HNCTF题解-Crypto

[Week1]baBAbaseSEse

base全家桶，base92，91，85，64，32，16

flag为NSSCTF{th3re_1s_als0_b4se_36_45_58_62_100}

[Week1]A dictator

lzw_uswksj_uahzwj_ak_gfw_gx_lzw_egkl_tskau_udskkausd_uahzwjk

凯撒密码，18位偏移

the_caesar_cipher_is_one_of_the_most_basic_classical_ciphers

[Week1]littleprince

我借助的在线网站结合爆破出来的，方法有点笨，但是可以出来，在线网站可以规划出他们的相关函数，然后就可以一个个爆破而出

def enc(a,b,c):
    return a>>b|(a&((1<<b)-1))<<(c-b)
def outp(x,h):
    p=randint(1<<h,1<<h+1)
    q=randint(1<<h,1<<h+1)
    c1,c2=x%p,x%q
    print(p,q,c1,c2)
m=bytes_to_long(flag)
m_len=m.bit_length()
d,h,st=32,16,32
r=m_len%d
assert(r>h)
while st<=m_len:
    x=enc(m,st,m_len)
    x>>=(m_len-d)
    outp(x,h)
    st+=d
m>>=(m_len-r)
outp(m,h)

这里其实就是对每32位操作，也就是从最右边到最左边，然后一一加密，理解出这个就可以进行解密，我是采用爆破，具体算法没有分析

得出flag为nssctf{Y0u_kn0w_one_l0ves_the_sunset_when_0ne_is_so_sad}

[Week1]baby_rsa

from Crypto.Util.number import bytes_to_long, getPrime
from gmpy2 import *
from secret import flag
m = bytes_to_long(flag)
p = getPrime(128)
q = getPrime(128)
n = p * q
e = 65537
c = pow(m,e,n)
print(n,c)
# 62193160459999883112594854240161159254035770172137079047232757011759606702281
# 17331436837911040930486942133359735652484926528331507431552667656734821231501

常规rsa题解，分解p，q就行了，代码就不详细写了

[Week1]你想学密码吗？

执行代码就行了

[Week1]XXXOOORRR

from flag import flag
from Crypto.Util.number import *
import os

randBytes = [bytes_to_long(os.urandom(64)) for _ in range(3)]
m = bytes_to_long(flag)

print(f'a = {randBytes[0]}')
print(f'b = {randBytes[0] ^ randBytes[1]}')
print(f'c = {randBytes[1] ^ randBytes[2]}')
print(f'd = {m ^ randBytes[0] ^ randBytes[1] ^ randBytes[2]}')

'''
a = 1215421974111272707828609697064234072332368362928440865251897449605952163161176359366553487776268706107760670434157083936287598207881176904763353849369234
b = 10533604054267448009117468094542127075826310122733511023911022436253583775790861879410728001403728088545946257902341417532648419689212361977221573357292618
c = 6401236597601556248960570084212025183497657335932789785351897915858852832577623776212842429736547820800219382515052263929074210010546149322465536545021479
d = 5711309307698496426409561761492698639489294806611133698231840146911562848869711567477706456972659368849642409039245400981517493100724067475248620536111560
'''

了解异或的性质就行了

from Crypto.Util.number import *
import os



a = 1215421974111272707828609697064234072332368362928440865251897449605952163161176359366553487776268706107760670434157083936287598207881176904763353849369234
b = 10533604054267448009117468094542127075826310122733511023911022436253583775790861879410728001403728088545946257902341417532648419689212361977221573357292618
c = 6401236597601556248960570084212025183497657335932789785351897915858852832577623776212842429736547820800219382515052263929074210010546149322465536545021479
d = 5711309307698496426409561761492698639489294806611133698231840146911562848869711567477706456972659368849642409039245400981517493100724067475248620536111560

print(long_to_bytes(a^b^a^b^c^a^d))
NSSCTF{XOR_ha5_many_propertie5_and_thi5_i5_ju5t_one_of_them}

[Week1]爱妃

from secret import flag
from random import getrandbits
from string import *

def encrypt(message,a,b,m):
    return bytes([(i*a+b)%m for i in message])

a,b = getrandbits(4),getrandbits(8)
print(f'c = {encrypt(flag,a,b,1<<8)}')

# c = b'y\xba\xba\xea\xc7\x11\xc2\xc7\xcb\xd8ZV\xd8ZVp\xb1\xb1\xd8\x19\xa4V\xa4\x19\x8aM\xa83g\xd8&\x19\xdc'

仿射密码

求出a，b

r a in range(2**3,2**4):
    for b in range(2**7,2**8):
        if encrypt(b'NSSCTF',a,b,1<<8)==c[0:6]:
            print(a)
            print(b)

写逆向解密

from string import *
import gmpy2
c = b'y\xba\xba\xea\xc7\x11\xc2\xc7\xcb\xd8ZV\xd8ZVp\xb1\xb1\xd8\x19\xa4V\xa4\x19\x8aM\xa83g\xd8&\x19\xdc'
messaget=b'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-{}_'
def encrypt(message,a,b,m):
    return bytes([(i*a+b)%m for i in message])
from Crypto.Util.number import *
a=13
b=131
m=1<<8
def decrypt(message,a,b,m):
    return bytes([(i-b)*gmpy2.invert(a,m)%m for i in message])
print(decrypt(c,a,b,m))
NSSCTF{This_is_affine_encryption}

[WEEK2]littleLattice

简单格密码

h = 26523576589113781532769165293024254940419790396713708680496148398686334583553504180195363282085884580924842673123375450894537445679687851322807762432476357713740302064160599132450619363411158141423252170448770929403179895813409897048848337375715079396639330537231353596884530617911351334318435031007342479134081403319324838464987064025256038807217697133175585927493402963025439540077915248356077623612217525231722274634984400273765262532561558296870531741633238736650375250957780701118781183335729715295271752736307479795186963108377228330313771245434127095507278278768792281414702334956407755841000748255424212840137
p = 29908110980126088961686288727545150169450107297750996656924523214377817308111189721234667959695817050736874247951762130190209278324144437406652857446810518839546701950883392761869656586963587376306050382973323860395932741791372333809871487575268245618618143456971257992301722141464238875859134379745122404533776003095129169004284619647906206323263396219776072091827094295366090100037898314156271404760715453914459484087562963158208356228410105170495322276351631637885450926240143055767142216931354736779666836018983658010126520397012025067407223630891975504746697630878807952266767406899527721170062789607980517722293

L = matrix(ZZ, [[1, h],[0, p]])
v = L.LLL()[0]
print(v)

然后带进去就行了

print('NSSCTF{' + md5(bytes.fromhex(hex(f+g)[2:])).hexdigest() + '}')

[WEEK2]Chaos

先逆向一下，求出被打乱的明文

c1=b'\r?\xd7\xde\x8f(\xd8\xce-\xe91_*2\xdfJ{\xfe\xe6\xc8\xcf\x08\xfd\xb6\x7f\xe1<\xbby\xa4\xdc6YVVWPPRPUPTSQHW__WUQT'
print(c1[33:53])
c2=c1[33:53]
#for i in c2:
    #print(chr(i^102),end='')
t='001664636257.1991372'
s='NSSCTF{'
random.seed(md5((s+t).encode()).hexdigest())
rnd = [random.getrandbits(8) for _ in range(33)]
#for i in range(33):
 #   print(chr(c1[i]^rnd[i]),end='')
 flag='NcnSmPiltSetTniFJw}akhtaC{_s_iu__'

求出打乱的明文，然后要找出key，因为NSSCTF{}位置固定，然后可以爆破出密钥位置

from itertools import permutations
lst = [''.join(p) for p in permutations('23456789')]
for i in tqdm(range(len(lst))):
    lst1=lst[i]
    k1 = [1]
    for j in lst1:
        k1.append(int(j))
        if len(k1)==9:
            enc = 'NSSCTF{flagflagflagflagflagflagf}'
            for i in range(128):
                h = [[enc[j] for j in range(i[1], len(enc), len(k1))] for i in[_ for _ in sorted(zip(k1, range(len(k1))))]]
                enc = mix(enc,k1)
                if enc[25]=='{'and enc[18]=='}' and enc[24]=='C'and enc[12]=='T'and enc[15]=='F' and enc[3]=='S'and enc[9]=='S':
                    print(k1)
                    

最后跑一下就行了

import random
from functools import reduce
from tqdm import tqdm
from time import time as tm
from hashlib import md5
'''
k=[1, 2, 3, 4, 5, 6, 7, 8, 9]
print(len('NcnSmPiltSetTniFJw}akhtaC{_s_iu__'))
mix = lambda msg,k:''.join(reduce(lambda a,b:a+b,[[msg[j] for j in range(i[1],len(msg),len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]]))
#[[msg[j] for j in range(i[1],len(msg),len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]]
enc1='NcnSmPiltSetTniFJw}akhtaC{_s_iu__'
enc='NSSCTF{flagflagflagflagflagflagf}'
for i in range(128):
    h = [[enc[j] for j in range(i[1], len(enc), len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]]
    enc = mix(enc,k)

enc='NcnSmPiltSetTniFJw}akhtaC{_s_iu__'
h1 = [[enc[j] for j in range(i[1], len(enc), len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]]
print(enc.index('F'))
k1=[1]
'''
'''
from itertools import permutations
lst = [''.join(p) for p in permutations('23456789')]
for i in tqdm(range(len(lst))):
    lst1=lst[i]
    k1 = [1]
    for j in lst1:
        k1.append(int(j))
        if len(k1)==9:
            enc = 'NSSCTF{flagflagflagflagflagflagf}'
            for i in range(128):
                h = [[enc[j] for j in range(i[1], len(enc), len(k1))] for i in[_ for _ in sorted(zip(k1, range(len(k1))))]]
                enc = mix(enc,k1)
                if enc[25]=='{'and enc[18]=='}' and enc[24]=='C'and enc[12]=='T'and enc[15]=='F' and enc[3]=='S'and enc[9]=='S':
                    print(k1)
'''
k=[1, 6, 8, 5, 9, 7, 2, 4, 3]
mix = lambda msg,k:''.join(reduce(lambda a,b:a+b,[[msg[j] for j in range(i[1],len(msg),len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]]))
enc='NcnSmPiltSetTniFJw}akhtaC{_s_iu__'
for i in range(128):
    h = [[enc[j] for j in range(i[1], len(enc), len(k))] for i in [_ for _ in sorted(zip(k, range(len(k))))]]
    enc = mix(enc,k)
    print(enc)
    #NSSCTF{Just_within_a_Planck_time}

[WEEK2]RSA again

常规rsa

import gmpy2
import libnum
def de(c, e, n):
    k = 0
    while True:
        mm = c + n*k
        result, flag = gmpy2.iroot(mm, e)
        if True == flag:
            return result
        k += 1
n = 19920284552214772740140135352548541831031690920425912140961436065508824546041514076016684238261995522677433833330399269923572993489681770913908642529489382472548548664350078176417366141695108301338793624641102311886122714705781923892243561473766978666116035403145672686443197319003393949350402512739343998236331447680561106899174404316265329944969786438022711742891334905159259854026408058542492105569778656883811323759583727586331462200020945101286801110840081277963013591342157754264111051785385892113635682519079401538045775697382691195557344630571694510115674941400112478156619785019370731073096018975390492287333
c = 1752041777918702842605810950957832076618830231626916748933875881505173164404519153781007066742915517004902508987841695668088780745675304779496841107726530280651344357647334690721873124324358539328142005709830859468027528835981960873390785515876157664035579935532043154959183555353553164481674735512873428044452976229459806219115571797514157279125
e=3
m=de(c,e,n)
print(m)
print(libnum.n2s(int(m)))
NSSCTF{Key_should_not_be_too_small}

[WEEK2]strange RSA

from Crypto.Util.number import *
from secret import flag

pad = lambda x:x + bytes([16 - len(x)%16] * (16 - len(x)%16))
m = bytes_to_long(pad(flag))
p = getPrime(100)
q = getPrime(100)
n = p*p*q*q
e = 0x10001
c = pow(m,e,n)

print(f'n = {n}')
print(f'c = {c}')
print(f'e = {e}')

'''
n = 564070152909085514893862673848191100242629745476416876533996976389897932324860687952230733393080567203972999049426141761
c = 269509453821913281608300827585653465889617103481995203776655691658799441157871331220899710463748827149644657719450056013
e = 65537
'''

和强网杯的ASR类似，先分解n，之后对phi处理

import gmpy2
from Crypto.Util.number import *
import sympy
p = 709662686105519282917793669093
q = 1058314117179226194777612760717
n = 564070152909085514893862673848191100242629745476416876533996976389897932324860687952230733393080567203972999049426141761
c = 269509453821913281608300827585653465889617103481995203776655691658799441157871331220899710463748827149644657719450056013
e = 65537
phi=(p-1)*(q)*(p)*(q-1)
d=gmpy2.invert(e, phi)
m=pow(c,d,n)
print(long_to_bytes(m))
NSSCTF{You_should_use_tool}

[WEEK2]solve_the_equation

解方程呗

from Crypto.Util.number import bytes_to_long, getPrime
from gmpy2 import *
from flag import flag
m = bytes_to_long(flag)
p = getPrime(2048)
q = getPrime(2048)
n = p * q
e = 65537
gift = 2022 * p + 9 * q + 28 * e
c = pow(m,e,n)
print(n,c,gift)
# 559013759419746202691240598235115105126834606071307611491891982898293133657843987454339580258031532272691584368719342942404675509580909313170933925796189789232538297110756754383546447669571766593521267667716779348776308179675709803388978100416839504625045239819627379469827980589668625084314985969634985583431058156810528172627873121320455715399011186280324236548934145366222271636328254497851289112650375015433741699898290781472376090171361276557886637892800404830030548291487615566596504234212554381817510798554015481259307992175226543595948798873846335558746933940683482819439715578130806800536423771482474206047548549237879025655562739463111822524633757040958223066367993671472508367287181357997804485542311011003871312708995599690715923692968372474814753669031805664070760705148563294700043336457334028810890271434599241312612447640877347296648737167576464851763570272180801042067934843953206083053874624644994067168364645748243999074053494066054657595233970985982095621265309066132852511490426399921749091156312387594448586826952283581592003247165562367202134878625798756167825941929996806801073247649667626854029875184014003650020610359836971629737204456239324237077361643697429780638179887750984791035339697744210904151734797
# 73407318923483936681380982096598838839602514018601041044571793373013418096970487001956204920233481604663088115926046001478564679328045899017826536373925483312496867862798918521256833686293905627264784839084309695013473729502056597198558911052248943918139429481528120149662544426266704140382476129564563832751550189116712164319522536680400998100426969878312141399338984622535922004572374724499994480294086487511972287034778386491943792466926044305651852709046949243652756946391206931252732067537917128777152678266816232179411054474713462051435447023851233892017069674808619784767176865947753180156093197684363218543237706358137237603822953178987601908200096630034921280599733190041134038060644827637374731999991143342404380959195318030935855850625849684867326087432054830971960076859722417639414733054394674533018860606074648324450983897579183842853010968597034663149214229791831193351337193195298921766564073265470525286769595835642479920483047959570057149110246705969802722576770273329236163660486942433423522588321736639231667766680582482974393228214947178327111783901303686854030864244720750585928819691608599558058859371899416709995780300197269497143959726959313506292966639680257096421491364629690813416340577056873916752193925
# 63829120016023768052886024054478552450378183173692549289836790500844466624984770449526584263524969873611417764466777251459739549064993441916734929304056657281688756040121378172997367361118927461471925755841160032723693319039128805185488328610549652307644061769088611063117016010827595409949224043526660999362737741312450095192593608666286680915796697255817583078927076945852260612453896867746751729217633935143780193497702898684210698859292191506586139420497299988065973759272644964857853100511651254633164029275099534568064491202987945733565755982565356202756330311841048849063747767451397616638500281324618902190280761

import gmpy2
from Crypto.Util.number import *
import sympy
n=559013759419746202691240598235115105126834606071307611491891982898293133657843987454339580258031532272691584368719342942404675509580909313170933925796189789232538297110756754383546447669571766593521267667716779348776308179675709803388978100416839504625045239819627379469827980589668625084314985969634985583431058156810528172627873121320455715399011186280324236548934145366222271636328254497851289112650375015433741699898290781472376090171361276557886637892800404830030548291487615566596504234212554381817510798554015481259307992175226543595948798873846335558746933940683482819439715578130806800536423771482474206047548549237879025655562739463111822524633757040958223066367993671472508367287181357997804485542311011003871312708995599690715923692968372474814753669031805664070760705148563294700043336457334028810890271434599241312612447640877347296648737167576464851763570272180801042067934843953206083053874624644994067168364645748243999074053494066054657595233970985982095621265309066132852511490426399921749091156312387594448586826952283581592003247165562367202134878625798756167825941929996806801073247649667626854029875184014003650020610359836971629737204456239324237077361643697429780638179887750984791035339697744210904151734797
c=73407318923483936681380982096598838839602514018601041044571793373013418096970487001956204920233481604663088115926046001478564679328045899017826536373925483312496867862798918521256833686293905627264784839084309695013473729502056597198558911052248943918139429481528120149662544426266704140382476129564563832751550189116712164319522536680400998100426969878312141399338984622535922004572374724499994480294086487511972287034778386491943792466926044305651852709046949243652756946391206931252732067537917128777152678266816232179411054474713462051435447023851233892017069674808619784767176865947753180156093197684363218543237706358137237603822953178987601908200096630034921280599733190041134038060644827637374731999991143342404380959195318030935855850625849684867326087432054830971960076859722417639414733054394674533018860606074648324450983897579183842853010968597034663149214229791831193351337193195298921766564073265470525286769595835642479920483047959570057149110246705969802722576770273329236163660486942433423522588321736639231667766680582482974393228214947178327111783901303686854030864244720750585928819691608599558058859371899416709995780300197269497143959726959313506292966639680257096421491364629690813416340577056873916752193925
gift=63829120016023768052886024054478552450378183173692549289836790500844466624984770449526584263524969873611417764466777251459739549064993441916734929304056657281688756040121378172997367361118927461471925755841160032723693319039128805185488328610549652307644061769088611063117016010827595409949224043526660999362737741312450095192593608666286680915796697255817583078927076945852260612453896867746751729217633935143780193497702898684210698859292191506586139420497299988065973759272644964857853100511651254633164029275099534568064491202987945733565755982565356202756330311841048849063747767451397616638500281324618902190280761
e=65537
p,q=sympy.symbols('p q')
a=sympy.solve([p*q-n,2022 * p + 9 * q + 28 * e-gift],[p,q])
print(a)
p=31488299927163782375594305784598354985055343576902151378139638110290196067918972709864013036909993584566357500427488971564319756822589646977081872239028723217808372250207143372686512583814138881980368846428364451724191019810210583450208745323418623199057207740178726519465136933610452840086315545766227500114368026151391214297362847972215483754128409704386255997220347329566039222555930464490406419002226257326118774942404683970363544788642504594073256844610344691049585870560973659315882902006631997716334351866723219577903275769313404136367236735062099234386473703566068495328080598914833401280780692803508570349879
q=17753062588733343270481973113408741177364273466266578137604693537521130628067514464616655876995871735360322066932727884076111196635241747675042626304508770586691927800281585936137657405193182456402216484778567926375452998098111716574027285177466244350043079827469560084278792340806640810521556665260999347942843603815228875925103340718552529438783648172063716949726071718858811605089496505238883332792493647818670062684514188459512366295227468596668231188353669195967903222039580635681985850471261694526218866731687175727118621937360285536800367141087950091875609247828705723374310716178275472084635608436063660110043
phi=(p-1)*(q-1)
d=gmpy2.invert(e, phi)
m=pow(c,d,n)
print(long_to_bytes(m))
NSSCTF{S4g3_is_4_g00d_thing}

[WEEK2]hash

老套路题目了，最近比赛很多见，写个交互就行了

from hashlib import *
from pwn import *
import itertools
strings=string.ascii_letters + string.digits
def proof_of_work(end,sha):
    num=4
    strings_list=itertools.permutations(strings,int(num))
    for start in strings_list:
        start=''.join(start)
        if sha256((start+end.decode()).encode()).hexdigest()==sha.decode():
            print(start)
            return start
ip='1.14.71.254'
port=28759
io=remote(ip,port)
context.log_level='debug'
io.recvuntil('sha256(XXXX+')
message=io.recvuntil('\n')[:-1]
end=message[:16]
SHA=message[-64:]
xxxx=proof_of_work(end,SHA)
io.sendafter('Give me XXXX',xxxx)
io.recvuntil('You get flag!')
print(io.recvlines(2))

[WEEK2]S1mple_ECB

了解ecb的性质，是拼接的，取前32位和后32位，分别解密就行了

难度不大

[WEEK2]a_big_water_problem

sage一把梭

p=1909085838901160004148366390307428971507303404468754423228343787769448200442038361348125740523088751663337211595662597150812621519152229037912543068209
t=1722797706292328891382841146705672635973386450156658022578860976717568774388136853606026526614826060041480340908970565567375361451272929245900841087253
PR.<x> = PolynomialRing(Zmod(p))
f=x*x-t
print(f.roots())
from Crypto.Util.number import *
print(long_to_bytes(2552829431219639078757092213205613607180492987942875443078188655619852649786182396933825962365))
NSSCTF{There_is_no_flag_here_get_away!}

[WEEK2]md5太残暴了

常规的md5爆破

import hashlib
plaintext = 'flag{#00#_P4ssw0rd_N3v3r_F0rg3t_63####}'
md5 = 'ac7f4d52c3924925aa9c8a7a1f522451'
h='ABCDEFGHIJKLMNOPQRSTUVWSYZ'
z='abcdefghijklmnopqrstuvwsyz'
t="0123456789"
y=[]
h1=''
for m in t:
    for a in t:
        for b in t:
            for c in t:
                h1=str(m)+str(a)+str(b)+str(c)
                y.append(h1)


for z in y:
            plan='flag{G'+str(0)+str(0)+'d_P4ssw0rd_N3v3r_F0rg3t_63'+z+'}'
            m = hashlib.md5()

            m.update(plan.encode("utf-8"))
            psw = m.hexdigest()
            if psw[0:4]=='ac7f':
                print(plan)
                flag{G00d_P4ssw0rd_N3v3r_F0rg3t_638291}

[WEEK2]mathRSA

解方程一把梭

import sympy,gmpy2
from Crypto.Util.number import *
n = 76236418318712173274495941060488893810931309177217802334230599201457092723011685048556311576262486371987147895332408646920500226769161418792142565209634495797142268681403865426056588605013602625268553194169434049817172340173907696496945054049859221379092764811535206778031226535614731731322630330166833765943
e = 65537
c = 7207616060389865156270906240837846478541820008527247539698331406253371238674590766101711421196342768182325013873320402422918804780590951789425587131632422554819735000106070325708057225062376701298825910565526713270553888227235612227223162695870584803109353377288421750982913226189395526612487664144379690552
h = 130285072635228037239175162118613869214302695058325046962039091162567931492116336918638092534964417960274466351834311039222269165021532950982276262717322395682559639859781516047319178212473103057947426886870612637975024605166325017663998263834789814181250953051730859433354534450232382414565421858172075431133498326501045697132640582932453817599366612200146802110424409285814189125929844293789544163802323048780585398714263586547670912817768592459281775837372982750626103047573532664320692775783627129463700810934670066747044799514243631607384814191188276380589420289084574680852618867732847029105400406874790675559126905078326495799755425006555539699119063191489852930421412630857588890593040420277938268954008973405431053073576987401154763326417551463323055736754390446
p,q=sympy.symbols('p q')
a=sympy.solve([p*q-n,p**5 - q**4-h],[p,q])
print(a)
p=10543357481374908938696626650832667304979816176891429562773232136754485382413647547320866232418359800743787286242710171986152592431595912519025867918658127
q=7230753434414569972828808651891325142186523078619542872286840414394373161212272545789342965212718184298307353595004152854764254216044770456139231711296409
phi=(p-1)*(q-1)
d=gmpy2.invert(e, phi)
m=pow(c,d,n)
print(long_to_bytes(m))
flag{6d21f18a-831d-4834-8cef-5e47218bc3ce}

[WEEK3]Binomials

二项式定理的简单运用

from Crypto.Util.number import *
import sympy,gmpy2
N = 0xa65149a38fe4784da050db9390c5cc5d4b9ef376b40e6919b487aadec0bd4c6e683205f3bf1d6bb51fceb9e14965305183229184ec69b4e22b467ad2c08337e81a54219dd40160c9d84a4abdf95e05121a11737570b0924ed8941390a3e1fae259f745b76f4a0a23ece5cbcbda5269d7312329b105cd255d2a2ffaf905d32b6b42e64f1bd67039f526789e9065b41a9426a1e9a6e65746af7c4ca343ddbf1392073b566a37c2e66edeef47ecc4629dee6fa4f5dc839ffa6b2647eb0b6dced42bff46653e7205bf37e89d4c417fd41cf8d315448e593f08e2d1e8d7c4b299ce35f59bf45830f9efdaaf51f726e4466ef0fb583d8c6285b6a04477eba429a7fb81

c1,c2 = 0xa371721c01ab221a30fcf761b3a22cff4cb3401eb76db69743cba2d24225fe3edf05053674039928cf3a2e1ddc58f03cc90c3837cd43281b228952d5c28c5798092550176362fe6474b2f7e8c3af328999688161322d218e39a168dea95c1581ad0c367ce969f1f6531fe12240417350d0b1c7c9b257d261c91548dff2a4f15678585745e0adf9215997dc590999feb03bd32889e92688d2d30ff73edcb67791726f9e0eac9480d48e4e37bfd268fd22200534ece8e3eb59504c8bb4aa6e7153c8476655ee01d5a624f77a6c5149eacd6783ce894798467b2ecefa4199ce40d009817053f6816d36c2dcf985092ef56f2589571fead26e15640add0bc1a885a6,0x2ce039abd666a05b18f2831caca34a6800c495e439553ef40ceed62e881bc23b69b8f7526b57fef2b5fe7299173e5c271e934cb9240b1b5b5a18590be50b6359f5cd08d08607aaa039a37eabebb722dcc85449e335f96d580f936ec9e406b0be5298f8b5244155534a15db5cc8f24abad4acb6bbb83095bd151ef9dd2102a81865e2bb7e705d7f1a8a39f51c3990e20740ff3724bd6c5d52098200a445bf604e477dc3f6e849d1e0021252c52755c8402601020041cdc6f2ffa4cc901ef5ef21e00417a2e586c7d66c65927b67c86f239abe6ee6456a122ef557812dafad26e00ef22069381b3a2755824a1e6e3eb3c5af62316adea1d9ecd64e4f06bbd8926d
c = 0x99b0b0a6a427ed9e3b757ed516f396e4f2f88712a6ff38b954d189aa46642e55fcf550f9e5b378523f98f969ba6a3e70baa13f71ca92b7d0bfc248b22b91ac586f48d930d5c8180acb466a438d4abe338d1fdb6e3521a1ffab07908882e6e245466de85b2469ba6d273a46672c151430a9d5cc0521bf6b648727d5f188662ee130315e92ded631b366de1302b7617b5d132d3732ff7f76c95e7bbbf8f6aca7b15c427b1814778cb5ab7d60b250a4ed718d9d72666220df76205d537fc2672bbf15ffe2c03bb92b2b6bec6ad1cd46862c6bdfa4b2d2c3ff09b5b2d68268078578d2404fdc61c71d7f3fc678530ebcd283ef5594c6ebe44ecd19ba70f517efe69b
e1 = 65537
e2 = 415031
a=pow(pow(3,65537,N)*c1,e2,N)%N-pow(c2,e1,N)%N
q=gmpy2.gcd(a,N)
p=N//q
phi=(p-1)*(q-1)
d=gmpy2.invert(65537, phi)
m=pow(c,d,N)
print(long_to_bytes(m))
b'NSSCTF{M4th_1s_int3res4in9}\x05\x05\x05\x05\x05'

[WEEK3]Shift

mt的源码

from Crypto.Util.number import *
flag=[2621989131, 3787180668, 3050712017, 2738150252, 2743015085, 1990056851, 3435226108, 3309324691, 2484065947, 2170352847, 17662838, 230793617, 4112227317, 3496092809, 3496092809, 3496092809]
def Shift(y):
    y = y ^ y >> 11
    y = y ^ y << 4 & 2636928640
    y = y ^ y << 5 & 4022730752
    y = y ^ y >> 14
    return y&0xffffffff

m = []
def Encode(msg):
    enc = msg
    for _ in range(114514):
        enc = Shift(enc)
    return enc
def inverse_right(res, shift, bits=32):
        tmp = res
        for i in range(bits // shift):
            tmp = res ^ tmp >> shift
        return tmp
def inverse_right_mask(res, shift, mask, bits=32):
    tmp = res
    for i in range(bits // shift):
        tmp = res ^ tmp >> shift & mask
    return tmp
def inverse_left(res, shift, bits=32):
    tmp = res
    for i in range(bits // shift):
        tmp = res ^ tmp << shift
    return tmp
def inverse_left_mask(res, shift, mask, bits=32):
    tmp = res
    for i in range(bits // shift):
        tmp = res ^ tmp << shift & mask
    return tmp
def nixiang(m):
    m = inverse_right(m, 14)
    m = inverse_left_mask(m, 5, 4022730752)
    m = inverse_left_mask(m, 4, 2636928640)
    m = inverse_right(m, 11)
    return m
def dncode(msg):
    enc = msg
    for _ in range(114514):
        enc =nixiang(enc)
    return enc
for i in flag:
    print(str(long_to_bytes(dncode(i))))
   #NSSCTF{Do_y0u_1ike_sssSS5SsSS55hifttt4Tt4tt44TTT}

[WEEK3]AnyoneIsOk

hint:from Crypto.Cipher import PKCS1_OAEP根据这个来

import Crypto.PublicKey.RSA as rsa
import gmpy2
from Crypto.Util.number import *
from Crypto.Cipher import PKCS1_OAEP
e = 65537
n_list = [0]*100
c_list = [0]*100
for i in range(0,100):
    with open("./attachment/{}.pem".format(i+1), 'rb') as x:
        public_key = rsa.importKey(x.read())
        n_list[i] = public_key.n
        # print(public_key.e)
    with open("./attachment/msg{}".format(i+1),"rb") as f:
        c = f.read()
        c_list[i] = bytes_to_long(c)
for i in range(0,99):
    for j in range(i+1,100):
        if(gmpy2.gcd(n_list[i],n_list[j]))!=1:
            common_f = gmpy2.gcd(n_list[i],n_list[j])
            n = n_list[j]
            q = n // common_f
            d = gmpy2.invert(e,(q-1)*(common_f-1))
            c = long_to_bytes(c_list[j])
            privkey = rsa.construct((int(n), int(e), int(d), int(q), int(common_f)))
            key = PKCS1_OAEP.new(privkey)
            flag = key.decrypt(c)
            print(flag)

[WEEK3]s1mple_block

简单爆破

flag='2d38235cef311735894a7ca5c2f77e3d30e7ee1f1f0eeb2d60771d97cde0695f'
from hashlib import sha256, md5
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad,unpad
import os, sys, signal
from Crypto.Util.number import *
from itertools import *
m='abcdef1234567890'
perms = [''.join(p) for p in product(m,repeat=4)]
per=[]
for i in perms:
    a=int(i,16)
    per.append(long_to_bytes(a))
for i in per:
    try:
        ciphertext = bytes.fromhex(flag)
        key  = md5(i).digest()
        cipher = AES.new(key, AES.MODE_ECB)
        decrypted = cipher.decrypt(ciphertext)
        if b'NSSCTF' in decrypted or b'nssctf' in decrypted or b'flag' in decrypted:
            print(decrypted)
    except:
        pass

[WEEK3]Base42？

逆一下代码

alphabet = "0123456789aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpP"
out="0gpnO5ffI310EEjF3LeHCf7LC7HnfhIN0LMK1E79Gdf1dFCN93nBL35eJfKMhkAM000000000000000008fb46HFH4pA4GKI"
out1=out[0:32]
out2=out[32:64]
out3=out[64:]
print(out1)#print(out2)
#print(out3)
import sympy
from Crypto.Util.number import *
btl = lambda a:sum((v*256**i)for i,v in enumerate(a[::-1]))
h=0
for i in range(len(out1)):
    if out1[1]=='0':
        continue
    else:
        h=h*42+alphabet.index(out1[i])
print(long_to_bytes(h))
h=0
for i in range(len(out1)):
    if out1[1]=='0':
        continue
    else:
        h=h*42+alphabet.index(out2[i])
print(long_to_bytes(h))
h=0
for i in range(len(out1)):
    if out1[1]=='0':
        continue
    else:
        h=h*42+alphabet.index(out3[i])
print(long_to_bytes(h))
b'NSSCTF{N0w_y0u_c4n_d3'
b'sign_crypt0_syst3m_by'
b'_y0urs3lf}'

[WEEK3]many_factors

先yafu分解

然后常规

from Crypto.Util.number import *
import gmpy2
n = 521**3 * 541 * 547 * 557**2 * 577 * 587 * 593 * 601 * 607 * 631**4 * 641 * 643 * 683 * 701**2 * 719 * 727**3 * 733 * 739**2 * 743 *757 * 761 * 769 * 773 * 787*2 * 809 * 821**3 * 863 * 877**2 * 881 * 907**5 * 919**2 * 929 * 937 * 953**2 * 967**2 * 991 * 997**2 * 1019
c = 3053043969587277731075013823380664207370991627277672374256662715889363487017560381573682876563907215099359894935326265406537547932246927604121814198201993671878573628633125
e = 65537
phin = 521**2*520*540*546*557*556*576*586*592*600*606*630*631**3*640*642*682*700*701*718*727**2*726*732*739*738*742*756*760*768*772*787*786*808*821**2*820*862*877*876*880*907**4*906*919*918*928*953*952*966*967*990*997*996*1018
d = gmpy2.invert(e,phin)
m = gmpy2.powmod(c,d,n)
print(long_to_bytes(m))
b'NSSCTF{3eea2df4-45e5-11ed-b29a-28d0eab06969}'

[WEEK3]babyCBC

字节反转攻击 hint:https://ctf-wiki.org/crypto/blockcipher/mode/cbc/#_8 查看源码后可知要使解密后的明文有Admin 下面是修改Guest的脚本

import json
import time
import binascii
from Crypto.Util.Padding import pad,unpad
from Crypto.Cipher import AES
key = b'tb\x01\xb7\xe4Vry\xa9+\xeaA\xc9k\x98\x96\xd0\x05%\xc0>m\xa6\xb9B\x93$\x065\xa6\x12\x82'
iv = b'U\x14$\xe8A1\xf56\x15\xd9%3J\xc9\xeci'
plaintext = 'flag{111451411111111111111111111113211231111111111111}'
payload = {'permission':'Guest','Time':f'{time.time()}','data':plaintext}
payload = pad(json.dumps(payload).encode(),16)
print(payload)
cipher = AES.new(key, AES.MODE_CBC, iv)
encrypted = cipher.encrypt(payload)
print()
data = encrypted.hex()
data = binascii.unhexlify(data)


cipher = list(data)
idx = 0
cipher[idx + 0] = cipher[idx + 0] ^ ord('G') ^ ord('A')
cipher[idx + 1] = cipher[idx + 1] ^ ord('u') ^ ord('d')
cipher[idx + 2] = cipher[idx + 2] ^ ord('e') ^ ord('m')
cipher[idx + 3] = cipher[idx + 3] ^ ord('s') ^ ord('i')
cipher[idx + 4] = cipher[idx + 4] ^ ord('t') ^ ord('n')
encrypted = bytes(cipher).hex()
print(encrypted)
ciphertext = bytes.fromhex(encrypted)
cipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = unpad(cipher.decrypt(ciphertext),16)
print(decrypted)

[WEEK3]partialP

高位攻击

# p = 9605964225476901441398365225327926616880072280289780777971846998748464126891804587377933727304510424852546683782576240573278202121547956666293242671661056
n = 96928253979490973984593903132811649229014718994486532280648145898877952846656019305217095845257550421730063527538581223570539203247068060192535543753763017716750817560470547219370972835770943358384150269303529653434434525449357699107332781898776312692702549420939758722366794431784782973884379040574148608179
e = 65537
c = 2226099021169425534206121605501718994593261953280046899345810118356590881389142531649792348146129153474985003929407172972982275439970723778495455838452638879586163957468972518078320159354264971816842073874550773309020013613432004074760802192607651584906352686468143648939740004838208640531785439362344039075
# kbits = 128
# PR.<x> = PolynomialRing(Zmod(n))
# f = x + p
# x0 = f.small_roots(X=2^kbits, beta=0.4)[0]
# print("x: %s" %hex(int(x0)))
# p = p+x0
# print("p: ", hex(int(p)))
# assert n % p == 0
# q = n/int(p)
# print("q: ", hex(int(q)))

e = 65537
c = 2226099021169425534206121605501718994593261953280046899345810118356590881389142531649792348146129153474985003929407172972982275439970723778495455838452638879586163957468972518078320159354264971816842073874550773309020013613432004074760802192607651584906352686468143648939740004838208640531785439362344039075
n = 96928253979490973984593903132811649229014718994486532280648145898877952846656019305217095845257550421730063527538581223570539203247068060192535543753763017716750817560470547219370972835770943358384150269303529653434434525449357699107332781898776312692702549420939758722366794431784782973884379040574148608179
from Crypto.Util.number import *
import gmpy2
p= 0xb768f99e33a5d8e8a3e1d4b605638b7a5f447e35d232c6b237b8ae4ec9bb417e36a09906d064cd8af7505f50d716460fc4e96336e8ca5b2fb9dfe9078c4c34ab
q=  0xc0a8f755654474cfba542d5568477f452d4a95ed1e646004b1dc91fdb17b5fbd3e77f84d4a25f73d0e0ef72e295743e90cea7e5e128638529b031e6c12681419

phi=(p-1)*(q-1)
d=gmpy2.invert(e, phi)
m=pow(c,d,n)
print(m)
print(long_to_bytes(m))

[WEEK3]pnearq

费马分解

from Crypto.Util.number import *
import gmpy2
e=65537
n = 19421904767367129549329507820147867763064747101931314714173717122035977491291441314433180813343755107381230481007143328156292096871675328839756035726106037229325380698967544660649710464634698425387682458721466040894830503881966355435442651493212040443436714597490121865537266815247879839020846287255634123530517095030752832857842819836940083915495464712363169428825344678729929317207583197980607919720642725221740680718976635305544368542563503440076036727388062097647374046378854873864505267644315352602271587283702733779081805129429479541906613334092422428543951370065910195162721686773383508480268145903016615151713
c = 16430654037742749931837577925393394466626615745270895225352757745284038922799868617243616416116392338428121605256850230862894296244375242336599929497221079420665154174930054597666915358687410522457846003186806053368237783147731665147575913322026626738697036282908055611350347494310666532700194563684837580022875526378181343082801716942536163583090541294011987732281942148455345223347021675781368596340860151253774597168954881987520338304516390785094435356412111780768446904948045448510663589654475221029009283144829902553888829840193614048967712676048740814622290029846433107762872806981599110271586325156855299974310
p=139362494120072096065216081618966249746574239262460284744468865719850996551067753709694109554061693572089871188264746799340636786772313403025084938651609422567995344046775583983367311974802321610889005077947700976481552283896499334735377828779462799614319016720722734724022186712293418763283488943785244226387
q=139362494120072096065216081618966249746574239262460284744468865719850996551067753709694109554061693572089871188264746799340636786772313403025084938651609422567995344046775583983367311974802321610889005077947700976481552283896499334735377828779462799614319016720722734724022186712293418763283488943785244226299
phi=(p-1)*(q-1)
d=gmpy2.invert(e, phi)
m=pow(c,d,n)
print(m)
print(long_to_bytes(m))

[WEEK3]smallRSA

yafu分解

n = 625718246679843150194146350359795658237410693353450690028041
c = 118795719073790634455854187484104547013000179946116068066473
from Crypto.Util.number import *
import gmpy2
e=65537
p = 813910604866037851538498611597
q = 768780063730500942699787302253
phi=(p-1)*(q-1)
d=gmpy2.invert(e, phi)
m=pow(c,d,n)
print(m)
print(long_to_bytes(m))

[WEEK3]AES

ECB模式 可以用前一个分组的密文当作key来解下一个分组的密文，这样得到的明文是部分flag,拼接即可

from Crypto.Cipher import AES
ct = b'\x179\xb8l\x97\xbew\xc2\xd5f~\x8e\xdc\xf2\x9b\xabR\xa9a\xd2\xf4\xde\xd6|\xd1\x9f\xe9q\x1d\xfcm\xfbj\xe9\x9e\xab\xf5fL\xb3\xb5_\xa5\x16\x8e\x7f\x9fV`\x8b\x16\xa1\xa6)\x08\x97\x91\xbd3\x1d\xeb\\\x86\xa2\xd6\x94>\xf3\xfdt\xd9\x14\xf3\xfc\xe2\x02\xd6\xc4\xcfq"\x1a\x14~2]4\x9f\xc9\x88\xf8\x12\xb6\xa2\xd7\xec\x0b\x7f\xd4d\xdc\xc6\xb4]\x10u\xc6f\x97m\xccA\x82\x02\xa5gh\x85\x85Wz\xd9.\xff\x9bx\x99J\x0e\x86\x16\x90\xad\x1e\x17\x86\x95\xb8S\x17\xea\x93v\xd0'
out = []
for i in range(len(ct)//16):
    key = ct[16*i:16*i+16]
    cipher = AES.new(key, AES.MODE_ECB)
    next = cipher.decrypt(ct[16*i+16:16*i+32])
    out.append(next)
    key = next
print(out)

[WEEK4]random

预测伪随机

randcrack

from randcrack import RandCrack
rc = RandCrack()

with open("output.txt",'r') as f:
    data = f.readlines()

for i in range(624):
    rc.submit(int(data[i]))
for i in range(666-624):
    this_num =  rc.predict_randrange(0, 4294967295)
    print(this_num)
this_num =  rc.predict_randrange(0, 4294967295)
print(this_num)


c = '91fd1824ddc0a35e845e87f59e53a103334df418e6a65a7d7769699c3ca2119019361cd23a46a61d4e7f6cdff5f5200f586f90b66eabfd8ecff4ddf11ee444d37f80ada0bbe8af09e4fc32c1a51e3f29e2771b51c71d2ba4acb84fda61904b96'
iv = bytes.fromhex(c[:32])
r = this_num
key = bytes.fromhex(hex(r)[2:])
key = md5(key).digest()
cipher = AES.new(key,AES.MODE_CBC,iv)

print(cipher.decrypt(bytes.fromhex(c[32:])))

[WEEK4]square

e = 16 直接求出所有可能的根，然后解密成明文即可

from Crypto.Util.number import *
from gmpy2 import *
# n = 0xcaea4e2db0dc68029999cdad792fa1f9142117163af28f3230f7500ef748841554141ef35555ba23b95dc87f4c83f75dad14b6204dd4907fb75650fa7799def911f077b945f359e345bb9350c4a8268906c547e95e5819ef44ff124566a88fa2174ddfe3e895016df0036b59a50c6efb78724bde5d16a8a5cae45c918f329e462d10abe56ecdfae95bd13665260d0e8b648540d11f2447eef9aef3ea370faaecaab4c82ec1fe2bc83f2ce1b2793d95187eb2637e75700ba9745c253e928a4a603139dbf6b8bbf8111900a58be21a269992a9744c0284cf8f3ad7a3b95106d17af6baceac1acf543e425dc6317ab7f799a8ce19633b22e709eacb5d74ce4b56f9
# c = 0x2700a92e463d1c5da073b38d075a2da57c89ff9d658066c0bd38391cc60259a4fc992f1a6f1c5756d6e5934831fc0fbf7bfd85607f0d18781d30a4ab485e119af4f08b5fe7bf927aeaf7572b05dfec764d6ddda2b247b9f6b731300ece4209606d94c5708388d6e8efc1fa6e9c0cdda41cee95eb4a6b053b862fc43e55648973863f9874ee79ce4408277c9dc38fb26b44880e58f054b957c64fcf0d39c1fd496ad2fc5f5e5e70ba41422a4d945da299b5a695a4b7013a1f9ae1b629e395ffb0942d783d6e6be1f0888dfcb02d0aa1e9b7076e952a339bdc60f044f598afa2da28a4d7f094b959c8a8fefd5a11d10971cd681722f6868cf15a200cb910c591e1
#
# c= 0x2700a92e463d1c5da073b38d075a2da57c89ff9d658066c0bd38391cc60259a4fc992f1a6f1c5756d6e5934831fc0fbf7bfd85607f0d18781d30a4ab485e119af4f08b5fe7bf927aeaf7572b05dfec764d6ddda2b247b9f6b731300ece4209606d94c5708388d6e8efc1fa6e9c0cdda41cee95eb4a6b053b862fc43e55648973863f9874ee79ce4408277c9dc38fb26b44880e58f054b957c64fcf0d39c1fd496ad2fc5f5e5e70ba41422a4d945da299b5a695a4b7013a1f9ae1b629e395ffb0942d783d6e6be1f0888dfcb02d0aa1e9b7076e952a339bdc60f044f598afa2da28a4d7f094b959c8a8fefd5a11d10971cd681722f6868cf15a200cb910c591e1
# e = 16
# R.<x> = Zmod(n)[]
# f = x^e-c
# r1 = [int(i[0]) for i in f.roots()]
# print(r1)

m_list = [25615677894578755047156343445844436265410029831929516816331615976442311723531561327119120421902137698702653352454485089340848821437391616202141872920071595012903043917129450415132281907851460389644978646684609345443875666422198491448869630433730250869349508030370580903892239207884756374806258109492943540694025256336359221536523445463701649424494112650847740223587312753305758484739299091282445005021428673424732397006712358416313791876278338631941370485282183820941394817190803527812730459595063525543676864011831621261546685501816080758863765608285760956408604370742317675113279260023090820056964546946448729327594, 24072367155045049121538350559452436123760625674850036887400917611963001043425277658590765669098038279032511209656766731851112555056082333560946068560958136635450354184400845466823159542498565735578284414677938847565345435268619941467830506642234170223615472540060479482250736366661339782825842222750498295373524349825492103059453842032165892523230350122381720065998495626851241149502139264262580869523661467741485311344845519374629180329037981137465862020038414285296394747359446242328488668743848790524262574489753290227188557314524093509983688354857005768464595599040661333002861275422817830930045336538934525600036, 22410284915869332915517353475405301781361874997511620014765307716896609134768752598582584704665037725485578318861190319579404022449775594129425860979978888272443446324093514666314685424695000601786686561006052411264877076748054463659902146625722029484456473027960815036305882742747518983542532772826030995019547403388699014520255435093536041121723793417289085198882108642039061716629900663673185654638085326455126099981185733763692003629409489559712215078372884665625160603972308815617077592138575143204160714378785745066118022886827674355196815158593721675680283188298853358878159695139190175292207533127255034143712, 19073979249275923038893403197873802702942330898221412935002649745044628810289760160906684289522634756719764289365141953863154441618860322921339033977398137618850126299000852728420859130729324165431279514548481361259733142809124530477420924010397665965873357195354849848588229804376977984636683366863855736325383167291647351033039353473600211555662607490573852684908975665488806129740839801624701017800394009286759153911158126133388953551250607486734408238163212404235716911901582709861984044176063401493384378563087390984887945676907220888380393998115118953005740848277298983697518540266717111840324178318373259180622, 6541698645302832008262940247970633562467698933708103881328966231397682913241801166212436132379502941982889063089343135477694379818531293280802838942673457394052917618128597686711422777122136224213699132136127984184142523613073960971448706423332584903476150835015731055304009403507778390169574742629087804368703460732998669837597738720119482937031238843681810088915673826941865000058898348157163412745731930147221176216054781442545666046969521342926260834211384338749444032842775055037996717706324772768300639435331444465728608728138351824860891626691575771833819130630414042360017020843812450263396637265856188996779, 3205392978709422131638989970439134484048154834417896801566308259545702588762808728536535717237099973217075033593294769761444798987616022072716011940092706740459597593035935748817596483156459787858292085678556934178998589674144027788967483808008221384893035002409765867586356465137237391263725336666912545674539224635947006350381657100183653370970052916966577574942540850391609413169837486108678775908040612978854230146027173812242615968810639269948453994001712077360000340772048949282903169743813031057524303619633090384498531518217898358044470466212973049159276790608859667179375865971339386811513282456974414033689, 1543310739533705925617992886392000141649404157079479928930698364479310680106283668528354752804099419670142142797718357489736266381309282641195804359113458377452689732728604948309122365352894654066694232006670497878530231153578549981039123791496080645734035490310101421641502841223416591980415886742445245320562278199153917811183250161553801969463496211873942707826153865579429980297598885519283561022464471692495018782367388201305439269182147692194807052336182457688766197384911522571492093138539383737422443508665545223427997090521479203257597269949688956374964379867051693054674285687711731173675479045294922577365, 61371688286799334113646730018045068199733683407922550237336739124912645060439058499419425524697266009247933120500549159620827721941790197719298587092412922043766127553554237087250302287324648718008153986587214189069868903229491954377520016520933768430955608165395350944256301087438742046756268637780718849807]
for t in m_list:
    print(long_to_bytes(t))