Skip to content

Latest commit

 

History

History
63 lines (41 loc) · 2.8 KB

Crypto.md

File metadata and controls

63 lines (41 loc) · 2.8 KB

Crypto

RSA-Warmup

RSA is one of the first public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and distinct from the decryption key which is kept secret.
You all know this :p
here is a warmup question.

nc crypto.zh3r0.ml 8451

Author : Finch

Fist, we connect to the challenge:

$ nc crypto.zh3r0.ml 8451
N: 224285766794215396838393193551658931076766445797250929050241003217603928658135947892292647298505152894183968044367192923980861016129334453176310823868616989740614405452779144934349770075415936357906045021203873143173394259847187062608442167011771619242721500482418557675629091514487872957331818547191180661653389258719
e 65537
CT: 109289280741846491130519182809715340729795435346951768438956847888055867115671325364919273675754729342082423303369552020210004695683374680380186058276496346321675941077708149618162886833456185930976888752688193750633566662646469925753761114678148642485916073461129904163214405960448510856777175970323120957052751440246

We must decrypt the cypher encrypted with RSA

With http://www.factordb.com we can see the factors p and q of N:

p = 2155879909
q = 104034443596744607372466215395144688959929653390193047645420124937768010276557546365766817533112023121592144325868010546955220508124014644814017246759646383318382881897703674427790110304987278564552940977940099697442560220012323080936713793092717030020210416313322839020728167801895811886492151797863050943091

$ python2
>>> p = 2155879909
>>> q = 104034443596744607372466215395144688959929653390193047645420124937768010276557546365766817533112023121592144325868010546955220508124014644814017246759646383318382881897703674427790110304987278564552940977940099697442560220012323080936713793092717030020210416313322839020728167801895811886492151797863050943091
>>> N = p * q
>>> N == 224285766794215396838393193551658931076766445797250929050241003217603928658135947892292647298505152894183968044367192923980861016129334453176310823868616989740614405452779144934349770075415936357906045021203873143173394259847187062608442167011771619242721500482418557675629091514487872957331818547191180661653389258719
True
>>> e = 65537
>>> phi = (q - 1) * (p - 1)
>>> from Crypto.Util.number import inverse
>>> d = inverse(e, phi)
>>> cipher = 109289280741846491130519182809715340729795435346951768438956847888055867115671325364919273675754729342082423303369552020210004695683374680380186058276496346321675941077708149618162886833456185930976888752688193750633566662646469925753761114678148642485916073461129904163214405960448510856777175970323120957052751440246
>>> plaintext = pow(cipher, d, N)
>>> print plaintext
41652955599091721867785419307312074813053
>>> print hex(plaintext)[2:-1].decode('hex')
zh3r0{RSA_1s_Fun}

The flag is: zh3r0{RSA_1s_Fun}