攻防世界 Crypto高手进阶区 4分题 best_rsa

于 2020-12-24 13:52:02 发布
阅读量705 收藏 2
点赞数
分类专栏: ctf 文章标签: ctf 攻防世界 crypto rsa 共模攻击
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_44604541/article/details/111625064
版权

前言

继续ctf的旅程
攻防世界Crypto高手进阶区的4分题
本篇是best_rsa的writeup

发现攻防世界的题目分数是动态的
就仅以做题时的分数为准了

解题过程

给了两个密文和两个密钥

提取公钥信息

from Crypto.PublicKey import RSA
import libnum
import gmpy2

c1=libnum.s2n(open('cipher1.txt','rb').read())
c2=libnum.s2n(open('cipher2.txt','rb').read())

pub1=RSA.importKey(open('publickey1.pem').read())
pub2=RSA.importKey(open('publickey2.pem').read())

n1 = pub1.n
e1 = pub1.e
n2 = pub2.n
e2 = pub2.e

print(n1)
print(n2)
print(e1)
print(e2)

得到

n1 = 13060424286033164731705267935214411273739909173486948413518022752305313862238166593214772698793487761875251030423516993519714215306808677724104692474199215119387725741906071553437840256786220484582884693286140537492541093086953005486704542435188521724013251087887351409946184501295224744819621937322469140771245380081663560150133162692174498642474588168444167533621259824640599530052827878558481036155222733986179487577693360697390152370901746112653758338456083440878726007229307830037808681050302990411238666727608253452573696904083133866093791985565118032742893247076947480766837941319251901579605233916076425572961
n2 = 13060424286033164731705267935214411273739909173486948413518022752305313862238166593214772698793487761875251030423516993519714215306808677724104692474199215119387725741906071553437840256786220484582884693286140537492541093086953005486704542435188521724013251087887351409946184501295224744819621937322469140771245380081663560150133162692174498642474588168444167533621259824640599530052827878558481036155222733986179487577693360697390152370901746112653758338456083440878726007229307830037808681050302990411238666727608253452573696904083133866093791985565118032742893247076947480766837941319251901579605233916076425572961
e1 = 117
e2 = 65537

两个文件的模数相同
共模攻击

from Crypto.PublicKey import RSA
import libnum
import gmpy2

c1=libnum.s2n(open('cipher1.txt','rb').read())
c2=libnum.s2n(open('cipher2.txt','rb').read())

pub1=RSA.importKey(open('publickey1.pem').read())
pub2=RSA.importKey(open('publickey2.pem').read())
n = pub1.n
e1= pub1.e
e2= pub2.e

s = gmpy2.gcdext(e1,e2)
s1 = s[1]
s2 = s[2]

if s1<0:
	s1 = -s1
	c1 = gmpy2.invert(c1, n)
elif s2<0:
	s2 = -s2
	c2 = gmpy2.invert(c2, n)

m = pow(c1,s1,n)*pow(c2,s2,n) % n
flag = libnum.n2s(m)
print(flag)

得到flag:flag{interesting_rsa}

结语

共模攻击

思源湖的鱼
关注
专栏目录
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值