MENU

UNCTF2020 Crypto Writeup

November 15, 2020 • Read: 359 • Crypto

UNCTF2020 Crypto Writeup

队伍:打CTF不靠实力靠运气

作者:wjhwjhn

from Crypto.Util import number
import gmpy2
from Crypto.Util.number import bytes_to_long

p = number.getPrime(1024)
q = number.getPrime(1024)
if p > q:
    a = p + q
    b = p - q
    print(a,b)

n = p * q
e = 65537
phi = (p-1)*(q-1)
d = gmpy2.invert(e,phi)
m = bytes_to_long(b'msg')
c = pow(m,e,n)
print(c)

#320398687477638913975700270017132483556404036982302018853617987417039612400517057680951629863477438570118640104253432645524830693378758322853028869260935243017328300431595830632269573784699659244044435107219440036761727692796855905230231825712343296737928172132556195116760954509270255049816362648350162111168
#9554090001619033187321857749048244231377711861081522054479773151962371959336936136696051589639469653074758469644089407114039221055688732553830385923962675507737607608026140516898146670548916033772462331195442816239006651495200436855982426532874304542570230333184081122225359441162386921519665128773491795370
#22886015855857570934458119207589468036427819233100165358753348672429768179802313173980683835839060302192974676103009829680448391991795003347995943925826913190907148491842575401236879172753322166199945839038316446615621136778270903537132526524507377773094660056144412196579940619996180527179824934152320202452981537526759225006396924528945160807152512753988038894126566572241510883486584129614281936540861801302684550521904620303946721322791533756703992307396221043157633995229923356308284045440648542300161500649145193884889980827640680145641832152753769606803521928095124230843021310132841509181297101645567863161780

a + b = 2p
p = (a + b) / 2
q = p - a
用a和b,得到p和q,然后利用long_to_bytes(pow(c,d,n))解密。

某日,鞍山大法官在点外卖时点了2个韭菜盒子,商家只送了1个,大法官给了该商家一个差评
次日,该大法官又在该商家点了1个韭菜盒子,希望商家能补上上次的韭菜盒子,而商家又只发了一个韭菜盒子
这名大法官一天正常要吃2个韭菜盒子,而该商家每天只给他1个韭菜盒子,请问该名大法官缺的营养这一块怎么补

ottttootoootooooottoootooottotootttootooottotttooootttototoottooootoooottotoottottooooooooottotootto

看到这么多ot联想到培根密码,把o换成a,把t换成b

得到

abbbbaabaaabaaaaabbaaabaaabbabaabbbaabaaabbabbbaaaabbbababaabbaaaabaaaabbabaabbabbaaaaaaaaabbabaabba

得到flag

正解:
使用RSA-Wiener-Attack(维纳攻击)进行攻击。
这种类型常见的情况就是e是一个较大或者较小的数字,一般是较大。
已经有先辈帮我们实现好了:

我们就直接使用他提供的脚本进行计算。
RSAwienerHacker.png
瞬间解出了结果。

比赛的时候不是正解!!!!下面勿看了。

这个RSA一点也不简单啊,刚开始因为是易分解的n,结果暴力解了半天都没解出来,后来拿16进制的n去百度,就查到了

使用文章中的d进行解密

利用中间相遇攻击,得到key1和key2

https://ctf-wiki.github.io/ctf-wiki/crypto/attack-summary/meet-in-the-middle-zh/

key1:0000000000000f6m

key2:KP}0000000000000

最后解密flag。不过这道题解出来的flag是unctf{},但是提交的时候变成了flag{}

[捂脸]

Last Modified: November 17, 2020
Archives QR Code Tip
QR Code for this page
Tipping QR Code