NCTF2019-Reverse

​ 这题考察的是对des子密钥生成算法的理解,基本思路是通过第十一轮的子密钥(8位未知,进行爆破)倒推第一轮(初始置换)后的密钥,然后通过第一轮可以正向推各轮。这题加深了我对des密钥算法的理解。脚本来自于网络。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

import copy
import pyDes

key='********'
d=pyDes.des(key)
key10=[0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1]
PC1=[56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3]
PC2=[13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9, 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1, 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47, 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31]
movnum = [1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1]#对应16轮中每一轮的循环左移位数
def gen_key(C1,D1,k):
    tempc=C1
    tempd=D1
    for i in range(k):
        tempc = tempc[1:] + tempc[:1]
        tempd = tempd[1:] + tempd[:1]
    tempCD1=tempc+tempd
    tempkey=[]
    for i in range(len(PC2)):
        tempkey.append(tempCD1[PC2[i]])
    return (tempkey,tempCD1)#轮运算得到下一轮子密钥
def re_gen_key(C1,D1):
    tempc=C1[-1:]+C1[:-1]
    tempd=D1[-1:]+D1[:-1]
    tempCD1=tempc+tempd
    return tempCD1 #轮运算得到上一轮CD
def get_key(CD):
    tempkey=[]
    for i in range(len(PC2)):
        tempkey.append(CD[PC2[i]])
    return tempkey
def RE_pc2():
    CD1=['*']*56
    for i in range(len(PC2)):
        CD1[PC2[i]]=key10[i]#初步还原CD1
    results=[]
    for i in range(256): # 因为有8个bit是没有被选来置换作为子密钥的,所以需要遍历这8位
        temp=bin(i)[2:].zfill(8)
        tempi=copy.deepcopy(CD1)
        d=0
        for j in range(len(tempi)):
            if tempi[j]=='*':
                tempi[j]=eval(temp[d])
                d=d+1
        results.append(tempi)
    return results
f=open('cipher','rb')
flag_enc=f.read()
results=RE_pc2()
for i in range(len(results)):
    temp=results[i]
    for j in range(sum(movnum[:11])):
        temp=re_gen_key(temp[:28],temp[28:]) # 这里是从第十轮倒推到第一轮初始置换后的密钥(56位)
    tempK=[]
    Z=temp
    for j in range(16):  # 拿到初始置换以后的第一轮 就可以依次推出各轮,并进行PC2置换得到每轮的子密钥
        tempx=gen_key(Z[:28],Z[28:],movnum[j])
        tempK.append(tempx[0])
        Z=tempx[1]
    d.Kn=tempK
    if b'NCTF' in d.decrypt(flag_enc):
    	print(d.decrypt(flag_enc))

#b'NCTF{1t_7urn3d_0u7_7h47_u_2_g00d_@_r3v3rs3_1snt}'

扫一扫,分享到微信

微信分享二维码
本站总访问量: 总访客次数:

tag:

梦想是成为全栈佬并养一只猫