':encryptedString = encryptedString.concat('0')break;case 'i':encryptedString = encryptedString.concat('c')break;case 'j':encryptedString = encryptedString.concat(']')break;case 'k':encryptedString = encryptedString.concat('(')break;case 'l':encryptedString = encryptedString.concat('}')break;case 'm':encryptedString = encryptedString.concat('[')break;case 'n':encryptedString = encryptedString.concat('8')break;case 'o':encryptedString = encryptedString.concat('5')break;case 'p':encryptedString = encryptedString.concat('$')break;case 'q':encryptedString = encryptedString.concat('*')break;case 'r':encryptedString = encryptedString.concat('i')break;case 's':encryptedString = encryptedString.concat('>')break;case 't':encryptedString = encryptedString.concat('#')break;case 'u':encryptedString = encryptedString.concat('<')break;case 'v':encryptedString = encryptedString.concat('?')break;case 'w':encryptedString = encryptedString.concat('o')break;case 'x':encryptedString = encryptedString.concat('^')break;case 'y':encryptedString = encryptedString.concat('-')break;case 'z':encryptedString = encryptedString.concat('_')break;case '0':encryptedString = encryptedString.concat('h')break;case '1':encryptedString = encryptedString.concat('w')break;case '2':encryptedString = encryptedString.concat('e')break;case '3':encryptedString = encryptedString.concat('9')break;case '4':encryptedString = encryptedString.concat('g')break;case '5':encryptedString = encryptedString.concat('z')break;case '6':encryptedString = encryptedString.concat('d')break;case '7':encryptedString = encryptedString.concat('~')break;case '8':encryptedString = encryptedString.concat('=')break;case '9':encryptedString = encryptedString.concat('x')break;case '!':encryptedString = encryptedString.concat('j')break;case '@':encryptedString = encryptedString.concat(':')break;case '#':encryptedString = encryptedString.concat('4')break;case '$':encryptedString = encryptedString.concat('b')break;case '%':encryptedString = encryptedString.concat('`')break;case '^':encryptedString = encryptedString.concat('l')break;case '&':encryptedString = encryptedString.concat('3')break;case '*':encryptedString = encryptedString.concat('t')break;case '(':encryptedString = encryptedString.concat('6')break;case ')':encryptedString = encryptedString.concat('s')break;case '_':encryptedString = encryptedString.concat('n')break;case '+':encryptedString = encryptedString.concat(';')break;case '-':encryptedString = encryptedString.concat('\'')break;case '=':encryptedString = encryptedString.concat('r')break;case '`':encryptedString = encryptedString.concat('k')break;case '~':encryptedString = encryptedString.concat('p')break;case '{':encryptedString = encryptedString.concat('\"')break;case '}':encryptedString = encryptedString.concat('&')break;case '[':encryptedString = encryptedString.concat('/')break;case ']':encryptedString = encryptedString.concat('\\')break;case '|':encryptedString = encryptedString.concat('2')break;case ':':encryptedString = encryptedString.concat('.')break;case ';':encryptedString = encryptedString.concat('%')break;case '\"':encryptedString = encryptedString.concat('|')break;case '\'':encryptedString = encryptedString.concat(',')break;case '<':encryptedString = encryptedString.concat('@')break;case '>':encryptedString = encryptedString.concat('{')break;case ',':encryptedString = encryptedString.concat('u')break;case '.':encryptedString = encryptedString.concat('7')break;case '?':encryptedString = encryptedString.concat('y')break;case '/':encryptedString = encryptedString.concat('a')break;default:hasInvalidCharacter = true;}
}if (hasInvalidCharacter) {encryptedString = "Invalid String!";
} else {console.log(`Your encoded string is ${encryptedString}`);
}

这段代码是将不同的字符映射为其他的字符

3.

#这段代码定义了一个字典list，将一些特殊字符映射为一些字母和数字。
list = {'!': 'a', '1': 'b', ')': 'c', 'v': 'd', 'm': 'e', ' ': 'f',
'q': 'g', '0': 'h', 'c': 'i', ']': 'j', '(': 'k', '}': 'l', '[': 'm', '8': 'n',
'5': 'o', '$': 'p', '*': 'q', 'i': 'r', '>': 's', '#': 't', '<': 'u', '?': 'v', 'o': 'w', '^': 'x', '-': 'y',
'_': 'z', 'h': '0', 'w': '1', 'e': '2', '9': '3', 'g': '4', 'z': '5', 'd': '6', '~': '7', '=': '8', 'x': '9', 'j': '!', ':': '@', '4': '#', 'b': '$', '`': '%', 'l': '^',
'3': '&', 't': '*', '6': '(', 's': ')', 'n': '_', ';': ' ', '\\': '-', '&': '}', '/': '[', '\\\\': '{', '2': 'l', '.': ':', '%': ';', '|': '\\',
',': '\\', '@': '<', '{': '>', 'u': ',', '7': '.', 'y': '?', 'a': '//', '"': '{'}
miwen =' }!q")hiim)#}-nvm)i-$#mvn#0mnbm)im#n }!qnm8)i-$#mvnoc#0nz<$9inm!>-n1:1-nm8)i-$~c58n!}qhij#0[noic##m8nc8n?!8c}w!n]>&'
m = ''
for i in miwen:m += list[i]
print(m)

NSSCTF{c0rrectly_decrypted_the_$ecret_flag_encrypted_with_5up3r_easy_b@by_encryp7ion_alg0r!thm_written_in_vanil1a_js}
 

四、[红明谷CTF 2022]easy_ya

1、题目：

from Crypto.Util.number import *
import osfrom flag import flag
def gen():e = 3while True:try:p = getPrime(512)q = getPrime(512)n = p*qphi = (p-1)*(q-1)d = inverse(e,phi)return p,q,d,n,eexcept:continuereturn
p,q,d,n,e = gen()
r = getPrime(512)
m = bytes_to_long(flag+os.urandom(32))
M = m%r
c = pow(m,e,n)
print("r = %d"%r)
print("M = %d"%M)
print("n = %d"%n)
print("e = %d"%e)
print("c = %d"%c)  # 数据类型
'''
r = 7996728164495259362822258548434922741290100998149465194487628664864256950051236186227986990712837371289585870678059397413537714250530572338774305952904473
M = 4159518144549137412048572485195536187606187833861349516326031843059872501654790226936115271091120509781872925030241137272462161485445491493686121954785558
n = 131552964273731742744001439326470035414270864348139594004117959631286500198956302913377947920677525319260242121507196043323292374736595943942956194902814842206268870941485429339132421676367167621812260482624743821671183297023718573293452354284932348802548838847981916748951828826237112194142035380559020560287
e = 3
c = 46794664006708417132147941918719938365671485176293172014575392203162005813544444720181151046818648417346292288656741056411780813044749520725718927535262618317679844671500204720286218754536643881483749892207516758305694529993542296670281548111692443639662220578293714396224325591697834572209746048616144307282
'''

2.解题：

m =M+k∗r，则有c≡(M+kr) **3(mod n)
考虑构造模多项式f=(M+kr) **3 −c (mod n)，求解小根得到k

然后根据公式m =M+k∗r，得到flag

3.

#sageN = 131552964273731742744001439326470035414270864348139594004117959631286500198956302913377947920677525319260242121507196043323292374736595943942956194902814842206268870941485429339132421676367167621812260482624743821671183297023718573293452354284932348802548838847981916748951828826237112194142035380559020560287
e = 3
c = 46794664006708417132147941918719938365671485176293172014575392203162005813544444720181151046818648417346292288656741056411780813044749520725718927535262618317679844671500204720286218754536643881483749892207516758305694529993542296670281548111692443639662220578293714396224325591697834572209746048616144307282
M = 4159518144549137412048572485195536187606187833861349516326031843059872501654790226936115271091120509781872925030241137272462161485445491493686121954785558
r = 7996728164495259362822258548434922741290100998149465194487628664864256950051236186227986990712837371289585870678059397413537714250530572338774305952904473
kbits = 100
P.<x> = PolynomialRing(ZmodN)
f = (M + r*x)**e - c
f=f.monic() # x系数不为1的时候需要用这个归一
x0 = f.small_roots(x=2^kbits, beta=1)[0]  # 这里的X选取不像上文用的是临界值，而是选了一个我们未知的x的最大可能值。X的选取并非严格，但至少得保证比临界值小。
print(x0)
# 810968823598060539864535# python
import libnumr = 7996728164495259362822258548434922741290100998149465194487628664864256950051236186227986990712837371289585870678059397413537714250530572338774305952904473
M = 4159518144549137412048572485195536187606187833861349516326031843059872501654790226936115271091120509781872925030241137272462161485445491493686121954785558
n = 131552964273731742744001439326470035414270864348139594004117959631286500198956302913377947920677525319260242121507196043323292374736595943942956194902814842206268870941485429339132421676367167621812260482624743821671183297023718573293452354284932348802548838847981916748951828826237112194142035380559020560287
e = 3
c = 46794664006708417132147941918719938365671485176293172014575392203162005813544444720181151046818648417346292288656741056411780813044749520725718927535262618317679844671500204720286218754536643881483749892207516758305694529993542296670281548111692443639662220578293714396224325591697834572209746048616144307282
k = 810968823598060539864535m = M+k*r
print(libnum.n2s(int(m)))

得到：

b'flag{53a2e494-964d-4506-a2c4-c34b9475dedd}W\xf1X6\xacP\x9bc~9\xfd\x0f\x96\xbf\x92\xb9+\xe5\xebPJ\x17\xc4\xb2\xe8\xad\x01\n\xf2j\xae\x15'

NSSCTF{53a2e494-964d-4506-a2c4-c34b9475dedd}