From 8c5aec8a73fdc568ca1b20b6ccbdcd89c7907854 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9B=BE=E5=93=A5?= <54609266+AabyssZG@users.noreply.github.com> Date: Mon, 23 Oct 2023 16:18:50 +0800 Subject: [PATCH 1/4] Update README.md --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index afb8573..759b103 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,6 @@ # CRC32-Tools_整合版 ## 一款CTFer专属的CRC碰撞全自动化脚本(单脚本整合版) -[![Security Status](https://v3-hkylzjk.murphysec.com/platform3/v3/badge/1615697439533596672.svg)](https://www.murphysec.com/accept?code=2008baa4bd5e2eecec09bc860e2de389&type=1&from=2&t=2) - ## 1#关于该项目 在我们日常的CTF比赛中,通常会遇到压缩包破解的问题。其中重要的一个操作就是通过CRC碰撞来获取压缩包内小文件的内容,从而尝试解密压缩包 而我在实际的CTF比赛中,发现常用的CRC的爆破脚本并不好用(主要是还需要一些人工操作,如果压缩包内的文件较多,非常麻烦),就萌生了自己写一个自动化CRC碰撞脚本出来的想法 From 1b17509515e0e4625618245b894610c67c71ad84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9B=BE=E5=93=A5?= <54609266+AabyssZG@users.noreply.github.com> Date: Fri, 10 Nov 2023 10:41:19 +0800 Subject: [PATCH 2/4] Update CRC32-Tools.py --- CRC32-Tools.py | 150 ++++++++++++++++++++++++++++--------------------- 1 file changed, 85 insertions(+), 65 deletions(-) diff --git a/CRC32-Tools.py b/CRC32-Tools.py index 538cf40..f465f73 100644 --- a/CRC32-Tools.py +++ b/CRC32-Tools.py @@ -4,7 +4,7 @@ import argparse import string import binascii -import io +import io, sys def title(): print('+-----------------------------------------------------+') @@ -13,19 +13,19 @@ def title(): print('+ Title: CRC32-Tools,so easy!!! +') print('+ python3 CRC32-Tools.py -h --> 根据不同情况选择参数 +') print('+ 作者:曾哥(AabyssZG) +') - print('+ 版本:V2.2整合版 +') + print('+ 版本:V2.3整合版 +') print('+-----------------------------------------------------+') def FileRead(zipname): try: - f =open(zipname) #打开目标文件 - f.close() + f =open(zipname) #打开目标文件 + f.close() except FileNotFoundError: - print ("未找到同目录下的压缩包文件" + zipname) #如果未找到文件,输出错误 - return #退出线程,进行详细报错 + print ("未找到同目录下的压缩包文件" + zipname) #如果未找到文件,输出错误 + return #退出线程,进行详细报错 except PermissionError: - print ("无法读取目标压缩包(无权限访问)") #如果发现目标文件无权限,输出错误 - return #退出线程,进行详细报错 + print ("无法读取目标压缩包(无权限访问)") #如果发现目标文件无权限,输出错误 + return #退出线程,进行详细报错 def ReadCRC(zipname): zip_url = "./" + zipname @@ -34,9 +34,9 @@ def ReadCRC(zipname): crc_list = [] print('+--------------遍历指定压缩包的CRC值----------------+') for name in name_list: - name_message = file_zip.getinfo(name) - crc_list.append(hex(name_message.CRC)) - print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) + name_message = file_zip.getinfo(name) + crc_list.append(hex(name_message.CRC)) + print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) print('+---------------------------------------------------+') crc32_list = str(crc_list) crc32_list = crc32_list.replace('\'' , '') @@ -50,10 +50,10 @@ def OneByte(zipname): crc32_list = [] print('+--------------遍历指定压缩包的CRC值----------------+') for name in name_list: - name_message = file_zip.getinfo(name) - crc_list.append(name_message.CRC) - crc32_list.append(hex(name_message.CRC)) - print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) + name_message = file_zip.getinfo(name) + crc_list.append(name_message.CRC) + crc32_list.append(hex(name_message.CRC)) + print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) print('+-------------对输出的CRC值进行碰撞-----------------+') comment = '' chars = string.printable @@ -69,9 +69,9 @@ def OneByte(zipname): crc32_list = crc32_list.replace('\'' , '') print("读取成功,导出CRC列表为:" + crc32_list) #导出CRC列表 if comment: - print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 + print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 else: - print('CRC碰撞没有结果,请检查压缩包内文件是否为1Byte!!!') + print('CRC碰撞没有结果,请检查压缩包内文件是否为1Byte!!!') def TwoByte(zipname): zip_url = "./" + zipname @@ -81,10 +81,10 @@ def TwoByte(zipname): crc32_list = [] print('+--------------遍历指定压缩包的CRC值----------------+') for name in name_list: - name_message = file_zip.getinfo(name) - crc_list.append(name_message.CRC) - crc32_list.append(hex(name_message.CRC)) - print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) + name_message = file_zip.getinfo(name) + crc_list.append(name_message.CRC) + crc32_list.append(hex(name_message.CRC)) + print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) print('+-------------对输出的CRC值进行碰撞-----------------+') comment = '' chars = string.printable @@ -102,9 +102,9 @@ def TwoByte(zipname): crc32_list = crc32_list.replace('\'' , '') print("读取成功,导出CRC列表为:" + crc32_list) #导出CRC列表 if comment: - print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 + print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 else: - print('CRC碰撞没有结果,请检查压缩包内文件是否为2Byte!!!') + print('CRC碰撞没有结果,请检查压缩包内文件是否为2Byte!!!') def ThreeByte(zipname): zip_url = "./" + zipname @@ -114,31 +114,39 @@ def ThreeByte(zipname): crc32_list = [] print('+--------------遍历指定压缩包的CRC值----------------+') for name in name_list: - name_message = file_zip.getinfo(name) - crc_list.append(name_message.CRC) - crc32_list.append(hex(name_message.CRC)) - print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) + name_message = file_zip.getinfo(name) + crc_list.append(name_message.CRC) + crc32_list.append(hex(name_message.CRC)) + print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) print('+-------------对输出的CRC值进行碰撞-----------------+') comment = '' chars = string.printable - for crc_value in crc_list: - for char1 in chars: - for char2 in chars: - for char3 in chars: - res_char = char1 + char2 + char3 #获取任意3Byte字符 - thicken_crc = binascii.crc32(res_char.encode()) #获取任意3Byte字符串的CRC32值 - calc_crc = thicken_crc & 0xffffffff #将任意3Byte字符串的CRC32值与0xffffffff进行与运算 + result_dict={} + for char1 in chars: + for char2 in chars: + for char3 in chars: + res_char = char1 + char2 + char3 #获取任意3Byte字符 + thicken_crc = binascii.crc32(res_char.encode()) #获取任意3Byte字符串的CRC32值 + calc_crc = thicken_crc & 0xffffffff #将任意3Byte字符串的CRC32值与0xffffffff进行与运算 + for crc_value in crc_list: if calc_crc == crc_value: #匹配两个CRC32值 - print('[Success] {}: {}'.format(hex(crc_value),res_char)) - comment += res_char + index = crc32_list.index(hex(crc_value)) + num = int(index) + new_data = {num : res_char} + print('[Success] 第 {} 个文件 {}: {}'.format(num,hex(crc_value),res_char)) + result_dict.update(new_data) + break + sorted_items = sorted(result_dict.items()) + for key, res_char in sorted_items: + comment += res_char print('+-----------------CRC碰撞结束!!!-----------------+') crc32_list = str(crc32_list) crc32_list = crc32_list.replace('\'' , '') print("读取成功,导出CRC列表为:" + crc32_list) #导出CRC列表 if comment: - print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 + print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 else: - print('CRC碰撞没有结果,请检查压缩包内文件是否为3Byte!!!') + print('CRC碰撞没有结果,请检查压缩包内文件是否为3Byte!!!') def FourByte(zipname): zip_url = "./" + zipname @@ -148,32 +156,40 @@ def FourByte(zipname): crc32_list = [] print('+--------------遍历指定压缩包的CRC值----------------+') for name in name_list: - name_message = file_zip.getinfo(name) - crc_list.append(name_message.CRC) - crc32_list.append(hex(name_message.CRC)) - print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) + name_message = file_zip.getinfo(name) + crc_list.append(name_message.CRC) + crc32_list.append(hex(name_message.CRC)) + print('[OK] {0}: {1}'.format(name,hex(name_message.CRC))) print('+-------------对输出的CRC值进行碰撞-----------------+') comment = '' chars = string.printable - for crc_value in crc_list: - for char1 in chars: - for char2 in chars: - for char3 in chars: - for char4 in chars: - res_char = char1 + char2 + char3 + char4 #获取任意4Byte字符 - thicken_crc = binascii.crc32(res_char.encode()) #获取任意4Byte字符串的CRC32值 - calc_crc = thicken_crc & 0xffffffff #将任意4Byte字符串的CRC32值与0xffffffff进行与运算 + result_dict={} + for char1 in chars: + for char2 in chars: + for char3 in chars: + for char4 in chars: + res_char = char1 + char2 + char3 + char4 #获取任意4Byte字符 + thicken_crc = binascii.crc32(res_char.encode()) #获取任意4Byte字符串的CRC32值 + calc_crc = thicken_crc & 0xffffffff #将任意4Byte字符串的CRC32值与0xffffffff进行与运算 + for crc_value in crc_list: if calc_crc == crc_value: #匹配两个CRC32值 - print('[Success] {}: {}'.format(hex(crc_value),res_char)) - comment += res_char + index = crc32_list.index(hex(crc_value)) + num = int(index) + new_data = {num : res_char} + print('[Success] 第 {} 个文件 {}: {}'.format(num,hex(crc_value),res_char)) + result_dict.update(new_data) + break + sorted_items = sorted(result_dict.items()) + for key, res_char in sorted_items: + comment += res_char print('+-----------------CRC碰撞结束!!!-----------------+') crc32_list = str(crc32_list) crc32_list = crc32_list.replace('\'' , '') print("读取成功,导出CRC列表为:" + crc32_list) #导出CRC列表 if comment: - print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 + print('CRC碰撞成功,结果为: {}'.format(comment)) #输出CRC碰撞结果 else: - print('CRC碰撞没有结果,请检查压缩包内文件是否为4Byte!!!') + print('CRC碰撞没有结果,请检查压缩包内文件是否为4Byte!!!') if __name__ == '__main__': title() @@ -187,20 +203,24 @@ def FourByte(zipname): args = parser.parse_args() try: if args.readzip: - FileRead(args.readzip) - ReadCRC(args.readzip) + FileRead(args.readzip) + ReadCRC(args.readzip) if args.onebyte: - FileRead(args.onebyte) - OneByte(args.onebyte) + FileRead(args.onebyte) + OneByte(args.onebyte) if args.twobyte: - FileRead(args.twobyte) - TwoByte(args.twobyte) + FileRead(args.twobyte) + TwoByte(args.twobyte) if args.threebyte: - FileRead(args.threebyte) - ThreeByte(args.threebyte) + FileRead(args.threebyte) + ThreeByte(args.threebyte) if args.fourbyte: - FileRead(args.fourbyte) - FourByte(args.fourbyte) + FileRead(args.fourbyte) + FourByte(args.fourbyte) + except KeyboardInterrupt: + print("Ctrl + C 手动终止了进程") + sys.exit() except BaseException as e: err = str(e) - print('脚本详细报错:' + err) \ No newline at end of file + print('脚本详细报错:' + err) + sys.exit(0) From 49ba0b6e3772edd9b1f4606d969d9c1e88c0fae0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9B=BE=E5=93=A5?= <54609266+AabyssZG@users.noreply.github.com> Date: Fri, 10 Nov 2023 10:41:39 +0800 Subject: [PATCH 3/4] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 759b103..79b62ad 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ ## 2#使用方式 在大部分的CTF比赛中,考题一般都会考察内容为1Byte/2Byte/3Byte/4Byte的CRC碰撞,所以目前我就写了这四个版本,如果后面有需求,我会优化或者写其他的版本 -**目前,该项目已经更新至2.2版本,分为单文件版和整合版** +**目前,该项目已经更新至2.3版本,分为单文件版和整合版** ### 单文件版 单文件版在本项目/SingleFile_Version文件夹中,包含5个Python脚本: From 228e64484e32c03850a346c5eab1d59687ff56cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9B=BE=E5=93=A5?= <54609266+AabyssZG@users.noreply.github.com> Date: Fri, 10 Nov 2023 10:46:09 +0800 Subject: [PATCH 4/4] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 79b62ad..860f79d 100644 --- a/README.md +++ b/README.md @@ -60,4 +60,5 @@ optional arguments: - 如果在使用过程中有问题,欢迎各位师傅提issues给我哈 ## 项目 Star 数量统计趋势图 -[![Stargazers over time](https://starchart.cc/AabyssZG/CRC32-Tools.svg)](https://starchart.cc/AabyssZG/CRC32-Tools) + +[![Star History Chart](https://api.star-history.com/svg?repos=AabyssZG/CRC32-Tools&type=Date)](https://star-history.com/#AabyssZG/CRC32-Tools&Date)