Category: Crypto Points: 200 Solves: 11 Description:

p > q

n = p*q = 11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

flag = md5(str(p))

EN:

Can solve it by using Pollard P-1 Factorization Method(http://www.mersennewiki.org/index.php/P-1_Factorization_Method);

step 01:select B1

N =p*q (p>q)

q<=sqrt(N)

B1=sqrt(N)

more B1 is bigger, the more possible can find out it(?! maybe, No!)

step 02: count out E2, E3,E5 ....

2E2<=B1,  3E3<=B1 ...

E2=log(B1)/log(2)

E3=log(B1)/log(3)

E5=log(B1)/log(5)

E7=log(B1)/log(7)

...

push 2  in the z[] E2 times, push 3 in the z[] E3 times, push 5 in the z[] E5 times ...

step 03:

x=a, (a is a prime)

i=0

do

  xz[i]≡a(mod n)

  x=a

until  gcd(n, x-1) !=1

gcd(n,x-1) is one factor of N.

#!/usr/bin/python3

import math

n=11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

z=[]

prime=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997];

def gcd(a,b):

    if b==0:

        return a

    return gcd(b,a%b)

def e(a,b):

    return pow(a,b)%n

def mysqrt(n):

    x=n

    y=[]

    while(x>0):

        y.append(x%100)

        x=x//100

    y.reverse()

    a=0

    x=0

    for p in y:

        for b in range(9,-1,-1):

            if(((20*a+b)*b)<=(x*100+p)):

                x=x*100+p - ((20*a+b)*b)

                a=a*10+b

                break

    return a

B1=mysqrt(n)

for j in range(0,len(prime)):

    for i in range(1, int(math.log(B1)/math.log(prime[j]))+1):

        z.append(prime[j])

#print(z)

for pp in prime:

    i=0

    x=pp

    while(1):

        x=e(x,z[i])

        i=i+1

        y=gcd(n,x-1)

        if(y!=1):

            print (y)

            exit(0)

        if(i>=len(z)):

            break

python3 sss.py, we can the number:

958483424448747472504060861580795018746355733561446016442794600533395417361061386707061258449029078376132360127073305093209304646989718030495000998517698501250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001

then

n=11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

p=958483424448747472504060861580795018746355733561446016442794600533395417361061386707061258449029078376132360127073305093209304646989718030495000998517698501250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001

q=11957987510443514049047696785587234758227153373363589891876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

flag=md5(str(p)) = c78504a558bdb6213b9019f6925fa4ae

flag is c78504a558bdb6213b9019f6925fa4ae

CN:

这个是因子分解,用 Pollard P-1因子分解法(http://www.mersennewiki.org/index.php/P-1_Factorization_Method), pyhton3 源码看上面。

还是要看B1的选择,选择不好也是有可能解不出,解不出就重新选择,直到解出。

Sharif University CTF 2016 - Smooth As Silk的更多相关文章

  1. Sharif University CTF 2016 -- Login to System (PWN 200)

    EN: It's easy to find out where is the bug : .text:0000000000400DE4 ; void *start_routine(void *).te ...

  2. Sharif University CTF 2016 -- Android App

    很多种的方案: 方案 A: 直接逆向读代码方案 B: 解包,加入debug信息,重新打包,动态调试方案 C: 解包,改代码加入log.i整出flag, 去掉MainActivity里面d=什么也可以, ...

  3. H4CK1T CTF 2016 Mexico-Remote pentest writeup

    进去网站之后发现连接都是包含类型的,就能想到文件包含漏洞(话说刚总结过就能遇到这题,也算是复习啦) 这里用php://filter/read=convert.base64-encode/resourc ...

  4. Asis CTF 2016 b00ks理解

    ---恢复内容开始--- 最近在学习堆的off by one,其中遇到这道题,萌新的我弄了大半天才搞懂,网上的很多wp都不是特别详细,都得自己好好调试. 首先,这题目是一个常见的图书馆管理系统,虽然我 ...

  5. 18. CTF综合靶机渗透(十一)

    靶机描述: SkyDog Con CTF 2016 - Catch Me If You Can 难度:初学者/中级 说明:CTF是虚拟机,在虚拟箱中工作效果最好.下载OVA文件打开虚拟框,然后选择文件 ...

  6. 引言:CTF新世界

    1. CTF的昨天和今天 CTF(Capture The Flag)中文一般译作夺旗赛,在网络安全领域中指的是网络安全技术人员之间进行技术竞技的一种比赛形式.CTF起源于1996年DEFCON全球黑客 ...

  7. {ICIP2014}{收录论文列表}

    This article come from HEREARS-L1: Learning Tuesday 10:30–12:30; Oral Session; Room: Leonard de Vinc ...

  8. Pedestrian Attributes Recognition Paper List

    Pedestrian Attributes Recognition Paper List  2018-12-22 22:08:55 [Note] you may also check the upda ...

  9. 文献综述十六:基于UML的中小型超市管理系统分析与设计

    一.基本信息 标题:基于UML的中小型超市管理系统分析与设计 时间:2016 出版源:Journal of Xiangnan University 文件分类:uml技术系统的研究 二.研究背景 开发一 ...

随机推荐

  1. linux_oracle_healthcheck.sh

    #!/bin/bash######################################################################################### ...

  2. jQuery MiniUI开发系列之:安装部署

    jQuery MiniUI是一套纯Javascript的WebUI控件库,它由几十个Javascript控件组成,是不依赖服务端和数据库的. 下载jQuery MiniUI,解压缩后,开发者可以直接在 ...

  3. .NET DataSet、DataTable操作记录

    一直在习惯.net的编程思维,或是说C#吧.因为前几年一直在用PHP做站,现在用.net很不习惯,主要C#都依赖对控件.类的熟悉,不然很多功能都实现不了. 需求 最近做了一功能,从SQL Server ...

  4. 定位form光标行

    In AX2009 if you call the research() method on a form passing true, the cursor position within a gri ...

  5. Django HTML 显示文章摘要

    在用Django写个人博客,发现一般都是标题加上文章摘要,然后点击标题可以看详细内容.这样主页就可以多显示几篇文章. 那么就要用到文章摘要功能. 比如要100个字的文章摘要,就可以这样写: {{art ...

  6. Linux中fork的秘密

    linux中fork()函数详解         一.fork入门知识 一个进程,包括代码.数据和分配给进程的资源.fork()函数通过系统调用创建一个与原来进程几乎完全相同的进程,也就是两个进程可以 ...

  7. verilog断言(SVA:systemverlog assertion)语法 ---- 转载

    转载自:http://blog.sina.com.cn/s/blog_4c270c730101f6mw.html 作者:白栎旸     断言assertion被放在verilog设计中,方便在仿真时查 ...

  8. 跨域访问CORS

    由于现代浏览器的同源策略,合理的跨域请求也变得至关重要. CORS(Cross-Origin Resource Sharing,跨域资源共享)定义了在必须访问跨域资源时,浏览器与服务器应该如何沟通.它 ...

  9. Servlet--表单、超链接、转发、重定向4种情况的路径

    Servlet中相对路径总结 假设web工程使用如下目录结构: 在介绍相对路径和绝对路径前需要先了解几个概念: 服务器的站点根目录:以tomcat服务器为例,tomcat服务器站点根目录就是apach ...

  10. flag--命令行参数定义多标签示例

    // TestFlag2 project main.go package main import ( "flag" "fmt" ) func main() { ...