2020JTWLB-个人CTF-CRYPTO-weakrsa
每天一题,只能多不能少
weakrsa
题目分析
其实是昨天做的,偷个懒,今天再补上一题。
确实很weak。但是这是相对于大神而言😂
- 高位相同的m
- 短填充攻击Coppersmith Shortpad Attack
- FranklinReiter
- epsilon调整
开始
1.题目
给出server.py
class Unbuffered(object):
def __init__(self, stream):
self.stream = stream
def write(self, data):
self.stream.write(data)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
import sys
sys.stdout = Unbuffered(sys.stdout)
import signal
signal.alarm(600)
import os
from Crypto.PublicKey import RSA
import random
n = 740765548979273098467598803958212385151570053921334237430171491357308450305938925395058048571558613364002948004291135518240329572789525487495147870779619379982865011328775565850048248526863374376024296921937798169737860584047065593928295857417452372744936947544816804233701992919611488140593397159150152160920639
e = 3
os.chdir("/home/ctf")
flag = open("flag", "rb").read().replace('\n', '')
flag_padding = "padding padding padding padding padding padding {} padding padding padding padding".format(
flag)
c = pow(int(flag_padding.encode('hex')[
2:], 16) + random.randint(1000, 999999), e, n)
print("c:" + str(c))
m = raw_input("> ")
if m == flag