[INSHack2019]Yet Another RSA Challenge - Part 1(考点:RSA,素数爆破)

最新推荐文章于 2023-05-16 16:07:39 发布
最新推荐文章于 2023-05-16 16:07:39 发布
阅读量520 收藏
点赞数
分类专栏: BUU Crypto plus 文章标签: 密码学
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/mikecoke/article/details/113791972
版权

题目:

import subprocess
p = subprocess.check_output('openssl prime -generate -bits 2048 -hex')
q = subprocess.check_output('openssl prime -generate -bits 2048 -hex')
flag = int('INSA{REDACTED}'.encode('hex'), 16)

N = int(p,16) * int(q,16)
print N
print '0x'+p.replace('9F','FC')
print pow(flag,65537,N)

输出附件:

719579745653303119025873098043848913976880838286635817351790189702008424828505522253331968992725441130409959387942238566082746772468987336980704680915524591881919460709921709513741059003955050088052599067720107149755856317364317707629467090624585752920523062378696431510814381603360130752588995217840721808871896469275562085215852034302374902524921137398710508865248881286824902780186249148613287250056380811479959269915786545911048030947364841177976623684660771594747297272818410589981294227084173316280447729440036251406684111603371364957690353449585185893322538541593242187738587675489180722498945337715511212885934126635221601469699184812336984707723198731876940991485904637481371763302337637617744175461566445514603405016576604569057507997291470369704260553992902776099599438704680775883984720946337235834374667842758010444010254965664863296455406931885650448386682827401907759661117637294838753325610213809162253020362015045242003388829769019579522792182295457962911430276020610658073659629786668639126004851910536565721128484604554703970965744790413684836096724064390486888113608024265771815004188203124405817878645103282802994701531113849607969243815078720289912255827700390198089699808626116357304202660642601149742427766381
0xDCC5A0BD3A1FC0BEB0DA1C2E8CF6B474481B7C12849B76E03C4C946724DB577D2825D6AA193DB559BC9DBABE1DDE8B5E7805E48749EF002F622F7CDBD7853B200E2A027E87E331AFCFD066ED9900F1E5F5E5196A451A6F9E329EB889D773F08E5FBF45AACB818FD186DD74626180294DCC31805A88D1B71DE5BFEF3ED01F12678D906A833A78EDCE9BDAF22BBE45C0BFB7A82AFE42C1C3B8581C83BF43DFE31BFD81527E507686956458905CC9A660604552A060109DC81D01F229A264AB67C6D7168721AB36DE769CEAFB97F238050193EC942078DDF5329A387F46253A4411A9C8BB71F9AEB11AC9623E41C14FCD2739D76E69283E57DDB11FC531B4611EE3
596380963583874022971492302071822444225514552231574984926542429117396590795270181084030717066220888052607057994262255729890598322976783889090993129161030148064314476199052180347747135088933481343974996843632511300255010825580875930722684714290535684951679115573751200980708359500292172387447570080875531002842462002727646367063816531958020271149645805755077133231395881833164790825731218786554806777097126212126561056170733032553159740167058242065879953688453169613384659653035659118823444582576657499974059388261153064772228570460351169216103620379299362366574826080703907036316546232196313193923841110510170689800892941998845140534954264505413254429240789223724066502818922164419890197058252325607667959185100118251170368909192832882776642565026481260424714348087206462283972676596101498123547647078981435969530082351104111747783346230914935599764345176602456069568419879060577771404946743580809330315332836749661503035076868102720709045692483171306425207758972682717326821412843569770615848397477633761506670219845039890098105484693890695897858251238713238301401843678654564558196040100908796513657968507381392735855990706254646471937809011610992016368630851454275478216664521360246605400986428230407975530880206404171034278692756

已知 N,p,pow(flag,65537,N);

但是,p 的16进制数被替换了一部分,我们可以通过爆破的方式获取 p 的值。验证 N//p 进而得到 q 。

from Crypto.Util.number import*
from gmpy2 import*
from libnum import*
N = 719579745653303119025873098043848913976880838286635817351790189702008424828505522253331968992725441130409959387942238566082746772468987336980704680915524591881919460709921709513741059003955050088052599067720107149755856317364317707629467090624585752920523062378696431510814381603360130752588995217840721808871896469275562085215852034302374902524921137398710508865248881286824902780186249148613287250056380811479959269915786545911048030947364841177976623684660771594747297272818410589981294227084173316280447729440036251406684111603371364957690353449585185893322538541593242187738587675489180722498945337715511212885934126635221601469699184812336984707723198731876940991485904637481371763302337637617744175461566445514603405016576604569057507997291470369704260553992902776099599438704680775883984720946337235834374667842758010444010254965664863296455406931885650448386682827401907759661117637294838753325610213809162253020362015045242003388829769019579522792182295457962911430276020610658073659629786668639126004851910536565721128484604554703970965744790413684836096724064390486888113608024265771815004188203124405817878645103282802994701531113849607969243815078720289912255827700390198089699808626116357304202660642601149742427766381
cipher = 596380963583874022971492302071822444225514552231574984926542429117396590795270181084030717066220888052607057994262255729890598322976783889090993129161030148064314476199052180347747135088933481343974996843632511300255010825580875930722684714290535684951679115573751200980708359500292172387447570080875531002842462002727646367063816531958020271149645805755077133231395881833164790825731218786554806777097126212126561056170733032553159740167058242065879953688453169613384659653035659118823444582576657499974059388261153064772228570460351169216103620379299362366574826080703907036316546232196313193923841110510170689800892941998845140534954264505413254429240789223724066502818922164419890197058252325607667959185100118251170368909192832882776642565026481260424714348087206462283972676596101498123547647078981435969530082351104111747783346230914935599764345176602456069568419879060577771404946743580809330315332836749661503035076868102720709045692483171306425207758972682717326821412843569770615848397477633761506670219845039890098105484693890695897858251238713238301401843678654564558196040100908796513657968507381392735855990706254646471937809011610992016368630851454275478216664521360246605400986428230407975530880206404171034278692756
plain = ['9F','FC']
for a in plain:
    for b in plain:
        for c in plain:
            for d in plain:
                p1 = '0xDCC5A0BD3A1' +a+ '0BEB0DA1C2E8CF6B474481B7C12849B76E03C4C946724DB577D2825D6AA193DB559BC9DBABE1DDE8B5E7805E48749EF002F622F7CDBD7853B200E2A027E87E331A' +b+ 'FD066ED9900F1E5F5E5196A451A6F9E329EB889D773F08E5FBF45AACB818FD186DD74626180294DCC31805A88D1B71DE5BFEF3ED01F12678D906A833A78EDCE9BDAF22BBE45C0BFB7A82AFE42C1C3B8581C83BF43DFE31BFD81527E507686956458905CC9A660604552A060109DC81D01F229A264AB67C6D7168721AB36DE769CEAFB97F238050193EC942078DDF5329A387F46253A4411A9C8BB71F9AEB11AC9623E41C14' +c+ 'D2739D76E69283E57DDB11' +d+ '531B4611EE3'
                p = int(p1,16)
                if(N%p == 0):
                    print(p)
p = 27869881035956015184979178092922248885674897320108269064145135676677416930908750101386898785101159450077433625380803555071301130739332256486285289470097290409044426739584302074834857801721989648648799253740641480496433764509396039330395579654527851232078667173592401475356727873045602595552393666889257027478385213547302885118341490346766830846876201911076530008127691612594913799272782226366932754058372641521481522494577124999360890113778202218378165756595787931498460866236502220175258385407478826827807650036729385244897815805427164434537088709092238894902485613707990645011133078730017425033369999448757627854563
q = N//p
phi = (p-1)*(q-1)
e = 65537
d = invert(e,phi)
m = pow(cipher,d,N)
print(n2s(m))

INSA{I_w1ll_us3_OTp_n3xT_T1M3}
CTFer菜菜
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
rsamatlab代码-RSA-OAEP-matlab:使用Matlap进行RSA-OAEP加密-解密
05-25
rsa matlab代码关于 使用带有Matlab的最佳非对称加密填充进行RSA加密,该加密可以对查询文件中的文本进行加密和解密。 依赖 您只需要vpi软件包: 介绍 RSA是著名的加密/解密系统,通常与OAEP一起使用以确保数据的安全性。 在OAEP将charachters uint8表示形式转换为使用SHA-256之类的随机Oracle哈希函数的随机编码之后,使用随机的n位素数来使rsa加密消息。 RSA然后使用两个随机素数生成公钥和私钥,使用公钥加密消息,将其保存在文件中,然后使用私钥将其解密到另一个文件中,以获取OAEP先前生成的数字发送方。 OAEp对消息进行解密,并取回原始消息,并将其保存在文件夹中。 局限性 代码很慢,因为vpi包需要花费大量时间进行计算。 您可以尝试使用本文中的一种替代方法来提高速度: 函数isprime可以得到进一步改进,以使费时的检查更快,或者可以使用不同于费马的更精确的小定理的先验检查。 该链接可能会有所帮助:(我建议使用Lucas测试)
BUUCTF-CRYPTO-[INSHack2019]Yet Another RSA Challenge - Part 1
zippo1234的博客
10-25 799
BUUCTF-CRYPTO-[INSHack2019]Yet Another RSA Challenge - Part 1[INSHack2019]Yet Another RSA Challenge - Part 1题目分析开始1.题目2.破解3.上脚本4.get flag结语 每天一题,只能多不能少 [INSHack2019]Yet Another RSA Challenge - Part 1 题目分析 根据信息爆破p 开始 1.题目 import subprocess p = subprocess.ch
BUUCTF RSA(三)
qq_52193383的博客
08-18 948
这里写目录标题1.[MRCTF2020]babyRSA2.[WUSTCTF2020]dp_leaking_1s_very_d@angerous3.[NPUCTF2020]EzRSA4.[MRCTF2020]Easy_RSA5.[INSHack2019]Yet Another RSA Challenge - Part 1 1.[MRCTF2020]babyRSA 根据给出的代码可以很容易推出 _Q = sympy.nextprime(pow(sub_Q,Q_2,Q_1))。我们知道P[9],就可以推出其他的素
[INSHack2019]Yet Another RSA Challenge - Part 1
amber_o0k的博客
05-16 133
【代码】[INSHack2019]Yet Another RSA Challenge - Part 1。
BUUCTF Crypto [INSHack2019]Yet Another RSA Challenge - Part 1 wp
hsqGOD's blog
04-23 641
这道题告诉你了rsa的n的因子其中的p,但是其中的字母有所替换,我们就可以发现,这串字符中的‘FC’可能是’FC‘也可能是’9F’于是话不多说直接爆破即可,下面给出本题脚本 import gmpy2 from Crypto.Util.number import * n=71957974565330311902587309804384891397688083828663581735179018970...
BUUCTF——rsa系列(6)
Luiino的博客
08-06 1259
看到有两部分,第一部分是以e = 256的rsa解密,但因为e与phi_n不互质的原因,用一般的方法解不出来,看了大佬们的wp后,知道了用。说明有4个‘FC’,但是我们不能确定这里所有的‘FC’都是被替换而来的,也有可能原本就有,所以这里共有。接下来就是利用定理来得到一个方程了,参考了大佬的步骤,尝试着推一推吧(嫌敲起来麻烦,在纸上推算了!== 16种情况,需要进行爆破。得到hint,最终的flag长度小于400。来解,可以用于e不是很大且一般的rsa解法行不通的时候。给了n、c、e、以及被替换过的p。..
[INSHack2019]Yet Another RSA Challenge
weixin_44110537的博客
07-27 592
encrypt import subprocess p = subprocess.check_output('openssl prime -generate -bits 2048 -hex') q = subprocess.check_output('openssl prime -generate -bits 2048 -hex') flag = int('INSA{REDACTED}'.encode('hex'), 16) N = int(p,16) * int(q,16) print N print
buu [INSHack2019]Yet Another RSA Challenge - Part 1
shshss64的博客
11-01 208
p值部分代替爆破
RSA-and-LLL-attacks:通过晶格约简(LLL)攻击RSA
04-30
首先,我们将看到Coppersmith如何发现您可以使用晶格简化技术来攻击宽松的RSA模型(我们知道消息的一部分,或者我们知道其中一个素数的一部分,...)。 以及Howgrave-Graham如何重新制定他的进攻方式。 其次,我们...
RSA-Encryption-Decryption-Tool:RSA加密解密工具
05-16
RSA加密解密工具 RSA加密解密工具
RSA.rar_RSA-sourcode_java: 信息 摘要 签名 验证_rsa_rsa 数字签名_rsa 签名
09-14
若要使用公钥系统对消息进行数字签名,发送方先向该消息应用哈希函数以创建消息摘要。然后,发送方用自己的私钥对消息摘要进行加密,以创建发送方的个人签名。在收到消息和签名后,接收方使用发送方的公钥解密该签名...
rsa-wiener-attack:Wiener 针对小密钥的 RSA 攻击
05-31
rsa-wiener-attack Wiener 针对小密钥的 RSA 攻击
buuoj INSHack2019 Yet Another RSA Challenge - Part 1
pondzhang的专栏
03-31 344
题目: import subprocess p = subprocess.check_output('openssl prime -generate -bits 2048 -hex') q = subprocess.check_output('openssl prime -generate -bits 2048 -hex') flag = int('INSA{REDACTED}'.encode('...
BUUCTF:[INSHack2019]gflag
末初的CSDN博客
08-02 1133
题目地址:https://buuoj.cn/challenges#[INSHack2019]gflag 根据description得知,这是一种编程语言 通过搜索引擎搜索,得知是G语言(G-Code) 这是搜索引擎找到的G语言图片 接着找到一个G语言的在线运行站:https://ncviewer.com/ 把代码复制进去,点击PLOT,调整角度,放大 flag{3d_pr1nt3d_fl49} ...
[INSHack2019]gflag
Keepb1ue的博客
08-10 4607
题目复现地址:https://buuoj.cn/challenges#[INSHack2019]gflag 题解: 将附件下载下来,得到一个gflag文件,查看内容: 也不清楚该内容是什么,通过资料查阅了解,这是3D打印gcode的命令:https://blog.csdn.net/redsleep/article/details/80885224 于是将后缀改为.gcode 在线预览gcode网址:http://gcode.ws/ 将gcode文件加载到网址中去 这里还是看不清flag 选择2D渲染选项,将
rsa已有40多年的历史了,但仍然很棒,可以破解它
weixin_26740495的博客
09-03 639
I really dislike those CAPTCHA puzzles, and especially when there’s a little bit of a traffic light that you have to select, or where I’m asked to find the crosswalk — in the UK we would call them Zeb...
[ACTF新生赛2020]crypto-aes(考点:AES)
MikeCoke的博客
02-18 4736
#注:文中代码都使用 python3 题目: from Cryptodome.Cipher import AES import os import gmpy2 from flag import FLAG from Cryptodome.Util.number import * def main(): key=os.urandom(2)*16 iv=os.urandom(16) print(bytes_to_long(key)^bytes_to_long(iv)) aes=A
javapackager -createjar -srcdir <C:\Users\朱孟凯\Desktop\RSA.jar> -outdir <C:\Users\朱孟凯\Desktop> -outfile <可执行RSA> -appclass <RSA.Launcher> -name <app_name> -title <app_title> -native exe
最新发布
07-10
- -srcdir:指定源代码的目录,这里是指RSA.jar文件所在的路径。 - -outdir:指定输出目录,这里是指生成的可执行文件的存放路径。 - -outfile:指定输出文件名,这里是指生成的可执行文件的名称。 - -appclass:...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值