Hackthissite realistic 6

時間：2019-07-10 09:56:01

關鍵字： hack hackthissite

手機看文章

掃描二維碼
隨時隨地手機看文章

[導讀]?題目提供了一個加解密的算法XECryption algorithm?首先找規(guī)律，text輸入1，password不輸入，發(fā)現(xiàn)加密結果是.19.31.-1，再點一下發(fā)現(xiàn)結果變了.43.11.-5，經過

?題目提供了一個加解密的算法XECryption algorithm?

首先找規(guī)律，text輸入1，password不輸入，發(fā)現(xiàn)加密結果是.19.31.-1，再點一下發(fā)現(xiàn)結果變了.43.11.-5，經過幾次實驗之后發(fā)現(xiàn)每次結果都不一樣，但是加起來都等于49,也就是字符1的ascii的十進制的值。

輸入其他字符驗證一下，發(fā)現(xiàn)三個數(shù)相加都是對應字符的十進制的值。

text輸入1,password中輸入1，結果.14.49.35，再點一下.43.49.6，發(fā)現(xiàn)三個數(shù)之和是49+49

text輸入1,password中輸入12,結果.75.58.15，發(fā)現(xiàn)三個數(shù)之和是49+49+50

通過別的字符進行進一步驗證，可以發(fā)現(xiàn)規(guī)律如下：

res[0]+res[1]+res[2] = dec(text) + dec(password[0]) + dec(password[1]) + ... +dec(password[len_pass - 1])

解題思路：

提供的加密的encrypt text首先三個數(shù)一組計算出和，由于是mail message，我們可以肯定是可以打印的肉眼能看到的字符，所以字符范圍為20-176,也就是說password的取值必須保證解密出來的ascii字符在20-176之間，所以我們需要知道計算出來的和的最大值和最小值，password也得是可見字符，也必須落在20-176之間。

我們可以看到前面幾個的和為845, 859, 871, 879, 863，我們有理由懷疑前面幾個字符跟人名或者是dear之類的單詞有關

I have done some packet sniffing on my network and I have recovered this email that was sent from the CEO of the company to Chief Ecological Inspector Samuel Smith. However, it is encrypted and I cannot seem to decode it using any of my basic decryption tools.?

我們發(fā)現(xiàn)前面幾個的和之間的差正好等于Samuel幾個字母之間的差，所以我們可以得到下面的結論

?dec(password[0]) + dec(password[1]) + ... +dec(password[len_pass - 1]) = 845 - 83 = 762

這是一個多元一次方程 x+y+...+z = 762

有無窮多個解。

但是限制在所有的字符都在20-176之間，這個就需要猜了。我們需要首先知道password的長度，我們先算一個平均值。試探得知762/6=127發(fā)現(xiàn)是DEL字符，不可見。

762/7 = 108，是字符l, 762%7 = 6, 108+6 = 114,字母r,所以我們的密碼可以為llllllr

python源碼如下：

from?__future__?import?print_function
str?=?"""296.294.255.268.313.278.311.270.290.305.322.252.276.286.301.305.264.301.251.269.274.311.304.
230.280.264.327.301.301.265.287.285.306.265.282.319.235.262.278.249.239.284.237.249.289.250.
282.240.256.287.303.310.314.242.302.289.268.315.264.293.261.298.310.242.253.299.278.272.333.
272.295.306.276.317.286.250.272.272.274.282.308.262.285.326.321.285.270.270.241.283.305.319.
246.263.311.299.295.315.263.304.279.286.286.299.282.285.289.298.277.292.296.282.267.245.304.
322.252.265.313.288.310.281.272.266.243.285.309.295.269.295.308.275.316.267.283.311.300.252.
270.318.288.266.276.252.313.280.288.258.272.329.321.291.271.279.250.265.261.293.319.309.303.
260.266.291.237.299.286.293.279.267.320.290.265.308.278.239.277.314.300.253.274.309.289.280.
279.302.307.317.252.261.291.311.268.262.329.312.271.294.291.291.281.282.292.288.240.248.306.
277.298.295.267.312.284.265.294.321.260.293.310.300.307.263.304.297.276.262.291.241.284.312.
277.276.265.323.280.257.257.303.320.255.291.292.290.270.267.345.264.291.312.295.269.297.280.
290.224.308.313.240.308.311.247.284.311.268.289.266.316.299.269.299.298.265.298.262.260.337.
320.285.265.273.307.297.282.287.225.302.277.288.284.310.278.255.263.276.283.322.273.300.264.
302.312.289.262.236.278.280.286.292.298.296.313.258.300.280.300.260.274.329.288.272.316.256.
259.279.297.296.283.273.286.320.287.313.272.301.311.260.302.261.304.280.264.328.259.259.347.
245.291.258.289.270.300.301.318.251.305.278.290.311.280.281.293.313.259.300.262.315.263.319.
285.282.297.283.290.293.280.237.234.323.289.305.279.314.274.291.309.273.294.249.283.262.271.
286.310.305.306.261.298.282.282.307.287.285.305.297.275.306.280.292.291.284.301.278.293.296.
277.301.281.274.315.281.254.251.289.313.307.244.256.302.301.317.305.239.316.274.277.296.269.
305.301.279.287.317.284.277.305.298.264.304.286.273.275.293.309.286.282.240.287.239.268.269.
267.315.311.292.270.271.272.336.282.237.275.316.306.239.305.314.240.296.306.270.247.245.302.
317.316.241.291.310.266.274.274.313.288.262.319.280.276.238.297.295.287.285.288.301.272.275.
247.305.292.286.272.310.291.301.322.256.315.298.263.281.276.237.294.284.296.284.302.273.298.
287.298.301.265.305.270.315.278.283.302.287.263.270.345.258.270.266.302.309.262.260.277.327.
263.277.254.283.276.239.272.264.276.279.264.267.298.264.244.245.273.292.289.273.248.259.263.
288.290.294.210.288.268.311.318.312.242.285.293.216.262.276.340.292.299.275.259.293.311.234.
266.294.278.307.286.267.307.285.269.310.288.274.270.326.273.276.311.304.267.302.318.265.299.
263.283.248.257.314.288.321.321.236.284.283.227.320.312.246.261.289.316.288.263.312.241.265.
288.298.286.287.274.306.279.276.289.307.303.293.281.298.317.252.312.283.278.263.304.305.258.
266.270.294.286.293.290.291.291.258.254.282.282.283.313.268.282.316.310.299.254.264.234.296.
270.265.326.288.292.293.321.305.250.320.299.253.270.296.297.298.266.312.234.273.287.309.286.
278.269.279.316.284.276.234.293.255.267.242.253.318.270.246.278.292.285.282.314.266.292.286.
263.313.249.290.255.289.264.292.301.299.278.291.292.225.250.261.283.303.262.264.264.303.299.
297.274.288.267.293.316.320.317.233.303.258.302.271.283.323.247.279.268.312.269.297.313.280.
280.273.266.332.276.313.284.281.316.279.290.273.313.308.305.260.302.306.273.234.279.281.284.
298.278.259.290.314.275.264.339.293.322.266.261.296.306.277.275.311.284.270.318.259.249.286.
292.301.285.280.303.283.287.299.277.273.293.228.311.283.272.304.292.277.271.306.302.278.298.
300.287.281.309.243.272.279.282.300.291.295.284.285.252.291.251.285.283.245.250.252.318.298.
277.235.288.259.263.278.274.307.261.260.350.250.288.256.282.316.261.285.295.292.300.298.264.
245.241.308.301.261.253.289.264.267.300.262.248.287.257.266.275.287.297.320.287.264.279.297.
232.231.256.288.243.252.277.274.245.256.253.229.290.263.305.278.260.294.312.283.301.275.276.
299.297.312.275.282.294.272.228.302.324.257.261.286.326.280.283.316.294.254.258.275.264.236.
240.277.255.231.258.286.242.277.253.296.290.250.314.320.239.292.313.261.294.261.317.273.285.
236.292.282.271.264.297.300.272.308.299.300.269.301.269.317.284.286.262.315.276.279.328.269.
254.252.232.272.268.309.273.264.296.305.272.267.291.324.302.297.268.268.263.298.300.261.312.
241.254.299.280.263.292.260.301.311.317.297.248.314.272.293.298.281.298.276.311.291.297.318.
261.274.300.293.297.267.295.261.275.334.289.238.267.289.283.257.300.262.304.311.278.274.265.
261.345.301.296.270.273.299.289.274.272.313.282.268.320.287.320.270"""
text?=?str.split('.')

acc_list?=?[]
for?i?in?range(0,?len(text)-2,?3):
????x?=?int(text[i])+int(text[i+1])+int(text[i+2])
????acc_list.append(x)
print(len(acc_list))
print(acc_list)
print(max(acc_list))
print(min(acc_list))

passwd?=?"llllllr"
pass_acc?=?0
for?j?in?range(0,?len(passwd)):
????pass_acc?+=?ord(passwd[j])
#the?first?word?is?"Samuel",?so?pass_acc?=?845?-?83?=?762
for?i?in?range(0,?len(acc_list)):
????print?(chr(acc_list[i]-pass_acc),?end='')

運行可以發(fā)現(xiàn)打印出來的解密email如下：

Samuel Smith

Thank you for looking the other way on the increased levels of toxic chemicals in the river running alongside our industrial facilities. You can pick up your payment of $20,000 in the mailbox at the mansion on the corner of 53 and St. Charles tomorrow between the hours of 3:00am and 5:00am.

Thank you,

John Sculley
ToxiCo Industrial Chemicals

現(xiàn)在就可以發(fā)送message給ToxiCo_Watch了。

點擊網站用戶名下面的HTS Messages Center，然后點擊右面的Compose鏈接，會看到send message，然后就可以發(fā)送message了。