RC4流密码

题目:

get buf unsign s[256]

get buf t[256]

we have key:hello world

we have flag:????????????????????????????????

for i:0 to 256
    
set s[i]:i

for i:0 to 256
    set t[i]:key[(i)mod(key.lenth)]

for i:0 to 256
    set j:(j+s[i]+t[i])mod(256)
        swap:s[i],s[j]

for m:0 to 37
    set i:(i + 1)mod(256)
    set j:(j + S[i])mod(256)
    swap:s[i],s[j]
    set x:(s[i] + (s[j]mod(256))mod(256))
    set flag[m]:flag[m]^s[x]

fprint flagx to file

d8d2 963e 0d8a b853 3d2a 7fe2 96c5 2923
3924 6eba 0d29 2d57 5257 8359 322c 3a77
892d fa72 61b8 4f

解答:

def rc4_decrypt(ciphertext, key):
    # 初始化S盒
    s = list(range(256))
    j = 0

    # KSA (Key Scheduling Algorithm)
    for i in range(256):
        j = (j + s[i] + ord(key[i % len(key)])) % 256
        s[i], s[j] = s[j], s[i]

    # PRGA (Pseudo-Random Generation Algorithm) and decryption
    i = j = 0
    plaintext = bytearray()
    for byte in ciphertext:
        i = (i + 1) % 256
        j = (j + s[i]) % 256
        s[i], s[j] = s[j], s[i]
        k = s[(s[i] + s[j]) % 256]
        plaintext.append(byte ^ k)

    return bytes(plaintext)

key = "hello world"
# 加密后的标志,转换为字节
ciphertext = bytes.fromhex("d8d2963e0d8ab8533d2a7fe296c5292339246eba0d292d5752578359322c3a77892dfa7261b84f")

plaintext = rc4_decrypt(ciphertext, key)
print(plaintext.decode())
#WuCup{55a0a84f86a6ad40006f014619577ad3}

CyberChef可以直接解RC4

posted @ 2025-03-12 00:01  sevensnight  阅读(11)  评论(0)    收藏  举报