• CTF杂项之BubbleBabble加密算法


    这题很坑,刚开始我拿到就分析不出来了(/无奈),关键是不知道是什么加密算法,后来看题目描述的bubble,猜测是bubble

    这种算法(听都没听说过。。。)

    上图

    这串编码

    xinik-samak-luvag-hutaf-fysil-notok-mepek-vanyh-zipef-hilok-detok-damif-cusol-fezyx
    

     百度也没找到哪里有,后面看到有大佬写的writeup,于是就借鉴一下下,233

    这里是这种加密算法的解释(为了方便大家,加密算法我复制到文末),链接传送:http://wiki.yak.net/589/Bubble_Babble_Encoding.txt

    附上解题代码,楼主用的python3.7,另外bubblepy这个库需要导入一下,网址附上https://pypi.python.org/pypi/bubblepy/

    from bubblepy import BubbleBabble
    #导入包bubblepy
    str='xinik-samak-luvag-hutaf-fysil-notok-mepek-vanyh-zipef-hilok-detok-damif-cusol-fezyx'
    #str是待解密字符
    Str=BubbleBabble()
    print(Str.decode(str))

    最后,get Flag

    这里是BubbleBabble加密算法

    authors==Huima
    status==Experimental
    title==The Bubble Babble Binary Data Encoding
    number==Internet Draft
    date==April 2000
    Network Working Group                                        Antti Huima
    Internet Draft                               SSH Communications Security
    draft-huima-babble-01.txt                                     April 2000
    
    
    		The Bubble Babble Binary Data Encoding
    
    Status of this Memo
    
       This memo provides information for the Internet community.  It does
       not specify an Internet standard of any kind.  Distribution of this
       memo is unlimited.
    
    Copyright Notice
    
       Copyright (C) The Internet Society (2000).  All Rights Reserved.
    
    Abstract
    
       This document describes a new encoding method for binary data that is
       intended to be used in conjunction with fingerprints of
       security-critical data.
    
    1. Introduction
    
       Hash values of certificates and public keys, known as fingerprints
       or thumbprints, are commonly used for verifying that a received
       security-critical datum has been received correctly.  Fingerprints
       are binary data and typically encoded as series of hexadecimal
       digits. However, long strings hexadecimal digits are difficult for
       comprehend and cumbersome to translate reliably e.g. over phone.
    
       The Bubble Babble Encoding encodes arbitrary binary data into
       pseudowords that are more natural to humans and that can be
       pronounced relatively easily. The encoding consumes asymptotically
       the same amount of space as an encoding of the form
    
         HH HH HH HH ...
    
       where `H' is a hexadecimal digit, i.e. carries 16 bits in six
       characters. However, the Bubble Babble Encoding includes a
       checksumming method that can sometimes detect invalid encodings.
       The method does not increase the length of the encoded data.
    
    2. Encoding
    
       Below, _|X|_ denotes the largest integer not greater than X.
    
       Let the data to be encoded be D[1] ... D[K] where K is the length
       of the data in bytes; every D[i] is an integer from 0 to 2^8 - 1.
       First define the checksum series C[1] ... C[_|K/2|_] where
    
         C[1] = 1
    
         C[n] = (C[n - 1] * 5 + (D[n * 2 - 3] * 7 + D[n * 2 - 2])) mod 36
    
       The data is then transformed into _|K/2|_ `tuples'
       T[1] ... T[_|K/2|_] and one `partial tuple' P so that
    
         T[i] = <a, b, c, d, e> 
    
       where
    
         a = (((D[i * 2 - 3] >> 6) & 3) + C[i]) mod 6
         b = (D[i * 2 - 3] >> 2) & 15
         c = (((D[i * 2 - 3]) & 3) + _|C[i] / 6|_) mod 6
         d = (D[i * 2 - 2] >> 4) & 15; and
         e = (D[i * 2 - 3]) & 15.
    
       The partial tuple P is
    
         P = <a, b, c>
    
       where if K is even then
    
         a = (C[i]) mod 6
         b = 16
         c = _|C[i] / 6|_
    
       but if it is odd then
    
         a = (((D[K] >> 6) & 3) + C[i]) mod 6
         b = (D[K] >> 2) & 15
         c = (((D[K]) & 3) + _|C[i] / 6|_) mod 6
       
       The `vowel table' V maps integers between 0 and 5 to vowels as
     
         0 - a
         1 - e
         2 - i
         3 - o
         4 - u
         5 - y
    
       and the `consonant table' C maps integers between 0 and 16 to
       consonants as
    
         0 - b
         1 - c
         2 - d
         3 - f
         4 - g
         5 - h
         6 - k
         7 - l
         8 - m
         9 - n
        10 - p
        11 - r
        12 - s
        13 - t
        14 - v
        15 - z
        16 - x
       
       The encoding E(T) of a tuple T = <a, b, c, d, e> is then the string
    
         V[a] C[b] V[c] C[d] `-' C[e]
     
       where there are five characters, and `-' is the literal hyphen.
    
       The encoding E(P) of a partial tuple P = <a, b, c> is the
       three-character string
    
         V[a] C[b] V[c].
    
       Finally, the encoding of the whole input data D is obtained as
    
         `x' E(T[1]) E(T[2]) ... E(T[_|K/2|_]) E(P) `x'
    
       where `x's are literal characters.
    
    3. Decoding
    
       Decoding is obviously the process of encoding reversed.
    
       To check the checksums, when a tuple <a, b, c, d, e> or partial
       tuple <a, b, c> has been recovered from the encoded string, an
       implementation should check that ((a - C[i]) mod 6) < 4 and that
       ((c - C[i]) mod 6) < 4. Otherwise the encoded string is not a valid
       encoding of any data and should be rejected.
    
    4. Checksum Strength
    
       Every vowel in an encoded string carries 0.58 bits redundancy; thus
       the length of the `checksum' in the encoding of an input string
       containing K bytes is 0.58 * K bits.
    
    5. Test Vectors
    
       ASCII Input       Encoding
       ------------------------------------------------------------------
       `' (empty string) `xexax'
       `1234567890'      `xesef-disof-gytuf-katof-movif-baxux'
       `Pineapple'       `xigak-nyryk-humil-bosek-sonax'
    
    6. Author's Address
    
       Antti Huima
       SSH Communications Security, Ltd.
       [XXX]
    
    7. Full Copyright Statement
    
       Copyright (C) The Internet Society (2000).  All Rights Reserved.
    
       This document and translations of it may be copied and furnished to
       others, and derivative works that comment on or otherwise explain
       it or assist in its implementation may be prepared, copied,
       published and distributed, in whole or in part, without restriction
       of any kind, provided that the above copyright notice and this
       paragraph are included on all such copies and derivative works.
       However, this document itself may not be modified in any way, such
       as by removing the copyright notice or references to the Internet
       Society or other Internet organizations, except as needed for the
       purpose of developing Internet standards in which case the
       procedures for copyrights defined in the Internet Standards process
       must be followed, or as required to translate it into languages
       other than English.
    
       The limited permissions granted above are perpetual and will not be
       revoked by the Internet Society or its successors or assigns.
    
       This document and the information contained herein is provided on
       an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
       ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
       IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
       THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
       WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
    
  • 相关阅读:
    Java 中的悲观锁和乐观锁的实现
    乐观锁和悲观锁的区别
    理解RESTful架构
    修复Linux下curl等无法使用 Let's Encrypt 证书
    呕心沥血 AR VR 好资源分享
    linux服务器出现大量TIME_WAIT的解决方法
    Ubuntu系统 无法删除 redis-server
    Python Flask jsonify a Decimal Error
    微信小程序 订阅消息 对接详细记录
    FTP时显示500 Illegal PORT command的解决
  • 原文地址:https://www.cnblogs.com/mke2fs/p/10616588.html
Copyright © 2020-2023  润新知