# Crypto CTFs Tricks

<details>

<summary><strong>从零开始学习 AWS 黑客技术，成为专家</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE（HackTricks AWS 红队专家）</strong></a><strong>！</strong></summary>

支持 HackTricks 的其他方式：

* 如果您想看到您的**公司在 HackTricks 中做广告**或**下载 PDF 版本的 HackTricks**，请查看[**订阅计划**](https://github.com/sponsors/carlospolop)!
* 获取[**官方 PEASS & HackTricks 商品**](https://peass.creator-spring.com)
* 探索[**PEASS 家族**](https://opensea.io/collection/the-peass-family)，我们的独家[**NFTs**](https://opensea.io/collection/the-peass-family)
* **加入** 💬 [**Discord 群组**](https://discord.gg/hRep4RUj7f) 或 [**电报群组**](https://t.me/peass) 或在 **Twitter** 🐦 上关注我们 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**。**
* 通过向 [**HackTricks**](https://github.com/carlospolop/hacktricks) 和 [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github 仓库提交 PR 来分享您的黑客技巧。

</details>

## 在线哈希数据库

* ***谷歌搜索***
* <http://hashtoolkit.com/reverse-hash?hash=4d186321c1a7f0f354b297e8914ab240>
* [https://www.onlinehashcrack.com/](https://www.onlinehashcrack.com)
* [https://crackstation.net/](https://crackstation.net)
* [https://md5decrypt.net/](https://md5decrypt.net)
* <https://www.onlinehashcrack.com>
* [https://gpuhash.me/](https://gpuhash.me)
* <https://hashes.org/search.php>
* [https://www.cmd5.org/](https://www.cmd5.org)
* <https://hashkiller.co.uk/Cracker/MD5>
* <https://www.md5online.org/md5-decrypt.html>

## 魔术自动解密器

* [**https://github.com/Ciphey/Ciphey**](https://github.com/Ciphey/Ciphey)
* <https://gchq.github.io/CyberChef/>（魔术模块）
* <https://github.com/dhondta/python-codext>
* <https://www.boxentriq.com/code-breaking>

## 编码器

大多数编码数据可以使用以下两个资源解码：

* <https://www.dcode.fr/tools-list>
* <https://gchq.github.io/CyberChef/>

### 替换自动解密器

* <https://www.boxentriq.com/code-breaking/cryptogram>
* [https://quipqiup.com/](https://quipqiup.com) - 非常好！

#### 凯撒密码 - ROTx 自动解密器

* <https://www.nayuki.io/page/automatic-caesar-cipher-breaker-javascript>

#### 阿特巴什密码

* <http://rumkin.com/tools/cipher/atbash.php>

### 基础编码自动解密器

使用以下链接检查所有这些基础：<https://github.com/dhondta/python-codext>

* **Ascii85**
* `BQ%]q@psCd@rH0l`
* **Base26** \[*A-Z*]
* `BQEKGAHRJKHQMVZGKUXNT`
* **Base32** \[*A-Z2-7=*]
* `NBXWYYLDMFZGCY3PNRQQ====`
* **Zbase32** \[*ybndrfg8ejkmcpqxot1uwisza345h769*]
* `pbzsaamdcf3gna5xptoo====`
* **Base32 Geohash** \[*0-9b-hjkmnp-z*]
* `e1rqssc3d5t62svgejhh====`
* **Base32 Crockford** \[*0-9A-HJKMNP-TV-Z*]
* `D1QPRRB3C5S62RVFDHGG====`
* **Base32 Extended Hexadecimal** \[*0-9A-V*]
* `D1NMOOB3C5P62ORFDHGG====`
* **Base45** \[*0-9A-Z $%\*+-./:*]
* `59DPVDGPCVKEUPCPVD`
* **Base58 (bitcoin)** \[*1-9A-HJ-NP-Za-km-z*]
* `2yJiRg5BF9gmsU6AC`
* **Base58 (flickr)** \[*1-9a-km-zA-HJ-NP-Z*]
* `2YiHqF5bf9FLSt6ac`
* **Base58 (ripple)** \[*rpshnaf39wBUDNEGHJKLM4PQ-T7V-Z2b-eCg65jkm8oFqi1tuvAxyz*]
* `pyJ5RgnBE9gm17awU`
* **Base62** \[*0-9A-Za-z*]
* `g2AextRZpBKRBzQ9`
* **Base64** \[*A-Za-z0-9+/=*]
* `aG9sYWNhcmFjb2xh`
* **Base67** \[*A-Za-z0-9-*.!\~\_]
* `NI9JKX0cSUdqhr!p`
* **Base85 (Ascii85)** \[*!"#$%&'()\*+,-./0-9:;<=>?@A-Z\[\\]^\_\`a-u*]
* `BQ%]q@psCd@rH0l`
* **Base85 (Adobe)** \[*!"#$%&'()\*+,-./0-9:;<=>?@A-Z\[\\]^\_\`a-u*]
* `<~BQ%]q@psCd@rH0l~>`
* **Base85 (IPv6 or RFC1924)** \[*0-9A-Za-z!#$%&()\*+-;<=>?@^*\`{|}\~\_]
* `Xm4y`V\_|Y(V{dF>\`
* **Base85 (xbtoa)** \[*!"#$%&'()\*+,-./0-9:;<=>?@A-Z\[\\]^\_\`a-u*]
* `xbtoa Begin\nBQ%]q@psCd@rH0l\nxbtoa End N 12 c E 1a S 4e6 R 6991d`
* **Base85 (XML)** \[*0-9A-Za-y!#$()\*+,-./:;=?@^\`{|}\~z\_*]
* `Xm4y|V{~Y+V}dF?`
* **Base91** \[*A-Za-z0-9!#$%&()\*+,./:;<=>?@\[]^\_\`{|}\~"*]
* `frDg[*jNN!7&BQM`
* **Base100** \[]
* `👟👦👣👘👚👘👩👘👚👦👣👘`
* **Base122** \[]
* `4F ˂r0Xmvc`
* **ATOM-128** \[*/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC*]
* `MIc3KiXa+Ihz+lrXMIc3KbCC`
* **HAZZ15** \[*HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5*]
* `DmPsv8J7qrlKEoY7`
* **MEGAN35** \[*3G-Ub=c-pW-Z/12+406-9Vaq-zA-F5*]
* `kLD8iwKsigSalLJ5`
* **ZONG22** \[*ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2*]
* `ayRiIo1gpO+uUc7g`
* **ESAB46** \[]
* `3sHcL2NR8WrT7mhR`
* **MEGAN45** \[]
* `kLD8igSXm2KZlwrX`
* **TIGO3FX** \[]
* `7AP9mIzdmltYmIP9mWXX`
* **TRIPO5** \[]
* `UE9vSbnBW6psVzxB`
* **FERON74** \[]
* `PbGkNudxCzaKBm0x`
* **GILA7** \[]
* `D+nkv8C1qIKMErY1`
* **Citrix CTX1** \[]
* `MNGIKCAHMOGLKPAKMMGJKNAINPHKLOBLNNHILCBHNOHLLPBK`

<http://k4.cba.pl/dw/crypo/tools/eng_atom128c.html> - 404 Dead: <https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html>

### HackerizeXS \[*╫Λ↻├☰┏*]

```
╫☐↑Λ↻Λ┏Λ↻☐↑Λ
```

* <http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html> - 404 Dead: <https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html>

### Morse

* <http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html> - 404 Dead: <https://web.archive.org/web/20190228181208/http://k4.cba.pl/dw/crypo/tools/eng_hackerize.html>

### 摩尔斯

```
.... --- .-.. -.-. .- .-. .- -.-. --- .-.. .-
```

* <http://k4.cba.pl/dw/crypo/tools/eng_morse-encode.html> - 404 Dead: <https://gchq.github.io/CyberChef/>

### UUencoder

* <http://k4.cba.pl/dw/crypo/tools/eng_morse-encode.html> - 404 死链: <https://gchq.github.io/CyberChef/>

```
begin 644 webutils_pl
M2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(
M3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/
F3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$%(3TQ!2$],04A/3$$`
`
end
```

* <http://www.webutils.pl/index.php?idx=uu>

### XXEncoder

```
begin 644 webutils_pl
hG2xAEIVDH236Hol-G2xAEIVDH236Hol-G2xAEIVDH236Hol-G2xAEIVDH236
5Hol-G2xAEE++
end
```

* [www.webutils.pl/index.php?idx=xx](https://github.com/carlospolop/hacktricks/tree/bf578e4c5a955b4f6cdbe67eb4a543e16a3f848d/crypto/www.webutils.pl/index.php?idx=xx)

### YEncoder

* [www.webutils.pl/index.php?idx=xx](https://github.com/carlospolop/hacktricks/tree/bf578e4c5a955b4f6cdbe67eb4a543e16a3f848d/crypto/www.webutils.pl/index.php?idx=xx)

### YEncoder

```
=ybegin line=128 size=28 name=webutils_pl
ryvkryvkryvkryvkryvkryvkryvk
=yend size=28 crc32=35834c86
```

* <http://www.webutils.pl/index.php?idx=yenc>

### BinHex

```
(This file must be converted with BinHex 4.0)
:#hGPBR9dD@acAh"X!$mr2cmr2cmr!!!!!!!8!!!!!-ka5%p-38K26%&)6da"5%p
-38K26%'d9J!!:
```

* <http://www.webutils.pl/index.php?idx=binhex>

### ASCII85

* <http://www.webutils.pl/index.php?idx=binhex>

### ASCII85

```
<~85DoF85DoF85DoF85DoF85DoF85DoF~>
```

* <http://www.webutils.pl/index.php?idx=ascii85>

### Dvorak键盘

```
drnajapajrna
```

* <https://www.geocachingtoolbox.com/index.php?lang=en&page=dvorakKeyboard>

### A1Z26

字母对应它们的数字值

```
8 15 12 1 3 1 18 1 3 15 12 1
```

### 仿射密码编码

将字母转换为数字 `(ax+b)%26`（*a* 和 *b* 是密钥，*x* 是字母），然后将结果转换回字母

```
krodfdudfrod
```

### 短信代码

**Multitap** [通过在移动电话键盘上定义的相应键代码重复数字来替换字母](https://www.dcode.fr/word-letter-change)（在编写短信时使用此模式）。\
例如：2=A, 22=B, 222=C, 3=D...\
您可以识别此代码，因为您会看到**多个重复的数字**。

您可以在以下链接中解码此代码：<https://www.dcode.fr/multitap-abc-cipher>

### 培根密码

将每个字母替换为4个A或B（或1和0）。

```
00111 01101 01010 00000 00010 00000 10000 00000 00010 01101 01010 00000
AABBB ABBAB ABABA AAAAA AAABA AAAAA BAAAA AAAAA AAABA ABBAB ABABA AAAAA
```

### 符文

![](/files/naxdNY4yvsResE1RgMWm)

## 压缩

**原始压缩** 和 **原始解压**（您可以在 Cyberchef 中找到）可以在没有标头的情况下压缩和解压数据。

## 简单加密

### 异或 - 自动解密器

* <https://wiremask.eu/tools/xor-cracker/>

### Bifid

需要关键词

```
fgaargaamnlunesuneoa
```

### 维吉尼亚密码

需要一个关键词

```
wodsyoidrods
```

* <https://www.guballa.de/vigenere-solver>
* <https://www.dcode.fr/vigenere-cipher>
* <https://www.mygeocachingprofile.com/codebreaker.vigenerecipher.aspx>

## 强加密

### Fernet

2个base64字符串（令牌和密钥）

```
Token:
gAAAAABWC9P7-9RsxTz_dwxh9-O2VUB7Ih8UCQL1_Zk4suxnkCvb26Ie4i8HSUJ4caHZuiNtjLl3qfmCv_fS3_VpjL7HxCz7_Q==

Key:
-s6eI5hyNh8liH7Gq0urPC-vzPgNnxauKvRO4g03oYI=
```

* <https://asecuritysite.com/encryption/ferdecode>

### Samir 秘密分享

一个秘密被分成 X 部分，要恢复它，你需要 Y 部分（*Y <=X*）。

```
8019f8fa5879aa3e07858d08308dc1a8b45
80223035713295bddf0b0bd1b10a5340b89
803bc8cf294b3f83d88e86d9818792e80cd
```

<http://christian.gen.co/secrets/>

### OpenSSL暴力破解

* <https://github.com/glv2/bruteforce-salted-openssl>
* <https://github.com/carlospolop/easy_BFopensslCTF>

## 工具

* <https://github.com/Ganapati/RsaCtfTool>
* <https://github.com/lockedbyte/cryptovenom>
* <https://github.com/nccgroup/featherduster>

<details>

<summary><strong>从零开始学习AWS黑客技术，成为专家</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

支持HackTricks的其他方式：

* 如果您想在HackTricks中看到您的**公司广告**或**下载PDF格式的HackTricks**，请查看[**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* 获取[**官方PEASS & HackTricks周边产品**](https://peass.creator-spring.com)
* 探索[**PEASS Family**](https://opensea.io/collection/the-peass-family)，我们的独家[NFTs](https://opensea.io/collection/the-peass-family)收藏品
* **加入** 💬 [**Discord群**](https://discord.gg/hRep4RUj7f) 或 [**电报群**](https://t.me/peass) 或在**Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**上关注**我们。
* 通过向[**HackTricks**](https://github.com/carlospolop/hacktricks)和[**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github仓库提交PR来分享您的黑客技巧。

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hacktricks.xsx.tw/crypto-and-stego/crypto-ctfs-tricks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.