AIS3 2024 pre-exam write up

第一次寫write up :D

misc

welcome[100]

略

Quantum Nim Heist[100]

一開始看code看很久都沒找到破綻，花超多時間在程式裡大海撈針，沒想到意外發現小漏洞，
反正就是讓值超出預期，但我其實不確定這做法的專有名詞(?
當他問which pile do you choose?的時候，
正常應該要回答是第幾pile，但如果什麼都不回答直接按enter或輸入-1，會發現可以直接跳過一回合，
直到最後一回合再記得把最後一個stones remove掉。

...

it's your turn to move! what do you choose?
+--------------------- moved ---------------------+
| you removed 2 stones from pile 1                |
+---+-------------- stones info ------------------+
| 0 | oo                                          |
| 1 | oo                                          |
+--------------------- moved ---------------------+
| i removed 1 stones from pile 1                  |
+---+-------------- stones info ------------------+
| 0 | oo                                          |
| 1 | o                                           |
+---+--------------- game menu -------------------+
| 0 | make a move                                 |
| 1 | save the current game and leave             |
| 2 | resign the game                             |
+---+---------------------------------------------+
it's your turn to move! what do you choose?        
+--------------------- moved ---------------------+
| you removed 1 stones from pile 1                |
+---+-------------- stones info ------------------+
| 0 | oo                                          | 
| 1 | o                                           |
+--------------------- moved ---------------------+
| i removed 1 stones from pile 0                  | 
+---+-------------- stones info ------------------+
| 0 | o                                           |
| 1 | o                                           | 
+---+--------------- game menu -------------------+  
| 0 | make a move                                 |   
| 1 | save the current game and leave             |   
| 2 | resign the game                             |   
+---+---------------------------------------------+   
it's your turn to move! what do you choose?           
+--------------------- moved ---------------------+   
| you removed 1 stones from pile 0                |   
+---+-------------- stones info ------------------+   
| 0 | o                                           |    
| 1 | o                                           |   
+--------------------- moved ---------------------+   
| i removed 1 stones from pile 0                  |   
+---+-------------- stones info ------------------+   
| 0 | o                                           |   
+---+--------------- game menu -------------------+   
| 0 | make a move                                 |   
| 1 | save the current game and leave             |   
| 2 | resign the game                             |  
+---+---------------------------------------------+  
it's your turn to move! what do you choose? 0         
which pile do you choose? 0                           
how many stones do you remove? 1                      
+---------------- congratulations ----------------+   
| you are a true grandmaster of chess! here is    |   
| the flag for you:                               |   
| AIS3{Ar3_y0u_a_N1m_ma57er_0r_a_Crypt0_ma57er?}  |   
+-------------------------------------------------+

Three Dimensional Secret

打開封包檔
看到很多Protocol=TCP，隨機點一個

選follow -> TCP Stream

打開後會出現很多同一格式的程式碼
拿去問chatgpt，得知這是G code

上網找預覽器，找到https://nraynaud.github.io/webgcode/

貼上code就看到flag了

crypto

zkp

原本想說開暴力解，吃完飯發現還是沒結果，
上網找資料找到這個酷酷的函式庫叫sympy，大數字也可以快速解，
用sympy去計算離散對數r，再去算sk，
求得sk後丟long_to_bytes求回flag

!pip install sympy
from Crypto.Util.number import inverse
from sympy.ntheory import discrete_log

# 已知參數
p = 912963562570713895762123712634341582363191342435924527885311975797578046400116904692505817547350929619596093083745446525856149291591598712142696114753807416455553636357128701771057485027781550780145668058332461392878693207262984011086549089459904749465167095482671894984474035487400352761994560452501497000487
g = 5
y = 826538666839613533825164219540577914201103248283631882579415248247469603672292332561005185045449294103457059566058782307774879654805356212117148864755019033392691510181464751398765490686084806155442759849410837406192708511190585484331707794669398717997173649869228717077858848442336016926370038781486833717341
a = 837391429146716246298265649828833926553703307768263532882119633652369160923460038502759864396719595556822579283450060054716753545203402598089323793321805639129260667950080636462204135426887388899955615207806039627983773534304007953073586374003734715079722274887416433453079445822219423995951703135829496007286        
c = 1 # 這邊用1可以節省運算時間
w = 394811387946114683904252174454710537206578693342055809178279464013047561646863743919996435695718914181044539464633729592712968512748007403695056092396246866848389859706990642501065525104839776919236901735230456614618350145301893017979866181624159788935390202502224091369603614245766192646548573130781044536668

# 用sympy計算離散對數r
def compute_r(g, a, p):
    return discrete_log(p, a, g)

# 算sk
def compute_sk(p, g, y, a, w, c):
    r = compute_r(g, a, p)
    p_minus_1 = p - 1
    c_inv = inverse(c, p_minus_1)
    sk = (w - r) * c_inv % p_minus_1
    return sk

# 計算 輸出sk
sk = compute_sk(p, g, y, a, w, c)
print("Computed sk:", sk)

1
2
3

Requirement already satisfied: sympy in /usr/local/lib/python3.10/dist-packages (1.12)
Requirement already satisfied: mpmath>=0.19 in /usr/local/lib/python3.10/dist-packages (from sympy) (1.3.0)
Computed sk: 796124238634205301132370159483254378466188675876173490569851599404569838177493188146821283009169954596409601313555455638014751336770403395328637

from Crypto.Util.number import long_to_bytes

# 已知參數
sk = 796124238634205301132370159483254378466188675876173490569851599404569838177493188146821283009169954596409601313555455638014751336770403395328637

# 私鑰轉flag
flag = long_to_bytes(sk)

print("Flag:", flag)

1	Flag: b'AIS3{ToSolveADiscreteLogProblemWhithSmoothPIsSoEZZZZZZZZZZZ}'