2020 1/21(火) 1:00 ~ 1/25(土) 16:59 JST に開催された、Rice Tea Cat Panda CTF の Web ジャンルのwriteup。
writeup一覧・戦績はこちら
[Web] Robots. Yeah, I know, pretty obvious. (25pt)
So, we know that Delphine is a cook. A wonderful one, at that. But did you know that GIANt used to make robots? Yeah, GIANt robots.
問題文はよくわからなかったけど、タイトルが Robots のWeb問なので、https://riceteacatpanda.wtf/robots.txt
にアクセスしてみたらこんな感じ。
/flag
はdummyで、/robot-nurses
が正解。https://riceteacatpanda.wtf/robot-nurses
にアクセスすると
[Web] No Sleep (100pt)
Jess doesn't get enough sleep, since he's such a gamer so in this challenge, you'll be staying up with him until 4:00 in the morning :D on a Monday! Let's go, gamers!
Hints
https://riceteacatpanda.wtf/onlyrealgamers
topページを訪れると、カウントダウンが始まっています。
このまま待ってるとflagが表示されるのかもですが、カウントダウンが終わるのは競技終了時間っぽい。ソースを見てみるとjavascriptコードが。
var _0x1d8e = ['gamerfuel=Jan 27, 2020 04:20:00', 'Jan 27, 2020 04:20:00', 'getTime', 'exec', 'floor', 'getElementById', 'gamer timer', 'AES', 'decrypt', 'U2FsdGVkX18kRm6FDkRVQfVuNPTxyOnJzpu8QnI/9UKoCXp6hQcley11nBnLIItj', 'ok boomer', 'innerHTML', 'Utf8', 'cookie' ]; (function(_0x29eed8, _0x4bb4aa) { var _0x47e29c = function(_0x2d3fd2) { while (--_0x2d3fd2) { _0x29eed8['push'](_0x29eed8['shift']()); } }; _0x47e29c(++_0x4bb4aa); }(_0x1d8e, 0x99)); var _0x2ad1 = function(_0x545e19, _0x47cdd3) { _0x545e19 = _0x545e19 - 0x0; var _0x4275c2 = _0x1d8e[_0x545e19]; return _0x4275c2; }; document[_0x2ad1('0x0')] = _0x2ad1('0x1'); var countDownDate = new Date(_0x2ad1('0x2'))[_0x2ad1('0x3')](); var x = setInterval(function() { var _0x27a8c6 = new Date(/[^=]*$/ [_0x2ad1('0x4')](document[_0x2ad1('0x0')])[ 0x0])[_0x2ad1('0x3')](); var _0x5b92f1 = new Date()['getTime'](); var _0x3a5a33 = _0x27a8c6 - _0x5b92f1; var _0x4214a2 = Math[_0x2ad1('0x5')](_0x3a5a33 / (0x3e8 * 0x3c * 0x3c * 0x18)); var _0x48c0d9 = Math[_0x2ad1('0x5')](_0x3a5a33 % (0x3e8 * 0x3c * 0x3c * 0x18) / (0x3e8 * 0x3c * 0x3c)); var _0x2de271 = Math[_0x2ad1('0x5')](_0x3a5a33 % (0x3e8 * 0x3c * 0x3c) / ( 0x3e8 * 0x3c)); var _0x240ffb = Math['floor'](_0x3a5a33 % (0x3e8 * 0x3c) / 0x3e8); document[_0x2ad1('0x6')](_0x2ad1('0x7'))['innerHTML'] = _0x4214a2 + 'd ' + _0x48c0d9 + 'h ' + _0x2de271 + 'm ' + _0x240ffb + 's '; _0x3a5a33 = 0x0; if (_0x3a5a33 < 0x0) { clearInterval(x); var _0x1018af = CryptoJS[_0x2ad1('0x8')][_0x2ad1('0x9')](_0x2ad1('0xa'), _0x2ad1('0xb')); document[_0x2ad1('0x6')](_0x2ad1('0x7'))[_0x2ad1('0xc')] = _0x1018af[ 'toString'](CryptoJS['enc'][_0x2ad1('0xd')]); } }, 0x3e8);
これを解読できれば良さそうだなーと眺めていたのですが、読みづらいので_0x1d8e
変数の内容を展開して書き換えます。
document['gamerfuel=Jan 27, 2020 04:20:00'] = 'Jan 20, 2020 04:20:00'; var countDownDate = new Date('getTime')['exec'](); var x = setInterval(function() { var _0x27a8c6 = new Date(/[^=]*$/ ['floor'](document['gamerfuel=Jan 27, 2020 04:20:00'])[ 0x0])['exec'](); var _0x5b92f1 = new Date()['getTime'](); var _0x3a5a33 = _0x27a8c6 - _0x5b92f1; var _0x4214a2 = Math['getElementById'](_0x3a5a33 / (0x3e8 * 0x3c * 0x3c * 0x18)); var _0x48c0d9 = Math['getElementById'](_0x3a5a33 % (0x3e8 * 0x3c * 0x3c * 0x18) / (0x3e8 * 0x3c * 0x3c)); var _0x2de271 = Math['getElementById'](_0x3a5a33 % (0x3e8 * 0x3c * 0x3c) / ( 0x3e8 * 0x3c)); var _0x240ffb = Math['floor'](_0x3a5a33 % (0x3e8 * 0x3c) / 0x3e8); document['gamer timer']('AES')['innerHTML'] = _0x4214a2 + 'd ' + _0x48c0d9 + 'h ' + _0x2de271 + 'm ' + _0x240ffb + 's '; _0x3a5a33 = 0x0; if (_0x3a5a33 < 0x0) { clearInterval(x); var _0x1018af = CryptoJS['decrypt']['U2FsdGVkX18kRm6FDkRVQfVuNPTxyOnJzpu8QnI/9UKoCXp6hQcley11nBnLIItj']('ok boomer', 'innerHTML'); document['gamer timer']('AES')['Utf8'] = _0x1018af[ 'toString'](CryptoJS['enc']['cookie']); } }, 0x3e8);
だいぶ見やすくなりました。
最後の行にcookie
とあります。cookieを見てみると、gamerfuel
: Jan 27, 2020 04:20:00
というのがありました。
なんとなく現在時刻より前に設定すると良さそうなので、試しにこれをJan 23, 2020 04:20:00
に書き換えてみると、flagが出ました。
[Web] Phishing for Flags (105pt)
I got a bunch of emails from people across the galaxy... some are more interesting than others.
Hints
You only have two tries, so be careful :D
Emails.zip
が配布されます。
$ unzip Emails.zip Archive: Emails.zip inflating: Applying For A Job.eml inflating: College of Flag.eml inflating: CONFIRM YOUR UNSUBSCIBE REQUEST.eml inflating: GIVE ME BACK MY EYEHOLES.eml inflating: Please Verify Your Account (RiceTeaCatPanda).eml inflating: Updates on my reseach.eml
フィッシング問題。それぞれのメールには、リンクが沢山埋め込まれていますが、2回までしかチャンスがないということで正しいリンクを選んで踏まないとダメそう(実際は存在しないドメインで、特に間違えても問題なさそうでした)。ざっと見た感じ、下記のリンクが埋め込まれていました。urlをよく読んで選びます。
http://areyousurethisisaresume.com
// are you sure this is a resumehttps://www.google.com/drive/docs/file0116
(not link)http://thisisnotalinktotheflag.com
// this is not a link to the flaghttp://yeahrightcanyouevengrammar.org // yeah right can you even grammar
http://comeonthisisabigredbutton.com // come on this is a big red button
https://riceteacatpanda.baycyberctf.net/phishingemail
https://help.riceteacatpanda.b5ycyb3rctf.net
http://yestotallyapasswordresetlinkforrtcp.com
// yes totally a password reset link for rtcphttp://auth.berkeley.eduh.in/news/nvidea-jetson1
(not link)http://articleabouthowfartscancreateallkindsofstuff.com
// article about how fart scan create all kinds of stuffhttp://www.sciencedirect.com/science/article/pii/S164496651500082
(not link) *http://NOOOOOOOOOOOOOOMORTYWHYYYYYY.com // No MORTY Why
この中で怪しい&有効そうだったのが https://riceteacatpanda.baycyberctf.net/phishingemail
。行ってみると証明書の警告が出た後、RTCPCTFのミラーのようなサイトのログイン画面に飛ばされます(ゲストウィンドウでやっていたため)。
ログイン後に https://riceteacatpanda.baycyberctf.net/phishingemail
にアクセスするとflagが得られました。
Read Before You Click!
[Web] Uwu? (125pt)
ᵘʷᵘ oh no ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ hecc sorry guys ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ sorry im dropping ᵘʷᵘ my uwus all over the ᵘʷᵘ place ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ oh no I lost one ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ
ah, Jake, you idiot
Hints
https://riceteacatpanda.wtf/uwu
This challenge gets progressively harder the faster your internet is if you do it manually
uwuってなんぞ。と思ってググったらドンピシャのFAQがあった。
【uwu】 とはどういう意味ですか? | HiNative
顔らしい。なんだか可愛く見えてきたぞ。
リンク先に飛んでみると、エライコッチャ。
redirectで何度か飛ばされ、最終的に/uwustorage
に落ち着きました。
下記が飛ばされるページ。
- /uwu
- /omgmeow
- /pandaaaaaaa
- /you-better-wash-your-rice
- /footprint
- /uwustorage
それぞれのページのソースを引っ張ってきて保存しておきます。
次。uwu言語
とかで書かれた言語だと思ったので、ググってみました。ksnctfの「うーにゃー言語」とかそんな感じと思ったのだ。なんかちょっと違う、語尾をちょっと変えただけのuwu language
的なサイトがたくさん出てきました( •̅_•̅ ) コレジャナイ。
gitHub上でググってもそれらしきものが出てこないので、とりあえず落としておいたページのソースをgrepしたら出てきた。
$ ls footprint.txt uwu.txt omgmeow.txt uwustorage.txt pandaaaaaaa.txt you-better-wash-your-rice.txt $ grep -o rtcp{.*} * you-better-wash-your-rice.txt:rtcp{uwu_,_1_f0und_y0u}
[Web] What's in The Box?! (200pt)
📦
Hints
You may drag it to your bookmarks bar ;D
言われたとおりに、boxをブックマークバーにドラッグし、追加したブックマークを開いてみると…!
なんと猫ちゃんが現れた。しかも動いている。
bookmarkを編集、から詳細を見てみるとjavascriptが埋まってた。最後の方のコメントアウトしてある断片をurlデコードしてつなげるとflagに。
(略) /*rtcp%7B*/ var ticks %3D 0%3B var jump_t %3D 20%3B var move_t %3D 180%3B cat.style.cssFloat %3D "left"%3B cat.style.position %3D "absolute"%3B cat.style.width %3D "64px"%3B cat.style.height %3D "64px"%3B cat.style.left %3D 0%3B cat.style.up %3D 0%3B cat.style.zIndex %3D 100000000%3B document.body.insertBefore(cat, document.body.firstChild)%3B setInterval(function() %7B ticks%2B%2B%3B if (onGround) %7B if (dx !%3D 0) %7B if (ticks >%3D jump_t) %7B /*k4wA1*/ onGround %3D false%3B dy %3D 2 %2B Math.random() * 4%3B jump_t %3D ticks %2B Math.floor(Math.random() * 100) %2B 10%3B %7D %7D %7D else %7B dy -%3D 0.1%3B if (ticks >%3D jump_t) %7B onGround %3D true%3B dy %3D 0%3B /*I_kitT3nz*/ jump_t %3D ticks %2B Math.floor(Math.random() * 200) %2B 50%3B %7D %7D /*_4_tH*/ if (ticks >%3D move_t) %7B if (dx %3D%3D 0) %7B var temp %3D Math.random()%3B if (temp > 0.5) %7B dx %3D 0.5 %2B Math.random()%3B cat.setAttribute("src", cat_right)%3B %7D else %7B dx %3D -0.5 - Math.random()%3B /*3_w1N*/ cat.setAttribute("src", cat_left)%3B %7D move_t %3D ticks %2B Math.floor(Math.random() * 200) %2B 25%3B %7D else %7B dx %3D 0%3B move_t %3D ticks %2B Math.floor(Math.random() * 200) %2B 25%3B cat.setAttribute("src", cat_idle)%3B %7D %7D if (x %2B dx >%3D 0 %26%26 x %2B 64 %2B dx < window.innerWidth) %7B x %2B%3D dx%3B %7D else if (x %2B dx < 0) %7B dx %3D 0%3B x %3D 0%3B %7D else %7B dx %3D 0%3B x %3D window.innerWidth - 64%3B %7D if (y - dy >%3D 0) %7B y -%3D dy%3B /*!!_4123*/ %7D else %7B dy %3D -dy%3B y %3D 0%3B %7D cat.style.left %3D (x %2B "px")%3B /*2345%7D*/ cat.style.top %3D (y %2B "px")%3B %7D, 20)%3B %7Dvar i%3B for (i %3D 0%3B i < 2%3B i%2B%2B) %7B spawncat()%3B %7D
コメント部分だけ抜き出し
rtcp%7B k4wA1 I_kitT3nz _4_tH 3_w1N !!_4123 2345%7D
urlデコードしてつなげると
flag: rtcp{k4wA1I_kitT3nz_4_tH3_w1N!!_41232345}
可愛い子猫ちゃんは正義!
[Web] Web Invaders (250pt)
Hints
If the iframe isn't working, right-click the frame and reload the frame
いきなりゲームが始まります!びっくり!
頑張って手動で1面をクリアすると、結構スピードアップして2面がスタートします。私の実力ではこれを手動でクリアするのは無理だ…。1面でも20回以上かかったのに。
Chromeの開発者ツールでNetworkを確認し、怪しそうなファイルをDownloadします。
WebInvaders_wasm.js
というゲームのソースコードっぽいjavascriptが怪しいのですが、整形すると1万4000行に。ちょっと探してみてもflagが直書きしてあるわけではなさそう。
あとは、設定ファイルっぽいのが落ちてくるので、これを差し替えてeasyにプレイできるようにするとどうかしら...。
と、「設定を書き換える」というチート行為に頭がいってしまったところで競技は終了。
せっかくDLしていたファイルを改めて見直してみると…
$ strings game.arcd0 | grep rtcp rtcp{web
あっ!
バイナリ含めてless
コマンドで確認してみると
いた!なんと!これは解きたかったなぁ。
[Web] growls at the chicken (1000pt)
grrrrrrR
big chicken, i hisS At you!!!
Hints
NQr2MIa1jsaifAVOn3zYeMynNJwd4oBiiem4fJHsA1WjzfyhUp1+seCW0GMijoDHb3w9BMKj7aw6hhtae5/Qw5xOqMioJU3vvEj0BEHO1wInPqlOeTRdZb8BcTsXP+Z/KBA2FjSZcpGHo7rOZ7NtR15y3eY4s/e/tgKUHvPe9MdmDe1kINtyRXgjghJO9e3uMEQmFe2Ai5moVnG7yIVfUd3QG6/Z+K4PSttbJtjWSLFO7zpmYpEOg3XBxsOw/w5scJQqJ7OLGiH22u4+JFXRlD/wPmDzk9uYlLWLcCuxnY0xuMlSfKIFJtVmF0ViO4o4X89ZwsQjjHuYYDaB3el7iA63BzBlsC54Q7Ekv70/GI0UA3R3zJkMaBV12Z6NAE/kAgEJu9ZRcVm6MAIZInLwMU4R1frM0Bks1jeTe72agmxnAIrR8XDeAxzovbvXFwoxNyxiA63fPJGPVoGZq4ecfGvJ23i/Cg+cynB35lc3f+4QifpjCn+MxWkKCzCVEJXdDah19yXKlIxbaR1zm+YHkS0YSUzjr7NJUXHfDCrwAUpXpikfi2f9tgcXEnuhszScE1PCbdt22rRz1pS7MNdRxjCZ5j+8BQNRBLi2BjLGW14X3zd4d6ieoHWH+4fmbqU9dFsUgKN5qL4Gs2LZbbQwkf3+VbIRQK9RaSO9Hj+4/T0=
Public
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmy27XroKLfED3q32/K7G +TnREe2ZkSgceDJH9X+Jf2I++kJHxNxe5HbQBdTHW/tLTWxwMEpric9zGFlt1f76 zdG2iocGw81BVznN/btVAYJBGbhJPYTeULSCv4WG+NTrss8NSl6WGS9NCOKEWTA/ JjR1z8fXik5foTK18sLJloRFGmxcKV6ZI0VFEi77U6PouOseaPBRYgVlPAjNM/pl AuJotPjFYtNTQWCgpj+Vgt3cxm9erBl8G9K9rIsK6snNA1yEZT774CMLCnyovkd5 i55/5mIjGOdmy+x3qCYC2J+Xmssx56OebPyO8cAou8XQf5E/PMxBZ+8X5zuqnHza 2oK9Lo4K2hYVGpCBmG8WhCstYVvfxeb0cXifPOZnpiC4DrQ3q5atx7sH1V4OaAze eJ+nWKTKVaT9NLKEC3ObUNtLLjoh3AZr/RFh9OsYf3rmRFflJkswlVpfMQF6MAR4 CrDITaTdL0M5RWzE2/1Mh98p2HvTJXz0bFbcIfAvd3rAYku0P3OyO3EZ7KrpGXZa 4Mdu10GKEllk9bwCmDFHK/HMVzZPFK9RvKNpMyWchLCLO2gRxIHySn3lF/MHlBkq 0+DH3YM5L0EW92Uzu/IkZJ4o3z7YnrMHdVVN14bGlBfspn+t7LT2xTx3sWYQLm6r xYeQDSkiY24IqAiQzwdPmi0CAwEAAQ==
Private
MIIJKQIBAAKCAgEAmy27XroKLfED3q32/K7G+TnREe2ZkSgceDJH9X+Jf2I++kJH xNxe5HbQBdTHW/tLTWxwMEpric9zGFlt1f76zdG2iocGw81BVznN/btVAYJBGbhJ PYTeULSCv4WG+NTrss8NSl6WGS9NCOKEWTA/JjR1z8fXik5foTK18sLJloRFGmxc KV6ZI0VFEi77U6PouOseaPBRYgVlPAjNM/plAuJotPjFYtNTQWCgpj+Vgt3cxm9e rBl8G9K9rIsK6snNA1yEZT774CMLCnyovkd5i55/5mIjGOdmy+x3qCYC2J+Xmssx 56OebPyO8cAou8XQf5E/PMxBZ+8X5zuqnHza2oK9Lo4K2hYVGpCBmG8WhCstYVvf xeb0cXifPOZnpiC4DrQ3q5atx7sH1V4OaAzeeJ+nWKTKVaT9NLKEC3ObUNtLLjoh 3AZr/RFh9OsYf3rmRFflJkswlVpfMQF6MAR4CrDITaTdL0M5RWzE2/1Mh98p2HvT JXz0bFbcIfAvd3rAYku0P3OyO3EZ7KrpGXZa4Mdu10GKEllk9bwCmDFHK/HMVzZP FK9RvKNpMyWchLCLO2gRxIHySn3lF/MHlBkq0+DH3YM5L0EW92Uzu/IkZJ4o3z7Y nrMHdVVN14bGlBfspn+t7LT2xTx3sWYQLm6rxYeQDSkiY24IqAiQzwdPmi0CAwEA AQKCAgEAj4nc0IGL2vUenEMUvKS6vlwhrNC4BRIyS2hPMaH4QJFTKdBXbJxfVjsk rtAkXEv1Wrecir67/GyczQAj3heOTQXYMQk3U7Sv5Qw+I569wbiHmU/ix3n43nQq oRfVQqRJJUvqwkj91GvxeO92dr1vHFrYQwtar79RK92pedV9/LF67jcfhNDRHFP9 0RUOO07ZfPtXVMA+t0nAW6jUj2jlOKbPLd8TThel4kqML1uPY87vYcowq0aji2UD N/AheA6UibBxcumwuKIRm3C18dRRdLl3G1bZmjap2qVwBWSrq07sQC4GinrJl4yC eNJDm3UeKHHlKcrSEV6TILwLU9cV5CnfADzGIKVvyU6O9OWs2bk2r0w2pZ3VUJjC Wmm19S5gAWwAvgUEABnKODJGs28ttljaTOrgPlNMSEDVl56REyaD9Bl9Y7bjQop2 E7+F+9SiWYmb1sQz2/77zk3ZxtonAsVP7XixSW7hp0UZDur7Vo8XuzP5fnOP30c0 RWjlQwuixdtaYLavKP3W4HspTQL3jOa6Wq0zetcPv3rLYGXQ0L9fNhkA7AncO4Zi FGMBs4J7ReuCQQmWWb80DhBAQ7NN7kiZo7uuHLIGD1cQcg7KHycCu2OOBWrolq6r ZOY8I5tjjzEGGkmczcwkaArCVhiDBRW2m8TgqnYBEPsFgF/5FgECggEBANah1wjI R36bynDfEF2XyxCZFmvXdu5xPyhAgjbVsDTy0p5eWS+fBuxr574lt5cxUv4Alzv0 fdtuCaL/fEOe/bv8ZlSXzLZPkqdOpTOQqAKKXB05rLBhGMNkZjQDFAQkjY+SppSl 5AtdbIuhdhlbeyX7NwczbFVVh6ZnOdnU3rMNkLZoxEJUztFrPJBownRbRm+QQUp9 wxrZqKPiLhhKnTXfAvM1jrdlOarKpldrBsYxdTeuOP2gsij/RsGI/dhxLueAlCvi zsQzS94VgtLrJJ02ZEyZVqkGzGW+tYnvluydLFU9CXyC6jfw6eoZY+wTG3TRRbkR M7hJaj1Ov5xZsoECggEBALkWZXYj661GctJ54R+n2Ulm1r9gMXVsdmiqOOwmsqtA VKIks5ykhi0n05NJdan24+t5c9u8tP8Orq5qbhIBAUMQJtorRTntixJZa4oZ5lDC csSLKvTHKqcAnUwlL2sydy/IxvTsjRdnrEX8QV2oq40fb2tBI80XfBySDy7KEPdG bzI2/KbPaFZjphc5qNOV9BagvjqFmNO8DYyRHsSEnVyTuXOlkbJPvKIRNniNJRBI P0iFtwFtLZGUCMH7TK+9aKjBYizPAzklSf9/poeGluuKn5M0G4mvCCZVtOFw6p2Q 7j1jXUYQEcs9vgyobAfQNev/JLMjeGjaaXaV71nTea0CggEBAL6IGN4g/Oa14fZk 7qBHGer4G2FMerWdLpXK/k0zUSMP1EzmMIIHyBukhqrTzLCZBrWZTKfamMdsXX2n E2bsAw8YNrctsnq9FNEVDa5C4gKvVKpVAqno6BS8UcYmXWR4Fnq3ks0unsw/+RXT FYXZIe9LnUP1MFxoeu0Lgd2QDMoiZq6nPmIr6xUY/0Cq3sRwKozrICrCjaqOQhiJ tqW1xu2FtZa1mqXPZGvrTdMYnYDfctElBk6Qkte2FdfEhqPXhe3YxLBYvXiKmPTj X6lhOLWfDVa6YKXX9Sb1Ly7t06rks/BPKNaxWL6kTOKV+5AcPilrhVuOm70i3v7h o1NmhQECggEAaW6MlWOY2LeMqMCssK+YYuul4JYXFmCWgsCUdFEG7e5TR5nIhq5h kE9jgj8SO6Nb6cLhcIZqQ/BFKS2PTcoswdrthtGnOXxLAETXsW9XdyGM5tCvw4fA kCkVcU6tWE8C/cFNNC+bn3168NLlGUj/kAAcI+iTUDzUgiHhbDHGwFTq+pvAB/WV 5cAV2J0Lwptk0471TbjUeahhv3TbJe61BQtRVMM33270cQ2FDd65AjFlexZQTQu4 LXk6E+XmpSUr/RVLq2Kw31iScmxwnDratYndpKjGFwQRjGS+CL2dp+vrCiUT+Nkm ibO+Es/N2hWM4cYRTcoiyPfBo798/JoucQKCAQBw2Vm2CUbWC1IlgHU2rEngB1F1 c6asxmpIn3j4EiigwO+27G9cmpQ54CvRjp18Fw2/ZABok8C8edm+VMtWRd5gXFTP K7lmWJnGJ0W2eGcjdOCrHZx3sFxoer0Vdy3dQbcWtAQJhqUBbIqCwLkWIQgrsNdl CQiaeKqBz0cQrj6UkNs2qXfjzTg8xPgR/Yapps4O9yoJUKpVUiMlcHgRGi/wsgHx Mq/Ghvz6tYMW7zIXjgYw575Nd9BJy+si9dXShsFmwFQ0MoU0uHFI5oGTGvqc07j8 eVFNV+dm4dr9Irt0qhSHxcaVCyDs36bXz7S0kSgvECV1QhgtFQPOrVQdgsTn
なんか鍵っぽいのが渡されました。
問題文の大文字をつなげると、RSAになってるので、RSAが関係ありそう。
まずはpublicの方を。ヒントの最初のワードと、文字列の形式的にRSAの公開鍵と秘密鍵っぽいので、文字列をブランクで改行し、一番上と下の行に
-----BEGIN PUBLIC KEY----- hogehoge -----END PUBLIC KEY-----
を追加したファイルpub.pem
を作成します。中身を確認。
$ openssl rsa -pubin -in pub.pem -text Public-Key: (4096 bit) Modulus: 00:9b:2d:bb:5e:ba:0a:2d:f1:03:de:ad:f6:fc:ae: c6:f9:39:d1:11:ed:99:91:28:1c:78:32:47:f5:7f: 89:7f:62:3e:fa:42:47:c4:dc:5e:e4:76:d0:05:d4: c7:5b:fb:4b:4d:6c:70:30:4a:6b:89:cf:73:18:59: 6d:d5:fe:fa:cd:d1:b6:8a:87:06:c3:cd:41:57:39: cd:fd:bb:55:01:82:41:19:b8:49:3d:84:de:50:b4: 82:bf:85:86:f8:d4:eb:b2:cf:0d:4a:5e:96:19:2f: 4d:08:e2:84:59:30:3f:26:34:75:cf:c7:d7:8a:4e: 5f:a1:32:b5:f2:c2:c9:96:84:45:1a:6c:5c:29:5e: 99:23:45:45:12:2e:fb:53:a3:e8:b8:eb:1e:68:f0: 51:62:05:65:3c:08:cd:33:fa:65:02:e2:68:b4:f8: c5:62:d3:53:41:60:a0:a6:3f:95:82:dd:dc:c6:6f: 5e:ac:19:7c:1b:d2:bd:ac:8b:0a:ea:c9:cd:03:5c: 84:65:3e:fb:e0:23:0b:0a:7c:a8:be:47:79:8b:9e: 7f:e6:62:23:18:e7:66:cb:ec:77:a8:26:02:d8:9f: 97:9a:cb:31:e7:a3:9e:6c:fc:8e:f1:c0:28:bb:c5: d0:7f:91:3f:3c:cc:41:67:ef:17:e7:3b:aa:9c:7c: da:da:82:bd:2e:8e:0a:da:16:15:1a:90:81:98:6f: 16:84:2b:2d:61:5b:df:c5:e6:f4:71:78:9f:3c:e6: 67:a6:20:b8:0e:b4:37:ab:96:ad:c7:bb:07:d5:5e: 0e:68:0c:de:78:9f:a7:58:a4:ca:55:a4:fd:34:b2: 84:0b:73:9b:50:db:4b:2e:3a:21:dc:06:6b:fd:11: 61:f4:eb:18:7f:7a:e6:44:57:e5:26:4b:30:95:5a: 5f:31:01:7a:30:04:78:0a:b0:c8:4d:a4:dd:2f:43: 39:45:6c:c4:db:fd:4c:87:df:29:d8:7b:d3:25:7c: f4:6c:56:dc:21:f0:2f:77:7a:c0:62:4b:b4:3f:73: b2:3b:71:19:ec:aa:e9:19:76:5a:e0:c7:6e:d7:41: 8a:12:59:64:f5:bc:02:98:31:47:2b:f1:cc:57:36: 4f:14:af:51:bc:a3:69:33:25:9c:84:b0:8b:3b:68: 11:c4:81:f2:4a:7d:e5:17:f3:07:94:19:2a:d3:e0: c7:dd:83:39:2f:41:16:f7:65:33:bb:f2:24:64:9e: 28:df:3e:d8:9e:b3:07:75:55:4d:d7:86:c6:94:17: ec:a6:7f:ad:ec:b4:f6:c5:3c:77:b1:66:10:2e:6e: ab:c5:87:90:0d:29:22:63:6e:08:a8:08:90:cf:07: 4f:9a:2d Exponent: 65537 (0x10001) writing RSA key -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmy27XroKLfED3q32/K7G +TnREe2ZkSgceDJH9X+Jf2I++kJHxNxe5HbQBdTHW/tLTWxwMEpric9zGFlt1f76 zdG2iocGw81BVznN/btVAYJBGbhJPYTeULSCv4WG+NTrss8NSl6WGS9NCOKEWTA/ JjR1z8fXik5foTK18sLJloRFGmxcKV6ZI0VFEi77U6PouOseaPBRYgVlPAjNM/pl AuJotPjFYtNTQWCgpj+Vgt3cxm9erBl8G9K9rIsK6snNA1yEZT774CMLCnyovkd5 i55/5mIjGOdmy+x3qCYC2J+Xmssx56OebPyO8cAou8XQf5E/PMxBZ+8X5zuqnHza 2oK9Lo4K2hYVGpCBmG8WhCstYVvfxeb0cXifPOZnpiC4DrQ3q5atx7sH1V4OaAze eJ+nWKTKVaT9NLKEC3ObUNtLLjoh3AZr/RFh9OsYf3rmRFflJkswlVpfMQF6MAR4 CrDITaTdL0M5RWzE2/1Mh98p2HvTJXz0bFbcIfAvd3rAYku0P3OyO3EZ7KrpGXZa 4Mdu10GKEllk9bwCmDFHK/HMVzZPFK9RvKNpMyWchLCLO2gRxIHySn3lF/MHlBkq 0+DH3YM5L0EW92Uzu/IkZJ4o3z7YnrMHdVVN14bGlBfspn+t7LT2xTx3sWYQLm6r xYeQDSkiY24IqAiQzwdPmi0CAwEAAQ== -----END PUBLIC KEY-----
(๑•̀ㅂ•́)و✧ヨシ
次にpivateのほうを。同じようにブランクで改行して、一番上と下の行に
-----BEGIN RSA PRIVATE KEY----- hogehoge -----END RSA PRIVATE KEY-----
を追加して鍵っぽくしてみます。中身を確認。
$ openssl rsa -in private.pem -text Private-Key: (4096 bit) modulus: 00:9b:2d:bb:5e:ba:0a:2d:f1:03:de:ad:f6:fc:ae: c6:f9:39:d1:11:ed:99:91:28:1c:78:32:47:f5:7f: 89:7f:62:3e:fa:42:47:c4:dc:5e:e4:76:d0:05:d4: c7:5b:fb:4b:4d:6c:70:30:4a:6b:89:cf:73:18:59: 6d:d5:fe:fa:cd:d1:b6:8a:87:06:c3:cd:41:57:39: cd:fd:bb:55:01:82:41:19:b8:49:3d:84:de:50:b4: 82:bf:85:86:f8:d4:eb:b2:cf:0d:4a:5e:96:19:2f: 4d:08:e2:84:59:30:3f:26:34:75:cf:c7:d7:8a:4e: 5f:a1:32:b5:f2:c2:c9:96:84:45:1a:6c:5c:29:5e: 99:23:45:45:12:2e:fb:53:a3:e8:b8:eb:1e:68:f0: 51:62:05:65:3c:08:cd:33:fa:65:02:e2:68:b4:f8: c5:62:d3:53:41:60:a0:a6:3f:95:82:dd:dc:c6:6f: 5e:ac:19:7c:1b:d2:bd:ac:8b:0a:ea:c9:cd:03:5c: 84:65:3e:fb:e0:23:0b:0a:7c:a8:be:47:79:8b:9e: 7f:e6:62:23:18:e7:66:cb:ec:77:a8:26:02:d8:9f: 97:9a:cb:31:e7:a3:9e:6c:fc:8e:f1:c0:28:bb:c5: d0:7f:91:3f:3c:cc:41:67:ef:17:e7:3b:aa:9c:7c: da:da:82:bd:2e:8e:0a:da:16:15:1a:90:81:98:6f: 16:84:2b:2d:61:5b:df:c5:e6:f4:71:78:9f:3c:e6: 67:a6:20:b8:0e:b4:37:ab:96:ad:c7:bb:07:d5:5e: 0e:68:0c:de:78:9f:a7:58:a4:ca:55:a4:fd:34:b2: 84:0b:73:9b:50:db:4b:2e:3a:21:dc:06:6b:fd:11: 61:f4:eb:18:7f:7a:e6:44:57:e5:26:4b:30:95:5a: 5f:31:01:7a:30:04:78:0a:b0:c8:4d:a4:dd:2f:43: 39:45:6c:c4:db:fd:4c:87:df:29:d8:7b:d3:25:7c: f4:6c:56:dc:21:f0:2f:77:7a:c0:62:4b:b4:3f:73: b2:3b:71:19:ec:aa:e9:19:76:5a:e0:c7:6e:d7:41: 8a:12:59:64:f5:bc:02:98:31:47:2b:f1:cc:57:36: 4f:14:af:51:bc:a3:69:33:25:9c:84:b0:8b:3b:68: 11:c4:81:f2:4a:7d:e5:17:f3:07:94:19:2a:d3:e0: c7:dd:83:39:2f:41:16:f7:65:33:bb:f2:24:64:9e: 28:df:3e:d8:9e:b3:07:75:55:4d:d7:86:c6:94:17: ec:a6:7f:ad:ec:b4:f6:c5:3c:77:b1:66:10:2e:6e: ab:c5:87:90:0d:29:22:63:6e:08:a8:08:90:cf:07: 4f:9a:2d publicExponent: 65537 (0x10001) privateExponent: 00:8f:89:dc:d0:81:8b:da:f5:1e:9c:43:14:bc:a4: ba:be:5c:21:ac:d0:b8:05:12:32:4b:68:4f:31:a1: f8:40:91:53:29:d0:57:6c:9c:5f:56:3b:24:ae:d0: 24:5c:4b:f5:5a:b7:9c:8a:be:bb:fc:6c:9c:cd:00: 23:de:17:8e:4d:05:d8:31:09:37:53:b4:af:e5:0c: 3e:23:9e:bd:c1:b8:87:99:4f:e2:c7:79:f8:de:74: 2a:a1:17:d5:42:a4:49:25:4b:ea:c2:48:fd:d4:6b: f1:78:ef:76:76:bd:6f:1c:5a:d8:43:0b:5a:af:bf: 51:2b:dd:a9:79:d5:7d:fc:b1:7a:ee:37:1f:84:d0: d1:1c:53:fd:d1:15:0e:3b:4e:d9:7c:fb:57:54:c0: 3e:b7:49:c0:5b:a8:d4:8f:68:e5:38:a6:cf:2d:df: 13:4e:17:a5:e2:4a:8c:2f:5b:8f:63:ce:ef:61:ca: 30:ab:46:a3:8b:65:03:37:f0:21:78:0e:94:89:b0: 71:72:e9:b0:b8:a2:11:9b:70:b5:f1:d4:51:74:b9: 77:1b:56:d9:9a:36:a9:da:a5:70:05:64:ab:ab:4e: ec:40:2e:06:8a:7a:c9:97:8c:82:78:d2:43:9b:75: 1e:28:71:e5:29:ca:d2:11:5e:93:20:bc:0b:53:d7: 15:e4:29:df:00:3c:c6:20:a5:6f:c9:4e:8e:f4:e5: ac:d9:b9:36:af:4c:36:a5:9d:d5:50:98:c2:5a:69: b5:f5:2e:60:01:6c:00:be:05:04:00:19:ca:38:32: 46:b3:6f:2d:b6:58:da:4c:ea:e0:3e:53:4c:48:40: d5:97:9e:91:13:26:83:f4:19:7d:63:b6:e3:42:8a: 76:13:bf:85:fb:d4:a2:59:89:9b:d6:c4:33:db:fe: fb:ce:4d:d9:c6:da:27:02:c5:4f:ed:78:b1:49:6e: e1:a7:45:19:0e:ea:fb:56:8f:17:bb:33:f9:7e:73: 8f:df:47:34:45:68:e5:43:0b:a2:c5:db:5a:60:b6: af:28:fd:d6:e0:7b:29:4d:02:f7:8c:e6:ba:5a:ad: 33:7a:d7:0f:bf:7a:cb:60:65:d0:d0:bf:5f:36:19: 00:ec:09:dc:3b:86:62:14:63:01:b3:82:7b:45:eb: 82:41:09:96:59:bf:34:0e:10:40:43:b3:4d:ee:48: 99:a3:bb:ae:1c:b2:06:0f:57:10:72:0e:ca:1f:27: 02:bb:63:8e:05:6a:e8:96:ae:ab:64:e6:3c:23:9b: 63:8f:31:06:1a:49:9c:cd:cc:24:68:0a:c2:56:18: 83:05:15:b6:9b:c4:e0:aa:76:01:10:fb:05:80:5f: f9:16:01 prime1: 00:d6:a1:d7:08:c8:47:7e:9b:ca:70:df:10:5d:97: cb:10:99:16:6b:d7:76:ee:71:3f:28:40:82:36:d5: b0:34:f2:d2:9e:5e:59:2f:9f:06:ec:6b:e7:be:25: b7:97:31:52:fe:00:97:3b:f4:7d:db:6e:09:a2:ff: 7c:43:9e:fd:bb:fc:66:54:97:cc:b6:4f:92:a7:4e: a5:33:90:a8:02:8a:5c:1d:39:ac:b0:61:18:c3:64: 66:34:03:14:04:24:8d:8f:92:a6:94:a5:e4:0b:5d: 6c:8b:a1:76:19:5b:7b:25:fb:37:07:33:6c:55:55: 87:a6:67:39:d9:d4:de:b3:0d:90:b6:68:c4:42:54: ce:d1:6b:3c:90:68:c2:74:5b:46:6f:90:41:4a:7d: c3:1a:d9:a8:a3:e2:2e:18:4a:9d:35:df:02:f3:35: 8e:b7:65:39:aa:ca:a6:57:6b:06:c6:31:75:37:ae: 38:fd:a0:b2:28:ff:46:c1:88:fd:d8:71:2e:e7:80: 94:2b:e2:ce:c4:33:4b:de:15:82:d2:eb:24:9d:36: 64:4c:99:56:a9:06:cc:65:be:b5:89:ef:96:ec:9d: 2c:55:3d:09:7c:82:ea:37:f0:e9:ea:19:63:ec:13: 1b:74:d1:45:b9:11:33:b8:49:6a:3d:4e:bf:9c:59: b2:81 prime2: 00:b9:16:65:76:23:eb:ad:46:72:d2:79:e1:1f:a7: d9:49:66:d6:bf:60:31:75:6c:76:68:aa:38:ec:26: b2:ab:40:54:a2:24:b3:9c:a4:86:2d:27:d3:93:49: 75:a9:f6:e3:eb:79:73:db:bc:b4:ff:0e:ae:ae:6a: 6e:12:01:01:43:10:26:da:2b:45:39:ed:8b:12:59: 6b:8a:19:e6:50:c2:72:c4:8b:2a:f4:c7:2a:a7:00: 9d:4c:25:2f:6b:32:77:2f:c8:c6:f4:ec:8d:17:67: ac:45:fc:41:5d:a8:ab:8d:1f:6f:6b:41:23:cd:17: 7c:1c:92:0f:2e:ca:10:f7:46:6f:32:36:fc:a6:cf: 68:56:63:a6:17:39:a8:d3:95:f4:16:a0:be:3a:85: 98:d3:bc:0d:8c:91:1e:c4:84:9d:5c:93:b9:73:a5: 91:b2:4f:bc:a2:11:36:78:8d:25:10:48:3f:48:85: b7:01:6d:2d:91:94:08:c1:fb:4c:af:bd:68:a8:c1: 62:2c:cf:03:39:25:49:ff:7f:a6:87:86:96:eb:8a: 9f:93:34:1b:89:af:08:26:55:b4:e1:70:ea:9d:90: ee:3d:63:5d:46:10:11:cb:3d:be:0c:a8:6c:07:d0: 35:eb:ff:24:b3:23:78:68:da:69:76:95:ef:59:d3: 79:ad exponent1: 00:be:88:18:de:20:fc:e6:b5:e1:f6:64:ee:a0:47: 19:ea:f8:1b:61:4c:7a:b5:9d:2e:95:ca:fe:4d:33: 51:23:0f:d4:4c:e6:30:82:07:c8:1b:a4:86:aa:d3: cc:b0:99:06:b5:99:4c:a7:da:98:c7:6c:5d:7d:a7: 13:66:ec:03:0f:18:36:b7:2d:b2:7a:bd:14:d1:15: 0d:ae:42:e2:02:af:54:aa:55:02:a9:e8:e8:14:bc: 51:c6:26:5d:64:78:16:7a:b7:92:cd:2e:9e:cc:3f: f9:15:d3:15:85:d9:21:ef:4b:9d:43:f5:30:5c:68: 7a:ed:0b:81:dd:90:0c:ca:22:66:ae:a7:3e:62:2b: eb:15:18:ff:40:aa:de:c4:70:2a:8c:eb:20:2a:c2: 8d:aa:8e:42:18:89:b6:a5:b5:c6:ed:85:b5:96:b5: 9a:a5:cf:64:6b:eb:4d:d3:18:9d:80:df:72:d1:25: 06:4e:90:92:d7:b6:15:d7:c4:86:a3:d7:85:ed:d8: c4:b0:58:bd:78:8a:98:f4:e3:5f:a9:61:38:b5:9f: 0d:56:ba:60:a5:d7:f5:26:f5:2f:2e:ed:d3:aa:e4: b3:f0:4f:28:d6:b1:58:be:a4:4c:e2:95:fb:90:1c: 3e:29:6b:85:5b:8e:9b:bd:22:de:fe:e1:a3:53:66: 85:01 exponent2: 69:6e:8c:95:63:98:d8:b7:8c:a8:c0:ac:b0:af:98: 62:eb:a5:e0:96:17:16:60:96:82:c0:94:74:51:06: ed:ee:53:47:99:c8:86:ae:61:90:4f:63:82:3f:12: 3b:a3:5b:e9:c2:e1:70:86:6a:43:f0:45:29:2d:8f: 4d:ca:2c:c1:da:ed:86:d1:a7:39:7c:4b:00:44:d7: b1:6f:57:77:21:8c:e6:d0:af:c3:87:c0:90:29:15: 71:4e:ad:58:4f:02:fd:c1:4d:34:2f:9b:9f:7d:7a: f0:d2:e5:19:48:ff:90:00:1c:23:e8:93:50:3c:d4: 82:21:e1:6c:31:c6:c0:54:ea:fa:9b:c0:07:f5:95: e5:c0:15:d8:9d:0b:c2:9b:64:d3:8e:f5:4d:b8:d4: 79:a8:61:bf:74:db:25:ee:b5:05:0b:51:54:c3:37: df:6e:f4:71:0d:85:0d:de:b9:02:31:65:7b:16:50: 4d:0b:b8:2d:79:3a:13:e5:e6:a5:25:2b:fd:15:4b: ab:62:b0:df:58:92:72:6c:70:9c:3a:da:b5:89:dd: a4:a8:c6:17:04:11:8c:64:be:08:bd:9d:a7:eb:eb: 0a:25:13:f8:d9:26:89:b3:be:12:cf:cd:da:15:8c: e1:c6:11:4d:ca:22:c8:f7:c1:a3:bf:7c:fc:9a:2e: 71 coefficient: 70:d9:59:b6:09:46:d6:0b:52:25:80:75:36:ac:49: e0:07:51:75:73:a6:ac:c6:6a:48:9f:78:f8:12:28: a0:c0:ef:b6:ec:6f:5c:9a:94:39:e0:2b:d1:8e:9d: 7c:17:0d:bf:64:00:68:93:c0:bc:79:d9:be:54:cb: 56:45:de:60:5c:54:cf:2b:b9:66:58:99:c6:27:45: b6:78:67:23:74:e0:ab:1d:9c:77:b0:5c:68:7a:bd: 15:77:2d:dd:41:b7:16:b4:04:09:86:a5:01:6c:8a: 82:c0:b9:16:21:08:2b:b0:d7:65:09:08:9a:78:aa: 81:cf:47:10:ae:3e:94:90:db:36:a9:77:e3:cd:38: 3c:c4:f8:11:fd:86:a9:a6:ce:0e:f7:2a:09:50:aa: 55:52:23:25:70:78:11:1a:2f:f0:b2:01:f1:32:af: c6:86:fc:fa:b5:83:16:ef:32:17:8e:06:30:e7:be: 4d:77:d0:49:cb:eb:22:f5:d5:d2:86:c1:66:c0:54: 34:32:85:34:b8:71:48:e6:81:93:1a:fa:9c:d3:b8: fc:79:51:4d:57:e7:66:e1:da:fd:22:bb:74:aa:14: 87:c5:c6:95:0b:20:ec:df:a6:d7:cf:b4:b4:91:28: 2f:10:25:75:42:18:2d:15:03:ce:ad:54:1d:82:c4: e7 writing RSA key -----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEAmy27XroKLfED3q32/K7G+TnREe2ZkSgceDJH9X+Jf2I++kJH xNxe5HbQBdTHW/tLTWxwMEpric9zGFlt1f76zdG2iocGw81BVznN/btVAYJBGbhJ PYTeULSCv4WG+NTrss8NSl6WGS9NCOKEWTA/JjR1z8fXik5foTK18sLJloRFGmxc KV6ZI0VFEi77U6PouOseaPBRYgVlPAjNM/plAuJotPjFYtNTQWCgpj+Vgt3cxm9e rBl8G9K9rIsK6snNA1yEZT774CMLCnyovkd5i55/5mIjGOdmy+x3qCYC2J+Xmssx 56OebPyO8cAou8XQf5E/PMxBZ+8X5zuqnHza2oK9Lo4K2hYVGpCBmG8WhCstYVvf xeb0cXifPOZnpiC4DrQ3q5atx7sH1V4OaAzeeJ+nWKTKVaT9NLKEC3ObUNtLLjoh 3AZr/RFh9OsYf3rmRFflJkswlVpfMQF6MAR4CrDITaTdL0M5RWzE2/1Mh98p2HvT JXz0bFbcIfAvd3rAYku0P3OyO3EZ7KrpGXZa4Mdu10GKEllk9bwCmDFHK/HMVzZP FK9RvKNpMyWchLCLO2gRxIHySn3lF/MHlBkq0+DH3YM5L0EW92Uzu/IkZJ4o3z7Y nrMHdVVN14bGlBfspn+t7LT2xTx3sWYQLm6rxYeQDSkiY24IqAiQzwdPmi0CAwEA AQKCAgEAj4nc0IGL2vUenEMUvKS6vlwhrNC4BRIyS2hPMaH4QJFTKdBXbJxfVjsk rtAkXEv1Wrecir67/GyczQAj3heOTQXYMQk3U7Sv5Qw+I569wbiHmU/ix3n43nQq oRfVQqRJJUvqwkj91GvxeO92dr1vHFrYQwtar79RK92pedV9/LF67jcfhNDRHFP9 0RUOO07ZfPtXVMA+t0nAW6jUj2jlOKbPLd8TThel4kqML1uPY87vYcowq0aji2UD N/AheA6UibBxcumwuKIRm3C18dRRdLl3G1bZmjap2qVwBWSrq07sQC4GinrJl4yC eNJDm3UeKHHlKcrSEV6TILwLU9cV5CnfADzGIKVvyU6O9OWs2bk2r0w2pZ3VUJjC Wmm19S5gAWwAvgUEABnKODJGs28ttljaTOrgPlNMSEDVl56REyaD9Bl9Y7bjQop2 E7+F+9SiWYmb1sQz2/77zk3ZxtonAsVP7XixSW7hp0UZDur7Vo8XuzP5fnOP30c0 RWjlQwuixdtaYLavKP3W4HspTQL3jOa6Wq0zetcPv3rLYGXQ0L9fNhkA7AncO4Zi FGMBs4J7ReuCQQmWWb80DhBAQ7NN7kiZo7uuHLIGD1cQcg7KHycCu2OOBWrolq6r ZOY8I5tjjzEGGkmczcwkaArCVhiDBRW2m8TgqnYBEPsFgF/5FgECggEBANah1wjI R36bynDfEF2XyxCZFmvXdu5xPyhAgjbVsDTy0p5eWS+fBuxr574lt5cxUv4Alzv0 fdtuCaL/fEOe/bv8ZlSXzLZPkqdOpTOQqAKKXB05rLBhGMNkZjQDFAQkjY+SppSl 5AtdbIuhdhlbeyX7NwczbFVVh6ZnOdnU3rMNkLZoxEJUztFrPJBownRbRm+QQUp9 wxrZqKPiLhhKnTXfAvM1jrdlOarKpldrBsYxdTeuOP2gsij/RsGI/dhxLueAlCvi zsQzS94VgtLrJJ02ZEyZVqkGzGW+tYnvluydLFU9CXyC6jfw6eoZY+wTG3TRRbkR M7hJaj1Ov5xZsoECggEBALkWZXYj661GctJ54R+n2Ulm1r9gMXVsdmiqOOwmsqtA VKIks5ykhi0n05NJdan24+t5c9u8tP8Orq5qbhIBAUMQJtorRTntixJZa4oZ5lDC csSLKvTHKqcAnUwlL2sydy/IxvTsjRdnrEX8QV2oq40fb2tBI80XfBySDy7KEPdG bzI2/KbPaFZjphc5qNOV9BagvjqFmNO8DYyRHsSEnVyTuXOlkbJPvKIRNniNJRBI P0iFtwFtLZGUCMH7TK+9aKjBYizPAzklSf9/poeGluuKn5M0G4mvCCZVtOFw6p2Q 7j1jXUYQEcs9vgyobAfQNev/JLMjeGjaaXaV71nTea0CggEBAL6IGN4g/Oa14fZk 7qBHGer4G2FMerWdLpXK/k0zUSMP1EzmMIIHyBukhqrTzLCZBrWZTKfamMdsXX2n E2bsAw8YNrctsnq9FNEVDa5C4gKvVKpVAqno6BS8UcYmXWR4Fnq3ks0unsw/+RXT FYXZIe9LnUP1MFxoeu0Lgd2QDMoiZq6nPmIr6xUY/0Cq3sRwKozrICrCjaqOQhiJ tqW1xu2FtZa1mqXPZGvrTdMYnYDfctElBk6Qkte2FdfEhqPXhe3YxLBYvXiKmPTj X6lhOLWfDVa6YKXX9Sb1Ly7t06rks/BPKNaxWL6kTOKV+5AcPilrhVuOm70i3v7h o1NmhQECggEAaW6MlWOY2LeMqMCssK+YYuul4JYXFmCWgsCUdFEG7e5TR5nIhq5h kE9jgj8SO6Nb6cLhcIZqQ/BFKS2PTcoswdrthtGnOXxLAETXsW9XdyGM5tCvw4fA kCkVcU6tWE8C/cFNNC+bn3168NLlGUj/kAAcI+iTUDzUgiHhbDHGwFTq+pvAB/WV 5cAV2J0Lwptk0471TbjUeahhv3TbJe61BQtRVMM33270cQ2FDd65AjFlexZQTQu4 LXk6E+XmpSUr/RVLq2Kw31iScmxwnDratYndpKjGFwQRjGS+CL2dp+vrCiUT+Nkm ibO+Es/N2hWM4cYRTcoiyPfBo798/JoucQKCAQBw2Vm2CUbWC1IlgHU2rEngB1F1 c6asxmpIn3j4EiigwO+27G9cmpQ54CvRjp18Fw2/ZABok8C8edm+VMtWRd5gXFTP K7lmWJnGJ0W2eGcjdOCrHZx3sFxoer0Vdy3dQbcWtAQJhqUBbIqCwLkWIQgrsNdl CQiaeKqBz0cQrj6UkNs2qXfjzTg8xPgR/Yapps4O9yoJUKpVUiMlcHgRGi/wsgHx Mq/Ghvz6tYMW7zIXjgYw575Nd9BJy+si9dXShsFmwFQ0MoU0uHFI5oGTGvqc07j8 eVFNV+dm4dr9Irt0qhSHxcaVCyDs36bXz7S0kSgvECV1QhgtFQPOrVQdgsTn -----END RSA PRIVATE KEY-----
(๑•̀ㅂ•́)و✧ヨシッ
問題文の最初のヒントがcipherだとすると、とりあえず公開鍵は使わずに復号できそう。
$ base64 -D cipher.txt > cipher $ openssl rsautl -decrypt -inkey prikey -in cipher unknown-123-246-470-726.herokuapp.com
なんか hostname っぽいのが出てきた!Web問になったぞ。とりあえずブラウザで覗いてみます。
おぉ、日本アニメ的空間…!
ページのソースコードを見てみると
<p hidden>9 20 30 15 16 5 14 19 30 27 29 8 20 13 12 28</p> <p hidden>"abcdefghijklmnopqrstuvwxyz[]. "</p>
こんな行が。[index],[候補文字列]として解読を試みます。
#!/usr/bin/env python3 candidates = "abcdefghijklmnopqrstuvwxyz[]. " arry = [9, 20, 30, 15, 16, 5, 14, 19, 30, 27, 29, 8, 20, 13, 12, 28] flag = '' for a in arry: flag += candidates[a-1] print(flag)
実行結果
$ python solve.py it opens [.html]
意味のある言葉になったけど…。どうして良いのかわからない…。
ページのソースコードにもありましたが、conloseに会話が表示されます。
drawer(引き出し)の中にある…。
うーん、このgifを解析するのか?でもwebだしなぁ…。一応strings
コマンドくらいは打ってみたけどめぼしいものは出てこなかったし…。
さっきのもう一つのヒントit opens [.html]
ってのも気になる。なにかワードをつけて、例えばflag.html
みたいにして開くよってことかな…。
( ✧Д✧) カッ
drawer.html
!
ということで http://unknown-123-246-470-726.herokuapp.com/drawer.html
にアクセスすると、コードにflagが埋まってました!!!