ApoorvCTF 2025 - Zsm's blog

前言#

赛时就做了两题，跟着佬的wp复现一下

题目#

Genjutsu_Labyrinth#

task

1
from sympy import primerange
2
import random
3
from collections import deque
4

5
def generate(size):
6
    grid = [[random.randint(0, 9) for col in range(size)] for row in range(size)]
7
    grid[0][0] = 0
8
    return grid
9

10
def encrypt(n, a, b, mod=101):
11
    return (a * n + b) % mod
12

13
def build_encrypted_grid(grid, a, b, mod=101):
14
    size = 10
15
    encry_grid = []
16
    for y in range(size):
17
        row = []
18
        for x in range(size):
19
            enc_val = encrypt(grid[y][x], a, b, mod)
20
            row.append(str(enc_val).zfill(2))
21
        encry_grid.append(row)
22
    return encry_grid
23

24
def optimize(grid):
25
    #hidden
26
    pass
27

28
grid = generate(10)
29
a = random.choice(list(primerange(2, 12)))
30
b = random.choice(range(101))
31
encry_grid = build_encrypted_grid(grid, a, b, mod=101)
32

33
#nc chals1.apoorvctf.xyz 4002

generate是正常一个10*10的迷宫，每个数字0-9，起点是0 encrypt是正常的线性同余加密 optimize没啥用 build_encrypted_grid是生成一个没个数加密后的矩阵，并且输出为字符串，比如5->05

a=[2,3,5,7,11]

1
//nc情况
2
  ____                 _         _
3
 / ___|  ___  _ __    (_) _   _ | |_  ___  _   _
4
| |  _  / _ \| '_ \   | || | | || __|/ __|| | | |
5
| |_| ||  __/| | | |  | || |_| || |_ \__ \| |_| |
6
 \____| \___||_| |_| _/ | \__,_| \__||___/ \__,_|
7
                    |__/
8

9
Welcome to Genjutsu Labyrinth!
10
Your goal is to navigate from the top-left to the bottom-right successfully
11
Note: Your current position is denoted by Pa. The first cell has a value 0
12
-------------------------------------------------
13

14
Pa 49 42 42 00 00 21 00 21 00
15
49 00 42 21 28 56 07 00 42 56
16
21 28 42 42 14 21 21 21 00 14
17
07 49 07 35 07 07 42 56 35 07
18
63 28 28 07 00 49 00 56 21 28
19
07 56 07 35 14 42 21 35 35 00
20
14 21 00 07 21 35 49 07 14 28
21
21 35 07 00 49 14 21 00 42 42
22
42 21 56 28 49 56 07 14 49 28
23
63 07 49 35 07 07 07 28 63 00
24

25
Use S/D to move down or right. Type 'exit' to quit.
26
Enter move (S/D):

哎，其实我们要找的是xor为0，即从 enc_val 中穷举 a, b 的值。然后根据 a, b 的值求出 grid 的值，进行穷举路径，找到 XOR 值为 0 的路径。

exp

1
from pwn import *
2
import itertools
3
from Crypto.Util.number import inverse
4

5
p = remote('chals1.apoorvctf.xyz', 4002)
6

7
for _ in range(12):
8
    data = p.recvuntil(b'\n').strip().decode()
9
    print(data)
10

11
# 读取加密网格，每行接收后替换'Pa'为'00'，并转换成数字列表
12
encry_grid = []
13
for _ in range(10):
14
    data = p.recvuntil(b'\n').strip().decode()
15
    print(data)
16
    data = data.replace('Pa', '00')
17
    row = list(map(int, data.split()))
18
    encry_grid.append(row)
19

20
encs = []
21
for i in range(10):
22
    for j in range(10):
23
        if encry_grid[i][j] not in encs:
24
            encs.append(encry_grid[i][j])
25

26
found = False
27
for a in [2, 3, 5, 7, 11]:
28
    for b in range(101):
29
        success = True
30
        for i in range(10):
31
            c = (a * i + b) % 101
32
            if c not in encs:
33
                success = False
34
                break
35
        if success:
36
            found = True
37
            break
38
    if found:
39
        break
40

41
grid = []
42
for i in range(10):
43
    row = []
44
    for j in range(10):
45
        r = (encry_grid[i][j] - b) * inverse(a, 101) % 101
46
        row.append(r)
47
    grid.append(row)
48

49
# 构造移动指令：总共需要18步，选取9步向下（S）移动，其余为向右（D）移动，
50
# 利用排列枚举所有可能的路径，选择 XOR 结果为 0 的路径
51
seq = list(range(18))
52
for perm in itertools.permutations(seq, 9):
53
    com = ''
54
    val = 0
55
    x = 0
56
    y = 0
57
    for i in range(18):
58
        if i in perm:
59
            com += 'S'
60
            x += 1
61
            val ^= grid[x][y]
62
        else:
63
            com += 'D'
64
            y += 1
65
            val ^= grid[x][y]
66
    if val == 0:
67
        break
68

69
for i in range(18):
70
    data = p.recvuntil(b': ')
71
    print(data.decode() + com[i])
72
    p.sendline(com[i].encode())
73
    data = p.recvuntil(b'\n').strip().decode()
74
    print(data)
75

76
data = p.recvuntil(b'exit!\n').strip().decode()
77
print(data)
78
for _ in range(2):
79
    data = p.recvuntil(b'\n').strip().decode()
80
    print(data)
81

82
p.interactive()

Split_Lies#

两个照片什么都没有，有点抽象尝试了很多方法后，将 RGB 的值相加后除以 256 的余数，中央出现了旗帜。

1
from PIL import Image
2

3
img1 = Image.open('part1.png').convert('RGB')
4
img2 = Image.open('part2.png').convert('RGB')
5

6
w, h = img1.size
7

8
output_img = Image.new('RGB', (w, h), (255, 255, 255))
9

10
for y in range(h):
11
    for x in range(w):
12
        r1, g1, b1 = img1.getpixel((x, y))
13
        r2, g2, b2 = img2.getpixel((x, y))
14
        r = (r1 + r2) % 256
15
        g = (g1 + g2) % 256
16
        b = (b1 + b2) % 256
17
        output_img.putpixel((x, y), (r, g, b))
18

19
output_img.save('flag.png')

Finding_Goku#

task

1
import hashlib
2

3
def check_hex_data(hex1, hex2, start_string):
4
    if hex1 == hex2:
5
        return "Error: Even a Saiyan warrior knows that true strength lies in difference! The two inputs must not be identical."
6

7
    try:
8
        data1 = bytes.fromhex(hex1)
9
        data2 = bytes.fromhex(hex2)
10
    except ValueError:
11
        return "Error: Looks like you misfired a Ki blast! Invalid hex input detected."
12

13
    start_bytes = start_string.encode()
14

15
    if not (data1.startswith(start_bytes) and data2.startswith(start_bytes)):
16
        return "Error: These aren't true warriors! Both inputs must start with the legendary sign of 'GOKU' to proceed."
17

18
    def md5_hash(data):
19
        hasher = hashlib.md5()
20
        hasher.update(data)
21
        return hasher.hexdigest()
22

23
    hash1 = md5_hash(data1)
24
    hash2 = md5_hash(data2)
25

26
    if hash1 != hash2:
27
        return "Error: These warriors are impostors! They wear the same armor but their Ki signatures (MD5 hashes) don't match."
28

29
    try:
30
        with open("flag.txt", "r") as flag_file:
31
            flag = flag_file.read().strip()
32
        return f"🔥 You have found the real Goku! Your flag is: {flag}"
33
    except FileNotFoundError:
34
        return "Error: The Dragon Balls couldn't summon the flag! 'flag.txt' is missing."
35

36
if __name__ == "__main__":
37
    start_string = "GOKU"
38
    hex1 = input("Enter first hex data: ")
39
    hex2 = input("Enter second hex data: ")
40
    print(check_hex_data(hex1, hex2, start_string))

总而言之言而总之想让md5相等，直接开爆

1
from pwn import *
2

3
p = remote('chals1.apoorvctf.xyz', 5002)
4

5
with open('md5_data1', 'rb') as f:
6
    data1 = f.read().hex()
7

8
with open('md5_data2', 'rb') as f:
9
    data2 = f.read().hex()
10

11
data = p.recvuntil(b': ')
12
print(data.decode() + data1)
13
p.sendline(data1.encode())
14
data = p.recvuntil(b': ')
15
print(data.decode() + data2)
16
p.sendline(data2.encode())
17

18
data = p.recvuntil(b'\n').rstrip()
19
print(data.decode())
20

21
p.interactive()

Kowareta_Cipher#

task

1
import sys
2
from Crypto.Cipher import AES
3
from Crypto.Util.Padding import pad
4
from random import randbytes
5

6
def main():
7
    key = randbytes(16)
8
    cipher = AES.new(key, AES.MODE_ECB)
9
    flag = b'apoorvctf{fake_flag_123}'
10

11
    print("Welcome to the ECB Oracle challenge!")
12
    print("Enter your input in hex format.")
13

14
    try:
15
        while True:
16
            print("Enter your input: ", end="", flush=True)
17
            userinput = sys.stdin.readline().strip()
18

19
            if not userinput:
20
                break
21

22
            try:
23
                userinput = bytes.fromhex(userinput)
24
                ciphertext = cipher.encrypt(pad(userinput + flag + userinput, 16))
25
                print("Ciphertext:", ciphertext.hex())
26

27
            except Exception as e:
28
                print(f"Error: {str(e)}")
29

30
    except KeyboardInterrupt:
31
        print("Server shutting down.")
32

33
if __name__ == "__main__":
34
    main()
35

36
# nc chals1.apoorvctf.xyz 4001

很有意思，加密格式变成x+flag+x，我们ECB的特点就是相同的明文块会生成相同的密文块，padding怎么办呢？消除影响就好了

exp

1
from pwn import *
2

3
p = remote('chals1.apoorvctf.xyz', 4001)
4

5
for _ in range(2):
6
    data = p.recvuntil(b'\n').strip().decode()
7
    print(data)
8

9
flag = ''
10
for i in range(32):
11
    for code in range(33, 127):
12
        inp = 'X' * (31 - i) + flag + chr(code) + 'X' * (31 - i)
13
        print('[+] input:', inp)
14
        inp_hex = inp.encode().hex()
15
        prompt = p.recvuntil(b': ').decode()
16
        print(prompt + inp_hex)
17
        p.sendline(inp_hex.encode())
18
        data = p.recvuntil(b'\n').strip().decode()
19
        print(data)
20
        ct = data.split(' ')[-1]
21
        if ct[32:64] == ct[96:128]:
22
            flag += chr(code)
23
            break
24

25
print('[*] flag:', flag)
26
p.interactive()

a ctfer on the load

前言#

题目#

Genjutsu_Labyrinth#

Split_Lies#

Finding_Goku#

Kowareta_Cipher#