题目信息:

有个年轻人得到了一份密文,身为老司机的你能帮他看看么?
附件:enc.txt
[{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10, "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},

{"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10, "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},

{"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10, "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},

{"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10, "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},

{"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10, "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},

{"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10, "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},

{"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10, "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},

{"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10, "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},

{"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10, "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},

{"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10, "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]

涉及知识点:

RSA
RSA是一种公钥加密算法,RSA算法的具体描述如下:

  1. 任意选取两个不同的大素数p和q计算乘积

  2. 任意选取一个大整数e,满足

    ,整数e用做加密钥(注意:e的选取是很容易的,例如,所有大于p和q的素数都可用)

  3. 确定的解密钥d,满足

    ,即

    是一个任意的整数;所以,若知道e和

    ,则很容易计算出d ;

  4. 公开整数n和e,秘密保存d

  5. 将明文m(m<n是一个整数)加密成密文c,加密算法为

  6. 将密文c解密为明文m,解密算法为

  7. 然而只根据n和e(注意:不是p和q)要计算出d是不可能的。因此,任何人都可对明文进行加密,但只有授权用户(知道d)才可对密文解密。

来源:百度百科https://baike.baidu.com/item/RSA%E7%AE%97%E6%B3%95/263310?fromtitle=RSA&fromid=210678&fr=aladdin
低加密指数广播攻击
特点:
  • 加密指数e非常小
  • 一份明文使用不同的模数n,相同的加密指数e进行多次加密
  • 可以拿到每一份加密后的密文和对应的模数n、加密指数e

可以根据中国剩余剩余定理求得m^e,最后得到明文

解题思路:

  1. 观察附件,发现有e,n,c三个参数名,考虑本题目会涉及到RSA
  2. 观察附件,所有的e均为相同的值,且该值并不是很大
  3. 本题目可能由明文m通过多个公钥(n,e)加密且得到多个密文n
  4. 考虑使用低加密指数广播攻击获取明文
  5. 通过判断,所有的密文n均互素,使用中国剩余定理进行求解
  6. 将得到的值开e次方,得到的值转为16进制通过base16转化获得flag

附件:

import gmpy2

def crt(b,m):

    '''中国剩余定理'''

    #判断是否互素

    for i in range(len(m)):

        for j in range(i+1,len(m)):

            if gmpy2.gcd(m[i],m[j]) != 1:

                print("m中含有不是互余的数")

                return -1

    #乘积

    M = 1

    for i in range(len(m)):

        M *= m[i]

    #求M/mi

    Mm = []

    for i in range(len(m)):

        Mm.append(M // m[i])

    #求Mm[i]的乘法逆元

    Mm_ = []

    for i in range(len(m)):

        _,a,_ = gmpy2.gcdext(Mm[i],m[i])

        Mm_.append(int(a % m[i]))

    #求MiM'ibi的累加

    y = 0

    for i in range(len(m)):

        print(Mm[i] * Mm_[i] * b[i])

        y += (Mm[i] * Mm_[i] * b[i])

    y = y % M

    return y

enc = [{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10,

        "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},

       {"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10,

           "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},

       {"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10,

           "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},

       {"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10,

        "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},

       {"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10,

        "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},

       {"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10,

        "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},

       {"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10,

        "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},

       {"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10,

        "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},

       {"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10,

        "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},

       {"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10,

       "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]

e = 10

c = []

n = []

for i in range(len(enc)):

    c.append(enc[i]["c"])

    n.append(enc[i]["n"])

r = crt(c,n)

print(gmpy2.iroot(r,e))

FLAG

flag{wo0_th3_tr4in_i5_leav1ng_g3t_on_it}

参考:

https://blog.csdn.net/weixin_45556441/article/details/110482520

作者:damedane-qiuqiu

CTF-OldDriver-writeup的更多相关文章

  1. Whctf - OLDDRIVER - Writeup

    Whctf - OLDDRIVER - Writeup 转载请标明出处http://www.cnblogs.com/WangAoBo/p/7541536.html 题目: 分析: 给了10组RSA的加 ...

  2. 攻防世界 WEB 高手进阶区 TokyoWesterns CTF shrine Writeup

    攻防世界 WEB 高手进阶区 TokyoWesterns CTF shrine Writeup 题目介绍 题目考点 模板注入 Writeup 进入题目 import flask import os a ...

  3. Crypto CTF 2019 writeup

    Crypto CTF 2019 writeup roXen 题目 roXen Relationship with a cryptographer! The Girlfriend: All you ev ...

  4. CTF<密码学> writeup 传统知识+古典密码

    小明某一天收到一封密信,信中写了几个不同的年份          辛卯,癸巳,丙戌,辛未,庚辰,癸酉,己卯,癸巳. 信的背面还写有“+甲子”,请解出这段密文. key值:CTF{XXX} 百度可以查到 ...

  5. ctf题目writeup(9)

    继续刷题,找到一个 什么 蓝鲸安全的ctf平台 地址:http://whalectf.xin/challenges (话说这些ctf平台长得好像) 1. 放到converter试一下: 在用十六进制转 ...

  6. ctf题目writeup(8)

    2019.2.11 南京邮电的ctf平台: 地址http://ctf.nuptzj.cn/challenges# 他们好像搭新的平台了...我注册弄了好半天... 1. 签到题,打开网址: 查看一下页 ...

  7. ctf题目writeup(7)

    2019.2.10 过年休息归来,继续做题. bugku的web题,地址:https://ctf.bugku.com/challenges 1. http://123.206.87.240:8002/ ...

  8. ctf题目writeup(6)

    2019.2.2 依旧是bugku上面的题目,地址:https://ctf.bugku.com/challenges 1. 解压后是60多个out.zip,都是真加密,里面都是1kb的data.txt ...

  9. ctf题目writeup(5)

    2019.2.1 今天继续bugku的隐写杂项题:题目链接:https://ctf.bugku.com/challenges 1. 这道题下载后用wireshark打开...看了好久也没看出个所以然, ...

  10. ctf题目writeup(4)

    2019.1.31 题目:这次都是web的了...(自己只略接触隐写杂项web这些简单的东西...) 题目地址:https://www.ichunqiu.com/battalion 1. 打开链接: ...

随机推荐

  1. Linux下使用LVM管理(扩展/缩小/删除)

    LVM的工作原理 LVM( Logical Volume Manager)逻辑卷管理,是在磁盘分区和文件系统之间添加的一个逻辑层,来为文件系统屏蔽下层磁盘分区布局,提供一个抽象的盘卷,在盘卷上建立文件 ...

  2. Linux - fuser 命令

    前言 之前连公司堡垒机的时候发现连不上,找运维排查是建立的链接数太多,很多超时链接没有断掉,导致不能再创建链接 此时,需要手动断开用户终端链接,然后百度搜到 fuser 可以断开用户终端链接 命令作用 ...

  3. 07.ElementUI 2.X 源码学习:源码剖析之工程化(二)

    0x.00 前言 项目工程化系列文章链接如下,推荐按照顺序阅读文章 . 1️⃣ 源码剖析之工程化(一):项目概览.package.json.npm script 2️⃣ 源码剖析之工程化(二):项目构 ...

  4. eclipse自动格式化代码

    前段时间在Eclipse里面设置了java文件保存时自动格式化,在java->Code Style->Formatter里设置了自定义的格式化的样式,这样每次保存后都会自动格式化代码,用了 ...

  5. 自定义Kubernetes调度程序来编排高可用性应用程序

    自定义Kubernetes调度程序来编排高可用性应用程序 只要愿意遵守规则,在Kubernetes上进行部署和乘飞机旅行就可以很愉快.通常,事情会"正常工作".但是,如果有兴趣与必 ...

  6. FCN与U-Net语义分割算法

    FCN与U-Net语义分割算法 图像语义分割(Semantic Segmentation)是图像处理和是机器视觉技术中关于图像理解的重要一环,也是 AI 领域中一个重要的分支.语义分割即是对图像中每一 ...

  7. Yolov4性能分析(下)

    Yolov4性能分析(下) 六. 权重更新 "darknet/src/detector.c"--train_detector()函数中: ...... /* 开始训练网络 */ f ...

  8. 如何为嵌入式应用选择适当的SSD

    如何为嵌入式应用选择适当的SSD Selecting the right SSD for evolving embedded applications 变革涉及技术的每一个要素,闪存也不例外.价格下跌 ...

  9. 作为一名双非本科毕业的Java程序员,我该如何在日益严重的内卷化中避免被裁?

    前言 对一个 Java 程序员而言,并发编程能否熟练掌握是判断他是不是优秀的重要标准之一.因为并发编程在 Java 语言中最为晦涩的知识点,它涉及内存.CPU.操作系统.编程语言等多方面的基础能力,更 ...

  10. 【NX二次开发】Block UI 操作按钮

    属性说明 常规         类型 描述     BlockID     String 控件ID     Enable     Logical 是否可操作     Group     Logical ...