CTF密码出题
CRYPTO
发布于:2022-6-27
最后更新: 2023-4-5
次查看
type
Post
status
Published
date
Jun 27, 2022
slug
CTF密码出题
summary
CTF密码出题
tags
Crypto
CTF
category
CRYPTO
icon
password
参照

文件部署

server.py
from hashlib import sha256
import socketserver
from secret import flag
import signal
import string
import random
import os


class Task(socketserver.BaseRequestHandler):
    def _recvall(self):
        BUFF_SIZE = 2048
        data = b''
        while True:
            part = self.request.recv(BUFF_SIZE)
            data += part
            if len(part) < BUFF_SIZE:
                break
        return data.strip()

    def send(self, msg, newline=True):
        try:
            if newline:
                msg += b'\n'
            self.request.sendall(msg)
        except:
            pass

    def recv(self, prompt=b'[-] '):
        self.send(prompt, newline=False)
        return self._recvall()

    def proof_of_work(self):
        random.seed(os.urandom(8))
        proof = ''.join(
            [random.choice(string.ascii_letters+string.digits) for _ in range(20)])
        _hexdigest = sha256(proof.encode()).hexdigest()
        self.send(f"[+] sha256(XXXX+{proof[4:]}) == {_hexdigest}".encode())
        x = self.recv(prompt=b'[+] Plz tell me XXXX: ')
        if len(x) != 4 or sha256(x+proof[4:].encode()).hexdigest() != _hexdigest:
            return False
        return True

    def handle(self):
        signal.alarm(60)
        if not self.proof_of_work():
            self.send(b'[!] Wrong!')
            return

        self.send(b'here is your flag')
        self.send(flag)


class ThreadedServer(socketserver.ThreadingMixIn, socketserver.TCPServer):
    pass


class ForkedServer(socketserver.ForkingMixIn, socketserver.TCPServer):
    pass


if __name__ == "__main__":
    HOST, PORT = '0.0.0.0', 10001
    server = ForkedServer((HOST, PORT), Task)
    server.allow_reuse_address = True
    print(HOST, PORT)
    server.serve_forever()
Dockerfile
FROM python:3.8
LABEL Description="baby_try" VERSION='1.0'

COPY server.py .
COPY secret.py .

RUN chmod +x server.py

EXPOSE 12345	# 仅仅是申明,没有实际用,容器都是随机映射的,这里方便编写者查看

CMD ["python", "server.py"]
secret.py
flag=b'flag{hahahahah}'

docker部署

下载docker(参照菜鸟)
列出镜像列表时报错,Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/json": dial unix /var/run/docker.sock: connect: permission denied
没有权限需要sudo运行,也可参考博客

创建镜像

$ docker build . -t baby_try

启动容器

$ docker run --name trytry -d -idt -p 12345:10001 baby_try
尝试exp打本地
成功了
notion image
 
相关文章
2023-05-29
CISCN
2023-04-05
AWD
2023-02-28
SM3&SM4
2022-07-22
反馈移位寄存器
2022-07-11
ECC刷题
2022-07-05
[SWPU 2020]ecb
[NPUCTF2020]Mersenne-twister重合指数
Putao0v0
Putao0v0
ctfer | 张星特
公告
type
Notice
status
Published
date
Apr 4, 2023
slug
#
summary
类型为Notice的文章将被显示为公告,仅 hexo和next支持;仅限一个公告
tags
category
icon
password
hi~一个新站