CRYPTOHACK BLOCK CIPHERS
创始人
2024-02-24 09:02:28
0次
一、ECB CBC WTF
题目:
from Crypto.Cipher import AESKEY = ?
FLAG = ?@chal.route('/ecbcbcwtf/decrypt//')
def decrypt(ciphertext):ciphertext = bytes.fromhex(ciphertext)cipher = AES.new(KEY, AES.MODE_ECB)try:decrypted = cipher.decrypt(ciphertext)except ValueError as e:return {"error": str(e)}return {"plaintext": decrypted.hex()}@chal.route('/ecbcbcwtf/encrypt_flag/')
def encrypt_flag():iv = os.urandom(16)cipher = AES.new(KEY, AES.MODE_CBC, iv)encrypted = cipher.encrypt(FLAG.encode())ciphertext = iv.hex() + encrypted.hex()return {"ciphertext": ciphertext}
hint:
Here you can encrypt in CBC but only decrypt in ECB. That shouldn't be a weakness because they're different modes... right?
译文:
在这里,您可以在CBC中加密,但只能在ECB中解密。这不应该是一个弱点,因为它们是不同的模式……对吧?
思路:
本题告诉了我们用CBC模式进行加密,但使用ECB进行解密,其中,我们已经知道了CBC模式中加密的IV值的大小,我们又已经知道了将密文用ECB解密的值,通过CBC模式的解密结构,我们知道将第一段密文解密后于IV进行异或运算既是原明文,而第一段密文则是第二段密文加密的IV值,所以解密时将其反过来用,作为IV解密即可:
wp:
import requests
from Crypto.Util.number import *
result=requests.get('http://aes.cryptohack.org/ecbcbcwtf/encrypt_flag')
ciphertext=result.json()["ciphertext"]
# print(result.text)# print(len(bytes.fromhex(ciphertext)))
ciphertext=bytes.fromhex(ciphertext)
c1=hex(bytes_to_long(ciphertext[0:16]))[2:]
c2=hex(bytes_to_long(ciphertext[16:32]))[2:]
c3=hex(bytes_to_long(ciphertext[32:48]))[2:]
print(c1)
print(c2)
print(c3)# C=hex(bytes_to_long(ciphertext))
# print(c1)
# print(c2)
# print(c3)
# c1=0x9d2691928a24ed9215416815e80164d1
# c2=0xf77ea0b2c315db6b56a48c8250b0c9b8
# c3=0x6a61b98b2e5d26af3976d7c36a76a847
# k1=int(c1) ^ int(c2)
# k3=int(c2) ^ int(c3)
a1=requests.get(f'http://aes.cryptohack.org/ecbcbcwtf/decrypt/{c2}')
a2=requests.get(f'http://aes.cryptohack.org/ecbcbcwtf/decrypt/{c3}')
m1=a1.json()["plaintext"]
m2=a2.json()["plaintext"]
M1=int(m1,16)^int(c1,16)
M2=int(m2,16)^int(c2,16)
print(long_to_bytes(M1)+long_to_bytes(M2))
二、ECB Oracle
题目:
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad, unpadKEY = ?
FLAG = ?@chal.route('/ecb_oracle/encrypt//')
def encrypt(plaintext):plaintext = bytes.fromhex(plaintext)padded = pad(plaintext + FLAG.encode(), 16)cipher = AES.new(KEY, AES.MODE_ECB)try:encrypted = cipher.encrypt(padded)except ValueError as e:return {"error": str(e)}return {"ciphertext": encrypted.hex()}</code></pre>
<h3>hint:</h3>
<blockquote> <p>ECB is the most simple mode, with each plaintext block encrypted entirely independently. In this case, your input is prepended to the secret flag and encrypted and that's it. We don't even provide a decrypt function. Perhaps you don't need a padding oracle when you have an "ECB oracle"?</p> <p><em>译文:</em></p> <p>ECB是最简单的模式,每个明文块完全独立加密。在本例中,您的输入被预先添加到秘密标志并加密,仅此而已。我们甚至不提供解密函数。或许当你有了“欧洲央行的预言者”,你就不需要填充预言了?</p>
</blockquote>
<h3>思路:</h3>
<p> 本题为一道典型的ECB加密解密问题,首先,我们即不知道明文也不知道密文。我们可以发现题目中给与了我们加密算法,所以我们可以自己设置明文代入进行尝试:</p>
<pre><code class="language-python">import requests
from tqdm import tqdm
from Crypto.Util.number import *
# m = ''
for i in range(30):m = i*'61'result = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')try:a = result.json()["ciphertext"]print(i,len(a)//2)except:pass</code></pre>
<p>从输出的值中,我们可以发现代码在第6和第22时发生改变。于是,我们可以推断明文为26bits长(32 - 6、48 - 22),而加密算法中是以16bits为块进行加密和解密(22 - 6)。</p>
<p>所以,我们可以代入15*a进行加密,这样前16为就为15 * a加上明文第一位,接着,我们对十六位进行暴力破解即可得到我们所需的明文第一位,第一到第十五位都为这个思路:</p>
<pre><code class="language-python">k=''
for i in range(15):m = '61'*(15-i)print(bytes.fromhex(m))result = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')m = result.json()["ciphertext"]m1 = m[:32]# print(m1)for j in range(32,127):m = '61' * (15-i) + km += str(hex(j)[2:])result1 = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')n = result1.json()["ciphertext"]n1 = n[:32]# print(n1)try:if n1 == m1:k += str(hex(j)[2:])print(bytes.fromhex(k))breakexcept:pass# b'crypto{p3n6u1n5'</code></pre>
<p>后11位思路类似,仅需要我们将代码扩张到前32位进行暴力破解运算:</p>
<pre><code class="language-python">k='63727970746f7b70336e3675316e35'
for i in range(11):m = '61'*(16-i)print(bytes.fromhex(m))result = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')m = result.json()["ciphertext"]m1 = m[32:64]# print(m1)for j in range(32,127):m = '61' * (16-i) + km += str(hex(j)[2:])result1 = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')n = result1.json()["ciphertext"]n1 = n[32:64]# print(n1)try:if n1 == m1:k += str(hex(j)[2:])print(bytes.fromhex(k))breakexcept:pass</code></pre>
<h3>wp:</h3>
<pre><code class="language-python">import requests
from tqdm import tqdm
from Crypto.Util.number import *
# m = ''
# for i in range(30):
# m = i*'61'
# result = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')
# try:
# a = result.json()["ciphertext"]
# print(i,len(a)//2)
# except:
# passk=''
for i in range(15):m = '61'*(15-i)print(bytes.fromhex(m))result = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')m = result.json()["ciphertext"]m1 = m[:32]# print(m1)for j in range(32,127):m = '61' * (15-i) + km += str(hex(j)[2:])result1 = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')n = result1.json()["ciphertext"]n1 = n[:32]# print(n1)try:if n1 == m1:k += str(hex(j)[2:])print(bytes.fromhex(k))breakexcept:pass# b'crypto{p3n6u1n5'k='63727970746f7b70336e3675316e35'
for i in range(11):m = '61'*(16-i)print(bytes.fromhex(m))result = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')m = result.json()["ciphertext"]m1 = m[32:64]# print(m1)for j in range(32,127):m = '61' * (16-i) + km += str(hex(j)[2:])result1 = requests.get(f'http://aes.cryptohack.org/ecb_oracle/encrypt/{m}')n = result1.json()["ciphertext"]n1 = n[32:64]# print(n1)try:if n1 == m1:k += str(hex(j)[2:])print(bytes.fromhex(k))breakexcept:pass</code></pre>
<h1>三、FLIPPING COOKIE</h1>
<h3>题目:</h3>
<pre><code class="language-python">from Crypto.Cipher import AES
import os
from Crypto.Util.Padding import pad, unpad
from datetime import datetime, timedeltaKEY = ?
FLAG = ?@chal.route('/flipping_cookie/check_admin/<cookie>/<iv>/')
def check_admin(cookie, iv):cookie = bytes.fromhex(cookie)iv = bytes.fromhex(iv)try:cipher = AES.new(KEY, AES.MODE_CBC, iv)decrypted = cipher.decrypt(cookie)unpadded = unpad(decrypted, 16)except ValueError as e:return {"error": str(e)}if b"admin=True" in unpadded.split(b";"):return {"flag": FLAG}else:return {"error": "Only admin can read the flag"}@chal.route('/flipping_cookie/get_cookie/')
def get_cookie():expires_at = (datetime.today() + timedelta(days=1)).strftime("%s")cookie = f"admin=False;expiry={expires_at}".encode()iv = os.urandom(16)padded = pad(cookie, 16)cipher = AES.new(KEY, AES.MODE_CBC, iv)encrypted = cipher.encrypt(padded)ciphertext = iv.hex() + encrypted.hex()return {"cookie": ciphertext}</code></pre>
<h3>hint:</h3>
<blockquote> <p>You can get a cookie for my website, but it won't help you read the flag... I think.</p> <p><em>译文:</em></p> <p>你可以为我的网站获得一块cookie,但它不会帮助你读flag…我认为。</p>
</blockquote>
<h3>思路: </h3>
<p>这是一到典型的CBC字节翻转问题,我们已知CBC的加密模式,其中,第一段密文为第一段明文于IV进行异或运算再进行AES加密,最终得到我们所需的第一段密文,第二段相比第一段既是将输入的IV改为我们求得的第一段密文。</p>
<p>我们已知第一段明文为:</p>
<pre>a1 = b'admin=False;expi'</pre>
<p>我们需要将admin改为True,从而让网站以为我们拥有网站的控制权,因为我们通过代码可知,当admin=True;时网站会返回我们flag值。所以我们需要构建一个新的IV使密文被加密后为True,从而骗过网站。</p>
<p>Dec (m1) = c1 ^ IV</p>
<p>c1_new = Dec (m1) ^ IV_new</p>
<p>其中,各个条件我们都已知,除了IV_new,于是,我们可以构建出IV_new,并将新的IV返回到网站中输入,最终求得flag。</p>
<h3>wp:</h3>
<pre><code class="language-python">import requests
from Crypto.Util.number import *result = requests.get('http://aes.cryptohack.org/flipping_cookie/get_cookie')
m = result.json()["cookie"]
M = bytes.fromhex(m)
# print(m)
IV = m[:32]
k = m[32:]a1 = b'admin=False;expi'
a2 = b'admin=True;00000'
m1=hex(bytes_to_long(a1))
m2=hex(bytes_to_long(a2))
# print(m1)
IV_new = int(m1,16)^int(m2,16)^int(IV,16)
# print(IV_new)
IV_new = hex(IV_new)[2:]
print(IV_new)
result2 = requests.get(f'http://aes.cryptohack.org/flipping_cookie/check_admin/{k}/{IV_new}')
l = result2.json()
print(l)
</code></pre>
<h1>四、LAZY CBC</h1>
<h3>题目:</h3>
<pre><code class="language-python">from Crypto.Cipher import AESKEY = ?
FLAG = ?@chal.route('/lazy_cbc/encrypt/<plaintext>/')
def encrypt(plaintext):plaintext = bytes.fromhex(plaintext)if len(plaintext) % 16 != 0:return {"error": "Data length must be multiple of 16"}cipher = AES.new(KEY, AES.MODE_CBC, KEY)encrypted = cipher.encrypt(plaintext)return {"ciphertext": encrypted.hex()}@chal.route('/lazy_cbc/get_flag/<key>/')
def get_flag(key):key = bytes.fromhex(key)if key == KEY:return {"plaintext": FLAG.encode().hex()}else:return {"error": "invalid key"}@chal.route('/lazy_cbc/receive/<ciphertext>/')
def receive(ciphertext):ciphertext = bytes.fromhex(ciphertext)if len(ciphertext) % 16 != 0:return {"error": "Data length must be multiple of 16"}cipher = AES.new(KEY, AES.MODE_CBC, KEY)decrypted = cipher.decrypt(ciphertext)try:decrypted.decode() # ensure plaintext is valid asciiexcept UnicodeDecodeError:return {"error": "Invalid plaintext: " + decrypted.hex()}return {"success": "Your message has been received"}</code></pre>
<h3>hint:</h3>
<blockquote> <p>I'm just a lazy dev and want my CBC encryption to work. What's all this talk about initialisations vectors? Doesn't sound important.</p> <p><em>译文:</em></p> <p>我只是一个懒惰的开发人员,希望我的CBC加密工作。这些关于初始化向量的讨论是怎么回事?听起来不重要。</p>
</blockquote>
<h3>思路:</h3>
<p>在这道题中,我们有密文的生成代码,和密文的解密代码,以及flag的获得代码</p>
<p>CBC的生成思路:</p>
<p>c1 = Dec(m1) ^ IV ——(1)</p>
<p>c2 = Dec(m2) ^ m1 ——(2)</p>
<p>c3 = Dec(m3) ^ m2 ——(3)</p>
<p>由于密文明文我们都可以自己设置,于是我们不妨让m2==0;m1=m3,于是让(1)和(3)进行异或运算,可以求得我们所需的IV值,将其返回网站即可:</p>
<h3>wp:</h3>
<pre><code class="language-python">import requests
from Crypto.Util.number import *
# a = b'0'*16
# A = hex(bytes_to_long(a))
# print(A)b = '61616161616161616161616161616161'*3
result = requests.get(f'http://aes.cryptohack.org/lazy_cbc/encrypt/{b}')
m = result.json()["ciphertext"]
print(m)
k1 = m[:32] + '0'*32 + m[:32]
k = requests.get(f'http://aes.cryptohack.org/lazy_cbc/receive/{k1}')
k=k.json()
print(k)b1 = '6161616161616161616161616161616116874d46ae7c02bcd5fe3d27fcba5b60966f8a5cc032ff235c45da24d505e288'
# result1 = requests.get(f'http://aes.cryptohack.org/lazy_cbc/encrypt/{b1}')
# result1 = result1.json()
# print(result1)key = hex(int(b1[:32],16)^int(b1[64:96],16))[2:]
print(key)
m = requests.get(f'http://aes.cryptohack.org/lazy_cbc/get_flag/{key}')
m = m.json()
print(m)M = 0x63727970746f7b35306d335f703330706c335f64306e375f3768316e6b5f49565f31355f316d70307237346e375f3f7d
print(long_to_bytes(int(M)))</code></pre>
<p></p> <!--end::Text-->
</div>
<!--end::Description-->
<div class="mt-5">
<!--关键词搜索-->
</div>
<div class="mt-5">
<p class="fc-show-prev-next">
<strong>上一篇:</strong><a href="/news/show-1552400.html">创业怎么解决资金问题(创业的问题和解决方案) 创业资金都怎么解决 解决创业资金有哪些方法</a><br>
</p>
<p class="fc-show-prev-next">
<strong>下一篇:</strong><a href="/news/show-1552402.html">创业补贴,创业社保补贴 再创业可以申请一次性创业补贴吗 江阴市自主创业一次性创业补贴</a> </p>
</div>
<!--begin::Block-->
<div class="d-flex flex-stack mb-2 mt-10">
<!--begin::Title-->
<h3 class="text-dark fs-5 fw-bold text-gray-800">相关内容</h3>
<!--end::Title-->
</div>
<div class="separator separator-dashed mb-9"></div>
<!--end::Block-->
<div class="row g-10">
</div>
</div>
<!--end::Table widget 14-->
</div>
<!--end::Col-->
<!--begin::Col-->
<div class="col-xl-4 mt-0">
<!--begin::Chart Widget 35-->
<div class="card card-flush h-md-100">
<!--begin::Header-->
<div class="card-header pt-5 ">
<!--begin::Title-->
<h3 class="card-title align-items-start flex-column">
<!--begin::Statistics-->
<div class="d-flex align-items-center mb-2">
<!--begin::Currency-->
<span class="fs-5 fw-bold text-gray-800 ">热门资讯</span>
<!--end::Currency-->
</div>
<!--end::Statistics-->
</h3>
<!--end::Title-->
</div>
<!--end::Header-->
<!--begin::Body-->
<div class="card-body pt-3">
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('https://img.pic99.top/cnyincai/202406/286202ed6e284a7.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569338.html" class="text-dark fw-bold text-hover-primary fs-6">Python|位运算|数组|动...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">目录 1、只出现一次的数字(位运算,数组) 示例 选项代...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569192.html" class="text-dark fw-bold text-hover-primary fs-6">张岱的人物生平</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">张岱的人物生平张岱(414年-484年),字景山,吴郡吴县(今江苏苏州)人。南朝齐大臣。祖父张敞,东...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569191.html" class="text-dark fw-bold text-hover-primary fs-6">西游西后传演员女人物</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">西游西后传演员女人物西游西后传演员女人物 孙悟空 六小龄童 唐僧 徐少华 ...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569189.html" class="text-dark fw-bold text-hover-primary fs-6">名人故事中贾岛作诗内容简介</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">名人故事中贾岛作诗内容简介有一次,贾岛骑驴闯了官道.他正琢磨着一句诗,名叫《题李凝幽居》全诗如下:闲...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569186.html" class="text-dark fw-bold text-hover-primary fs-6">和男朋友一起优秀的文案?</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">和男朋友一起优秀的文案?1.希望是惟一所有的人都共同享有的好处;一无所有的人,仍拥有希望。2.生活,...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569185.html" class="text-dark fw-bold text-hover-primary fs-6">戴玉手镯的好处 戴玉手镯好还是...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">戴玉手镯的好处 戴玉手镯好还是碧玺好 女人戴玉?戴玉好还是碧玺好点佩戴手镯,以和田玉手镯为佳!相嫌滑...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569184.html" class="text-dark fw-bold text-hover-primary fs-6">依然什么意思?</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">依然什么意思?依然(汉语词语)依然,汉语词汇。拼音:yī rán基本解释:副词,指照往常、依旧...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569180.html" class="text-dark fw-bold text-hover-primary fs-6">高尔基的散文诗</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">高尔基的散文诗《海燕》、《大学》、《母亲》、《童年》这些都是比较出名的一些代表作。</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569179.html" class="text-dark fw-bold text-hover-primary fs-6">心在飞扬作者简介</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">心在飞扬作者简介心在飞扬作者简介如下。根据相关公开资料查询,心在飞扬是一位优秀的小说作者,他的小说作...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569178.html" class="text-dark fw-bold text-hover-primary fs-6">卡什坦卡的故事赏析?</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">卡什坦卡的故事赏析?讲了一只小狗的故事, 我也是近来才读到这篇小说. 作家对动物的拟人描写真是惟妙...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569177.html" class="text-dark fw-bold text-hover-primary fs-6">林绍涛为简艾拿绿豆糕是哪一集</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">林绍涛为简艾拿绿豆糕是哪一集第三十二集。 贾宽认为是阎帅间接导致刘映霞住了院,第二天上班,他按捺不...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569176.html" class="text-dark fw-bold text-hover-primary fs-6">小爱同学是女生吗小安同学什么意...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">小爱同学是女生吗小安同学什么意思 小爱同学,小安同学说你是女生。小安是男的。</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569175.html" class="text-dark fw-bold text-hover-primary fs-6">内分泌失调导致脸上长斑,怎么调...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">内分泌失调导致脸上长斑,怎么调理内分泌失调导致脸上长斑,怎么调理先调理内分泌,去看中医吧,另外用好的...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569174.html" class="text-dark fw-bold text-hover-primary fs-6">《魔幻仙境》刺客,骑士人物属性...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">《魔幻仙境》刺客,骑士人物属性加点魔幻仙境骑士2功1体质</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569172.html" class="text-dark fw-bold text-hover-primary fs-6">很喜欢她,该怎么办?</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">很喜欢她,该怎么办?太冷静了!! 太理智了!爱情是需要冲劲的~不要考虑着考虑那~否则缘...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569171.html" class="text-dark fw-bold text-hover-primary fs-6">言情小说作家</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">言情小说作家我比较喜欢匪我思存的,很虐,很悲,还有梅子黄时雨,笙离,叶萱,还有安宁的《温暖的玄》 小...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569170.html" class="text-dark fw-bold text-hover-primary fs-6">两个以名人的名字命名的风景名胜...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">两个以名人的名字命名的风景名胜?快太白楼,李白。尚志公园,赵尚志。</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569166.html" class="text-dark fw-bold text-hover-primary fs-6">幼儿教育的代表人物及其著作</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">幼儿教育的代表人物及其著作卡尔威特的《卡尔威特的教育》,小卡尔威特,他儿子成了天才后写的《小卡尔威特...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569165.html" class="text-dark fw-bold text-hover-primary fs-6">海贼王中为什么说路飞打凯多靠霸...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">海贼王中为什么说路飞打凯多靠霸气升级?凯多是靠霸气升级吗?因为之前刚到时确实打不过人家因为路飞的实力...</span>
</div>
<!--end::Title-->
</div>
<!--begin::Item-->
<div class="d-flex flex-stack mb-7">
<!--begin::Symbol-->
<div class="symbol symbol-60px symbol-2by3 me-4">
<div class="symbol-label" style="background-image: url('/static/assets/images/nopic.gif')"></div>
</div>
<!--end::Symbol-->
<!--begin::Title-->
<div class="m-0">
<a href="/news/show-1569164.html" class="text-dark fw-bold text-hover-primary fs-6">运气不好拜财神有用吗运气不好拜...</a>
<span class="text-gray-600 fw-semibold d-block pt-1 fs-7">运气不好拜财神有用吗运气不好拜财神有没有用1、运气不好拜财神有用。2、拜财神上香前先点蜡烛,照亮人神...</span>
</div>
<!--end::Title-->
</div>
</div>
<!--end::Body-->
</div>
<!--end::Chart Widget 35-->
</div>
<!--end::Col-->
</div>
</div>
<!--end::Content container-->
</div>
<!--end::Content-->
</div>
<!--end::Content wrapper-->
<!--begin::Footer-->
<div id="kt_app_footer" class="app-footer">
<!--begin::Footer container-->
<div class="app-container container-xxl d-flex flex-column flex-md-row flex-center flex-md-stack py-3">
<!--begin::Copyright-->
<div class="text-dark order-2 order-md-1">
<span class="text-muted fw-semibold me-1">2024 ©</span>
奥飞商务网<a href="http://www.hhfamen.cn/">发门网</a><a href="http://www.bitekongjian.com/">比特空间</a><a href="http://www.xingshan.vip/">星闪网</a><a href="http://cn.fadeduo.com/">发的多信息网</a> </div>
<!--end::Copyright-->
<!--begin::Menu-->
<ul class="menu menu-gray-600 menu-hover-primary fw-semibold order-1">
<li class="menu-item">
<a href="/news/" target="_blank" class="menu-link px-2">资讯</a>
</li>
<li class="menu-item">
<a href="/minsheng/" target="_blank" class="menu-link px-2">民生</a>
</li>
</ul>
<!--end::Menu-->
</div>
<!--end::Footer container-->
</div>
<!--end::Footer-->
</div>
<!--end:::Main-->
</div>
<!--end::Wrapper-->
</div>
<!--end::Page-->
</div>
<!--end::App-->
<div id="kt_scrolltop" class="scrolltop" data-kt-scrolltop="true">
<!--begin::Svg Icon | path: icons/duotune/arrows/arr066.svg-->
<span class="svg-icon">
<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
<rect opacity="0.5" x="13" y="6" width="13" height="2" rx="1" transform="rotate(90 13 6)" fill="currentColor"></rect>
<path d="M12.5657 8.56569L16.75 12.75C17.1642 13.1642 17.8358 13.1642 18.25 12.75C18.6642 12.3358 18.6642 11.6642 18.25 11.25L12.7071 5.70711C12.3166 5.31658 11.6834 5.31658 11.2929 5.70711L5.75 11.25C5.33579 11.6642 5.33579 12.3358 5.75 12.75C6.16421 13.1642 6.83579 13.1642 7.25 12.75L11.4343 8.56569C11.7467 8.25327 12.2533 8.25327 12.5657 8.56569Z" fill="currentColor"></path>
</svg>
</span>
<!--end::Svg Icon-->
</div>
<!--begin::Javascript-->
<script>var hostUrl = "/static/default/pc/";</script>
<!--begin::Global Javascript Bundle(mandatory for all pages)-->
<script src="/static/default/pc/plugins/global/plugins.bundle.js"></script>
<script src="/static/default/pc/js/scripts.bundle.js"></script>
<!--end::Global Javascript Bundle-->
<!--end::Javascript-->
</body>
<!--end::Body-->
</html>