python 重定向 ctf_python(N1CTF)
文件是两个python源码我们来分析一下:challenge.py:```from N1ES import N1ES//导入另一个文件类import base64//导入关于base64的包key = "wxy191iss00000000000cute"//给key赋值n1es = N1ES(key)******...
文件是两个python源码
我们来分析一下:
challenge.py:
```from N1ES import N1ES //导入另一个文件类
import base64 //导入关于base64的包
key = "wxy191iss00000000000cute" //给key赋值
n1es = N1ES(key)****** //将key带入N1ES的函数中
flag = "N1CTF{*****************************************}" //将N1CTF集合给flag变量
cipher = n1es.encrypt(flag)****** //对flag变量使用n1es类的encrypt(加密)方法
print base64.b64encode(cipher) # HRlgC2ReHW1/WRk2DikfNBo1dl1XZBJrRR9qECMNOjNHDktBJSxcI1hZIz07YjVx //输出经过base64编码的密文,也就是经过了两轮加密。
N1ES.py:
```# -*- coding: utf-8 -*-
def round_add(a, b):
f = lambda x, y: x + y - 2 * (x & y)
res = ''
for i in range(len(a)):
res += chr(f(ord(a[i]), ord(b[i])))
return res
def permutate(table, block): //将传参作为遍历table和block
return list(map(lambda x: block[x], table)) //
def string_to_bits(data): //data代表self.key参数
data = [ord(c) for c in data] //ord(c)返回对应的 ASCII 数值,for用c遍历key
l = len(data) * 8 //len根据data数据长度*8赋值给l
result = [0] * l //将列表【0】 * l
此时我已经看不懂要干嘛了,对数据元素全0操作?上面这张图基本就是目前对key1的操作。
pos = 0 //pos变量赋值为0
for ch in data: //用ch遍历data
for i in range(0,8): //用i遍历从下标0开始下标8结束
result[(pos<<3)+i] = (ch>>i) & 1 //<
pos += 1
return result
这是返回return result的值。我接下来可以又去看N1ES类。
```s_box = [54, 132, 138, 83, 16, 73, 187, 84, 146, 30, 95, 21, 148, 63, 65, 189, 188, 151, 72, 161, 116, 63, 161, 91, 37, 24, 126, 107, 87, 30, 117, 185, 98, 90, 0, 42, 140, 70, 86, 0, 42, 150, 54, 22, 144, 153, 36, 90, 149, 54, 156, 8, 59, 40, 110, 56,1, 84, 103, 22, 65, 17, 190, 41, 99, 151, 119, 124, 68, 17, 166, 125, 95, 65, 105, 133, 49, 19, 138, 29, 110, 7, 81, 134, 70, 87, 180, 78, 175, 108, 26, 121, 74, 29, 68, 162, 142, 177, 143, 86, 129, 101, 117, 41, 57, 34, 177, 103, 61, 135, 191, 74, 69, 147, 90, 49, 135, 124, 106, 19, 89, 38, 21, 41, 17, 155, 83, 38, 159, 179, 19, 157, 68, 105, 151, 166, 171, 122, 179, 114, 52, 183, 89, 107, 113, 65, 161, 141, 18, 121, 95, 4, 95, 101, 81, 156, 17, 190, 38, 84, 9, 171, 180, 59, 45, 15, 34, 89, 75, 164, 190, 140, 6, 41, 188, 77, 165, 105, 5, 107, 31, 183, 107, 141, 66, 63, 10, 9, 125, 50, 2, 153, 156, 162, 186, 76, 158, 153, 117, 9, 77, 156, 11, 145, 12, 169, 52, 57, 161, 7, 158, 110, 191, 43, 82, 186, 49, 102, 166, 31, 41, 5, 189, 27]
def generate(o):
k = permutate(s_box,o) //使用s_box,o作为参数,使用permutate方法
b = []
for i in range(0, len(k), 7):
b.append(k[i:i+7] + [1])
c = []
for i in range(32):
pos = 0
x = 0
for j in b[i]:
x += (j<
pos += 1
c.append((0x10001**x) % (0x7f))
return c
class N1ES:
def __init__(self, key): //初始化方法,传参key
if (len(key) != 24 or isinstance(key, bytes) == False ): //如果key的长度等于24或者,判断key是否是字节类型,并返回值
raise Exception("key must be 24 bytes long") //raise抛出异常,raise后面的语句将不能执行
self.key = key //外部传来的key参数转变为N1ES的变量self.key
self.gen_subkey() //参数返回值作为N1ES变量
def gen_subkey(self):
o = string_to_bits(self.key) //o变量等于string_to_bits方法的返回,self.key变量作为传参,我们转到string_to_bits方法查看
k = [] //空列表
for i in range(8): //range(8)也相当于range(0,8),i遍历
o = generate(o) //将o当作参数,使用 generate方法
k.extend(o)
o = string_to_bits([chr(c) for c in o[0:24]])
self.Kn = []
for i in range(32):
self.Kn.append(map(chr, k[i * 8: i * 8 + 8]))
return
def encrypt(self, plaintext):
if (len(plaintext) % 16 != 0 or isinstance(plaintext, bytes) == False):
raise Exception("plaintext must be a multiple of 16 in length")
res = ''
for i in range(len(plaintext) / 16):
block = plaintext[i * 16:(i + 1) * 16]
L = block[:8]
R = block[8:]
for round_cnt in range(32):
L, R = R, (round_add(L, self.Kn[round_cnt]))
L, R = R, L
res += L + R
return res
开放原子开发者工作坊旨在鼓励更多人参与开源活动,与志同道合的开发者们相互交流开发经验、分享开发心得、获取前沿技术趋势。工作坊有多种形式的开发者活动,如meetup、训练营等,主打技术交流,干货满满,真诚地邀请各位开发者共同参与!
更多推荐
所有评论(0)