crypto常用工具

发表于 | 分类于 
1
2
3
$ crc32 1.txt #4d112952
$ md5sum 1.txt #735078d1ac92bcb2ba780625bdd3f1d8  1.txt
$ sha1sum 1.txt #7d19d3e82c2a7447fe2b0d9f8c73aaabf89c4342  1.txt

hashcat:已知密钥长度字符类型Hash破解

安装步骤
  • 安装最新版本Mingw-w64(使用旧版x86_64-w64-mingw32-gcc4.8.3编译错误)
  • 编译最新版本libiconv(win64需要,直接gmake不需要),并将编译好的/usr/local/lib/libiconv.a复制到hashcat/src目录
1
2
3
4
set MAKE=gmake
./configure --prefix=/usr/local
gmake
gmake install
  • 编译hashcat
1
2
3
4
5
git clone https://github.com/hashcat/hashcat.git
git submodule update --init
修改hashcat/src/Makefile中hashcat64.exe的libiconv.a路径:
hashcat64.exe: src/main.c $(WIN_64_OBJS) src/libiconv.a
gmake win64
常量定义

OpenCL\inc_hash_constants.h,如Hash时修改了默认常量,破解时需要对应修改,重新编译后再运行命令进行破解。

1
2
hashcat64 -m 0 -a 3 7d06700a3de25e7c6ed1b52e7b34d155 asdf13?d?d?d?d?d?d?d?d?dfdsa --force
7d06700a3de25e7c6ed1b52e7b34d155:asdf13573747198fdsa

pwcrack-framework:多平台在线验证Hash

依赖安装:msys2,修改pacman源

1
2
pacman -Sy
pacman -S mingw-w64-x86_64-gcc make

msys64\mingw64\bin添加到Path系统变量,再运行bundle install安装依赖库。

1
2
>ruby D:\ctf\tools\crypto\pwcrack-framework\pwcrack e10adc3949ba59abbe56e057f20f883e
>ruby D:\ctf\tools\crypto\pwcrack-framework\pwcrack base64:ZTEwYWRjMzk0OWJhNTlhYmJlNTZlMDU3ZjIwZjg4M2UK

RainbowCrack:彩虹表破解Hash

1
2
3
4
rcrack c:\rt -h fcea920f7412b5da7be0cf42b8c93759 #crack one hash
rcrack c:\rt -l hash_list_file #crack hash from file
rtgen md5 loweralpha-numeric 1 7 0 3800 33554432 0 #generate hash table
rtsort . #sort hash tables in current directory

xortool:猜测用于xor的key

1
2
3
4
5
6
7
8
D:\ctf\tools\encrypt\xortool\test\data>python "D:\Program Files\Python27\Scripts\xortool" tool_xored -c 20 [-l length] #如果python路径不带空格,可以直接运行xortool
Options:
  -l,--key-length       length of the key (integer)
  -c,--char             most possible char (one char or hex code),文本用20,binary用00
  -m,--max-keylen=32    maximum key length to probe (integer)
  -x,--hex              input is hex-encoded str
  -b,--brute-chars      brute-force all possible characters
  -o,--brute-printable  same as -b but will only use printable characters for keys

附带进行xor工具:xortool-xor

1
python "D:\Program Files\Python27\Scripts\xortool-xor" -s lol -h 414243 -r imthekey -f /etc/passwd #对四种形式的内容进行xor操作
Cycle(suctf-2018)

类似维吉尼亚的变种,循环异或后统计字频。

BubbleBabble编码

以x开头和结尾,对于输入序列中的每两个字节,输出五个字符和短划线 。

1
bubblepy.BubbleBabble().decode('xinik-samak-luvag-hutaf-fysil-notok-mepek-vanyh-zipef-hilok-detok-damif-cusol-fezyx') #flag{Ev3ry7hing_i5_bubb13s}

Four-Square:四方加密,采用两个key

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Enter Key1:DBAPP
Enter Key2:LINKEDBYX
The message you entered was: XBBSPASGXRAEUIOHPZ
Omitting Letter: Q
Alphabet Matrix:
A B C D E
F G H I J
K L M N O
P R S T U
V W X Y Z
Keyed Matrix1:
D B A P C
E F G H I
J K L M N
O R S T U
V W X Y Z
Keyed Matrix2:
L I N K E
D B Y X A
C F G H J
M O P R S
T U V W Z
Your decrypted message is  : WHEREISMYSECRETKEY

两字符为一组

加密时:WH在Alphabet Matrix下标为:[4,1],[1,2],交换y坐标得到:[4,2],[1,1]对应在Key1和Key2 Matrix是XB

解密时:XB在Key1和Key2 Matrix下标为:[4,2],[1,1],交换y坐标得到:[4,1],[1,2]在Alphabet Matrix为WH

Pari/GP:数论快速计算库

1
2
3
4
5
6
7
8
# x^e = c mod n
gp > sqrtnall(x,n)={my(V,r,z,r2);r=sqrtn(x,n,&z);if(!z,error("Impossible case in sqrtn"));if(type(x)=="t_INTMOD"||type(x)=="t_PADIC",r2 = r*z;n=1;while(r2!=r,r2*=z;n++));V=vector(n);V[1]=r;for(i=2,n,V[i]=V[i-1]*z);V}
%1 = (x,n)->my(V,r,z,r2);r=sqrtn(x,n,&z);if(!z,error("Impossible case in sqrtn")
);if(type(x)=="t_INTMOD"||type(x)=="t_PADIC",r2=r*z;n=1;while(r2!=r,r2*=z;n++));
V=vector(n);V[1]=r;for(i=2,n,V[i]=V[i-1]*z);V
gp > Vec(liftall(sqrtnall(Mod(2485360255306619684345131431867350432205477625621366642887752720125176463993839766742234027524, 32581479300404876772405716877547), 3)))
%2 = [6149264605288583791069539134541, 13404203109409336045283549715377, 1302801
1585706956936052628027629]
scryptos:python调用Pari/GP库
  • 将源码中使用gmpy的地方替换为gmpy2,修改setup.py中gmpy为gmpy2
  • 修改wrapper\common.py中check函数直接return True,因为其检查的逻辑是基于Linux的符号分隔
  • 安装:python setup.py install

pycrypto:python散列和加密算法集

通过pip安装的pycrypto,DSA没有importKey函数,需要用github版本python setup.py install安装。Windows下安装可能会有如下error:

根据$PYTHON2_HOME/Lib/distutils/msvc9compiler.py

1
2
3
4
5
6
7
8
9
10
#2.7.16 (v2.7.16:413a49145e, Mar  4 2019, 01:37:19) [MSC v.1500 64 bit (AMD64)]
s, rest = sys.version[i:].split(" ", 1) #s = 1500
majorVersion = int(s[:-2]) - 6 #majorVersion = 15 - 6 = 9
minorVersion = int(s[2:3]) / 10.0 #minorVersion = 0 / 10.0 = .0

toolskey = "VS%0.f0COMNTOOLS" % version
toolsdir = os.environ.get(toolskey, None) #VS90COMNTOOLS

productdir = os.path.join(toolsdir, os.pardir, os.pardir, "VC")
vcvarsall = os.path.join(productdir, "vcvarsall.bat") #toolsdir\..\..\VC\vcvarsall.bat

1.安装VCForPython27 2.(此步可忽略)配置环境变量VS90COMNTOOLS=C:\Users\tyler\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\VC\bin,由于脚本写死是到VC目录下找vcvarsall.bat,因此在C:\Users\tyler\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\VC目录下创建一个空的vcvarsall.bat 3.在cmd运行真实的vcvarsall.bat:D:\ctf\tools\crypto\pycrypto>"C:\Users\tyler\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64,配置好环境,即可以运行python setup.py install安装

  • 需要修改源码以避免error:
1
2
3
4
src/libtom/tomcrypt_cipher.h(546) : error C2133: 'cipher_descriptor' : unknown size
修改src\libtom\tomcrypt_cipher.h第546行去掉cipher_descriptor[];定义 #https://github.com/dlitz/pycrypto/issues/167
src/cpuid.c(29) : fatal error C1083: Cannot open include file: 'cpuid.h': No such file or directory
修改src\config.h第8行:#undef HAVE_CPUID_H

CTFCrackTools:米斯特安全编码转换工具

hashID:识别hash类型

OEIS:数组识别网站

wolframalpha:数学应用搜索引擎

随机数预测

  • PredictJavaNextInt:Java通过的2个连续输出预测Random.nextInt(),(sample:CommonModulusAttack-GXYCTF-2019)
  • randcrack:Python通过624个输出预测random.getrandbits(),(sample:lrlr-ByteCTF-2019,rand-网鼎杯-2020白虎组)

解密U2FsdGVkX1(Salted__+8bit salt)开头的openssl模式字符串

crypto-js:通过passphrase生成key和IV,等同于openssl解密命令(验证不可行!!!):openssl enc -aes-256-cbc -in infile -out outfile -pass pass:"Secret Passphrase" -e -base64