1、rsa_phi
题目说明:
题目名称:rsa_phi
题目内容:rsa_phi
题目分值:100.0
题目难度:容易
题目源码如下:
from Crypto.Util.number import *
from gmpy2 import *
from secret import flag
assert flag[:6] == b'DASCTF'
p = getPrime(512)
q = getPrime(512)
r = getPrime(513)
e = getPrime(16)
n = p*q
m = bytes_to_long(flag)
c = powmod(m, e, n)
t = powmod(c>>512^p, r-2, r)
print('r =', r)
print('n =', n)
print('c =', c)
print('t =', t)
'''
r = 24193613275031297958480304646007888729218361897279460735376222424412760016998172567806538681992851770819667697006566913197180459744767749013483740187198131
n = 137331382612001484801459242175216618328639751668905717954046814366663216629260076249076910463993832712929726274204552622806762615964471212637256782575042417254323830608825132383441115641756046001133950646693236201006911772049584495946085108965063079749915722056405102693677062617756712893175777998235494215823
c = 86199078171830163288185134218432050037520821708057567784206350831958563723371423514828654248665823435890091969165104331220214483341884520782070753837083089973039424943162878412555993714181981235863010732030116123310896341307160362313823933982631569993284846472143129394693591279232744183028203362365209236767
t = 12606542555820680662268520090697343931313810743213408978931680844280606160727557450099833439809051239235896636232006705756177515642458462380556758082553224
'''
这个题目其实就是两个考点,一个是参数e未知,但是e的范围也不大,范围是(e**15,e**16)
,可以进行爆破
还有一个就是t = powmod(c>>512^p, r-2, r)
根据费马小定理可以知道t=pow(c>>512^p,r-2,r)
和c>>512^p
互为逆元,那么t
和c>>512^p
互为逆元,那么可以p = invert(t)^(c>>512),这样就可以计算出p,然后这个题目就可以求解了
import gmpy2
from Crypto.Util.number import *
r = 24193613275031297958480304646007888729218361897279460735376222424412760016998172567806538681992851770819667697006566913197180459744767749013483740187198131
n = 137331382612001484801459242175216618328639751668905717954046814366663216629260076249076910463993832712929726274204552622806762615964471212637256782575042417254323830608825132383441115641756046001133950646693236201006911772049584495946085108965063079749915722056405102693677062617756712893175777998235494215823
c = 86199078171830163288185134218432050037520821708057567784206350831958563723371423514828654248665823435890091969165104331220214483341884520782070753837083089973039424943162878412555993714181981235863010732030116123310896341307160362313823933982631569993284846472143129394693591279232744183028203362365209236767
t = 12606542555820680662268520090697343931313810743213408978931680844280606160727557450099833439809051239235896636232006705756177515642458462380556758082553224
m1 = c>>512
# m1^p ** r-2 = t + k*r
x = gmpy2.invert(t,r)
p = x^m1
q = n//p
print(p*q == n)
phi_n = (p-1)*(q-1)
for e in range(2**15,2**16):
try:
d = gmpy2.invert(e,phi_n)
m = pow(c,d,n)
flag = long_to_bytes(m)
if b'DASCTF' in flag:
print(flag)
except:
pass
#DASCTF{246b01aba18a6d9c0b820af8537555ed}
2、FourCip
题目描述
import random
keyspace = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789{}'
flag = 'DASCTF{%s}'%("".join(random.sample(keyspace[:-2], 32)))
print(flag)
#print(flag)
keyspace = "".join(random.sample(keyspace, len(keyspace)))
print('keyspace =', keyspace)
col = 4
period = 7
darr = []
cs = ''
for i in range(len(flag)):
a = keyspace.find(flag[i]) #计算字符位置
b = a//col**2 + 1
c = (a-(b-1)*col**2)//col + 1
d = (a-(b-1)*col**2)%col + 1
darr.append([b,c,d]) #转为4进制数字,并将每一位+1
#将全部内容进行分片长度位7,然后分片的第一位排在一起+第二位排在一起+第三位排在一起
for i in range(len(flag)//period+1):
for j in range(3):
for k in range(period*i,period*(i+1)):
try:
cs += str(darr[k][j])
except:
pass
c = ''
#接着将变更后内容再次转为4进制,输出相应位置的字符
for i in range(0, len(cs), 3):
c += keyspace[(int(cs[i])-1)*col**2 + (int(cs[i+1])-1)*col + int(cs[i+2])-1]
print('c =', c)
'''
keyspace = jIx8fuCylrDa}pYh5wE0g7e1GQovtB9LnUN{SFWiPmK4VRkZJH623AdzqOcsbXTM
c = YYm1EEiHUR9Ntx16kjtVXFWejRBBh281JqEzJocl
'''
这种题目看着都比较难,需要先了解这个题目加密的流程,接着写出exp
keyspace = 'jIx8fuCylrDa}pYh5wE0g7e1GQovtB9LnUN{SFWiPmK4VRkZJH623AdzqOcsbXTM'
c = 'YYm1EEiHUR9Ntx16kjtVXFWejRBBh281JqEzJocl'
def ten2four(num):
result = ''
while num > 0:
result = str(num % 4 + 1) + result
num = num // 4
return '1'*(3-len(result)) + result
#step1: c中字符的位置转为4进制,每一位加一
cs = ''
for one_c in c:
num = keyspace.find(one_c)
cs += ten2four(num)
#print(ten2four(num))
print(cs)
#分片的时候的坐标
with open('./index.txt','r') as f:
indexs = f.readlines()
#更加分片坐标逆向出darr
ll = 0
darr = ['/']*120
for index in indexs:
x,y = index.split()
darr[int(x)*3+int(y)] = cs[ll]
#print(x,y,cs[ll],darr[int(x)][int(y)])
ll+=1
bcd = ''.join(darr)
print(bcd)
#接着爆破出具体的flag
flag = ''
col = 4
period = 7
for i in range(40):
for a in range(len(keyspace)):
b = a//col**2 + 1
c = (a-(b-1)*col**2)//col + 1
d = (a-(b-1)*col**2)%col + 1
if str(b)+str(c)+str(d) == bcd[i*3:i*3+3]:
flag += keyspace[a]
break
print(flag)
#143143332224213213324412312342243313241113224413343111241341442322323223111342242242144414114224411431213424411233433131
#133422321123443322314443122224341131231313241233414411114324342322232214312212334242111444423421142441113413223431433141
#DASCTF{Tu1VlGNto2J8iRFQ0Uw4BjMd3pbx6eqc}