{"id":340,"date":"2025-01-14T15:15:50","date_gmt":"2025-01-14T07:15:50","guid":{"rendered":"https:\/\/zysgmzb.club\/?p=340"},"modified":"2025-01-14T15:20:23","modified_gmt":"2025-01-14T07:20:23","slug":"suctf%e4%b8%a4%e9%81%93blockchain%e4%b8%80%e7%82%b9%e7%82%b9wp","status":"publish","type":"post","link":"https:\/\/zysgmzb.club\/index.php\/archives\/340","title":{"rendered":"SUCTF\u4e24\u9053blockchain\u4e00\u70b9\u70b9wp"},"content":{"rendered":"<blockquote>\n<p>\u597d\u4e45\u6ca1\u6253ctf\u4e86\uff0c\u5468\u672b\u4e00\u4e2a\u4eba\u968f\u4fbf\u6253\u4e86\u6253\uff0c\u9898\u662f\u771f\u591a\uff0c\u8bb0\u5f55\u4e0b\u533a\u5757\u94fe\u9898\u76ee<\/p>\n<\/blockquote>\n<h3>Onchain Checkin<\/h3>\n<p>\u4e0d\u662f\u5f88\u61c2solana\uff0c\u6700\u8fd1\u5728\u5543rust\u5723\u7ecf\uff0c\u4ee5\u540e\u5c31\u53ef\u4ee5\u5b66\u5b66solana\uff0c\u4f46\u662f\u8fd8\u597d\u8fd9\u9898\u4e0d\u9700\u8981\u61c2<\/p>\n<p>\u6253\u5f00\u9644\u4ef6\u5148\u770b\u5230\u4e86Anchor.toml\uff0c\u91cc\u9762\u7684\u5185\u5bb9\u63d0\u793a\u4e86\u8fd9\u662f\u90e8\u7f72\u5728solana\u7684\u4e00\u4e2a\u6d4b\u8bd5\u94fedevnet\u4e0a\u7684<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pic1.imgdb.cn\/item\/67860a79d0e0a243d4f41f7b.png\" alt=\"\" \/><\/p>\n<p>\u7136\u540e\u662f\u91cc\u9762\u51e0\u6bb5rust<\/p>\n<p>\u9996\u5148\u662flib.rs\uff0c\u91cc\u9762\u7ed9\u4e86\u516c\u94a5\u548cflag2\u7684\u4fe1\u606f<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pic1.imgdb.cn\/item\/67860ad1d0e0a243d4f41f92.png\" alt=\"\" \/><\/p>\n<p>\u8fd8\u6709checkin.rs\uff0c\u5927\u6982\u770b\u770b\u5c31\u77e5\u9053\u53bb\u627e\u533a\u5757\u94fe\u6d4f\u89c8\u5668\u5c31\u884c\u4e86<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pic1.imgdb.cn\/item\/67860afcd0e0a243d4f41fa7.png\" alt=\"\" \/><\/p>\n<p>\u5730\u5740\u5982\u4e0b<\/p>\n<pre class=\"prettyprint linenums\" ><code>https:\/\/explorer.solana.com\/tx\/21hrX9ekAihzk5M1fE7EdagACu1LGJj8j4bBbU12oNc26nxdGpXknyXTXhUzG9ukuEgnPV2h5M5Yb57geD4vgjnk?cluster=devnet<\/code><\/pre>\n<p>\u7136\u540e\u5c31\u53ef\u4ee5\u627e\u5230flag\u7684\u51e0\u4e2a\u90e8\u5206\uff0c\u62fc\u8d77\u6765\u5c31\u597d<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pic1.imgdb.cn\/item\/67860b65d0e0a243d4f41fd5.png\" alt=\"\" \/><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/pic1.imgdb.cn\/item\/67860bb8d0e0a243d4f41ff8.png\" alt=\"\" \/><\/p>\n<p>\u5176\u4e2dflag1\u548cflag3\u662fbase58\u7f16\u7801\u7684<\/p>\n<h3>Onchain Magician<\/h3>\n<p>\u5bf9\u4e8e\u540c\u4e00\u4e2a\u79c1\u94a5\u548c\u6d88\u606f\uff0c\u53ef\u4ee5\u751f\u6210\u4e0d\u540c\u7684\u7b7e\u540d\uff0c\u5177\u4f53\u53ef\u4ee5\u770b\u8fd9\u7bc7\u6587\u7ae0<\/p>\n<pre class=\"prettyprint linenums\" ><code>https:\/\/learnblockchain.cn\/article\/8046#6.%20%E5%AE%9E%E7%8E%B0%E5%90%8C%E4%B8%80%E7%A7%81%E9%92%A5%EF%BC%8C%E5%90%8C%E4%B8%80%E6%B6%88%E6%81%AF%EF%BC%8C%E4%B8%8D%E5%90%8C%E7%AD%BE%E5%90%8D<\/code><\/pre>\n<p>\u4e8e\u662f\u81ea\u5df1\u672c\u5730\u751f\u4ea7\u4e24\u7ec4sig\uff0c\u7136\u540e\u4ea4\u4e92\u5c31\u53ef\u4ee5\u4e86<\/p>\n<p>\u4e0d\u8fc7\u8fd9\u9898\u7531\u4e8e\u4f7f\u7528\u7684\u662f\u666e\u901a\u7684ecrecover\u4e0d\u662fopenzepplin\u7684\u5b89\u5168\u7248\u672c\uff0c\u4f3c\u4e4e\u8fd8\u6709\u522b\u7684\u5bc6\u7801\u5b66\u76f8\u5173\u7684\u6f0f\u6d1e\uff0c\u8fd9\u91cc\u6ca1\u53bb\u8be6\u7ec6\u4e86\u89e3<\/p>\n<p>\u7b7e\u540d\uff1a<\/p>\n<pre class=\"prettyprint linenums\" ><code>const ethereumjsUtil = require(&#039;ethereumjs-util&#039;);\n\n\/\/ \u8981\u7b7e\u540d\u7684\u6d88\u606f\nconst message = Buffer.from(&#039;xxx&#039;, &#039;hex&#039;);\n\n\/\/ \u79c1\u94a5\uff08\u6ce8\u610f\uff1a\u8fd9\u53ea\u662f\u4e00\u4e2a\u793a\u4f8b\u79c1\u94a5\uff0c\u4e0d\u5e94\u8be5\u5728\u5b9e\u9645\u9879\u76ee\u4e2d\u4f7f\u7528\uff09\nconst privateKey = Buffer.from(&#039;xxx&#039;, &#039;hex&#039;);\n\nconst messageHash = ethereumjsUtil.keccak256(message);\n\n\/\/ \u4f7f\u7528\u79c1\u94a5\u5bf9\u6d88\u606f\u54c8\u5e0c\u8fdb\u884c\u7b7e\u540d\nconst signature = ethereumjsUtil.ecsign(messageHash, privateKey);\n\n\/\/ \u5c06\u7b7e\u540d\u7ed3\u679c\u8fdb\u884c\u683c\u5f0f\u5316\nconst formattedSignature = {\n    v: signature.v,\n    r: signature.r.toString(&#039;hex&#039;),\n    s: signature.s.toString(&#039;hex&#039;)\n};\n\nconsole.log(&#039;Message:&#039;, message);\nconsole.log(&#039;Message Hash:&#039;, messageHash.toString(&#039;hex&#039;));\nconsole.log(&#039;Signature:&#039;, formattedSignature);<\/code><\/pre>\n<p>\u7531\u4e8e\u9650\u5236\u4e86msg.sender\uff0c\u6240\u4ee5\u76f4\u63a5at address\u548c\u9898\u76ee\u5408\u7ea6\u624b\u52a8\u4ea4\u4e92\u5c31\u6bd4\u8f83\u65b9\u4fbf<\/p>\n<p>\u76f4\u63a5\u5728remix\u91cc\u4f20v r s\uff0c\u5927\u6982\u8fd9\u6837<\/p>\n<pre class=\"prettyprint linenums\" ><code>[27, &quot;0x3ed65490190a0203c07c4ded2857be47c9db091d089cf1211febadb54c910fee&quot;, &quot;0x5d8db8c4d35f5286ebf3a05a1a4f60e8d26251269a330c2c724214578b2a6835&quot;]<\/code><\/pre>\n<p>signin\u65b9\u6cd5\u8c03\u7528\u4e00\u6b21\u7136\u540e\u518d\u751f\u6210\u65b0\u7684v r s\u53bb\u8c03\u7528openbox\u5c31\u53ef\u4ee5\u4e86<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u597d\u4e45\u6ca1\u6253ctf\u4e86\uff0c\u5468\u672b\u4e00\u4e2a\u4eba\u968f\u4fbf\u6253\u4e86\u6253\uff0c\u9898\u662f\u771f\u591a\uff0c\u8bb0\u5f55\u4e0b\u533a\u5757\u94fe\u9898\u76ee Onchain Checkin \u4e0d\u662f\u5f88\u61c2solana\uff0c\u6700\u8fd1\u5728\u5543rust\u5723\u7ecf\uff0c\u4ee5\u540e\u5c31\u53ef\u4ee5\u5b66\u5b66solana\uff0c\u4f46\u662f\u8fd8\u597d\u8fd9\u9898\u4e0d\u9700\u8981\u61c2 \u6253\u5f00\u9644\u4ef6\u5148\u770b\u5230\u4e86Anchor.toml\uff0c\u91cc\u9762\u7684\u5185\u5bb9\u63d0\u793a\u4e86\u8fd9\u662f\u90e8\u7f72\u5728solana\u7684\u4e00\u4e2a\u6d4b\u8bd5\u94fedevnet\u4e0a\u7684 \u7136\u540e\u662f\u91cc\u9762\u51e0\u6bb5rust \u9996\u5148\u662flib.rs\uff0c\u91cc\u9762\u7ed9\u4e86\u516c\u94a5\u548cflag2\u7684\u4fe1\u606f \u8fd8\u6709checkin.r [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-340","post","type-post","status-publish","format-standard","hentry","category-wp"],"_links":{"self":[{"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/posts\/340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/comments?post=340"}],"version-history":[{"count":3,"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/posts\/340\/revisions"}],"predecessor-version":[{"id":343,"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/posts\/340\/revisions\/343"}],"wp:attachment":[{"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/media?parent=340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/categories?post=340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zysgmzb.club\/index.php\/wp-json\/wp\/v2\/tags?post=340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}