zoukankan      html  css  js  c++  java
  • CTF欢乐赛-密码学-哈希哈希题解

    1、下载源文件后拿到一个数组和一个salt=131,因为给的是一个数组,我们可以猜测这个是hash字符串的前缀和

    hash1[34]={1,137,17961,2352894,308229132,40378016292,5289520134276,692927137590175,90773455024312932,11891322608184994096,8236759480631890849,9104335687623707495,12076354361294378429,14029175064251686857,11594270119725368294,6216371639840014010,2687945575821564212,1632733032143431075,10973842399984403068,17174060722321327476,17745921705238153833,425990098794648510,464470720970299981,5505432225980642670,1788602728791676750,12946028587195034875,17276034214980371573,12657705169863378919,16399154691952544583,8466952095475352928,2366080084698136616,14808585916103070846,3016627269999361153,7796546822015727126};
    salt=131

    题目提示是hash题,这个数组的首个是为1,salt给出的又是hash常见的131素数。

    我们日常最常见的字符串hash求前缀和的操作是

     p即可视为我们的salt,mod数一般是极大的素数或者使用unsigned long long 的自动溢出法

    根据上述的hash[i]的求法,我们可以根据前缀和逆推求出每一位的原字符串

    即当我们要求0<=l<=r<=n 的l-r上的hash值时有如下公式

     当l==r的时候即可求出单个字符的hash值即原值

    通过脚本可得出原数组,数组值在0-25之间,即代表a-z,得出原字符串为

    godsaythereislightandthereislight

    将此字符串输入压缩文件密码中,解开压缩文件,发现一个网址与一个图

    https://www.cnblogs.com/post/ReadAuth?blogId=463042&PostId=12524932&url=%2FNever-Land%2Fprotected%2Fp%2F12524932.html

     其实这个是古埃及文,对应古埃及字母表可翻译出原文

    magichash

    得到后进入网页中

    L.OeOeKhItNhTtHiYwGsLeAiSdSe,gaanmditeenlilhtthdenfaa,ceeltghnoiusveiieDw,eesbtoNtotwoinsdtehre'tbimmeemtehraetvfialcueoshhtofuiltdufBo.remmaintontehdelro,gWyhhotsseifhrte,ssherlekpnaiirrwiffoneotwitphsoeuDr,eeneeswtelsath,sTehgoauednoishttbfeogsuwioldentihwehwgourolrdh,tuunobhlteosSs;seommiermportehhefro.lFiorrpwAhyelreevioslsehhetskocfaabisrlwlhaoCseeeuhntenaireehdswdonmab,Dsissadlagisn'srtehhettoimlylhatgteroafutohhyTh?uystbiarnedtrsyo?pOprowthsooits,heevsoolf-ofnldewsislilhbfeOt,h}erteokmcbafhl_adga{b

    观察文章的开头0 2 4 6 8 10等字符,是LOOK IN THY GLASS , and tell the face thou viewest. 

    这句话其实是莎士比亚的十四行诗中某一首的开头。

    再倒序观察1 3 5 7 9等奇数字符,是Die single, and thine image dies with thee. 的倒序。

    (标题——头尾相接!!!)

    观察出乱序的规律之后我们即可写脚本还原这首诗

    LOOK in thy glass, and tell the face thou viewest
    Now is the time that face should form another,
    Whose fresh repair if now thou renewest,
    Thou dost beguile the world, unbless some mother.
    For where is she so fair whose uneared womb
    Disdains the tillage of thy husbandry?
    Or who is he so fond will be the tomb
    flag{bad_hacker},
    Of his self-love, to stop posterity?
    Thou art thy mother's glass, and she in thee
    Calls back the lovely April of her prime;
    So thou through windows of thine age shalt see,
    Despite of wrinkles, this thy golden time.
    But if thou live rememb'red not to be,
    Die single, and thine image dies with thee.
    莎士比亚

    即可拿到flag

    考点:前缀和,hash字符串

  • 相关阅读:
    Mybatis 用Demo去入门 (使用数据库的查询操作测试)
    Spring Mvc 用Demo去学习
    OGNL的学习
    hibernate 运用 中的 细节分析
    pip3问题pip is configured with locations that require TLS/SSL, however the ssl module in Python is not avail
    更换centos7源
    Centos7下python2.7升级至3.6
    service adminsetd start
    kali更新源
    redhat7 配置使用centos的yum源
  • 原文地址:https://www.cnblogs.com/Never-Land/p/12577147.html
Copyright © 2011-2022 走看看