Category: Crypto Points: 200 Solves: 11 Description:

p > q

n = p*q = 11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

flag = md5(str(p))

EN:

Can solve it by using Pollard P-1 Factorization Method(http://www.mersennewiki.org/index.php/P-1_Factorization_Method);

step 01:select B1

N =p*q (p>q)

q<=sqrt(N)

B1=sqrt(N)

more B1 is bigger, the more possible can find out it(?! maybe, No!)

step 02: count out E2, E3,E5 ....

2E2<=B1,  3E3<=B1 ...

E2=log(B1)/log(2)

E3=log(B1)/log(3)

E5=log(B1)/log(5)

E7=log(B1)/log(7)

...

push 2  in the z[] E2 times, push 3 in the z[] E3 times, push 5 in the z[] E5 times ...

step 03:

x=a, (a is a prime)

i=0

do

  xz[i]≡a(mod n)

  x=a

until  gcd(n, x-1) !=1

gcd(n,x-1) is one factor of N.

#!/usr/bin/python3

import math

n=11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

z=[]

prime=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997];

def gcd(a,b):

    if b==0:

        return a

    return gcd(b,a%b)

def e(a,b):

    return pow(a,b)%n

def mysqrt(n):

    x=n

    y=[]

    while(x>0):

        y.append(x%100)

        x=x//100

    y.reverse()

    a=0

    x=0

    for p in y:

        for b in range(9,-1,-1):

            if(((20*a+b)*b)<=(x*100+p)):

                x=x*100+p - ((20*a+b)*b)

                a=a*10+b

                break

    return a

B1=mysqrt(n)

for j in range(0,len(prime)):

    for i in range(1, int(math.log(B1)/math.log(prime[j]))+1):

        z.append(prime[j])

#print(z)

for pp in prime:

    i=0

    x=pp

    while(1):

        x=e(x,z[i])

        i=i+1

        y=gcd(n,x-1)

        if(y!=1):

            print (y)

            exit(0)

        if(i>=len(z)):

            break

python3 sss.py, we can the number:

958483424448747472504060861580795018746355733561446016442794600533395417361061386707061258449029078376132360127073305093209304646989718030495000998517698501250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001

then

n=11461532818525251775869994369956628325437478510485272730419843320517940601808597552925629451795611990372651568770181872282590309894187815091191649914833274805419432525386234876477307472337026966745408507004000948112191973777090407558162018558945596691322909404307420094584606103206490426551745910268138393804043641876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

p=958483424448747472504060861580795018746355733561446016442794600533395417361061386707061258449029078376132360127073305093209304646989718030495000998517698501250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001

q=11957987510443514049047696785587234758227153373363589891876816598599064856358266650339178617149833032309379858059729179857419751093138295863034844253827963

flag=md5(str(p)) = c78504a558bdb6213b9019f6925fa4ae

flag is c78504a558bdb6213b9019f6925fa4ae

CN:

这个是因子分解,用 Pollard P-1因子分解法(http://www.mersennewiki.org/index.php/P-1_Factorization_Method), pyhton3 源码看上面。

还是要看B1的选择,选择不好也是有可能解不出,解不出就重新选择,直到解出。

Sharif University CTF 2016 - Smooth As Silk的更多相关文章

  1. Sharif University CTF 2016 -- Login to System (PWN 200)

    EN: It's easy to find out where is the bug : .text:0000000000400DE4 ; void *start_routine(void *).te ...

  2. Sharif University CTF 2016 -- Android App

    很多种的方案: 方案 A: 直接逆向读代码方案 B: 解包,加入debug信息,重新打包,动态调试方案 C: 解包,改代码加入log.i整出flag, 去掉MainActivity里面d=什么也可以, ...

  3. H4CK1T CTF 2016 Mexico-Remote pentest writeup

    进去网站之后发现连接都是包含类型的,就能想到文件包含漏洞(话说刚总结过就能遇到这题,也算是复习啦) 这里用php://filter/read=convert.base64-encode/resourc ...

  4. Asis CTF 2016 b00ks理解

    ---恢复内容开始--- 最近在学习堆的off by one,其中遇到这道题,萌新的我弄了大半天才搞懂,网上的很多wp都不是特别详细,都得自己好好调试. 首先,这题目是一个常见的图书馆管理系统,虽然我 ...

  5. 18. CTF综合靶机渗透(十一)

    靶机描述: SkyDog Con CTF 2016 - Catch Me If You Can 难度:初学者/中级 说明:CTF是虚拟机,在虚拟箱中工作效果最好.下载OVA文件打开虚拟框,然后选择文件 ...

  6. 引言:CTF新世界

    1. CTF的昨天和今天 CTF(Capture The Flag)中文一般译作夺旗赛,在网络安全领域中指的是网络安全技术人员之间进行技术竞技的一种比赛形式.CTF起源于1996年DEFCON全球黑客 ...

  7. {ICIP2014}{收录论文列表}

    This article come from HEREARS-L1: Learning Tuesday 10:30–12:30; Oral Session; Room: Leonard de Vinc ...

  8. Pedestrian Attributes Recognition Paper List

    Pedestrian Attributes Recognition Paper List  2018-12-22 22:08:55 [Note] you may also check the upda ...

  9. 文献综述十六:基于UML的中小型超市管理系统分析与设计

    一.基本信息 标题:基于UML的中小型超市管理系统分析与设计 时间:2016 出版源:Journal of Xiangnan University 文件分类:uml技术系统的研究 二.研究背景 开发一 ...

随机推荐

  1. PHP常用函数总结(不定期更新)

    array_merge函数和两个数组相加的区别 array_merge函数,在出现相同的索引数组,会把两个数组中的索引数组,进行融合,以第一个数组的索引最大值往后相加,如果是关联数组,后面数组的值覆盖 ...

  2. 【原创】Java批量反编译利器(jd-gui)介绍

    Java反编译利器(jd-gui)介绍 当要做白盒测试或安全测试时,我们需要借助工具扫描被测代码,相信大家都遇到过没有源代码,而需要反编译的情形吧,也可能大家用过jad工具,我这里介绍下方便的工具jd ...

  3. No Architectures to Compile for (ONLY_ACTIVE_ARCH=

    No architectures to compile for (ONLY_ACTIVE_ARCH=YES, active arch=armv7, VA 运行报错 出现的原因:armv7s是应用在iP ...

  4. vs2008主题

    http://www.cnblogs.com/xiaoshatian/archive/2009/11/20/1606440.html

  5. 一次性插入多条sql语句的几种方法

    第一种:通过 insert select语句向表中添加数据 从现有表里面把数据插入到另外一张新表去前提必须先有test_2表的存在,并且test_2表中的列的数据类型必须和test表里面列的数据类型一 ...

  6. WPF自动隐藏的消息框(鼠标放上去将一直显示,移开动画继续),提供normal和error两种边框。

    原地址-> http://www.cnblogs.com/yk250/p/5660777.html 介绍:传统的确定,取消,OK,CANCAL之类的对话框太繁琐了,由于项目需要而诞生的仿手机式提 ...

  7. osx 编译安装配置 ruby on rails

    下载源代码: curl -O http://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.2.tar.gz 解压: .tar.gz 编译: cd ruby- ./ ...

  8. LeetCode-179. Largest Number

    179. Largest Number Given a list of non negative integers, arrange them such that they form the larg ...

  9. 自己用C语言写PIC32 serial bootloader

    了解更多关于bootloader 的C语言实现,请加我QQ: 1273623966 (验证信息请填 bootloader),欢迎咨询或定制bootloader(在线升级程序). 从15年12月份以来我 ...

  10. 关于C#的委托(delegate)的自我理解

    首先描述一个事情,一个老师饿了,他要去买东西填饱肚子,然后他发现他的学生“小李”在玩,没学习,于是就委托“小李”去帮他买吃的. 根据这件事我们来分析: 首先得有个老师(老师饿了是他的方法,老师买东西也 ...