什么低质量wp，重新写

好吧，还是很低质量，不如看官方wp

Forensics

dump dumpd dump 1.0

• 先strings获取一下所有的可见字符，搜了几个常见的词，大致确定了有哪些函数，通过搜索a = 确定了中间过程的值，大致推断由异或，AES，换表base64生成结果，主要就是找AES的key，用aeskeyfind读一下就出了

apt install aeskeyfind

aes_key: 0E EA C3 E3 2B 31 44 4A B2 44 A4 15 B2 75 B7 F7
aes_mode: ECB
base64_table: ZzYyXxAaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWw0123456789+/
xor_key: PYThoN_For3N5IC$_i5_r3aL1Y_w0nDERfu1
encoded: CsQ5vL6LTwtgKyW0bdZKhpN1S/OqiLwI++G1cPD5SfhA0EkXej7RIBk1z9/8mm7fjzE5+THCsGJPOJXRp7JQa18juUtswBQguYi4e2TAHIT=

dump dump dump 2.0

• 和第一个的区别换了一下模式，多了个iv的值，反正值肯定在这个文件里，挨个爆破就成（由下一道题爆破结果来看，并不一定在文件里，只是运气好罢了）

aes_key: C4 DA AB E0 A2 0A 9E 26 EF 2B A0 83 3B 2C C2 E7
iv: a2b38779985a25bfec905a67809790ec
base64_table: ZYXABCDEFGHIJKLMNOPQRSTUVWzyxabcdefghijklmnopqrstuvw0123456789+/
xor_key: How_@8OuT_53CONd_PARt_0F_FoR3n5ICS!
encoded: NhCMHiPvC2WWk3/OxNU10e8yrNm/mR8t3+9PsE9ALnT2xsGFg/dKVUwoU3Egv0lR

dump dump dump 2.5

• 正解，当iv为0时，能够获取部分的明文，通过部分明文找全部明文

aes_key: 0e805c9b86ff8c94ca68a3a5ad8f2836
base64_table: ZYXABCDEFGHIJKLMNOPQRSTUVWzyxabcdefghijklmnopqrstuvw0123456789+/
xor_key: T1me_For_5ecOnD_P4R7_of_thE$E_FOREN$ICs_hoPe_no_fOr3NSC15
encoded: uBLJX+/zmxZn6oKVymM7t4HbVEiBvv7+kFKf/DZNHkQxF1wC0L1f4DmP5O5GO/H2HfrI+W3SdtSGJKSjVM+qO50SSxpVIJ4YTrE2r/V7bj0=

begin{hope_THis_Time_no_un1nteND3d_$OL_4ND_9oT_ae$_C8C_tRICk_of_CRYPtO}

dump dump dump 3.0

• 未放出题目，比前几个多了一个shuffle，把明文字符顺序做了打乱，正解应该是要通过mt19937的中间态获取原来的值，不会

aes_key: c929ad4628b129b100182950d68e091d
base64_table: ZYXABCDEFGHIJKLMNOPQRSTUVWzyxabcdefghijklmnopqrstuvw0123456789+/
xor_key: HOw_ABOUt_p@RT3_OF_th3_PYthON_fOren5ics!
shuffled: 07 73 2C 0C 28 06 1D 25 3B 1E 26 5B 22 3D 47 3F 2A 0A 20 68 6C 32 39 1C 1B 5B 3E 0F 1A 3A 2F 2B 00 6C 76 0D 36 75 76 10 6C 39 2A 2A 2B 3A 26 2F 34 06
encoded: clHfzkOg2Ceyn3zcdFxUfkz0iZBDDw830dVvCVBcjS1lxz9AYV99mi3uobfKvOPg4s605xXQw+YWBmq6av8njN==

begin{TIME_FOr_dumPV3_And_did_YOu_KnoW_ThE_m719937}