题目信息:

有个年轻人得到了一份密文,身为老司机的你能帮他看看么?
附件:enc.txt
[{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10, "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},

{"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10, "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},

{"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10, "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},

{"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10, "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},

{"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10, "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},

{"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10, "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},

{"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10, "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},

{"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10, "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},

{"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10, "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},

{"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10, "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]

涉及知识点:

RSA
RSA是一种公钥加密算法,RSA算法的具体描述如下:

  1. 任意选取两个不同的大素数p和q计算乘积

  2. 任意选取一个大整数e,满足

    ,整数e用做加密钥(注意:e的选取是很容易的,例如,所有大于p和q的素数都可用)

  3. 确定的解密钥d,满足

    ,即

    是一个任意的整数;所以,若知道e和

    ,则很容易计算出d ;

  4. 公开整数n和e,秘密保存d

  5. 将明文m(m<n是一个整数)加密成密文c,加密算法为

  6. 将密文c解密为明文m,解密算法为

  7. 然而只根据n和e(注意:不是p和q)要计算出d是不可能的。因此,任何人都可对明文进行加密,但只有授权用户(知道d)才可对密文解密。

来源:百度百科https://baike.baidu.com/item/RSA%E7%AE%97%E6%B3%95/263310?fromtitle=RSA&fromid=210678&fr=aladdin
低加密指数广播攻击
特点:
  • 加密指数e非常小
  • 一份明文使用不同的模数n,相同的加密指数e进行多次加密
  • 可以拿到每一份加密后的密文和对应的模数n、加密指数e

可以根据中国剩余剩余定理求得m^e,最后得到明文

解题思路:

  1. 观察附件,发现有e,n,c三个参数名,考虑本题目会涉及到RSA
  2. 观察附件,所有的e均为相同的值,且该值并不是很大
  3. 本题目可能由明文m通过多个公钥(n,e)加密且得到多个密文n
  4. 考虑使用低加密指数广播攻击获取明文
  5. 通过判断,所有的密文n均互素,使用中国剩余定理进行求解
  6. 将得到的值开e次方,得到的值转为16进制通过base16转化获得flag

附件:

import gmpy2

def crt(b,m):

    '''中国剩余定理'''

    #判断是否互素

    for i in range(len(m)):

        for j in range(i+1,len(m)):

            if gmpy2.gcd(m[i],m[j]) != 1:

                print("m中含有不是互余的数")

                return -1

    #乘积

    M = 1

    for i in range(len(m)):

        M *= m[i]

    #求M/mi

    Mm = []

    for i in range(len(m)):

        Mm.append(M // m[i])

    #求Mm[i]的乘法逆元

    Mm_ = []

    for i in range(len(m)):

        _,a,_ = gmpy2.gcdext(Mm[i],m[i])

        Mm_.append(int(a % m[i]))

    #求MiM'ibi的累加

    y = 0

    for i in range(len(m)):

        print(Mm[i] * Mm_[i] * b[i])

        y += (Mm[i] * Mm_[i] * b[i])

    y = y % M

    return y

enc = [{"c": 7366067574741171461722065133242916080495505913663250330082747465383676893970411476550748394841437418105312353971095003424322679616940371123028982189502042, "e": 10,

        "n": 25162507052339714421839688873734596177751124036723831003300959761137811490715205742941738406548150240861779301784133652165908227917415483137585388986274803},

       {"c": 21962825323300469151795920289886886562790942771546858500842179806566435767103803978885148772139305484319688249368999503784441507383476095946258011317951461, "e": 10,

           "n": 23976859589904419798320812097681858652325473791891232710431997202897819580634937070900625213218095330766877190212418023297341732808839488308551126409983193},

       {"c": 6569689420274066957835983390583585286570087619048110141187700584193792695235405077811544355169290382357149374107076406086154103351897890793598997687053983, "e": 10,

           "n": 18503782836858540043974558035601654610948915505645219820150251062305120148745545906567548650191832090823482852604346478335353784501076761922605361848703623},

       {"c": 4508246168044513518452493882713536390636741541551805821790338973797615971271867248584379813114125478195284692695928668946553625483179633266057122967547052, "e": 10,

        "n": 23383087478545512218713157932934746110721706819077423418060220083657713428503582801909807142802647367994289775015595100541168367083097506193809451365010723},

       {"c": 22966105670291282335588843018244161552764486373117942865966904076191122337435542553276743938817686729554714315494818922753880198945897222422137268427611672, "e": 10,

        "n": 31775649089861428671057909076144152870796722528112580479442073365053916012507273433028451755436987054722496057749731758475958301164082755003195632005308493},

       {"c": 17963313063405045742968136916219838352135561785389534381262979264585397896844470879023686508540355160998533122970239261072020689217153126649390825646712087, "e": 10,

        "n": 22246342022943432820696190444155665289928378653841172632283227888174495402248633061010615572642126584591103750338919213945646074833823905521643025879053949},

       {"c": 1652417534709029450380570653973705320986117679597563873022683140800507482560482948310131540948227797045505390333146191586749269249548168247316404074014639, "e": 10,

        "n": 25395461142670631268156106136028325744393358436617528677967249347353524924655001151849544022201772500033280822372661344352607434738696051779095736547813043},

       {"c": 15585771734488351039456631394040497759568679429510619219766191780807675361741859290490732451112648776648126779759368428205194684721516497026290981786239352, "e": 10,

        "n": 32056508892744184901289413287728039891303832311548608141088227876326753674154124775132776928481935378184756756785107540781632570295330486738268173167809047},

       {"c": 8965123421637694050044216844523379163347478029124815032832813225050732558524239660648746284884140746788823681886010577342254841014594570067467905682359797, "e": 10,

        "n": 52849766269541827474228189428820648574162539595985395992261649809907435742263020551050064268890333392877173572811691599841253150460219986817964461970736553},

       {"c": 13560945756543023008529388108446940847137853038437095244573035888531288577370829065666320069397898394848484847030321018915638381833935580958342719988978247, "e": 10,

       "n": 30415984800307578932946399987559088968355638354344823359397204419191241802721772499486615661699080998502439901585573950889047918537906687840725005496238621}]

e = 10

c = []

n = []

for i in range(len(enc)):

    c.append(enc[i]["c"])

    n.append(enc[i]["n"])

r = crt(c,n)

print(gmpy2.iroot(r,e))

FLAG

flag{wo0_th3_tr4in_i5_leav1ng_g3t_on_it}

参考:

https://blog.csdn.net/weixin_45556441/article/details/110482520

作者:damedane-qiuqiu

CTF-OldDriver-writeup的更多相关文章

  1. Whctf - OLDDRIVER - Writeup

    Whctf - OLDDRIVER - Writeup 转载请标明出处http://www.cnblogs.com/WangAoBo/p/7541536.html 题目: 分析: 给了10组RSA的加 ...

  2. 攻防世界 WEB 高手进阶区 TokyoWesterns CTF shrine Writeup

    攻防世界 WEB 高手进阶区 TokyoWesterns CTF shrine Writeup 题目介绍 题目考点 模板注入 Writeup 进入题目 import flask import os a ...

  3. Crypto CTF 2019 writeup

    Crypto CTF 2019 writeup roXen 题目 roXen Relationship with a cryptographer! The Girlfriend: All you ev ...

  4. CTF<密码学> writeup 传统知识+古典密码

    小明某一天收到一封密信,信中写了几个不同的年份          辛卯,癸巳,丙戌,辛未,庚辰,癸酉,己卯,癸巳. 信的背面还写有“+甲子”,请解出这段密文. key值:CTF{XXX} 百度可以查到 ...

  5. ctf题目writeup(9)

    继续刷题,找到一个 什么 蓝鲸安全的ctf平台 地址:http://whalectf.xin/challenges (话说这些ctf平台长得好像) 1. 放到converter试一下: 在用十六进制转 ...

  6. ctf题目writeup(8)

    2019.2.11 南京邮电的ctf平台: 地址http://ctf.nuptzj.cn/challenges# 他们好像搭新的平台了...我注册弄了好半天... 1. 签到题,打开网址: 查看一下页 ...

  7. ctf题目writeup(7)

    2019.2.10 过年休息归来,继续做题. bugku的web题,地址:https://ctf.bugku.com/challenges 1. http://123.206.87.240:8002/ ...

  8. ctf题目writeup(6)

    2019.2.2 依旧是bugku上面的题目,地址:https://ctf.bugku.com/challenges 1. 解压后是60多个out.zip,都是真加密,里面都是1kb的data.txt ...

  9. ctf题目writeup(5)

    2019.2.1 今天继续bugku的隐写杂项题:题目链接:https://ctf.bugku.com/challenges 1. 这道题下载后用wireshark打开...看了好久也没看出个所以然, ...

  10. ctf题目writeup(4)

    2019.1.31 题目:这次都是web的了...(自己只略接触隐写杂项web这些简单的东西...) 题目地址:https://www.ichunqiu.com/battalion 1. 打开链接: ...

随机推荐

  1. Pptx的形状转为WPF的Geometry

    本文是将演示如何解析pptx文件的形状到WPF当中,并且绘制显示出来 安装Openxml sdk 首先,我们先安装nuget的openxml sdk,下面两种方式都可以安装: nuget包管理器控制台 ...

  2. 向量算子优化Vector Operation Optimization

    向量算子优化Vector Operation Optimization 查看MATLAB命令View MATLAB Command 示例显示Simulink编码器 ,将生成向量的块输出,设置为标量,优 ...

  3. ADAS系统长篇综述(下)

    ADAS系统长篇综述(下) 四.ADAS架构设计的进化阶梯 前面谈到的产品的商业化推广渗透和产品的功能演进渗透,目的是让大家去概念化.当然,最后的赢家一定是实干者,能够在具体技术实现路径上进行深度耕耘 ...

  4. B-Tree插入和删除的Java实现

    B-Tree插入和删除的Java实现 一.一颗非空m阶B-Tree的性质 除根结点以外的每个结点的孩子引用最多存在m个,关键码最多存在m - 1个:除根结点以外的每个结点的孩子引用至少存在⌈m / 2 ...

  5. 【NX二次开发】获取尺寸信息UF_DRF_ask_draft_aid_text_info

    获取尺寸信息UF_DRF_ask_draft_aid_text_info 例如获取下面这三个的尺寸信息. 图1 输出结果: 10 <T+0.1!-0.1> 图2 输出结果: 10 < ...

  6. 为什么选择ASP.NET Core

    什么是.NET 有一次小飞去面试,面试官上来就问了一个宏观的问题:"你觉得什么是.NET"?小飞的脑子嗡嗡的,支吾了半天,才吐了一些碎片化的词语:"跨平台.开源.微软-& ...

  7. 给元素设置overflow:hidden,pc端正常,但移动端依然可以滑动

    给设置overflow:hidden的元素设置position:fixed即可解决

  8. Java中最大的数据结构:LinkedHashMap了解一下?

    前言 Map 家族数量众多,其中 HashMap 和 ConcurrentHashMap 用的最多,而 LinkedHashMap 似乎则是不怎么用的,但是他却有着顺序.两种,一种是添加顺序,一种是访 ...

  9. 源码分析Gateway请求转发

    本期我们主要还是讲解一下Gateway,上一期我们讲解了一下Gateway中进行路由转发的关键角色,过滤器和断言是如何被加载的,上期链接: https://www.cnblogs.com/guoxia ...

  10. LevelDB学习笔记 (1):初识LevelDB

    LevelDB学习笔记 (1):初识LevelDB 1. 写在前面 1.1 什么是levelDB LevelDB就是一个由Google开源的高效的单机Key/Value存储系统,该存储系统提供了Key ...